[GAP] a couple of questions

Waldbieser, Carl waldbiec at lafayette.edu
Fri Mar 13 09:11:45 EDT 2015 

Jeffery,

Have you considered batching the updates as a function of time rather than by message count?  At Lafayette, we batch the requests every 30 seconds and write them to our LDAP DIT.  The other day, I added a group containing all our alumni to a synchronized group (~28,000 subject IDs).  The batches worked out to be ~ 5,000 - 8,000 as I watched the LDAP group fill up.

Thanks,
Carl Waldbieser
ITS System Programmer
Lafayette College

----- Original Message -----
From: "Jeffrey T Eaton" <jeaton at cmu.edu>
To: "Jeff McCullough" <jeffmc at berkeley.edu>
Cc: identity-services-gap at lists.andrew.cmu.edu
Sent: Thursday, March 12, 2015 8:13:54 PM
Subject: Re: [GAP] a couple of questions


> On Mar 12, 2015, at 4:07 PM, Jeff McCullough <jeffmc at berkeley.edu> wrote:
> 
> 
> 1) Where can I find a copy of GAP for download? 

https://github.com/cmu-ids

> 2) Sometime ago I remember Michael Gettes discussing changelog irregularities that made it chatty. For example, when a group was deleted, all the members were first deleted even though it could happen in one fell swoop. Did you find a way to resolve that?

We have not.  While it’s not the most efficient thing, it works as-is and hasn’t been a huge problem for us yet.  Group deletes are relatively rare, so this hasn’t been a priority to address.

We are working on a lookahead functionality in the LDAP provisioning code so that a series of events on the same group will get consolidated into a single LDAP modify operation, which would also help in this case.   So, with a 50-mesage lookahead, deleting a group of 500 members could be reduced from 501 transactions (500 member removes, and one group delete) to 11 LDAP transactions (10 each removing 50 members, and then one to remove the group at the end).  Note that in cases where you have a queue for maintaining isMemberOf attributes on the individual user objects, you would still need to do an LDAP modify on each one individually.  

-jeaton

_______________________________________________
Identity-services-gap mailing list
Identity-services-gap at lists.andrew.cmu.edu
https://lists.andrew.cmu.edu/mailman/listinfo/identity-services-gap

More information about the Identity-services-gap mailing list