I'm not trying to lock out any
accounts
based on login time currently, just add the lastLoginTime
attribute. If
I understand that link you sent me, if I do not put
altstateattrname: createTimestamp
as stated at https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/account-policy-plugin.html#account-policy-plugin-wo-lockout
then it should work?
Not sure.
Also, I did notice that the
changes
I put in this morning somehow aren't there. I manually edited
my
dse.ldif file, saved it, restarted the directory server, and
tried it.
Is this not the acceptable method?
The best method is ldapmodify, then restart.
If you must edit dse.ldif, make sure the server is not running or
your changes will be lost.
Thanks for the help!
Harry
Harry Devine
Common ARTS Software Development
AJM-245
(609)485-4218
Harry.Devine@xxxxxxx
On 07/30/2013 07:26 AM, harry.devine@xxxxxxx
wrote:
I just followed that and made the changes, restarted the server,
and logged
in with user account. I logged in fine, but if I try to do an
ldapsearch
and search for lastLoginTime, I get nothing back. I don't see
that
attribute in that user's Advanced Properties page either. So, I
guess
its back to my original question: Do I need to manually add
the lastLoginTime attribute to all 460 users manually? Or are
there
any logs that I can examine to see if it is being rejected some
how?
https://fedorahosted.org/389/ticket/47439
Thanks,
Harry
Harry Devine
Common ARTS Software Development
AJM-245
(609)485-4218
Harry.Devine@xxxxxxx
On 07/26/2013 01:35 PM, harry.devine@xxxxxxx
wrote:
I looked them over but I'm still not clear on it. I don't
necessarily
want to lock out accounts after a certain amount of time, I just
want to
record the last login time. I guess I still don't see whether I
need
add that attribute to each user account, either manually or via
some sort
of script.
https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/account-policy-plugin.html#account-policy-plugin-wo-lockout
Thanks,
Harry
Harry Devine
Common ARTS Software Development
AJM-245
(609)485-4218
Harry.Devine@xxxxxxx
On 07/26/2013 09:07 AM, harry.devine@xxxxxxx
wrote:
We were interested in tracking a user's last login time, and I
see the
attribute that I can add in the user's profile. But we have 460
users
so adding that in manually would be tedious. I saw this article
online:
https://fedorahosted.org/389/ticket/371
and wondered if all we had to do was add what it mentions to our
dse.ldif
file and restart the server.
Yes, but see http://www.port389.org/wiki/Account_Policy_Design
and https://fedorahosted.org/389/ticket/47439
Would that work? If not, would scripting the addition of that
attribute
be possible? Or is there another way?
Thanks!
Harry
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
|
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
