From owner-freebsd-questions@FreeBSD.ORG Wed Jun 8 18:24:41 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C146216A41C for ; Wed, 8 Jun 2005 18:24:41 +0000 (GMT) (envelope-from tshadwick@goinet.com) Received: from mail.goinet.com (mail.goinet.com [208.207.72.15]) by mx1.FreeBSD.org (Postfix) with ESMTP id 54E9443D53 for ; Wed, 8 Jun 2005 18:24:41 +0000 (GMT) (envelope-from tshadwick@goinet.com) Received: from mail.goinet.com (localhost.goinet.com [127.0.0.1]) by mail.goinet.com (8.13.1/8.13.1) with ESMTP id j58IOSB9069908; Wed, 8 Jun 2005 13:24:28 -0500 (CDT) (envelope-from tshadwick@goinet.com) Received: from localhost (tshadwick@localhost) by mail.goinet.com (8.13.1/8.13.1/Submit) with ESMTP id j58IOQbj069899; Wed, 8 Jun 2005 13:24:26 -0500 (CDT) (envelope-from tshadwick@goinet.com) X-Authentication-Warning: mail.goinet.com: tshadwick owned process doing -bs Date: Wed, 8 Jun 2005 13:24:25 -0500 (CDT) From: Tony Shadwick To: Ben Hockenhull In-Reply-To: Message-ID: <20050608132158.N23064@mail.goinet.com> References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: ClamAV version 0.85.1, clamav-milter version 0.85 on mail.goinet.com X-Virus-Status: Clean Cc: freebsd-questions@freebsd.org Subject: Re: 5.x, LDAP and caching uid/gid data X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jun 2005 18:24:41 -0000 Hmm.... Just based on my past experiences with NIS (working on learning LDAP as we speak), one would normally have SOME local user data. For example, a local sendmail user, a local root user, if you're running a MySQL daemon locally, you'd have a local mysql user. I think? Someone could correct me if I'm wrong here, but I see little benefit from having the smmsp user being in ldap and not local to the machine. Feel free to prove me wrong on this though. :) I'd still be interested in hearing about ldap caching, as it relates to me earlier question about laptop users and centralized auth. On Wed, 8 Jun 2005, Ben Hockenhull wrote: > We're in the midst of implementing a couple of FreeBSD servers, each > containing about 5k users, with authentication against LDAP. We're using > PADL's nss_ldap and pam_ldap modules, and while things work well, I'm > looking for ways to improve performance and reduce active queries against > LDAP. > > There's no user information on the local system at all, so every operation > that requires UID/GID information had to do an LDAP lookup to get UID/GID > data. So, for example, every piece of mail delivered means an LDAP lookup. > Ick. > > Is there such a thing as nscd for FreeBSD, and if so, has anyone had > experience using it? I found a lookupd utility that looks promising, but > I'm leery of implementing it in production as it seems like fairly untested > software. > > Failing nscd or a similar thing, are there other ways I can cache this > infomration or otherwise improve performance? > > Thanks. > > Ben > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >