Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 8 Jun 2005 13:24:25 -0500 (CDT)
From:      Tony Shadwick <tshadwick@goinet.com>
To:        Ben Hockenhull <benh@jpj.net>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: 5.x, LDAP and caching uid/gid data
Message-ID:  <20050608132158.N23064@mail.goinet.com>
In-Reply-To: <v0310280cbeccdb8867d8@[192.168.11.10]>
References:  <v0310280cbeccdb8867d8@[192.168.11.10]>

next in thread | previous in thread | raw e-mail | index | archive | help
Hmm....

Just based on my past experiences with NIS (working on learning LDAP as 
we speak), one would normally have SOME local user data.

For example, a local sendmail user, a local root user, if you're running a 
MySQL daemon locally, you'd have a local mysql user.

I think?  Someone could correct me if I'm wrong here, but I see little 
benefit from having the smmsp user being in ldap and not local to the 
machine.  Feel free to prove me wrong on this though. :)

I'd still be interested in hearing about ldap caching, as it relates to me 
earlier question about laptop users and centralized auth.

On Wed, 8 Jun 2005, Ben Hockenhull wrote:

> We're in the midst of implementing a couple of FreeBSD servers, each
> containing about 5k users, with authentication against LDAP.  We're using
> PADL's nss_ldap and pam_ldap modules, and while things work well, I'm
> looking for ways to improve performance and reduce active queries against
> LDAP.
>
> There's no user information on the local system at all, so every operation
> that requires UID/GID information had to do an LDAP lookup to get UID/GID
> data.  So, for example, every piece of mail delivered means an LDAP lookup.
> Ick.
>
> Is there such a thing as nscd for FreeBSD, and if so, has anyone had
> experience using it?  I found a lookupd utility that looks promising, but
> I'm leery of implementing it in production as it seems like fairly untested
> software.
>
> Failing nscd or a similar thing, are there other ways I can cache this
> infomration or otherwise improve performance?
>
> Thanks.
>
> Ben
>
>
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050608132158.N23064>