-
Grant access to the
cn=changelog
backend to theuid=admin
account using access control rules.By default, only the root user has access to this backend.
$ bin/ldapmodify dn: cn=changelog changetype: modify add: aci aci: (targetattr="*||+") (version 3.0; acl "Access to the changelog backend for the admin account"; allow (all) userdn="ldap:///uid=admin,dc=example,dc=com";)
-
Use ldapsearch to view the changelog.
$ bin/ldapsearch --baseDN cn=changelog --dontWrap "(objectclass=*)"
dn: cn=changelog objectClass: top objectClass: untypedObject cn: changelog dn: changeNumber=1,cn=changelog objectClass: changeLogEntry objectClass: top targetDN: uid=user.0,ou=People,dc=example,dc=com changeType: modify changes:: cmVwbGFjZTogbW9iaWxlCm1vYmlsZTogKzEgMDIwIDE1NCA5Mzk4Ci0KcmVwbGFjZToga G9tZVBob25lCmhvbWVQaG9uZTogKzEgMjI1IDIxNiA0OTQ5Ci0KcmVwbGFjZTogZ2l2ZW5OYW1lCmdp dmVuTmFtZTogQWFyb24KLQpyZXBsYWNlOiBkZXNjcmlwdGlvbgpkZXNjcmlwdGlvbjogdGhpcyBpcyB 0aGUgZGVzY3JpcHRpb24gZm9yIEFhcm9uIEF0cC4KLQpyZXBsYWNlOiBtb2RpZmllcnNOYW1lCm1vZG lmaWVyc05hbWU6IGNuPURpcmVjdG9yeSBNYW5hZ2VyLGNuPVJvb3QgRE5zLGNuPWNvbmZpZwotCnJlc GxhY2U6IGRzLXVwZGF0ZS10aW1lCmRzLXVwZGF0ZS10aW1lOjogQUFBQkhQOHpUR0E9Cgo= changenumber: 1 dn: changeNumber=2,cn=changelog objectClass: changeLogEntry objectClass: top targetDN: dc=example,dc=com changeType: modify changes:: cmVwbGFjZTogZHMtc3luYy1zdGF0ZQpkcy1zeW5jLXN0YXRlOiAwMDAwMDExQ0ZGMzM0Q zYwNDA5MzAwMDAwMDAyCgo= changenumber: 2