5.x, LDAP and caching uid/gid data

Tony Shadwick tshadwick at goinet.com
Wed Jun 8 18:24:41 GMT 2005


Just based on my past experiences with NIS (working on learning LDAP as 
we speak), one would normally have SOME local user data.

For example, a local sendmail user, a local root user, if you're running a 
MySQL daemon locally, you'd have a local mysql user.

I think?  Someone could correct me if I'm wrong here, but I see little 
benefit from having the smmsp user being in ldap and not local to the 
machine.  Feel free to prove me wrong on this though. :)

I'd still be interested in hearing about ldap caching, as it relates to me 
earlier question about laptop users and centralized auth.

On Wed, 8 Jun 2005, Ben Hockenhull wrote:

> We're in the midst of implementing a couple of FreeBSD servers, each
> containing about 5k users, with authentication against LDAP.  We're using
> PADL's nss_ldap and pam_ldap modules, and while things work well, I'm
> looking for ways to improve performance and reduce active queries against
> There's no user information on the local system at all, so every operation
> that requires UID/GID information had to do an LDAP lookup to get UID/GID
> data.  So, for example, every piece of mail delivered means an LDAP lookup.
> Ick.
> Is there such a thing as nscd for FreeBSD, and if so, has anyone had
> experience using it?  I found a lookupd utility that looks promising, but
> I'm leery of implementing it in production as it seems like fairly untested
> software.
> Failing nscd or a similar thing, are there other ways I can cache this
> infomration or otherwise improve performance?
> Thanks.
> Ben
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list