Could I know the LDAP cache is enabled or not?

[dennys]

I use Jenkins 1.580.2 and LDAP plugin 1.11. It works (authentication and
group), but the performance is not good.
It takes more then 10 seconds to login, and after enabling cache (size 500,
TTL 5mins), it's still the same.

Does Jenkins write the cached data in any file or is there any solution to
confirm the cache is enabled or not?




--
View this message in context: http://jenkins-ci.361315.n4.nabble.com/Could-I-know-the-LDAP-cache-is-enabled-or-not-tp4732888.html
Sent from the Jenkins users mailing list archive at Nabble.com.

[Stephen Connolly]

The cache will not affect login, but will affect page rendering after logging in. To improve login performance you need to narrow the scope of the login query

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/1420452666178-4732888.post%40n4.nabble.com.
For more options, visit https://groups.google.com/d/optout.

[dennys]

This is our config, it has about 20,000 records in "ou=Users" level. All of
these records are at the same level, not sure how to narrow the scope...



Is there a reference that the normal speed of 20,000 records LDAP search?




--
View this message in context: http://jenkins-ci.361315.n4.nabble.com/Could-I-know-the-LDAP-cache-is-enabled-or-not-tp4732888p4732896.html

[Stephen Connolly]

It's usually the group membership queries that eat the time

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/1420454751173-4732896.post%40n4.nabble.com.

[Ginga, Dick]

FYI, I had the same poor response from LDAP and went to the Active Directory plugin and it is easier to install/setup and works really fast.

To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/CA%2BnPnMzO0BhB_SaM1OLRuJeeR4FShBOMif6Zu_Rb0i70mMopgQ%40mail.gmail.com.

[dennys]

Is there any log to confirm what eat the time? Or is it possible to disable
group search?
I clear group search base and group search filter, but the performance is
still the same.

And to Ginga, we use Oracle's LDAP, not Active Directory. Is it possible to
use AD plugin to connect to LDAP? I cannot find how to configure it.



--
View this message in context: http://jenkins-ci.361315.n4.nabble.com/Could-I-know-the-LDAP-cache-is-enabled-or-not-tp4732888p4732978.html

[Ginga, Dick]

I don't know about configuring AD for Oracle LDAP

-----Original Message-----
From: jenkins...@googlegroups.com [mailto:jenkins...@googlegroups.com] On Behalf Of dennys
Sent: Monday, January 05, 2015 11:57 AM
To: jenkins...@googlegroups.com

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/1420477043994-4732978.post%40n4.nabble.com.

[dennys]

I changed the group search base to another node that only has little records,
it's very fast now.
So the root cause is we have too many groups... we have about 5000 groups
now, is it ok ?

And is there any suggestion for it? We add Group search filter, but the
performance is almost the same.



--
View this message in context: http://jenkins-ci.361315.n4.nabble.com/Could-I-know-the-LDAP-cache-is-enabled-or-not-tp4732888p4733069.html

[dennys]

I add "uniqueMember={0}" in Group membership filter, it takes about 3~4
seconds now.



--
View this message in context: http://jenkins-ci.361315.n4.nabble.com/Could-I-know-the-LDAP-cache-is-enabled-or-not-tp4732888p4733073.html