tor, 2003-01-23 kl. 07:46 skrev Christian Balzer:
> I'm trying to get a rough, rule of thumb, ballpark figure of where
> the break even point of doing lsearch local file lookups versus ones
> to a remote LDAP database might be.
My two Eurocents' worth, since I'm an avowed LDAP user anyway. The main
reason is, that an LDAP directory is a magic box into which you can
stuff anything about anyone/-thing in an organization once and for all
and administer it centrally. You can not only incorporate al you'd
normally find in a NIS+ database, but much more.
1: I use Exim 4 tcp-based ldaps search/retrieve for users, passwords,
groups, forwarding, aliases etc. I've noticed (is in the spec too) that
the first search of a session is s l o w , second and subsequent are
lightning fast. Not only Exim but also (Openldap 2.1.10) LDAP cache the
results. Moreover, LDAP search attributes can be indexed for faster
access.
2: Remote LDAP directories, or relevant parts of the tree, can be
replicated locally on your mail server for faster access.
3: If you implement point 2, you can use ldapi with Exim 4 with Unix
socket LDAP connections (Openldap), thus avoiding use of tcp altogether.
4: If you don't want to use LDAP or SQL, you can still use dbm databases
with Exim, which are indexed and a lot faster than linear lsearch
searches.
My main argument for LDAP is ease of central administration, with GUI
administration, if you want it.
Best,
Tony
--
Tony Earnshaw
When all's said and done ...
there's nothing left to say or do.
e-post: tonni@???
www: http://www.billy.demon.nl
