RE: [webmin-l] LDAP User and Groups module Performance

[Jamie C. <jca...@we...>]

That nsswitch.conf file looks OK to me ..
How many LDAP users and groups do you have though?

 - Jamie

Glenn Arnold wrote ..
> Jamie,
> 
> I just watched the LDAP page load with top and it peaked at 71% on both
> processors with no one on the server except me.  Here is nsswitch.conf
> 
> # /etc/nsswitch.conf
> #
> # An example Name Service Switch config file. This file should be
> # sorted with the most-used services at the beginning.
> #
> # The entry '[NOTFOUND=return]' means that the search for an
> # entry should stop if the search in the previous entry turned
> # up nothing. Note that if the search failed due to some other reason
> # (like no NIS server responding) then the search continues with the
> # next entry.
> #
> # Legal entries are:
> #
> #       nisplus or nis+         Use NIS+ (NIS version 3)
> #       nis or yp               Use NIS (NIS version 2), also called YP
> #       dns                     Use DNS (Domain Name Service)
> #       files                   Use the local files
> #       db                      Use the local database (.db) files
> #       compat                  Use NIS on compat mode
> #       hesiod                  Use Hesiod for user lookups
> #       [NOTFOUND=return]       Stop searching if not found so far
> #
>                                                               
> # To use db, put the "db" in front of "files" for entries you want to be
> # looked up first in the databases
> #
> # Example:
> #passwd:    db files nisplus nis
> #shadow:    db files nisplus nis
> #group:     db files nisplus nis
> 
> passwd:     files ldap
> shadow:     files ldap
> group:      files ldap
> 
> #hosts:     db files nisplus nis dns
> hosts:      files dns
> 
> # Example - obey only what nisplus tells us...
> #services:   nisplus [NOTFOUND=return] files
> #networks:   nisplus [NOTFOUND=return] files
> #protocols:  nisplus [NOTFOUND=return] files
> #rpc:        nisplus [NOTFOUND=return] files
> #ethers:     nisplus [NOTFOUND=return] files
> #netmasks:   nisplus [NOTFOUND=return] files
> 
> bootparams: nisplus [NOTFOUND=return] files
> 
> ethers:     files
> netmasks:   files
> networks:   files
> protocols:  files ldap
> rpc:        files
> services:   files ldap
> 
> netgroup:   files ldap
> 
> publickey:  nisplus
> 
> automount:  files ldap
> aliases:    files nisplus
> 
> Here is ldap.conf
> HOST 127.0.0.1
> BASE dc=mthcs,dc=net
> rootbinddn cn=nssldap,ou=DSA,dc=mthcs,dc=net
> nss_base_passwd         dc=mthcs,dc=net?sub
> nss_base_shadow         dc=mthcs,dc=net?sub
> nss_base_group          ou=Groups,dc=mthcs,dc=net?one
> 
> ssl no
> 
> Here is slapd.conf
> directory       /var/lib/ldap
> 
> #performance mods
> loglevel 0
> sizelimit 100000
> cachesize 100000
> dbcachesize 1000000
> 
> # Indices to maintain
> index   objectClass,uidNumber,gidNumber                 eq
> index   cn,sn,uid,displayName                           pres,sub,eq
> index   memberUid,mail,givenname                eq,subinitial
> index   sambaSID,sambaPrimaryGroupSID,sambaDomainName   eq
> 
> On the Other 'Other objectClasses to add to new users' I found on debian
> wiki that you put to inetOrgPerson in the Other objectClasses to add to
> new users' line.  Now I can add user with no problems.  But, I still get
> high cpu utilization up to 95% on both processors when using the add
> LDAP users screen.
> 
> Thanks
> -Glenn
> 
> 
> 
> -----Original Message-----
> From: Jamie Cameron [mailto:jca...@we...] 
> Sent: Wednesday, December 29, 2004 6:02 PM
> To: web...@li...
> Subject: Re: [webmin-l] LDAP User and Groups module Performance
> 
> Glenn Arnold wrote ..
> > When I click on add LDAP user in LDAP Users and Groups it takes a good
> > minute or longer to come up to the Create User property page. I admit
> my
> > server is ancient, but a Compaq Proliant 7000 PII 450MHZ Xeon with 2MB
> > cache with 2.5GB of Ram and a SCSI RAID 5 should run webmin sufficient
> > .
> > What do you think? All the other webmin modules work fine it is just
> > creating users in LDAP Users and Groups take a long time.
> 
> There are a few possible causes for this, such as having a large number
> of users
> on the system, or an nsswitch.conf mis-configuration. When the page is
> loading, is
> the CPU load on your system excessively high?
> 
> >I also get the
> > following error: 
> > Failed to save user : Failed to add user to LDAP database : no
> > structural object class provided when creating a user with webmin. I
> > followed the instructions for setting up LDAP from idealx.org. I can
> use
> > Idealx's webmin module and create the user with no problem , but the
> > idealx module does not have the features that the native webmin's
> does.
> > Also, I can run phpldapadmin and create users with it runs very well,
> > but it has some things about it I do not like. Any help would be
> > appreciated. 
> 
> It sounds like Webmin isn't setting a needed object class when creating
> users.
> On the Module Config page of the LDAP module is a field called 'Other
> objectClasses
> to add to new users' which you should fill in which whatever classes are
> set by
> phpldapadmin - most likely one like 'person' is missing.
> 
>  - Jamie