[Date Prev][Date Next] [Chronological] [Thread] [Top]

scalability question

Title: Message
Thanks to a few people in this list, I seem to be up and running now (still dealing with kinks, but I think those are more my newbieness to LDAP than anything else). One of the questions I have as I prototype the use of OpenLDAP is scalability. I know that there are big scalability claims, but my load is somewhat atypical.
I need to scale for managing a group of perhaps 100 permissions relative to as many as say 200,000 objects for something in the vicinity of 2-3 million users.
Imagine your dealing with a groups of companies. These companies have divisions, which may have regions, which have specific locations, and so on, and so on. A user can belong to mulitple groups that are created within each level of the hierarchy - including mulitple levels of the hierarchy. For each layer of the hierarchy, there are perhaps 100 different permissions that an individual may or may not have rights to. The rights may be assigned to that individual directly, or the individual may have inherited the rights by virtue of belonging to a group that has been given that permission. The user may have rights across multiple companies (not just across multiple divisions, regions, etc.). A query to see whether the user has permissions should return at sub-second performance levels.
Things are "so far so good" on my testing, but I haven't gotten to any real scalability questions yet. Any input from people with experience in large scale implementations is much appreciated.