[Date Prev][Date Next] [Chronological] [Thread] [Top]

multiple attribute search with single return slowness

To: openldap-software@OpenLDAP.org
Subject: multiple attribute search with single return slowness
From: Blomberg David <dblomber@Libertec.com>
Date: Mon, 26 Apr 2004 12:16:43 +0900

I am having a slowness response problem using Postfix on OpenLDAP (I
have narrowed it down to LDAP response time being my largest bottleneck
when querying multiple attributes.
(This system supports over 4000 user accounts so before telling me how
fast it is for you I noticed a big speed didference between 2000 users
which was quick and when I went up to 4000---there might be something I
misssed or a change I need to make for the larger user base if anyone
knows of this please let me know)

for instance:

(&(|(mail=%s)(mailalternateaddress=%s))(accountstatus=active))
which I ask to return "mailmessagestore"

and 

(|(mail=%s)(mailalternateaddress=%s))
which I have return "mailforwardingaddress"

System:
SMP Xeon based system with 4 GB RAM running Red Hat Enterprise Server
3.0 using Postfix (fixed version that works against LDAP) and OpenLDAP
as provided by Red Hat. (I am coming here as Red Hat support is all but
non-existant and I am tring a custom compiled from Open LDAP version in
parallel to the full Red Hat system) 

What I have tried up until now:
1-enabling Postfix side LDAP caching 
	ldapXXXX_cache = yes
	ldapXXXX_cache_expiry = 60000
	ldapXXXX_cache_size = 32768

	This did not work at all it only resulted in a number of errors to the
log and a web search that blamed it not working of LDAP..... (Actually I
believe this would fall to Postfix, but regardless it is broken so I am
unable to cache the results

2-I started the search lower on the tree before I searched in
"o=domain.com" now I search in "ou=local_people,o=domain.com" and
"ou=remote_people,o=domain.com"  

	This didnt show any speed ups.

3-I tried downloading and compiling OpenLDAP from scratch.
	After fully populating the database I find it a little quicker and on
various test I come up as twice as fast for single attribute look ups,
but only marginally faster for multiple attribute lookups.
	(As an aside I found that Red Hat was allowing some bad data to be
input that OpenLDAP strict checking does not allow but Red Hat LDIF
import never complaigned about so I fixed the entries-if nothing else at
least I got some mess cleaned out of the system)

4-I tried adjusting my indexes in slapd.conf:
	index
mail,mailalternateaddress,accountstatus,mailmessagestore,mailforwardingaddress eq
	Unfortunately after doing this and rebuilding the indexes I started
loosing the ability to log in and other odd errros developed until I
undid this.
**actaully I am hoping someone can tell what I messed up on this ont as
proper indexes are my best hope.**

5-Disabled the binding and all look up are now annonymous
	slight performance increase.


Any help that could help me increase the LDAP response speed would be
very much appreciated.


Thank You	 
-- 
David Blomberg
AIS, APS, ASE, CCNA, LCP, LCA, Linux+, LPI I, MCP, MCSA, MCSE, RHCE, Server+
Nihon Libertec
dblomber@libertec.com

Follow-Ups:
- Re: multiple attribute search with single return slowness
  - From: Quanah Gibson-Mount <quanah@stanford.edu>
- Re: multiple attribute search with single return slowness
  - From: Tony Earnshaw <tonye@billy.demon.nl>
- Re: multiple attribute search with single return slowness
  - From: Buchan Milne <bgmilne@obsidian.co.za>

Prev by Date: Re: add attribute to top objectClass
Next by Date: Schema Files
Index(es):
- Chronological
- Thread