[Date Prev][Date Next]
Re: PAM/LDAP performance problem
begin Stefan Brohs quotation:
>Both, user lookup and password lookup seem to search the whole LDAP
>directory without using indexes (slapd takes 99% CPU for the time in
>question), even though they exist on almost all attributes (cn, uid,
>uidnumber, gid, gidnumber, etc.). Since ldapsearch is answering within
There's one item that it's looking for by attribute name and it's not
(this one got me bad), it's searching for some attribute that has no
value assigned to it anywhere in the directory. If no value is assigned
anywhere in the directory, no index gets created for that attribute even
though you have an index defined in slapd.conf.
Start slapd with a debug level -1 and you'll see exactly what it's
searching for. Shut down the server, modify the slapd.conf for the
index, reindex the directory with slapindex (possibly having to do the
dummy record like I did above), and then restart the server.
If it's more than that, I'll be learning myself.
Blue skies... Todd
| Get a bigger hammer! | Are you feeling lucky...punk? |
| http://www.mrball.net | I've had better days... |
| http://faq.mrball.net | It's the end of the world as we know i|