>> Quanah Gibson-Mount <quanah(a)symas.com> schrieb am
12.10.2019 um 00:59 in
Nachricht <9CEEEE149A9041259AA8E765(a)[192.168.1.144]>:
‑‑On Wednesday, October 9, 2019 3:58 PM +0000 Michael Starling
<mlstarling31(a)hotmail.com> wrote:
>
> Is there any OpenLDAP control equivalent to the Microsoft's >>
> LDAP_SERVER_SHOW_DELETED_OID = "1.2.840.113556.1.4.417" ?
>
>
> I would like to pull a list of user accounts that have been deleted along
> with the corresponding date/time.
If you delete an entry with OpenLDAP, then it is deleted. There are no
tombstones. Generally if you want to have access to old account
information, it's a better design to have an attribute that tracks whether
an account is active/inactive/whatever, and then flip its bit.
Querying accesslog (if configured) could provide such information.
‑‑Quanah
‑‑
Quanah Gibson‑Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<
http://www.symas.com>