Hello
We're switching our college to openldap and I'm struggling a bit with decisions on indexing (all other parts - base functionality, replication, ACLs - are setup and working fine) . Maybe this list will help? What to index and why?
Our setup is as follows:
-----------------------------------------
a) 4 incoming MX servers running portfix. /etc/postfix/ldap-aliases.cf file is as follows:
server_host = ldap://localhost ldap://mailhub3 bind = no search_base = dc=college, dc=edu query_filter = mail=%s@college.edu result_attribute = maildrop
-----------------------------------------
b) 2 outgoing smtp servers purring postfix and sasl. /etc/saslauthd.conf:
ldap_servers: ldaps://localhost/ ldap_auth_method: fastbind ldap_filter: uid=%u,dc=college,dc=edu ldap_tls_check_peer: no
-------------------------------------------
c) 2 radius servers for wifi authentication:
basedn = "dc=college,dc=edu" filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})" password_attribute = userPassword
-------------------------------------------
d) IMAP servers - real unix users, using LDAP for system authentication - pretty standard setup.
pam_filter objectclass=posixAccount
---------------------------------------------
On all of these I have following indices:
index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub
I suspect I don't need some (or most) of them.
Thank you - Vadim