General Guidance on IdP Environment Sizing

Cantor, Scott cantor.2 at
Thu Sep 27 14:58:58 EDT 2018

If the issue is LDAP performance then the sizing in question would be on that side, not the IdP. The IdP spends most of its time signing things, it's incredibly CPU bound.

I do an LDAP lookup per login, though primary authn is Kerberos protocol (much faster than LDAP), but with 200-400,000 logins per day I just have two servers live and could easily handle the load on one (physical) box.

-- Scott

More information about the users mailing list