Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw
 
PerlMonks  

LDAP replication using Perl

by mlm (Novice)
on Aug 15, 2001 at 21:59 UTC ( #105124=perlquestion: print w/ replies, xml ) Need Help??
mlm has asked for the wisdom of the Perl Monks concerning the following question:

I am using I-Planet (aka Netscape Messaging Server) for my LDAP database. Netscape supports LDAP replication. Does anyone know of an existing script or library that will automatically recieve replication updates from Netscape LDAP. The basic Idea is, I need to be notified when an update occurs on the main LDAP database to trigger an event. Any help would be greatly appriciated. Thanks....

Comment on LDAP replication using Perl
Re: LDAP replication using Perl
by blakem (Monsignor) on Aug 15, 2001 at 22:15 UTC
    Have you looked into Net::LDAP? We have a nice tutorial about it here in the monestary.

    -Blake

      Yes, I have been using the Net::LDAP lib quite abit...

      What I am most interested in is the LDAP replication feature.

      Here's what I currently have:

      As stated by Netscape "Replication is the mechanism by which directory data is automatically copied from one directory server to another. Using replication, you can copy everything from entire directory trees to individual directory entries between servers."

      Once you have configured Netscape LDAP for replication, it updates the:

      /usr/netscape/server4/slapd-Directory/changelogdb/log.00001

      file every time an LDAP operation occurs.

      By monitoring this file, I can trigger my event. But, this is not an optimal solution, because every time it changes, I have to make a changelog call such as the following:

      $mesg = $ldap->search( base => 'cn=changelog', scope => 'sub', filter => '(changetype=add)', attrs => $attrs, callback => &callback );

      And then parse the return to check for changes. This is CPU expensive.

      The method I am looking for is a way for perl to emulate another LDAP database so that Netscape will automatically send replication updates to it, I would then trigger on only the updates I'm interested in.

      -mlm
        I don't think that iDS uses a standard LDAP call to update its replicas. It transfers more data, like changelognumber and credentials, between the both servers. This means that you can't use an, for example, OpenLdap server as a consumer for an iDS supplier. If it had used standard LDAP calls, you should have been able to use a LDAP server from any vendor as a consumer, which you can't.

        So you will not only need to emulate an iDS but also its Admin Server and the changelognumber transfering.

        If your application uses the LDAP server in a normal way (i.e. >95% of the requests are reads) I would write a plug-in that triggers on SLAPI_PLUGIN_POST_MODIFY_FN operation and write the modified data to a file. You could run that plug-in on a dedicated consumer and have a perl deamon poll for changes to that file.

        Just some thougths...

        /brother t0mas
Re: LDAP replication using Perl
by Anonymous Monk on Aug 16, 2001 at 09:00 UTC
    mlm,

    Is an audit log file suitable? /net/scape/v4/slapd-Directory/logs/audit (This keeps track of all change transactions that the directory has received) Would it be possible to intermittently poll this file or monitor it as it grows (tail -f) and subsequently handle the transactions appropriately?

    Regards, ...stick

Re: LDAP replication using Perl
by scottstef (Curate) on Aug 16, 2001 at 17:31 UTC
    I don't know if this helps, but we usually use egg drops. Most of our ldap mods are done thru a cgi, we then write to ldap, and to a file. Cron checks for those files and then manipulates the file to talk with our email server which has its own proprietary directory server. Not the most efficient way, but it works.

    "The social dynamics of the net are a direct consequence of the fact that nobody has yet developed a Remote Strangulation Protocol." -- Larry Wall

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://105124]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (7)
As of 2014-08-27 12:05 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The best computer themed movie is:











    Results (237 votes), past polls