Evenlt Logging with AD DC

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Evenlt Logging with AD DC

Samba - General mailing list
Hi,

I have installed the Samba AD DC Version 4.6.3 and we are trying to
enable Event Logging. We have followed the procedure given in
https://wiki.samba.org/index.php/Event_Logging. But I am unable to get
the Samba AD DC to write the events into Log. Also I am not able to
figure out where the directory and files are created.

We need to generate audit logs of Users and AD DC administrator User.

Coming to DLL file creation, how do we create it? Can some one give more
details?

My smb.conf is attached herewith.


--

Thanks & Regards,


Anantha Raghava


DISCLAIMER:
This e-mail communication and any attachments may be privileged and
confidential to eXza Technology Consulting & Services, and are intended
only for the use of the recipients named above If you are not the
addressee you may not copy, forward, disclose or use any part of it. If
you have received this message in error, please delete it and all copies
from your system and notify the sender immediately by return e-mail.
Internet communications cannot be guaranteed to be timely, secure, error
or virus-free. The sender does not accept liability for any errors or
omissions.


Do not print this e-mail unless required. Save Paper & trees.


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

smb.conf (678 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Evenlt Logging with AD DC

Samba - General mailing list
On Fri, 2017-05-05 at 08:15 +0530, Anantha Raghava via samba wrote:

> Hi,
>
> I have installed the Samba AD DC Version 4.6.3 and we are trying to 
> enable Event Logging. We have followed the procedure given in 
> https://wiki.samba.org/index.php/Event_Logging. But I am unable to
> get 
> the Samba AD DC to write the events into Log. Also I am not able to 
> figure out where the directory and files are created.
>
> We need to generate audit logs of Users and AD DC administrator User.

This sadly isn't a description of how to log events for the AD DC.  The
good news is that comprehensive authentication and authorization event
logging as human-readable strings and JSON is a feature that has been
added to Samba for 4.7, due in September.

Thanks for your interest, and please have a play with it, and let us
know how if it covers what you need!

Thanks,

Andrew Bartlett

--
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: Evenlt Logging with AD DC

Samba - General mailing list
Hello Andrew,

Thanks for your quick response. We will definitely work with 4.7 when it
is released.

Since AD DC with 4.6.3 is critical for us, is there any way we can write
events and read, if not using Windows Event Viewer?

--

Thanks & Regards,


Anantha Raghava


DISCLAIMER:

This e-mail communication and any attachments may be privileged and
confidential to eXza Technology Consulting & Services, and are intended
only for the use of the recipients named above If you are not the
addressee you may not copy, forward, disclose or use any part of it. If
you have received this message in error, please delete it and all copies
from your system and notify the sender immediately by return e-mail.
Internet communications cannot be guaranteed to be timely, secure, error
or virus-free. The sender does not accept liability for any errors or
omissions.


Do not print this e-mail unless required. Save Paper & trees.

On Friday 05 May 2017 09:13 AM, Andrew Bartlett wrote:

> On Fri, 2017-05-05 at 08:15 +0530, Anantha Raghava via samba wrote:
>> Hi,
>>
>> I have installed the Samba AD DC Version 4.6.3 and we are trying to
>> enable Event Logging. We have followed the procedure given in
>> https://wiki.samba.org/index.php/Event_Logging. But I am unable to
>> get
>> the Samba AD DC to write the events into Log. Also I am not able to
>> figure out where the directory and files are created.
>>
>> We need to generate audit logs of Users and AD DC administrator User.
> This sadly isn't a description of how to log events for the AD DC.  The
> good news is that comprehensive authentication and authorization event
> logging as human-readable strings and JSON is a feature that has been
> added to Samba for 4.7, due in September.
>
> Thanks for your interest, and please have a play with it, and let us
> know how if it covers what you need!
>
> Thanks,
>
> Andrew Bartlett
>

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: Evenlt Logging with AD DC

Samba - General mailing list
On Fri, 2017-05-05 at 09:18 +0530, Anantha Raghava wrote:
> Hello Andrew,
> Thanks for your quick response. We will definitely work with 4.7 when
> it is released.
> Since AD DC with 4.6.3 is critical for us, is there any way we can
> write events and read, if not using Windows Event Viewer?

Neither 4.6 nor the upcoming 4.7 will write anything to Windows even
viewer, but all versions of Samba do log correct and incorrect
authentication attempts.  Sadly it is mixed in with all the other logs,
and does not have all the details (like source IP) included.

Try log level 2 for failures and 5 for success.

Thanks,

Andrew Bartlett
--
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba