mirror of
https://github.com/samba-team/samba.git
synced 2025-01-10 01:18:15 +03:00
2fa2f132ae
In a typical user login query, the code tries to work out the PSO 2-3 times - once for the msDS-ResultantPSO attribute, and then again for the msDS-User-Account-Control-Computed & msDS-UserPasswordExpiryTimeComputed constructed attributes. The PSO calculation is reasonably expensive, mostly due to the nested groups calculation. If we've already constructed the msDS-ResultantPSO attribute, then we can save ourselves extra work by just re-fetching the result directly, rather than expanding the nested groups again from scratch. The previous patch improves efficiency when there are no PSOs in the system. This should improve the case where there are PSOs that apply to the users. (Unfortunately, it won't help where there are some PSOs in the system, but no PSO applies to the user being queried). Also updated sam.c so the msDS-ResultantPSO gets calculated first, before the other constructed attributes. Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Wed May 23 10:09:11 CEST 2018 on sn-devel-144 |
||
|---|---|---|
| .. | ||
| gensec | ||
| kerberos | ||
| ntlm | ||
| tests | ||
| auth.h | ||
| pyauth.c | ||
| pyauth.h | ||
| sam.c | ||
| samba_server_gensec.c | ||
| session.c | ||
| session.h | ||
| system_session.c | ||
| unix_token.c | ||
| wscript_build | ||
| wscript_configure | ||