Hi Franklin, On Mo 31 Mär 2014 02:48:16 CEST, Franklin Weng wrote:
Hi Mike, 2014-03-31 4:25 GMT+08:00 Mike Gabriel <mike.gabriel@das-netzwerkteam.de>:Hi Frenklin, On So 30 Mär 2014 16:46:45 CEST, Franklin Weng wrote:Was that login on another client on the Debian Edu network that failed or user/admin login on TJENER?On tjener.Hmmm... ok. Then KDC would normally not notice that (because the times on client and server (same machine) are identical). Maybe there indeed is some timestamp issue in recent OpenLDAP versions that I have not stumbled upon, yet.Under this condition I could even not see correct uid/gid in /skole/tjener/home0. For example, my own home directory should be at /skole/tjener/home0/franklin with uid/gid set to franklin/franklin. But under that condition (LDAP with future timestamp) in /skole/tjener/home0/ I saw the uid/gid of franklin is 1000/1000. If timestamp okay but unable to login after subnet_change, I could see uid/gid as franklin/franklin for /skole/tjener/home0/franklin. Another symptom was that, if LDAP was unusable, the login prompt of kdm will be delayed for several (up to 10) seconds.
Hmmm... ok. I have to set up some wheezy test machines to play with that...
3. The performance was not as good as our last test. We wondered if it was because of the quality of the LAN. One of the client could boot and logged into the system, but when operating (for example, browsing web pages or using some software) it disconnected with the main server, hence had problems writing configs back to home folder.Urgh... that is strange. Maybe DNS problems, as well. I noticed earlier, that Debian Edu systems behave weirdly, if upstream (internet) DNS is unavailable. Not sure why.DNS worked that time I think.Ok...Yesterday we went there again and was sure that LAN is gigabit and worked well. It means that we still didn't find out why. Another problematic scenario was that, the teacher asked (about nearly 30) students to download a video clip from youtube. Then 10 of them experienced network problem. They could no longer connect to anywhere until they rebooted.A classroom full of youtube watchers is not a good idea, at all. But the system should slow down, rather then break. Have you tried setting the NFSv4 options setup from sync to async? In another post from Wolfgang Schweer I read today that there is such an issue in the Debian Edu wheezy system.I'll try it.
Thanks to Wolfgang for pointing out the default sshfs setup of diskless workstations. You should really switch to NFSv4.
4. When clicking the menu icon, it would sometimes show the menu very slowly, maybe after 5 or more seconds. Also when I pointed the mouse to a category, it would sometimes show the second layer menu very slowly. Was it because the home folder was remotely mounted? Is there any way to improve this?This happens, because on first menu clicks the .desktop files are read from disk/NFS. Next time, menus are obtained from the diskless client's RAM cache. You could try to read-ahead the .desktop files somehow.Could you please tell me more about "read-ahead"? I added a script reading all the .desktop and .directory files after logging into KDE. I put it in /etc/X11/Xsession.d/98read-ahead, using a nested for loop to read all desktop files under /usr/share/applications. (cat /usr/share/applications/kde4/dolphin.desktop > /dev/null 2>&1) However this morning the teacher told me that the speed showing the menu items was still the same.
I have never used read-ahead myself and I am not at all sure how menu rendering works. Did you get a change to look at Petter's kde icon cache package?
Thanks for the information. BTW, I tried to improve NFS performance in a gigabit environment but didn't know where to put NFS parameters. Could you please tell me how to improve NFS performance ?On the server (TJENER) it is /etc/exports (of course). For the clients, you have to dive into the LDAP DIT (use ldapvi for it and set env var VISUAL=<editor-of-my-choice>). The command line for me is VISUAL=mcedit ldapvi --discover -D cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no The original bootstrapping of those LDAP objects responsible for AutoFS mounts is derived from these files [1]. Search for the corresponding entries in your LDAP data. Mike [1] http://anonscm.debian.org/viewvc/debian-edu/branches/wheezy/debian-edu-config/ldap-bootstrap/autofs.ldif?view=markup PS: your mail client seems to break mail quoting when viewing the mail in plain text. Not sure if you post your mails as HTML or plaintext, but you may consider sending plain text mails (if you don't do that already).Sorry. I used gmail all the time (including on my phone) but didn't change the default option (HTML). I changed to plain text mode this time.
Mail indentation is fine now! Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
Attachment:
pgp6tpk8HKLgb.pgp
Description: Digitale PGP-Signatur