Alina Dubrovska wrote:
Hello,
We use OpenLDAP 2.3.27 as a user directory for our application.
Now I need to keep track of directory user bind activities.
More precisely I need to be able to get timestamp of last bind attempt
for particular entry.
Is such a thing possible in OpenLDAP? Does it record bind attempts somehow?
If you use the ppolicy overlay it can record failed Bind attempts. But the
record is erased after a successful Bind.
My personal solution options are the following:
1) create attribute for last bind timestamp and fill it programmatically
from the application
2) use slapo-accesslog(5) overlay, since there is a possibility to log
bind operations in separate database
Option 2 seems like your best bet.
But maybe nevertheless there is some already existing entry attribute
with such a timestamp?
No.
Thanks in advance!
Alina.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
Chief Architect, OpenLDAP http://www.openldap.org/project/
