OpenLDAP 2.4.13/14/15: Need long time to autheticate since update from 2.4.11

O. Hartmann ohartman at
Thu Mar 12 00:41:31 PDT 2009

since we updated ports on our FreeBSD boxes and so OpenLDAP from 2.4.11 
-> 2.4.15 and its sibblings authetication on the first attempt from a 
client to the server takes a long time. The phenomenon is on several 
flavours of FreeBSD the same (7.1-STABLE/i386 + amd64 UP and SMP and 
FreeBSD 8.0-CURRENT/amd64 SMP). When login in on a client which is 
connecting to slapd for authentication the first attempt takes approx. 
10 - 20 seconds to perform. In case of sshd, some users simply hit 
return getting to the second-try prompt and then the OpebLDAP server 
performs instantanously. In situations where someone can't perform the 
first auth-attempt with NULL/RETURN (like automated su/rsync/scp or 
something else) this behaviour boring.

I tried to sniff on the server-client communication and watched the log 
but nothing shows up suspicious actions, everything seems all right 
except the wait on the first attempt.

I try to track down the problem to a misconfiguration, but with OpenLDAP 
2.4.11 everything runs fine as expected, so I suspect a change in LDAP.

Besides, this behaviour is also present on freshly installed FreeBSD 8.0 
boxes, so I doubt I forgot a relevant package to be updated when 
recompiling everything necessary to run OpenLDAP and its vicinity ...


More information about the freebsd-questions mailing list