FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 07-21-2010, 03:37 PM
Gerrard Geldenhuis
 
Default Large amount of users in Directory causes timeouts on client login.

Snip snip

>> Any thoughts or steering in the right direction would be appreciated.
>>
>
>run logconv.pl
>
>> The documentation states a few default indexes that gets created and I would have thought that these would be adequate for effectively finding a user in a >larger database.
>>

running logconv.pl has turned up empty handed no recommendations or problems. I can do a ldapsearch from the client which turns up all of the neccesary information. nscd is not running so can't interfere. It looks like a client problem. I am digging further...

Regards

__________________________________________________ ______________________
In order to protect our email recipients, Betfair Group use SkyScan from
MessageLabs to scan all Incoming and Outgoing mail for viruses.

__________________________________________________ ______________________
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 07-22-2010, 09:51 AM
Gerrard Geldenhuis
 
Default Large amount of users in Directory causes timeouts on client login.

>________________________________________
>From: 389-users-bounces@lists.fedoraproject.org [389-users-bounces@lists.fedoraproject.org] on behalf of Gerrard Geldenhuis [Gerrard.Geldenhuis@betfair.com]
>Sent: 21 July 2010 16:37
>To: General discussion list for the 389 Directory server project.
>Subject: Re: [389-users] Large amount of users in Directory causes timeouts on client login.
>
>Snip snip
>
>>> Any thoughts or steering in the right direction would be appreciated.
>>>
>>
>>run logconv.pl
>>
>>> The documentation states a few default indexes that gets created and I would have thought that these would be adequate for effectively finding a user in a >>larger database.
>>>
>
>running logconv.pl has turned up empty handed no recommendations or problems. I can do a ldapsearch from the client which turns up all of the neccesary >information. nscd is not running so can't interfere. It looks like a client problem. I am digging further...
>
>Regards

Problem turns out to be simple, the authenticator user that we used to bind to the directory runs into a adminLimitExceeded when looking at a tcpdump. I could also recreate the problem by doing the search from the command line. The solution I think will be to either implement some additional filtering when doing a search or increasing the search limit for this user. This same limit does not exist for the cn=Directory Manager user.

Regards

__________________________________________________ ______________________
In order to protect our email recipients, Betfair Group use SkyScan from
MessageLabs to scan all Incoming and Outgoing mail for viruses.

__________________________________________________ ______________________
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 07-22-2010, 02:44 PM
Rich Megginson
 
Default Large amount of users in Directory causes timeouts on client login.

Gerrard Geldenhuis wrote:
>> ________________________________________
>> From: 389-users-bounces@lists.fedoraproject.org [389-users-bounces@lists.fedoraproject.org] on behalf of Gerrard Geldenhuis [Gerrard.Geldenhuis@betfair.com]
>> Sent: 21 July 2010 16:37
>> To: General discussion list for the 389 Directory server project.
>> Subject: Re: [389-users] Large amount of users in Directory causes timeouts on client login.
>>
>> Snip snip
>>
>>
>>>> Any thoughts or steering in the right direction would be appreciated.
>>>>
>>>>
>>> run logconv.pl
>>>
>>>
>>>> The documentation states a few default indexes that gets created and I would have thought that these would be adequate for effectively finding a user in a >>larger database.
>>>>
>>>>
>> running logconv.pl has turned up empty handed no recommendations or problems. I can do a ldapsearch from the client which turns up all of the neccesary >information. nscd is not running so can't interfere. It looks like a client problem. I am digging further...
>>
>> Regards
>>
>
> Problem turns out to be simple, the authenticator user that we used to bind to the directory runs into a adminLimitExceeded when looking at a tcpdump. I could also recreate the problem by doing the search from the command line. The solution I think will be to either implement some additional filtering when doing a search or increasing the search limit for this user. This same limit does not exist for the cn=Directory Manager user.
>
That problem should have been revealed by logconv.pl

See also
http://www.redhat.com/docs/manuals/dir-server/8.1/admin/User_Account_Management-Setting_Resource_Limits_Based_on_the_Bind_DN.html
> Regards
>
> __________________________________________________ ______________________
> In order to protect our email recipients, Betfair Group use SkyScan from
> MessageLabs to scan all Incoming and Outgoing mail for viruses.
>
> __________________________________________________ ______________________
> --
> 389 users mailing list
> 389-users@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>

--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 

Thread Tools




All times are GMT. The time now is 12:12 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org