Can you see the operation taking place in access logs ?
Something like this ?
[15/Jun/2015:10:08:12 +0200] conn=1 op=0 BIND dn="cn=directory manager"
method=128 version=3
[15/Jun/2015:10:08:12 +0200] conn=1 op=0 RESULT err=0 tag=97 nentries=0 etime=0
dn="cn=directory manager"
[15/Jun/2015:10:08:34 +0200] conn=1 op=1 MOD dn="cn=config"
[15/Jun/2015:10:08:34 +0200] conn=1 op=1 RESULT err=0 tag=103 nentries=0 etime=0
[15/Jun/2015:10:08:36 +0200] conn=1 op=3 UNBIND
Thanks and regards,
German.
----- Original Message -----
From: "Prashant Bapat" <prashant(a)apigee.com>
To: "General discussion list for the 389 Directory server project."
<389-users(a)lists.fedoraproject.org>
Sent: Monday, June 15, 2015 11:23:52 AM
Subject: Re: [389-users] Not able to enable audit logs
There is no error. It goes thru fine. When I restart the LDAP server after
adding it, there is nothing in the audit file. And no entry in the dse.ldif.
On 15 June 2015 at 13:39, German Parente < gparente(a)redhat.com > wrote:
Hi Prashant,
it should work in the same way. Are you having an error doing your ldapmodify
?
There's not a specific entry for nsslapd-auditlog-logging-enabled.
nsslapd-auditlog-logging-enabled is an attribute of cn=config entry.
You should be able to query it by this command:
ldapsearch -xLLL -D "cn=directory manager" -W -b "cn=config" -s base
nsslapd-auditlog-logging-enabled
dn: cn=config
nsslapd-auditlog-logging-enabled: on
Regards,
German.
----- Original Message -----
> From: "Prashant Bapat" < prashant(a)apigee.com >
> To: "389-users" < 389-users(a)lists.fedoraproject.org >
> Sent: Monday, June 15, 2015 9:56:48 AM
> Subject: [389-users] Not able to enable audit logs
>
> Hi,
>
> I have a setup of master-master replicated 389 DS installations as part of
> FreeIPA.
>
> This is the version of the 389-ds : 389-ds-base-1.3.3.8-1.fc21.x86_64
>
> On 1st server, I was able to enable the audit logs using the following
> LDIF.
>
>
>
>
> dn: cn=config
> changetype: modify
> replace: nsslapd-auditlog-logging-enabled
> nsslapd-auditlog-logging-enabled: on
>
> However, the same LDIF when I run on the second server (which is the
> replicated master) the audit logs never get enabled. I'm not able to find
> the nsslapd-auditlog-logging-enabled entry under the dse.ldif . I have
> tried
> restarting etc but no luck.
>
> Is this normal ?
>
> Thanks.
> --Prashant
>
> --
> 389 users mailing list
> 389-users(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users