[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Optimizing OpenLDAP pam authentication (it's very slow)

To: Wil Cooley <wcooley@nakedape.cc>
Subject: Re: Optimizing OpenLDAP pam authentication (it's very slow)
From: Matthew Gregg <greggmc@musc.edu>
Date: Thu, 31 May 2001 14:20:38 -0400
Cc: GOMBAS Gabor <gombasg@inf.elte.hu>, openldap-software@OpenLDAP.org
Content-disposition: inline
In-reply-to: <20010531110426.D6812@rheingold.nakedape.priv>
References: <Pine.LNX.4.33.0105302214570.17993-100000@verdi.cs.byu.edu> <20010531093224.A8064@musc.edu> <3B164BB8.8C98430E@keyspanenergy.com> <20010531103558.D8064@musc.edu> <20010531165345.U118286@pandora.inf.elte.hu> <20010531110639.A8423@musc.edu> <20010531110426.D6812@rheingold.nakedape.priv>
User-agent: Mutt/1.3.18i

slapindex spews errors if I try to index uniqueMember with
equality. Only the presence index works.

On Thu, May 31, 2001 at 11:04:26AM -0700, Wil Cooley wrote:
> Thus spake Matthew Gregg:
> > But I no longer have memberUid in my LDAP. Should I index a
> > nonexistent object?
> > 
> > As my email stated, the PADL migrations scripts create ldif's that use
> > the memberUid schema, but after some advice from this group I changed
> > the migrations script to produce grouOfUniqueNames/uniqueMember
> > schema.
> > At the point that I was in fact using memberUid's I did have it
> > indexed and had the exact same performance problem.
> 
> Did you have it indexed for presence or equality?  You have uniqueMember
> indexed here for presence, which I don't think is enough--you need it
> indexed for equality too.
> 
> > Does anyone know the correct "configuration" for nsswitch/pam
> > authentication? Is it "memberUid" or "grouOfUniqueNames/uniqueMember"
> > or neither?
> 
> RFC 2307 only defines memberUid, ont uniqueMember.
> 
> Wil



-- 
brought to you by, Matthew Gregg...
one of the friendly folks in the IT Lab.
--------------------------------------\
The IT Lab (http://www.itlab.musc.edu) \____________________
Probably the world's premier software development center.
Serving: Programming, Tools, Ice Cream, Seminars

References:
- Re: Optimizing OpenLDAP pam authentication (it's very slow)
  - From: Matthew Gregg <greggmc@musc.edu>
- Re: Optimizing OpenLDAP pam authentication (it's very slow)
  - From: "Andrew Petrov" <apetrov@keyspanenergy.com>
- Re: Optimizing OpenLDAP pam authentication (it's very slow)
  - From: Matthew Gregg <greggmc@musc.edu>
- Re: Optimizing OpenLDAP pam authentication (it's very slow)
  - From: GOMBAS Gabor <gombasg@inf.elte.hu>
- Re: Optimizing OpenLDAP pam authentication (it's very slow)
  - From: Matthew Gregg <greggmc@musc.edu>
- Re: Optimizing OpenLDAP pam authentication (it's very slow)
  - From: Wil Cooley <wcooley@nakedape.cc>

Prev by Date: Re: Optimizing OpenLDAP pam authentication (it's very slow)
Next by Date: Re: Optimizing OpenLDAP pam authentication (it's very slow)
Index(es):
- Chronological
- Thread