[Dovecot] LDAP auth load? (looking for advice)

Udo Rader udo.rader at bestsolution.at
Mon Feb 19 17:38:25 UTC 2007


On Mon, 2007-02-19 at 11:31 -0600, Ben Beuchler wrote:
> On 2/17/07, Troy Engel <tengel at fluid.com> wrote:
> > One of the changes my beta testers are testing is switching from NIS to
> > LDAP for login/auth/homedir lookups; all is working perfectly, Dovecot +
> > PAM/nss_ldap is A-OK. No issues here, we've been using LDAP lookups on
> > other servers for years.
> >
> > I'm wondering about load, specifically if when I switch the entire
> > company over, will the new authentication load stress my LDAP server to
> > the point of breaking.
> 
> I run ~1100 mailboxes using Dovecot/Postfix with LDAP for all lookups.
>  The LDAP server(s) don't even begin to sweat.  LDAP is highly
> optimized for many, many reads/second and is used as the directory
> service for sites much larger than ours.

I can only support this, we are running dovecot with approx. 3K of
mailboxes and our OpenLDAP does not even notice what is happening :-)

You can & should however optimize the LDAP server in terms of indices
and such. For OpenLDAP and the qmail schema that would be for example:

--------CUT-------
index   objectClass             eq
index   mailAlternateAddress    pres,eq
index   mail                    pres,eq
--------CUT-------

-- 
Udo Rader

bestsolution.at EDV Systemhaus GmbH
http://www.bestsolution.at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20070219/91578ddf/attachment.pgp 


More information about the dovecot mailing list