Hi list, here is a Samba4 AD with LDB. Is there any limit for number of possible objects? I mean users, computers, and other kind of nodes. On a Samba Wiki page, the doc notes: https://wiki.samba.org/index.php/LDB#How_LDB_uses_TDB "How LDB uses TDB LDB basically sits on top of TDB and manipulates the data into an LDAP-like structure." And I've found a doc here: https://ldapcon.org/2015/wp-content/uploads/2015/09/ivanova-samba_backend.pdf which notes, that "Problems of Samba 4 with TDB * Scalability - Supported TDB version is 32 bit, which puts a 4GB limit on the database, equals around 300 000 objects depending on their size. - Work on the 64 bit is not progressing" May be an ugly question, but is that means the Samba4 supports "only" about 300k objects per db? Thanks, a.
On Wed, 2017-10-25 at 09:58 +0200, Ervin Hegedüs via samba wrote:> Hi list, > > here is a Samba4 AD with LDB. > > Is there any limit for number of possible objects? I mean users, computers, > and other kind of nodes. > > On a Samba Wiki page, the doc notes: > https://wiki.samba.org/index.php/LDB#How_LDB_uses_TDB > > "How LDB uses TDB > > LDB basically sits on top of TDB and manipulates the data into an LDAP-like > structure." > > > And I've found a doc here: > https://ldapcon.org/2015/wp-content/uploads/2015/09/ivanova-samba_backend.pdf > > which notes, that > > "Problems of Samba 4 with TDB > > * Scalability > - Supported TDB version is 32 bit, which puts a 4GB limit on the database, > equals around 300 000 objects depending on their size. > - Work on the 64 bit is not progressing" > > May be an ugly question, but is that means the Samba4 supports "only" about > 300k objects per db?G'Day, There has been and will continue to be work to make Samba scale much further, both though incremental efforts (such as the recently completed GUID index work), bug fixes (the locking fixes in 4.7 also fixed a major bottleneck) and more radical steps. As an example, with the git master current code I recently showed adding 100,000 user objects to Samba, and adding those to either 1, 2, 3 or 4 groups in 2 hours. The bulk of that time was in the group handling, interestingly the user insertion is no longer the dominant factor. Can you please give me some more details about what you propose to use Samba for, so I can understand your concerns further? Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
Hi Andrew, thanks for the reply, On Wed, Oct 25, 2017 at 11:56:22PM +1300, Andrew Bartlett wrote:> On Wed, 2017-10-25 at 09:58 +0200, Ervin Hegedüs via samba wrote: > > > > here is a Samba4 AD with LDB. > > > > Is there any limit for number of possible objects? I mean users, computers, > > and other kind of nodes. > >[...]> > May be an ugly question, but is that means the Samba4 supports "only" about > > 300k objects per db? > > There has been and will continue to be work to make Samba scale much > further, both though incremental efforts (such as the recently > completed GUID index work), bug fixes (the locking fixes in 4.7 also > fixed a major bottleneck) and more radical steps. > > As an example, with the git master current code I recently showed > adding 100,000 user objects to Samba, and adding those to either 1, 2, > 3 or 4 groups in 2 hours. The bulk of that time was in the group > handling, interestingly the user insertion is no longer the dominant > factor. > > Can you please give me some more details about what you propose to use > Samba for, so I can understand your concerns further?We have to build a Samba AD, with several DC's. The designed customer number is about 500 000, or more (user). The main function of the AD is only the authentication, so there is a captive portal and some firewall system, user connects to the network (after auth, with 802.1x), and based on its group memberships it can use the internet connection. The spped of each methods (add new user, modify its data, eg. password, group membership) is no matter. Only the read capability is important. But I don't know after the two articles (descibed in my first e-mail) that should we store in all users in one domain, or we have to plan that split them to more domains. And if it needs (to split them), how many objects is the maximum in an LDB? Thanks again, a.