SourceForge.net Logo

Event Manager for OpenLDAP

Event Manager for OpenLDAP is an internal LDAP event handler that can execute operations to automate tasks. It can be used as base for remote automation, Identity Management, and so on.

Documentation

Schema Extension

The enumeration of attribute types and object classes are IANA compliance:

ISO.Org.DOD.Internet.Private.Enterprise = 1.3.6.1.4.1
Ettore Simone = 24119
Event Manager = 1
Version = 0
Release = 1

Schema Root = 1.3.6.1.4.1.24119.1.0.1

Global Schema (1.3.6.1.4.1.24119.1.0.1.0.*)

Attribute Types (1.3.6.1.4.1.24119.1.0.1.0.1.*)

attributeType ( 1.3.6.1.4.1.24119.1.0.1.0.1.1 NAME 'errorNumber'
    DESC 'Specific error number'
    EQUALITY integerMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
    SINGLE-VALUE NO-USER-MODIFICATION
    USAGE directoryOperation )

attributeType ( 1.3.6.1.4.1.24119.1.0.1.0.1.2 NAME 'errorDescription'
    DESC 'Specific error sescription'
    EQUALITY caseIgnoreMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024}
    SINGLE-VALUE NO-USER-MODIFICATION
    USAGE directoryOperation )

attributeType ( 1.3.6.1.4.1.24119.1.0.1.0.1.3 NAME 'status'
    DESC 'Status message'
    EQUALITY caseIgnoreMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024}
    SINGLE-VALUE NO-USER-MODIFICATION
    USAGE directoryOperation )

attributeType ( 1.3.6.1.4.1.24119.1.0.1.0.1.4 NAME 'command'
    DESC 'Command string'
    EQUALITY caseIgnoreMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024}
    SINGLE-VALUE )

attributeType ( 1.3.6.1.4.1.24119.1.0.1.0.1.5 NAME 'association'
    DESC 'Association identifier'
    SUP cn
    SINGLE-VALUE )

Object Classes (1.3.6.1.4.1.24119.1.0.1.2.*)

objectClass ( 1.3.6.1.4.1.24119.1.0.1.0.2.1 NAME 'association'
    DESC 'Event Manager association object'
    SUP top AUXILIARY
    MAY ( association ) )

Cache Schema (1.3.6.1.4.1.24119.1.0.1.1.*)

Attribute Types (1.3.6.1.4.1.24119.1.0.1.1.1.*)

attributeType ( 1.3.6.1.4.1.24119.1.0.1.1.1.1 NAME 'operation'
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
    SINGLE-VALUE )

Object Classes (1.3.6.1.4.1.24119.1.0.1.1.2.*)

objectClass ( 1.3.6.1.4.1.24119.1.0.1.1.2.1 NAME 'operationEntry'
    DESC 'Event Manager operation entry'
    SUP top
    MUST ( cn $ operation ) )

Policy Schema (1.3.6.1.4.1.24119.1.0.1.2.*)

Attribute Types (1.3.6.1.4.1.24119.1.0.1.2.1.*)

attributeType ( 1.3.6.1.4.1.24119.1.0.1.2.1.1 NAME 'dataFormat'
    DESC 'The encoding format for data'
    EQUALITY caseIgnoreMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
    SINGLE-VALUE )

attributeType ( 1.3.6.1.4.1.24119.1.0.1.2.1.2 NAME 'searchBase'
    DESC 'A search base'
    SUP distinguishedName )

attributeType ( 1.3.6.1.4.1.24119.1.0.1.2.1.3 NAME 'searchFilter'
    DESC 'A filter'
    EQUALITY caseIgnoreMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

attributeType ( 1.3.6.1.4.1.24119.1.0.1.2.1.4 NAME 'searchAttribute'
    DESC 'An attribute'
    EQUALITY caseIgnoreMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

attributeType ( 1.3.6.1.4.1.24119.1.0.1.2.1.5 NAME 'active'
    DESC 'The status for event auditing'
    EQUALITY booleanMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
    SINGLE-VALUE )

attributeType ( 1.3.6.1.4.1.24119.1.0.1.2.1.6 NAME 'autostart'
    DESC 'Set the automatic start-up'
    EQUALITY booleanMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
    SINGLE-VALUE )

attributeType ( 1.3.6.1.4.1.24119.1.0.1.2.1.7 NAME 'file'
    DESC 'The path to a command shell'
    EQUALITY caseExactIA5Match
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )

attributeType ( 1.3.6.1.4.1.24119.1.0.1.2.1.8 NAME 'logLevel'
    DESC 'The log level'
    EQUALITY integerMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
    SINGLE-VALUE )

attributeType ( 1.3.6.1.4.1.24119.1.0.1.2.1.101 NAME 'xslt'
    DESC 'An XSLT document'
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
    SINGLE-VALUE )

attributeType ( 1.3.6.1.4.1.24119.1.0.1.2.1.201 NAME 'shellCommand'
    DESC 'The path to a command shell'
    SUP file
    SINGLE-VALUE )

attributeType ( 1.3.6.1.4.1.24119.1.0.1.2.1.301 NAME 'logFile'
    DESC 'A log file path name'
    SUP file
    SINGLE-VALUE )

Object Classes (1.3.6.1.4.1.24119.1.0.1.2.2.*)

objectClass ( 1.3.6.1.4.1.24119.1.0.1.2.2.1 NAME 'policy'
    DESC 'Event Manager policy entry'
    SUP top ABSTRACT
    MUST ( cn $ dataFormat )
    MAY ( userPassword $ description $ searchBase $
    searchFilter $ searchAttribute $ active $
    autostart $ command $ logLevel ) )

objectClass ( 1.3.6.1.4.1.24119.1.0.1.2.2.100 NAME 'xsltPolicy'
    DESC 'Event Manager XSLT policy entry'
    SUP policy
    MUST ( xslt ) )

objectClass ( 1.3.6.1.4.1.24119.1.0.1.2.2.200 NAME 'shellPolicy'
    DESC 'Event Manager shell policy entry'
    SUP policy
    MUST ( shellCommand ) )

objectClass ( 1.3.6.1.4.1.24119.1.0.1.2.2.300 NAME 'logPolicy'
    DESC 'Event Manager file log policy entry'
    SUP policy
    MUST ( logFile ) )

Developing

Get OpenLDAP 2.3.27 RELEASE

This patch is written on a stable release to avoid problems concerned development branches. Get a copy of OpenLDAP 2.3.27 from openldap.org/software/download or from CVS as described in openldap.org/software/repo.html

For example:
# wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.27.tgz
# tar xvfz openldap-2.3.27.tgz

Or:
# cvs -d:pserver:anonymous@cvs.OpenLDAP.org:/repo/OpenLDAP login
# cvs -d:pserver:anonymous@cvs.OpenLDAP.org:/repo/OpenLDAP -z3 co -P -rOPENLDAP_REL_ENG_2_3_27 ldap

Get the Patch

Simply get if from sf.net/project/showfiles.php?group_id=176337

How to Patch

In the root directory of OpenLDAP source hit the following:
# bzcat /path/to/openldap-2.3.27-em-pre-alpha-1.0.patch.bz2 | patch -p1

How to Compile

There are not a single way to do this. I can show you what I'm using to test it:
# libtoolize --force
# autoreconf
# export CFLAGS="-fno-strict-aliasing -DLDAP_DEPRECATED"
# ./configure \
    --enable-wrappers \
    --enable-aclgroups \
    --enable-spasswd \
    --enable-modules \
    --enable-shared \
    --enable-dynamic \
    --with-tls \
    --with-cyrus-sasl \
    --enable-crypt \
    --enable-ipv6=yes \
    --enable-aci \
    --enable-bdb \
    --enable-hdb \
    --enable-ldbm \
    --enable-rewrite \
    --enable-ldap=yes \
    --enable-meta=mod \
    --enable-monitor=yes \
    --enable-perl=mod \
    --enable-slp \
    --enable-overlays=yes \
    --enable-lmpasswd \
    --with-yielding-select \
    --enable-eventmanager=yes
# make depend
# make all

Configuration

A very simple configuration example:
# main database
directory/path/to/db
rootdn"cn=Manager,dc=example,dc=com"
rootpwsecret
overlayeventmanager
emdbtypemonitor
# caching database
databasebdb
suffix"ou=infrastructure"
directory/path/to/db
rootdn"cn=Manager,dc=example,dc=com"
overlayeventmanager
emdbtypestorage

SourceForge.net Logo