[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Antw: Re: Retrieve deleted user accounts
Ulrich Windl wrote:
>>>> Quanah Gibson-Mount <quanah@symas.com> schrieb am 12.10.2019 um 00:59 in
> Nachricht <9CEEEE149A9041259AA8E765@[192.168.1.144]>:
>
>>
>> ‑‑On Wednesday, October 9, 2019 3:58 PM +0000 Michael Starling
>> <mlstarling31@hotmail.com> wrote:
>>
>>>
>>> Is there any OpenLDAP control equivalent to the Microsoft's >>
>>> LDAP_SERVER_SHOW_DELETED_OID = "1.2.840.113556.1.4.417" ?
>>>
>>>
>>> I would like to pull a list of user accounts that have been deleted along
>>> with the corresponding date/time.
>>
>> If you delete an entry with OpenLDAP, then it is deleted. There are no
>> tombstones. Generally if you want to have access to old account
>> information, it's a better design to have an attribute that tracks whether
>> an account is active/inactive/whatever, and then flip its bit.
>
> Querying accesslog (if configured) could provide such information.
One could even write an overlay that used the accesslog to emulate the
functionality of the Microsoft control.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/