Openfire and LDAP issues
Thanks in advance for the help.
Has anyone see this issue with openfire?
Currently I use Openfire Fedora with Auth using windows 2003 and also use mysql for the database. When I bring up two clients and talk to each other the time is slow between messages. Sometimes it can take between 5-15 minutes for something sent to get to the person (this is with only two people on the openfire server). I ran a tcp dump using port 389 and see that the machine is running thousands of queries against ldap. When i plug it into wireshark I notice that it is transferring the entire contact list or checking on the status of the entire contact list ?
When I run debug on openfire itself I am presented with only this small message in the log:
2010.06.08 07:01:17 LdapManager: Starting LDAP search...
2010.06.08 07:01:17 LdapManager: ... search finished
2010.06.08 07:01:17 LdapManager: Creating a DirContext in LdapManager.getContext()...
2010.06.08 07:01:17 LdapManager: Created hashtable with context values, attempting to create context...
2010.06.08 07:01:17 LdapManager: ... context created successfully, returning.
2010.06.08 07:01:17 LdapManager: Trying to find a groups's DN based on it's groupname. cn: Spark agents CLT, Base DN: OU="Hidden",DC="Hidden",DC="net"...
2010.06.08 07:01:17 LdapManager: Creating a DirContext in LdapManager.getContext()...
2010.06.08 07:01:17 LdapManager: Created hashtable with context values, attempting to create context...
2010.06.08 07:01:17 LdapManager: ... context created successfully, returning.
2010.06.08 07:01:17 LdapManager: Starting LDAP search...
2010.06.08 07:01:17 LdapManager: ... search finished
2010.06.08 07:01:17 LdapManager: Trying to find a groups's DN based on it's groupname. cn: Spark agents CLT, Base DN: OU="Hidden",DC="Hidden",DC="net"...
2010.06.08 07:01:17 LdapManager: Creating a DirContext in LdapManager.getContext()...
2010.06.08 07:01:17 LdapManager: Created hashtable with context values, attempting to create context...
2010.06.08 07:01:17 LdapManager: ... context created successfully, returning.
2010.06.08 07:01:17 LdapManager: Starting LDAP search...
2010.06.08 07:01:17 LdapManager: ... search finished
I thought this was a configuration on my end and started to look into the cache settings on the openfire webpages. I tweaked the settings as recommend by the pages and still get the same issues. I doesnt seem to cache the contact list or this might be a feature never fixed or implemented.
Has anyone gone through this before ? I have searched online and I see others have great experience with openfire with no issues like I have, or is it because noone checked the queries ?
For the time being I created a new Domain Controller and moved openfire to that computer so it can run local queries. T开发者_开发问答his seems to help reduce the speed alot, but when I run the server performance manager tool I see that with two people only using that openfire server I run 593.7 request per second.
Thanks for your help, if I didnt provide enough data please let me know what you need and I can find it.
Adding other information from conversation: I am still double checking my settings, but they seem correct. When I do a wireshark I notice though that it sends the entire contact list as the query, I am assuming that it caches under the roster list. However some of the cashe fields dont see to be used even though they are set.
I looked at the link you sent and I had added that to my openfire earlier hoping that would fix it, still the same issue.
Has anyone ever done a server performance manager to see if you have the same issue as me ? Or a tcpdump. When I run openfire and Ldap on the same server it seems to only take 2-5 seconds with only two people on it instead of the 2-5 minutes it took not having it on. Last check the performance manager says 600 per second.
My main though is its just not caching, but I am not sure if this is right.
Thanks for the great feedback!
Perhaps it's not finding ldap at all. From the log dump, it looks like the context build may be coming up empty and the whole process starts over again.
I would take another hard look at your config.
http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/ldap-guide.html
Base DN: OU="Hidden",DC="Hidden",DC="net" //is this valid for your setup??
精彩评论