15.21. Using the Retro Changelog Plug-in
changeLogEntry. For a list of possible attributes in a changelog entry, see the Changelog Attributes section in the Red Hat Directory Server Configuration, Command, and File Reference.
15.21.1. Enabling the Retro Changelog Plug-in
18.104.22.168. Enabling the Retro Changelog Plug-in Using the Command Line
- Use the
dsconfutility to enable the plug-in:
# dsconf -D "cn=Directory Manager" ldap://server.example.com plugin retro-changelog enable
- Restart the instance:
# dsctl instance_name restartIf you enable the dynamic plug-in as described in Section 1.10.2, “Enabling Plug-ins Dynamically”, restarting the instance is not required.
22.214.171.124. Enabling the Retro Changelog Plug-in Using the Web Console
- Open the Directory Server user interface in the web console. See Section 1.4, “Logging Into Directory Server Using the Web Console”.
- Select the instance.
- Select themenu.
- Select the Retro Changelog plug-in in the list on the left.
- Change the status to
- Restart the instance. See Section 1.5.2, “Starting and Stopping a Directory Server Instance Using the Web Console”.If you enable the dynamic plug-in as described in Section 1.10.2, “Enabling Plug-ins Dynamically”, restarting the instance is not required.
15.21.2. Trimming the Retro Changelog
nsslapd-changelogmaxageparameter and the next trim interval, set in
nsslapd-changelog-trim-interval, is executed.
# dsconf -D "cn=Directory Manager" ldap://server.example.com plugin retro-changelog set --max-age="2d"
15.21.3. Searching and Modifying the Retro Changelog
15.21.4. Retro Changelog and the Access Control Policy
- Read, search, and compare rights are granted to all authenticated users (
userdn=anyone, not to be confused with anonymous access where
userdn=all) to the retro changelog top entry
- Write and delete access are not granted, except implicitly to the Directory Manager.
aciattribute of the