[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapo-accesslog

To: Dieter KlÃnter <dieter@dkluenter.de>
Subject: Re: slapo-accesslog
From: Michael <mlstarling31@hotmail.com>
Date: Wed, 12 Feb 2014 06:49:11 -0500
Cc: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
In-reply-to: <20140212083801.7f254dea@pink.avci.de>
References: <BAY172-W7E8982B8ED3C4CF69D606D4920@phx.gbl> <20140212083801.7f254dea@pink.avci.de>




> On Feb 12, 2014, at 3:07 AM, "Dieter KlÃnter" <dieter@dkluenter.de> wrote:
> 
> Am Tue, 11 Feb 2014 23:56:23 -0500
> schrieb Michael <mlstarling31@hotmail.com>:
> 
>> I'm trying to configure a means to be able to get the lastlogin time
>> for users in my environment. However, since I'm stuck using the RHEL
>> version of OpenLDAP I can't take advantage of the "lastbind overlay"
>> 
>> Here's my config.
>> 
>> overlay accesslog
>> logdb cn=accesslog
>> logops bind
>> logsuccess TRUE
>> # scan the accesslog DB every day, and purge entries older than 90
>> days logpurge 90+00:00 01+00:00
>> 
>> 
>> The accesslog DB is populated and I can query for BIND operations,
>> however the only BIND operations that get recorded are BINDS to the
>> LDAP server itself. BINDS to clients do not get recorded in the
>> accesslog. Is this the advertised behavior of the accesslog?
> 
> Yes, slapd has no knowledge of the system environment.
> 
> -Dieter
> 
> -- 
> Dieter KlÃnter | Systemberatung
> http://sys4.de
> GPG Key ID: E9ED159B
> 53Â37'09,95"N
> 10Â08'02,42"E
> 

Well that jut put a damper on my day. Do you have any other suggestions on how to capture all BINDS in a particular environment?

-Mike

Follow-Ups:
- Re: slapo-accesslog
  - From: Howard Chu <hyc@symas.com>

References:
- slapo-accesslog
  - From: Michael <mlstarling31@hotmail.com>
- Re: slapo-accesslog
  - From: Dieter KlÃnter <dieter@dkluenter.de>

Prev by Date: Use the current date/timestamp in filters
Next by Date: Java library to manage LDAP entries
Index(es):
- Chronological
- Thread