Francis, Peter - thank you for response! I redirected this question to OpenLDAP mailing list as well.
I don't really like the idea of log file, exactly because I need to read timestamps programmaticaly and it seems to be not efficient to parse logfile. Good point about "pwdFailureTime"! But unfortunately that covers only *failed* attempts. However I'm much more interested in successful attempts. Regards, Alina. On 2/5/07, Peter Schober <[EMAIL PROTECTED]> wrote:
alina, * Alina Dubrovska <[EMAIL PROTECTED]> [2007-02-05 14:49]: > More precisely I need to be able to get timestamp of last bind > attempt for particular entry. > > Is such a thing possible in OpenLDAP? Does it record bind attempts > somehow? using the password policy overlay http://www.openldap.org/software/man.cgi?query=slapo-ppolicy *failed* authc attempts are maintained in the pwdFailureTime operational attribute. see the man page for configuration options. sure, syslog has it all (if properly configured), but would require some scripting to provide an interface to only the relevant parts of the logfile... regards, -p.schober -- [EMAIL PROTECTED] - vienna university computer center Universitaetsstrasse 7, A-1010 Wien, Austria/Europe Tel. +43-1-4277-14155, Fax. +43-1-4277-9140 --- You are currently subscribed to [email protected] as: [EMAIL PROTECTED] ] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
--- You are currently subscribed to [email protected] as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
