From: Jamie C. <jca...@we...> - 2004-12-30 03:41:45
|
That nsswitch.conf file looks OK to me .. How many LDAP users and groups do you have though? - Jamie Glenn Arnold wrote .. > Jamie, > > I just watched the LDAP page load with top and it peaked at 71% on both > processors with no one on the server except me. Here is nsswitch.conf > > # /etc/nsswitch.conf > # > # An example Name Service Switch config file. This file should be > # sorted with the most-used services at the beginning. > # > # The entry '[NOTFOUND=return]' means that the search for an > # entry should stop if the search in the previous entry turned > # up nothing. Note that if the search failed due to some other reason > # (like no NIS server responding) then the search continues with the > # next entry. > # > # Legal entries are: > # > # nisplus or nis+ Use NIS+ (NIS version 3) > # nis or yp Use NIS (NIS version 2), also called YP > # dns Use DNS (Domain Name Service) > # files Use the local files > # db Use the local database (.db) files > # compat Use NIS on compat mode > # hesiod Use Hesiod for user lookups > # [NOTFOUND=return] Stop searching if not found so far > # > > # To use db, put the "db" in front of "files" for entries you want to be > # looked up first in the databases > # > # Example: > #passwd: db files nisplus nis > #shadow: db files nisplus nis > #group: db files nisplus nis > > passwd: files ldap > shadow: files ldap > group: files ldap > > #hosts: db files nisplus nis dns > hosts: files dns > > # Example - obey only what nisplus tells us... > #services: nisplus [NOTFOUND=return] files > #networks: nisplus [NOTFOUND=return] files > #protocols: nisplus [NOTFOUND=return] files > #rpc: nisplus [NOTFOUND=return] files > #ethers: nisplus [NOTFOUND=return] files > #netmasks: nisplus [NOTFOUND=return] files > > bootparams: nisplus [NOTFOUND=return] files > > ethers: files > netmasks: files > networks: files > protocols: files ldap > rpc: files > services: files ldap > > netgroup: files ldap > > publickey: nisplus > > automount: files ldap > aliases: files nisplus > > Here is ldap.conf > HOST 127.0.0.1 > BASE dc=mthcs,dc=net > rootbinddn cn=nssldap,ou=DSA,dc=mthcs,dc=net > nss_base_passwd dc=mthcs,dc=net?sub > nss_base_shadow dc=mthcs,dc=net?sub > nss_base_group ou=Groups,dc=mthcs,dc=net?one > > ssl no > > Here is slapd.conf > directory /var/lib/ldap > > #performance mods > loglevel 0 > sizelimit 100000 > cachesize 100000 > dbcachesize 1000000 > > # Indices to maintain > index objectClass,uidNumber,gidNumber eq > index cn,sn,uid,displayName pres,sub,eq > index memberUid,mail,givenname eq,subinitial > index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq > > On the Other 'Other objectClasses to add to new users' I found on debian > wiki that you put to inetOrgPerson in the Other objectClasses to add to > new users' line. Now I can add user with no problems. But, I still get > high cpu utilization up to 95% on both processors when using the add > LDAP users screen. > > Thanks > -Glenn > > > > -----Original Message----- > From: Jamie Cameron [mailto:jca...@we...] > Sent: Wednesday, December 29, 2004 6:02 PM > To: web...@li... > Subject: Re: [webmin-l] LDAP User and Groups module Performance > > Glenn Arnold wrote .. > > When I click on add LDAP user in LDAP Users and Groups it takes a good > > minute or longer to come up to the Create User property page. I admit > my > > server is ancient, but a Compaq Proliant 7000 PII 450MHZ Xeon with 2MB > > cache with 2.5GB of Ram and a SCSI RAID 5 should run webmin sufficient > > . > > What do you think? All the other webmin modules work fine it is just > > creating users in LDAP Users and Groups take a long time. > > There are a few possible causes for this, such as having a large number > of users > on the system, or an nsswitch.conf mis-configuration. When the page is > loading, is > the CPU load on your system excessively high? > > >I also get the > > following error: > > Failed to save user : Failed to add user to LDAP database : no > > structural object class provided when creating a user with webmin. I > > followed the instructions for setting up LDAP from idealx.org. I can > use > > Idealx's webmin module and create the user with no problem , but the > > idealx module does not have the features that the native webmin's > does. > > Also, I can run phpldapadmin and create users with it runs very well, > > but it has some things about it I do not like. Any help would be > > appreciated. > > It sounds like Webmin isn't setting a needed object class when creating > users. > On the Module Config page of the LDAP module is a field called 'Other > objectClasses > to add to new users' which you should fill in which whatever classes are > set by > phpldapadmin - most likely one like 'person' is missing. > > - Jamie |