Re: operation on the client is slow when openldap serversare down

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


 
 
nscd turned out to be very helpful.
 
2010-06-11
xufengnju
发件人: Dan Burkland
发送时间: 2010-06-10  21:49:38
收件人: CentOS mailing list
抄送:
主题: Re: [CentOS] operation on the client is slow when openldap serversare down
________________________________________
From: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx] On Behalf Of XUFENG
Sent: Thursday, June 10, 2010 3:54 AM
To: centos@xxxxxxxxxx
Subject: [CentOS] operation on the client is slow when openldap servers are down
 
Hi List,
 
OS: centos5.3 x86_64
OpenLDAP is installed using yum.
 
I find that when all the ldap servers are down and offline, the operations on the client is slow.
When I try to do `ls` on the directories on the client as root, it waits there for some seconds.(root is not local account not via ldap)
But when I power on the openldap servers, it is much better.
 
The configuration on the client:
 
[root@xxxx ~]# cat /etc/ldap.conf 
base dc=xxxx,dc=com
timelimit 1
bind_timelimit 1
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd,gdm
uri ldaps://auth1.xa.xxxx.com:636 ldaps://auth2.xa.xxxx.com:636
ssl on
tls_checkpeer yes
tls_cacertdir /etc/openldap/cacerts
tls_cacertfile /etc/openldap/cacerts/cacert.pem
pam_password md5
bind_policy soft
 
[root@xxxx ~]# cat /etc/openldap/ldap.conf 
URI ldaps://auth1.xa.xxxx.com:636 ldaps://auth2.xa.xxxx.com:636
BASE dc=xxxx,dc=com
TLS_CACERTDIR /etc/openldap/cacerts
TLS_CACERT /etc/openldap/cacerts/cacert.pem
TLS_REQCERT demand
 
[root@xxxx ~]# cat /etc/nsswitch.conf 
passwd:     files ldap
shadow:     files ldap
group:      files ldap
hosts:      files dns
bootparams: nisplus [NOTFOUND=return] files
ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files
netgroup:   files ldap
publickey:  nisplus
automount:  files ldap
aliases:    files nisplus
 
 
Any suggestions?
________________________________________
I don't know for sure if this will help any but have you tried nscd to cache results? 
-Dan
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux