Can you see the operation taking place in access logs ? Something like this ?
[15/Jun/2015:10:08:12 +0200] conn=1 op=0 BIND dn="cn=directory manager" method=128 version=3 [15/Jun/2015:10:08:12 +0200] conn=1 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager" [15/Jun/2015:10:08:34 +0200] conn=1 op=1 MOD dn="cn=config" [15/Jun/2015:10:08:34 +0200] conn=1 op=1 RESULT err=0 tag=103 nentries=0 etime=0 [15/Jun/2015:10:08:36 +0200] conn=1 op=3 UNBIND Thanks and regards, German. ----- Original Message ----- > From: "Prashant Bapat" <[email protected]> > To: "General discussion list for the 389 Directory server project." > <[email protected]> > Sent: Monday, June 15, 2015 11:23:52 AM > Subject: Re: [389-users] Not able to enable audit logs > > There is no error. It goes thru fine. When I restart the LDAP server after > adding it, there is nothing in the audit file. And no entry in the dse.ldif. > > On 15 June 2015 at 13:39, German Parente < [email protected] > wrote: > > > Hi Prashant, > > it should work in the same way. Are you having an error doing your ldapmodify > ? > > > There's not a specific entry for nsslapd-auditlog-logging-enabled. > > nsslapd-auditlog-logging-enabled is an attribute of cn=config entry. > > You should be able to query it by this command: > > ldapsearch -xLLL -D "cn=directory manager" -W -b "cn=config" -s base > nsslapd-auditlog-logging-enabled > dn: cn=config > nsslapd-auditlog-logging-enabled: on > > Regards, > > German. > > > ----- Original Message ----- > > From: "Prashant Bapat" < [email protected] > > > To: "389-users" < [email protected] > > > Sent: Monday, June 15, 2015 9:56:48 AM > > Subject: [389-users] Not able to enable audit logs > > > > Hi, > > > > I have a setup of master-master replicated 389 DS installations as part of > > FreeIPA. > > > > This is the version of the 389-ds : 389-ds-base-1.3.3.8-1.fc21.x86_64 > > > > On 1st server, I was able to enable the audit logs using the following > > LDIF. > > > > > > > > > > dn: cn=config > > changetype: modify > > replace: nsslapd-auditlog-logging-enabled > > nsslapd-auditlog-logging-enabled: on > > > > However, the same LDIF when I run on the second server (which is the > > replicated master) the audit logs never get enabled. I'm not able to find > > the nsslapd-auditlog-logging-enabled entry under the dse.ldif . I have > > tried > > restarting etc but no luck. > > > > Is this normal ? > > > > Thanks. > > --Prashant > > > > -- > > 389 users mailing list > > [email protected] > > https://admin.fedoraproject.org/mailman/listinfo/389-users > -- > 389 users mailing list > [email protected] > https://admin.fedoraproject.org/mailman/listinfo/389-users > > > -- > 389 users mailing list > [email protected] > https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/389-users
