1 2 Previous Next 11 Replies Latest reply on Mar 13, 2009 1:16 PM by arcay

    Database question.

      Is there a way to use a SQL database for directory instead of using the flat file system?
      Thanks
        • 1. RE: Database question.


          Not in the current version.
          • 2. RE: Database question.
            The latest Endpoint Encryption Manager Administration Guide.pdf states the following.

            There is no requirement for any particular type of directory within as long as the
            directory engine can support the minimum layout. All data sources are viable, e.g.
            ODBC, Access, LDAP, DAP, X500 etc.
            Endpoint Encryption ships with two directory drivers, one, a high performance file
            system based driver for large corporate users, and a small single-file "transport"
            directory driver designed for single use and disconnected deployment. For information
            on porting Endpoint Encryption's backend directory to an alternate system, please
            contact your McAfee Services representative.
            • 3. RE: Database question.
              Hmm.... then I may stand corrected. There are two or three McAfee folks that lurk here, one of them will probably chime in --- I'd love to hear what they have to say, erm, type.
              • 4. RE: Database question.
                we have ported to SQL in the past, but it was soooo sloooow that it never went anywhere.

                There's no good reason to do it at the moment - SQL may be a great database, but it's an awful policy store. What we have at the moment is much faster, much more robust, and more secure than if we did it via SQL.

                Simon.
                • 5. RE: Database question.
                  How would I use the high performance file system based driver for large corporate users then instead of the flat file?
                  • 6. RE: Database question.
                    you cant use the flat file driver - we don't supply it to anyone and you don't have it - I'm surprised you even know we have a flat file driver...

                    the standard built in driver is the high performance one, there's nothing flat about it at all - in fact, it's about as unflat as it could possibly be for performance and integrity reasons.

                    it's impossible to corrupt the policy store in general - about all you can do is corrupt a few objects or a group container.
                    • 7. RE: Database question.
                      So is it normal for a find query in the users tab to take up to 45 minutes before getting a result using the Manager? We have over 43K users.
                      • 8. RE: Database question.
                        45mins seems long, but yes, it will take some time. We don't use the index for find commands.

                        It's the disk speed pulling that down - is your database local to the SBServer task,or is it on a NAS/SAN etc?
                        • 9. RE: Database question.
                          Do you have any metrics of how much a query on a server with ca. 30.000 machine & approx. the same amount of users should take? I'm talking about a basic query to find a computer account. Or is there any manual that would state such information?
                          1 2 Previous Next