How to Enabled logging in OpenLdap

I am working on performance improvement task for our new product where I wanted avoid duplicate Ldap seaches. To view the ldap searches in sldap log file, we have to enable the logging. This is how you do it.

To enabled logging:

ldapmodify -x -H ldap://ldaphost -D cn=directory\ manager,cn=config -w password
dn: cn=Config
replace: olcLogLevel
olcLogLevel: Stats Stats2 None
Ctrl+d

Now you can view the log file at /var/log/slapd.log. You will need a root/sudo access to view this log file.

To disabled logging:
ldapmodify -x -H ldap://ldaphost -D cn=directory\ manager,cn=config -w password
dn: cn=Config
replace: olcLogLevel
olcLogLevel: None
Ctrl+d

NOTE: Here is None is used for reporting errors so don't forget to specify None when you enable or disable logging.

If you want to modify existing subscriber data in ldap, you can use this command
ldapmodify -x -H ldap://host -D cn=directory\ manager,o=example.com -w password123 -f modifieddata.ldif

where modifieddata.ldif would contain
dn: uniqueIdentifier=0209091514-1015999999,ou=subscribers,ou=OU,o=example.com
changetype: modify
replace:
:

dn: uniqueIdentifier=0209091514-1016000000,ou=subscribers,ou=OU,o=example.com
changetype: modify
replace:
:
Posted by Rohit Joshi at 10:10 PM
Labels: , ,

No comments:

Post a Comment