[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Questionable log entries

Am 29.03.2015 um 13:53 schrieb Dieter Klünter:
Am Fri, 27 Mar 2015 20:17:12 +0100
schrieb Timo Eissler <timo@teissler.de>:

Which search filters do you mean?

I didn't executed any ldapsearch commands while i got the messages.
There's just sssd on my two notebooks and pam_ldap/nss_ldap on the
server itself.
It is not you, performing a search, but pam-ldap.
The  nsswitch and pam configuration file is /etc/ldap.conf or,
depending on the distribution, /etc/pam-ldap.conf. Have a look at
filters and search base. If these are nor configured properly and
indexed, it may raise a high server load.


I know that, but i assumed you mean't something else, because
i already posted my /etc/ldap.conf with the initial mail to the list.

But here is it again:

base dc=foobar,dc=local
uri ldap://localhost/
ldap_version 3
scope one
bind_policy soft
idle_timelimit 3600
pam_filter objectclass=posixAccount
pam_member_attribute memberuid
pam_min_uid 1000
pam_password exop
nss_base_passwd      ou=People,dc=
nss_base_shadow      ou=People,dc=
nss_base_group       ou=Groups,dc=
nss_base_hosts             ou=Hosts,dc=
ssl start_tls
nss_initgroups_ignoreusers root,bin,daemon,adm,lp,sync,shutdown,halt,news,uucp,operator,portage,nobody,man,sshd,cron,mail,postmaster,ldap,m



Am 26.03.2015 um 23:23 schrieb Dieter Klünter:
Am Thu, 26 Mar 2015 19:16:05 +0100
schrieb Timo Eissler <timo@teissler.de>:

I have no custom threads settings in my slapd.conf.

Currently slapd is running with 12 threads on my system with 8
cores (with hyperthreading).

I have seen this before. Could you provide an example of your search
filters an the number of connections within a given time?



Timo Eissler
Senior Project Engineer / Consultant

Am Zuckerberg 54
D-71640 Ludwigsburg

Tel.: +49 7141 4094003
Mobil.: +49 151 20650311
Email: timo@teissler.de

Attachment: signature.asc
Description: OpenPGP digital signature