[Date Prev][Date Next]
Re: slow ldap authentication
2011/1/4 bluethundr <firstname.lastname@example.org>:
> Hi list,
> It's been a few days and I just wanted to check back to see if anyone
> had any troubleshooting tips that might help to solve this situation
> that I'm dealing with as I'm still a relatively new LDAP admin. I
> really appreciated your advice in the past and have overcome some very
> significant technical hurdles with your assistance on a number of
> Thanks in advance!and I would like to wish you a belated happy new year!
> On Sun, Jan 2, 2011 at 12:58 AM, bluethundr <email@example.com> wrote:
>> Hello list!!
>> I would greatly appreciate your help with an issue I am having here.
>> It seems that when you log into hosts on the network via ldap
>> authentication, said authentication is extremely sloooowww... on the
>> order of up to 30 seconds to log in! I could use some assistance in
>> correlating the information in the logs with the way that slapd.conf
>> is configured.
>> What I did to capture the event in the logs was to (after backing
>> them up) empty them with cat /dev/null > /var/log/openldap.log and
>> then log into a host on the network via an ldap account. Right after
>> login was finished I copied the log file to another location on the
>> nas and enclosed it here. Therefore it reflects only what happened
>> during the login. I've also enclosed my slapd.conf and ldap schema as
>> attachments for your perusal.
>> I've attempted adding some indexes to the configuration to alleviate
>> the situation but unfortunately this had no effect. The ones I added
>> were uid and uidNumber which I've read can help address this sort of
>> [root@LBSD2:~]#grep -i index /usr/local/etc/openldap/slapd.conf
>> index objectClass,uid,uidNumber eq
>> index sudoUser eq
>> thanks in advice with any assistance you can provide.
>> best regards
>> GPG me!!
>> gpg --keyserver pgp.mit.edu --recv-keys F186197B
> GPG me!!
> gpg --keyserver pgp.mit.edu --recv-keys F186197B
It looks like DNS issue, not LDAP.
Try setting "UseDNS no" in sshd_config