Title: LDAP Dyanmic Filter Part: whenChanged
What is the idea or pain point: Large LDAP sync, 80k users, very little changes every hour.
-
describe what is the problem you like to solve?
Decrease amount of entries needed to be checked for changes. -
describe one or two concrete situations where this problem hurts the most
High CPU load when running a sync of 80k LDAP users -
why is it not solvable with the Zammad standard?
I’ve done this by setting a cronjob that updates the LdapSource once a day so that whenChanged is always looking back 7-8 days.
Help us understand:
- describe WHAT is your expectation / WHAT do you want to achieve?
Setting a user_filter for the LdapSource dynamically. Perhaps just even the whenChanged value.
(&(objectCategory=CN=Perso…)(whenChanged>=LAST_7_DAYS))
would get updated to the timestamp of the value 7 days in the past before running an LDAP sync to cut down on the amount of users checked. This would need to be a value other than the last time ran since the whenChanged slowly replicates and you would miss changed items based on the slow replication.