DI (Directory Server) journal entries

This table provides the format of the DI (Directory Server) journal entries.

Table 1. DI (Directory Server) journal entries. QASYDIJ4/J5 Field Description File
Offset Field Format Description
JE J4 J5
  1 1     Heading fields common to all entry types. See Standard heading fields for audit journal entries QJORDJE5 Record Format (*TYPE5),Standard heading fields for audit journal entries QJORDJE4 Record Format (*TYPE4), and Standard heading fields for audit journal entries QJORDJE2 Record Format (*TYPE2) for field listing.
  224 610 Entry Type Char(1) The type of entry.
L
LDAP Operation
  225 611 Operation Type Char(2) The type of LDAP operation:
AD
Audit attribute change.
AF
Authority failure.
BN
Successful bind.
CA
Object authority change.
CF
Configuration change.
CI
Create instance
CO
Object creation.
CP
Password change.
DI
Delete instance
DO
Object delete.
EX
LDAP directory export.
IM
LDAP directory import.
OM
Object management (rename).
OW
Ownership change.
PO
Policy change.
PW
Password fail.
RM
Replication management
UB
Successful unbind.
ZC
Object change.
ZR
Object read.
  227 613 Authority Failure Code Char(1) Code for authority failures. This field is used only if the operation type (J5 offset 611) is AF.
A
Unauthorized attempt to change audit value.
B
Unauthorized bind attempt.
C
Unauthorized object create attempt.
D
Unauthorized object delete attempt.
E
Unauthorized export attempt.
F
Unauthorized configuration change (administrator, change log, backend library, replicas, publishing).
G
Unauthorized replication management attempt.
I
Unauthorized import attempt.
M
Unauthorized change attempt.
P
Unauthorized policy change attempt.
R
Unauthorized read (search) attempt.
U
Unauthorized attempt to read the audit configuration.
X
Unauthorized proxy authorization attempt.
  228 614 Configuration Change Char(1) Configuration changes. This field is only used if the operation type (J5 offset 611) is CF, RM, CA or OW.
If the operation type (J5 offset 611) is CF this field will contain:
A
Administrator ND change.
C
Change log on or off.
L
Backend library name change.
P
Publishing agent change.
R
Replica server change.
If the operation type (J5 offset 611) is RM this field will contain:
U
Suspend replication.
V
Resume replication.
W
Replicate pending changes now.
X
Skip one or more pending changes.
Y
Quiesce replication context.
Z
Unquiesce replication context.
If the operation type (J5 offset 611) is CA or OW this field will contain the previous setting of the owner or ACL propagate value.
T
True
F
False
  229 615 Configuration Change Code Char(1) Code for configuration changes. This field is used only if the operation type (J5 offset 611) is CF.
A
Item added to configuration
D
Item deleted from configuration
M
Item modified
  230 616 Propagate Flag Char(1) Indicates the new setting of the owner or ACL propagate value. This field is used only if the operation type (J5 offset 611) is CA or OW.
T
True
F
False
  231 617 Bind Authentication Choice Char(20) The bind authentication choice. This field is used only if the operation type (J5 offset 611) is BN.
  251 637 LDAP Version Char(4) Version of client making request. This field is used only if the operation was done through the LDAP server.
2
LDAP Version 2
3
LDAP Version 3
  255 641 SSL Indicator Char(1) Indicates if SSL was used on the request. This field is used ony if the operation was done through the LDAP server.
0
No
1
Yes
  256 642 Request Type Char(1) The type of request. This field is used only if the operation was done through the LDAP server.
A
Authenticated
N
Anonymous
U
Unauthenticated
  257 643 Connection ID Char(20) Connection ID of the request. This field is used only if the operation was done through the LDAP server.
  277 663 Client IP Address Char(50) IP address and port number of the client request. This field is used only if the operation was done through the LDAP server.
  327 713 User Name CCSID Bin(5) The coded character set identifier of the user name.
  331 717 User Name Length Bin(4) The length of the user name.
  333 719 User Name1 Char(2002) The name of the LDAP user.
  2335 2721 Object Name CCSID Bin(5) The coded character set identifier of the object name.
  2339 2725 Object Name Length Bin(4) The length of the object name.
  2341 2727 Object Name1 Char(2002) The name of the LDAP object.
  4343 4729 Name CCSID Bin(5) The coded character set identifier of the name. This field is used only if the operation type (J5 offset 611) is OW or AD.
  • For operation type OW, this field will contain the CCSID of the previous owner name.
  • For operation type AD, this field will contain the CCSID of the previous audit value.
  4347 4733 Name Length Bin(4) The length of the name. This field is used only if the operation type is OW or AD.
  • For operation type OW, this field will contain the length of the previous owner name.
  • For operation type AD, this field will contain the length of the previous audit value.
  4349 4735 Name1 Char(2002) The name. This field is used only if the operation type (J5 offset 611) is OW or AD.
  • For operation type OW, this field will contain the previous owner name.
  • For operation type AD, this field will contain the previous audit value.
  6351 6737 New Name CCSID Bin(5) The coded character set identifier of the new name. This field is used only if the operation type (J5 offset 611) is OM, OW, PO, ZC, AF+M, or AF+P.
  • For operation type OM, this field will contain the CCSID of the new object name.
  • For operation type OW, this field will contain the CCSID of the new owner name.
  • For operation types PO, ZC, AF+M, or AF+P, this field will contain the CCSID of the list of changed attribute types in the New Name field.
  6355 6741 New Name Length Bin(4) The length of the new name. This field is used only if the operation type (J5 offset 611) is OM, OW, PO, ZC, AF+M, or AF+P.
  • For operation type OM, this field will contain the length of the new object name.
  • For operation type OW, this field will contain the length of the new owner name.
  • For operation types PO, ZC, AF+M,or AF+P, this field will contain the length of the list of changed attribute types in the New Name field.
  6357 6743 New Name1 Char(2002) The new name. This field is used only if the operation type (J5 offset 611) is OM, OW, PO, ZC, AF+M, or AF+P.
  • For operation type OM, this field will contain the new object name.
  • For operation type OW, this field will contain the new owner name.
  • For operation types PO, ZC, AF+M, or AF+P, this field will contain a list of changed attribute types.
  8359 8745 Object File ID2 Char(16) The file ID of the object for export.
  8375 8761 ASP Name2 Char(10) The name of the ASP device.
  8385 8771 ASP Number2 Char(5) The number of the ASP device.
  8390 8776 Path Name CCSID2 Bin(5)

The coded character set identifier of the path name.
  8394 8780 Path Name Country or Region ID2 Char(2)

The Country or Region ID of the path name.
  8396 8782 Path Name Language ID2 Char(3)

The language ID of the path name.
  8399 8785 Path Name Length2 Bin(4)

The length of the path name.
  8401 8787 Path Name Indicator2 Char(1) Path name indicator.
Y
The Path Name field contains complete absolute path name for the object.
N
The Path Name field does not contain an absolute path name for the object, instead it contains a relative path name. The Relative Directory File ID field is valid and can be used to form an absolute path name with this relative path name.
  8402 8788 Relative Directory File ID2,3 Char(16) When the Path Name Indicator field is N, this field contains the file ID of the directory that contains the object identified in the Path Name field. Otherwise it contains hex zeros.3
  8418 8804 Path Name1,2 Char(5002) The path name of the object.
    13806 Local User Profile Char(10) The local user profile name that is mapped to the LDAP user name (J5 offset 719). Blank indicates no user profile is mapped.
    13816 Administrator Indicator Char(1) Administrator indicator for the LDAP user name (J5 offset 719).
Y
The LDAP user is an administrator.
N
The LDAP user is not an administrator.
U
It is unknown at this time if the LDAP user is an administrator.
    13817 Proxy ID CCSID Bin(5) The coded character set identifier (CCSID) of the proxy ID.
    13821 Proxy ID Length Bin(4) The length of the proxy ID.
    13823 Proxy ID1 Char(2002) The name of the proxy ID. This field is used when the proxy authorization control is used to request that an operation be done under the authority of the proxy ID, or for a SASL bind in which the client has specified an authorization ID different from the bind ID.
    15825 Group Assertion Char(1) Group membership assertion
0
Groups were not specified by client.
1
Groups were specified by client.
    15826 Cross Reference Char(36) Cross reference string used to correlate this entry with the XD entry/entries listing the groups.
    15862 Instance Name Char(8) Instance name
    15870 Route CCSID Bin(5) CCSID of route
    15874 Route Length Bin(4) Length of route
    15876 Route Char(502) Request route
1
This is a variable length field. The first two bytes contain the length of the value in the field.
2
These fields are used only if the operation type (J5 offset 611) is EX or IM.
3
If the Path Name Indicator field is N, but the Relative Directory File ID is hex zeros, then there was some error in determining the path name information.