LDAP Dyanmic Filter Part: whenChanged

Feature requests
1

Title: LDAP Dyanmic Filter Part: whenChanged

What is the idea or pain point: Large LDAP sync, 80k users, very little changes every hour.

  • describe what is the problem you like to solve?
    Decrease amount of entries needed to be checked for changes.

  • describe one or two concrete situations where this problem hurts the most
    High CPU load when running a sync of 80k LDAP users

  • why is it not solvable with the Zammad standard?
    I’ve done this by setting a cronjob that updates the LdapSource once a day so that whenChanged is always looking back 7-8 days.

Help us understand:

  • describe WHAT is your expectation / WHAT do you want to achieve?
    Setting a user_filter for the LdapSource dynamically. Perhaps just even the whenChanged value.
    (&(objectCategory=CN=Perso…)(whenChanged>=LAST_7_DAYS))
    would get updated to the timestamp of the value 7 days in the past before running an LDAP sync to cut down on the amount of users checked. This would need to be a value other than the last time ran since the whenChanged slowly replicates and you would miss changed items based on the slow replication.
2

This is stupid. It worked out well for a while until we hit on a user that didn’t get their entry updated daily… Then I realized if it didn’t sync the user it disabled them. sigh 78k users synced way to often. :frowning: