LDAP Notifications

Figuring out what the story is with LDAP notifications isn’t terribly easy. There are a number of different protocol extensions out there:

The strangest thing about all this is that LCUP is the only one of these that progressed from Internet Draft to RFC, yet neither OpenLDAP nor Fedora Directory Server implement it. SYNC seems to have been proposed by the OpenLDAP crew because when they went to implement LCUP they found that it “requires server implementations to maintain complete history information in order to provide eventually convergent incremental refreshes”, which presumably wasn’t something that OpenLDAP already did. Yet the working group went ahead and progressed LCUP to RFC and not SYNC.

Anyway, moral of the story is that if you want notifications, then you want PSEARCH if you’re using Fedora Directory Server and SYNC if you’re using OpenLDAP.

If you’re using OpenLDAP’s client library, rather than the Mozilla LDAP C SDK, then it’s a little tricky since you have to manually create the psearch control and parse the entryChange controls. Here’s some example code.

One Response to “LDAP Notifications”

  1. Anonymous says:

    You may also be interested in Novell’s eDirectory events system. It is a pretty extensive notification system built into eDirectory server.

    A few links: http://developer.novell.com/ndk/doc/cldap/index.html?page=/ndk/doc/cldap/ldaplibc/data/hevgtl7k.html
    Look up function ldap_monitor_events

    The API from Novell is available. It is also possible to use OpenLDAP library as a base API and add events extension as an add on using “intermediate response” facility from OpenLDAP library, to access these.