Announcement

Collapse
No announcement yet.

Implications of number of AD users

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Implications of number of AD users

    I have a system that should hold LOADS of user accounts.
    Varying services should be able to log in with many user accounts. BUT not all user accounts will be active at the same time.
    All I need to know is, if there are implications on having an Active Directory that hosts, say... 2,000,000 user accounts.

    Thanks.
    Visit iCount
    Visit MSEC
    Visit LCS-GUIDES.COM
    Visit Melariche

  • #2
    NO at all.

    Try to organize them because you will have problems to manage them all.


    Microsoft recently demonstrated an Active Directory of 50 million objects, and observers say the Active Directory structure theoretically will scale to more than 4 billion objects.


    http://www.findarticles.com/p/articl..._5/ai_61298601
    MCSE w2k
    MCSA w2k - MCSA w2k MESSAGING
    MCDBA SQL2k

    Comment


    • #3
      OK

      Thanks for the info...

      Now it only remains a question of building the right script that will create all these users...

      (I guess I could hire a desperate student that will create them VIA gui one by one...)

      Visit iCount
      Visit MSEC
      Visit LCS-GUIDES.COM
      Visit Melariche

      Comment


      • #4
        Set oRoot = GetObject("LDAP://rootDSE")
        Set oDomain = GetObject("LDAP://" & oRoot.Get("defaultNamingContext"))

        Set oOU = oDomain.Create("organizationalUnit", "ou=Users")
        oOU.Put "Description", "OU for Users"
        oOU.SetInfo

        For i=1 to 2000000
        Set oUser = oOU.Create("User", "CN=User" & i)
        oUser.Put "sAMAccountName", "User" & i
        oUser.Put "userprincipalname", "User" & i & "@domain.com"
        oUser.Put "DisplayName", "User" & i
        oUser.Put "sn", "user_" & i
        oUser.SetInfo
        oUser.SetPassword "P455w0rD"
        oUser.AccountDisabled = False
        oUser.SetInfo
        Next
        MCSE w2k
        MCSA w2k - MCSA w2k MESSAGING
        MCDBA SQL2k

        Comment


        • #5
          Not at all is a bit too quick. 2 million is unually large. AD can do it, but that does not mean you will have no issues.

          - make sure you have sufficient disk space. I guesstimate about 10 GB.
          - Be careful if you need to replicate this over the WAN.

          This database is too large to hold in memory on an ordinary x86. This means you may run into performance problems. How many concurrent users do you expect?

          Comment


          • #6
            between 10,000 and 50,000.
            it's too early to tell...
            Visit iCount
            Visit MSEC
            Visit LCS-GUIDES.COM
            Visit Melariche

            Comment


            • #7
              That's a lot. Better do some serious sizing then, you are looking a serious performance requirements. I guess you will not need all that capacity immediately, but be prepared to invest in serious hardware here.

              Somehow I get the feeling that you are rather casual about this... What is this for, anyway?

              Comment


              • #8
                no - not casual.

                when i will be able to say more about the system - I will. But as for now - I have to keep this quiet.

                Hardware costs are not an issue.

                what is the average size for a useraccount required by the AD? provided there isn't anything special about the user...
                Visit iCount
                Visit MSEC
                Visit LCS-GUIDES.COM
                Visit Melariche

                Comment


                • #9
                  10GB! It for sure.
                  Do you have any server with less than 80GB?
                  50.000 i's nothing!
                  The most importante here is organization of all that users.
                  Replication it will be a problem if you have a slow link
                  Good Job wkasdo
                  MCSE w2k
                  MCSA w2k - MCSA w2k MESSAGING
                  MCDBA SQL2k

                  Comment


                  • #10
                    NO.
                    replication will be done only inside the LAN.

                    Test system is already running on IBMX336 Dual xeon 3ghz and 3GB ram.

                    2x 36GB 15k scsi (raid 1)

                    Do you think that's enough?
                    Visit iCount
                    Visit MSEC
                    Visit LCS-GUIDES.COM
                    Visit Melariche

                    Comment


                    • #11
                      Originally posted by Meni
                      NO.
                      replication will be done only inside the LAN.

                      Test system is already running on IBMX336 Dual xeon 3ghz and 3GB ram.

                      2x 36GB 15k scsi (raid 1)

                      Do you think that's enough?
                      Yup
                      This is a test environment?!
                      MCSE w2k
                      MCSA w2k - MCSA w2k MESSAGING
                      MCDBA SQL2k

                      Comment


                      • #12
                        I told you that money was no issue here...
                        Visit iCount
                        Visit MSEC
                        Visit LCS-GUIDES.COM
                        Visit Melariche

                        Comment


                        • #13
                          I think the database might just barely fit. My guesstimate of 10 GB might easily turn out to be 20 or so, especially if you will add groups and the likes.

                          No way that this machine will support 10,000 concurrent users, IMHO. Low on diskspace, no separate spindles for the DB and the logfiles, etc. This machine might do for a proof of concept, but not for production.

                          Comment


                          • #14
                            I agree wkasdo... this IS for a proof of concept.

                            The end system is designed to run on 6 of those with raid 5 of 4+ 147GB HD's.

                            This test env is for about 500-3000 users.
                            Visit iCount
                            Visit MSEC
                            Visit LCS-GUIDES.COM
                            Visit Melariche

                            Comment


                            • #15
                              Originally posted by wkasdo
                              I think the database might just barely fit. My guesstimate of 10 GB might easily turn out to be 20 or so, especially if you will add groups and the likes.

                              No way that this machine will support 10,000 concurrent users, IMHO. Low on diskspace, no separate spindles for the DB and the logfiles, etc. This machine might do for a proof of concept, but not for production.
                              WHAT?
                              I work in one company that have more than 50.000 users, 10.000 groups and 100.000 computer accounts. Yup. Have 22 different sites and a lot of more objects.
                              We have two domain controller per site. Each one have 4 x 36GB array disk each, 2gb ram.
                              Works fine.
                              Don't tell me that please...
                              The database is no more than 15GB
                              MCSE w2k
                              MCSA w2k - MCSA w2k MESSAGING
                              MCDBA SQL2k

                              Comment

                              Working...
                              X