Re: issue w/ LDAP that I have encountered

[Quanah Gibson-Mount <quanah@stanford.edu>]

--On Thursday, July 06, 2006 1:06 PM -0500 "Derek R." <derekr@tlc2.uh.edu> 
wrote:

> All,
> I am setting up OpenLDAP w/ the back-sql ( using MySQL ) db module and
> GSSAPI authentication.  I had the authentication working fine, as well as
> the SQL database created ( via the scripts included w/ the
> openldap-servers-sql RPM )  and everything seemed to be fine, except that
> when I submitted any queries ( for example :
> ldapsearch -h ldap.ui.tlc2.uh.edu -p 389 -D "uid=ldap,cn=gssapi,cn=auth"
> -W -b"dc=tlc2,dc=uh,dc=edu"
> ), then I would get a no such object error ( something similar, I can't
> find it in my terminals now, it's been buried under mounds of strace and
> slapd -d1 output ).  So I started testing out various parameters for
> queries and selects and whatnot in slapd.conf ( which, by the way, is
> here :

> please let me know if you need any more information.  Also, I am more
> than willing to wipe out and recreate the database in MySQL ( what's the
> simplest way to do it w/out damaging anything else? ) if that's what
> needs to be done.
> Thanks in advance...
> Regards,
> Derek R.

If your database is disposable, why are you using MySQL?  Why not use a 
high-performance backend like bdb or hdb?

Also, I'll note that the MIT kerberos libraries are magnitudes slower than 
the Heimdal kerberos libraries, so for the server side, I highly suggest 
using the Heimdal libs.

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html