[Date Prev][Date Next] [Chronological] [Thread] [Top]

keeping track of last successful authentication


I hope this is an acceptable question to ask here. I'm
planning to transition a small network of machines
(~20) from NIS+ to LDAP, and one thing I'd like to do
is have the LDAP directory keep track of the last
successful authentication for each user, so that I can
easily find out which users haven't used their
accounts at all (whether email, SSH, or any other
service) for some period of time.

I know LDAP isn't optimized for frequent writes, but
would putting it towards this use cause significant
performance problems? If not, would this be a
straightforward thing to implement? If so, does anyone
have any suggestions for what would be best to do? I
could possibly hack a PAM module to syslog a message
on every authentication, or maybe set up a separate
database server for this, but these seem like less
than elegant solutions.

Thanks for any advice.


Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!