jabirahmed has asked for the wisdom of the Perl Monks concerning the following question:

Hello, I have a perl script which occasionaly last for ever trying to locate the users from openldap server. I have read that its a known issue. Is there anyone who could tell me the other way to read the users from the ldap directory using the uid clause? Thanks Jabir

Replies are listed 'Best First'.
Re: Ldap Search Hangs.
by wazzuteke (Hermit) on Dec 01, 2005 at 13:28 UTC
    Most of the time I have seem this type of problem has been for one of two reasons:

    1. Running searches against an un-indexed field
    2. Database indexes have become corrupted

    In the case of #1, I would make sure you are not searching on any fields that are not indexed. This will be very slow every time.

    In the case of #2, there are a number of commands you can run to re-index the database. For this, I would take a look at the OpenLDAP documentation for more infomration on slapadd, slapcat, and slapindex.

    Either alone or together, both conditions will allow for extremely slow searches. However, if both are resolved, they should be as fast as ever.

    One last note: a final solution could be to completely re-build the database from scratch, using a backup of the LDAP data. This method is usually never preferred, however it's sometimes the only way to gain all the integrity of the database back.

    Good Luck!

    ---hA||ta----
    print map{$_.' '}grep{/\w+/}@{[reverse(qw{Perl Code})]} or die while ( 'trying' );
[reply]
[d/l]
Re: Ldap Search Hangs.
by ghenry (Vicar) on Dec 01, 2005 at 16:53 UTC

    Does the LDAP server address resolve ok?

    Walking the road to enlightenment... I found a penguin and a camel on the way.....
    Fancy a yourname@perl.me.uk? Just ask!!!
[reply]
Re: Ldap Search Hangs.
by converter (Priest) on Dec 02, 2005 at 12:50 UTC

    Your slow response times are probably due to a problem with your slapd configuration or a resource issue (heavy IO on the server or a networking problem).

    What is loglevel set to in slapd.conf? A loglevel setting of anything other than 1 (the default) or zero has the potential to generate a lot of additional I/O. A setting of -1 can bring a loaded server to its knees because it logs all debug information and operation stats.

    If loglevel is zero or one then the cause of the slow responses probably lies elsewhere. Setting the loglevel to -1 and running a few queries is the quickest way to learn if there are any problems with your slapd configuration (don't leave loglevel set to -1 any longer than required for troubleshooting if this is a production server).

    Off the top of my head, a couple of things that can lead to slow reponses are: incorrectly configured backend, authentication mechanisms, network configuration or failure.

    If logging reveals a problem on the server you should probably consult the OpenLDAP mailing lists, they're very helpful.

    The settings for loglevel are documented in the slapd.conf man page.

    converter

[reply]

Back to Seekers of Perl Wisdom