[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Evidence of client information in openldap accesslog

To: Jonathan Clarke <jonathan@phillipoux.net>
Subject: Re: Evidence of client information in openldap accesslog
From: Marco Pizzoli <marco.pizzoli@gmail.com>
Date: Thu, 12 Aug 2010 18:02:48 +0200
Cc: openldap-technical@openldap.org
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:received:in-reply-to :references:from:date:message-id:subject:to:cc:content-type; bh=IuCPmHxXJoidc8cwTreNAYW1yZt0/Hik4RXxnCc/9u0=; b=n+JWzaXulTBWPATpXQKqlP44qSKgolPOVnuO1skMRzOrotENaKG9dtJ5F+gu4g8odd DovBS4uVVcLK+0OhjweFUyDEVh7g/fkD2FbqxGMWtcDwwfhDupKC1kGnU2pcYHHP0GMB QcqMbWSEfHeM447sgud8wO9/c85/MWOKzGWR8=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; b=etDOnzfM5EalBVNY5mnM2iQlhhWuzQDGNZ+3MhyHzynTDP9ltg2chlHq0E1mF6hbUJ HDj3o+owVDW9W1ZCYdKxn5DbMjmVfqwW6tTlWAcGXhDtFQKBpf74Yzc9HlfEskMWvdLb /InJFM3UdGlgA7tfqXyamReGJuni4EwS7VdJ4=
In-reply-to: <4C6417BD.40309@phillipoux.net>
References: <AANLkTi=fFD0_RqJ70NhVC54eOtQsOYPqXvGASggxb60o@mail.gmail.com> <4C6417BD.40309@phillipoux.net>

Hi Jonathan, thank's for the answer.
You're right, but I'm trying to implement a report to my security management and so I'm implemementing a meta-directory on top of access-logs written by a cluster of 4-way multi-master OL instances.
Having to go to retrieve logs splitted locally on 4 machines is not so effective.

What I'm searching for, if is it possibile, is a way to propagate the information of the client machine to the authentication directory.
And, as a consequence, obtain that information by means of a simple LDAP search to the accesslog.
If necessary, I can go to manipulate the config of client OS (nss_ldap on Linux and secldapclntd on AIX).

Thanks again
Marco

On Thu, Aug 12, 2010 at 5:48 PM, Jonathan Clarke <jonathan@phillipoux.net> wrote:

On 12/08/2010 14:23, Marco Pizzoli wrote:

Hi list,
I'm implementing slapo-accesslog in my openldap deployment.

I have about 100 unix/linux systems that use a central openldap
deployment to make authentication and grant access to users.

With accesslog I'm able to see when a particular user has logged in, but
is there a way to obtain, on the LDAP server side, information about
which system has been accessed?

You could analyze the server's logs (not accesslog, just the syslog, assuming a loglevel stats) to see which client IPs are connecting.

Jonathan
--
--------------------------------------------------------------
Jonathan Clarke - jonathan@phillipoux.net
--------------------------------------------------------------
Ldap Synchronization Connector (LSC) - http://lsc-project.org
--------------------------------------------------------------

--
_________________________________________
Non è forte chi non cade, ma chi cadendo ha la forza di rialzarsi.
Jim Morrison

Follow-Ups:
- Re: Evidence of client information in openldap accesslog
  - From: Matheus Morais <matheus.morais@gmail.com>

References:
- Evidence of client information in openldap accesslog
  - From: Marco Pizzoli <marco.pizzoli@gmail.com>
- Re: Evidence of client information in openldap accesslog
  - From: Jonathan Clarke <jonathan@phillipoux.net>

Prev by Date: Re: Evidence of client information in openldap accesslog
Next by Date: Re: Evidence of client information in openldap accesslog
Index(es):
- Chronological
- Thread