There are several components or plugins in DS handling group membership: memberof plugin, referential integrity plugin, acl code has a group cache, with ticket 4667 also replication will deal with groups of binddns.
There is a lot of comon functionality and the implementation of a general group handling/caching could be useful to all of these. Eventually also searches like "uniquemmber=<dn>" could benefit
during recent investigations about deadlocks in freeipa environments itwas discovered that group management was almost always contributing to the lock contention by executing lots of internal searches in memberof, automember or slapi-nis plugins.
Having a group cache and eventually an api to do group opereations or lookups from plugins could drastically reduce the internal searches and also reduce the lock contention.
Metadata Update from @lkrispen:
- Issue set to the milestone: 1.4 backlog
Metadata Update from @mreynolds:
- Custom field reviewstatus adjusted to None
- Issue close_status updated to: None
- Issue tagged with: RFE
to comment on this ticket.