lists.arthurdejong.org
RSS feed

Slow logins

[Date Prev][Date Next] [Thread Prev][Thread Next]

Slow logins



Hi! I am on an ldap server with a large number of users and groups. Logins are 
taking a very long time and upon running nslcd with debug enabled, the service 
is looking up every group and every user within every group. For someone with 
ten or so groups and a couple hundred users in a few of those groups, it ends 
up taking 30 to 40 seconds to login to a box.

Is there any way to stop the group member lookups?

Here's my config:

uid nslcd
gid nslcd

uri     ldap://ldapserver/
base    ou=users,o=org
base    ou=POSIXGroups,o=org

base    group   ou=POSIXGroups,o=org
filter  group   (objectClass=posixGroup)
scope   group   one
base    passwd  ou=users,o=org
filter  passwd  (objectClass=posixAccount)
base    shadow  ou=users,o=org
filter  shadow  (objectClass=posixAccount)

referrals no

ssl start_tls
tls_reqcert allow

nss_initgroups_ignoreusers root,vagrant
pagesize 100


Any help would be greatly appreciated!

Daniel Givens

Attachment: smime.p7s
Description: S/MIME cryptographic signature

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/