Pattern Buffer:

The slow login times in the Leopard AD plugin seem to be related to a search by macAddress.  If you killall -USR1 DirectoryService, and login on a Leopard machine bound to AD, you’ll notice a query on macAddress in the /Library/Logs/DirectoryService/DirectoryService.debug.log. I am not sure the purpose of this query, but our computer objects don’t even use the macAddress attribute, so the query always results in no records found.

I can manually execute the same query and the time almost perfectly matches the delay I see with logins; about 45 seconds.

time ldapsearch -v -w password -x -h domaincontroller.domain.forest.com -D username@domain.forest.com -b "DC=domain,DC=forest,DC=com" "(&(objectCategory=cn=computer,cn=schema,cn=configuration,dc=forest,dc=com)
(macAddress=00:1a:22:ee:31:ac))”

Just substitute your own domain, forest, domain controller, username, password, and mac address etc to test.

I’ve tried manually mapping macAddress to another attribute, but it didn’t make a difference, so I don’t have any workaround to offer. Adding the macAddress attribute to your computer objects in AD might speed things up, but I have not tested this.  I’ve notified Apple of the issue in radar 5752763, which is marked as a Duplicate of 5679705.  If you see this macAddress query taking a long time, please report this to Apple so it can get fixed sooner rather than later.  Actually, this same query is used during the join process, which may explain the long join times while it searches for an existing computer.

I’ve posted about my rsync experiences in the past.  And results of a prerelease of rsync 3. Anyway I’ve been doing some testing with the final release versions of rsync 3.

It does a good job.  With a couple of patches, it will even preserve file flags and creation times to pass every backup bouncer metadata test.

Unfortunately it is slow compared to the old rsyncx.  A job that took 1.5 hours with rsyncx takes about 6 hours with rsync 3 with extended attribute support turned on.   But that time is for syncing a couple terabytes of data, so if you aren’t comparing that much data, the performance hit won’t be as dramatic.

For a backup that passes the backup bouncer tests, we’ll have to deal with the speed trade off.  Plus rsync 3 is being actively updated and is already much more stable than any previous version of rsync for Mac OS X.

Bombich has already integrated it into Carbon Copy Cloner, and he has a nice updated guide for compiling it with the required patches.