Am 29.03.2015 um 13:53 schrieb Dieter Klünter:I know that, but i assumed you mean't something else, becauseAm Fri, 27 Mar 2015 20:17:12 +0100 schrieb Timo Eissler <timo@teissler.de>:Which search filters do you mean? I didn't executed any ldapsearch commands while i got the messages. There's just sssd on my two notebooks and pam_ldap/nss_ldap on the server itself.It is not you, performing a search, but pam-ldap. The nsswitch and pam configuration file is /etc/ldap.conf or, depending on the distribution, /etc/pam-ldap.conf. Have a look at filters and search base. If these are nor configured properly and indexed, it may raise a high server load. -Dieter i already posted my /etc/ldap.conf with the initial mail to the list. But here is it again:
host 127.0.0.1
base dc=foobar,dc=local uri ldap://localhost/ ldap_version 3 scope one bind_policy soft idle_timelimit 3600 pam_filter objectclass=posixAccount pam_member_attribute memberuid pam_min_uid 1000 pam_password exop nss_base_passwd ou=People,dc=foobar,dc=local?one nss_base_shadow ou=People,dc=foobar,dc=local?one nss_base_group ou=Groups,dc=foobar,dc=local?one nss_base_hosts ou=Hosts,dc=foobar,dc=local?one ssl start_tls nss_initgroups_ignoreusers root,bin,daemon,adm,lp,sync,shutdown,halt,news,uucp,operator,portage,nobody,man,sshd,cron,mail,postmaster,ldap,m ysql,mediatomb,dovecot,dovenull,apache,openvpn,clamav,bacula,asterisk,ntp -Timo -Timo Am 26.03.2015 um 23:23 schrieb Dieter Klünter:Am Thu, 26 Mar 2015 19:16:05 +0100 schrieb Timo Eissler <timo@teissler.de>:I have no custom threads settings in my slapd.conf. Currently slapd is running with 12 threads on my system with 8 cores (with hyperthreading).[...] I have seen this before. Could you provide an example of your search filters an the number of connections within a given time? -Dieter -- Timo Eissler Senior Project Engineer / Consultant Am Zuckerberg 54 D-71640 Ludwigsburg Tel.: +49 7141 4094003 Mobil.: +49 151 20650311 Email: timo@teissler.de |
Attachment:
signature.asc
Description: OpenPGP digital signature