This topic has 3 replies, 2 voices, and was last updated 5 years, 8 months ago by 
.
-
Posts
-
Hi All,
We are using openDJ 3.0 in our environment.We need to ensure that we are able to track all the activities performed by our directory administrator.I have checked the access logs, it give us the details of all the activities performed on the server like entry (create,update,delete) however i don’t see the logs capturing any details of user who has performed these operations on the directory server.How can I achive this in OpenDJ.
Thanks,
BuddhadebA complete log sequence (in the logs/access log) consists of the TCP connection, the BIND operation, some other operation (i.e. MODIFY), and finally the disconnect of the TCP connection. The following is a sample.
[18/Nov/2016:13:37:35 +0000] CONNECT conn=1 from=127.0.0.1:39526 to=127.0.0.1:4389 protocol=LDAP [18/Nov/2016:13:37:35 +0000] BIND REQ conn=1 op=0 msgID=1 version=3 type=SIMPLE dn="cn=directory manager" [18/Nov/2016:13:37:35 +0000] BIND RES conn=1 op=0 msgID=1 result=0 authDN="cn=Directory Manager,cn=Root DNs,cn=config" etime=1 [18/Nov/2016:13:38:28 +0000] MODIFY REQ conn=1 op=1 msgID=2 dn="uid=jdoe,ou=people,dc=example,dc=com" [18/Nov/2016:13:38:28 +0000] MODIFY RES conn=1 op=1 msgID=2 result=0 etime=44 [18/Nov/2016:13:38:30 +0000] DISCONNECT conn=1 reason="Client Disconnect"The “conn” value ties all log entries together. The “op” value shows the operations (BIND, MODIFY as shown above) that are performed across that connection. To determine that it was the rootDN that performed the operation, you would need to find the operation in question and then look at previous entries to find the DN of the entry that performed the BIND operation for the associated connection id.
Easy peasy, right.
bill
You are welcome, @buddhadeb-das.
Glad I could help!
You must be logged in to reply to this topic.
