Provided by: slapd_2.6.9+dfsg-2ubuntu1_amd64 
NAME
slapd-mdb - Memory-Mapped DB backend to slapd
SYNOPSIS
/etc/ldap/slapd.conf
DESCRIPTION
The mdb backend to slapd(8) uses OpenLDAP's Lightning Memory-Mapped DB (LMDB) library to store data. It
relies completely on the underlying operating system for memory management and does no caching of its
own. It is the recommended primary database backend.
The mdb backend uses a hierarchical database layout which supports subtree renames.
CONFIGURATION
These slapd.conf options apply to the mdb backend. That is, they must follow a "backend mdb" line and
come before any subsequent "backend" or "database" lines.
idlexp <exp>
Specify a power of 2 for the maximum size of an index slot. The default is 16, yielding a maximum
slot size of 2^16 or 65536. Once set, this option applies to every mdb database instance. The
specified value must be in the range of 16-30.
These slapd.conf options apply to the mdb backend database. That is, they must follow a "database mdb"
line and come before any subsequent "backend" or "database" lines. Other database options are described
in the slapd.conf(5) manual page.
checkpoint <kbyte> <min>
Specify the frequency for flushing the database disk buffers. This setting is only needed if the
dbnosync option is used. The checkpoint will occur if either <kbyte> data has been written or
<min> minutes have passed since the last checkpoint. Both arguments default to zero, in which
case they are ignored. When the <min> argument is non-zero, an internal task will run every <min>
minutes to perform the checkpoint. Note: currently the <kbyte> setting is unimplemented.
dbnosync
Specify that on-disk database contents should not be immediately synchronized with in memory
changes. Enabling this option may improve performance at the expense of data security. In
particular, if the operating system crashes before changes are flushed, some number of
transactions may be lost. By default, a full data flush/sync is performed when each transaction
is committed.
directory <directory>
Specify the directory where the LMDB files containing this database and associated indexes live.
A separate directory must be specified for each database. The default is /var/lib/ldap.
envflags {nosync,nometasync,writemap,mapasync,nordahead}
Specify flags for finer-grained control of the LMDB library's operation.
nosync This is exactly the same as the dbnosync directive.
nometasync
Flush the data on a commit, but skip the sync of the meta page. This mode is slightly
faster than doing a full sync, but can potentially lose the last committed transaction if
the operating system crashes. If both nometasync and nosync are set, the nosync flag takes
precedence.
writemap
Use a writable memory map instead of just read-only. This speeds up write operations but
makes the database vulnerable to corruption in case any bugs in slapd cause stray writes
into the mmap region.
mapasync
When using a writable memory map and performing flushes on each commit, use an asynchronous
flush instead of a synchronous flush (the default). This option has no effect if writemap
has not been set. It also has no effect if nosync is set.
nordahead
Turn off file readahead. Usually the OS performs readahead on every read request. This
usually boosts read performance but can be harmful to random access read performance if the
system's memory is full and the DB is larger than RAM. This option is not implemented on
Windows.
index {<attrlist>|default} [pres,eq,approx,sub,<special>]
Specify the indexes to maintain for the given attribute (or list of attributes). Some attributes
only support a subset of indexes. If only an <attr> is given, the indices specified for default
are maintained. Note that setting a default does not imply that all attributes will be indexed.
Also, for best performance, an eq index should always be configured for the objectClass attribute.
A number of special index parameters may be specified. The index type sub can be decomposed into
subinitial, subany, and subfinal indices. The special type nolang may be specified to disallow
use of this index by language subtypes. The special type nosubtypes may be specified to disallow
use of this index by named subtypes. Note: changing index settings in slapd.conf(5) requires
rebuilding indices, see slapindex(8); changing index settings dynamically by LDAPModifying
"cn=config" automatically causes rebuilding of the indices online in a background task.
maxentrysize <bytes>
Specify the maximum size of an entry in bytes. Attempts to store an entry larger than this size
will be rejected with the error LDAP_ADMINLIMIT_EXCEEDED. The default is 0, which is unlimited.
maxreaders <integer>
Specify the maximum number of threads that may have concurrent read access to the database. Tools
such as slapcat count as a single thread, in addition to threads in any active slapd processes.
The default is 126.
maxsize <bytes>
Specify the maximum size of the database in bytes. A memory map of this size is allocated at
startup time and the database will not be allowed to grow beyond this size. The default is
10485760 bytes. This setting may be changed upward if the configured limit needs to be increased.
Note: It is important to set this to as large a value as possible, (relative to anticipated growth
of the actual data over time) since growing the size later may not be practical when the system is
under heavy load.
mode <integer>
Specify the file protection mode that newly created database files should have. The default is
0600.
multival {<attrlist>|default} <integer hi>,<integer lo>
Specify the number of values for which a multivalued attribute is stored in a separate table.
Normally entries are stored as a single blob inside the database. When an entry gets very large or
contains attributes with a very large number of values, modifications on that entry may get very
slow. Splitting the large attributes out to a separate table can improve the performance of
modification operations. The threshold is specified as a pair of integers. If the number of
values exceeds the hi threshold the values will be split out. If a modification deletes enough
values to bring an attribute below the lo threshold the values will be removed from the separate
table and merged back into the main entry blob. The threshold can be set for a specific list of
attributes, or the default can be configured for all other attributes. The default value for both
hi and lo thresholds is UINT_MAX, which keeps all attributes in the main blob.
rtxnsize <entries>
Specify the maximum number of entries to process in a single read transaction when executing a
large search. Long-lived read transactions prevent old database pages from being reused in write
transactions, and so can cause significant growth of the database file when there is heavy write
traffic. This setting causes the read transaction in large searches to be released and reacquired
after the given number of entries has been read, to give writers the opportunity to reclaim old
database pages. The default is 10000.
searchstack <depth>
Specify the depth of the stack used for search filter evaluation. Search filters are evaluated on
a stack to accommodate nested AND / OR clauses. An individual stack is assigned to each server
thread. The depth of the stack determines how complex a filter can be evaluated without requiring
any additional memory allocation. Filters that are nested deeper than the search stack depth will
cause a separate stack to be allocated for that particular search operation. These allocations can
have a major negative impact on server performance, but specifying too much stack will also
consume a great deal of memory. Each search stack uses 512K bytes per level. The default stack
depth is 16, thus 8MB per thread is used.
ACCESS CONTROL
The mdb backend honors access control semantics as indicated in slapd.access(5).
FILES
/etc/ldap/slapd.conf
default slapd configuration file
SEE ALSO
slapd.conf(5), slapd-config(5), slapd(8), slapadd(8), slapcat(8), slapindex(8), slapmodify(8), OpenLDAP
LMDB documentation.
ACKNOWLEDGEMENTS
OpenLDAP Software is developed and maintained by The OpenLDAP Project <http://www.openldap.org/>.
OpenLDAP Software is derived from the University of Michigan LDAP 3.3 Release. Written by Howard Chu.
OpenLDAP 2.6.9+dfsg-2ubuntu1 2024/11/26 SLAPD-MDB(5)