Hi Paul,
>Another thing that may be slowing the ldap is that I need to use
scope >=sub
>in my ldap.conf to find users and computers:
So you're saying that in your ldap.conf you have things configured like so?
nss_base_passwd dc=homelan,dc=com,dc=br?sub
With the correct indexes and enough RAM it shouldn't really matter.
Yes I have this in my ldap.conf:
nss_base_passwd dc=ump,dc=edu,dc=br?sub nss_base_shadow dc=ump,dc=edu,dc=br?sub nss_base_group ou=groups,dc=ump,dc=edu,dc=br?one nss_base_hosts ou=computers,dc=ump,dc=edu,dc=br
I didn't change that yet because I like the idea of keeping computers and users separated.
That isn't actually what you're doing by setting nss_base_hosts. Basically you're configuring ldap to look for dns information in ou=Computers.
The idea of putting hosts and users in different places as far as samba is concerned is a different beast. Samba requires hosts to have a standard unix user account, ldap doesn't really know the difference since samba searches for a general posix account in the passwd scope.
Let me know if that's confusing, it seems like it probably is but I don't have my good explaining head on yet.
My fault, I didn't explained what mean. I have users in "ou=Users,dc=homelan,dc=com,dc=br?sub" and computers in "ou=Computers,dc=homelan,dc=com,dc=br?one".
To make it work this way I need to have
nss_base_passwd dc=ump,dc=edu,dc=br?sub nss_base_shadow dc=ump,dc=edu,dc=br?sub
in ldap.conf or else samba will not find the computers accounts. If I had users and computers in ou=Users I could have
nss_base_passwd ou=Users,dc=ump,dc=edu,dc=br?one
and I read (don't remember where) that this would make a big difference. I like my tree the way it is now, and it would be a hard work to move it all. I'd prefer to resolve this problem with the indexes configuration.
Thank's
Bruno.
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
