Greetings,
We have been attempting to set up a centos ldap server and then tried to log in with a user account specified in our ldap environment on a centos workstation.
As soon as we attempt any kind of login from the centos workstation, be it via gdm or su ldap_user, the slapd process on the ldap server goes to 100% cpu.
Is this normal behaviour?
Darod Zyree wrote:
Greetings,
We have been attempting to set up a centos ldap server and then tried to log in with a user account specified in our ldap environment on a centos workstation.
As soon as we attempt any kind of login from the centos workstation, be it via gdm or su ldap_user, the slapd process on the ldap server goes to 100% cpu.
Is this normal behaviour?
As underwhelmed as I was when I was working with openldap a few years ago, I never saw that behaviour. My first thought would be to wonder if you had some circular loops in your configuration. You have tried doing lookups of users using the ldap tool, right?
mark
2012/9/21 m.roth@5-cent.us:
Darod Zyree wrote:
Greetings,
We have been attempting to set up a centos ldap server and then tried to log in with a user account specified in our ldap environment on a centos workstation.
As soon as we attempt any kind of login from the centos workstation, be it via gdm or su ldap_user, the slapd process on the ldap server goes to 100% cpu.
Is this normal behaviour?
As underwhelmed as I was when I was working with openldap a few years ago, I never saw that behaviour. My first thought would be to wonder if you had some circular loops in your configuration. You have tried doing lookups of users using the ldap tool, right?
mark
You mean something like this?
[root@pc1 /]# ldapsearch -x -b "cn=Darod Zyree,ou=users,dc=local,dc=test" # extended LDIF # # LDAPv3 # base <cn=Darod Zyree,ou=users,dc=local,dc=test> with scope subtree # filter: (objectclass=*) # requesting: ALL #
# Darod Zyree, users, local.test dn: cn=Darod Zyree,ou=users,dc=local,dc=test cn: Darod Zyree givenName: Darod gidNumber: 500 sn: Zyree objectClass: inetOrgPerson objectClass: posixAccount objectClass: top userPassword:: e01ENX03cVVOakFLS1ZBVkZhMWhXaWNTaE1BPT0= uidNumber: 1000 uid: dzyree loginShell: /bin/bash homeDirectory: /home/dzyree
# search result search: 2 result: 0 Success
# numResponses: 2 # numEntries: 1
This works on both the server and the workstation without any issue, not even causing 100% slapd cpu.
On Sep 21, 2012, at 8:05 AM, Darod Zyree wrote:
Greetings,
We have been attempting to set up a centos ldap server and then tried to log in with a user account specified in our ldap environment on a centos workstation.
As soon as we attempt any kind of login from the centos workstation, be it via gdm or su ldap_user, the slapd process on the ldap server goes to 100% cpu.
Is this normal behavior?
---- definitely not
as a server, OpenLDAP resources will use RAM based upon the number of entries but until you get upwards of 100,000 entries it shouldn't be of any concern and CPU usage should be extremely light save the brief moment of starting the daemon.
Craig
On Fri, 21 Sep 2012, Craig White wrote:
as a server, OpenLDAP resources will use RAM based upon the number of entries but until you get upwards of 100,000 entries it shouldn't be of any concern and CPU usage should be extremely light save the brief moment of starting the daemon.
As an example, I run three OpenLDAP servers that are accessed through a load balancer from 400+ clients. Total CPU usage of all three servers by slapd averages a bit less than 2 hours per day.
Steve
-
Craig White -
Darod Zyree -
m.roth@5-cent.us -
Steve Thompson