Le 3/15/12 10:33 AM, Alex Karasulu a écrit : > On Wed, Mar 14, 2012 at 6:17 PM, Emmanuel Lécharnywrote: > >> Le 3/14/12 5:08 PM, Alex Karasulu a écrit : >> >> On Wed, Mar 14, 2012 at 4:51 PM, wrote: >>> Hi, when searching for a user having this objectclass hierarchy >>>> top >>>> |_person >>>> |_organizationalPerson >>>> |_inetOrgPerson >>>> >>>> and uid = 'jsmith' >>>> >>>> Which query would be less expensive or better/faster? Thanks! >>>> >>>> (& >>>> (objectclass=inetOrgPerson) >>>> (uid=jsmith) >>>> ) >>>> >>>> This would be faster and more efficient since the evaluation is on a >>> more >>> specific objectClass which reduces the search space from the get go. >>> >>> To understand this you need to know about how the optimizer works with >>> scan >>> counts that are returned. LDAP search filters are expanded out into an AST >>> (abstract syntax tree) with the leaves of the tree being assertions the >>> branch nodes being operators. Then the optimizer annotates this AST with >>> scan counts, which basically is asking each index, "Hey how many results >>> would you return for this assertion?" So the more specific inetOrgPerson >>> is >>> more likely to return a smaller scan count. >>> >>> Now if you have an index on uid then the scan count on this will be 1 >>> since >>> UID should be unique (our DSA does not enforce this tho) >>> >> Uh ? >> >> > The DSA does NOT enforce UID uniqueness so this is may be a problem if your > application or organization does not enforce this was my point. So to clarify : UID uniqueness is an OS concept, not a LDAP one. -- Regards, Cordialement, Emmanuel Lécharny www.iktek.com