-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sagar Borikar wrote: > Hi All, > > We are currently caught up in a weird situation while using samba > 3.0.28. There is a requirement from the customer that we should support > ADS with 64000 objects. When we implemented the feature, we found > couple of things mentioned below: > > 1. After joining ADS with 64k users, samba takes around 20 - 25 min > to populate idmap_cache.tdb and winbindd_cache.tdb This is because > we haven't turned of enumeration and we would be fixing it for > next maintenance release of the NAS product. > > 2. We periodically check the quota state of all the users > using repquota command. It refers to /etc/nsswitch.conf for mapping > user ids to names. And winbindd inherently should look for its > cache as it is populated completely to do the conversion. > > But we observed that every time the repquota command is invoked, > winbindd starts consuming 98% of CPU. It fetches the info from > ADS and not from local cache. So we are wondering why it doesn't > make use of local cache for mapping the ids to names?
Sagar, The enumeration is killing you performance wise. As a workaround you could try in creasing the "winbind cache time" to something like 1 or 2 hours. But there is a constant struggle between cache times and accuracy. cheers, jerry - -- ===================================================================== Samba ------- http://www.samba.org Likewise Software --------- http://www.likewisesoftware.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJEatJIR7qMdg1EfYRAhmyAJ9CcrZLclYZ+P8q0hHI7EsUt7kRKwCg0km4 LWFcHLKbEfl8UMYnd4JWqpA= =3KW6 -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
