Hi Jonathan, thank's for the answer. You're right, but I'm trying to implement a report to my security management and so I'm implemementing a meta-directory on top of access-logs written by a cluster of 4-way multi-master OL instances. Having to go to retrieve logs splitted locally on 4 machines is not so effective.
What I'm searching for, if is it possibile, is a way to propagate the information of the client machine to the authentication directory. And, as a consequence, obtain that information by means of a simple LDAP search to the accesslog. If necessary, I can go to manipulate the config of client OS (nss_ldap on Linux and secldapclntd on AIX). Thanks again Marco On Thu, Aug 12, 2010 at 5:48 PM, Jonathan Clarke <[email protected]>wrote: > On 12/08/2010 14:23, Marco Pizzoli wrote: > >> Hi list, >> I'm implementing slapo-accesslog in my openldap deployment. >> >> I have about 100 unix/linux systems that use a central openldap >> deployment to make authentication and grant access to users. >> >> With accesslog I'm able to see when a particular user has logged in, but >> is there a way to obtain, on the LDAP server side, information about >> which system has been accessed? >> > > You could analyze the server's logs (not accesslog, just the syslog, > assuming a loglevel stats) to see which client IPs are connecting. > > Jonathan > -- > -------------------------------------------------------------- > Jonathan Clarke - [email protected] > -------------------------------------------------------------- > Ldap Synchronization Connector (LSC) - http://lsc-project.org > -------------------------------------------------------------- > -- _________________________________________ Non รจ forte chi non cade, ma chi cadendo ha la forza di rialzarsi. Jim Morrison
