Re: slow bind

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Jacob

Here is a little code snippet from a search in AD. I am using ldaps to
talk to our AD DCs, hence the TLS options.

#-----------------------------------------------------------------------------#
# Make LDAP connection to AD

# Tip from python-ldap list
ldap.set_option(ldap.OPT_REFERRALS,0)

# Another tip from python-ldap list
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT,ldap.OPT_X_TLS_NEVER)

# Open the LDAPS connection to AD
try:
  l = ldap.initialize(myAdLdapUri)
except ldap.LDAPError,e:
  print e
  sys.exit(1)

# Set protocol version to LDAPv3
l.protocol_version = ldap.VERSION3

# Bind to AD
try:
  l.simple_bind(myAdBindDn,myAdPasswd)
except ldap.LDAPError, e:
  print e
  sys.exit(1)

On Wed, 2005-07-27 at 17:12 -0500, jacob martinson wrote: 
> I have a small script using python-ldap in python-2.3 and it takes
> about 3.5 seconds to perform a simple bind to our server.  I can
> perform a complete search from the command line with ldapsearch in
> about 0.02 sec.
> 
> I've appended the code & timing output.  Am I missing something here?
> 
> Thanks!
> 
> -Jacob
> 
> 
> $ time ldapsearch -x -h host -D "cn=Jones\, Bob,cn=Users,dc=dom,dc=com" \
> > -w pass -b "cn=users,dc=dom,dc=com" "sAMAccountName=acct" mail
> # extended LDIF
> #
> # LDAPv3
> <snip>
> # search result
> search: 2
> result: 0 Success
> # numResponses: 2
> # numEntries: 1
> 
> real    0m0.024s
> user    0m0.003s
> sys     0m0.006s
> 
> $ cat ldaptest.py
> #!/usr/bin/python
> 
> import ldap
> import profile
> import time
> 
> from pprint import pprint
> 
> def ldapsearch():
>         passwd='adsf'
> 
>         t0 = time.time()
>         l = ldap.initialize("ldap://server:389")
>         t1 = time.time()
>         print 'ldap.initialize() ' + str(t1 - t0)
> 
>         t0 = time.time()
>         l.bind(who="cn=Jones\,
> Bob,cn=Users,dc=dom,dc=com",cred=passwd,method=ldap.AUTH_SIMPLE)
>         t1 = time.time()
>         print 'l.bind()          ' + str(t1 - t0)
> 
>         t0 = time.time()
>         msgid =
> l.search(base="cn=users,dc=dom,dc=com",scope=ldap.SCOPE_SUBTREE,filterstr="sAMAccountName=acct",attrlist=['mail'])
>         t1 = time.time()
>         print 'l.search()        ' + str(t1 - t0)
> 
>         t0 = time.time()
>         res = l.result(msgid)
>         t1 = time.time()
>         print 'l.result()        ' + str(t1 - t0)
> 
> 
> if __name__ == '__main__':
>         ldapsearch()
> 
> which produces:
> 
> $ time ./ldaptest.py
> ldap.initialize() 0.00811719894409
> l.bind()          3.45404982567
> l.search()        0.00253987312317
> l.result()        0.00940012931824
> 
> real    0m3.557s
> user    0m0.030s
> sys     0m0.070s

-- 
Sean