2

I cannot find an attribute in our eDirectory schema that provides a record of a user's last login time, as in what is the date and time of their last login, not how long were they logged in for (don't have that later attribute either but I don't need that one).

SUSE SLES 10, OES 2, eDirectory 8.8.

Is it normal to not have the attribute? How do I get this functionality?

GC78
  • 63
  • 2
  • 7
  • That's usually something I would expect and want in log files, not an LDAP directory. – Sven Apr 03 '13 at 15:39
  • Do not confuse loginTime with lastLoginTime. The current last login time, is loginTime. The one before that should be in lastLoginTime which is lightly confusing naming choices. – geoffc Apr 04 '13 at 22:42

1 Answers1

4

Here you go... I feel your pain, I once had the same issue

You can use ldapsearch eg:

ldapsearch -LLL -x -h 172.16.0.223 -Z -D cn=admin,o=local -W  "(&(objectclass=Person))" logintime

If you want a nice clean csv file pipe it through this...

| sed ':a;N;$!ba;s/ou=OFFICE1,o=local\n//g'  | sed 's/dn: cn=//' | sed 's/logintime: //g' | sed 's/Z$//g' | grep -v "^$" > user.login.times.csv

Extra options... Heres a search I did to get only a list of people whom hadnt logged in before a specific date

ldapsearch -LLL -x -h 172.16.0.223 -Z -D cn=admin,o=local -W "(&(objectclass=Person)(loginTime<=20110101000000Z))" logintime > users.logintime.before.jan.1.2011.txt

If you are partial to windows tools, you can use nlist

mike brentlinger
  • 366
  • 1
  • 5