[horde] Turba LDAP slow to list

Simon Wilson simon at simonandkate.net
Wed Apr 8 11:17:41 UTC 2009 

Thanks Dom...

I feel a little silly - the LDAP server was logging at debug level for  
me to try and work out what it was doing for something else, which was  
what was killing it when a search was run.

Question though - my LDAP directory is structured as e.g. "cn=Simon  
Wilson,dc=simonandkate,dc=lan", not the  
"uid=simon,dc=simonandkate,dc=lan" that the precanned bind as call in  
Turba's sources.php does. PHPLdapAdmin template created them as cn=...

Is there a way to retrieve the currently logged on user's CN to  
present in a search to bind as? How do I write these lines:

/* First we need to get the uid. */
  $_ldap_uid = Auth::getBareAuth();
    'bind_dn' => 'uid=' . $_ldap_uid . ',ou=users,' . $_ldap_basedn,

to find the cn and present it to bind_dn with?

At the moment I am binding as a "horde" user that has rights to the  
addressbook area of LDAP, but I'd rather bind as the user if I can.

Cheers

Simon Wilson


Quoting "LALOT Dominique" <dom.lalot at gmail.com>:

> Simon,
>
> That's not a horde question but an LDAP tuning question. On my servers,
> there is one second, but rather due to http request. There is no delays
> using thunderbird..
> Have a look at your ldap setup.
> Check the search filter, and put indexes on what is searched, and don't take
> too many attributes, the more you take, the slower you get.
>
> Dom
>
> Try some search as turba does using ldapsearch commands.
>
> 2009/4/8 Simon Wilson <simon at simonandkate.net>
>
>> I have Turba version 2.3.1 connected to an OpenLDAP server version 2.3.27.
>> The user in question has about 200 contacts all sitting nicely in LDAP
>> (imported from CSV).
>>
>> Using IMP it matches email addresses in about 1 second. Works great.
>>
>> Using Turba to search takes about 15 seconds, so not brilliant but
>> manageable. Adding a new contact takes about 4 seconds, deleting one takes
>> forever as it then goes back to a list view afterwards -
>> Using Turba to LIST, i.e. just click on Address Book, or on a letter to
>> list contacts starting with that letter takes about 2 minutes. Doesn't time
>> out, but unusable really.
>>
>> Turba is binding to the LDAP server in the context of
>> ou=useruid,ou=personal_addressbook,dc=simonandkate,dc=lan, as a Horde user
>> that has write access to the addressbooks ou. (I had issues with getting it
>> to work with the default suggestion of binding as the user as my user
>> entries are not identified by uid in the tree. I didn't want to bind it as
>> root). Everything works fine, just very slow to list...
>>
>> Any suggestions on how i can speed up the listings? The LDAP server is not
>> running low on RAM or paging.
>>
>> Cheers
>>
>> Simon Wilson
>>
>>
>> My Turba sources.php:
>>
>>  $_ldap_uid = Auth::getBareAuth();
>>  $_ldap_basedn = 'dc=simonandkate,dc=lan';
>>  $cfgSources['personal_ldap'] = array(
>>     'title' => _("My Address Book"),
>>     'type' => 'ldap',
>>     'params' => array(
>>         'server' => 'ldapserver',
>>         'tls' => false,
>>         'root' => 'ou=' . $_ldap_uid . ',ou=personal_addressbook,' .
>> $_ldap_basedn,
>>         'bind_dn' => 'cn=horde,ou=accounts,' . $_ldap_basedn,
>>         'bind_password' => 'super-secret password in here',
>>        'dn' => array('uid'),
>>         'objectclass' => array('top',
>>                                'person',
>>                                'turbaContact',
>>                                'inetOrgPerson',
>>                                'calEntry',
>>                                'organizationalPerson'),
>>         'scope' => 'one',
>>         'charset' => 'utf-8',
>>         'version' => 3
>>     ),
>>     'map' => array(
>>         '__key' => 'dn',
>>         '__uid' => 'uid',
>>         '__type' => 'turbaType',
>>         '__members' => 'turbaMembers',
>>         'name' => 'cn',
>>         'email' => 'mail',
>>         'lastname' => 'sn',
>>         'firstname' => 'givenName',
>>         'title' => 'title',
>>         'company' => 'organizationname',
>>         'businessCategory' => 'businesscategory',
>>         'workAddress' => 'postaladdress',
>>         'workPostalCode' => 'postalcode',
>>         'workPhone' => 'telephonenumber',
>>         'fax' => 'facsimiletelephonenumber',
>>         'homeAddress' => 'homepostaladdress',
>>         'homePhone' => 'homephone',
>>         'cellPhone' => 'mobile',
>>         'notes' => 'description',
>>         'office' => 'roomNumber',
>>         'department' => 'ou',
>>         'nickname' => 'displayName',
>>         'website' => 'labeledURI',
>>         'pgpPublicKey' => 'object_pgppublickey',
>>         'smimePublicKey' => 'object_smimepublickey',
>>         'freebusyUrl' => 'calFBURL',
>>     ),
>>     'search' => array(
>>         'name',
>>         'email',
>>         'businessCategory',
>>         'title',
>>         'homePhone',
>>         'workPhone',
>>         'cellPhone',
>>         'homeAddress'
>>     ),
>>     'strict' => array(
>>         'dn',
>>     ),
>>     'approximate' => array(
>>         'cn',
>>     ),
>>     'export' => true,
>>     'browse' => true,
>>  );
>> --
>> Horde mailing list - Join the hunt: http://horde.org/bounties/#horde
>> Frequently Asked Questions: http://horde.org/faq/
>> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>>
>
>
>
> --
> Dominique LALOT
> Ingénieur Systèmes et Réseaux
> http://annuaire.univmed.fr/showuser.php?uid=lalot
>

More information about the horde mailing list