[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
access log or last bind overlay working with bind_anon?
- To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
- Subject: access log or last bind overlay working with bind_anon?
- From: "Tan, Eric" <eric.tan@lmco.com>
- Date: Tue, 22 Dec 2015 19:58:27 +0000
- Accept-language: en-US
- Content-id: <6C98A2879CB5384F8EB91A3CD92AD58D@exch.ems.lmco.com>
- Content-language: en-US
- Thread-index: AQHRPPMf7oWs90eYqUu0SbKdhjrx7Q==
- Thread-topic: access log or last bind overlay working with bind_anon?
- User-agent: Microsoft-MacOutlook/14.5.7.151005
Hello,
I have been doing a lot of research into OpenLDAP and it’s functionalities.. While I have set up a few OpenLDAP servers before, there are many facets of the software I am unfamiliar with.
Recently, I was asked to find a way to obtain a list of users and their last login for auditing reasons (We need to disable the users after a certain amount of time of inactivity)
I have looked into a few different solutions but have been unable to reach anyone with enough knowledge for some reason so here is an email with some hope as to get some information to point me in the right direction.
I think there are two things that may work for my purposes.. The last bind overlay or the access log overlay.
For the Lastbind overlay, since we are using anonymous bind, do you know if this will still work for us?
For the access log, how would I pull this specific information out of the database? According to the man pages:
logops <operations>
Specify which types of operations to log. The valid operation types are abandon, add, bind, compare, delete, extended, modify, modrdn, search, and unbind. Aliases for common sets of operations are also available:
writes
add, delete, modify, modrdn
reads
compare, search
Session
Would this work if are using anonymous binding as well?
Any help would be greatly appreciated!
-Eric