Our target is to decrease number of unindexed queries, you can track them in logs :
"RESULT err=0 tag=101 nentries=1 etime=0 notes=U"
And , of course improve performance .
So!
1. Change in acls:
(targetattr != "aci")(version 3.0; acl "VLV Request Control"; allow( read, search, compare, proxy ) userdn = "ldap:///anyone";)
2. ldapmodify -h host -p 389 -a -D "cn=Directory manager" -f file.ldif
dn: cn=no_netgroup_vlv_index,cn=no,cn=ldbm database,cn=plugins,cn=config
objectClass: top
objectClass: vlvSearch
cn: no_netgroup_vlv_index
vlvScope: 1
vlvBase: ou=netgroup,dc=test,dc=com
vlvFilter: (objectclass=nisNetGroup)
aci: (targetattr="*")(version 3.0; acl "VLV for Anonymous"; allow (read,search,compare) userdn="ldap:///anyone";)
dn: cn=no_group_vlv_index,cn=no,cn=ldbm database,cn=plugins,cn=config
objectClass: top
objectClass: vlvSearch
cn: no_group_vlv_index
vlvScope: 1
vlvBase: ou=group,dc=test,dc=com
vlvFilter: (objectClass=posixGroup)
aci: (targetattr="*")(version 3.0; acl "VLV for Anonymous"; allow (read,search,compare) userdn="ldap:///anyone";)
dn: cn=no_account_vlv_index,cn=no,cn=ldbm database,cn=plugins,cn=config
objectClass: top
objectClass: vlvSearch
cn: no_account_vlv_index
vlvScope: subtree
vlvBase: ou=people,dc=test,dc=com
vlvFilter: (objectClass=posixAccount)
aci: (targetattr="*")(version 3.0; acl "VLV for Anonymous"; allow (read,search,compare) userdn="ldap:///anyone";)
dn: cn=test.com.account,cn=no_account_vlv_index,cn=no,cn=ldbm database,cn=plugins,cn=config
objectClass:top
objectClass: vlvIndex
cn: test.com.account
vlvSort: cn uid
dn: cn=test.com.netgroup,cn=no_netgroup_vlv_index,cn=no,cn=ldbm database,cn=plugins,cn=config
objectClass:top
objectClass: vlvIndex
cn: test.com.netgroup
vlvSort: cn uid
dn: cn=test.com.group,cn=no_group_vlv_index,cn=no,cn=ldbm database,cn=plugins,cn=config
objectClass:top
objectClass: vlvIndex
cn: test.com.group
vlvSort: cn uid
"RESULT err=0 tag=101 nentries=1 etime=0 notes=U"
And , of course improve performance .
So!
1. Change in acls:
(targetattr != "aci")(version 3.0; acl "VLV Request Control"; allow( read, search, compare, proxy ) userdn = "ldap:///anyone";)
2. ldapmodify -h host -p 389 -a -D "cn=Directory manager" -f file.ldif
dn: cn=no_netgroup_vlv_index,cn=no,cn=ldbm database,cn=plugins,cn=config
objectClass: top
objectClass: vlvSearch
cn: no_netgroup_vlv_index
vlvScope: 1
vlvBase: ou=netgroup,dc=test,dc=com
vlvFilter: (objectclass=nisNetGroup)
aci: (targetattr="*")(version 3.0; acl "VLV for Anonymous"; allow (read,search,compare) userdn="ldap:///anyone";)
dn: cn=no_group_vlv_index,cn=no,cn=ldbm database,cn=plugins,cn=config
objectClass: top
objectClass: vlvSearch
cn: no_group_vlv_index
vlvScope: 1
vlvBase: ou=group,dc=test,dc=com
vlvFilter: (objectClass=posixGroup)
aci: (targetattr="*")(version 3.0; acl "VLV for Anonymous"; allow (read,search,compare) userdn="ldap:///anyone";)
dn: cn=no_account_vlv_index,cn=no,cn=ldbm database,cn=plugins,cn=config
objectClass: top
objectClass: vlvSearch
cn: no_account_vlv_index
vlvScope: subtree
vlvBase: ou=people,dc=test,dc=com
vlvFilter: (objectClass=posixAccount)
aci: (targetattr="*")(version 3.0; acl "VLV for Anonymous"; allow (read,search,compare) userdn="ldap:///anyone";)
dn: cn=test.com.account,cn=no_account_vlv_index,cn=no,cn=ldbm database,cn=plugins,cn=config
objectClass:top
objectClass: vlvIndex
cn: test.com.account
vlvSort: cn uid
dn: cn=test.com.netgroup,cn=no_netgroup_vlv_index,cn=no,cn=ldbm database,cn=plugins,cn=config
objectClass:top
objectClass: vlvIndex
cn: test.com.netgroup
vlvSort: cn uid
dn: cn=test.com.group,cn=no_group_vlv_index,cn=no,cn=ldbm database,cn=plugins,cn=config
objectClass:top
objectClass: vlvIndex
cn: test.com.group
vlvSort: cn uid
Comments