[Phpgroupware-developers] OpenLDAP for beginners in 0.9.16 configuration

phpgroupware-developers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Phpgroupware-developers] OpenLDAP for beginners in 0.9.16 configuration

From:	Benoit Hamet
Subject:	[Phpgroupware-developers] OpenLDAP for beginners in 0.9.16 configuration
Date:	Wed, 07 Apr 2004 18:58:37 +0200
User-agent:	Mozilla Thunderbird 0.5 (X11/20040306)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all, hi fips,

We just finish to launch our server with LDAP.
As beginners with this we made some mistake.

I think That it could be helpfull to people playing with OpenLDAP, toknow some tricks to improve performance


First, as LDAP is a database, you need to create indexes.
It seems that the following increase a lot the performance :

(in slapd.conf)
index           cn,uid,memberUid pres,eq,approx,sub
index           objectClass,uidNumber,gidNumber eq

memberUid is place here because we use it we Apache LDAP auth on awebdav repository.


sub is perhaps not needed, read the doc to understand the meanings

Then, in the database directory, we add a DB_CONFIG file (this is foruse with bdb backend), with the line:

set_cachesize 0 1024000 1

This will create a cache size of 10MB as explained in the doc.

According to the stats, we have a 98% responses from it.

Then, there is a silly thing : slapd daemon limits the search request to500 entries by default. So If you have more than 500 accounts (which isour case (~1200)), you will get in trouble when trying to create groupsof users for example (only 500 entries ;).

To increase this limit :
(in slapd.conf, first part (before the bdb definition))
sizelimit 5000

Then we increase the cachesize of the slapd-bdb
with the following line :
(in slapd.conf, bdb part)
cachesize 3000

This will help you in improving things.
If you have other advices, please contribute :).

This is - for sure - basics for most of LDAP users in this list, but aswe don't found any advice on this in phpgw directory ( or we miss it ? )this is a small contrib.I will add a more detailed version of this on the wiki, when time willbe better, and add contribution if people reply :).

There is still a problem with the correlation between numbers of users/open connection to LDAP. No test are done yet. But seems that things aregood on our server. Connections are closed at the end of the scriptexecution.



Caeies,
who needs to contact fips asap, to discuss some improvement :)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFAdDNId/RrA5d/NgMRAlhVAJ914LMCqbMWv5ttpj4LRw9+GDqCbQCfToD9
zKt9l1LBVpxhCKSXTVN8jv0=
=BQsL
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

[Phpgroupware-developers] Migration of LDAP Accounts from 0.9.14 to 0.9.16, Philipp Kamps, 2004/04/07
- [Phpgroupware-developers] OpenLDAP for beginners in 0.9.16 configuration, Benoit Hamet <=

Prev by Date: RE: [Phpgroupware-developers] Migration of LDAP Accounts from 0.9 .14 to 0.9.16
Next by Date: [Phpgroupware-developers] To Do List
Previous by thread: [Phpgroupware-developers] Migration of LDAP Accounts from 0.9.14 to 0.9.16
Next by thread: RE: [Phpgroupware-developers] Migration of LDAP Accounts from 0.9 .14 to 0.9.16
Index(es):
- Date
- Thread