Date: Thu, 6 Oct 2011 00:44:10 -0500 From: Dan Nelson <dnelson@allantgroup.com> To: Trond Endrestol <Trond.Endrestol@fagskolen.gjovik.no> Cc: Dag-Erling Smorgrav <des@des.no>, hackers@freebsd.org Subject: Re: Does anyone use nscd? Message-ID: <20111006054409.GS9801@dan.emsphone.com> In-Reply-To: <alpine.BSF.2.00.1110042050500.18373@mail.fig.ol.no> References: <86sjn84wco.fsf@ds4.des.no> <alpine.BSF.2.00.1110041800290.18373@mail.fig.ol.no> <86obxw4s4w.fsf@ds4.des.no> <alpine.BSF.2.00.1110042050500.18373@mail.fig.ol.no>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Oct 04), Trond Endrestol said: > On Tue, 4 Oct 2011 18:51+0200, Dag-Erling Smorgrav wrote: > > Trond Endrestol <Trond.Endrestol@fagskolen.gjovik.no> writes: > > > It's in daily use at Gjovik Technical College (Fagskolen i Gjovik), > > > here in Norway. Both the mail and web servers authenticates our users > > > by LDAP, and nscd certainly speeds up the lookups. > > > > OK. No trouble with clients dying of SIGPIPE? I could never reproduce > > the bug, but both users who reported problems used ldap, and I don't > > have an LDAP server to test against, so I thought it might be specific > > to LDAP. > > Not in my (somewhat limited) experience. On a tangent, I also heavily recommend using the nss-pam-ldapd port instead of nss_ldap. It includes a daemon called nslcd which is the only process that links to the ldap libary. The nss module is a tiny plug that talks to nslcd using a simple protocol. It really reduces the socket count to your ldap server, and removes the potential namespace problems caused by dlopening libldap.so in every process. -- Dan Nelson dnelson@allantgroup.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20111006054409.GS9801>