[Date Prev][Date Next] [Chronological] [Thread] [Top]

openldap very fast on one machine, slow on another



I have OpenLDAP 2.2 set up on a test machine and it's very fast. Once I got it set the way I wanted I did an install on a production machine and it's very slow. It's so slow that if I tell sshd to only allow certain groups to authenticate, it fails because it times out before the groups are retrieved. On the test (fast) machine the "groups user" command takes less than 1 second to retrieve the list of users. On the production (slow) machine, it takes almost 13 seconds for the same user. If I point the slow machine at the fast machine it still takes less than 1 second as opposed to the 13 seconds for localhost. The same time difference is obvious using ldapsearch as well.

The only difference I can find between the machine is that the fast test machine is an old Dell OptiPlex Gx1p desktop with a PII 600 and 256 MB RAM and the slow production machine is a Dell PowerEdge 2550 with a PIII 1000 and 512 MB RAM.

They both have the same data in the directory, the same configuration, same software versions:

SuSE Linux 9.1
OpenLDAP 2.2.6
pam_ldap 169
nss_ldap 215
openssl 0.9.7d
db 4.2.52

/etc/ldap.conf match
/etc/slapd.conf match
/etc/security/pam_unix2.conf match
/etc/nsswitch.conf match
/etc/sysconfig/ldap match
/etc/sysconfig/openldap match

Actually, I just found something that doesn't match. The fast box is using kernel 2.6.5 and the slow box is using 2.6.8.

   Any ideas on how to track down what's causing this problem?

Thanks,

Jason Joines
================================