On Thu, 8 Jan 2004, ROUTIER Gilles wrote:
> The autthentification by groups LDAP functions by chance.
>
> As an information we have 26 groups and in group between 30 and 100 users.
>
> How many groups can one list you with squid_ldap_group?
> Is there a limitation with 10 goupes, 16 groups, etc?
There is no direct limit in number, but the total amount of characters
login group group ...
must not exceed 256. If it does then things will get very confusing. This
limit really should be increased (see the char buf definition in
squid_ldap_group.c main() function).
Also, the performance currently degrades linearly by the number of groups
as the helper searches individually per group for a match in the
directory. In theory it could aggregate the groups into a single large
filter expression, but then there is LDAP servers who has limits on how
large filter expressions may be..
Regards
Henrik
Received on Fri Jan 09 2004 - 04:44:53 MST
This archive was generated by hypermail pre-2.1.9 : Sun Feb 01 2004 - 12:00:05 MST