Tim Gustafson wrote:
I was wondering if there is any way to configure OpenLDAP to record the last
time an account was successfully authorized? We need to be able to prune accounts after a period of inactivity, but there's no way right now to know if they user has been active or not. We can't base it on the last time they connected to a shell because not everyone uses shells; some people just authenticate to POP their e-mail or log into a web page. If there was some way to maintain a time stamp of the last time that that a user successfully authenticated (by way of an LDAP bind to the LDAP server) that would solve this problem.
See the slapo-accesslog(5) manpage. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
