nick@eurobjects.com wrote:

Full_Name: Nick Milas Version: 2.3.43 OS: CentOS 5.5 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (94.65.0.240)

Triggers in openldap is a much-desired feature. As mentioned in various places, openldap community suggests using the accesslog overlay to log changes and then use another process to listen to changes (e.g. back-perl) or back-sock (I saw the example in the source tree), feasibly back-shell or even write one's own overlay. The problem is that all those methods require low-level programming (not to mention various incompatibilities with system components), which makes them unusable by administrators, that is by those who mainly install and run openldap and directories. As a result, I would suggest to slightly enhance future versions by offering minimal trigger support over the accesslog overlay.

So I would suggest to support in slapd.conf a statement like: "on log attr<attribute name> call<bash script>" (with obvious meaning).

I consider this would allow the openldap average administrator to use particular attributes as triggers to start scripts which in turn offer the advantage of full access to script programming, which does not require low-level programming.

Spawning processes is not thread safe. The solution you propose will never be implemented. Alternative suggestions are welcome.