[Freeipa-devel] Storing/Looking up the creation time of a type
James
purpleidea at gmail.com
Thu Jul 24 06:11:50 UTC 2014
On Thu, 2014-07-24 at 08:40 +0300, Alexander Bokovoy wrote:
> On Thu, 24 Jul 2014, James wrote:
> >Hi devel,
> >
> >It would be particularly useful if each FreeIPA entry (eg: user, host,
> >service, etc...) had creation and last modified timestamps. Do these
> >fields already exist, and if they do, how can I access them?
> >
> >If they do not, I would like to propose these as a feature request.
> These are called operational attributes and are available already, look
> at RFC 2251.
> 389-ds implements some more, check
> http://directory.fedoraproject.org/wiki/Howto:OperationalAttributes for
> details.
As usual ab, your responses are always particularly helpful. Thanks!!
>
> $ ldapsearch -Y GSSAPI uid=admin modifyTimestamp createTimestamp
> SASL/GSSAPI authentication started
> SASL username: admin at T.VDA.LI
> SASL SSF: 56
> SASL data security layer installed.
> # extended LDIF
> #
> # LDAPv3
> # base <dc=t,dc=vda,dc=li> (default) with scope subtree
> # filter: uid=admin
> # requesting: modifyTimestamp createTimestamp
> #
>
> # admin, users, compat, t.vda.li
> dn: uid=admin,cn=users,cn=compat,dc=t,dc=vda,dc=li
> modifyTimestamp: 20140722091651Z
> createTimestamp: 20140722091651Z
>
> # admin, users, accounts, t.vda.li
> dn: uid=admin,cn=users,cn=accounts,dc=t,dc=vda,dc=li
> modifyTimestamp: 20140724053745Z
> createTimestamp: 20140722091018Z
>
> # search result
> search: 4
> result: 0 Success
>
> # numResponses: 3
> # numEntries: 2
Will the modify and create timestamps be the same from replica to
replica for the same item? I'm hoping they are, however if they aren't,
are there any recommended practices to ensure consistency across
queries?
>
>
> Note that operational attributes modifyTimestamp and createTimestamp for
> compat tree differ from the main tree due to the way of working of
> slapi-nis plugin. If you stick to the main tree, you should be fine.
Do you think you could briefly elaborate what the difference is and/or
how to avoid the compat tree?
>
>
>
Thanks again,
James
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140724/f379bc25/attachment.sig>
More information about the Freeipa-devel
mailing list