myOmikron
commented
2 years ago Crontab is the intended way of running this script, as users can change their password in mailcow. If I'd only check if there's a change between LDAP and the local database, there would be inconsistent state between LDAP and mailcow. And as there's no way (which is good) of receiving the user's hash through mailcow's API, all users have to be synced, to update the password on mailcow's side.
Regarding your question: You don't have to check your local LDAP files, as LDAP by itself is intended to be fast in read operations. So even when having a large database, it should be quite fast to retrieve all necessary data. The slow part is surly the communication with mailcow's API.
samwell-ho
I installed mailcow and openldap, they work great.
However, I have to use crontab to sync at intervals, for example every 15 minutes.
My OpenLDAP database is quite large, each sync can take up to minutes.
The question is "Is there a way to track the change on OpenLDAP and only sync when there is a change?"
I have tried monitoring all OpenLDAP database files but when there is a change (e.g. user changes password), nothing happens.
How to track OpenLDAP attribute change?
This is not an issue but a tip to improve the efficiency of the application, do you know how to do it?