[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: PAM/LDAP performance problem

To: Stefan Brohs <sbrohs@iprimus0800.net>
Subject: Re: PAM/LDAP performance problem
From: Marcin Radecki <marcinr@student.uci.agh.edu.pl>
Date: Fri, 6 Jul 2001 15:02:19 +0200 (MET DST)
Cc: Todd Lyons <todd@mrball.net>, <openldap-software@OpenLDAP.org>
In-reply-to: <3B45B269.5040904@iPrimus0800.net>

In my opinion this enormous search is performed by nss_ldap module
rather than pam_ldap module.
Would you like to replace line form /etc/nsswitch.conf
for field 'group: files ldap' with 'group: files'?
Then restart your ftpd and check if this search is done
again.

Thanks,
Marcin

On Fri, 6 Jul 2001, Stefan Brohs wrote:

> Alright, I was watching the following logs and discovered, that while
> looking for objectclass=posixaccount all entries (6000) were read. This
> took a long time, because I set the sizelimit parameter to 50000 before.
> I'm very sure, that this might be nonsense, but:
>
> - why is PAM reading all group entries at all (and more than once)?
> - and why does the login proceed when reducing the sizelimit (to 50) and
> the SRCH results in error??
>

Follow-Ups:
- Re: PAM/LDAP performance problem
  - From: Stefan Brohs <sbrohs@iprimus0800.net>

References:
- Re: PAM/LDAP performance problem
  - From: Stefan Brohs <sbrohs@iprimus0800.net>

Prev by Date: Re: I'm puzzled (problem with ACLs)
Next by Date: Re: I'm puzzled (problem with ACLs)
Index(es):
- Chronological
- Thread