First Last Prev Next    This bug is not in your last search results.
Bug 52733 - S4-Connector: Support ignoring trivial changes to certain attributes that change frequently
S4-Connector: Support ignoring trivial changes to certain attributes that cha...
Status: NEW
Product: UCS
Classification: Unclassified
Component: S4 Connector
UCS 5.0
Other Linux
: P5 normal (vote)
: ---
Assigned To: Samba maintainers
Samba maintainers
:
Depends on: 51518
Blocks:
  Show dependency treegraph
 
Reported: 2021-02-01 14:26 CET by Florian Best
Modified: 2021-02-01 17:23 CET (History)
3 users (show)

See Also:
What kind of report is it?: Feature Request
What type of bug is this?: 5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?: 2: Will only affect a few installed domains
How will those affected feel about the bug?: 3: A User would likely not purchase the product
User Pain: 0.171
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2021-02-01 14:26:57 CET 
Bug #51518 adds "irrelevant_attributes" to the AD-Connector.
This probably also makes sense to have in the S4-Connector.

+++ This bug was initially created as a clone of Bug #51518 +++

The AD-Connector currently polls and processes each change in MS Active Directory. It would be great if we could reduce replication time by ignoring changes that only affect certain attributes like

msDS-FailedInteractiveLogonCount
msDS-FailedInteractiveLogonCountAtLastSuccessfulLogon
msDS-LastFailedInteractiveLogonTime
msDS-LastSuccessfulInteractiveLogonTime

or

lastLogon
logonCount 
badPwdCount 
badPasswordTime

The detection should be possible at an early stage of the processing. For that we should port the Diff-Mode support fomr the S4-Connector to the ADC (Bug #18501) and then add the possibility to ignore a set of attributes. Maybe we should provide a sensible default set for this.
Comment 1 Florian Best univentionstaff 2021-02-01 14:29:24 CET 
Diff + ucr set in postinst:

diff --git services/univention-s4-connector/modules/univention/s4connector/__init__.py services/univention-s4-connector/modules/univention/s4connector/__init__.py
index 6c4d615d55..76a3e0b8eb 100644
--- services/univention-s4-connector/modules/univention/s4connector/__init__.py
+++ services/univention-s4-connector/modules/univention/s4connector/__init__.py
@@ -469,6 +469,9 @@ class ucs(object):
                        if not self.config.has_section(section):
                                self.config.add_section(section)
 
+               irrelevant_attributes = self.configRegistry.get('%s/ad/mapping/attributes/irrelevant' % (self.CONFIGBASENAME,), '')
+               self.irrelevant_attributes = set(irrelevant_attributes.split(','))
+
        def init_ldap_connections(self):
                self.open_ucs()
 
@@ -1394,6 +1397,10 @@ class ucs(object):
                                                if old_s4_object.get(attr) != original_object['attributes'].get(attr):
                                                        if attr not in object['changed_attributes']:
                                                                object['changed_attributes'].append(attr)
+                                       if not (set(object['changed_attributes']) - self.irrelevant_attributes):
+                                               ud.debug(ud.LDAP, ud.INFO, "sync_to_ucs: ignore %r" % (original_object['dn'],))
+                                               ud.debug(ud.LDAP, ud.ALL, "sync_to_ucs: changed_attributes=%s" % (object['changed_attributes'],))
+                                               return True
                                else:
                                        object['changed_attributes'] = list(original_object['attributes'].keys())
                        ud.debug(ud.LDAP, ud.INFO, "The following attributes have been changed: %s" % object['changed_attributes'])
First Last Prev Next    This bug is not in your last search results.