Alfred von Campe wrote: > > On Feb 13, 2008, at 11:37, Scott Silva wrote: > > > I didn't see it but did you do a 'uname-a" on both systems to see > > if one is running a PAE kernel? > > No, that was not it. But I did finally track it down. There > was one > additional difference in the software configuration that I had > forgotten about. The CentOS 5.1 system is in a different NIS domain > and it has Kerberos enabled. We are going to move to an integrated > NIS/AD environment to have a single sign-on for Windows and UNIX/ > Linux, and I was planning to roll that out at the same time > as CentOS > 5.1. The performance issue went away when I used a local account to > do the build, and also on another CentOS 5.1 system (on > identical HW) > that was bound to the old NIS domain. > > Needless to say, we can not roll out CentOS 5.1 in the new NIS > domain. I will be talking to the corporate IT folks tomorrow to > track down what is causing this issue. Ah, I advise using Samba's winbind and the RID idmap backend. Winbind and it's local tdb cache is an order of magnitude faster then NIS and several orders of magnitude faster then nss_ldap. I haven't tested Samba's ldap backend cause we have an AD domain here. Winbind is a whole lot easier to setup and manages the kerberos keytab files too. We have winbind for user/group lookup and kerberos for authentication, works well and is fairly easy to automate setup through kickstart. -Ross ______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.