Currently, displaying a list of group members (eg. "show all members of jira-developers" in the JIRA user browser) can be extremely slow in Crowd. This is because Crowd first fetches the group DN to fetch the user list, then for each member, does a LDAP query to fetch their details. If there are 20,000 users, that is 20,001 LDAP queries.

Performance would be much better if Crowd could issue an LDAP query saying "Give me details for all users in group X", and get back all results in one query.

Till recently this has not been possible (except in AD, I believe), but OpenLDAP 2.4+ has a feature called Reverse Group Membership Maintenance, also known as the "memberof" attribute. This automatically populated/updated attribute lists the groups that a user is a member of. Crowd could use this to list group members, ie. "Give me all entries where memberOf=jira-users".