[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP in large environment

--On Thursday, December 09, 2004 10:33 AM +0930 David.Brown@csm.com.au wrote:

We have an OpenLDAP database that consists of approx 35,000 CNs (users,
posixGroups, groupOfNames) and we anticipate that when fully populated the
database will have about 200,000 CNs.

It is running on OpenLDAP 2.2.13 (with back-bdb) and Fedora Core 3 (after
having corruption problems with OpenLDAP 2.0 back-ldbm on RedHat
Enterprise 3). The servers it is running on are Dual P4 Xeon 3.06Ghz with
1Gig RAM and 2x36Gb HDD RAID1, although the SCSI RAID controller
performance is known to be ordinary.

Just wondering if anyone out there has any tips on how to get a database
of this size performing reliably and quickly. (ie slapd.conf options,
DB_CONFIG settings, ext2 mount options etc). I have searched around on
google, the berkeley db site, the OpenLDAP archives and website and found
some information but i'm interested in other users opinions and

There are some performance and stability issues at the moment but i'm
hopeful they are related to not having the various components tuned to
work with a database of this size.

Any help or info muchly appreciated.


Stanford has had an OpenLDAP deployment running since April 2003 with approximately 350,000 CN's. It contains user account data (posix, etc) and user personal data (addresses, phone numbers, etc) as well as a variety of other information. I do suggest upgrading to a later version of OpenLDAP (My preference is 2.2.19 given the patches it included).

On the hardware side, I would generally suggest more RAM (We run our BDB Cache at 2 GB), but that in part depends on your indexing.

You may also wish to read through my Stanford OpenLDAP website:



-- Quanah Gibson-Mount Principal Software Developer ITSS/Shared Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html