|Feb 22, 2008, 05:17 PM||#1|
LDAP and DNS
Hello, first, I am peon with college experience. I am not in charge of this situation, I was put in the mix-up so you need to realize that I do not run the show, I follow orders.
We have an Xserve RAID hosting an Open Directory, DHCP, Net Boot, AFP and a time server. The server processor is always in very low usage and our memory still has plenty of space remaining; however, the network goes SO SLOW.
Now, the server doesn't host DNS. This is because there is a 3rd party guy involved since neither the director, nor the network administrator are confident in network administration (DNS, VPNs, Postfix, Dovecot, Apache... everything).
The network seems fine until the Open Directory accounts log on and then the crawl begins. I remember from my college Active Directory days (I said a bad word), that it is extremely critical that DNS is set up correctly before doing anything.
Not that I would be able to test anything, but do you think that DNS not being configured on the Xserve could be the problem? I've heard of issues with regards to slowness when both NICs aren't properly configured... even the outside NIC that clients shouldn't ever even touch.
I've looked at network traffic through Etherape and Wireshark in the MDF and ever since installing the NHR package (keeps junk like caches stored locally), the network has been very clean and our switching equipment appears to be functioning correctly.
P.S. The server is running on 10.4.11 server software and the clients are all 10.4.11 or 10.3.9.
Last edited by Apotheosis; Feb 22, 2008 at 05:27 PM. Reason: I'm a noob.
|Feb 22, 2008, 09:49 PM||#2|
DNS is the single most important basis you need for a reliable OD experience. The same can also be said with AD....but I've said a dirty word as well
Am I to understand the DNS is managed elsewhere? Where and how?
Don't kid yourself and run DNS locally on said server unless you have some sort of an appreciation for pain.
To say Apple's DNS management "sucks beyond all belief" is being far too kind. Might I suggest Men & Mice suite?
|Feb 22, 2008, 11:15 PM||#3|
That's the hard part. We have this 3rd party guy that takes care of that stuff and he keeps his keys close to him. My boss is like Linus and he is their security blanket. Ever since I started as an intern I told them that they were too old for a security blanket but they don't listen.
I know he has a Fedora box with 2 NICs so I assume he's running Bind on that server which is on site plugging into the same switch as the Xserve. All Macs are configured to go to that box in their DNS settings under System Preferences. The weird thing is that everything seems ok under the local account; however, once you get to OD you go slowwwww with very little stress on the server to speak of.
I've tried to rule everything else out as much as possible; however, the part that baffles me is that these OD accounts slow down all network traffic (not just OD). This includes using Apple Remote Desktop to search the network for Macs (although if these Macs were slow due to messed up DNS that could explain it).
|Thread Tools||Search this Thread|
|thread||Thread Starter||Forum||Replies||Last Post|
|LDAP config changing||jnojr||OS X||0||Mar 12, 2014 12:25 PM|
|Apple Address Book LDAP port question||Jalopy||Mac OS X Server, Xserve, and Networking||0||Nov 19, 2013 04:57 PM|
|Xserve VPN L2TP cannot see LDAP||SouthFresh||Mac OS X Server, Xserve, and Networking||0||May 18, 2013 04:32 PM|
|LDAP Issues||DJLC||Mac OS X Server, Xserve, and Networking||5||Apr 18, 2013 01:44 PM|
|the DNS hostname is not available, please repair dns and re-run this tool.||aicul||Mac OS X Server, Xserve, and Networking||2||Jan 6, 2013 02:21 AM|
All times are GMT -5. The time now is 05:06 AM.