Hi members,
I'm running openLdap 2.3.43 on CentOS 5.3.
At the moment queries that return one entry of 20 take between 300ms and
600ms. The objectClass of the objects I query has no influence. The acl
rules that allow users to write have also no significant influence on
query speed. If I add
index telephoneNumber eq
to my slapd.conf, queries with (telephoneNumber=123) are very fast but
return zero results although they should return one.
Any ideas? I'm running out of ideas (Maybe because I'm new to LDAP :) )
Thanks in advance
Jan
--------------------------------------------------------------------------------
Here is my slapd.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
allow bind_v2
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
loglevel acl
database bdb
suffix "dc=myDomain"
rootdn "cn=admin,dc=myDomain"
rootpw {SSHA}basdfasdfasdfasdfv
directory /var/lib/ldap
# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
set_cachesize 0 2097152 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
access to attrs=userPassword,shadowLastChange
by dn="cn=admin,dc=myDomain" write
by anonymous auth
by self write
by * none
access to dn.base=""
by users read
by dn="cn=admin,dc=myDomain" write
access to dn.exact="dc=myDomain"
by * read
access to dn.exact="ou=users,dc=myDomain"
by * read
access to dn.sub="ou=users,dc=myDomain"
filter=(objectclass=person)
by set="user &
([cn=UserManagement,ou=roleRights,dc=myDomain]/member*)" write
by self read
access to dn.sub="ou=roles,ou=users,dc=myDomain"
by set="user &
([cn=UserManagement,ou=roleRights,dc=myDomain]/member*)" write
by * read
access to dn.sub="ou=configs,dc=myDomain"
by * read
access to dn.sub="ou=contacts,dc=myDomain"
by set="user &
([cn=UserManagement,ou=roleRights,dc=myDomain]/member*)" write
by * read
access to dn.sub="ou=roleRights,dc=myDomain"
by set="user &
([cn=UserManagement,ou=roleRights,dc=myDomain]/member*)" write
by * read
---------------------------------------------------------------------------------
And also DB_CONFIG
set_cachesize 0 20097152 0
set_lk_max_objects 1500
set_lk_max_locks 1500
set_lk_max_lockers 1500