[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Weird problem -- seeking insight



> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Frank Swasey

> On Fri, 16 Jan 2004 at 2:13pm, Frank Swasey wrote:

> So, the questions...
> - Am I correct about the complete deletion and recreation of the index
> entries for that entry?

Unfortunately, yes.

> - I think it's fairly obvious that a single group with 40000 members is
> nasty to deal with -- anyone have a suggestion of how to efficiently
> add/delete members in this group?

There's no good workarounds here. To avoid the index bottleneck, you can turn
off indexing of the memberUid attribute. If you have a large number of groups
though, then your searches for (&(objectclass=posixGroup)(memberUid=foo))
will suffer unless you have other means to narrow the candidates down.

> - Anyone know whether nss_ldap will get upset if I just leave that group
> in there but never touch it's members (similar to having an /etc/group
> file that doesn't list everyone in the group)?

Probably a question for the nss_ldap mailing list. But if you're going to
leave its member list empty, then you might as well delete the group
entirely.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support