[Freeipa-devel] [PATCH] 0149: ipa-sam: ipa-sam: cache gid to sid and uid to sid requests in idmap cache
Petr Viktorin
pviktori at redhat.com
Wed Mar 12 11:20:29 UTC 2014
On 03/12/2014 11:02 AM, Sumit Bose wrote:
> On Tue, Mar 11, 2014 at 11:04:29PM +0200, Alexander Bokovoy wrote:
>> On Tue, 11 Mar 2014, Sumit Bose wrote:
>>> On Tue, Mar 11, 2014 at 07:09:42PM +0200, Alexander Bokovoy wrote:
>>>> Hi,
>>>>
>>>>
>>>> Add idmap_cache calls to ipa-sam to prevent huge numbers of LDAP calls
>>>> to the
>>>> directory service for gid/uid<->sid resolution.
>>>>
>>>> Additionally, this patch further reduces number of queries by:
>>>> - fast fail on uidNumber=0 which doesn't exist in FreeIPA,
>>>> - return fallback group correctly when looking up user primary group as is
>>>> done during init,
>>>> - checking for group objectclass in case insensitive way
>>>>
>>>> Based on the patch by Jason Woods <devel at jasonwoods.me.uk>
>>>>
>>>> https://fedorahosted.org/freeipa/ticket/4234
>>>> and
>>>> https://bugzilla.redhat.com/show_bug.cgi?id=1073829
>>>> https://bugzilla.redhat.com/show_bug.cgi?id=1074314
>>>
>>> I didn't had a chance to run some test so far, but here are my comments
>>> for the code. I will run some tests tomorrow.
>> Fixed the code according to the comments.
>>
>> I've also changed the patch author to Jason as majority of the work was
>> done by him, I only made it closer to what is expected in Samba and
>> FreeIPA.
>
> Patch looks good and the basic functionality like adding a trust is
> still working.
>
> ACK
Pushed to:
master: d6a7923f71eb69bac53d6ff904086a9abd103dbc
ipa-3-3: 13cd4faf551d7781d27c36bef0e7cbf515e072d2
--
Petr³
More information about the Freeipa-devel
mailing list