Red Hat Training

A Red Hat training course is available for Red Hat Directory Server

4.16. Retro Changelog Plug-in Attributes

Two different types of changelogs are maintained by Directory Server. The first type, referred to as simply a changelog, is used by multi-master replication, and the second changelog, a plug-in referred to as the retro changelog, is intended for use by LDAP clients for maintaining application compatibility with Directory Server 4.x versions.
This Retro Changelog Plug-in is used to record modifications made to a supplier server. When the supplier server's directory is modified, an entry is written to the Retro Changelog that contains both of the following:
  • A number that uniquely identifies the modification. This number is sequential with respect to other entries in the changelog.
  • The modification action; that is, exactly how the directory was modified.
It is through the Retro Changelog Plug-in that the changes performed to the Directory Server are accessed using searches to cn=changelog suffix.

4.16.1. isReplicated

This optional attribute sets a flag to indicate on a change in the changelog whether the change is newly made on that server or whether it was replicated over from another server.
Parameter Description
OID 2.16.840.1.113730.3.1.2085
Entry DN cn=Retro Changelog Plugin,cn=plugins,cn=config
Valid Values true | false
Default Value None
Syntax Boolean
Example isReplicated: true

4.16.2. nsslapd-attribute

This attribute explicitly specifies another Directory Server attribute which must be included in the retro changelog entries.
Many operational attributes and other types of attributes are commonly excluded from the retro changelog, but these attributes may need to be present for a third-party application to use the changelog data. This is done by listing the attribute in the retro changelog plug-in configuration using the nsslapd-attribute parameter.
It is also possible to specify an optional alias for the specified attribute within the nsslapd-attribute value.
nsslapd-attribute: attribute:alias
Using an alias for the attribute can help avoid conflicts with other attributes in an external server or application which may use the retro changelog records.


Setting the value of the nsslapd-attribute attribute to isReplicated is a way of indicating, in the retro changelog entry itself, whether the modification was done on the local server (that is, whether the change is an original change) or whether the change was replicated over to the server.
Parameter Description
Entry DN cn=Retro Changelog Plugin,cn=plugins,cn=config
Valid Values Any valid directory attribute (standard or custom)
Default Value None
Syntax DirectoryString
Example nsslapd-attribute: nsUniqueId: uniqueID

4.16.3. nsslapd-changelogdir

This attribute specifies the name of the directory in which the changelog database is created the first time the plug-in is run. By default, the database is stored with all the other databases under /var/lib/dirsrv/slapd-instance/changelogdb.


For performance reasons, store this database on a different physical disk.
The server has to be restarted for changes to this attribute to go into effect.
Parameter Description
Entry DN cn=Retro Changelog Plugin,cn=plugins,cn=config
Valid Values Any valid path to the directory
Default Value None
Syntax DirectoryString
Example nsslapd-changelogdir: /var/lib/dirsrv/slapd-instance/changelogdb

4.16.4. nsslapd-changelogmaxage (Max Changelog Age)

This attribute specifies the maximum age of any entry in the changelog. The changelog contains a record for each directory modification and is used when synchronizing consumer servers. Each record contains a timestamp. Any record with a timestamp that is older than the value specified in this attribute is removed. If this attribute is absent, there is no age limit on changelog records, which is the default behavior since this attribute is not present by default.


Expired changelog records will not be removed if there is an agreement that has fallen behind further than the maximum age.
Parameter Description
Entry DN cn=Retro Changelog Plugin,cn=plugins,cn=config
Valid Range 0 (meaning that entries are not removed according to their age) to the maximum 32 bit integer value (2147483647)
Default Value 0
DirectoryString Integer AgeID
AgeID is s for seconds, m for minutes, h for hours, d for days, or w for weeks.
Example nsslapd-changelogmaxage: 30d