[Freeipa-users] Logging of Who does What on IPA Server
Petr Spacek
pspacek at redhat.com
Thu Feb 14 09:37:32 UTC 2013
On 14.2.2013 09:49, Martin Kosek wrote:
> On 02/14/2013 08:20 AM, Rajnesh Kumar Siwal wrote:
>> IPA is going to be very critical Server for any environment.
>> Do we have proper logging of who as locked whom, Who has created a
>> sudo policy, who has allowed access to whom etc ?
>>
>
> Hello Rajnesh,
>
> the audit component of IPA collecting and processing audit information is not
> there yet. There is some information about our future direction in our wiki:
> http://freeipa.org/page/Roadmap
>
> As for logging who did what, you can check existing logs on your IPA server(s)
> which may have information you need for audit:
>
> LDAP access log (LDAP calls): /var/log/dirsrv/slapd-$INST/access
Also note 389 audit capabilities!
> http error log (IPA framework calls): /var/log/httpd/error_log
--
Petr^2 Spacek
More information about the Freeipa-users
mailing list