| |
IBM SecureWay LDAPEventHandler
Overview
The IBM SecureWay LDAPEventHandler uses LDAP unsolicited event notifications to detect
changes in an LDAP directory. In order to use the IBM SecureWay LDAPEventHandler your LDAP
server must support LDAPv3 unsolicited notification events. The only LDAP server tested with this EventHandler
is the IBM SecureWay Directory
server but other LDAP servers may work as well.
When the EventHandler starts it connects to the LDAP server and retrieves all recent directory changes,
which have happened while it has been offline, and registers
for receiving unsolicited event notifications. When an event occurs in the LDAP
directory the EventHandler receives an unsolicited notification event and retrieves the next changelog entry.
This changelog entry is accessible as the event entry object. The event entry object has the following attributes:
Attribute |
Description |
Required/Optional |
changenumber |
The change number as assigned by the supplier; this integer must increase as new entries are added, and always be unique within a given server |
Required |
targetdn |
The distinguished name of the entry which was added, modified, or deleted; in the case of a "modrdn" operation, the targetdn gives the DN of the entry before it was modified |
Required |
changetype |
The type of change ("add", "delete", "modify", or "modrdn"). |
Required |
changes |
The changes that were made to the directory server; these changes are in LDIF format; available when changetype is either add or modify |
Optional |
newrdn |
The new RDN (Relative Distinguished Name) of the entry, if the changeType is "modrdn"; if the changeType attribute does not have the "modrdn" value then there are no values contained in the newRDN attribute |
Optional |
deleteoldrdn |
A flag which tells whether the old RDN of the entry should either be retained as a distinguished attribute of the entry or deleted |
Optional |
newsuperior |
If present, it gives the name of the entry which becomes the immediate superior of the existing entry |
Optional |
changetime |
The time when the change was made |
Required |
modifiersname |
The DN making the change |
Optional |
An important feature of the IBM SecureWay LDAPEventHandler is that you don't risk loosing
notifications when the eventhandler is not running, because each time it is started
it retrieves the changes that it has missed while being offline.
Configuration
Parameter |
Description |
LDAP URL |
The LDAP URL (ldap://hostname:port) |
Login username |
The distinguished name used for authentication to the server (e.g. cn=root);
please note that this distinguished name must have administrator priviledges since
the eventhandler must be able to read the changelog |
Login password |
The credentials (password) |
ChangeLog Search base |
The search base where the changelog is kept. The standard DN for this is cn=changelog |
Search base |
The base of the directory tree branch about which you want to be notified. Specify a
distinguished name.
Some directories allow you to specify a blank string which defaults to whatever the server is configured to do.
Other directory services require this to be a valid distinguished name in the directory |
Search Scope |
The scope of events which you want to be notified about. Can be one of subtree, level and base |
ChangeNumber Filename |
The name of the file where the last changenumber is/will be stored. The file format is human-readable text.
This file is updated after each event notification |
InitialChangeNumber |
If the file supplied in the ChangeNumber Filename parameter does not exist,
then the eventhandler retrieves the changelog entries, starting from InitialChangeNumber |
Authentication Method |
The authentication method. Possible values are:
MD5-CRAM - use CRAM-MD5 (RFC-2195)
SASL - use SASL
Anonymous - use no authentication
Simple - use weak authentication (cleartext password)
If not specified, the default (Anonymous) is used. If either the Login Username or Login password parameter is blank then Anonymous is used
|
For an IBM SecureWay Directory installation and configuration guide please see the
Netscape Changelog Connector.
See Also
EventHandler
Overview, LDAPEventHandler
| |
|