| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=KjxlzQILpYPhu0HnlzcCh3adLhiVCwSJMZD/lKtcworYAx1Iprui7 | |
| pyuxZIo1NKDvO7SuQYpMJeCoC7uSzFqTOZww3g8bEmVb4RhkAz2UVSf+lEZ15x67 | |
| MPiBcybOiN7leXgFj8c2XYWNgrTwkmkl1scA6jAsW0SYNGszzl9Nmk= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=rFaeGc5/nsZUIqLPcDLst04prmI=; b=b7ikDlGOkNPU+RseM/xJQ5kPsS+R | |
| aDpqq12yu8CY/D0ydtI1tKckmr5oKS1ar0qsQfGPb66ZVJ105JOSGG89AFK40+l/ | |
| +6zT4YbICrkueFJdqQLGSMKBM1cCC2r4vYR8TV19DzIBqx2SGYmL7GM8TEo72oI8 | |
| MX44nCOmRCDLxls= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-0.9 required=5.0 tests=AWL,BAYES_00,SPAM_BODY1 autolearn=no version=3.3.2 |
| X-HELO: | calimero.vinschen.de |
| Date: | Mon, 23 Feb 2015 18:47:09 +0100 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: TEST RELEASE: Cygwin 1.7.35-0.3 |
| Message-ID: | <20150223174709.GB26549@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <20150220102927 DOT GR26084 AT calimero DOT vinschen DOT de> <6695-1424465180-282140 AT sneakemail DOT com> <20150223111721 DOT GH437 AT calimero DOT vinschen DOT de> <9116-1424712152-918733 AT sneakemail DOT com> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <9116-1424712152-918733@sneakemail.com> |
| User-Agent: | Mutt/1.5.23 (2014-03-12) |
--Fba/0zbH8Xs+Fj9o Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Feb 23 10:22, John Hein wrote: > Corinna Vinschen corinna-cygwin-at-cygwin.com |cygwin_ml_nodigest| wrote = at 12:17 +0100 on Feb 23, 2015: > > Come to think of it, it's probably really just slow. The difference > > between mkpasswd/mkgroup for domain accounts: > > > > 1.7.33: > > > > Calls NetUserEnum/NetGroupEnum,NetLocalGroupEnum with maximum Buffer > > size. > > > > 1.7.34+: > > > > Calls an LDAP enumerator fetching 100 SIDs per call. > > For each SID: > > Call LookupAccountSid. > > For each User: > > Depending on nsswitch.conf, call LDAP to fetch the extended pass= wd > > info (pw_shell, pw_home, pw_gecos). > > > > I guess there's some room for improvement. > > > > OTOH, keep in mind that you're not suppsoed to call mkpasswd/mkgroup > > to enumerate your entire organization. If you're using it at all, then > > only to create the required entries in /etc/passwd and /etc/group for > > your local acocunt to work, and then leave everything else to the "db" > > setting. >=20 > Fair enough. I'll stop stress testing mkpasswd and consider this > closed unless there's something we want to try. >=20 > But 1.7.33 seems much faster (if you can call 50 minutes fast) at it > than 1.7.34-6 or 1.7.35-0.3 in this large-ish AD. Maybe a knob to > specify buffer size and/or some other knobs might help identifying the > slowest parts (and/or some stats). Just a thought. I'll have a look into improving the stuff for sure. I think this requires to limit the number of LDAP calls in the first place. Rather then fetching SIDs only, the enumerator should fetch all required account= =20 information immediately, so the number of LDAP calls will be #accounts / 100 =3D=3D 80 rather than the today's #accounts 100 + #accounts =3D=3D 8080. The extra 8000 LookupAccountSid calls would go away, too. > I'll add that the 1.7.34-6 'strace mkpasswd -d' that I had started > above finished in 20+ hours and spewed ~3500 of ~8000 entries. It may be a restriction on your server. There're often settings limiting the number of calls per client. Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --Fba/0zbH8Xs+Fj9o Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJU62edAAoJEPU2Bp2uRE+gWR4P/3svyIAW+SqNT0SC+prlupZ5 0oSJSEYJ8UYSWx+feWRRq5Blh8BKf89ATP4C8IGUGZn5iFgoFCEE4ltqhXbZbUrp BLpKiL039gE21nZc3S2WR1eSsQuiprumkGm9N23EduZGf6NS01qa2fQF3+LeFdcp a9VYcyQyfDAd8GvEWM+kZerulztOyxCytTWkk7WYpbnK0x7eBQoW5q/ZGYKAyZPy 0cULl86A0EsPCLuHCGlmNiRMEIabRoXpjkneqEWodZVPjURzokGVrYjyvP5EfRwY 6TMi4fLIRjdD4TS0lfZE4E8/5mHM1825hw7krkZXll1NnONxTfROpJaQKrGBOhh5 43TIY0q03BUI7dT0Rl/C1gC+9tuDJ+9ofbwoHWdqa0khOLlqBwBcMic3NrTSRsig w0DECJG1NMm/jwbtVxzmT+PNGYcsC40FTzmrNYx/iABcNvf4N5bRD0CoZ/UloCfu keNLrtyyR3lfznPdBlNBCnj+X2zBL7jYmRB+wyXV/n3tnlRdYgGuQQYpvHZlL8e9 ToB5eNxmenzOB1xqRYEjul79wxOfxp1bDeCgHFzyHVIg80BbmgBMw+enXfqP4A0x LFaHD8kVnUPvnT76LJI90tBVg7Sakyx11TUTtyY2x8nzPNHGY7tWDSdxaHOqt68D UOQMnf8G3UWny8Q1z2jY =8Qz6 -----END PGP SIGNATURE----- --Fba/0zbH8Xs+Fj9o--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |