Openldap2.4 performance boosting

According to my experience, the single directive you should add to db section to improve performance is:

olcDbCacheSize

OpenLDAP tuning guide covers that in section: 21.4.2.

To enable a 200000 entries cachesize use this ldif:

	dn: olcDatabase={1}hdb,cn=config
	changetype: modify
	add: olcDbCacheSize
	olcDbCacheSize: 200000

view raw add_cache_size.ldif hosted with ❤ by GitHub

The enumeration of the whole directory (150000 entries) took 15 seconds without cachesize and less than 6 seconds with it.

Instant logger replacement to logback in activemq.5.6.0

In activemq-5.6.0 changing logger to logback is just a matter of seconds:

• Copy the following jar in ${activemq.base}/lib:

  logback-access-1.0.0.jar
  logback-classic-1.0.0.jar
  

• Create a logback.xml file in ${activemq.base}/conf, for example:

  	<?xml version="1.0" encoding="UTF-8"?>
  	<!-- For assistance related to logback-translator or configuration -->
  	<!-- files in general, please contact the logback user mailing list -->
  	<!-- at http://www.qos.ch/mailman/listinfo/logback-user -->
  	<!-- -->
  	<!-- For professional support please see -->
  	<!-- http://www.qos.ch/shop/products/professionalSupport -->
  	<!-- -->
  	<configuration scan="true" debug="true">
  	<appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
  	<encoder>
  	<pattern>[%t] [%4p] [%d{ISO8601}] %c{1}: %m%n</pattern>
  	</encoder>
  	</appender>
  	<appender name="R" class="ch.qos.logback.core.rolling.RollingFileAppender">
  	<File>${activemq.base}/logs/activemq.log</File>
  	<encoder>
  	<pattern>[%t] [%4p] [%d{ISO8601}] %c{1}: %m%n</pattern>
  	</encoder>
  	<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
  	<fileNamePattern>${activemq.base}/logs/activemq.log.%d{yyyy-MM-dd-HH}</fileNamePattern>
  	</rollingPolicy>
  	</appender>
  	<logger name="org.apache.activemq.spring" additivity="false">
  	<level value="WARN"/>
  	<appender-ref ref="R" />
  	<appender-ref ref="stdout" />
  	</logger>
  	<logger name="org.apache.activemq.web.handler" additivity="false">
  	<level value="WARN"/>
  	<appender-ref ref="R" />
  	<appender-ref ref="stdout" />
  	</logger>
  	<logger name="org.apache.activemq.xbean" additivity="false">
  	<level value="WARN"/>
  	<appender-ref ref="R" />
  	<appender-ref ref="stdout" />
  	</logger>
  	<logger name="org.apache.camel" additivity="false">
  	<level value="INFO"/>
  	<appender-ref ref="R" />
  	<appender-ref ref="stdout" />
  	</logger>
  	<logger name="org.apache.activemq" additivity="false">
  	<level value="INFO"/>
  	<appender-ref ref="R" />
  	<appender-ref ref="stdout" />
  	</logger>
  	<logger name="json_processor" additivity="false">
  	<level value="DEBUG"/>
  	<appender-ref ref="R" />
  	<appender-ref ref="stdout" />
  	</logger>
  	<logger name="ldap_result_processor" additivity="false">
  	<level value="DEBUG"/>
  	<appender-ref ref="R" />
  	<appender-ref ref="stdout" />
  	</logger>
  	<root level="INFO">
  	<appender-ref ref="stdout"/>
  	<appender-ref ref="R"/>
  	</root>
  	</configuration>

  view raw logback.xml hosted with ❤ by GitHub

That's all.

What about the activemq logback logging to a jms system which is activemq?

Ppolicy overlay password checking module

How about having openldap-2.4 checking whether the changed password is digit-only or alpha-only and than rejecting it?

It could be done with the non-standard password checking module openldap extension, which requires to create a C file with your rules, compile as a shared object and put in a well-known location.

I wrote a step-by-step recipe with a template C file at:

https://github.com/francescm/ppolicy-check-password