Geek Answers Handbook

How to get a list of only those users and groups that have been added from a certain date from the LDAP directory?

My application executes an LDAP request once a day and selects all users and groups in this container. After downloading it, my application goes through the list of user groups, adding only new ones to my application database (it only adds the username).

If 50,000 users, my application server is busy for 45 minutes every day, performing this operation.

Is it possible to indicate that I need "delta" in my LDAP request to get only those users who received the added / changed / deleted since my last LDAP request?

+6
source share
5

, modifyTimestamp. - softerra ldap (http://download.softerra.com/files/ldapbrowser26.msi). , ldap , .

+2

. , , LDAP. Active Directory, , "uSNChanged".

+1

.

OpenLDAP +, createTimestamp:

Zulu, .. YYYYMMDDHHMMSSZ. DS, fedora-ds, .

ldapsearch -x < other_options > createTimestamp

0

For users, try:

directorySearcher.Filter = "(&(objectCategory=person)(objectClass=user)(whenChanged>=" + yourLastQueryDate.ToString("yyyyMMddHHmmss") + ".0Z))";

For groups, try:

directorySearcher.Filter = "(&(objectCategory=group)(whenChanged>=" + yourLastQueryDate.ToString("yyyyMMddHHmmss") + ".0Z))";

And then:

SearchResultCollection adSearchResults = dSearcher.FindAll();

Note: make sure your last request date is in UTC / Zulu time format OR use the suffix ".nZ" to set your time zone.

0
source

More articles:


All Articles