NCP engine logs the connection details when a user logs out gracefully or when it could not find the user entry in eDirectory for the connection. It may happen that a user entry was deleted by the administrator when a user has already logged in to the NCP server.
Security watchdog helps to keep the user connection alive by periodically checking it. If the user connection is unresponsive or unreachable, security watchdog performs either of the following operations:
Schedules the connection for termination
Aborts the connection
Terminates the connection forcefully
watchdog and NCP engine log user details in XML format at /var/opt/novell/log/ncpserv.audit.log and in plain text format at /var/opt/novell/log/ncpserv.log.
The log details include:
Timestamp
Name of the user with eDirectory tree name
Station number
Termination method
Description
NOTE:Novell Client for windows maintains two separate connection for a user who logs in. One of those connections is used to monitor user connection. Hence, while closing or aborting a user connection, the log may print details for each connection.
Graceful logout - XML
<libncpengine name="NCPConnection" timestamp="Tue 19 May 2015 02:47:41 PM IST PM IST" errno="0"> <Station_User type="string">.CN=testuser.O=novell.T=TESTTREE.</Station_User> <Station_Number type="int">16</Station_Number> <Termination_method type="string">Logout</Termination_method> <description type="string">User Logged Out Gracefully</description> </libncpengine>
Graceful logout - Text
[i 2015-05-19 14:47:41] User ".CN=testuser.O=novell.T=TESTTREE." from Station 16 Time Stamp "Tue May 19 14:47:41 2015 pm" Disconnected
User Entry Deleted - XML
<libncpengine name="NCPConnection" timestamp="Tue 19 May 2015 02:51:33 PM IST PM IST" errno="0"> <Station_User type="string">.testuser.novell.TESTTREE.</Station_User> <Station_Number type="int">4</Station_Number> <Termination_method type="string">Deleted</Termination_method> <description type="string">User Details Deleted</description> </libncpengine>
<libncpengine name="NCPConnection" timestamp="Tue 19 May 2015 02:51:33 PM IST PM IST" errno="0"> <Station_User type="string">.testuser.novell.TESTTREE.</Station_User> <Station_Number type="int">17</Station_Number> <Termination_method type="string">Deleted</Termination_method> <description type="string">User Details Deleted</description> </libncpengine>
User Entry Deleted - Text
[i 2015-05-19 14:51:33] User ".testuser.novell.TESTTREE." from Station 4 Time Stamp "Tue May 19 14:51:33 2015 pm" Deleted
[i 2015-05-19 14:51:33] User ".testuser.novell.TESTTREE." from Station 17 Time Stamp "Tue May 19 14:51:33 2015 pm" Deleted
Connection Aborted - XML
<libncpengine name="NCPConnection" timestamp="Tue 19 May 2015 02:57:33 PM IST PM IST" errno="0"> <Station_User type="string">.CN=testuser.O=novell.T=TESTTREE.</Station_User> <Station_Number type="int">16</Station_Number> <Termination_method type="string">Connection aborted</Termination_method> <description type="string">Connection is aborted by security watchdog.</description> </libncpengine>
Connection Aborted - Text
[i 2015-05-19 14:57:33] User ".CN=admin.O=novell.T=M77-EDIR888-MANISH-TREE." at station 16 Time Stamp "Tue May 19 14:57:33 2015 pm" Connection aborted
Connection Terminated - XML
<libncpengine name="NCPConnection" timestamp="Tue 19 May 2015 02:57:33 PM IST PM IST" errno="0"> <Station_User type="string">.CN=testuser.O=novell.T=TESTTREE.</Station_User> <Station_Number type="int">16</Station_Number> <Termination_method type="string">Force Termination</Termination_method> <description type="string">User did not logout within 5 minutes after security watch dog notice</description> </libncpengine>
Connection Terminated - Text
[i 2015-05-19 14:57:33] User did not logout within 5 minutes after security watch dog notice [i 2015-05-19 14:57:33] User ".CN=testuser.O=novell.T=TESTTREE." at station 16 Time Stamp "Tue May 19 14:57:33 2015 pm" Terminated
Connection Scheduled for Termination - XML
<libncpengine name="NCPConnection" timestamp="Tue 19 May 2015 02:57:33 PM IST PM IST" errno="0"> <Station_User type="string">.CN=testuser.O=novell.T=TESTTREE.</Station_User> <Station_Number type="int">16</Station_Number> <Termination_method type="string">Scheduled for Termination</Termination_method> <description type="string">User connection is Scheduled for Termination</description> </libncpengine>
Connection Scheduled for Termination - Text
[i 2015-05-19 14:57:33] User ".CN=testuser.O=novell.T=TESTTREE." at station 16 Time Stamp "Tue May 19 14:57:33 2015 pm" Scheduled for Termination