Current 389-ds access logs show only that a MOD has happened but not what was changed.
Check with 389-ds team to see how configurable this is so we can determine what changed.
389-ds has an audit log for this, see:
http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html/Configuration_and_Command-Line_Tool_Reference/Core_Server_Configuration_Reference.html
Nathan warns that there is a performance impact with this and we'd need to protect the logs.
389-ds is no longer writing cleartext passwords in audit log, https://fedorahosted.org/389/ticket/365 . Target 1.3.0.rc1
Audit
Metadata Update from @rcritten: - Issue assigned to rcritten - Issue set to the milestone: Ticket Backlog
Successful and failed operations are now configurable in the 389-ds audit log. This can be enabled post-installation if desired (per master).
This spirit of this request has been fulfilled: see what is available. Closing as fixed.
Metadata Update from @rcritten: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.