[GAP] a couple of questions
Jeffrey T Eaton
jeaton at cmu.edu
Thu Mar 12 20:13:54 EDT 2015
> On Mar 12, 2015, at 4:07 PM, Jeff McCullough <jeffmc at berkeley.edu> wrote:
>
>
> 1) Where can I find a copy of GAP for download?
https://github.com/cmu-ids
> 2) Sometime ago I remember Michael Gettes discussing changelog irregularities that made it chatty. For example, when a group was deleted, all the members were first deleted even though it could happen in one fell swoop. Did you find a way to resolve that?
We have not. While it’s not the most efficient thing, it works as-is and hasn’t been a huge problem for us yet. Group deletes are relatively rare, so this hasn’t been a priority to address.
We are working on a lookahead functionality in the LDAP provisioning code so that a series of events on the same group will get consolidated into a single LDAP modify operation, which would also help in this case. So, with a 50-mesage lookahead, deleting a group of 500 members could be reduced from 501 transactions (500 member removes, and one group delete) to 11 LDAP transactions (10 each removing 50 members, and then one to remove the group at the end). Note that in cases where you have a queue for maintaining isMemberOf attributes on the individual user objects, you would still need to do an LDAP modify on each one individually.
-jeaton
More information about the Identity-services-gap
mailing list