[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapo-accesslog: Preserve some attributes of deleted entries in auditDelete entries

Michael Ströder wrote:

When using slapo-accesslog in a meta-directory environment you might wanna
query the accesslog database for quickly detecting deleted entries with
(&(objectClass=auditDelete)(reqResult=0)(<time-interval-filter>) and act
accordingly. Now when receiving this entry of object class auditDelete the
entry referenced by 'reqDN' is already gone. But the primary key used for
synchronization might be some attribute within the deleted entry and not being
part of the DN.

So it would be helpful to preserve a set of configurable attributes of the
deleted entry in those entries of object class 'auditDelete' in the accesslog
database just like attribute 'reqOld' for modify and modifyDN requests
(configurable with logold/logoldattr).

Currently logold already logs the entire entry, so everything you could need is already there.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/