Hi members, I'm running openLdap 2.3.43 on CentOS 5.3. At the moment queries that return one entry of 20 take between 300ms and 600ms. The objectClass of the objects I query has no influence. The acl rules that allow users to write have also no significant influence on query speed. If I add
index telephoneNumber eq
to my slapd.conf, queries with (telephoneNumber=123) are very fast but return zero results although they should return one.
Any ideas? I'm running out of ideas (Maybe because I'm new to LDAP :) )
Thanks in advance
Jan
--------------------------------------------------------------------------------
Here is my slapd.conf
include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema
allow bind_v2
pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args
loglevel acl
database bdb suffix "dc=myDomain" rootdn "cn=admin,dc=myDomain" rootpw {SSHA}basdfasdfasdfasdfv
directory /var/lib/ldap
# Indices to maintain for this database index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub
set_cachesize 0 2097152 0 dbconfig set_lk_max_objects 1500 dbconfig set_lk_max_locks 1500 dbconfig set_lk_max_lockers 1500
access to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=myDomain" write by anonymous auth by self write by * none
access to dn.base="" by users read by dn="cn=admin,dc=myDomain" write
access to dn.exact="dc=myDomain" by * read
access to dn.exact="ou=users,dc=myDomain" by * read
access to dn.sub="ou=users,dc=myDomain" filter=(objectclass=person) by set="user & ([cn=UserManagement,ou=roleRights,dc=myDomain]/member*)" write by self read
access to dn.sub="ou=roles,ou=users,dc=myDomain" by set="user & ([cn=UserManagement,ou=roleRights,dc=myDomain]/member*)" write by * read
access to dn.sub="ou=configs,dc=myDomain" by * read
access to dn.sub="ou=contacts,dc=myDomain" by set="user & ([cn=UserManagement,ou=roleRights,dc=myDomain]/member*)" write by * read
access to dn.sub="ou=roleRights,dc=myDomain" by set="user & ([cn=UserManagement,ou=roleRights,dc=myDomain]/member*)" write by * read
--------------------------------------------------------------------------------- And also DB_CONFIG
set_cachesize 0 20097152 0 set_lk_max_objects 1500 set_lk_max_locks 1500 set_lk_max_lockers 1500