Results 1 to 10 of 10
I have an openldap server that is not logging my logins. Were would the default log be or is there a setting I need to configure to show the logins ...
- 10-19-2011 #1Just Joined!
- Join Date
- Dec 2010
- Location
- Key-stone state
- Posts
- 54
Openldap logging
I have an openldap server that is not logging my logins. Were would the default log be or is there a setting I need to configure to show the logins for ldap.
This is a Red Hat ES 6 server.
Thanks
Grimm
- 10-19-2011 #2Linux Guru
- Join Date
- May 2011
- Posts
- 1,843
I don't know if this would do it, but...have you tried setting logfile <filename> and loglevel <integer> in your /etc/openldap/slapd.conf file?
- 10-19-2011 #3Just Joined!
- Join Date
- Dec 2010
- Location
- Key-stone state
- Posts
- 54
I did add a logfile location to my slapd.conf file but to no avail.
Maybe I have the log file and log level in the wrong place, any ideas?
Also the sshd is logging logins over ssh to the secure file, but why not the slapd deamon weird.
Grimm
- 10-19-2011 #4Linux Guru
- Join Date
- May 2011
- Posts
- 1,843
Are you sure you are using LDAP to authenticate when you log in?
- 10-19-2011 #5Just Joined!
- Join Date
- Dec 2010
- Location
- Key-stone state
- Posts
- 54
Pretty sure since there are no local account on my server other the root.
I looked under authconfig-tui and I saw local authentication, and shadow passwords were selected as well as LDAP authentication.
Do you think that would cause some problems?
Grimm
- 10-19-2011 #6Linux Guru
- Join Date
- May 2011
- Posts
- 1,843
I've not used authconfig-tui, but I have used /etc/nsswitch.conf to specify the order of permitted authentication mechanisms. Read up on it and see if that makes sense in your setup. For example, I had something like this in my LDAP server (it's gone now, but I think it was like this):
Code:passwd: ldap files nisplus nis shadow: ldap files nisplus nis group: ldap files nisplus nis
- 10-20-2011 #7Just Joined!
- Join Date
- Dec 2010
- Location
- Key-stone state
- Posts
- 54
No luck,
I did as you suggested, and that did not start my logging.
Is there something I need to configure in my schema to enable logging, or even the log file. This doesn't make sense.
Grimm
- 10-20-2011 #8Linux Guru
- Join Date
- May 2011
- Posts
- 1,843
Is there some other way you can test/confirm that you are using LDAP to authenticate users? Did you follow some guide when setting up LDAP?
- 10-20-2011 #9Just Joined!
- Join Date
- Dec 2010
- Location
- Key-stone state
- Posts
- 54
I followed this guys blog correcting for my environment of course.
OpenLDAP How To (Fedora) « the blog of Chris
There a no local user accounts on my server, I can verify this by opening /etc/shadow and the only accounts in shadow are the system accounts such as ldap, and root.
I can also verfy that I am using ldap since I can log into my client computers using my non root login.
- 10-20-2011 #10Linux Guru
- Join Date
- May 2011
- Posts
- 1,843
Maybe using debug mode will enable logging? Check out this thread, it is old, but detailed, and maybe something there will help you.
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts