Scott wrote:
In our ldap we do not delete users, we deactivate them with nsaccountlock. All user entries are in the same branch of the tree. In this data structure, all uid's are unique and are not used again. Ok well now our ldap is getting large and I would like active users separate from inactive users to provide better search performance. AFAIK lot of services keep uid's so they cannot be used again. What's a good design approach? Do inactive users move to another tree? Maybe move to another server and use a referral somehow. What do ldap admins do with all this dead weight? :)
I'm curious why you think search performance will suffer. Are you worried about totally unindexed searches ? Some supporting data would be useful : number of users, inactive users, some example searches that you see slow down, and so on. Per se, searches should not be slower when you take the approach you have. -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
