[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: PAM/LDAP performance problem

begin  Stefan Brohs quotation:
>Both, user lookup and password lookup seem to search the whole LDAP 
>directory without using indexes (slapd takes 99% CPU for the time in 
>question), even though they exist on almost all attributes (cn, uid, 
>uidnumber, gid, gidnumber, etc.). Since ldapsearch is answering within 

There's one item that it's looking for by attribute name and it's not
finding it


(this one got me bad), it's searching for some attribute  that has no 
value assigned to it anywhere in the directory.  If no value is assigned
anywhere in the directory, no index gets created for that attribute even 
though you have an index defined in slapd.conf.

Start slapd with a debug level -1 and you'll see exactly what it's
searching for.  Shut down the server, modify the slapd.conf for the
index, reindex the directory with slapindex (possibly having to do the 
dummy record like I did above), and then restart the server.

If it's more than that, I'll be learning myself.
Blue skies...		Todd
| Get a bigger hammer!   |  Are you feeling lucky...punk?         |
| http://www.mrball.net  |  I've had better days...               |
| http://faq.mrball.net  |  It's the end of the world as we know i|