git.samba.org / garming / samba-autobuild / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a047e71) | patch
dsdb/modules: a module to count attribute searches and results
authorDouglas Bagnall <douglas.bagnall@catalyst.net.nz>
Thu, 28 Mar 2019 03:07:48 +0000 (16:07 +1300)
committerAndrew Bartlett <abartlet@samba.org>
Wed, 1 May 2019 05:32:25 +0000 (05:32 +0000)
commit60620273dba1d7f7ff25710c5dd8fd6d32f2d149
treefac078624688c017ddfda35645803e33b68f2c4atree
parenta047e71bc7daea3855fc786c0e1c9d09878bba5fcommit | diff
dsdb/modules: a module to count attribute searches and results

The dsdb module stack can turn a simple search request into a
complicated tree of sub-queries that include attributes not originally
asked for and excluding those that were. The corresponding replies
might contain unrequested attributes or (for good reasons, according
to some module) hide requested ones. The entire stack is there to
meddle and that is what is does. Except *this* module. It just counts.
To understand dsdb performance it helps to have some idea what
requests and replies are flying too and fro. This module, when
inserted anywhere in the stack, counts the requests and replies
passing through and the attributes they contain. This data is stored
in on-disk tdbs in the private/debug directory.

The module is not loaded by default. To load it you need to patch the
source4/dsdb/samdb/ldb_modules/samba_dsdb.c and put "count_attrs"
somewhere in the module lists in the samba_dsdb_init() function. For
example, to examine the traffic between repl_meta_data and
group_audit_log, you would do something like this around line 316:

          "subtree_delete",
          "repl_meta_data",
  +       "count_attrs",
          "group_audit_log",
          "encrypted_secrets",

and recompile. Samba will then write to a number of tdb files in the
debug directory as requests and replies pass through. A simple script
is included to read these files. Doing this:

./script/attr_count_read st/ad_dc/private/debug/debug/attr_counts_not_found.tdb

will print a table showing how often various attritbutes were
requested but not found (from the point of view of the module).

A more sophisticated version of the script is coming in the next
commit, but this one is included first because in its simplicity it
documents the storage format reasonably well. The tdb keys are
attribute names, and the values are uint32_t in machine native order.

When the module is included in the stack there will be a very small
decrease in performance.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
script/attr_count_read [new file with mode: 0755] blob
source4/dsdb/samdb/ldb_modules/count_attrs.c [new file with mode: 0644] blob
source4/dsdb/samdb/ldb_modules/wscript_build_server diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.