NOTE:

Any umask set for the runtime user of the Directory Server causes the effective mode to be more restrictive.

Parameter

Description

Entry DN

cn=config

 

 

ValidRange

000 through 777

 

 

Default Value

600

 

 

Syntax

Integer

 

 

Example

nsslapd-accesslog-mode: 600

 

 

2.3.1.18 nsslapd-attribute-name-exceptions

This attribute allows non-standard characters in attribute names to be used for backwards compatibility with older servers, such as "_" in schema-defined attributes.

Parameter

Description

Entry DN

cn=config

 

 

Valid Values

on or off

 

 

Default Value

off

 

 

Syntax

DirectoryString

 

 

Example

nsslapd-attribute-name-exceptions: on

 

 

2.3.1.19 nsslapd-auditlog (Audit log)

This attribute sets the path and file name of the log used to record changes made to each database.

Parameter

Description

Entry DN

cn=config

 

 

Valid Values

Any valid file name

 

 

Default Value

/var/opt/dirsrv/slapd-instance_name/log/audit

 

 

Syntax

DirectoryString

 

 

Example

nsslapd-auditlog: /var/opt/dirsrv/slapd-example/log/audit

 

 

For audit logging to be enabled, this attribute must have a valid path and parameter, and the nsslapd-auditlog-logging-enabledconfiguration attribute must be switched to on. Table 2-4lists the four possible combinations of values for these two configuration attributes and their outcome in terms of disabling or enabling of audit logging.

Table 2-4 Attribute values for enabling or disabling audit logging

 

 

 

Value of the

 

 

 

 

nsslapd-auditlog-logging-enabled

 

 

 

Value of the nsslapd-auditlog Attribute

Attribute

Resulting logging state

 

 

 

 

 

 

 

empty string

on

Disabled

 

 

 

 

 

 

 

filename

on

Enabled

 

 

 

 

 

30

Core server configuration reference