Re: Overlay module accesslog on 2.3.4 - events not catched

[Howard Chu <hyc@symas.com>]

Ettore Simone wrote:
> Hi guys,
>
> I would like to integrate OpenLDAP in a mixed metadirectory
> environment (iPlanet, eDirectory, Oracle Internet Directory) using the
> changelog method described in Netscape IETF drafts
> draft-good-ldap-changelog-xx.txt.
>
> I'm trying to use (or extend it if needed) the accesslog overlay, but
> it seem that events for databases different from the log backend
> itself are not correctly handled by the overlay/accesslog layer.
>
>   
You have misunderstood. The overlay goes on the database(s) whose 
accesses you want logged, not on the logdb. The logdb is a separate 
database that is only used to store the log records. Please re-read the 
slapo-accesslog(5) man page. If you want logging enabled for 
"dc=my-domain,dc=com" then you must configure the overlay on that database.
> Using a slapd.conf file like this:
> ...
> moduleload      accesslog.la
> ...
> database        bdb
> suffix          "dc=my-domain,dc=com"
> rootdn          "cn=Manager,dc=my-domain,dc=com"
> rootpw          secret
> directory       /var/lib/ldap/db
> database        bdb
> suffix          "cn=Changelog"
> rootdn          "cn=Changelog"
> rootpw          secret
> directory       /var/lib/ldap/changelog
> overlay         accesslog
> logdb           cn=changelog
> logops          writes
>
>   
This should be

...
moduleload accesslog.la
...
database bdb
suffix cn=Changelog
rootdn cn=Changelog
rootpw secret
directory /var/lib/ldap/changelog

database bdb
suffix dc=my-domain,dc=com
rootdn cn=manager,dc=my-domain,dc=com
rootpw secret
directory /var/lib/ldap/db
overlay accesslog
logdb cn=Changelog
logops writes

--
 -- Howard Chu
 Chief Architect, Symas Corp.       Director, Highland Sun
 http://www.symas.com               http://highlandsun.com/hyc
 Symas: Premier OpenSource Development and Support