[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-developers] OpenLDAP for beginners in 0.9.16 configuration
From: |
Benoit Hamet |
Subject: |
[Phpgroupware-developers] OpenLDAP for beginners in 0.9.16 configuration |
Date: |
Wed, 07 Apr 2004 18:58:37 +0200 |
User-agent: |
Mozilla Thunderbird 0.5 (X11/20040306) |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all, hi fips,
We just finish to launch our server with LDAP.
As beginners with this we made some mistake.
I think That it could be helpfull to people playing with OpenLDAP, to
know some tricks to improve performance
First, as LDAP is a database, you need to create indexes.
It seems that the following increase a lot the performance :
(in slapd.conf)
index cn,uid,memberUid pres,eq,approx,sub
index objectClass,uidNumber,gidNumber eq
memberUid is place here because we use it we Apache LDAP auth on a
webdav repository.
sub is perhaps not needed, read the doc to understand the meanings
Then, in the database directory, we add a DB_CONFIG file (this is for
use with bdb backend), with the line:
set_cachesize 0 1024000 1
This will create a cache size of 10MB as explained in the doc.
According to the stats, we have a 98% responses from it.
Then, there is a silly thing : slapd daemon limits the search request to
500 entries by default. So If you have more than 500 accounts (which is
our case (~1200)), you will get in trouble when trying to create groups
of users for example (only 500 entries ;).
To increase this limit :
(in slapd.conf, first part (before the bdb definition))
sizelimit 5000
Then we increase the cachesize of the slapd-bdb
with the following line :
(in slapd.conf, bdb part)
cachesize 3000
This will help you in improving things.
If you have other advices, please contribute :).
This is - for sure - basics for most of LDAP users in this list, but as
we don't found any advice on this in phpgw directory ( or we miss it ? )
this is a small contrib.
I will add a more detailed version of this on the wiki, when time will
be better, and add contribution if people reply :).
There is still a problem with the correlation between numbers of users/
open connection to LDAP. No test are done yet. But seems that things are
good on our server. Connections are closed at the end of the script
execution.
Caeies,
who needs to contact fips asap, to discuss some improvement :)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFAdDNId/RrA5d/NgMRAlhVAJ914LMCqbMWv5ttpj4LRw9+GDqCbQCfToD9
zKt9l1LBVpxhCKSXTVN8jv0=
=BQsL
-----END PGP SIGNATURE-----