[Date Prev][Date Next]
I set up OpenLDAP for the first time and after long hours of manual reading
and trial and error, managed to get a few entries into LDAP database.
Tried Sendmail with LDAP routing and it worked fine. Decided trying user
authentication as well. I used MigrationTools-34 and nss_ldap-139 from
padl.com site. After converting about 8000 /etc/passwd entries to LDIF, fed
it to LDAP with slapadd, took about a minute to create databases and indexes.
However, when I changed /etc/nsswitch.conf passwd/group entries to ldap, the
load average of the LDAP server (mostly idle PIII with 64 MB of RAM) rose up
to 1.25 and would keep rising if I didn't revert /etc/nsswitch.conf back to
its original form. Though it was late night (2-3 users on online) LDAP server
performed very poorly, ls -l on a directory with 10 files took about 30
To brief up, I wonder if I've done something terribly wrong [by using
nss_ldap -- it seems to be an overkill to make getpw*/getsp* and all others
query LDAP] or did others get similar results?
There is another issue regarding disk quotas. Now that I've moved all user
information to an LDAP server (though badly) I'd like to centralize all
user information, hence store user quotas on LDAP as well. However, since
I'm going to allow shell access, the only check here seems to be done in
the kernel space (e.g. chkdq() in BSD). Though it seems impossible without
hacking the kernel, I wonder if anyone has created a solution and/or a
workaround for this.