My Oracle Support Banner

OID11g: How to Audit/Trace and Capture Modification of an ObjectClass Name (Doc ID 2471961.1)

Last updated on AUGUST 28, 2019

Applies to:

Oracle Internet Directory - Version 11.1.1 and later
Information in this document applies to any platform.

Goal

Scenario:

1. Enabled :Audit Policy Settings - Oracle Internet Directory (OID) : LDAP Entry Access : Customer Internal Operation

2. Deleted an objectclass, e.g., objectClass - oblixPersonPwdPolicy attribute

3. Found these in the latest pid log files showing "objectClass" keyword, but they do not show who is performing this activity and which objectClass attribute is being deleted.

Under: $ORACLE_INSTANCE/auditlogs/OID:

2018-10-05 05:44:44.905693 "OID" "<STRING>" - - "<number>" - - "custInternalOperation" "LdapEntryAccess" TRUE - "cn=orcladmin" "Operation name: modify" - "<IP ADDRESS>" "cn=<app name>,cn=users,dc=<company>,dc=com" "objectclass" - - - - - - -
2018-10-05 05:49:06.279022 "OID" "<STRING>" - - "<number>" - - "custInternalOperation" "LdapEntryAccess" TRUE - "cn=orcladmin" "Operation name: modify" - "<IP ADDRESS>" "cn=<app name>,cn=users,dc=<company>,dc=com" "objectclass" - - - - - - -
 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.