Our current LDAP architecture comprises multiple nodes operating in replication mode.
Is there a recommended method for deleting an organization with millions of records in the CA Directory for a Production environment?

Release : 14.x
Component : CA Directory

Step-by-Step Deletion Process for Organizations with Millions of Records in CA Directory

Recommended Procedure:
1. Stop all nodes except one.
2. Delete the organization (OU) on that single active node.
3. Manually synchronize the other nodes using Disaster Recovery (DR) procedures.

This involves:
1. Running dxdisp
2. Taking an online backup (generates a .zdb file)
3. Copying the backup to the other nodes
4. Restoring the backup using standard DR procedures

This approach avoids overloading the replication mechanism with high-volume changes.

Additional Recommendations:
1. Set max-op-time = 0 on the DSA you're using to perform the deletion. This disables operation timeouts and ensures the large delete operation can complete.

2. If your DSA configuration includes:

set cache-index = all-attributes;

We recommend changing this to a minimal set of attributes (e.g., uid and mail) before running the delete, like this:

set cache-index = uid, mail;

This reduces indexing overhead and significantly improves performance during large operations like mass deletions.