On Mon, 2007-02-19 at 11:31 -0600, Ben Beuchler wrote:
On 2/17/07, Troy Engel tengel@fluid.com wrote:
One of the changes my beta testers are testing is switching from NIS to LDAP for login/auth/homedir lookups; all is working perfectly, Dovecot + PAM/nss_ldap is A-OK. No issues here, we've been using LDAP lookups on other servers for years.
I'm wondering about load, specifically if when I switch the entire company over, will the new authentication load stress my LDAP server to the point of breaking.
I run ~1100 mailboxes using Dovecot/Postfix with LDAP for all lookups. The LDAP server(s) don't even begin to sweat. LDAP is highly optimized for many, many reads/second and is used as the directory service for sites much larger than ours.
I can only support this, we are running dovecot with approx. 3K of mailboxes and our OpenLDAP does not even notice what is happening :-)
You can & should however optimize the LDAP server in terms of indices and such. For OpenLDAP and the qmail schema that would be for example:
--------CUT------- index objectClass eq index mailAlternateAddress pres,eq index mail pres,eq --------CUT-------
-- Udo Rader
bestsolution.at EDV Systemhaus GmbH http://www.bestsolution.at