Hello When I perform the "net rpc trustdom list" command I get the "couldn't enumerate accounts" error. I use LDAP as passdb backend with approximately 30000 accounts. If I run the command, I can see from my LDAP logs that it tries to list every account on the LDAP server. Therefore the "net rpc trustdom list" command times out. Is this normal behaviour? Werner [root@serverlog]# net rpc trustdom list Password: Trusted domains list: none Trusting domains list: [2007/05/07 09:45:53, 0] rpc_client/cli_pipe.c:rpc_api_pipe(438) cli_pipe: return critical error. Error was Call timed out: server did not respond after 10000 milliseconds [2007/05/07 09:45:53, 0] utils/net_rpc.c:rpc_trustdom_list(5445) Couldn't enumerate accounts. Error was: NT_STATUS_UNSUCCESSFUL Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
Volker Lendecke
2007-May-07 09:02 UTC
[Samba] net rpc trustdom list: enumerates all accounts
On Mon, May 07, 2007 at 10:37:03AM +0200, werner maes wrote:> When I perform the "net rpc trustdom list" command I get the > "couldn't enumerate accounts" error. > I use LDAP as passdb backend with approximately 30000 accounts. > If I run the command, I can see from my LDAP logs that it tries to > list every account on the LDAP server. Therefore the "net rpc > trustdom list" command times out. > > Is this normal behaviour?With 'passdb backend = ldapsam' it is quite unfortunate, but expected. We have done quite extensive optimizations for this case with "ldapsam:trusted = yes", but this options puts quite strict restrictions on the conformance of your ldap tree. Volker -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20070507/942de579/attachment.bin