25 Jun
2019
25 Jun
'19
10:33 a.m.
On 6/25/19 7:08 PM, Quanah Gibson-Mount wrote:
Another way to do this would be to set up an accesslog database backend and the slapo-accesslog overlay on your primary DB, and log all operations (not just success). This would also allow you to inspect what values the client is providing.
AFAIK this only helps if the modify request reaches the backend.
If the slapd frontend already rejects a request (e.g. invalid DN or schema violation) there is no auditModify entry to look at.
Ciao, Michael.