[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Optimizing OpenLDAP pam authentication (it's very slow)

To: <openldap-software@OpenLDAP.org>
Subject: Re: Optimizing OpenLDAP pam authentication (it's very slow)
From: Michael L Torrie <torriem@cs.byu.edu>
Date: Thu, 31 May 2001 10:32:49 -0600 (MDT)
In-reply-to: <20010531114253.C8454@musc.edu>

Okay, my ldap server is running very quickly now.  I'm using the following
indexes (I have not modified how the groups are stored from the migrate
script):

index uid,cn,gidNumber,uidNumber,memberUid eq
index objectClass pres,eq

I then ran slapindex and restart ldap.  Now when I ls -l all the user
directories, they show up right away.  Logging in via samba on a windows
machine barely touches ldap at all right now.  su'ing to a user is almost
instant.  I'm also running nscd.  Those who are playing around with index
settings, did you remember to run slapindex to generate the indexes?  Once
I did that, things are full speed now.

Does this help Matthew?

Michael

On Thu, 31 May 2001, Matthew Gregg wrote:

> I've seen that and tried that.  What that does is "and" your filter
> with the default filter.  How to change/override the default filter would be
> the trick. Right?
>
> On Thu, May 31, 2001 at 05:24:41PM +0200, GOMBAS Gabor wrote:
> > On Thu, May 31, 2001 at 11:12:38AM -0400, Matthew Gregg wrote:
> >
> > > Also, the filter that is being run is coming from nsswitch/pam_ldap.
> > > It's not something that I can configure, without some code changes.
> >
> > Yes you can. Look at the sample ldap.conf in the nss_ldap distribution
> > (the nss_base_* parameters).
> >
> > Gabor
> >
>
>

Follow-Ups:
- Re: Optimizing OpenLDAP pam authentication (it's very slow)
  - From: Matthew Gregg <greggmc@musc.edu>

References:
- Re: Optimizing OpenLDAP pam authentication (it's very slow)
  - From: Matthew Gregg <greggmc@musc.edu>

Prev by Date: ldapadd cannot contact slapd server
Next by Date: [no subject]
Index(es):
- Chronological
- Thread