[Casper] Timing logins and applicaion startup

Clinton Blackmore clinton.blackmore at westwind.ab.ca
Thu Feb 12 07:56:46 PST 2009 

On 12-Feb-09, at 8:13 AM, Thomas Larkin wrote:
> Are you by chance running 10.5.3 or 10.5.4?  There were known bugs  
> that caused all sorts of sync and log in issues and I saw them  
> myself.  Where it would take literally, 2 minutes just to log in  
> with a network account.
>
> Also, how many clients are bound to your Directory Servers?

Most of our clients are running 10.5.4.  A handful go back as far as  
10.5.2, and some are up-to-date.  [This is not counting our older  
machines that are running Tiger, but they aren't a concern right  
now.]  Most of our 12 directory replicas are running 10.5.5, although  
the master is running 10.5.6.

For number of clients, I ran:

dscl /LDAPv3/[IP of ODM] list Computers | wc -l
dscl /LDAPv3/[IP of ODM] list Users | wc -l

We currently have 1085 computers in our directory, and 4463 users.

We had a similar login-failure issue three of four months ago, and,  
after trolling through the logs availed us nothing, we instated a new  
open directory master.  [One of my co-workers did it; I think he  
imaged a server, made it a replica, and then promoted it and made all  
the other replicas use it as the master.]  Things worked great after  
we did that, until the day that I tried to give a user lesser  
directory administration privileges, at which point slapd on the  
master went off the rails and the CPU usage was at 100% for hours at a  
time.  I revoked the privileges, but we have been having problems  
since then.  [Further, we don't recall exactly, but out first master  
may have started acting up when we gave a user sub-diradmin  
privileges.]  I can not fathom why this would cause the issue, but it  
is our best suspicion.

Another symptom is sometimes a machine will show that network users  
are available, but they can not authenticate.  On such a machine, dscl  
sees the LDAP server and the Users directory, but listing said  
directory brings up zero results.  Rebooting or rebinding to the  
directory often fixes this.  So far as we can tell, there is no  
pattern involving which users or machines will have problems.  Just  
yesterday I saw a user take over 5 minutes to log in to a 2008 iMac  
connected via a 100 MB/s (or maybe even gigabit) network, while 2/3s  
of his class logged in without a problem [except for Word crashing for  
some of them].

While I am on the topic, can anyone recommend tools for merging or  
correlating log files?

Cheers,
Clinton Blackmore


This email has been scanned by Barracuda Network's Anti-Virus and Spam Firewall.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20090212/8e4ab135/attachment.html

More information about the Casper mailing list