[Date Prev][Date Next] [Chronological] [Thread] [Top]

pam search


What is the effect on performance of having a large ldap DIT and pam
pointing to the root?

Say I have a large corporate LDAP server where I have ou=people,
ou=hardware, and ou=software under my root DN.
Say that /etc/ldap.conf (/etc/ldap/ldap.conf) has "BASE
When I login as "ghibble" pam_ldap has to hit (starting at root dn)
searching for "uid=ghibble".
Is it possible that LDAP may search all the hardware and software "ou"s
and then "people" finding "uid=ghibble" last?
Is it possible to tell pam_ldap just to search "people".
Is this the same for nss_ldap?