1SLAPD-MDB(5) File Formats Manual SLAPD-MDB(5)
2
3
4
6 slapd-mdb - Memory-Mapped DB backend to slapd
7
9 /etc/openldap/slapd.conf
10
12 The mdb backend to slapd(8) uses OpenLDAP's Lightning Memory-Mapped DB
13 (LMDB) library to store data. It relies completely on the underlying
14 operating system for memory management and does no caching of its own.
15 It is the recommended primary database backend.
16
17 The mdb backend uses a hierarchical database layout which supports sub‐
18 tree renames.
19
21 These slapd.conf options apply to the mdb backend. That is, they must
22 follow a "backend mdb" line and come before any subsequent "backend" or
23 "database" lines.
24
25 idlexp <exp>
26 Specify a power of 2 for the maximum size of an index slot. The
27 default is 16, yielding a maximum slot size of 2^16 or 65536.
28 Once set, this option applies to every mdb database instance.
29 The specified value must be in the range of 16-30.
30
31 These slapd.conf options apply to the mdb backend database. That is,
32 they must follow a "database mdb" line and come before any subsequent
33 "backend" or "database" lines. Other database options are described in
34 the slapd.conf(5) manual page.
35
36 checkpoint <kbyte> <min>
37 Specify the frequency for flushing the database disk buffers.
38 This setting is only needed if the dbnosync option is used. The
39 checkpoint will occur if either <kbyte> data has been written or
40 <min> minutes have passed since the last checkpoint. Both argu‐
41 ments default to zero, in which case they are ignored. When the
42 <min> argument is non-zero, an internal task will run every
43 <min> minutes to perform the checkpoint. Note: currently the
44 <kbyte> setting is unimplemented.
45
46 dbnosync
47 Specify that on-disk database contents should not be immediately
48 synchronized with in memory changes. Enabling this option may
49 improve performance at the expense of data security. In particu‐
50 lar, if the operating system crashes before changes are flushed,
51 some number of transactions may be lost. By default, a full
52 data flush/sync is performed when each transaction is committed.
53
54 directory <directory>
55 Specify the directory where the LMDB files containing this data‐
56 base and associated indexes live. A separate directory must be
57 specified for each database. The default is /var/openldap-data.
58
59 envflags {nosync,nometasync,writemap,mapasync,nordahead}
60 Specify flags for finer-grained control of the LMDB library's
61 operation.
62
63 nosync This is exactly the same as the dbnosync directive.
64
65 nometasync
66 Flush the data on a commit, but skip the sync of the meta
67 page. This mode is slightly faster than doing a full
68 sync, but can potentially lose the last committed trans‐
69 action if the operating system crashes. If both nometa‐
70 sync and nosync are set, the nosync flag takes prece‐
71 dence.
72
73 writemap
74 Use a writable memory map instead of just read-only. This
75 speeds up write operations but makes the database vulner‐
76 able to corruption in case any bugs in slapd cause stray
77 writes into the mmap region.
78
79 mapasync
80 When using a writable memory map and performing flushes
81 on each commit, use an asynchronous flush instead of a
82 synchronous flush (the default). This option has no ef‐
83 fect if writemap has not been set. It also has no effect
84 if nosync is set.
85
86 nordahead
87 Turn off file readahead. Usually the OS performs reada‐
88 head on every read request. This usually boosts read per‐
89 formance but can be harmful to random access read perfor‐
90 mance if the system's memory is full and the DB is larger
91 than RAM. This option is not implemented on Windows.
92
93
94 index {<attrlist>|default} [pres,eq,approx,sub,<special>]
95 Specify the indexes to maintain for the given attribute (or list
96 of attributes). Some attributes only support a subset of in‐
97 dexes. If only an <attr> is given, the indices specified for
98 default are maintained. Note that setting a default does not
99 imply that all attributes will be indexed. Also, for best per‐
100 formance, an eq index should always be configured for the ob‐
101 jectClass attribute.
102
103 A number of special index parameters may be specified. The in‐
104 dex type sub can be decomposed into subinitial, subany, and sub‐
105 final indices. The special type nolang may be specified to dis‐
106 allow use of this index by language subtypes. The special type
107 nosubtypes may be specified to disallow use of this index by
108 named subtypes. Note: changing index settings in slapd.conf(5)
109 requires rebuilding indices, see slapindex(8); changing index
110 settings dynamically by LDAPModifying "cn=config" automatically
111 causes rebuilding of the indices online in a background task.
112
113 maxentrysize <bytes>
114 Specify the maximum size of an entry in bytes. Attempts to store
115 an entry larger than this size will be rejected with the error
116 LDAP_ADMINLIMIT_EXCEEDED. The default is 0, which is unlimited.
117
118 maxreaders <integer>
119 Specify the maximum number of threads that may have concurrent
120 read access to the database. Tools such as slapcat count as a
121 single thread, in addition to threads in any active slapd pro‐
122 cesses. The default is 126.
123
124 maxsize <bytes>
125 Specify the maximum size of the database in bytes. A memory map
126 of this size is allocated at startup time and the database will
127 not be allowed to grow beyond this size. The default is 10485760
128 bytes. This setting may be changed upward if the configured
129 limit needs to be increased.
130
131 Note: It is important to set this to as large a value as possi‐
132 ble, (relative to anticipated growth of the actual data over
133 time) since growing the size later may not be practical when the
134 system is under heavy load.
135
136 mode <integer>
137 Specify the file protection mode that newly created database
138 files should have. The default is 0600.
139
140 multival {<attrlist>|default} <integer hi>,<integer lo>
141 Specify the number of values for which a multivalued attribute
142 is stored in a separate table. Normally entries are stored as a
143 single blob inside the database. When an entry gets very large
144 or contains attributes with a very large number of values, modi‐
145 fications on that entry may get very slow. Splitting the large
146 attributes out to a separate table can improve the performance
147 of modification operations. The threshold is specified as a
148 pair of integers. If the number of values exceeds the hi thresh‐
149 old the values will be split out. If a modification deletes
150 enough values to bring an attribute below the lo threshold the
151 values will be removed from the separate table and merged back
152 into the main entry blob. The threshold can be set for a spe‐
153 cific list of attributes, or the default can be configured for
154 all other attributes. The default value for both hi and lo
155 thresholds is UINT_MAX, which keeps all attributes in the main
156 blob.
157
158 rtxnsize <entries>
159 Specify the maximum number of entries to process in a single
160 read transaction when executing a large search. Long-lived read
161 transactions prevent old database pages from being reused in
162 write transactions, and so can cause significant growth of the
163 database file when there is heavy write traffic. This setting
164 causes the read transaction in large searches to be released and
165 reacquired after the given number of entries has been read, to
166 give writers the opportunity to reclaim old database pages. The
167 default is 10000.
168
169 searchstack <depth>
170 Specify the depth of the stack used for search filter evalua‐
171 tion. Search filters are evaluated on a stack to accommodate
172 nested AND / OR clauses. An individual stack is assigned to each
173 server thread. The depth of the stack determines how complex a
174 filter can be evaluated without requiring any additional memory
175 allocation. Filters that are nested deeper than the search stack
176 depth will cause a separate stack to be allocated for that par‐
177 ticular search operation. These allocations can have a major
178 negative impact on server performance, but specifying too much
179 stack will also consume a great deal of memory. Each search
180 stack uses 512K bytes per level. The default stack depth is 16,
181 thus 8MB per thread is used.
182
184 The mdb backend honors access control semantics as indicated in
185 slapd.access(5).
186
188 /etc/openldap/slapd.conf
189 default slapd configuration file
190
192 slapd.conf(5), slapd-config(5), slapd(8), slapadd(8), slapcat(8),
193 slapindex(8), slapmodify(8), OpenLDAP LMDB documentation.
194
196 OpenLDAP Software is developed and maintained by The OpenLDAP Project
197 <http://www.openldap.org/>. OpenLDAP Software is derived from the Uni‐
198 versity of Michigan LDAP 3.3 Release. Written by Howard Chu.
199
200
201
202OpenLDAP 2.6.6 2023/07/31 SLAPD-MDB(5)