On Sun, Jan 27, 2019 at 5:40 AM Dieter Klünter <[email protected]> wrote:
> Am Fri, 25 Jan 2019 21:04:42 -0500 > schrieb [email protected]: > > > How do I include uid/gid lookup caching to my openldap proxy server? > > > > $ cat slapd.conf > > ### Schema includes > > ########################################################### > > include /etc/openldap/schema/core.schema > > include /etc/openldap/schema/cosine.schema > > include /etc/openldap/schema/inetorgperson.schema > > include /etc/openldap/schema/misc.schema > > include /etc/openldap/schema/nis.schema > > > > ## Module paths > > ############################################################## > > modulepath /usr/lib64/openldap/ moduleload > > back_ldap > > > > # Main settings > > ############################################################### > > pidfile /var/run/openldap/slapd.pid > > argsfile /var/run/openldap/slapd.args > > sizelimit unlimited > > > > TLSCertificateFile /root/data/certs/ldap.crt > > TLSCertificateKeyFile /root/data/certs/ldap.key > > > > ### Database definition (Proxy to AD) > > ######################################### database ldap > > readonly yes > > protocol-version 3 > > rebind-as-user yes > > uri "ldaps://ldap.example.com:1636" > > suffix "ou=People,dc=example,dc=net" > > ### Logging > > ################################################################### > > loglevel 0 > > Did you read slapo-pcache(5) ? > For debugging use debug level pcache. > Try something like: > > database ldap > ... > overlay pcache > pcache mdb 5000 2 500 3600 > pcacheAttrset 0 uid gid > pcacheTemplate (uid=) 0 10800 7200 > directory /path/to/database > index uid,gid eq > > I have not tried yet. I will try it at work, tomorrow I will only need uid and mnetid from ldap. I use the uid as username and mnetid as the uid/gid of the user login in > -Dieter > > -- > Dieter Klünter | Systemberatung > http://sys4.de > GPG Key ID: E9ED159B > 53°37'09,95"N > 10°08'02,42"E > > -- Asif Iqbal PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
