On 06/03/2013 02:23 PM, Aly Khimji wrote:
> Quick questions guys,
> can you advise if there is a particular place(s) successful and failed
> users authentication is logged? I know from local users I can go
> through the 389 access logs, but for trust based users can you advise
> where I would look? I know i see a proper ticket issued in krb5kdc
> logs, but mainly for failed logins.
What is the scenario?
Is this: user from AD logs into a Linux system that is joined into IPA
In this case the authentication happens in AD so the audit trail will be
Once this user tries to access a resource in IPA domain there will be a
record of issuing this user a service ticket in the kerberos log.
The users always get TGTs from the domain they belong to so the record
will be in the log of the corresponding KDC.
> Freeipa-users mailing list
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
Looking to carve out IT costs?
Freeipa-users mailing list