[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: how to speed up filtering of dn's

To: Hanspeter Kunz <hkunz@ifi.uzh.ch>
Subject: Re: how to speed up filtering of dn's
From: Hallvard Breien Furuseth <h.b.furuseth@usit.uio.no>
Date: Thu, 6 Dec 2012 15:52:57 +0100
Cc: openldap-technical@openldap.org
In-reply-to: <1354803030.5718.19.camel@localhost>
References: <1354803030.5718.19.camel@localhost>

Hanspeter Kunz writes:
> I want to find all entries in my ldap directory that contain certain
> ou's, e.g.
> 
> ldapsearch -x "(ou:dn:=Administration)"
> 
> which returns (in my case) all entries that correspond to administrative
> staff. The query works but it is slow and puts a high load on the ldap
> server. 
> 
> I wonder if I can create an index which would speed things up, but I
> could not figure out what I should index.

You can't.  You can index 'ou', search for each admin OU, and then issue
one search request based on each returned DN.  The OU filter would be
something like (&(ou=Administration)(ou:dn:=Administration)) or maybe
(&(ou=Administration)(objectClass=organizationalUnit)(ou:dn:=Administration)).

Remember to drop OU DNs below other returned OU DNs to avoid duplicates,
i.e. ou=Administration,ou=foo,ou=Administration,ou=bar,dc=example,dc=com.

-- 
Hallvard

Follow-Ups:
- Re: how to speed up filtering of dn's
  - From: Hanspeter Kunz <hkunz@ifi.uzh.ch>

References:
- how to speed up filtering of dn's
  - From: Hanspeter Kunz <hkunz@ifi.uzh.ch>

Prev by Date: how to speed up filtering of dn's
Next by Date: Re: how to speed up filtering of dn's
Index(es):
- Chronological
- Thread