OpenLDAP 日志功能
LDAP 默认情况日志是没有打印的,我们需要配置下将日志打印出来
修改rsyslog配置
vim /etc/rsyslog.conf
local4.* /var/log/ldap.log
重启rsyslog服务
systemctl restart rsyslog
测试日志功能
[root@hn-nameserver02-2-205 ~]# tailf /var/log/ldap.log
May 14 10:31:46 hn-nameserver02-2-205 slapd[15060]: conn=5442 fd=23 ACCEPT from PATH=/var/run/ldapi (PATH=/var/run/ldapi)
May 14 10:31:46 hn-nameserver02-2-205 slapd[15060]: conn=5442 op=0 BIND dn="" method=163
May 14 10:31:46 hn-nameserver02-2-205 slapd[15060]: conn=5442 op=0 BIND authcid="gidNumber=995+uidNumber=997,cn=peercred,cn=external,cn=auth" authzid="gidNumber=995+uidNumber=997,cn=peercred,cn=external,cn=auth"
May 14 10:31:46 hn-nameserver02-2-205 slapd[15060]: conn=5442 op=0 BIND dn="gidNumber=995+uidNumber=997,cn=peercred,cn=external,cn=auth" mech=EXTERNAL sasl_ssf=0 ssf=71
May 14 10:31:46 hn-nameserver02-2-205 slapd[15060]: conn=5442 op=0 RESULT tag=97 err=0 text=
May 14 10:31:46 hn-nameserver02-2-205 slapd[15060]: conn=5442 op=1 SRCH base="" scope=0 deref=0 filter="(objectClass=*)"
May 14 10:31:46 hn-nameserver02-2-205 slapd[15060]: conn=5442 op=1 SRCH attr=contextCSN