Chapter 4   Server Instance File Reference


This chapter provides an overview of the files stored under /var/ds5/slapd-serverID. Having an overview of the files and configuration information stored in each instance of Directory Server will help you understand the file changes or absence of file changes which occur in the course of directory activity. It will also help you to detect errors and intrusion, by indicating what kind of changes to expect, and as a result, what changes are considered abnormal.

Overview of Directory Server Files

---

All Directory Server scripts should be accessed through the /usr/sbin/directoryserver utility.

To reflect the directory structure under /var/ds5/slapd-serverID, this chapter is divided into the following sections:

• Backup Files

• Configuration Files

• Database Files

• ldif Files

• Lock Files

• Log Files

Each section describes the file type and contents.

Backup Files

---

Each Directory Server instance contains the following three directories for storing backup related files:

• bak - contains a directory dated with the time and date of your database backup, for example 2001_02_13_174524/, which in turn holds your database backup copy.

• confbak - is the default directory used by the directoryserver utility.

• conf_bk - contains a backup copy of the dse.ldif configuration file from the time of configuration.

Configuration Files

---

Each Directory Server instance contains the following directory for storing configuration files:

• config - contains the configuration files as explained in "Server Configuration - Overview" on page 21.

Database Files

---

Each Directory Server instance contains the db directory for storing all the database files. The following listing shows the sample contents of the db directory.

Code Example 4-1    Sample Contents of the db Directory

---

./ __db.002 __db.005 NetscapeRoot/ ../ __db.003 DBVERSION userRoot/ __db.001 __db.004 log.0000000017

• db.00x files - used internally by the database. Should not be moved, deleted, or modified in any way

• log.xxxxxxxxxx files - used to store the transaction logs per database

• DBVERSION - used for storing the version of the database.

• NetscapeRoot - this directory stores the o=NetscapeRoot database created by default.

• userRoot - this directory stores the user-defined suffix (user-defined databases), for example dc=siroe,dc=com.

The following listing shows the sample contents of the NetscapeRoot directory.

Code Example 4-2    Sample Contents of the NetscapeRoot Subdirectory

---

./ entrydn.db3 parentid.db3 ../ givenName.db3 sn.db3 aci.db3 id2entry.db3 uid.db3 cn.db3 nsUniqueId.db3 uniquemember.db3 DBVERSION numsubordinates.db3 dncomp.db3 objectclass.db3

The NetscapeRoot subdirectories contain an index_name.db3 file for every index currently defined in the database, where index_name is the name of the index. In addition to these index_name.db3 files, the Netscape and userRoot subdirectories contain the following files:

• dncomp.db3 - contains a list of partial DNs enabling you to find IDs.

• entrydn.db3 - contains a list of full DNs enabling you to find IDs.

• id2entry.db3 - contains the actual directory database entries. All other database files can be recreated from this one, if necessary.

• nsuniqueid.db3 - contains a list of Netscape unique IDs enabling you to find IDs.

• objectclass.db3 - contains a list of IDs which have a particular objectclass.

• parentid.db3 - contains a list of IDs allowing you to find ID of parent.

ldif Files

---

Each Directory Server instance contains the ldif directory for storing ldif related files. The following listing shows the sample contents of the ldif directory.

Code Example 4-3    Sample Contents of the ldif Directory

---

./                European.ldif         Siroe-roles.ldif ../               Siroe.ldif

The following list describes the content of each of the ldif files:

• European.ldif - contains European character samples.

• Siroe.ldif - is a sample ldif file.

• Siroe-roles.ldif - is a sample ldif file similar to Siroe.ldif except that it uses roles and class of service instead of groups for setting access control and resource limits for Directory Administrators.

Lock Files

---

Each Directory Server instance contains a locks directory for storing lock related files. The following listing shows the sample contents of the locks directory.

Code Example 4-4    Sample Contents of the locks Directory

---

./                exports/              server/ ../               imports/

The lock mechanisms stored under the locks subdirectories exports, imports, and server prevent simultaneous operations from conflicting with each other. The lock mechanisms allow for one server instance to run at a time, with possible multiple export jobs. They also permit one directoryserver ldif2db operation at a time to the exclusion of all export and slapd server operations.

This restriction does not apply to the directoryserver ldif2db-task command, since you can run multiple such operations at any time.

Log Files

---

Each Directory Server instance contains a logs directory for storing log related files. Code Example 4-5 shows a sample listing of the logs directory contents.

Code Example 4-5    Contents of a sample logs directory

./ access.20010126-120123 audit errors.rotationinfo ../ access.20010130-140221 audit.rotationinfo pid access access.20010201-100122 errors slapd.stats access.20010124-180611 access.rotationinfo errors.20010124-180607

The following list describes the content of the log related files:

• The content of the access, audit and error log files is dependent on the log configuration.

• The slapd.stats file is a memory-mapped file which cannot be read by an editor. It contains data collected by the Directory Server SNMP data collection component. This data is read by the SNMP subagent in response to SNMP attribute queries and is communicated to the SNMP master agent responsible for handling Directory Server SNMP requests.

• The pid is the slapd process identifier.