summaryrefslogtreecommitdiff
path: root/source4/winbind/wb_cmd_getpwnam.c
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2009-06-04 14:07:35 +1000
committerAndrew Tridgell <tridge@samba.org>2009-06-04 14:10:11 +1000
commitdfd56dd29415b06b5ea137f8c333da42e8ff1aa6 (patch)
tree487d0e8f42b6f2c39b15fcea4a1ae52b60518a6b /source4/winbind/wb_cmd_getpwnam.c
parent0849c1ef77a0538d5d232016a51c002e2197e776 (diff)
downloadsamba-dfd56dd29415b06b5ea137f8c333da42e8ff1aa6.tar.gz
samba-dfd56dd29415b06b5ea137f8c333da42e8ff1aa6.tar.bz2
samba-dfd56dd29415b06b5ea137f8c333da42e8ff1aa6.zip
changed the auth path to use extended DN ops to avoid non-indexed searches
Logs showed that every SAM authentication was causing a non-indexed ldb search for member=XXX. This was previously indexed in Samba4, but since we switched to using the indexes from the full AD schema it now isn't. The fix is to use the extended DN operations to allow us to ask the server for the memberOf attribute instead, with with the SIDs attached to the result. This also means one less search on every authentication. The patch is made more complex by the fact that some common routines use the result of these user searches, so we had to update all searches that uses user_attrs and those common routines to make sure they all returned a ldb_message with a memberOf filled in and the SIDs attached.
Diffstat (limited to 'source4/winbind/wb_cmd_getpwnam.c')
0 files changed, 0 insertions, 0 deletions