I've a tiny ldap service (only 6000 records) vith openldap 2.3.x rhel5.x master/slave;
The first query takes me over 4 seconds (instead of taking less than 0.1.seconds):
time ldapsearch -x -b "c=it" -s sub "(o=*)" -D "cn=Manager,dc=sir" -h www.example.com -w mypasswd
The same query using one level takes only 0.4 seconds
time ldapsearch -x -b "c=it" -s one "(o=*)" -D "cn=Manager,dc=sir" -h www.example.com -w mypasswd
I've tested the following:
New brand system with openldap 2.4.x rhel6.x mirror mode: both queries take me less than 0.2 seconds
New brand system with the same releases, 2.3.x rhel5.x: both queries take me less than 0.2 seconds
The problem should be in the prod. system:
I've tried almost all: reindexing operations, better indexing options, more cache, better threads tuning, more cpu and ram to the servers ... nothing to do: the first quey takes more than 4 seconds.
The last operation was a "disaster recovery" of the prod. ldap:
1 stop ldap on both systems
2 slapcat to save the last good ldif
3 remove of all databases (rm -fr /var/lib/ldap/*) on both systems
4 recreate dirs, DB_CONFIG and restore ldif; restore permissions
5 start ldap service on both servers
And magically, the issue has gone!
Now first query, yes the "bad" query with the subtree options, works like a charm, giving me the results in less than 0.1 seconds ....
Which could be the root cause? DB defragmentation? I was unable to find the root cause. PLS, help me to find some suggestions.
Regards
Michele Masè