OpenLDAP on windows audit

If you need to make an audit on an installed OpenLDAP on windows you will need some stuff:

We installed the version downloadable on userbooster, don’t forget that to login you will need to use « cn=Manager,dc=maxcrc,dc=com » / « secret ».

In order to activate the logs you now need to edit C:/openldap/slapd.conf with:

logLevel -1

And then restart OpenLDAP using this process:

navigate to the directory c:\openldap\var\run and delete any files in this directory (slapd.args and slapd.pid). The server should now restart. Failing this look at the log file

After that you will see a lot of content in your C:/openldap/openldap.log

Now it’s time to enable monitoring, so we add the follogin lines in our slapd.conf

database monitor

access to *

by dn.exact= »cn=Manager,dc=maxcrc,dc=com » write

     by * none

(and restart OpenLDAP).

Now you can get the monitoring datas using

ldapsearch  -D « cn=Manager,dc=maxcrc,dc=com » -w secret –

b cn=monitor  objectclass=*  +  >trace.txt

You can also use a tool to read monitoring data like the amazing  CN=monitor tool

• À propos
• Articles récents

Christophe Desclaux

Specialised in IAM (security, access control, identity management) and Open Source integration, settled in 2004 by IAM industry veteran, JANUA offers high value-added products and services to businesses and governements with a concern for Identity Management and Open Source components.
JANUA provides better security, build relationships, and enable new cloud, mobile, and IoT offerings from any device or connected thing.

Les derniers articles par Christophe Desclaux (tout voir)

• OpenLDAP on windows audit - 30 septembre 2016
• Customizing OpenIDM self-service UI - 2 septembre 2016
• OpenIDM4 UI performance issues - 20 mai 2016