For information about configuring XDASv2 events for eDirectory, see Section 4.4, Configuring XDASv2 Events for Auditing.
Table 2-5 lists how eDirectory internal events are mapped to XDAS events.
NOTE:For information about eDirectory events and their description, see
Table 2-5 Mapping XDAS Events with eDirectory Events
XDAS Event |
eDirectory Event |
---|---|
CREATE_ACCOUNT For an example of this event, see Create Account. |
DSE_CREATE_ENTRY DSE_LDAP_ADD DSE_LDAP_ADDRESPONSE DSE_NAME_COLLISION |
DELETE_ACCOUNT For an example of this event, see Delete Account. |
DSE_DELETE_ENTRY DSE_LDAP_DELETE DSE_LDAP_DELETERESPONSE DSE_MOVE_SOURCE_ENTRY DSE_REMOVE_ENTRY |
ENABLE_ACCOUNT For an example of this event, see Enable Account. |
DSE_ADD_VALUE |
DISABLE_ACCOUNT For an example of this event, see Disable Account. |
DSE_ADD_VALUE |
QUERY_ACCOUNT For an example of this event, see Query Account. |
DSE_DSA_READ DSE_INSPECT_ENTRY DSE_LDAP_SEARCH DSE_LDAP_SEARCHENTRYRESPONSE DSE_SEARCH DSE_LDAP_COMPARE |
MODIFY_ACCOUNT For an example of this event, see Modify Account. |
DSE_ADD_VALUE DSE_DELETE_ATTRIBUTE DSE_DELETE_VALUE DSE_LDAP_MODDN DSE_LDAP_MODDNRESPONSE DSE_LDAP_MODIFY DSE_LDAP_MODIFYRESPONSE DSE_MERGE_ENTRIES DSE_MODIFY_ENTRY DSE_MODIFY_RDN DSE_RENAME_ENTRY |
MODIFY_ACCOUNT_SECURITY_TOKEN For an example of this event, see Modify Account Security Token. |
DSE_CHGPASS |
CREATE_SESSION For an example of this event, see Create Session. To monitor the Authenticate Session event, you need to enable both the XDAS and NMAS Auditing. For more information, see Auditing with XDASv2 and Using XDASv2 for Auditing NMAS Events respectively. NOTE:Prior to eDirectory 8.8.8 P9, DSE_LDAP_CONNECTION event is used to monitor the Create Session event. |
DSE_LOGIN_EX |
TERMINATE_SESSION |
DSE_LOGOUT |
MODIFY_SESSION For an example of this event, see Modify Session. |
DSE_CHANGE_CONN_STATE |
CREATE_DATA_ITEM For an example of this event, see Create Data Item. |
DSE_CREATE_BACKLINK DSE_CREATE_ENTRY DSE_CREATE_SUBREF DSE_LDAP_ADD DSE_LDAP_ADDRESPONSE DSE_NAME_COLLISION DSE_SPLIT_DONE DSE_SPLIT_PARTITION |
DELETE_DATA_ITEM For an example of this event, see Delete Data Item. |
DSE_DELETE_ENTRY DSE_JOIN_PARTITIONS DSE_LDAP_DELETE DSE_LDAP_DELETERESPONSE DSE_MOVE_SOURCE_ENTRY DSE_REMOVE_ENTRY DSE_REMOVE_ENTRY_DIR DSE_REMOTE_SERVER_DOWN |
MODIFY_DATA_ITEM_ATTRIBUTE For an example of this event, see Modify Data Item Attribute. |
DSE_ABORT_PARTITION_OP DSE_ADD_PROPERTY DSE_ADD_REPLICA DSE_ADD_VALUE DSE_CHANGE_REPLICA_TYPE DSE_CHECK_SEV DSE_DEFINE_ATTR_DEF DSE_DEFINE_CLASS_DEF DSE_DELETE_ATTRIBUTE DSE_DELETE_PROPERTY DSE_DELETE_VALUE DSE_LDAP_MODDN DSE_LDAP_MODDNRESPONSE DSE_GEN_CA_KEYS DSE_LDAP_MODIFY DSE_LDAP_MODIFYRESPONSE DSE_LDAP_PASSWDMODIFY DSE_MERGE_ENTRIES DSE_MODIFY_CLASS_DEF DSE_MODIFY_ENTRY DSE_MODIFY_RDN DSE_MOVE_SUBTREE DSE_MOVE_TREE DSE_MUTATE_ENTRY DSE_PARTITION_STATE_CHG DSE_PARTITION_EVENT DSE_RECERT_PUB_KEY DSE_REMOVE_ATTR_DEF DSE_REMOVE_BACKLINK DSE_REMOVE_CLASS_DEF DSE_REMOVE_REPLICA DSE_RENAME_ENTRY DSE_STREAM DSE_UPDATE_ATTR_DEF DSE_UPDATE_CLASS_DEF DSE_UPDATE_REPLICA DSE_UPDATE_SCHEMA DSE_UPDATE_SEV |
QUERY_DATA_ITEM_ATTRIBUTE For an example of this event, see Query Data Item Attribute. |
DSE_CHECK_SEV DSE_COMPARE_ATTR_VALUE DSE_DSA_READ DSE_INSPECT_ENTRY DSE_LDAP_COMPARE DSE_LDAP_COMPARERESPONSE DSE_LDAP_SEARCH DSE_LDAP_SEARCHENTRYRESPONSE DSE_LDAP_SEARCHRESPONSE DSE_LIST_CONT_CLASSES DSE_LIST_PARTITIONS DSE_LIST_SUBORDINATES DSE_READ_ATTR DSE_READ_REFERENCES DSE_REFERRAL DSE_SEARCH DSE_STREAM DSE_VERIFY_PASS DSE_LOW_LEVEL_JOIN |
ENABLE_SERVICE For an example of this event, see Enable Service. |
DSE_CHANGE_MODULE_STATE |
DISABLE_SERVICE For an example of this event, see Disable Service. |
DSE_CHANGE_MODULE_STATE |
INVOKE_SERVICE For an example of this event, see Invoke Service. |
DSE_BACKLINK_PROC_DONE DSE_LIMBER_DONE DSE_LUMBER_DONE DSE_MOVE_TREE_START DSE_PURGE_START DSE_RECV_REPLICA_UPDATES DSE_SEND_REPLICA_UPDATES DSE_START_JOIN DSE_START_UPDATE_REPLICA DSE_START_UPDATE_SCHEMA DSE_SYNC_PARTITION DSE_SYNC_PART_START DSE_SYNC_SCHEMA DSE_SYNC_SVR_OUT_START |
TERMINATE_SERVICE For an example of this event, see Terminate Service. |
DSE_ABORT_JOIN DSE_END_UPDATE_REPLICA DSE_END_UPDATE_SCHEMA DSE_JOIN_DONE DSE_MOVE_TREE_END DSE_PURGE_END DSE_SCHEMA_SYNC DSE_SYNC_PART_END DSE_SYNC_SVR_OUT_END |
MODIFY_PROCESS_CONTEXT For an example of this event, see Modify Process Context. |
DSE_CHANGE_TREE_NAME DSE_LDAP_MODLDAPSERVER DSE_MERGE_TREE DSE_PART_STATE_CHG_REQ DSE_REPAIR_TIME_STAMPS DSE_RESET_DS_COUNTERS DSE_SERVER_ADDRESS_CHANGE DSE_SERVER_RENAME DSE_SET_NEW_MASTER DSE_SYNTHETIC_TIME |
CREATE_PEER_ASSOCIATION For an example of this event, see Create Peer Association. |
DSE_ADD_MEMBER DSE_ADD_VALUE |
TERMINATE_PEER_ASSOCIATION For an example of this event, see Terminate Peer Association. |
DSE_DELETE_MEMBER DSE_DELETE_VALUE |
CREATE_DATA_ITEM_ASSOCIATION For an example of this event, see Create Data Item Association. |
DSE_ADD_VALUE |
TERMINATE_DATA_ITEM_ASSOCIATION For an example of this event, see Terminate Data Item Association. |
DSE_DELETE_ATTRIBUTE DSE_DELETE_VALUE |
MODIFY_DATA_ITEM_ASSOCIATION |
DSE_BKLINK_OPERATOR DSE_BKLINK_SEV DSE_CHANGE_OBJ_SECURITY DSE_CHANGE_PROP_SECURITY DSE_CHANGE_SECURITY_EQUALS |
CREATE_ROLE For an example of this event, see Create Role. |
DSE_CREATE_ENTRY DSE_LDAP_ADD DSE_LDAP_ADDRESPONSE DSE_NAME_COLLISION DSE_ADD_ENTRY |
DELETE_ROLE For an example of this event, see Delete Role. |
DSE_DELETE_ENTRY DSE_DELETE_VALUE DSE_LDAP_DELETE DSE_LDAP_DELETERESPONSE DSE_MOVE_SOURCE_ENTRY DSE_REMOVE_ENTRY |
MODIFY_ROLE For an example of this event, see Modify Role. |
DSE_ADD_VALUE DSE_DELETE_ATTRIBUTE DSE_DELETE_VALUE DSE_LDAP_MODIFY DSE_LDAP_MODIFYRESPONSE DSE_MERGE_ENTRIES DSE_MODIFY_ENTRY DSE_MODIFY_RDN DSE_RENAME_ENTRY |
QUERY_ROLE For an example of this event, see Query Role. |
DSE_LDAP_SEARCH DSE_LDAP_COMPARE |
START_SYSTEM For an example of this event, see Start System. |
DSE_AGENT_OPEN_LOCAL DSE_RELOAD_DS |
SHUTDOWN_SYSTEM For an example of this event, see Shutdown System. |
DSE_AGENT_CLOSE_LOCAL |
BACKUP_DATA_STORE |
DSE_BACKUP_ENTRY |
RECOVER_DATA_STORE For an example of this event, see Recover Data Store. |
DSE_RESTORE_ENTRY |
AUTHENTICATE_SESSION For an example of this event, see Authenticate Session. To monitor the Authenticate Session event, you need to enable both the XDAS and NMAS Auditing. For more information, see Auditing with XDASv2 and Using XDASv2 for Auditing NMAS Events respectively. NOTE:Prior to eDirectory 8.8.8 P9, DSE_LDAP_BIND, DSE_LDAP_BINDRESPONSE and DSE_LOGIN events are used to monitor the Authenticate Session event. |
DSE_AUTHENTICATE |
UNAUTHENTICATE_SESSION For an example of this event, see Unauthenticate Session. |
DSE_LDAP_UNBIND |
CREATE_ACCESS_TOKEN For an example of this event, see Create Access Token. |
DSE_ALLOW_LOGIN DSE_GEN_CA_KEYS DSE_RECERT_PUB_KEY |
EDIR_OPERATIONAL_ID |
DSE_CRC_FAILURE DSE_DELETE_SUBTREE DSE_DELETE_UNUSED_EXTREF DSE_DSA_BAD_VERB DSE_LDAP_UNKNOWNOP DSE_LOST_ENTRY DSE_NEW_SCHEMA_EPOCH DSE_NO_REPLICA_PTR DSE_PURGE_ENTRY_FAIL DSE_RESEND_ENTRY |
NOTE:After you select the event, it takes up to 3 minutes for the configuration changes to take effect on the NCP Server. If you want the configuration changes to be implemented immediately on the NCP server, you can unload and load the xdasauditds module.
After you have configured the XDASv2 events, run the following commands to load and unload the XDASv2 modules:
To automatically load the xdasauditds module whenever the ndsd server is started:
Linux
Add xdasauditds to the /etc/opt/novell/eDirectory/conf/ndsmodules.conf file.
Windows
Run ndscons.exe, select xdasauditds from the list of available modules, click Startup, and then select Automatic for Startup Type.
To manually load and unload the xdasauditds module:
Linux
To load, run ndstrace -c "load xdasauditds".
To unload, run ndstrace -c "unload xdasauditds".
Windows
To load, run ndscons.exe, select xdasauditds from the list of available modules, then click Start.
To unload, run ndscons.exe, select xdasauditds from the list of available modules, then click Stop.
If you have installed Novell Modular Authentication Service (NMAS) and enabled NMAS auditing, the NMAS server automatically loads the XDASv2 library.