Dealing with OpenLDAP XMA 1.1: Working with Deltas

OpenLDAP XMA can run delta imports using a timestamp attribute you define or the changelog.

The MA uses the attribute specified in “deltaAttribute” custom parameter in order to implement watermarks and detect object changes. You may experience a couple of issues using a delta attribute:

• If the attribute does not exist for all objects you import, you will need to specify a common timestamp attribute, or use separate MAs if your timestamp attribute differs among the objects you want to import.
• If the timestamp attribute is in string format different to "yyyyMMddHHmmss", you will have to set the undocumented “deltaAttributeFormat” custom parameter so the XMA is able to parse it when using System.DateTime.TryParseExact() to calculate watermarks.
• If the timestamp attribute is in an format that System.DateTime.TryParseExact() cannot parse, you will have to modify the XMA code to convert the attribute into a valid datetime value.

If you find like me that the LDAP implementation you are connecting to does not use a timestamp attribute across all objects, your other option to use deltas is using changelog. In this case, what you have to do is leave “deltaAttribute” custom parameter blank, so the XMA will use changelog. If the account you are using in the XMA to access the LDAP is not administrative, you may need to adjust the permissions in cn=changelog to allow the XMA to work, adjusting the ACI to allow your MA account to read, compare and search all attributes for objects under cn=changelog.