Beast wrote:
Jim C. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Did ldap machine suffix ever get fixed so that it can be in a sperate container from ldap user suffix?
Is there any problem to be fix on samba side? I've been using separate container for machine without any problem ( almost 8 months now)
Yes, there was a problem, and maybe still is.
You are using separate containers for users and machines, because you probably search for them in the whole LDAP tree.
Yes. I did not specify filter on pam/nss_ldap. However the limitation is coming from nss_ldap not samba.
On systems with lots of machines and users this can lead to a bottleneck (searching for machines first in users, then in machines etc., instead of in machines only, and in users only if looking for users).
You can still use 1 dedicated (slave) ldap server for each samba server as I do on my setup or using nscd to cache passwd, group etc.
Tomek
--
--beast
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba