[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap dir change, ext script?

To: Brian Krusic <brian@krusic.com>
Subject: Re: ldap dir change, ext script?
From: Matthew Backes <mbackes@symas.com>
Date: Wed, 25 Mar 2009 13:57:38 -0700
Cc: openldap-technical@openldap.org
In-reply-to: <C8742F53-5661-4F3A-8309-135F38BE5971@krusic.com>
References: <3227452A-1220-48CE-93BE-1197F201D562@krusic.com> <c8fe0c270903231159x348c7f7ej4104256b044e36b5@mail.gmail.com> <C8742F53-5661-4F3A-8309-135F38BE5971@krusic.com>

I add users either through Drupal using ldap_provisioning module or simple ldap_add commands.

The external script can be anything from simply touching a file, to emailing, to more complex Perl or Python scripts.

I prefer not to chain commands to either ldap_add command or the ldap_provisioning module and would prefer to only kick off my external script upon users being added/removed or even something as a simple change to the LDAP db.

OpenLDAP has hooks for this in the form of replication. The replication protocol, syncrepl, is specified in the RFC 4533.

The idea here is that a client that understands these extensions can just connect as if it were a replica and receive a live feed of changes (refreshAndPersist mode). There has been some work done towards including this in the c ldap client api, but I'm not aware of any scripting language bindings that include this yet.

Matthew Backes
Symas Corporation
mbackes@symas.com

References:
- ldap dir change, ext script?
  - From: Brian Krusic <brian@krusic.com>
- Re: ldap dir change, ext script?
  - From: LiPi - <lipixx@gmail.com>
- Re: ldap dir change, ext script?
  - From: Brian Krusic <brian@krusic.com>

Prev by Date: Re: Proxy to Active Directory: lost field
Next by Date: Re: Proxy to Active Directory: lost field
Index(es):
- Chronological
- Thread