Background the ability to search active directory is

This preview shows page 144 - 145 out of 242 pages.

Background The ability to search Active Directory is one of the core services provided by domain controllers. Many services and line-of-business applications rely on this service. Business operations can cease to a halt if this feature is not available. As a core and heavily used service, it is imperative that domain controllers handle LDAP search traffic efficiently. The LDAP query optimizer algorithm attempts to make LDAP searches efficient as possible by mapping LDAP search filters to a result set that can be satisfied via records already indexed in the database. This algorithm was reevaluated and further optimized. The result is the performance improvement in LDAP search efficiency and LDAP search time of complex queries. Details of change An LDAP search contains a location (NC head, OU, Object) within the hierarchy to begin the search, a search filter, and a list of attributes to return. The search process can be summarized as follows: 1. Simplify the search filter, if possible. 2. Select a set of index keys that will return the smallest covered set. 3. Perform one or more intersections of index keys to reduce the covered set. 4. For each record in the covered set, evaluate the filter expression as well as the security. If the filter evaluates to TRUE and access is granted, then return this record to the client. The LDAP query optimization work modifies steps 2 and 3 so as to reduce the size of the covered set. More specifically, the current implementation selects duplicate index keys and performs redundant intersections. Select a set of index keys that will return the smallest covered set. Perform one or more intersections of index keys to reduce the covered set.
Image of page 144

Subscribe to view the full document.

Improved LDAP search performance CHAPTER 6 133 Sample results using the old algorithm The target of the inefficient LDAP search in the following example is a Windows Server 2012 domain controller. The search completes in approximately 44 seconds as a result of failing to find a more efficient index. adfind -b dc=blue,dc=contoso,dc=com -f "(| (& (|(cn=justintu) (postalcode=80304) ([email protected])) (|(objectclass=person) (cn=justintu)) ) (&(cn=justintu)(objectclass=person)))" -stats >>adfind.txt Using server: …<removed search results> Statistics ================================= Elapsed Time: 44640 (ms) Returned 324 entries of 553896 visited - (0.06%) Used Filter: ( | ( & ( | (cn=justintu) (postalCode=80304) ([email protected]) ) ( | (objectClass=person) (cn=justintu) ) ) ( & (cn=justintu) (objectClass=person) ) ) Used Indices: DNT_index:516615:N Pages Referenced : 4619650 Pages Read From Disk : 973 Pages Pre-read From Disk : 180898 Pages Dirtied : 0 Pages Re-Dirtied : 0 Log Records Generated : 0 Log Record Bytes Generated: 0 Sample results using the new algorithm Here we repeat the exact same search as above but target a Windows Server 2012 R2 domain controller. The same search completes in less than a second due to the improvements in the LDAP query optimizer algorithm.
Image of page 145
You've reached the end of this preview.
  • Spring '16

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern