From: Quanah Gibson-Mount [mailto:quanah@zimbra.com]
slapo-auditlog?
From the documentation, it looks like that only logs changes, not
accesses/binds?
slapo-accesslog?
That is one of the options I mentioned in my initial inquiry, it's just going to induce a bit more overhead than I would like as far as getting our security group the plaintext log records they want. It would be nice if one of the syslog options simply included authentication logging that included everything (username, source IP, success/failure) on one line. Also, can you have more than one accesslog overlay for a given database? We're currently using regular syncrepl, but plan to transition to delta syncrepl, which also requires an accesslog overlay.
Don't know if you use it, but your security team may like you to use policy
We don't currently, we are actually using a central identity management system for account/password expiration and history; however, our security group is pushing us to enable failed login lockout, so we will most likely be looking into it soon.
Thanks much.