|
|
Re: slow group membership lookup: msg#00022ldap.padl.nss
to den 14.09.2006 Klokka 11:00 (+1000) skreiv Joe Lin: > I am using nss-ldap to resolve users and groups using ldap. However, > when I run 'id' command to resolve a userid (eg. id dodo1682), it takes > a really long time. So, I did a strace id dodo1682 and found that it is > searching for all groups in ldap. ie: > > objectClass=posixGroup > > Is there a way to prevent it from searching all the groups from entire > ldap directory? I have looked at the nss-ldap archives and not found any > authoritive answers on this, only a patch from 2003. > > Any help on this matter is appreciated. How many Posix groups do you have, for goodness sake? Even if you had a million, using OpenLDAP 2.3 latest, with properly indexed attributes and a good DB_CONFIG, you should get your result in under a second on good iron. Oh, so you don't use OpenLDAP? --Tonni -- Tony Earnshaw reservebergenser |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: nss_ldap using sasl with gssapi. Kerberos credentials cache problem[Scanned]: 00022, Howard Wilkinson |
|---|---|
| Next by Date: | Re: slow group membership lookup: 00022, Frode Nordahl |
| Previous by Thread: | slow group membership lookupi: 00022, Joe Lin |
| Next by Thread: | Re: slow group membership lookup: 00022, Frode Nordahl |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |