This almost drove me crazy today. Did everything correctly (i thought), but always got the above error.
Problem was: if you say
smtpd_sasl_security_options = noanonymous, noplaintext
in main.cf, and
mech_list: PLAIN LOGIN
in smtpd.conf, then of course there's no mechanism that matches if you don't use SSL.
Bah!
Sonntag, 2. September 2012
Donnerstag, 12. Januar 2012
Thunderbird LDAP search is VERY slow on a large LDAP installation (MS AD in this case)
Problem: after configuring an LDAP directory in the thunderbird address book, searching for entriers takes forever but doesn't find anything.
Started wireshark, found out that a query is sent to the server alright. After 60 seconds, the server came back with a timeout failure (which the TB UI doesn't show, but the packet can be seen in wireshark).
Looking at the LDAP query string shows why: it's a logical "or" of email, name, first name, last name, all of them using a "contains" operator: (|(email=*XXX*)(sn=*XXX*)) etc. This means the LDAP server can't use indexes, so it has to do four full table scans which take forever.
The LDAP query string can be set in a hidden configuration option called "mail.addr_book.quicksearchquery.format", which is documented in https://developer.mozilla.org/en/Thunderbird/Hidden_prefs - it says the default string is pref("mail.addr_book.quicksearchquery.format","?(or(PrimaryEmail,c,@V)(DisplayName,c,@V)(FirstName,c,@V)(LastName,c,@V))");
with the c meaning "contains". However, it doesn't list any other possibilities to use instead of "c", it just refers to the source code.
That can be viewed at
http://dxr.mozilla.org/comm-central/comm-central/mailnews/addrbook/src/nsAbQueryStringToExpression.cpp.html#l278
where "bw" stands for "begins with".
So, i changed the preference to "?(or(PrimaryEmail,bw,@V)(DisplayName,bw,@V)(FirstName,bw,@V)(LastName,bw,@V))");
and look what happens - querys are fast again. Of course, you won't find anything containing your query anymore, just strings that begin with your query - but that's what you want in most cases anyway, and a working "starts with" is better than a non-functional "includes" in any case.
Started wireshark, found out that a query is sent to the server alright. After 60 seconds, the server came back with a timeout failure (which the TB UI doesn't show, but the packet can be seen in wireshark).
Looking at the LDAP query string shows why: it's a logical "or" of email, name, first name, last name, all of them using a "contains" operator: (|(email=*XXX*)(sn=*XXX*)) etc. This means the LDAP server can't use indexes, so it has to do four full table scans which take forever.
The LDAP query string can be set in a hidden configuration option called "mail.addr_book.quicksearchquery.format", which is documented in https://developer.mozilla.org/en/Thunderbird/Hidden_prefs - it says the default string is pref("mail.addr_book.quicksearchquery.format","?(or(PrimaryEmail,c,@V)(DisplayName,c,@V)(FirstName,c,@V)(LastName,c,@V))");
with the c meaning "contains". However, it doesn't list any other possibilities to use instead of "c", it just refers to the source code.
That can be viewed at
http://dxr.mozilla.org/comm-central/comm-central/mailnews/addrbook/src/nsAbQueryStringToExpression.cpp.html#l278
where "bw" stands for "begins with".
So, i changed the preference to "?(or(PrimaryEmail,bw,@V)(DisplayName,bw,@V)(FirstName,bw,@V)(LastName,bw,@V))");
and look what happens - querys are fast again. Of course, you won't find anything containing your query anymore, just strings that begin with your query - but that's what you want in most cases anyway, and a working "starts with" is better than a non-functional "includes" in any case.
Abonnieren
Posts (Atom)