On 24/03/2011, at 10:22, sim123 wrote:
Hi All,
I am designing LDAP schema and the structure looks like :
--ROOT ---- ou = people ------- cn = john smith ---- ou = groups ------ ou = group1 -------- member:john smith ------ ou = group2 -------- member: john smith
I would like to find out what all groups john smith belongs to (I have full dn) and all the members of a group. I am wondering about the performance of such search, since one person can be part of multiple groups and there can be thousands of groups in the server. If its a relational database I can create a relationship table and put indexes in place. How can I get best performance with OpenLDAP? Or is there any other way I should design this?
Use the memberOf overlay. ( 12.8. Reverse Group Membership Maintenance )
http://www.openldap.org/doc/admin24/overlays.html
Thanks for the help.
William Brown
pgp.mit.edu