ldapaudit_client is a tool which dumps events on the screen.
The sole purpose of this page to exist here is to show you how to dump LDAP events from eDirectory onto the console using this tool ldapaudit_client.
Lets get into basics, what LDAP events is all about.
LDAP events is an event system inside eDirectory’s nldap module. This event system reports all the action performed on that eDirectory server over the LDAP port.
The steps involved for getting events from the event system by a LDAP event monitoring client are:
That’s enough with the theory, let’s get this done practically.
Follow the steps below to perform LDAP monitoring on any eDirectory server (starting from 883 server):
Requirements: the download copy of the tool, Linux box.
The available list of events are:
1. EVT_LDAP_BIND 2. EVT_LDAP_BINDRESPONSE 3. EVT_LDAP_UNBIND 4. EVT_LDAP_CONNECTION 5. EVT_LDAP_SEARCH 6. EVT_LDAP_SEARCHRESPONSE 7. EVT_LDAP_SEARCHENTRYRESPONSE 8. EVT_LDAP_ADD 9. EVT_LDAP_ADDRESPONSE 10. EVT_LDAP_COMPARE 11. EVT_LDAP_COMPARERESPONSE 12. EVT_LDAP_MODIFY 13. EVT_LDAP_MODIFYRESPONSE 14. EVT_LDAP_DELETE 15. EVT_LDAP_DELETERESPONSE 16. EVT_LDAP_MODDN 17. EVT_LDAP_MODDNRESPONSE 18. EVT_LDAP_ABANDON 19. EVT_LDAP_EXTOP 20. EVT_LDAP_SYSEXTOP 21. EVT_LDAP_EXTOP_RESPONSE 22. EVT_LDAP_MODLDAPSERVER 23. EVT_LDAP_PASSWORDMODIFY 24. EVT_LDAP_UNKNOWNOP
This client writes a single event data to line in file specified text/pipe file at command line. The fields are separated by a ‘|’ character.
Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment. It just worked for at least one person, and perhaps it will be useful for you too. Be sure to test in a non-production environment.