I am looking into using OpenLDAP to manage users and groups for my system. A single group may contain up to 50,000 users. Does the LDAP group membership mechanism suffer any scalability problems at that size?
--------------------------------------------------------------- Jeff Sussna
Jeff Sussna wrote:
I am looking into using OpenLDAP to manage users and groups for my system. A single group may contain up to 50,000 users. Does the LDAP group membership mechanism suffer any scalability problems at that size?
Not if you configure sortvals - see slapd.conf(5) or slapd-config(5).
One of our partners has a group in their corporate directory whose members comprise every employee in the company, over 380,000 people. Personally I think this is a poor choice of design, but it works fine when properly configured.
Howard Chu wrote:
Jeff Sussna wrote:
I am looking into using OpenLDAP to manage users and groups for my system. A single group may contain up to 50,000 users. Does the LDAP group membership mechanism suffer any scalability problems at that size?
Not if you configure sortvals - see slapd.conf(5) or slapd-config(5).
One of our partners has a group in their corporate directory whose members comprise every employee in the company, over 380,000 people. Personally I think this is a poor choice of design, but it works fine when properly configured.
I did some testing a while back without sortvals and was able to put around 90k members in a group before I started running into issues with adding/modifying the group.
A simple tweak of the bdb lockers in DB_CONFIG allowed me to create a group with 450k members. The corresponding LDIF was around 20M.
openldap-technical@openldap.org
-
David Hawes -
Howard Chu -
Jeff Sussna