LDAP EventHandler
Overview
This EventHandler uses the LDAP event notification mechanism to detect
changes in an LDAP directory. In order to use this EventHandler, your LDAP
server must support the version 3 persistent
search control extension. The only LDAP server tested with this EventHandler
is the Netscape/iPlanet directory server
(see the Notes fore more about iPlanet), but other LDAP servers may work as well.
When the EventHandler starts it connects to the LDAP server and specifies
the selection criteria for event notifications. All distinguished names returned
from the EventHandler are relative to the search base specified. To construct the full DN in a flexible way, you can append the search base to for example
the new DN with the following code in a custom script
event.setProperty("ldap.newdn", event.getProperty("ldap.newdn") + "," + task.getParam("ldapSearchBase"));
When an event occurs in the LDAP
directory, the EventHandler sets the ldap.operation property to one of
the following values:
Value |
Operation |
objAdded |
A new entry was added to the directory |
objRenamed |
An existing entry was renamed |
objModified |
An existing entry's attributes were modified |
objRemoved |
An existing entry was removed |
Depending on the ldap.operation the EventHandler sets the following
properties:
Object Added (objAdded)
Property |
Description |
ldap.newdn |
The new distinguished name in case of a rename operation |
ldap.newentry |
The new entry with changes applied |
Object Rename (objRenamed)
Property |
Description |
ldap.dn |
The old distinguished name |
ldap.newdn |
The new distinguished name |
Object Modified (objModified)
Property |
Description |
ldap.dn |
The distinguished name before the modify operation |
ldap.entry |
The contents of the LDAP entry before the modify operation.
This functionality is only available
for LDAP databases where a modification operation is done by first
removing the object and then recreating it with the modified attributes |
ldap.newdn |
The distinguished name after the modify operation |
ldap.newentry |
The contents of the LDAP entry after the modify operation |
Object Removed (objRemoved)
Property |
Description |
ldap.dn |
The distinguished name before the remove
operation |
ldap.entry |
The contents of the LDAP entry before the
remove operation |
The ldap.entry and ldap.newentry properties are instances of
the Entry class so you can access these as you would normally to with conn
and work objects in the AssemblyLine as shown in the following snippet:
var old = event.getProperty ("ldap.entry");
task.logmsg ("Old common name = " + old.getString("cn") );
One important aspect of the LDAP EventHandler is that you can risk loosing
important notifications when the handler is not running. This handler is best
used when you want to trap changes in a directory but still can tolerate loss of
information.
Configuration
See the LDAP Connector for a description
of the LDAP configuration parameters.
iPlanet Directory 5.0 has changed the change log to a proprietary format (see
http://docs.iplanet.com/docs/manuals/directory/51/html/ag/replicat_new.htm#1
). You will have to install the Retro Change Log Plug-in for accessing the
change log. Here is an extract from the Change Log section of the iPlanet
documentation:
In iPlanet Directory Server 5.0, the format of the change log was modified.
In earlier versions of Directory Server, the change log was accessible over
LDAP. Now, however, it is intended only for internal use by the server. If you
have applications that need to read the change log, you need to use the Retro
Change Log Plug-in for backward compatibility. For more information, refer to "Using
the Retro Change Log Plug-In".
See Also
EventHandler
Overview, Netscape
Changelog Connector
|