[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Log of deleted accounts

To: Elias Pereira <empbilly@gmail.com>
Subject: Re: Log of deleted accounts
From: Hallvard Breien Furuseth <h.b.furuseth@usit.uio.no>
Date: Thu, 04 Jun 2015 15:53:40 +0200
Cc: openldap-technical@openldap.org
In-reply-to: <CAHdxDAE=O7-SkPRTHhudsJKWHTDkP=FFybGQRjGdw7inX5SsKQ@mail.gmail.com>
References: <CAHdxDAE=O7-SkPRTHhudsJKWHTDkP=FFybGQRjGdw7inX5SsKQ@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0

On 03. juni 2015 21:03, Elias Pereira wrote:

If no log setting in slapd.conf, I can check in the syslog who deleted a
certain user account?


The default slapd loglevel 'stats' is sufficient for that, but whether
it got logged anywhere depends on your syslog settings.

By default, slapd uses syslog user.level = local4.debug.  The slapd
command line might override, see man slapd.  So if your /etc/syslog.conf
(or whatever your OS calls it) has "local4.* -/some/file.log" or
somesuch, then you can find the change and trace the connection ID
'conn=<number>' back to previos Bind or to the ACCEPT.

--
Hallvard

References:
- Log of deleted accounts
  - From: Elias Pereira <empbilly@gmail.com>

Prev by Date: AW: OLC permissions - general beginner question
Next by Date: Re: OpenLDAP with SASL not working
Index(es):
- Chronological
- Thread