7 Jun
2015
7 Jun
'15
3:46 p.m.
HI!
First of all: For me slapo-accesslog is one of OpenLDAP's killer features.
I'm currently wondering about logging of extended operations in particular Password Modify ext. op. I see the resulting auditModify entries but I'd also like to see eventually refused auditExtended entries (e.g. to see the Session Tracking Control sent by the client). Reading access.c it seems that this is currently not supported. Is that right?
With a config directive
logops writes extended(1.3.6.1.4.1.4203.1.11.1)
like described in slapo-accesslog(5) slapd does not even start.
Ciao, Michael.