Logging (Sun Ray) dtlogin attempts

From: Wingfield, John (John.Wingfield@logicacmg.com)
Date: Tue Feb 04 2003 - 09:09:13 EST

• Next message: Miguel Angel: "Problem in iPlanet Web Server SP9"
• Previous message: Greg Mani: "Sun Ray Session Server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi all

We need to log failed (and preferably successful as well) logins through
dtlogin. An FAQ recommended on Sun BigAdmin states that this can be achieved
by modifying the following lines in /etc/pam.conf to include the word
"debug":

login account required /usr/lib/security/$ISA/pam_unix.so.1 debug
dtlogin account required /usr/lib/security/$ISA/pam_unix.so.1 debug

Then add the following line to syslog.conf:

auth.debug;user.debug /var/log/logins

This does log successful logins, but doesn't state the username entered for
unsuccessful logins. Adding "debug" to the following line worked:

dtlogin auth required /usr/lib/security/$ISA/pam_unix.so.1 debug

However, NONE of this works with our Sun Rays, which is what we *really*
want to log.

Reading through the Administrator and Advanced Administrator manuals for Sun
Ray Server 1.3, it looks like this sort of thing should be logged to
/var/opt/SUNWut/log/auth_log. However, on our system, this file is empty and
all the rotated versions of this file are also empty.

Can anyone advise on the best course of action to achieve authentication
logging for Sun Rays, unsuccessful and successful if possible, and how to
achieve this? Also, are there alternatives to the PAM dtlogin method above?

Thanks

John Wingfield
Space & Defence
____________________________
LogicaCMG
Stephenson House
75 Hampstead Road
London NW1 2PL
UK
T: +44 (0)20 7446 1075 (direct)
E: john.wingfield@logicacmg.com
www.logicacmg.com

This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Miguel Angel: "Problem in iPlanet Web Server SP9"
• Previous message: Greg Mani: "Sun Ray Session Server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:25:45 EDT