New subject: [Issue 10301] Use assertion control in lastbind chaining

22 Jan 2025


      https://bugs.openldap.org/show_bug.cgi?id=10301
Issue ID: 10301
           Summary: Use assertion control in lastbind chaining
           Product: OpenLDAP
           Version: unspecified
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Keywords: needs_review
          Severity: normal
          Priority: ---
         Component: slapd
          Assignee: bugs@openldap.org
          Reporter: ondra@mistotebe.net
  Target Milestone: ---
Take a setup with a bunch of consumers tracking lastbind information and
replicating this back from the provider. If a client sends a lot of successful
binds to it in a very short window, the changes might not have a chance to
replicate down so each of these binds has to trigger a new modification to be
forwarded.
This results in a lot of DB churn and replication traffic that is actually
meaningless (the pwdLastChange values before and after each of the mods will be
the same).
We probably can't avoid having to send something, but the change we send could
have an assertion control attached that lets the provider skip it if
pwdLastChange>=new_value, saving on all of the additional processing (and
additional useless replication traffic).
-- 
You are receiving this mail because:
You are on the CC list for the issue.

[Issue 10301] New: Use assertion control in lastbind chaining