[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Recording the Last Successful Authorization

Tim Gustafson wrote:
I was wondering if there is any way to configure OpenLDAP to record the
time an account was successfully authorized? We need to be able to prune
accounts after a period of inactivity, but there's no way right now to know if
they user has been active or not. We can't base it on the last time they
connected to a shell because not everyone uses shells; some people just
authenticate to POP their e-mail or log into a web page. If there was some way
to maintain a time stamp of the last time that that a user successfully
authenticated (by way of an LDAP bind to the LDAP server) that would solve
this problem.

See the slapo-accesslog(5) manpage.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/