[Date Prev][Date Next]
Re: PAM/LDAP performance problem
Well, this works. But I have to remark that it doesn't make sense to me,
because there is no group lookup anymore:
uid=20001(U190567) gid=7335 groups=7335
Maybe I should get into a deeper touch with nss_*
Marcin Radecki wrote:
In my opinion this enormous search is performed by nss_ldap module
rather than pam_ldap module.
Would you like to replace line form /etc/nsswitch.conf
for field 'group: files ldap' with 'group: files'?
Then restart your ftpd and check if this search is done
On Fri, 6 Jul 2001, Stefan Brohs wrote:
Alright, I was watching the following logs and discovered, that while
looking for objectclass=posixaccount all entries (6000) were read. This
took a long time, because I set the sizelimit parameter to 50000 before.
I'm very sure, that this might be nonsense, but:
- why is PAM reading all group entries at all (and more than once)?
- and why does the login proceed when reducing the sizelimit (to 50) and
the SRCH results in error??