directory-api mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Seelmann <m...@stefan-seelmann.de>
Subject Re: Proper use of LdapConnectionPool
Date Tue, 03 Feb 2015 21:48:49 GMT
On 02/03/2015 10:19 PM, Emmanuel Lécharny wrote:
> Le 03/02/15 22:07, Stefan Seelmann a écrit :
>> I forgot to mention the performance aspect.
>>
>> If you traverse all persons from the CEO down you need as many LDAP
>> search operations as you have persons in the directory, each require a
>> full network roundtrip, which takes time. 
> 
> What's the point of doing that when a ONE_LEVEL search done one level
> below would provide all the entries with one single Search ?

If I understand Chris correctly the directory hierarchy and the logical
organisational hierarchy are different. For example:

dn: cn=ceo,ou=c,ou=b,ou=a
directreports: cn=jane,ou=x,ou=w,ou=a
directreports: cn=john,ou=z,ou=y,ou=a

If that is the case the "directreports" are not LDAP child entries, but
just pointer to somewhere in the directory tree. Similar to nested group
membership.

@Chris, if this is not the case then please ignore my mail and use
ONE_LEVEL search to traverse the directory hierarchy, that is the
preferred way.

>> However if possible I'd avoid such a costly tree traversal, and instead
>> use e.g. paged search.
> Actually, it's probably better to abandon the request when you get what
> you want, paged search will just mitigate the memory used on the client
> side.
> 


Mime
View raw message