1SLAPD-MDB(5)                  File Formats Manual                 SLAPD-MDB(5)
2
3
4

NAME

6       slapd-mdb - Memory-Mapped DB backend to slapd
7

SYNOPSIS

9       /etc/openldap/slapd.conf
10

DESCRIPTION

12       The  mdb backend to slapd(8) uses OpenLDAP's Lightning Memory-Mapped DB
13       (LMDB) library to store data.  It relies completely on  the  underlying
14       operating  system for memory management and does no caching of its own.
15       It is the recommended primary database backend.
16
17       The mdb backend uses a hierarchical database layout which supports sub‐
18       tree renames.
19

CONFIGURATION

21       These  slapd.conf options apply to the mdb backend.  That is, they must
22       follow a "backend mdb" line and come before any subsequent "backend" or
23       "database" lines.
24
25       idlexp <exp>
26              Specify a power of 2 for the maximum size of an index slot.  The
27              default is 16, yielding a maximum slot size of  2^16  or  65536.
28              Once  set,  this  option applies to every mdb database instance.
29              The specified value must be in the range of 16-30.
30
31       These slapd.conf options apply to the mdb backend database.   That  is,
32       they  must  follow a "database mdb" line and come before any subsequent
33       "backend" or "database" lines.  Other database options are described in
34       the slapd.conf(5) manual page.
35
36       checkpoint <kbyte> <min>
37              Specify  the  frequency  for flushing the database disk buffers.
38              This setting is only needed if the dbnosync option is used.  The
39              checkpoint will occur if either <kbyte> data has been written or
40              <min> minutes have passed since the last checkpoint.  Both argu‐
41              ments  default to zero, in which case they are ignored. When the
42              <min> argument is non-zero, an  internal  task  will  run  every
43              <min>  minutes  to  perform the checkpoint.  Note: currently the
44              <kbyte> setting is unimplemented.
45
46       dbnosync
47              Specify that on-disk database contents should not be immediately
48              synchronized  with  in memory changes.  Enabling this option may
49              improve performance at the expense of data security. In particu‐
50              lar, if the operating system crashes before changes are flushed,
51              some number of transactions may be lost.   By  default,  a  full
52              data flush/sync is performed when each transaction is committed.
53
54       directory <directory>
55              Specify the directory where the LMDB files containing this data‐
56              base and associated indexes live.  A separate directory must  be
57              specified for each database.  The default is /var/openldap-data.
58
59       envflags {nosync,nometasync,writemap,mapasync,nordahead}
60              Specify  flags  for  finer-grained control of the LMDB library's
61              operation.
62
63              nosync This is exactly the same as the dbnosync directive.
64
65              nometasync
66                     Flush the data on a commit, but skip the sync of the meta
67                     page.  This  mode  is  slightly  faster than doing a full
68                     sync, but can potentially lose the last committed  trans‐
69                     action  if  the operating system crashes. If both nometa‐
70                     sync and nosync are set, the  nosync  flag  takes  prece‐
71                     dence.
72
73              writemap
74                     Use a writable memory map instead of just read-only. This
75                     speeds up write operations but makes the database vulner‐
76                     able  to corruption in case any bugs in slapd cause stray
77                     writes into the mmap region.
78
79              mapasync
80                     When using a writable memory map and  performing  flushes
81                     on  each  commit,  use an asynchronous flush instead of a
82                     synchronous flush (the default). This option has  no  ef‐
83                     fect  if writemap has not been set. It also has no effect
84                     if nosync is set.
85
86              nordahead
87                     Turn off file readahead. Usually the OS  performs  reada‐
88                     head on every read request. This usually boosts read per‐
89                     formance but can be harmful to random access read perfor‐
90                     mance if the system's memory is full and the DB is larger
91                     than RAM. This option is not implemented on Windows.
92
93
94       index {<attrlist>|default} [pres,eq,approx,sub,<special>]
95              Specify the indexes to maintain for the given attribute (or list
96              of  attributes).   Some  attributes only support a subset of in‐
97              dexes.  If only an <attr> is given, the  indices  specified  for
98              default  are  maintained.   Note that setting a default does not
99              imply that all attributes will be indexed. Also, for  best  per‐
100              formance,  an  eq  index should always be configured for the ob‐
101              jectClass attribute.
102
103              A number of special index parameters may be specified.  The  in‐
104              dex type sub can be decomposed into subinitial, subany, and sub‐
105              final indices.  The special type nolang may be specified to dis‐
106              allow  use of this index by language subtypes.  The special type
107              nosubtypes may be specified to disallow use  of  this  index  by
108              named  subtypes.  Note: changing index settings in slapd.conf(5)
109              requires rebuilding indices, see  slapindex(8);  changing  index
110              settings  dynamically by LDAPModifying "cn=config" automatically
111              causes rebuilding of the indices online in a background task.
112
113       maxentrysize <bytes>
114              Specify the maximum size of an entry in bytes. Attempts to store
115              an  entry  larger than this size will be rejected with the error
116              LDAP_ADMINLIMIT_EXCEEDED. The default is 0, which is unlimited.
117
118       maxreaders <integer>
119              Specify the maximum number of threads that may  have  concurrent
120              read  access  to  the database. Tools such as slapcat count as a
121              single thread, in addition to threads in any active  slapd  pro‐
122              cesses. The default is 126.
123
124       maxsize <bytes>
125              Specify  the maximum size of the database in bytes. A memory map
126              of this size is allocated at startup time and the database  will
127              not be allowed to grow beyond this size. The default is 10485760
128              bytes. This setting may be  changed  upward  if  the  configured
129              limit needs to be increased.
130
131              Note:  It is important to set this to as large a value as possi‐
132              ble, (relative to anticipated growth of  the  actual  data  over
133              time) since growing the size later may not be practical when the
134              system is under heavy load.
135
136       mode <integer>
137              Specify the file protection mode  that  newly  created  database
138              files should have.  The default is 0600.
139
140       multival {<attrlist>|default} <integer hi>,<integer lo>
141              Specify  the  number of values for which a multivalued attribute
142              is stored in a separate table. Normally entries are stored as  a
143              single  blob  inside the database. When an entry gets very large
144              or contains attributes with a very large number of values, modi‐
145              fications  on  that entry may get very slow. Splitting the large
146              attributes out to a separate table can improve  the  performance
147              of  modification  operations.   The  threshold is specified as a
148              pair of integers. If the number of values exceeds the hi thresh‐
149              old  the  values  will  be  split out. If a modification deletes
150              enough values to bring an attribute below the lo  threshold  the
151              values  will  be removed from the separate table and merged back
152              into the main entry blob.  The threshold can be set for  a  spe‐
153              cific  list  of attributes, or the default can be configured for
154              all other attributes.  The default value  for  both  hi  and  lo
155              thresholds  is  UINT_MAX, which keeps all attributes in the main
156              blob.
157
158       rtxnsize <entries>
159              Specify the maximum number of entries to  process  in  a  single
160              read  transaction when executing a large search. Long-lived read
161              transactions prevent old database pages  from  being  reused  in
162              write  transactions,  and so can cause significant growth of the
163              database file when there is heavy write  traffic.  This  setting
164              causes the read transaction in large searches to be released and
165              reacquired after the given number of entries has been  read,  to
166              give  writers the opportunity to reclaim old database pages. The
167              default is 10000.
168
169       searchstack <depth>
170              Specify the depth of the stack used for  search  filter  evalua‐
171              tion.   Search  filters  are evaluated on a stack to accommodate
172              nested AND / OR clauses. An individual stack is assigned to each
173              server  thread.  The depth of the stack determines how complex a
174              filter can be evaluated without requiring any additional  memory
175              allocation. Filters that are nested deeper than the search stack
176              depth will cause a separate stack to be allocated for that  par‐
177              ticular  search  operation.  These  allocations can have a major
178              negative impact on server performance, but specifying  too  much
179              stack  will  also  consume  a great deal of memory.  Each search
180              stack uses 512K bytes per level. The default stack depth is  16,
181              thus 8MB per thread is used.
182

ACCESS CONTROL

184       The  mdb  backend  honors  access  control  semantics  as  indicated in
185       slapd.access(5).
186

FILES

188       /etc/openldap/slapd.conf
189              default slapd configuration file
190

SEE ALSO

192       slapd.conf(5),  slapd-config(5),  slapd(8),   slapadd(8),   slapcat(8),
193       slapindex(8), slapmodify(8), OpenLDAP LMDB documentation.
194

ACKNOWLEDGEMENTS

196       OpenLDAP  Software  is developed and maintained by The OpenLDAP Project
197       <http://www.openldap.org/>.  OpenLDAP Software is derived from the Uni‐
198       versity of Michigan LDAP 3.3 Release.  Written by Howard Chu.
199
200
201
202OpenLDAP 2.6.6                    2023/07/31                      SLAPD-MDB(5)
Impressum