Novell Home

My Favorites

Close

Please to see your favorites.

XDAS: Account Management Events not being logged by auditing

This document (7010504) is provided subject to the disclaimer at the end of this document.

Environment


NetIQ Audit
NetIQ eDirectory

Situation

eDirectory 8.8.6.5

Configure eDirectory Auditing as followings:

Modified the /etc/opt/novell/eDirectory/conf/xdasconfig.properties to include the following:
log4j.rootLogger=R
log4j.appender.R.File=/var/log/novell-audit/xdas-events.log

Added the xdasauditds module to the /etc/opt/novell/eDirectory/conf/ndsmodules.conf and also manually loaded xdasauditds within ndstrace console:

           ndsmodules.conf
           xdasauditds                  auto                         #XDASauditds

           ndstrace -c "load xdasauditds"

In iManager:
eDirectory Auditing | Audit Configuration | XDASEvents
Components:  LDAP
Log Event's Large Values: Log Large Values
XDAS Events Configuration:  Account Managment Events:  Create Account, Query Account, Delete Account, Modify Account

Reloaded xdasauditds module or waited 3 minutes for changes to take effect

Performed create, query, delete and modifies of account (user) objects but events aren't showing in the audit file (/var/log/novell-audit/xdas-events.log




Resolution

Upgrade to:
  • eDirectory to 8.8 SP7 Patch 3 (or later), and
  • iManager plug-in bundle for eDirectory post 2013-June.

Then configure auditing.

Additional Information

To log events for Account Management - Create, Query, Delete and Modify the corresponding fields must also be marked under Data Item or Resource Element Management Events.

See below:

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7010504
  • Creation Date:23-JUL-12
  • Modified Date:13-OCT-14
    • NetIQAudit
      eDirectory

Did this document solve your problem? Provide Feedback