[Samba] howto optimize samba/kerberos for 20k requests per minute - help needed

Rowland Penny rpenny at samba.org
Mon Jul 19 14:48:48 UTC 2021

On Mon, 2021-07-19 at 16:00 +0200, Stefan Kania via samba wrote:
> OpenLDAP it's not dead.

Never said it was dead, I said it was on the way out. When the main
business distro stops supplying something it will ultimately stop being
used in production, but that's just my opinion.

>  With OpenLDAP they manged up to 980k requests
> per second (openLDAP 2.5) So I think Samba will never make this.

Never say never :-)

>  And
> comparing DS389 with OpenLDAP is like comparing a VW Beatle with a
> Porsche.

Why not, they were both designed by the same person (and it's 'Beetle',
not Beatle, they were a group from Liverpool)

>  The reason Redhat is not supporting OpenLDAP any more you will
> find here:
> https://www.redhat.com/en/blog/preparing-identity-management-red-hat-ente=
> rprise-linux-8
> Quote:
> -----------
> The knowledge and expertise, and thus ability to support OpenLDAP
> server
> to the same level of confidence as our other offerings was limited.

Usual red-hat rubbish, they cannot have lost the knowledge overnight.

> ------------
> And Redhat tells you that only a DS you are paying for is good:
> Quote:
> ------------
> First of all, the LDAP server is the core of the identity system. It
> requires enterprise level support.

aka 'use freeipa'

> ------------
> But who needs a LDAP-Server that  relay on Java with a Oracle
> license??

I personally wouldn't rely on anything from oracle and don't get me
started on java.
> And so many things not working with DS389 you can do with OpenLDAP.

Oh good, another reason to not use DS389 :-D


More information about the samba mailing list