On Wed, 20 Mar 2013 15:26:18 +0400, Nick ngds@mail.ru wrote:

Dear All,

I need to synchronize OpenLDAP database changes (create, modify, and delete) with another application, if possible in transactional mode

(like

with database replication), but, if this not possible, other options can also be considered. Please tell me, what is the best way to do this?

Best regards NIkolay

Hi,

we use the openLDAP accesslog overlay for this and have SPML based provisioning system listening to it and that then can provision the changes to any target system.

May be such an approach works for you.

Cheers,

Peter

Hi Peter,

Thanks for the information. Please tell me, how many objects, roughly, you have in the access log, and how often you check the access log for changes? I'm thinking about whether there will be performance issues if I check the access log for changes, for example, every 5 seconds.

Best regards Nikolay

Среда, 20 марта 2013, 17:46 +01:00 от peter.gietz@daasi.de:

On Wed, 20 Mar 2013 15:26:18 +0400, Nick < ngds@mail.ru > wrote:

...

Dear All,

I need to synchronize OpenLDAP database changes (create, modify, and delete) with another application, if possible in transactional mode

(like

...

with database replication), but, if this not possible, other options can also be considered. Please tell me, what is the best way to do this?

Best regards NIkolay

Hi,

we use the openLDAP accesslog overlay for this and have SPML based provisioning system listening to it and that then can provision the changes to any target system.

May be such an approach works for you.

Cheers,

Peter

Hi Nikolay, we have such productive for a number of customers. One deployment has these parameters:

* we keep the successful changes for one month, which are 200,000 entries * the synch engine looks for changes every 10 seconds. For this we have reqStart indexed and search for the latest changes. From OpenLDAP point of view fatser cycles are possible without any problem. A server that can handle tenthousands of request per second you can poll the access log as often as you want. So don't fear performance issues.

Cheers,

Peter

On Thu, 21 Mar 2013 19:08:48 +0400, Nick ngds@mail.ru wrote:

Hi Peter,

Thanks for the information. Please tell me, how many objects, roughly, you have in the access log, and how often you check the access log for changes? I'm thinking about whether there will be performance issues if

I

check the access log for changes, for example, every 5 seconds.

Best regards Nikolay

Среда, 20 марта 2013, 17:46 +01:00 от : On Wed, 20 Mar 2013 15:26:18 +0400, Nick wrote:

...

Dear All,

I need to synchronize OpenLDAP database changes (create, modify, and delete) with another application, if possible in transactional mode

(like

...

with database replication), but, if this not possible, other options

can

...

also be considered. Please tell me, what is the best way to do this?

Best regards NIkolay

Hi,

we use the openLDAP accesslog overlay for this and have SPML based provisioning system listening to it and that then can provision the changes to any target system.

May be such an approach works for you.

Cheers,

Peter

Links:

[1] http://mailserver.daasi.de/sentmsg?compose&To=ngds@mail.ru

--On Friday, March 22, 2013 2:32 PM +0400 Nick ngds@mail.ru wrote:

Hi Quanah,

Do you mean persistent search? If yes - please tell me, is it supported in OpenLDAP?

I checked http://www.openldap.org/devel//cvsweb.cgi/include/ldap.h, and if I search for "2.16.840.1.113730.3.4.7" it says:

I suggest you read up the (delta)-syncrepl documentation, since search & persist is a clearly documented option for it..

I would also note that OpenLDAP stopped using cvs a few years ago. If you're going to look at the online source, use the git repository.

http://www.openldap.org/devel/gitweb.cgi

--Quanah

--

Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration