[Dovecot] LDAP auth load? (looking for advice)
Udo Rader
udo.rader at bestsolution.at
Mon Feb 19 17:38:25 UTC 2007
On Mon, 2007-02-19 at 11:31 -0600, Ben Beuchler wrote:
> On 2/17/07, Troy Engel <tengel at fluid.com> wrote:
> > One of the changes my beta testers are testing is switching from NIS to
> > LDAP for login/auth/homedir lookups; all is working perfectly, Dovecot +
> > PAM/nss_ldap is A-OK. No issues here, we've been using LDAP lookups on
> > other servers for years.
> >
> > I'm wondering about load, specifically if when I switch the entire
> > company over, will the new authentication load stress my LDAP server to
> > the point of breaking.
>
> I run ~1100 mailboxes using Dovecot/Postfix with LDAP for all lookups.
> The LDAP server(s) don't even begin to sweat. LDAP is highly
> optimized for many, many reads/second and is used as the directory
> service for sites much larger than ours.
I can only support this, we are running dovecot with approx. 3K of
mailboxes and our OpenLDAP does not even notice what is happening :-)
You can & should however optimize the LDAP server in terms of indices
and such. For OpenLDAP and the qmail schema that would be for example:
--------CUT-------
index objectClass eq
index mailAlternateAddress pres,eq
index mail pres,eq
--------CUT-------
--
Udo Rader
bestsolution.at EDV Systemhaus GmbH
http://www.bestsolution.at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20070219/91578ddf/attachment.pgp
More information about the dovecot
mailing list