On 14.2.2013 09:49, Martin Kosek wrote:
On 02/14/2013 08:20 AM, Rajnesh Kumar Siwal wrote:
IPA is going to be very critical Server for any environment.
Do we have proper logging of who as locked whom, Who has created a
sudo policy, who has allowed access to whom etc ?


Hello Rajnesh,

the audit component of IPA collecting and processing audit information is not
there yet. There is some information about our future direction in our wiki:
http://freeipa.org/page/Roadmap

As for logging who did what, you can check existing logs on your IPA server(s)
which may have information you need for audit:

LDAP access log (LDAP calls): /var/log/dirsrv/slapd-$INST/access
Also note 389 audit capabilities!

http error log (IPA framework calls): /var/log/httpd/error_log

--
Petr^2 Spacek

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to