[Date Prev][Date Next] [Chronological] [Thread] [Top]

Slow LDAP



Is there some way to speed up LDAP?  I am guessing this has to do with it
searching the database on ldap?  This is a new server and my old one did
not take that long.  It is not as slow if just one or two people are
logging in with ldap, but when many login, it seems to bring ldap to a
bottle neck, I guess while searching the directory for all the names.

There are probably about 1000 users in my LDAP.  Is that too large?  I
assume it isn't since most of the other schools around have AD which is
basically Microsoft LDAP if I understand correctly and they have no
problems and have many more users than I have.

Can multiple schema's in the config file cause this?  I know that on my
old server I had the following in slapd.conf:

core
cosine
inetorgperson
nis
samba

On my new one it has the above plus:

corba
duaconf
dyngroup
java
misc
openldap
ppolicy
collective

Those were just in there when I installed it so I left them.  Should I
take them out or would that not have any affect on logins at all?  I am
guessing that they wont' affect anything and it is more related to some
sort of configuration in my ldap configs.

Is there something else I need in a config?  Here are my configs.
slapd.conf
include                /etc/openldap/schema/corba.schema
include                /etc/openldap/schema/core.schema
include                /etc/openldap/schema/cosine.schema
include                /etc/openldap/schema/duaconf.schema
include                /etc/openldap/schema/dyngroup.schema
include                /etc/openldap/schema/inetorgperson.schema
include                /etc/openldap/schema/java.schema
include                /etc/openldap/schema/misc.schema
include                /etc/openldap/schema/nis.schema
include                /etc/openldap/schema/openldap.schema
include                /etc/openldap/schema/ppolicy.schema
include                /etc/openldap/schema/collective.schema
include                /etc/openldap/schema/samba.schema
loglevel -1
sizelimit -1
allow bind_v2
pidfile                /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args
database        bdb
suffix                "dc=school,dc=bloomfield.k12.mo.us"
checkpoint        1024 15
rootdn                "cn=Manager,dc=school,dc=bloomfield.k12.mo.us"
rootpw                *****
directory        /var/lib/ldap
index objectClass                       eq
index cn,sn,uid,displayName                eq,pres,sub
index uidNumber,gidNumber                eq
index memberUid                             eq
index sambaSID,sambaPrimaryGroupSID     eq
index sambaDomainName                        eq
index default                                sub
database monitor


ldap.conf
SIZELIMIT        200
HOST 127.0.0.1 10.0.0.5
BASE dc=school,dc=bloomfield.k12.mo.us


I have a DB_CONFIG file that contains the following, but not sure if it
needs anything else or not:

set_cachesize 0 268435456 1
set_lg_regionmax 262144
set_lg_bsize 2097152

Thanks for any info.

-- 
Scott Mayo - System Administrator
Bloomfield Schools
PH: 573-568-5669  FA: 573-568-4565

Question: Because it reverses the logical flow of conversation.
Answer: Why is putting a reply at the top of the message frowned upon?