Manualshelf

NIS/LDAP Gateway Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
21222324252627282930
Adding a Client System
Adding an NIS/LDAP Gateway client is essentially the same as adding an NIS client except for
ldappasswd or whatever means you give your users for changing their password and other
personal information.
For more information, see “To Change Passwords” and “To Change Personal Information” and
“The ldappasswd Command”.
For NIS information see "To Enable NIS Client Capability" in Installing and Administering NFS
Services available at http://docs.hp.com/hpux/communications.
Improving Performance
This section lists some ways you can improve the performance of your NIS/LDAP Gateway
server.
Minimizing Enumeration Requests
Enumeration requests are directory queries that request all of a map. For example, the command
ypcat passwd is an enumeration request because it requests all of the passwd map. An ll
command would not be an enumeration request since it only requests specific pieces of
information from maps.
Certain HP-UX operations enumerate a map from the NIS/LDAP Gateway server. For example,
csh(1) requests the entire group map at login. finger(1) requests the entire passwd map whenever
it runs. Applications written with the getpwent(3C) family of routines can enumerate a map. If
these maps are large, these enumeration requests could cause other NIS/LDAP Gateway client
requests to block waiting for the enumeration request to complete. For example, a user doing a
simple ll(1) command could see a delay in response if another user is logging in with csh(1) or
using the finger(1) command. If the delay is long enough, the request may time out and the client
may try to rebind to another server. To minimize these situations, you may want to restrict use
of the above mentioned commands.
You can also improve performance of enumeration requests by preloading maps as described
in “Preloading the Cache with NIS Maps”.
Using Additional Processes to Handle Enumeration Requests
One way to reduce the impact of enumeration requests is to allow ypldapd to fork separate
processes to handle them thus avoiding tying up ypldapd for the duration of the enumeration
requests. Do this by setting the maxchildren parameter. This parameter specifies the maximum
number of processes ypldapd will fork when doing enumeration requests. See also “Maximum
Number of Processes”.
Caching
This section discusses how the NIS/LDAP Gateway caches data from the directory and how you
can control aspects of caching to improve performance.
Enabling Caching
The NIS/LDAP Gateway server can cache data from the directory to reduce the load on the
directory and improve overall performance of NIS operations. You enable caching by setting the
caching parameter in the ypldapd.conf file to on. See “Enable or Disable Caching” for more
information.
Preloading the Cache with NIS Maps
You can configure ypldapd to preload certain NIS maps into the cache. Preloading ensures the
cache is always kept current with these maps. This is particularly beneficial for the passwd map
28 Administering the NIS/LDAP Gateway