Date: Wed, 8 Jun 2005 13:24:25 -0500 (CDT) From: Tony Shadwick <tshadwick@goinet.com> To: Ben Hockenhull <benh@jpj.net> Cc: freebsd-questions@freebsd.org Subject: Re: 5.x, LDAP and caching uid/gid data Message-ID: <20050608132158.N23064@mail.goinet.com> In-Reply-To: <v0310280cbeccdb8867d8@[192.168.11.10]> References: <v0310280cbeccdb8867d8@[192.168.11.10]>
next in thread | previous in thread | raw e-mail | index | archive | help
Hmm.... Just based on my past experiences with NIS (working on learning LDAP as we speak), one would normally have SOME local user data. For example, a local sendmail user, a local root user, if you're running a MySQL daemon locally, you'd have a local mysql user. I think? Someone could correct me if I'm wrong here, but I see little benefit from having the smmsp user being in ldap and not local to the machine. Feel free to prove me wrong on this though. :) I'd still be interested in hearing about ldap caching, as it relates to me earlier question about laptop users and centralized auth. On Wed, 8 Jun 2005, Ben Hockenhull wrote: > We're in the midst of implementing a couple of FreeBSD servers, each > containing about 5k users, with authentication against LDAP. We're using > PADL's nss_ldap and pam_ldap modules, and while things work well, I'm > looking for ways to improve performance and reduce active queries against > LDAP. > > There's no user information on the local system at all, so every operation > that requires UID/GID information had to do an LDAP lookup to get UID/GID > data. So, for example, every piece of mail delivered means an LDAP lookup. > Ick. > > Is there such a thing as nscd for FreeBSD, and if so, has anyone had > experience using it? I found a lookupd utility that looks promising, but > I'm leery of implementing it in production as it seems like fairly untested > software. > > Failing nscd or a similar thing, are there other ways I can cache this > infomration or otherwise improve performance? > > Thanks. > > Ben > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050608132158.N23064>