Performance on very large databases?

[TheUniquePaulSmith]

Do you have any performance stats on reading very large databases?

For example, if one were to dump all security principals and readable attributes for analytics, would it be the same performance as LDAP queries against a live Active Directory environment, or faster through your framework tooling?

[MichaelGrafnetter]

The performance of DSInternals when reading ntds.dit files is definitely slower than LDAP for several reasons:

• .NET Framework adds a lot of overhead to Win32 API calls and ~100 such calls need to be performed to read a single account.
• I have not implemented any paralelism to DSInternals.
• My code does many unnecessary memory allocations when decrypting AD data.

Having said that, DSInternals is much faster than competing tools, as it heavily utilizes database indices when searching for user accounts.

As far as I remember, reading 1M accounts from ntds.dit might take an hour or two.