HP-UX Directory Server 8.1 administrator guide
Table 8-5 Attributes of a Retro changelog entry
DefinitionAttribute
This single-valued attribute is always present. It contains an integer that uniquely
identifies each change. This number is related to the order in which the change occurred.
The higher the number, the later the change.
changeNumber
This attribute contains the DN of the entry that was affected by the LDAP operation. In
the case of a modrdn operation, the targetDN attribute contains the DN of the entry
before it was modified or moved.
targetDN
Specifies the type of LDAP operation. This attribute can have a value of add, delete,
modify, or modrdn.
changeType
For add and modify operations, contains the changes made to the entry in LDIF format.changes
In the case of modrdn operations, specifies the new RDN of the entry.
newRDN
In the case of modrdn operations, specifies whether the old RDN was deleted.
deleteOldRdn
In the case of modrdn operations, specifies the newSuperior attribute of the entry.
newSuperior
This section contains information on the following retro changelog items:
• “Enabling the Retro changelog plug-in”
• “Trimming the Retro changelog”
• “Searching and modifying the Retro changelog”
• “Retro changelog and the access control policy”
8.16.1 Enabling the Retro changelog plug-in
The retro changelog plug-in configuration information is stored in the cn=Retro Changelog
Plugin,cn=plugins,cn=config entry in dse.ldif. To enable the retro changelog plug-in
from the command line:
1. Create an LDIF file that contains the following LDIF update statements:
dn: cn=Retro Changelog Plugin,cn=plugins,cn=config
cn: Retro Changelog Plugin
changetype: modify
replace: nsslapd-pluginenabled
nsslapd-pluginenabled: on
2. Use the ldapmodify command to import the LDIF file into the directory.
For more information on the ldapmodify command, see “Managing entries from the
command line” and the HP-UX Directory Server configuration, command, and file reference.
3. Restart the server.
For information on restarting the server, see “Starting and stopping servers”.
The retro changelog is created in the directory tree under a special suffix, cn=changelog.
The procedure for enabling the retro changelog plug-in from Directory Server Console is the
same as for all Directory Server plug-ins. For information, see “Enabling plug-ins”.
8.16.2 Trimming the Retro changelog
The entries in the changelog can be automatically removed after a specified period of time. To
configure the period of time after which entries are automatically deleted from the changelog,
set the nsslapd-changelogmaxage configuration attribute in the cn=Retro Changelog
Plugin,cn=plugins,cn=config entry.
The nsslapd-changelogmaxage attribute is a single-valued attribute. Its syntax is as follows:
nsslapd-changelogmaxage: Integer timeUnit
8.16 Using the Retro changelog plug-in 383