As of 3.2, the Directory Server supports two new changelog backend properties that allow access control filtering and sensitive attribute evaluation for targeted entries.
External client applications can change the contents of attributes seen in the targeted entry based on the access control rules applied to the associated base DN.
Indicates whether the contents of changelog entry attributes, such as
Indicates whether to include additional information about any attributes
that might have been removed due to access control filtering. This property
only applies to content removed as a result of processing performed by the