Ian Collins wrote:
On 07/23/10 03:28 AM, Isaac Hailperin wrote:
One disadvantage of 1 is your database will grow and your searches will
become slower.
LDAP isn't really the place for archival data, if you want to preserve
it export the LDIF for the user and archive that.
Exporting each "deleted" user to a seperate LDIF file will make the
server faster for regular searches, but it will be much slower if I
want to check if a new username has ever been used (something which I
want to avoid).
But if I understand correct, the search can be restricted to a certain
subtree. So if I would archive in a different subtree, the frequent,
regular searches will stay fast. And the not so frequent searches for
all usernames that have ever been issued will be a bit slower, because
it will also incorporate the archive subtree. But that archive subtree
should still be much faster to query then hundreds of files, because
they all live in a single file (or maybe just a few, depending on the
db backend I guess).
Any thoughts on this?
I still think you are using the wrong tool for the job. LDAP isn't a
general database tool, keep your archives and user management logic in a
separate application.
You could move leavers to another branch, but you would have to delete
the entries and create new ones to update their dn, so you may as well
move them somewhere else!
You don't have to delete and re-create - just Move.
Frankly in OpenLDAP either approach would work fine and there would be no
measurable performance difference assuming your cache and indexing are
configured properly.
LDAP *is* a database. Not "general" in that it is optimized for hierarchical
data instead of tabular data, but aside from that, there's no reason not to
use it as a long term store. (And relational databases are by no means general
either, since they are only optimal for tabular data, not hierarchical or
recursive data...)
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
