[389-users] Question about lastlogintime
harry.devine at faa.gov
harry.devine at faa.gov
Tue Jul 30 15:28:24 UTC 2013
I'm not trying to lock out any accounts based on login time currently,
just add the lastLoginTime attribute. If I understand that link you sent
me, if I do not put altstateattrname: createTimestamp as stated at
https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/account-policy-plugin.html#account-policy-plugin-wo-lockout
then it should work?
Also, I did notice that the changes I put in this morning somehow aren't
there. I manually edited my dse.ldif file, saved it, restarted the
directory server, and tried it. Is this not the acceptable method?
Thanks for the help!
Harry
Harry Devine
Common ARTS Software Development
AJM-245
(609)485-4218
Harry.Devine at faa.gov
From:
Rich Megginson <rmeggins at redhat.com>
To:
Harry Devine/ACT/FAA at FAA
Cc:
"General discussion list for the 389 Directory server project."
<389-users at lists.fedoraproject.org>
Date:
07/30/2013 11:10 AM
Subject:
Re: [389-users] Question about lastlogintime
On 07/30/2013 07:26 AM, harry.devine at faa.gov wrote:
I just followed that and made the changes, restarted the server, and
logged in with user account. I logged in fine, but if I try to do an
ldapsearch and search for lastLoginTime, I get nothing back. I don't see
that attribute in that user's Advanced Properties page either. So, I
guess its back to my original question: Do I need to manually add the
lastLoginTime attribute to all 460 users manually? Or are there any logs
that I can examine to see if it is being rejected some how?
https://fedorahosted.org/389/ticket/47439
Thanks,
Harry
Harry Devine
Common ARTS Software Development
AJM-245
(609)485-4218
Harry.Devine at faa.gov
From:
Rich Megginson <rmeggins at redhat.com>
To:
Harry Devine/ACT/FAA at FAA
Cc:
"General discussion list for the 389 Directory server project."
<389-users at lists.fedoraproject.org>
Date:
07/26/2013 04:19 PM
Subject:
Re: [389-users] Question about lastlogintime
On 07/26/2013 01:35 PM, harry.devine at faa.gov wrote:
I looked them over but I'm still not clear on it. I don't necessarily
want to lock out accounts after a certain amount of time, I just want to
record the last login time. I guess I still don't see whether I need add
that attribute to each user account, either manually or via some sort of
script.
https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/account-policy-plugin.html#account-policy-plugin-wo-lockout
Thanks,
Harry
Harry Devine
Common ARTS Software Development
AJM-245
(609)485-4218
Harry.Devine at faa.gov
From:
Rich Megginson <rmeggins at redhat.com>
To:
"General discussion list for the 389 Directory server project."
<389-users at lists.fedoraproject.org>
Cc:
Harry Devine/ACT/FAA at FAA
Date:
07/26/2013 11:57 AM
Subject:
Re: [389-users] Question about lastlogintime
On 07/26/2013 09:07 AM, harry.devine at faa.gov wrote:
We were interested in tracking a user's last login time, and I see the
attribute that I can add in the user's profile. But we have 460 users so
adding that in manually would be tedious. I saw this article online:
https://fedorahosted.org/389/ticket/371 and wondered if all we had to do
was add what it mentions to our dse.ldif file and restart the server.
Yes, but see http://www.port389.org/wiki/Account_Policy_Design and
https://fedorahosted.org/389/ticket/47439
Would that work? If not, would scripting the addition of that attribute
be possible? Or is there another way?
Thanks!
Harry
--
389 users mailing list
389-users at lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20130730/dbe538c6/attachment.html>
More information about the 389-users
mailing list