I have been able to make ldap auth running, but I am facing another problem.
When I access ejabberd web admin interface and go into Virtual Host section it seems that the server tries to enumerate all users from LDAP directory and does it quite often on different occasions. This is a bit unfortunate, since there is approx 100,000 users out there and it makes the thing unusable.
Is there a way to disable all unnecessary LDAP searches?
Looking for ejabberd docs?
To access the most up-to-date ejabberd documentation, please visit docs.ejabberd.im »
LDAP auth -> web_admin enumerates all users
Submitted by risa2000 on Mon, 2007-08-20 12:12
risa2000 wrote: When I
When I access ejabberd web admin interface and go into Virtual Host section it seems that the server tries to enumerate all users from LDAP directory and does it quite often on different occasions.
The number of registered accounts is calculated in those URLs:
Are only those URLs the ones that are problematic to you?
What are the exact symptoms that you can see: CRASH, ERROR, slow response of the web admin, 100% CPU consumed...?
BTW, if you can't even access your vhost subpages, put this URL directly in your browser:
LDAP auth -> web_admin enumerates all users
The number of registered accounts is calculated in those URLs:
Are only those URLs the ones that are problematic to you?
Yes.
My LDAP server is set to limit number of users in one shot to 400. Even those 400 may take 1 minute or more.
What are the exact symptoms that you can see: CRASH, ERROR, slow response of the web admin, 100% CPU consumed...?
The only symptom is that web_admin interface is not responsive for certain time and then there are just (first) 400 users. And visually, communication with LDAP also seems to be slow.
My point is, I do not need to list (or count) all users in LDAP, since I have them already in LDAP. What concerns me only are online users. It would be great if LDAP search (or offline users) could be somehow disabled in ejabberd config.
Bug tracked, includes untested patch
My point is, I do not need to list (or count) all users in LDAP, since I have them already in LDAP. What concerns me only are online users. It would be great if LDAP search (or offline users) could be somehow disabled in ejabberd config.
I've reported your problem to the bug tracker:
I included a quick patch that does exactly what you want :)
The patch is for ejabberd SVN, since it benefits from recent code not present in ejabberd 1.1.3.
Another drawback is that I can't test it myself. If you try it, let me know if it works correctly.
Just FYI it does work for
Just FYI it does work for node statistics, but it does not work for virtual nodes (menu item and any subitem).
Can you please specify
Can you please specify exactly which URIs provoke the problem in Web Admin with that patch applied?
links which are slow (requesting LDAP users)
Can you please specify exactly which URIs provoke the problem in Web Admin with that patch applied?
When clicking on "Virtual Hosts" in main menu.
Then after selecting one virtual host, when clicking in its submenu on "Users", "Last Activity", "Statistics".
In all other cases AFAIK the response is normal.