[K12OSN] LDAP timeout question

Jim Kronebusch jim at winonacotter.org
Thu Nov 15 16:50:05 UTC 2007


I am having problems with my user openldap running out of enough files when I have heavy
use class period after class period.  I am trying to figure out the best way to increase
the open file limit for the openldap user (so far increasing with
/etc/security/limits.conf) and what a reasonable limit is.  Any suggestions along these
lines would be appreciated.

But my real question is, what are the effects of implementing an idle_timeout in
slapd.conf?  We have 50-75 users connecting at every class period.  Throughout the day
the open files for the openldap user start to build and don't drop off immediately after
every class.  I'll quick state that the default for per user open files in Edubuntu
seems to be 1024, and ldap stops responding when we hit this limit.  So I'm wondering if
instead of increasing the open file limit, if I'm better off adding an idle_timeout
(default is 0 which disables the timeout).  I am thinking of a timeout just a little
longer than our average class period.  My understanding of the timeout is that an
increased load could be placed on the ldap server, but other than that there should be
no adverse affects.  I'm hoping this change would keep my amount of files from growing
throughout the day.

Thoughts?  If anyone wants to give me a better explanation of what is going on I
wouldn't baulk at that either.

Quick note, this is running Edubuntu 7.04 with LDM_DIRECTX=True, and the auth server is
the same as the client server.  My server has been set up according to my instructions
at http://www.1-cs.com/ubuntu_ldap_howto.txt.  I also have an email server
authenticating off of the same box, but no more than 20 of the ldap files seem to be
associated with the email server at one time.  There are about 500 users and 108 thin
clients.  Concurrent users typically does not exceed 75.  I've never seen processor
usage go above 25% and RAM usage over 6GB (16GB total available) even when 75 concurrent
users are in Firefox/Flash/OpenOffice at the same time, so I think it is safe to say the
server is not overloaded.  And I see no obvious slowdowns during this type of use.  And
just to note the only error I have when this happens is the following in /var/log/syslog:

Nov 15 08:19:10 ltsp slapd[27148]: warning: cannot open /etc/hosts.allow: Too many open
files
Nov 15 08:19:10 ltsp slapd[27148]: warning: cannot open /etc/hosts.deny: Too many open files

Thanks,

Jim Kronebusch
Cotter Tech Department
453-5188


-- 
This message has been scanned for viruses and
dangerous content by the Cotter Technology 
Department, and is believed to be clean.




More information about the K12OSN mailing list