[Date Prev][Date Next] [Chronological] [Thread] [Top]

schema design question

To: openldap-software@OpenLDAP.org
Subject: schema design question
From: scooby@mysunrise.ch
Date: Wed, 22 Sep 2004 16:56:43 +0200 (MEST)

Hi,

We are running a large directory for an ISP providing services like radius, ftp,
mail, etc. Instead of putting all in one single backend we split off
different services to reduce the size of each ldap backend. The drawback of
this setup is, that we have at one hand to live with data redundancies such as
userpassword and cn, and at the other hand with a large count of replication
processes. Furthermore the provisioning logic gains in complexity since we
have to write into different subtrees for each request. All our backends are
about 18 GB, whereof the largest backend contains about 3.1 GB of data. So
far the facts :-)

We thought of redesigning the whole directory structure,
where we put all data for each customer into one leave, splitting them by
using appropriate object classes for the provisioning logic as well as for the
replication using syncrepl. At the moment we' re using BDB backends. Is there
a size limitation of BDB files? How would the setup described above perform?


here an example of our current setup:

<snip>

dn: uid=12341234,ou=MainAccount,o=example,c=org
objectClass: top
objectClass: MainAccount
uid: 12341234
sn: Doe
givenName: John
language: klingon
cn: john.doe@foo.bar
userPassword: mysecret

dn: uid=123441234,ou=Users,ou=Mail,ou=Service,o=example,c=org
objectClass: top
objectClass: Mail
uid: 12341234
cn: john.doe@foo.bar
MailServerID: mail.example.org
MailboxPath: /filer/john.doe
Hardquota: 20480
Softquota: 18400
MailCopyOptions: 1

dn: uid=12341234,ou=Users,ou=Radius,ou=Service,o=example,c=org
objectClass: top
objectClass: Radius
uid: 12341234
cn: john.doe@foo.bar
userPassword: mysecret
FramedIPAddress: 192.168.0.4

</snip>


here is what we are heading for:

<snip>

dn: uid=12341234,ou=MainAccount,o=example,c=org
objectClass: top
objectClass: MainAccount
objectClass: Mail
objectClass: Radius
uid: 12341234
sn: Doe
givenName: John
language: klingon
cn: john.doe@foo.bar
userPassword: mysecret
MailServerID: mail.example.org
MailboxPath: /filer/john.doe
Hardquota: 20480
Softquota: 18400 
MailCopyOptions: 1
FramedIPAddress: 192.168.0.4

</snip>


Of course we have much more data than shown in this example. Is there anybody
who has experience on this? Thanx in advance for any input!

Cheers,
Schumi

Prev by Date: Re: LDAP forum (was: fascism)
Next by Date: Re: OpenLDAP+encoding+perl
Index(es):
- Chronological
- Thread