[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Slow adding attributes to a entry with many attributes

> >> Well, that is how group memberships are supposed to be defined.
> >> Although, I suggest using "member" and not "memberUID"...
> >
> > But can I create a posixGroup/sambaGroupMapping/groupOfURLs object?
> > Will the nss_ldap recognize the members? (sorry for the off-topic
> > about nss_ldap)
> >
> > Anyone have an OpenLdap installation with big groups of users? Anyone
> > have the same problems or the problem is my
> > installation/configuration?
> I'm not sure what you mean by big groups of users.  I have 60,000 active
> accounts, and 340,000 total accounts.  I've worked on systems in excess of
> 150 million entries.

Wow, 150 million! It´s great!

Sorry the big mail, I put the code of some scripts.

I have created a small simulation. The first script is only to add a
posixGroup to my ldap. It´s named addtest.sh:


ldapadd -a -x -D cn=admin,dc=XXX -w mypass << EOF
dn: cn=grpTest, dc=XXX
objectClass: posixGroup
gidNumber: 44444444
cn: grpTest

# du -h /home/tmpldap

# ./addtest.sh

# du -h /home/tmpldap

Then a I created the adduser.sh:


for count in `seq 3000`; do
	echo Adding user $count
	/usr/bin/time -f "r:%e u:%U s:%S" ldapmodify -x -D cn=admin,dc=XXX -w
<< EOF
dn: grpTest, dc=XXX
add: memberUid
memberUid: user${count}


And run "time ./adduser.sh > output.txt 2>&1". It returns:

real 31m39.359s
user 0m5.662
sys 0m7.741s

In the output.txt file, some lines are showed bellow:

Adding user 1
modifying entry "cn=grpTest, dc=XXX"

r:0.04 u:0.00 s:0.00

(...many log lines...)

Adding user 500
modifying entry "cn=grpTest, dc=XXX"

r:0.22 u:0.00 s:0.00


Adding user 1000
modifying entry "cn=grpTest, dc=XXX"

r:0.50 u:0.00 s:0.00


Adding user 2000
modifying entry "cn=grpTest, dc=XXX"

r:0.75 u:0.00 s:0.00


Adding user 3000
modifying entry "cn=grpTest, dc=XXX"

r:1.30 u:0.00 s:0.00

Well, the adding time is not the problem (for me). I think that my
worst problem is the log size:

# du -h /home/tmpldap

Is there a way to avoid the generation of this big log (without the

If I change user name in memberUid to something like
"AVeryVeryBigUsername${count}", the time to add a new attribute
increase to 1.9 segs, and total time to 50 minutes and logs stay at
same size (about 5.2GB).

Quanah, do you have entries with thousand of attributes (like members
in a group)? How much logs it generates when adding users to those

If I create a ldif with all attributes and use slapadd, the operation
is very fast.

Thanks and sorry if I´m becoming inconvenient.

PS: Now I´m running openldap-2.3.12 and BDB 4.2.52-18