More soft/anecdotal:When executing "sudo -i" or "sudo -iu" the first time, we can expect a several second delay before the command completes. If we then exit the session and re-execute the command, it will complete almost instantly. So whatever cache is holding this information, if we could increase its duration, that would certainly make our pain less. Is this a settable value?
Entering a password into a screensaver is particularly painful. 10+ seconds before the screensaver will exit.
We are looking at environmental possibilities, like interfaces and such. This machine is running on a VMware VM, but we've had success deploying IPA on VMs in the past, and our faster network is running VMs as well (with one physical box).
Bret On 05/23/2014 08:15 AM, Bret Wortman wrote:
Collecting my various threads together under one big issue and adding this new data point:Our web UI on our slow network is exhibiting some strange behavior as well.When selecting, for example, the "Users", it can take up to 5 seconds to fetch 20 out of our 56 entries.When switching to "Hosts", it took 4 seconds for the footer to show that there would be 47 pages in total, then after 10 seconds total, the page loaded 20 of 939 entries. When I select a host, the previously-selected host will actually be displayed for upwards of 8-10 seconds (while the spinning cursor spins near the word Logout) until the host actually loads.Is it just me, or does this, plus everything else, start to sound like LDAP is struggling?I ran a test using ldapsearch in authenticated and unauthenticated mode from my workstation and here's what I found, which may tell us nothing:# time ldapsearch -x -H -ldap://zsipa.foo.net base="uid=bretw,cn=users,cn=accounts,dc=foo,dc=net": real 0m2.047s user 0m0.000s sys 0m0.001s# time ldapsearch -Y GSSAPI -H ldap://zsipa.foo.net base="uid=bretw,cn=users,cn=accounts,dc=foo,dc=net": real 0m2.816s user 0m0.004s sys 0m0.002s When I did this locally on the ipa master: # ssh zsipa.foo.net# time ldapsearch -Y GSSAPI base="uid=bretw,cn=uses,cn=accounts,dc=foo,dc=net": real 0m0.847s user 0m0.007s sys 0m0.006s # -- *Bret Wortman* http://damascusgrp.com/ http://about.me/wortmanbret _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
