Howard Chu hyc@symas.com schrieb am 02.11.2015 um 13:21 in Nachricht
Matthias Apitz wrote:
Hello,
We produce for production environments an IDMsystem which is able to publish/dublicate changes in OpenLDAP/LDAP directories to other management databases and vice versa. This works fine in most of the cases of changes in LDAP. The only problem we see, is get information about deletion of objects (users) which were done while the IDMsystem was either down or network not available.
What is the correct way to search for deleted objects. We have read about a filter search, based on 'isDeleted=*' or 'isDeleted=TRUE. But we can not get any result with this.
accesslog also logs delete operations.
There is no isDeleted attribute in OpenLDAP.
Read RFC4533.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/