XDAS: Account Management Events not being logged by auditing

  • 7010504
  • 23-Jul-2012
  • 07-Jan-2015


NetIQ Audit
NetIQ eDirectory
NetIQ Sentinel


eDirectory (or later)

Configure eDirectory Auditing as followings:

Modified the /etc/opt/novell/eDirectory/conf/xdasconfig.properties to include the following:

Added the xdasauditds module to the /etc/opt/novell/eDirectory/conf/ndsmodules.conf and also manually loaded xdasauditds within ndstrace console:

           xdasauditds                  auto                         #XDASauditds

           ndstrace -c "load xdasauditds"

In iManager:
eDirectory Auditing | Audit Configuration | XDASEvents
Components:  LDAP
Log Event's Large Values: Log Large Values
XDAS Events Configuration:  Account Managment Events:  Create Account, Query Account, Delete Account, Modify Account

Reloaded xdasauditds module or waited 3 minutes for changes to take effect

Performed create, query, delete and modifies of account (user) objects but events aren't showing in the audit file (/var/log/novell-audit/xdas-events.log


Upgrade to:
  • eDirectory to 8.8 SP7 Patch 3 (or later), and
  • iManager plug-in bundle for eDirectory post 2013-June.

Then configure auditing.

Additional Information

To log events for Account Management - Create, Query, Delete and Modify the corresponding fields must also be marked under Data Item or Resource Element Management Events.

See below: