Re: How does it handle 10k users and 3k desktops.

[Ignacio Coupeau <icoupeau@unav.es>]

Gustavo Rios wrote:
> Dear folks,
>
> i am planing using openldap to server account for my users (unix,
> email, etc). It will be authenticating by means of kerberos V (SASL) I
> wonder about performance concerns.
>
> My initial ideia was to use BDB, but on openbsd mailing (my OS is
> OBSD) i heard someone telling me he/she did not trust BDB and
> preferred some variant of gdbm/ndbm.

a couple of years ago, perhaps..., BDB 4.2.52p2 runs very fine with 
several hundred of thousand accounts and thousand machines (samba and mail).

And, of course, the BDB runs very fine only if it is well tunned (for 
example):
set_cachesize
set_lg_regionmax
set_lg_bsize
set_lg_dir

you can found some useful examples in the Quanah Gibson's pages at 
Stanford and a long article about index size calculations (and several 
others) in the faq-o-matic

> So my question is how reliable you judge openldap + bdb?\
> I know this may seem a little hard to answer, but i am planning a Dell
> PowerEdge 750 with SCSI RAID 1, 512 MB RAM and obsd 3.7. It will be
> used for handling about 10K users and 3k desktops for qmail, linux and
> samba.
>
> It my configuration realistic?

Strongly recommend you 2 servers (a master and a slave, also for HA), 
with a bit more of RAM (1-2GB perhaps). You need a lot of indexes and a 
lot of memory makes the ldap flight.

The transaction logs may be in a different disk for I/O performance.

Ignacio

--
____________________________________________________
Ignacio Coupeau, Ph.D.     icoupeau@unav.es
CTI, Director              icoupeau@alumni.unav.es
University of Navarra      icoupeau@ieee.org
Pamplona, SPAIN            http://www.unav.es/cti/