On Wed, 2005-04-13 at 09:04 -0600, John H Terpstra wrote: > On Wednesday 13 April 2005 06:09, Andrew Bartlett wrote: > > First, that's not Samba directly, that is nss_ldap. Some bright bit of > > code is doing 'getent passwd' or the equivalent. Now, this may be > > triggered by Samba, and if your LDAP server is internally consistent > > (all the things Samba cares about are in ldap), then you should try > > setting 'ldapsam:trusted = yes' in your smb.conf. This is meant to be > > better with current Samba3 over 3.0.11, but that version does include an > > older version of the code. > > Andrew, > > What should I document in the HOWTO regarding the ldapsam:trusted parameter?
VL knows all the details - it's his hack, and it's an experiment at this point. The basic idea is this - if everything that Samba wants to know about users (in particular the nobody user and their primary group) are represented as LDAP objects, in addition or replacement to entries in /etc/passwd and /etc/group), and have the appropriate Samba attributes attached (sambaGroupMapping and sambaSamAccount) then Samba can be much faster in the way it handles certain client lookups. (It can construct just one ldap query, and not refer via NSS for certain things). Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
