-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Sagar Borikar wrote:> Hi All,
>
> We are currently caught up in a weird situation while using samba
> 3.0.28. There is a requirement from the customer that we should support
> ADS with 64000 objects. When we implemented the feature, we found
> couple of things mentioned below:
>
> 1. After joining ADS with 64k users, samba takes around 20 - 25 min
> to populate idmap_cache.tdb and winbindd_cache.tdb This is because
> we haven't turned of enumeration and we would be fixing it for
> next maintenance release of the NAS product.
>
> 2. We periodically check the quota state of all the users
> using repquota command. It refers to /etc/nsswitch.conf for mapping
> user ids to names. And winbindd inherently should look for its
> cache as it is populated completely to do the conversion.
>
> But we observed that every time the repquota command is invoked,
> winbindd starts consuming 98% of CPU. It fetches the info from
> ADS and not from local cache. So we are wondering why it doesn't
> make use of local cache for mapping the ids to names?
Sagar,
The enumeration is killing you performance wise. As a workaround
you could try in creasing the "winbind cache time" to something like
1 or 2 hours. But there is a constant struggle between cache times
and accuracy.
cheers, jerry
- --
====================================================================Samba
------- http://www.samba.org
Likewise Software --------- http://www.likewisesoftware.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJEatJIR7qMdg1EfYRAhmyAJ9CcrZLclYZ+P8q0hHI7EsUt7kRKwCg0km4
LWFcHLKbEfl8UMYnd4JWqpA=3KW6
-----END PGP SIGNATURE-----