[Owncloud] Heavy LDAP user search

Arthur Schiwon blizzz at owncloud.com
Fri Sep 21 11:13:22 UTC 2012


On Friday, September 21, 2012 12:29:35 PM Jörn Friedrich Dreyer wrote:
> Just brainstorming: lucene by default only starts searching when the user
> has enterd three characters. Using the same limitation in the share dialog
> would allow Arthur to query the LDAP server with a filter that takes the
> three digits into account. That should drastically reduce lookup times and
> is not much of a nuisance to the user. The search dialog could then
> directly be populated with ldap results
> 
> @ Arthur: would that work or are there other requirements?

We'd switch to searching in LDAP attributes instead of ownCloud users, but 
this can be  done. When the user changes the search filter (e.g. fix typo) new 
searches will be done, this could lead to more LDAP traffic, on the contrary. 
Needs more investigation, but an approach of course.

Cheers
Arthur

> 
> Dirk Kastens <dirk.kastens at uni-osnabrueck.de> schrieb:
> >I have configured many software products with ldap access at work. None
> >
> >of it scans the whole directory. The problem is, that oc won't
> >recognize
> >changes in the directory. When I add a new ldap user or when I change
> >the group membership of a user, I expect that the software immediately
> >recognizes the changes. It's not very user friendly if I have to wait
> >for the next complete rescan of the directory to discover the changes.
> >
> >Am 21.09.2012 11:56, schrieb Diederik de Haas:
> >> On Friday 21 September 2012 11:41:14 Arthur Schiwon wrote:
> >>>> I'm always
> >>>> running into the search time limit of our ldap server. Now, when I
> >
> >try
> >
> >>>> to share something with another ldap user, the owncloud server
> >
> >hangs. I
> >
> >>>> assume, it's because the autocomplete function tries to read in all
> >
> >50k
> >
> >>>> users of our directory.
> >>> 
> >>> Try to increase the Cache TTL to make it run more smoothly. However,
> >
> >every
> >
> >>> now  and then it needs to be updated.
> >> 
> >> Why not create an option in the LDAP-backend/Admin app to (pre-)scan
> >
> >the
> >
> >> directory? That way the administrator can determine when it's a good
> >
> >time to
> >
> >> query the 'whole' directory instead of it being invoked when the
> >
> >first user
> >
> >> request triggers it. I'm not sure, but maybe this way there's also
> >
> >a(n elegant)
> >
> >> way to avoid timeouts.
> >> Would using the cron feature a proper way to update the cache and/or
> >
> >fill it in
> >
> >> the first place?
> >> 
> >> Note: I haven't used the LDAP backend (yet?), so this is just me
> >
> >brainstorming.
> >
> >> Hope it helps.
> >
> >Dirk
> >
> >
> >
> >------------------------------------------------------------------------
> >
> >_______________________________________________
> >Owncloud mailing list
> >Owncloud at kde.org
> >https://mail.kde.org/mailman/listinfo/owncloud



More information about the Owncloud mailing list