Hi,
We have a simple installation of 389DS, a master/slave installation.
Our directory server is mainly used with our mail and portal servers for now.
We did create some custom attributes for our needs.
Here is a simple entry model :
uid=lastname.firstname,ou=
dn: uid=lastname.firstname,ou=
ou: SUPPORT TEAM
recruitmentDate: 20030510
mailQuota: 2048576000
teletexTerminalIdentifier: 3053
maidenName: MaindeName
employeeNumber: 28813
gender: F
departmentNumber: 1121
employeeType: S
mailAlternateAddress: f.lastname@xxxxxxxxxx
displayName: Lastname Firstname
mail: lastname.firstname@xxxxxxxxxx
jobTitle: Supervisor
sn: Firstname
cn: Lastname
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
objectClass: shadowAccount
objectClass: mailrecipient
objectClass: customprofile
mailMessageStore: /var/vmail/lastname.firstname
uid: lastname.firstname
mailHost: mail.domain.tld
title: M
userPassword:: e1NIQX02TjBCaXpjcWRkNVJCUXlyVH
webtelxmail : f.lastname@xxxxxxxxxxxxxxxx
Unindexed Search #32105 (notes=A)
- Date/Time: 13/Jan/2017:01:21:49
- Connection Number: 434118
- Operation Number: 74292
- Etime: 0
- Nentries: 0
- IP Address: 172.16.16.9
- Search Base: ou=people,dc=domain,dc=tld
- Search Scope: 2 (subtree)
- Search Filter: (&(null=uid=lastname.lastname,ou=people,dc=domain,dc=tld))
- Bind DN: cn=directory manager
Unindexed Search #76240 (notes=A)
- Date/Time: 13/Jan/2017:00:16:55
- Connection Number: 433231
- Operation Number: 205936
- Etime: 0
- Nentries: 0
- IP Address: Unknown_Host
- Search Base: ou=people,dc=domain,dc=tld
- Search Scope: 2 (subtree)
- Search Filter: (&(null=uid=lastname2.firstname2,ou=people,dc=domain,dc=tld))
Unindexed Component #1 (notes=U)
- Date/Time: 13/Jan/2017:00:01:19
- Connection Number: 433951
- Operation Number: 1
- Etime: 0
- Nentries: 0
- IP Address: 172.16.16.1
- Search Base: ou=people,dc=domain,dc=tld
- Search Scope: 2 (subtree)
- Search Filter: (&(objectclass=*)(uid=pat))
- Bind DN: uid=dovecot,dc=domain,dc=tld
In the end of the result file we got this :
FDs Taken: 573
FDs Returned: 569
Highest FD Taken: 81
Broken Pipes: 0
Connections Reset By Peer: 0
Resource Unavailable: 235
- 235 (T1) Idle Timeout Exceeded
Max BER Size Exceeded: 0
Binds: 4627
Unbinds: 45
- LDAP v2 Binds: 24
- LDAP v3 Binds: 4603
- AUTOBINDs: 0
- SSL Client Binds: 0
- Failed SSL Client Binds: 0
- SASL Binds: 0
- Directory Manager Binds: 4
- Anonymous Binds: 24
- Other Binds: 4599
----- Connection Latency Details -----
(in seconds) <=1 2 3 4-5 6-10 11-15 >15
--------------------------------------------------------------------------
(# of connections) 250 8 3 5 55 4 244
----- Current Open Connection IDs -----
Conn Number: 434505 (172.16.16.8)
Conn Number: 434171 (172.16.16.9)
Conn Number: 434506 (172.16.16.8)
Conn Number: 434301 (172.16.16.9)
Conn Number: 434150 (172.16.16.9)
Conn Number: 434118 (172.16.16.9)
Conn Number: 434507 (172.16.16.8)
Conn Number: 434508 (172.16.16.8)
Conn Number: 434504 (172.16.16.8)
----- Errors -----
err=0 295657 Successful Operations
err=32 627 No Such Object
err=49 44 Invalid Credentials (Bad Password)
err=4 24 Size Limit Exceeded
err=11 6 Administrative Limit Exceeded (Look Through Limit)
----- Top 10 Failed Logins ------
12 uid=lastname.firstname,ou=people,dc=domain,dc=tld
12 uid=admin,ou=people,dc=domain,dc=tld
8 uid=lastname10.firstname10,ou=people,dc=domain,dc=tld
4 uid=lastname11.firstname11,ou=people,dc=domain,dc=tld
3 uid=lastname12.firstname12,ou=people,dc=domain,dc=tld
3 uid=lastname13.firstname13,ou=people,dc=domain,dc=tld
2 uid=dakar,ou=people,dc=domain,dc=tld
From the IP address(s) :
32 Unknown_Host
12 172.16.16.1
----- Total Connection Codes -----
B1 289 Bad Ber Tag Encountered
T1 235 Idle Timeout Exceeded
U1 45 Cleanly Closed Connections
----- Top 10 Clients -----
Number of Clients: 4
[1] Client: 172.16.16.8
308 - Connections
235 - T1 (Idle Timeout Exceeded)
68 - B1 (Bad Ber Tag Encountered)
[2] Client: 172.16.16.1
221 - Connections
221 - B1 (Bad Ber Tag Encountered)
[3] Client: 172.16.16.14
24 - Connections
24 - U1 (Cleanly Closed Connections)
[4] Client: 172.16.16.9
20 - Connections
16 - U1 (Cleanly Closed Connections)
----- Top 10 Bind DN's -----
Number of Unique Bind DN's: 368
529 uid=dovecot,dc=domain,dc=tld
242 uid=helpdesk-ventes,ou=people,dc=domain,dc=tld
182 uid=helpdesk,ou=people,dc=domain,dc=tld
161 uid=lastname.firstname,ou=people,dc=domain,dc=tld
122 uid=lastname2.firstname2,ou=people,dc=domain,dc=tld
121 uid=lastname3.firstname3,ou=people,dc=domain,dc=tld
120 uid=lastname4.firstname4,ou=people,dc=domain,dc=tld
119 uid=lastname5.firstname5,ou=people,dc=domain,dc=tld
110 uid=lastname6.firstname6,ou=people,dc=domain,dc=tld
110 uid=lastname7.firstname7,ou=people,dc=domain,dc=tld
----- Top 10 Search Bases -----
Number of Unique Search Bases: 7628
192079 ou=people,dc=domain,dc=tld
352 uid=postmaster,ou=people,dc=domain,dc=tld
254 uid=helpdesk-ventes,ou=people,dc=domain,dc=tld
208 uid=helpdesk,ou=people,dc=domain,dc=tld
173 uid=lastname20.firstname20,ou=people,dc=domain,dc=tld
145 uid=lastname21.firstname21,ou=people,dc=domain,dc=tld
136 uid=lastname22.firstname22,ou=people,dc=domain,dc=tld
133 uid=lastname23.firstname23,ou=people,dc=domain,dc=tld
132 uid=lastname24.firstname24,ou=people,dc=domain,dc=tld
123 uid=lastname25.firstname25,ou=people,dc=domain,dc=tld
----- Top 10 Search Filters -----
Number of Unique Search Filters: 15887
95285 (objectclass=*)
456 (&(|(mail=domain.tld)(mailalternateaddress=domain.tld))(objectclass=inetorgperson))
352 (&(|(mail=postmaster@xxxxxxxxxx)(mailalternateaddress=postmaster@xxxxxxxxxx))(objectclass=inetorgperson))
242 (&(|(mail=helpdesk-ventes@xxxxxxxxxx)(mailalternateaddress=helpdesk-ventes@xxxxxxxxxx))(objectclass=inetorgperson))
224 (&(|(mail=helpdesk@xxxxxxxxxx)(mailalternateaddress=helpdesk@xxxxxxxxxx))(objectclass=inetorgperson))
161 (&(|(mail=lastname22.firstname22@xxxxxxxxxx)(mailalternateaddress=lastname22.firstname22@xxxxxxxxxx))(objectclass=inetorgperson))
161 (&(|(mail=lastname10.firstname10@xxxxxxxxxx)(mailalternateaddress=lastname10.firstname10@xxxxxxxxxx))(objectclass=inetorgperson))
153 (&(|(mail=lastname15.firstname15@xxxxxxxxxx)(mailalternateaddress=lastname15.firstname15@xxxxxxxxxx))(objectclass=inetorgperson))
----- Top 10 Most Frequent etimes -----
286125 etime=0
10227 etime=1
6 etime=2
----- Top 10 Longest etimes -----
etime=2 6
etime=1 10227
etime=0 286125
----- Top 10 Largest nentries -----
nentries=7622 12
nentries=13 1
nentries=10 1
nentries=6 1
nentries=1 194973
nentries=0 96743
----- Top 10 Most returned nentries -----
194973 nentries=1
96743 nentries=0
12 nentries=7622
1 nentries=13
1 nentries=6
1 nentries=10
----- Top 10 Most Requested Attributes -----
194890 mailQuota
96898 mail
95504 uid
95267 displayName
95267 sn
95261 createTimestamp
95261 creatorsName
95261 employeeType
95261 modifyTimestamp
95261 ou
----- Abandon Request Stats -----
- UNKNOWN conn=433250 op=NOTFOUND msgid=102278 client=Unknown_Host
- UNKNOWN conn=433250 op=NOTFOUND msgid=102667 client=Unknown_Host
- UNKNOWN conn=433250 op=NOTFOUND msgid=89071 client=Unknown_Host
- UNKNOWN conn=434150 op=NOTFOUND msgid=26399 client=172.16.16.9
- UNKNOWN conn=434150 op=NOTFOUND msgid=50332 client=172.16.16.9
- UNKNOWN conn=434150 op=NOTFOUND msgid=54880 client=172.16.16.9
- UNKNOWN conn=433250 op=NOTFOUND msgid=88929 client=Unknown_Host
- UNKNOWN conn=434150 op=NOTFOUND msgid=13986 client=172.16.16.9
- UNKNOWN conn=434150 op=NOTFOUND msgid=21519 client=172.16.16.9
- UNKNOWN conn=434150 op=NOTFOUND msgid=35708 client=172.16.16.9
- UNKNOWN conn=434150 op=NOTFOUND msgid=43639 client=172.16.16.9
- UNKNOWN conn=434150 op=NOTFOUND msgid=44806 client=172.16.16.9
----- Recommendations -----
1. You have unindexed searches, this can be caused from a search on an unindexed attribute, or your returned results exceeded the allidsthreshold. Unindexed searches are not recommended. To refuse unindexed searches, switch 'nsslapd-require-index' to 'on' under your database entry (e.g. cn=UserRoot,cn=ldbm database,cn=plugins,cn=config).
2. You have unindexed components, this can be caused from a search on an unindexed attribute, or your returned results exceeded the allidsthreshold. Unindexed components are not recommended. To refuse unindexed searches, switch 'nsslapd-require-index' to 'on' under your database entry (e.g. cn=UserRoot,cn=ldbm database,cn=plugins,cn=config).
3. You have some connections that are are being closed by the idletimeout setting. You may want to increase the idletimeout if it is set low.
4. You have a significant difference between binds and unbinds. You may want to investigate this difference.
5. You have more abnormal connection codes than cleanly closed connections. You may want to investigate this difference.
Cleaning up temp files...
Done.
FDs Taken: 573
FDs Returned: 569
Highest FD Taken: 81
Broken Pipes: 0
Connections Reset By Peer: 0
Resource Unavailable: 235
- 235 (T1) Idle Timeout Exceeded
Max BER Size Exceeded: 0
Binds: 4627
Unbinds: 45
- LDAP v2 Binds: 24
- LDAP v3 Binds: 4603
- AUTOBINDs: 0
- SSL Client Binds: 0
- Failed SSL Client Binds: 0
- SASL Binds: 0
- Directory Manager Binds: 4
- Anonymous Binds: 24
- Other Binds: 4599
----- Connection Latency Details -----
(in seconds) <=1 2 3 4-5 6-10 11-15 >15
--------------------------------------------------------------------------
(# of connections) 250 8 3 5 55 4 244
----- Current Open Connection IDs -----
Conn Number: 434505 (172.16.16.8)
Conn Number: 434171 (172.16.16.9)
Conn Number: 434506 (172.16.16.8)
Conn Number: 434301 (172.16.16.9)
Conn Number: 434150 (172.16.16.9)
Conn Number: 434118 (172.16.16.9)
Conn Number: 434507 (172.16.16.8)
Conn Number: 434508 (172.16.16.8)
Conn Number: 434504 (172.16.16.8)
----- Errors -----
err=0 295657 Successful Operations
err=32 627 No Such Object
err=49 44 Invalid Credentials (Bad Password)
err=4 24 Size Limit Exceeded
err=11 6 Administrative Limit Exceeded (Look Through Limit)
----- Top 10 Failed Logins ------
12 uid=lastname.firstname,ou=people,dc=domain,dc=tld
12 uid=admin,ou=people,dc=domain,dc=tld
8 uid=lastname10.firstname10,ou=people,dc=domain,dc=tld
4 uid=lastname11.firstname11,ou=people,dc=domain,dc=tld
3 uid=lastname12.firstname12,ou=people,dc=domain,dc=tld
3 uid=lastname13.firstname13,ou=people,dc=domain,dc=tld
2 uid=dakar,ou=people,dc=domain,dc=tld
From the IP address(s) :
32 Unknown_Host
12 172.16.16.1
----- Total Connection Codes -----
B1 289 Bad Ber Tag Encountered
T1 235 Idle Timeout Exceeded
U1 45 Cleanly Closed Connections
----- Top 10 Clients -----
Number of Clients: 4
[1] Client: 172.16.16.8
308 - Connections
235 - T1 (Idle Timeout Exceeded)
68 - B1 (Bad Ber Tag Encountered)
[2] Client: 172.16.16.1
221 - Connections
221 - B1 (Bad Ber Tag Encountered)
[3] Client: 172.16.16.14
24 - Connections
24 - U1 (Cleanly Closed Connections)
[4] Client: 172.16.16.9
20 - Connections
16 - U1 (Cleanly Closed Connections)
----- Top 10 Bind DN's -----
Number of Unique Bind DN's: 368
529 uid=dovecot,dc=domain,dc=tld
242 uid=helpdesk-ventes,ou=people,dc=domain,dc=tld
182 uid=helpdesk,ou=people,dc=domain,dc=tld
161 uid=lastname.firstname,ou=people,dc=domain,dc=tld
122 uid=lastname2.firstname2,ou=people,dc=domain,dc=tld
121 uid=lastname3.firstname3,ou=people,dc=domain,dc=tld
120 uid=lastname4.firstname4,ou=people,dc=domain,dc=tld
119 uid=lastname5.firstname5,ou=people,dc=domain,dc=tld
110 uid=lastname6.firstname6,ou=people,dc=domain,dc=tld
110 uid=lastname7.firstname7,ou=people,dc=domain,dc=tld
----- Top 10 Search Bases -----
Number of Unique Search Bases: 7628
192079 ou=people,dc=domain,dc=tld
352 uid=postmaster,ou=people,dc=domain,dc=tld
254 uid=helpdesk-ventes,ou=people,dc=domain,dc=tld
208 uid=helpdesk,ou=people,dc=domain,dc=tld
173 uid=lastname20.firstname20,ou=people,dc=domain,dc=tld
145 uid=lastname21.firstname21,ou=people,dc=domain,dc=tld
136 uid=lastname22.firstname22,ou=people,dc=domain,dc=tld
133 uid=lastname23.firstname23,ou=people,dc=domain,dc=tld
132 uid=lastname24.firstname24,ou=people,dc=domain,dc=tld
123 uid=lastname25.firstname25,ou=people,dc=domain,dc=tld
----- Top 10 Search Filters -----
Number of Unique Search Filters: 15887
95285 (objectclass=*)
456 (&(|(mail=domain.tld)(mailalternateaddress=domain.tld))(objectclass=inetorgperson))
352 (&(|(mail=postmaster@xxxxxxxxxx)(mailalternateaddress=postmaster@xxxxxxxxxx))(objectclass=inetorgperson))
242 (&(|(mail=helpdesk-ventes@xxxxxxxxxx)(mailalternateaddress=helpdesk-ventes@xxxxxxxxxx))(objectclass=inetorgperson))
224 (&(|(mail=helpdesk@xxxxxxxxxx)(mailalternateaddress=helpdesk@xxxxxxxxxx))(objectclass=inetorgperson))
161 (&(|(mail=lastname22.firstname22@xxxxxxxxxx)(mailalternateaddress=lastname22.firstname22@xxxxxxxxxx))(objectclass=inetorgperson))
161 (&(|(mail=lastname10.firstname10@xxxxxxxxxx)(mailalternateaddress=lastname10.firstname10@xxxxxxxxxx))(objectclass=inetorgperson))
153 (&(|(mail=lastname15.firstname15@xxxxxxxxxx)(mailalternateaddress=lastname15.firstname15@xxxxxxxxxx))(objectclass=inetorgperson))
----- Top 10 Most Frequent etimes -----
286125 etime=0
10227 etime=1
6 etime=2
----- Top 10 Longest etimes -----
etime=2 6
etime=1 10227
etime=0 286125
----- Top 10 Largest nentries -----
nentries=7622 12
nentries=13 1
nentries=10 1
nentries=6 1
nentries=1 194973
nentries=0 96743
----- Top 10 Most returned nentries -----
194973 nentries=1
96743 nentries=0
12 nentries=7622
1 nentries=13
1 nentries=6
1 nentries=10
----- Top 10 Most Requested Attributes -----
194890 mailQuota
96898 mail
95504 uid
95267 displayName
95267 sn
95261 createTimestamp
95261 creatorsName
95261 employeeType
95261 modifyTimestamp
95261 ou
----- Abandon Request Stats -----
- UNKNOWN conn=433250 op=NOTFOUND msgid=102278 client=Unknown_Host
- UNKNOWN conn=433250 op=NOTFOUND msgid=102667 client=Unknown_Host
- UNKNOWN conn=433250 op=NOTFOUND msgid=89071 client=Unknown_Host
- UNKNOWN conn=434150 op=NOTFOUND msgid=26399 client=172.16.16.9
- UNKNOWN conn=434150 op=NOTFOUND msgid=50332 client=172.16.16.9
- UNKNOWN conn=434150 op=NOTFOUND msgid=54880 client=172.16.16.9
- UNKNOWN conn=433250 op=NOTFOUND msgid=88929 client=Unknown_Host
- UNKNOWN conn=434150 op=NOTFOUND msgid=13986 client=172.16.16.9
- UNKNOWN conn=434150 op=NOTFOUND msgid=21519 client=172.16.16.9
- UNKNOWN conn=434150 op=NOTFOUND msgid=35708 client=172.16.16.9
- UNKNOWN conn=434150 op=NOTFOUND msgid=43639 client=172.16.16.9
- UNKNOWN conn=434150 op=NOTFOUND msgid=44806 client=172.16.16.9
----- Recommendations -----
1. You have unindexed searches, this can be caused from a search on an unindexed attribute, or your returned results exceeded the allidsthreshold. Unindexed searches are not recommended. To refuse unindexed searches, switch 'nsslapd-require-index' to 'on' under your database entry (e.g. cn=UserRoot,cn=ldbm database,cn=plugins,cn=config).
2. You have unindexed components, this can be caused from a search on an unindexed attribute, or your returned results exceeded the allidsthreshold. Unindexed components are not recommended. To refuse unindexed searches, switch 'nsslapd-require-index' to 'on' under your database entry (e.g. cn=UserRoot,cn=ldbm database,cn=plugins,cn=config).
3. You have some connections that are are being closed by the idletimeout setting. You may want to increase the idletimeout if it is set low.
4. You have a significant difference between binds and unbinds. You may want to investigate this difference.
5. You have more abnormal connection codes than cleanly closed connections. You may want to investigate this difference.
Cleaning up temp files...
Done.
Any advice on how to interpret all this data?
Can these problems slow users connection?
Could someone point us to how improve our directory server.
If you need more info let me know.
Thanks in advance.
_______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
