The Lightweight Directory Access Protocol (LDAP) Content Synchronization Operation with Transactions

The LDAP Content Synchronization Operation and LDAP Transactions are not integrated, which makes the Content Synchronization Operation less useful. The client using the Content Synchronization Operation has no information of which changes were part of a single transaction. As a result, the client cannot replicate transaction semantics reliably, especially when a connection to an LDAP server is interrupted in the middle of the persist stage of the Content Synchronization Operation. Some clients could use the information where an LDAP transaction started and ended for transactions at application level to guarantee consistency of application data. Altenatively, some applications can use transaction boundaries for optimizations when further processing of the data is triggered by the end of a transaction. This might allow the application to save some overhead by processing changes in groups.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in . Term "transaction identifier" has the same definition as in .

Existing protocol messages and semantics defined by are not changed. The protocol flow is only extended with Transaction Notification Control, Start, and End Transaction Notification Messages.

The Transaction Notification Control is an LDAPControl where the controlType is "TBD1" and the controlValue is absent. The criticality may be TRUE or FALSE.

The Start Transaction Notification message is an IntermediateResponse where the responseName is "TBD2" and the responseValue is absent.

The End Transaction Notification message is an IntermediateResponse where the responseName is "TBD3" and the responseValue is absent.

The client requests information about LDAP Transaction to be added to the Content Synchronization Operation by sending Transaction Notification Control along with a SearchRequest Message that contains a Sync Request Control . All attempts to use Transaction Notification Control without Sync Request Control MUST be denied with the unwillingToPerform result code. TODO: THIS SHOULD BE CLARIFIED BY FURTHER UPDATES TO TRANSACTION RFCs Please note that defined that LDAP Transactions have atomic, consistency, isolation, durability (ACID) properties without further specification of the "isolation" level. This extension assumes that an isolation property guarantees that uncommited changes are generaly not visible to LDAP clients and thus not returned in the Content Synchronization Operation results.

The refresh stage of the Content Synchronization Operation is unaffected by Transaction Notification Control. The control affects neither Content Determination nor protocol messages sent during the refresh stage. Transaction-aware clients MUST treat the refresh stage as a single transaction. Messages that mark end of the refresh stage are defined in .

Existing protocol messages and semantics defined by are not changed. The protocol flow in the persist stage is extended only with Start and End Transaction Notification Messages. A Start Transaction Notification Message MUST be sent to a client when a transaction is successfully commited but before any of the changes contained in the transaction are sent to the client. The Start Transaction Notification Message MUST be followed by all Change notification messages as defined in the persist stage of . A server MUST NOT interleave changes made in multiple transactions to ensure that Start and End messages unambiguously identify one transaction. An End Transaction Notification Message MUST be sent immediatelly after all Change notifications for given transaction were sent to the client. This message signalizes to the client that the transaction marked by the Start Transaction Notification Message is complete and all changes can be commited.

TBD

This document merely adds information about transaction boundaries to the existing Content Synchronization Operation. This is believed not to add any security risk.