Try installing nscd.
Bret.
On Wednesday 20 August 2008 11:59:18 Jon Schewe wrote:
> Has anyone setup a kerberos server on Linux? I've got one setup, but
> it's really slow. Slow here is how long it takes apache to allow me to
> edit files via webdav or when using subversion. In my previous job I had
> apache setup to use mod_auth_kerb to do authentication and talk to a
> windows AD server. This worked nicely and seemed to perform well. Now
> I'm using the same setup, however I'm using a Linux kerberos server
> instead and it's really slow. Around 6 seconds to just do an svn ls.
> When I'm using webdav I see a number of propfind and get log entries in
> the apache log and they're between 1 and 2 seconds apart. Looking at the
> kdc log I see lots of entries created like this:
>
>
> Aug 20 11:48:07 leech krb5kdc[25237](info): AS_REQ (7 etypes {18 17 16
> 23 1 3 2}) 128.33.251.52: ISSUE: authtime 1219250887, etypes {rep=16
> tkt=16 ses=16}, jschewe at BUM for krbtgt/BUM at BUM
>
> Any ideas as to why this is so slow?
>
> I've found a patch for mod_auth_kerb that caches the authentication data
> and that takes care of SVN, however I need group information for webdav,
> so I'm using mod_authnz_external with pwauth and that's dog slow. So I
> figure there is a problem with my kerberos server setup.
--
Bret Baptist
Senior Network Administrator
bbaptist at iexposure.com
Internet Exposure, Inc.
http://www.iexposure.com
(612)676-1946 x17
Providing Internet Services since 1995
Web Development ~ Search Engine Marketing ~ Web Analytics
Network Security ~ On Demand Tech Support ~ E-Mail Marketing