Ask Question
« General Questions on Nuxeo

ldap query speed

Hi,

we have a working 5.9.5 Nuxeo platform connected to Active Directory. Everyhting is fine, but the first connection to Nuxeo is slow (20 seconds, sometimes more), due to the fact that Nuxeo need to populate its ldap cache information. I guess this is due to the size of the Active Directory, We have ~ 10000 users inside.

Is there a way to lower this ldap cache popluation? I tried to change querySizeLimit, cacheMaxSize but it doesn't seems to have significant change.

Regards,

Nicolas Zin

nicolas
Member (100)   2   2   1 		10/21/2014 ( History)
0 votes
1 answers
1990 views
ANSWER
pibou Bouvret
We have the same case here with LDAP, about 50K users and several thousands groups. The worst case is group computation when you access a user profile. The solution was not found through Nuxeo configuration but with a local slave LDAP server
10/24/2014
pibou Bouvret
Forgot to mention that Nuxeo binds to the slave LDAP server with a manager account so that ACLs are not computed. Don't know if that applies to AD.
11/08/2014
ANSWERS

Hi,

There is a way to control this cache size, but there are things you may want to check:

  • is the cache filled with a lot of entries? (in which case it would be interesting to understand what triggers the loading of all these entries)
  • bad network access to the LDAP server (that would explain why once entry is in cache, the latency is not visible anymore)
Anahide Tchertchian
Member (15.4K)   3   6   6 		11/14/2014 ( History)
0 votes
Follow
Tags
Linked Questions
Related Questions
LDAP Authentication with MS Active Directory and Groups.
Active Directory connection only login new users and not old ones
can't list member of the group and groups of a member
Non admin users can't change their password anymore
LDAP, OpenDS integeration to Nuxeo?
Nuxeo 6.0 and LDAP Caching
Ldap question
Nuxeo 7.10 ldap authentication
LDAP and PostgreSQL