[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap-1.x vs. openldap-2.x

On Thu, 9 Aug 2001, Andreas Stollar wrote:

> I just tried to migrate my ldap db to openldap-2.0.11. After a few minor
> cleanups in the ldif file dumped from openldap-1.2.11, everything worked.
> However, once I loaded up the box in a production environment, the thing
> just fell flat on its face, performance was so slow as to be unacceptable.

I had that problem once, but since I managed to set up the indexes properly,
it has worked like a dream - no noticable slowdown, and some users have
commented that it seems to be running faster.  

> successfully? Copies of my slapd.conf and qmail.schema (slightly
> customized) can be found here:
> http://www.speakeasy.org/~andreas/ldap/slapd.conf

You haven't indexed ObjectClass, which is a frequent hit.  If you're using
NSSLDAP you'll also be hitting uidnumber pretty hard, which will be slowing
you down some as well.

Finally, it's quite possible that you haven't actually remade the indexes. 
Check your /usr/local/openldap for the index files, called <attribute>.dbb,
and if they're not there or are small (my uid.dbb is 28kB for a couple of
hundred users) then stop your LDAP server and run slapindex.  Also, if you
change the index parameters (*anything*) then rerun slapindex while slapd
isn't running.  The slapd program does not index records in the database.

> Any input would be appreciated, I'll stick with openldap-1.2.12 for now,
> but it scares me that is has been relegated to the 'historical' section.

OpenLDAP 2 is *very* sweet, but it's much more complex.

#include <disclaimer.h>
Matthew Palmer