Hello,

I have a set up a LDAP driver, created policies and filters, and
everything working fine so far.

But now I have discovered, that the driver is not tracking changes in
the destination LDAP that are done while the driver is stopped. I set up
another driver some weeks before, and as I remember, that one tracked
all changes correctly - but I might be wrong.

To reproduce the behaviour:
- set up LDAP driver
- sync Identities
- stop LDAP driver
- change to-be-published attribute in LDAP
- start LDAP driver again

Since I use openLDAP the driver is configured to use search method for
publication. Changes made to the same attributes while the driver is
running are correctly recognized in the next search run.

We upgraded IDM and Designer before I created this driver, and the
configuration values look slightly different now. Do i *have to* use the
setting "synchronize everything on first startup" (which syncs on every
startup of the driver by the way...)? this is very imperformant, since
the driver has to deal with ~9k Identities.

The filter is setup to publish one attribute, which is the one I am
missing...

thanks in advance


here is the driver config:

<?xml version="1.0" encoding="UTF-8"?><driver-config name="Identity
Manager LDAP Driver">
<driver-options>
<configuration-values>
<definitions>
<definition display-name="LDAP Directory Type" name="ldap-vendor"
type="enum">
<value>LDAPv3</value>
</definition>
<definition display-name="Enforce Matching Parenthesis in Schema
Elements" name="enforce-matching-parenthesis" type="enum">
<value>false</value>
</definition>
<definition display-name="Additional Allowable Schema Name
Characters" name="allowable-schema-element-chars" type="string">
<value>_</value>
</definition>
<group>
<definition display-name="Use SSL" name="use-ssl" type="enum">
<value>no</value>
</definition>
<subordinates active-value="yes">
<definition display-name="Keystore Path for SSL Certs"
name="keystore" type="string">
<value/>
</definition>
<definition display-name="Use Mutual Authentication"
name="use-mutual-auth" type="enum">
<value>no</value>
</definition>
</subordinates>
</group>
</definitions>
</configuration-values>
</driver-options>
<subscriber-options>
<configuration-values>
<definitions>
<definition display-name="LDAP Server Supports Binary Attribute
Option" name="subUseBinaryAttrOption" type="enum">
<value>yes</value>
</definition>
</definitions>
</configuration-values>
</subscriber-options>
<publisher-options>
<configuration-values>
<definitions>
<definition display-name="Polling Interval in Seconds"
name="pollRate" type="integer">
<value>60</value>
</definition>
<definition display-name="Temporary File Directory"
name="pub-state-dir" type="string">
<value>/var/nds/codex-search-publish</value>
</definition>
<definition display-name="Heartbeat interval in minutes"
name="pub-heartbeat-interval" type="string">
<value/>
</definition>
<group>
<definition display-name="Publication Method" name="pub-method"
type="enum">
<value>search</value>
</definition>
<subordinates active-value="changelog">
<definition display-name="Changelog Entries to Process on
Startup" name="changeLogBegin" type="enum">
<value>2</value>
</definition>
<definition display-name="Maximum Batch Size for Changelog
Processing" name="batchSize" type="integer">
<value>1000</value>
</definition>
<definition display-name="Preferred LDAP ObjectClass Names"
name="preferredObjectClasses" type="string">
<value/>
</definition>
<definition display-name="Prevent Loopback"
name="preventLoopback" type="enum">
<value>yes</value>
</definition>
</subordinates>
<subordinates active-value="search">
<definition display-name="Search Base DN"
name="pub-ldap-search-base" type="string">
<value>o=xxxxxxxx</value>
</definition>
<definition display-name="Search Scope"
name="pub-ldap-search-scope" type="enum">
<value>1</value>
</definition>
<definition display-name="Class Processing Order"
name="pub-class-processing-order" type="string">
<value>others groupofuniquenames</value>
</definition>
<definition display-name="Search Results to Synchronize on First
Startup" name="pub-ldap-search-begin" type="enum">
<enum-choice display-name="Synchronize only subsequent
changes">1</enum-choice>
<enum-choice display-name="Synchronize
everything">2</enum-choice>
<value>1</value>
</definition>
</subordinates>
</group>
<group>
<definition display-name="Use Sun Password Plugin"
name="useSunPluginGroup" type="enum">
<value>no</value>
</definition>
<subordinates active-value="yes">
<definition display-name="Sun Plugin Encryption Password"
is-sensitive="true" name="pub-password-encryption-key"
type="password-ref">
<value>np-pub-password-encryption-key</value>
</definition>
</subordinates>
</group>
</definitions>
</configuration-values>
</publisher-options>
</driver-config>


--
thebow
------------------------------------------------------------------------
thebow's Profile: http://forums.novell.com/member.php?userid=29760
View this thread: http://forums.novell.com/showthread.php?t=341724