Do you make the ldapsearch on the same server where ldap server turns?
I think your server does not freeze. When you receive the result search entries the CPU of your server is occupied at 100%. If it is a virtual machine that you are using try to add another cpu. Instead of showing the result on the screen in order to have a more consistent of your test try to redirect it to /dev/null, smth like this :
ldapsearch -Y GSSAPI -h ldap-server.your.domain -b "dc=your,dc=domain" "(objectClass=*)" > /dev/null
And do your ldapsearch on another machine, not on the server...
2009/10/27 Juan Asensio Sánchez <okelet@xxxxxxxxx>
Hi
I have made these changes to the directory:
dn: cn=config
- nsslapd-sizelimit: 50000
- nsslapd-timelimit: 60
- nsslapd-maxdescriptors: 65535
dn: cn=config, cn=ldbm database, cn=plugins, cn=config
- nsslapd-idlistscanlimit: 50000
- nsLookThroughLimit: 50000
- nsslapd-dbcachesize: 838860800 (=800MB)
- nsslapd-allidsthreshold: 10000
dn: cn=database_name, cn=ldbm database, cn=plugins, cn=config (in the
26 databases)
nsslapd-cachememsize: 125829120 (=120MB)
I have reindexed all databases. But the server freezes when making
that query. The server is accepting connections and queries, but not
responding them until all the results of the first query are displayed
in the client (the results starts to display almost immediately, but
keeps 5 minutes displaying the results on the client, and when the
display finishes, the other queries are processed).
Any idea? Regards.
2009/10/26 Rich Megginson <rmeggins@xxxxxxxxxx>:
> Juan Asensio Sánchez wrote:
>>
>> Hi
>>
>> Samba is making a query to our 389 DS (v. 1.2.2, and too older
>> versions) that makes the servers freeze. The server is running, and
>> accepting connections, although the next queries are not processed
>> until the Samba query is returned. This Samba query takes a long time
>> to be returned, because it is searching all databases and all objects
>> in the directory (more than 20000). The filter is
>> "(&(uid=*)(objectClass=sambaSamAccount))". This query is done when
>> executing the command "net user" from a Windows or Linux machine. This
>> queries are executed manually, and intentionally, but should not make
>> the server freeze. Why is this happening? Is there any option to avoid
>> this?
>>
>
> I think you need to increase your nsslapd-idlistscanlimit - see
> http://www.redhat.com/docs/manuals/dir-server/8.1/cli/Configuration_Command_File_Reference-Plug_in_Implemented_Server_Functionality_Reference-Database_Plug_in_Attributes.html#Configuration_Command_File_Reference-Database_Attributes_under_cnconfig_cnldbm_database_cnplugins_cnconfig-nsslapd_idlistscanlimit
> and
> http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Indexes.html#Managing_Indexes-About_Indexes
>>
>> Regards.
>>
>> --
>> 389 users mailing list
>> 389-users@xxxxxxxxxx
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>
>
>
> --
> 389 users mailing list
> 389-users@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
--
389 users mailing list
389-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
-- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users