grouper-users - Re: [grouper-users] grouper and openldap
Subject: Grouper Users - Open Discussion List
List archive
- From: Michael R Gettes <>
- To: Tom Poage <>
- Cc: "" <>
- Subject: Re: [grouper-users] grouper and openldap
- Date: Fri, 3 Feb 2017 11:18:40 -0500
- Ironport-phdr: 9a23:aTj+uR8+S4WkOf9uRHKM819IXTAuvvDOBiVQ1KB42u4cTK2v8tzYMVDF4r011RmSDNmdtKsP27eempujcFRI2YyGvnEGfc4EfD4+ouJSoTYdBtWYA1bwNv/gYn9yNs1DUFh44yPzahANS47xaFLIv3K98yMZFAnhOgppPOT1HZPZg9iq2+yo9ZDeZwpFiCC/bL9vIxm7rgXcvdQKjIV/Lao81gHHqWZSdeRMwmNoK1OTnxLi6cq14ZVu7Sdete8/+sBZSan1cLg2QrJeDDQ9LmA6/9brugXZTQuO/XQTTGMbmQdVDgff7RH6WpDxsjbmtud4xSKXM9H6QawyVD+/9KpgVgPmhzkbOD446GHXi9J/jKRHoBK6uhdzx5fYbJyJOPZie6/Qe84RS2hcUcZLTyFOHoyzYZYPAeUDM+hWoIrzp1UQoxW5HgSsGPrvyjpUin/2waE2zeIsGhzG0gw6GNIOtWzZotL0NKgOUeC61rfHzTHeZP1KxDzz6ZbHcgw9of6SRrJ7bM3cyUw1FwPKgFictZfoPyuO1uQQqWSU8fdvVf+2hmMhtgp/oSCvy98xhoXXhY8Z0E3I+Th6zYovONG1R092bcS5HJZetiyWL5Z6Tt0hTm1ypSo2174LtYSmcCQX1Jgr3RHSZvKBfoOV+BzsTvyRLi19hH99eLKwmRKy8U+4x+3gTMm4zkhGrixYntXRrH8BzQbc6tOZRfth5EuhwS2P1x3J5u5aPE80iLLXK58nwrEuipoeqVnPEjH1lUnskaOaa0Yp9vK15+noY7jqvIKQOoF1hw3mN6QhgM2/AeA2MggUWGib/Pyx1Lj5/U32TrhGkuY7krHCsJDHP8gUuLO2AxJN3oY59xm/Fyum0MgfnXQfI1JFYhWHj5XxO17QOvD0FOq/g0+ynzdx3PDLJbnhApTWLnjfi7ftY6xx609ayAov099f/ZRUBa8dIP7tQEP+qsHXDgJqezCzltrgDZ1F0YoRVCrbHqGBN6rdvHeV7e4mPeiXIoIZpWCuBeIi4qvLjHQ5kFIZNZPh8pYLdH2jVqBjOUrCOVL0mcpHHGsX6FltBNf2gUGPBGYAL025WLgxs3RiUNqr
we have both static group objects and isMemberOf on the user object - so we
do as you suggest if I am understanding you correctly. The real issue is
application behavior. There are still many apps operating against static
group objects. So the need for large groups remains.
I hope this helps.
/mrg
> On Feb 3, 2017, at 11:12 AM, Tom Poage
> <>
> wrote:
>
> Is it possible in Grouper to 'invert' the solution, making membership a
> user attribute? Then each user entry might be a member of, say, on the
> order of 100 groups vs. managing a single 40k entry object.
>
> Tom.
>
>> On Jan 30, 2017, at 7:50 AM, Michael R Gettes
>> <>
>> wrote:
>>
>> I received only a few replies. Others have run into this limitation of
>> openldap not being able to support large static group objects. The problem
>> is really large numbers of multi-valued attributes (not just group
>> objects). My observation is 5 seconds to update when the group object
>> becomes greater than 35K-40K members. Apparently, openldap has to
>> regenerate the member/uniquemember attributes for the entire object each
>> time. This appears to be a known issue with
> ...
- Re: [grouper-users] grouper and openldap, Tom Poage, 02/03/2017
- Re: [grouper-users] grouper and openldap, Michael R Gettes, 02/03/2017
- Re: [grouper-users] grouper and openldap, Tom Poage, 02/03/2017
- Re: [grouper-users] grouper and openldap, Michael R Gettes, 02/03/2017
- Re: [grouper-users] grouper and openldap, Tom Poage, 02/03/2017
- Re: [grouper-users] grouper and openldap, Michael R Gettes, 02/03/2017
Archive powered by MHonArc 2.6.19.