Queries very very slow + strange problem with indexes

Fri, 20 Nov 2009 07:13:31 -0800 

Hi members,
I'm running openLdap 2.3.43 on CentOS 5.3.
At the moment queries that return one entry of 20 take between 300ms and
600ms. The objectClass of the objects I query has no influence. The acl
rules that allow users to write have also no significant influence on
query speed. If I add

index telephoneNumber eq

to my slapd.conf, queries with (telephoneNumber=123) are very fast but
return zero results although they should return one.

Any ideas? I'm running out of ideas (Maybe because I'm new to LDAP :) )

Thanks in advance

Jan


--------------------------------------------------------------------------------

Here is my slapd.conf

include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema

allow bind_v2

pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args

loglevel acl

database        bdb
suffix          "dc=myDomain"
rootdn          "cn=admin,dc=myDomain"
rootpw          {SSHA}basdfasdfasdfasdfv

directory       /var/lib/ldap

# Indices to maintain for this database
index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub

set_cachesize 0 2097152 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500

access to attrs=userPassword,shadowLastChange
        by dn="cn=admin,dc=myDomain" write
        by anonymous auth
        by self write
        by * none

access to dn.base=""
        by users read
        by dn="cn=admin,dc=myDomain" write

access to dn.exact="dc=myDomain"
        by * read

access to dn.exact="ou=users,dc=myDomain"
        by * read

access to dn.sub="ou=users,dc=myDomain"
        filter=(objectclass=person)
        by set="user &
([cn=UserManagement,ou=roleRights,dc=myDomain]/member*)" write
        by self read

access to dn.sub="ou=roles,ou=users,dc=myDomain"
        by set="user &
([cn=UserManagement,ou=roleRights,dc=myDomain]/member*)" write
        by * read

access to dn.sub="ou=configs,dc=myDomain"
        by * read

access to dn.sub="ou=contacts,dc=myDomain"
        by set="user &
([cn=UserManagement,ou=roleRights,dc=myDomain]/member*)" write
        by * read

access to dn.sub="ou=roleRights,dc=myDomain"
        by set="user &
([cn=UserManagement,ou=roleRights,dc=myDomain]/member*)" write
        by * read


---------------------------------------------------------------------------------
And also DB_CONFIG

set_cachesize 0 20097152 0
set_lk_max_objects 1500
set_lk_max_locks 1500
set_lk_max_lockers 1500

Reply via email to