You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by Alex Karasulu <ak...@apache.org> on 2007/09/29 11:28:56 UTC
[ApacheDS] Change log ietf draft
Hi,
Howard just pointed me over to the following closely related draft here:
http://www.highlandsun.com/hyc/drafts/draft-chu-ldap-logschema-xx.html
Thoughts?
Alex
Re: [ApacheDS] Change log ietf draft
Posted by Alex Karasulu <ak...@apache.org>.
+1 this would be a huge success for LDAP interoperability.
Alex
On 10/1/07, Quanah Gibson-Mount <qu...@zimbra.com> wrote:
>
> --On Monday, October 01, 2007 2:19 AM +0200 Emmanuel Lecharny
> <el...@gmail.com> wrote:
>
> > In any cases, we also need to be able to log Search requests. It's a
> > part of any AAA system... And some countries mandates you to store
> > such informations (nah, not china nor USA : Swiss !) for tracking
> > purpose if you open this system to the public.
>
> Yeah, completely familiar with that. ;)
>
> Also, I should correct my earlier bit -- With delta-sycnrepl, it is not
> required that you only log writes. You can log any other operations you
> want too, but logging writes is required. ;) Part of the setup for
> delta-syncrepl restricts it to only reading write ops from the access log
> database.
>
> <http://www.connexitor.com/forums/viewtopic.php?t=3> has an example of
> setting it up under OpenLDAP that I wrote up a while ago.
>
> I'd love to see a common replication mechanism between ADS and OpenLDAP
> (really, I'd love to see one (or more) across all the dir servers. ;) ).
>
> --Quanah
>
> --
>
> Quanah Gibson-Mount
> Principal Software Engineer
> Zimbra, Inc
> --------------------
> Zimbra :: the leader in open source messaging and collaboration
>
Re: [ApacheDS] Change log ietf draft
Posted by Quanah Gibson-Mount <qu...@zimbra.com>.
--On Monday, October 01, 2007 2:19 AM +0200 Emmanuel Lecharny
<el...@gmail.com> wrote:
> In any cases, we also need to be able to log Search requests. It's a
> part of any AAA system... And some countries mandates you to store
> such informations (nah, not china nor USA : Swiss !) for tracking
> purpose if you open this system to the public.
Yeah, completely familiar with that. ;)
Also, I should correct my earlier bit -- With delta-sycnrepl, it is not
required that you only log writes. You can log any other operations you
want too, but logging writes is required. ;) Part of the setup for
delta-syncrepl restricts it to only reading write ops from the access log
database.
<http://www.connexitor.com/forums/viewtopic.php?t=3> has an example of
setting it up under OpenLDAP that I wrote up a while ago.
I'd love to see a common replication mechanism between ADS and OpenLDAP
(really, I'd love to see one (or more) across all the dir servers. ;) ).
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
Re: [ApacheDS] Change log ietf draft
Posted by Emmanuel Lecharny <el...@gmail.com>.
In any cases, we also need to be able to log Search requests. It's a
part of any AAA system... And some countries mandates you to store
such informations (nah, not china nor USA : Swiss !) for tracking
purpose if you open this system to the public.
On 10/1/07, Quanah Gibson-Mount <qu...@zimbra.com> wrote:
> --On Monday, October 01, 2007 12:59 AM +0200 Emmanuel Lecharny
> <el...@gmail.com> wrote:
>
> > Hi Quanah,
> >
> > just wondering, why simply dump the data using LDIF format? Is there
> > any missing element which forbid you to use this format, with
> > changeType ?
>
> I believe that part of it is to track informational data that's not as
> easily tracked in LDIF, but I didn't write the spec (like request Controls
> for example). Mainly, I was noting something that the logschema draft is
> used for (and which so far is my preferred replication mechanism in
> OpenLDAP).
>
> --Quanah
>
> --
>
> Quanah Gibson-Mount
> Principal Software Engineer
> Zimbra, Inc
> --------------------
> Zimbra :: the leader in open source messaging and collaboration
>
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
Re: [ApacheDS] Change log ietf draft
Posted by Quanah Gibson-Mount <qu...@zimbra.com>.
--On Monday, October 01, 2007 12:59 AM +0200 Emmanuel Lecharny
<el...@gmail.com> wrote:
> Hi Quanah,
>
> just wondering, why simply dump the data using LDIF format? Is there
> any missing element which forbid you to use this format, with
> changeType ?
I believe that part of it is to track informational data that's not as
easily tracked in LDIF, but I didn't write the spec (like request Controls
for example). Mainly, I was noting something that the logschema draft is
used for (and which so far is my preferred replication mechanism in
OpenLDAP).
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
Re: [ApacheDS] Change log ietf draft
Posted by Emmanuel Lecharny <el...@gmail.com>.
Hi Quanah,
just wondering, why simply dump the data using LDIF format? Is there
any missing element which forbid you to use this format, with
changeType ?
Another possibility would be to use DSML 2.0 too (if you have some
spare CPU to do some XML-crunching, of course ;)
On 10/1/07, Quanah Gibson-Mount <qu...@zimbra.com> wrote:
> --On Saturday, September 29, 2007 1:31 PM +0300 Ersin Er
> <er...@gmail.com> wrote:
>
> > This is really not a change log draft. It goes beyond and logs any LDAP
> > operation. More to come soon..
>
> If it is related to the accesslog backend in OpenLDAP, then it is
> configurable what operations get logged, so it can, for example, be limited
> to just write operations. That's what the delta-syncrepl replication
> mechanism in OpenLDAP is based off of.
>
> --Quanah
>
>
> --
>
> Quanah Gibson-Mount
> Principal Software Engineer
> Zimbra, Inc
> --------------------
> Zimbra :: the leader in open source messaging and collaboration
>
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
Re: [ApacheDS] Change log ietf draft
Posted by Quanah Gibson-Mount <qu...@zimbra.com>.
--On Saturday, September 29, 2007 1:31 PM +0300 Ersin Er
<er...@gmail.com> wrote:
> This is really not a change log draft. It goes beyond and logs any LDAP
> operation. More to come soon..
If it is related to the accesslog backend in OpenLDAP, then it is
configurable what operations get logged, so it can, for example, be limited
to just write operations. That's what the delta-syncrepl replication
mechanism in OpenLDAP is based off of.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
Re: [ApacheDS] Change log ietf draft
Posted by Ersin Er <er...@gmail.com>.
This is really not a change log draft. It goes beyond and logs any LDAP
operation. More to come soon..
On 9/29/07, Alex Karasulu <ak...@apache.org> wrote:
>
> Hi,
>
> Howard just pointed me over to the following closely related draft here:
>
> http://www.highlandsun.com/hyc/drafts/draft-chu-ldap-logschema-xx.html
>
> Thoughts?
>
> Alex
>
--
Ersin Er
http://www.ersin-er.name