[Date Prev][Date Next] [Chronological] [Thread] [Top]

Revision Control of LDAP Entries...


I'm using OpenLDAP with the default BDB back-end in place of NIS for user information/authentication and automounting in a mixed Linux/Solaris environment. I replicate to one system using slurpd - this will probably grow in the future. I currently use phpLDAPadmin and command-line tools like ldapadd and slapadd (for bulk changes) to perform administrative functions on the entries.

Has anyone come across a good method for revision control of LDAP entries? Something, for example, that would allow me to easily revert back a change to a group or user's password or even view/import changes throughout history? In our NIS environment, this has been handled through an RCS-invoking wrapper to a NIS ASCII map editor. Things I've considered for OpenLDAP have been:

-> Using a relational database back-end with triggers

-> Customizing phpLDAPadmin to write out changes to a back-up directory

-> Doing something with slurpd to permanently log history

Has anyone wondered or done the similar things?

Thanks, Roy