We've ~4.5millions user currently stored in external system and which is going grow. We might not want to overload the repository with users instead keep all our user in current centralized source system.
1. In this case, is there any best practice to store users outside AEM without syncing the users back with AEM?
2. How to support the content authorization, should we store groups inside AEM OR content authorization can be achieved without having users/groups in AEM.