[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Antw: Transform accesslog database to LDIF for ldapmodify or other way
On 08.02.2017 08:10, Ulrich Windl wrote:
>>>> Michael Wandel <m.wandel@t-online.de> schrieb am 07.02.2017 um 17:25 in
> Nachricht <ba56f41c-ca52-0f29-4b64-2f068b27bca8@t-online.de>:
>> On 06.02.2017 09:36, Ulrich Windl wrote:
>>>>>> Michael Wandel <m.wandel@t-online.de> schrieb am 02.02.2017 um 17:32 in
>>> Nachricht <84658c11-b467-f162-93cc-4e6cafc19ef9@t-online.de>:
>>>> Hey,
>>>>
>>>> I'm searching for a tool which is able to transform an accesslog
>>>> Database to an ldif file, what can be used for ldapmodify.
>>>
>>> I think it's possible, and I did something like that. Mostly to recover
> from
>> my mistakes, and for documentation purposes. It's not trivial, however. My
>> LDIF output for a change looks like this:
>>>
>>> ### 20170102084415.000003Z uid=user,ou=people,dc=domain,dc=org
>>> ## auditModify(modify)[83466,cn=Admin,dc=domain,dc=org]
>>> ## {0}{1.3.6.1.4.1.4203.666.5.12 criticality TRUE}:
>>> #< entryCSN: 20161220083510.859974Z#000000#001#000000
>>> #< modifiersName: cn=Admin,dc=domain,dc=org
>>> #< modifyTimestamp: 20161220083510Z
>>> #= modifiersName: cn=Admin,dc=domain,dc=org
>>>
>>> dn: uid=user,ou=people,dc=domain,dc=org
>>> changetype: modify
>>> replace: entryCSN
>>> entryCSN: 20170102084415.765596Z#000000#001#000000
>>> -
>>> replace: modifyTimestamp
>>> modifyTimestamp: 20170102084415Z
>>> -
>>> add: pwdFailureTime
>>> pwdFailureTime: 20170102084415Z
>>>
>>> (Those "<" are previous values and "=" are unchanged values)
>>>
>>> Note that the LDIF is forward (for re-applying) the changes. My program
> also
>> has an option to produce a "backward LDIF" to create the corresponding
>> "undo". Also note that not all attributes presented in my LDIF can be
> changed
>> vie LDIF.
>>>
>>
>> Nice to hear about, where can i find these tool, is there a download link
> ??
>
> Sorry, it's an in-house development. But any talented programmer can write
> what you need within a few days.
It's ok, you are right, if you have time can do anything (fly to the
mars ;-) ). Thanks for the inspiration.
> Quanah Gibson-Mount <quanah@symas.com> has published a simple version you
> could use also.
>
That solution we use at the moment, big thanks to Quanah.
best regards
Michael
> Regards,
> Ulrich
>
>
>>
>> best regards
>>
>> Michael
>>
>>
>>>>
>>>> Or is there an alternative way to use the accesslog to rebuild an ldap
>>>> database from a backup time to actual ?
>>>>
>>>> Every hint is welcome
>>>
>>> Regards,
>>> Ulrich
>>>
>>>>
>>>> best regards
>>>>
>>>> Michael
>>>
>>>
>>>
>>>
>>>
>>
>>
>> --
>> Michael Wandel
>> Braakstraße 43
>> 33647 Bielefeld
>
>
>
--
Michael Wandel
Braakstraße 43
33647 Bielefeld