[python-ldap] LDAP pagination cookie not working across AD server restart
Michael Ströder
michael at stroeder.com
Thu Jan 5 16:27:05 EST 2017
Ritesh Nadhani wrote:
> On Thu, Jan 5, 2017 at 10:56 AM, Michael Ströder <michael at stroeder.com> wrote:
>> In general I would never expect this (both cases) to work since the server
>> can throw away any context of your former stale LDAP connection. The first
>> case may work with AD but likely does not work with other LDAP servers.
>> AFAICS there is no text in RFC 2696 clarifying this.
>
> So I guess my question becomes:
>
> If i have to efficiently pull all user information from a directory
> service where the network IO can be a bit sketchy, whats the best to
> query when I want to ignore already fetched users information?
Hmm, up to now you mentioned your client crashing or AD getting restarted.
Unstable network link is a different problem field.
> As far as I can see, there is no way to specifiy ordering, offseting
> during the query option.
If you want to sync many AD entries then you should better read about how to
correctly use USN values to retrieve recently changed entries in a robust manner
(store highest committed USN as sync state).
Another alternative is to use the DirSync control.
Ciao, Michael.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3829 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.python.org/pipermail/python-ldap/attachments/20170105/d712dbce/attachment.bin>
More information about the python-ldap
mailing list