MJ J wrote:
TLDR; in a split-brain situation, you could run into trouble. But this isn't the only place. Efffective systems monitoring is the key here.
Long answer; [..] The solution I posted has been in production in a large, dynamic company for several years and never encountered a problem.
Maybe it works for you. But I still don't understand why you post such a lengthy justification insisting on your MOD_INCREMENT / read-after-write approach with possible race condition even in a single master deployment while there are two proper solutions with just a few lines code more:
1. delete-by-value to provoke a conflict like the original poster mentioned by pointing to http://www.rexconsulting.net/ldap-protocol-uidNumber.html
2. MOD_INCREMENT with pre-read control
Of course none of the solutions work when hitting multiple providers hard in a MMR setup or in a split-brain situation. One has to choose a "primary" provider then. BTW: AFAIK with FreeIPA each provider has its own ID range to prevent that.
Ciao, Michael.