hi,

I'm a new netbsd user (very new) with some experience in GNU/Linux
world. I have a NetBSD server running samba as Backup Domain Controller
and an OpenLDAP server as slave.

I installed nss-ldap from pkgsrc and configure the nsswitch.conf as
follow:

group:          files ldap
passwd:         files ldap
hosts:          files dns
netgroup:       files [notfound=return] nis
networks:       files
shells:         files

I also attach the /usr/pkg/etc/nss_ldap.conf file:

base dc=x,dc=y,dc=z
debug = 255
logdir = /var/log/nss_ldap
uri ldapi://%2fvar%2fopenldap%2frun%2fldapi ldaps://zzz.x.y.z
ldap_version 3
binddn cn=unix,ou=admins,dc=x,dc=y,dc=z
bindpw ********
rootbinddn cn=admin,ou=admins,dc=x,dc=y,dc=z
timelimit 10
bind_timelimit 5
bind_policy soft
pam_password crypt
nss_base_passwd         ou=users,dc=x,dc=y,dc=z?one
nss_base_passwd         ou=machines,dc=x,dc=y,dc=z?one
nss_base_group          ou=groups,dc=x,dc=y,dc=z?one
ssl on
tls_cacertfile /usr/pkg/etc/ssl-certificates/cacert.crt

The problem I have is that when i want to execute a command as "ls -l",
"id user", ... the system needs 17 seconds to respond if the user is a
openldap user. If the user is defined in files the response is
inmediate. However, searches with ldapsearch command are done well an
quickly:

ldapsearch -H ldapi:///var/openldap/run/ldapi -D
"cn=unix,ou=admins,dc=x,dc=y,dc=z" -W -b
"ou=machines,dc=x,dc=y,dc=z" '(objectclass=*)'

The configuration used is similar to the configuration on a FreeBSD
server and in this case works great. So i'm lost and i don't know where
to find more.

Thanks,

-- 
Christian Pinedo Zamalloa