[Samba] LDB object number limitations

[Ervin Hegedüs]

Hi Andrew,

thanks for the reply,

On Wed, Oct 25, 2017 at 11:56:22PM +1300, Andrew Bartlett wrote:
> On Wed, 2017-10-25 at 09:58 +0200, Ervin Hegedüs via samba wrote:
> > 
> > here is a Samba4 AD with LDB.
> > 
> > Is there any limit for number of possible objects? I mean users, computers,
> > and other kind of nodes.
> > 
[...]

> > May be an ugly question, but is that means the Samba4 supports "only" about
> > 300k objects per db?
> 
> There has been and will continue to be work to make Samba scale much
> further, both though incremental efforts (such as the recently
> completed GUID index work), bug fixes (the locking fixes in 4.7 also
> fixed a major bottleneck) and more radical steps.
> 
> As an example, with the git master current code I recently showed
> adding 100,000 user objects to Samba, and adding those to either 1, 2,
> 3 or 4 groups in 2 hours.  The bulk of that time was in the group
> handling, interestingly the user insertion is no longer the dominant
> factor.
> 
> Can you please give me some more details about what you propose to use
> Samba for, so I can understand your concerns further?

We have to build a Samba AD, with several DC's.

The designed customer number is about 500 000, or more (user).

The main function of the AD is only the authentication, so there
is a captive portal and some firewall system, user connects to
the network (after auth, with 802.1x), and based on its group
memberships it can use the internet connection.

The spped of each methods (add new user, modify its data, eg.
password, group membership) is no matter. Only the read
capability is important.

But I don't know after the two articles (descibed in my first
e-mail) that should we store in all users in one domain, or we
have to plan that split them to more domains.

And if it needs (to split them), how many objects is the maximum
in an LDB?


Thanks again,


a.