summaryrefslogtreecommitdiff
path: root/source3/param
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2010-04-07 17:45:12 +0200
committerMichael Adam <obnox@samba.org>2011-01-21 13:51:27 +0100
commit9c2fcb689b647be60731ea8ce8abfe22c0e63dde (patch)
tree3107f4efd36a8c79271dd2367098959876f7f8eb /source3/param
parent7a2fa9fc1cf5b26419c9cd915e85030c7f14e764 (diff)
downloadsamba-9c2fcb689b647be60731ea8ce8abfe22c0e63dde.tar.gz
samba-9c2fcb689b647be60731ea8ce8abfe22c0e63dde.tar.bz2
samba-9c2fcb689b647be60731ea8ce8abfe22c0e63dde.zip
s3:winbind: Fork multiple children per domain
This makes us scale better with many simultaneous winbind requests, some of which might be slow. This implementation breaks offline logons, as the cached credentials are maintained in a child (this needs fixing). So, if the offline logons are active, only allow one DC connection. Probably the offline logon and the scalable file server cases are separate enough so that this patch is useful even with the restriction.
Diffstat (limited to 'source3/param')
-rw-r--r--source3/param/loadparm.c24
1 files changed, 24 insertions, 0 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 875cab1629..b45e045d64 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -216,6 +216,7 @@ struct global {
bool bWinbindNormalizeNames;
bool bWinbindRpcOnly;
bool bCreateKrb5Conf;
+ int winbindMaxDomainConnections;
char *szIdmapBackend;
bool bIdmapReadOnly;
char *szAddShareCommand;
@@ -4773,6 +4774,15 @@ static struct parm_struct parm_table[] = {
.enum_list = NULL,
.flags = FLAG_ADVANCED,
},
+ {
+ .label = "winbind max domain connections",
+ .type = P_INTEGER,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.winbindMaxDomainConnections,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
{NULL, P_BOOL, P_NONE, NULL, NULL, NULL, 0}
};
@@ -5279,6 +5289,7 @@ static void init_globals(bool reinit_globals)
Globals.bResetOnZeroVC = False;
Globals.bLogWriteableFilesOnExit = False;
Globals.bCreateKrb5Conf = true;
+ Globals.winbindMaxDomainConnections = 1;
/* hostname lookups can be very expensive and are broken on
a large number of sites (tridge) */
@@ -5651,6 +5662,19 @@ FN_GLOBAL_BOOL(lp_winbind_offline_logon, &Globals.bWinbindOfflineLogon)
FN_GLOBAL_BOOL(lp_winbind_normalize_names, &Globals.bWinbindNormalizeNames)
FN_GLOBAL_BOOL(lp_winbind_rpc_only, &Globals.bWinbindRpcOnly)
FN_GLOBAL_BOOL(lp_create_krb5_conf, &Globals.bCreateKrb5Conf)
+static FN_GLOBAL_INTEGER(lp_winbind_max_domain_connections_int,
+ &Globals.winbindMaxDomainConnections)
+
+int lp_winbind_max_domain_connections(void)
+{
+ if (lp_winbind_offline_logon() &&
+ lp_winbind_max_domain_connections_int() > 1) {
+ DEBUG(1, ("offline logons active, restricting max domain "
+ "connections to 1\n"));
+ return 1;
+ }
+ return MAX(1, lp_winbind_max_domain_connections_int());
+}
FN_GLOBAL_CONST_STRING(lp_idmap_backend, &Globals.szIdmapBackend)
FN_GLOBAL_BOOL(lp_idmap_read_only, &Globals.bIdmapReadOnly)