# using top with local and ldap users accounts



## patpro (Oct 7, 2011)

Hello,

I'm running few FreeBSD servers (7.3R and 8.2R). I've configured those servers so that remote (LDAP) users can log in. In particular, /etc/nsswitch.conf contains the line 
	
	



```
passwd: cache files ldap
```

Everything appears to work ok (ssh loginâ€¦) except the *top* command.

When a user tries to run *top*, nothing is displayed, top runs but is trying to read the whole LDAP database. We have 140 K users into our LDAP, fortunately the LDAP server kills the connexion before the end of the request.

Of course, *top -u* works great, but I want id->login conversion.

Why would top read all the LDAP database, when it just needs to resolve a handful of ids? Is this a known problem? (I can't find any top/ldap related PR).

For now, I'm binding my FreeBSD servers against an LDAP proxy that prevents extensive requests: the proxy replies 
	
	



```
The server is not configured to pass through control 1.2.840....
```
 and then top tries to resolve individual ids instead of reading the whole LDAP database. It's working great: top replies immediately, and displays every user names correctly (from LDAP and from /etc/passwd).

Is there any way to correct top's behavior without using a dedicated LDAP proxy?


----------



## aragon (Oct 7, 2011)

patpro said:
			
		

> Is there any way to correct top's behavior without using a dedicated LDAP proxy?


Probably.  Write a patch for it, or file a PR in the hope of someone else fixing it.  Either way, file a PR.


----------



## patpro (Oct 10, 2011)

I've no patch, and I know nothing about C, but I've filled a PR: PR kern/161456


----------

