Hi list,
It's been a few days and I just wanted to check back to see if anyone had any troubleshooting tips that might help to solve this situation that I'm dealing with as I'm still a relatively new LDAP admin. I really appreciated your advice in the past and have overcome some very significant technical hurdles with your assistance on a number of occasions.
Thanks in advance!and I would like to wish you a belated happy new year!
Tim
On Sun, Jan 2, 2011 at 12:58 AM, bluethundr bluethundr@gmail.com wrote:
Hello list!!
I would greatly appreciate your help with an issue I am having here. It seems that when you log into hosts on the network via ldap authentication, said authentication is extremely sloooowww... on the order of up to 30 seconds to log in! I could use some assistance in correlating the information in the logs with the way that slapd.conf is configured.
What I did to capture the event in the logs was to (after backing them up) empty them with cat /dev/null > /var/log/openldap.log and then log into a host on the network via an ldap account. Right after login was finished I copied the log file to another location on the nas and enclosed it here. Therefore it reflects only what happened during the login. I've also enclosed my slapd.conf and ldap schema as attachments for your perusal.
I've attempted adding some indexes to the configuration to alleviate the situation but unfortunately this had no effect. The ones I added were uid and uidNumber which I've read can help address this sort of situation.
[root@LBSD2:~]#grep -i index /usr/local/etc/openldap/slapd.conf index objectClass,uid,uidNumber eq index sudoUser eq
thanks in advice with any assistance you can provide.
best regards
-- GPG me!!
gpg --keyserver pgp.mit.edu --recv-keys F186197B
2011/1/4 bluethundr bluethundr@gmail.com:
Hi list,
It's been a few days and I just wanted to check back to see if anyone had any troubleshooting tips that might help to solve this situation that I'm dealing with as I'm still a relatively new LDAP admin. I really appreciated your advice in the past and have overcome some very significant technical hurdles with your assistance on a number of occasions.
Thanks in advance!and I would like to wish you a belated happy new year!
Tim
On Sun, Jan 2, 2011 at 12:58 AM, bluethundr bluethundr@gmail.com wrote:
Hello list!!
I would greatly appreciate your help with an issue I am having here. It seems that when you log into hosts on the network via ldap authentication, said authentication is extremely sloooowww... on the order of up to 30 seconds to log in! I could use some assistance in correlating the information in the logs with the way that slapd.conf is configured.
What I did to capture the event in the logs was to (after backing them up) empty them with cat /dev/null > /var/log/openldap.log and then log into a host on the network via an ldap account. Right after login was finished I copied the log file to another location on the nas and enclosed it here. Therefore it reflects only what happened during the login. I've also enclosed my slapd.conf and ldap schema as attachments for your perusal.
I've attempted adding some indexes to the configuration to alleviate the situation but unfortunately this had no effect. The ones I added were uid and uidNumber which I've read can help address this sort of situation.
[root@LBSD2:~]#grep -i index /usr/local/etc/openldap/slapd.conf index objectClass,uid,uidNumber eq index sudoUser eq
thanks in advice with any assistance you can provide.
best regards
-- GPG me!!
gpg --keyserver pgp.mit.edu --recv-keys F186197B
-- GPG me!!
gpg --keyserver pgp.mit.edu --recv-keys F186197B
Hi
It looks like DNS issue, not LDAP. Try setting "UseDNS no" in sshd_config
openldap-technical@openldap.org
-
bluethundr -
c0re