Re: Detecting changes in the directory

[Tony Earnshaw <tonni@hetnet.nl>]

Naufal Sheikh skrev, on 13-11-2007 20:38:

> Is there anyway to detetct the modifications made

Here OL 2.3.x. delta syncrepl.

Suppose you could run a script an intervals looking for whatever you
want in the operational attributes, if you have sufficient rights.

ldapsearch -LLL -x -D "cn=proxy,dc=barlaeus,dc=nl" -w secret
'uid=zzuilhof' modifyTimestamp

modifyTimestamp: 20071106101131Z

> and/or addition,subtraction made to directory for a certain period of time
> without using replication?

We presume you're up to date with latest 2.3 and have configured delta
syncrepl, not slurpd. Avoid slurpd at all costs.

Did I mention avoiding slurpd?

Noppies (Dutch ;)) meaning "No". Adding (2.3.x) a delta syncrepl
provider to your slapd.conf will only cost you a little headache to
configure, you don't need ever to use it for replication, but it will
add records to your changelog DB that will do what you want for searching:

ldapsearch2.3 -LLL -x -D "cn=proxy,dc=barlaeus,dc=nl" -w secret -b
'cn=changelog' reqDn

The latter will return multiple values; your script (the one you write
yourself in shell or Perl) will extract the requisite information.

> I will be running openldap on my backup
> machine for two hours and I am not sure how I can see if there were
> any changes made during those two hours, so that I can do the same on
> my production.

Well, you could as well run the gq GUI (is what I do), which would let
you know as well as my above suggestions. Both work :)

Did I mention avoiding slurpd?

--Tonni

--
Tony Earnshaw
Email: tonni at hetnet dot nl