Hi guys,
We're helping a customer design a large new directory, to use with an
Extranet environment. We see this thing scaling up to about 2 million
active users, and up to about 10 million archival users (who no longer log
in, but for various business reasons need to be kept around).
The active users are likely to log in every few days, and will be
distributed around the globe.
Logins will be LDAP binds from web apps -- no file/print/etc. in scope.
Has anyone built an AD environment to this scale?
We're thinking separate directories BTW - a "live" one for the 2M users,
and an "archive" one for the 10M historical records.
Would you recommend ADAM? With how many DCs if so? (the web apps would
likely be hosted at a single site).
Perhaps full-fledged AD? How many DCs?
Thanks!
--
Idan Shoham
Chief Technology Officer
M-Tech Information Technology, Inc.
[EMAIL PROTECTED]
http://mtechIT.com
****************************************************************************
Visit M-Tech at the Gartner Identity and Access Management Summit:
http://www.gartner.com/2_events/conferences/iam1_section.jsp
November 29 -- December 1; Las Vegas; Booth D.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
Visit M-Tech at the FinSec trade show:
http://www.misti.com/default.asp?Page=65&Return=70&ProductID=5305
December 4 -- 5; New York
****************************************************************************
The information in this email is confidential and may be legally
privileged. It is intended solely for the addressee. Access to this
email by anyone else is unauthorized. If you are not the intended
recipient, any disclosure, copying, distribution or any action taken or
omitted to be taken in reliance on it, is prohibited and may be unlawful.
****************************************************************************
On Thu, 23 Nov 2006, Lee Flight wrote:
Hi
I think the problem is with
>But the user installing the ADAM instance is already member
> of administrators.
The ADAM answer file reader does not seem to check that; if it
sees the Administrator parameter in the answer file it assumes that
the user running the install is not an ADAM administrator and as
this is a unique instance installing the LDIFs will not be possible
due to lack of permissions to modify the local schema.
It might be possible to circumvent this using an explicit SourceUsername
and SourcePassword in the answer file, but I think your workaround is more
secure.
Lee Flight
On Thu, 23 Nov 2006 [EMAIL PROTECTED] wrote:
Hi
I am trying to install ADAM unattended to be used for publishing Oracle
DB's.
I would like to grant administrators from the local computer as ADAM
administrator and I would like
to import some of the accompanying LDF files.
; Specifies the Administrators within the AD\AM instance.
Administrator=MYCOMPUTER\Administrators
; The following line specifies the .ldf files to import into the ADAM
schema.
ImportLDIFFiles="MS-InetOrgPerson.ldf" "MS-User.ldf"
However the installs fails when I specify both options. The error message
is that the user have to
be administrator to import .ldf files. But the user installing the ADAM
instance is already member
of administrators.
My current workaround is to comment out the ImportLDIFFiles statement and
import them after the
instance has been created.
Just wondered if this was a known problem.
/kkh
List info : http://www.activedir.org/List.aspx List FAQ :
http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/[email protected]/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/[email protected]/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/[email protected]/
