General discussion on installation and configuration of SOGo

Text archives Help


Re: [SOGo] disable auto-complete for certain external ldap address books


Chronological Thread 
  • From: heupink < >
  • To:
  • Subject: Re: [SOGo] disable auto-complete for certain external ldap address books
  • Date: Wed, 04 Mar 2015 10:24:01 +0100

Hi all,

I have made a lot of progress in this issue, and I thought I'd share on the list. Perhaps someone else can benefit from this as well.

To (massively) speed-up (cache) queries to external ldap (in our case: AD) servers, we are now using openldap with the pcache overlay.

This is on wheezy. First we installed slapd (openldap 2.4), and configured it to use the 'old-style' slapd.conf. Our config file can be seen below.

Then we configured an extra SOGoUserSources, canAuthenticate = NO, and hostname = localhost.

To verify: in the SOGo web access addressbook, the first time we search for 'username', it takes 5-7 seconds. A second time, the response is immediate. Huge improvement.

If anyone here has some tips or comments on my slapd.conf, please reply!

Some remaining things:

* I would like to 'pre-load' the openldap/pcache with the complete AD contents, so all searches would be local searches. Does anyone know if that is possible?

* I'm not sure how to configure expiration of items in the cache

* I'm not sure if the indexes at the end are actually needed. The SOGo query (as far as I know) looks like the proxyTemplate below. Perhaps the indexes can be discarded.

I'm sure there are many knowledgeable openldap people here, so please comment. :-)

Here is the slapd.conf that works for us:

include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema

sizelimit unlimited

pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
loglevel -1

modulepath /usr/lib/ldap

moduleload back_bdb
moduleload back_ldap
moduleload pcache

database ldap
suffix "dc=example,dc=com"
rootdn "dc=example,dc=com"
uri "ldap://ldap1.example.com:3268/dc=example%2cdc=com
ldap://ldap2.example.com:3268/dc=example%2cdc=com";
chase-referrals no

overlay pcache
pcache bdb 9999999 1 1000 100
pcacheAttrset 0 "*" "+"
proxyTemplate (|(sn=)(displayName=)(telephoneNumber=)(mail=)(cn=)) 0 3600
cachesize 999999
directory /var/lib/ldap

index sn eq
index displayName eq
index telephoneNumber eq
index mail eq
index cn eq

Regards,
MJ



Archive powered by MHonArc 2.6.18.

Top of page