Improving messaging and system load when using the directory data service
Depending on your configuration, you may need to take additional steps to ensure optimal messaging or load balancing. Consider the following configuration options if you are trying to resolve load or messaging issues.
Create duplicates of LDAP servers that are behind firewalls for easier client access.
If your configuration uses an LDAP client that resides behind a firewall, you can resolve connection issues by setting up a replica of their LDAP server, close to where the scanners are located in the network. Your directory administrator should determine the best path for this action based on your configuration.
Turn off distribution list expansion to speed up query time.
You can improve performance by disabling distribution list expansion. If you use this option, distribution lists cannot be evaluated for individual members and can only be managed as a single entity.
Use child membership attributes to speed up query time.
Providing parent attributes in queries allows the client to immediately determine what groups the child belongs to and avoids a query to the directory.
Active Directory provides the ability to use these attributes by default. More customizable directories, such as SunOne or OpenLDAP can be expanded to carry the parent and child membership attributes. Consult your directory provider's documentation for more information.
Use caching and the cache preloader to save query time.
To optimize performance, create a cache that incorporates all of your entries, including your distribution list members, all primary users, and all aliases, then estimate up if possible.
Imported Document ID: HOWTO92729
Subscribing will provide email updates when this Article is updated. Login is required.