I was asked to develop an account managing solution via LDAP for an institution with around 2000 users. In this scenario only a LDAP Directory Server is needed. External apps that consume the LDAP Directory are already there.
I immediately thought of Cloudron and its Directory Server for external Apps, because we also use it very successfully in our company. But in our company we use it for about 10 people and in this case it should manage 2000 users.
Does anyone have experience using Cloudron Directory Server with several thousand users as an LDAP provider for external apps and can give me an assessment of whether this is a good idea?
Or can someone from the Cloudron team tell something about whether the Cloudron Directory Server is designed to handle so many users or where problems might lie?
Thank you very much for your answers.
in short: go for it.
I have learned from customers with up to 1.5k users on Cloudron that only the sky is the limit.
To be fair: The Cloudron User Dashboard is not designed for that many users. It is a bit bulky (15 users per page, the groups listing). But it works.
Remember that there is no built-in option for self-registration. The initial import is possible, the rest is custom development.
Hope this helps.
External apps that consume the LDAP Directory are already there
This is the part that could already break your plans ihmo. if the customer has already lots of applications using ldap, then there is a good chance that these applications use additional ldap schema or attributes that are not served through Cloudrons own ldap implementation.
Stuff like additional phone numbers, secretary/superior, ldap pictures, application quotas....
@fbartels thank you very much for this important point. In my answer I completely forgot to point out the potential pitfalls of already existing external apps. So @pbischoff in your requirements concept you should take a closer look at the needs of the external apps. The moment they need something specific like office printers, pictures, phone numbers .... you are lost with the built in LDAP directory server.