Jason Whitener wrote:
We have some groups that contain over 250,000 members. Are there any general tips for improving performance when applications/code attempts to lookup memberOf values in the ldap? For example, I have something like ou=SomeGroup,ou=Groups,o=ourOrg. ou=SomeGroup has over 250,000 memberOf: values. Attempting to modify, search, insert, etc.. into that memberOf multivalue field takes over 20 seconds per user.
That sounds a bit odd. Groups should have member attributes, not memberOf. You should consider using the sortvals config directive in slapd. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/