Alessandro Lasmar Mourão wrote:
Hello, I wonder if there is any limitation on the number of users linked to a group groupOfUniqueNames type? We will provide an application on the Internet for more than 10 million users, and all these users belong (uniqueMember) to a single group. Our support reported that it is recommended that the user group should not have more than 16,000 members, this information accurate?
As I recall, older versions of M$ Active Directory had a size limit of 16384 members. Maybe other directory servers did as well. No such limit exists in OpenLDAP. Note that use of uniqueMember is discouraged in LDAP, you should just use member.
In slapd you should configure sortvals on the member attribute to have reasonable comparison speeds on lookups and modifications for such a large attribute.
Generally it's a bad idea to use static groups of this size, you're better off using a dynamic group instead.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/