Hi,
auths/second. This one has peaked at nearly 90 auths/second. This is nice - it seems execing ntlm_auth really is the problem (this is Samba 3.6.6, all running on HP DL380G6, 2-CPU Xen VMs ~1Gb RAM [mostly unused]).
oh its running ntlm_auth thats the bottleneck for sure - as the server can do many x100's more PEAP when using users file, LDAP or SQL backends.
Add ntlm_auth helper mode to 3.0.x now, which should be safe and run on anything that has ntlm_auth. And will be, IMO, nearly as fast as calling libwbclient directly. This should fix the AD auth issues for anyone with FR3. (I'm happy to provide patches as-is for Samba and FR2 for any that want, but they're not going to be merged.)
Finish and submit patch to Samba, then add libwbclient mode either later on in 3.0.x or more likely to 3.1.x, due to the timescales of the Samba release.
i thought we were going for all approaches andway - libwbclient method, ntlm_auth helper mode etc etc. I would just go for 3.0.x now anyway (I think Alan would say theres no choice, 2.x has no new features....) that MIGHT match the timescales for some distros anyway - and if there can be a run-time check for libwbclient thread-safe then it can use the feature. the other small performance tweak is to get the privileged file off disk - use tmpfs/ramdisk for the file (particularly in VMs!!) alan