[Date Prev][Date Next]
We are attempting to setup and LDAP server for authentication of
various services (login, radius, pop3...) across a number of servers. We
are in the development/testing phase and have the OpenLDAP 2.0.11 server
running on a RedHat 7.1 server, nss_ldap-149-4 and the latest RPM updates.
This is a PIII-550 with 512MB of RAM, mirrored drives and only a couple of
developers using it at once. The load average is well below 0.2 most of the
When our FTP server starts up (NcFTPd) it reads through the list of
users and groups and caches them for speedy ls results. The test system has
about 7,000 accounts and 40 groups. Prior to using LDAP it would take about
2 seconds for the FTP server to read through the flat files and get going.
Now, we are seeing this in the 26-30 second range. It appears to be sending
the correct filters (objectClass = posixAccount). We have tried various
combinations of indexes but currently only have eq for objectClass. We have
adjusted the caches sizes, threads, concurrency... but all to no avail. It
seems to me that the LDAP server should be able to provide a better result
that what we are seeing.
Does anybody have any suggestions on what we might look into? Or is
this the best we can hope from the LDAP server? I appreciate any feedback
that you might provide on this.
* Larry A. Weidig (email@example.com)
* Excel.Net,Inc. - http://www.excel.net/
* (920) 452-0455 - Sheboygan/Plymouth area
* (888) 489-9995 - Other areas, toll-free