UserID API integrated with OpenDirectory service on OS X Server

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

UserID API integrated with OpenDirectory service on OS X Server

Not applicable

Hi,

I'm looking for guidance on how to integrate UserID API with my OpenDirectoy service running on a OS X Server. Anyone?

5 REPLIES 5

L4 Transporter

I've never worked with OpenDirectory before, but maybe the information in this post will help you out.

Hi,

I actually managed to get authentication working using LDAP but what is still missing is IP mapping where I want to extract username and IP address from maybe the authentication log and / or the email log. This way I don't need to use captive portal for iPhone and iPad users.

I'm not very good at writing scripts but can provide a copy of one of the logs available if it would help?

Regards,

Hello,

I have had success syslogging off the KDC log from OpenDirectory and then treating like any other syslog integration (UserID API integration using Syslog)

If you need any help with the regular expression used in the script just post a sample log with both a user and IP data in it.

Have a great evening

Nick

Much appriciated !

Here is one example of the Mail Server log "Library/Logs/Mail/mailaccess.log"

Feb 21 10:35:29 server.name log[96339]: imap-login: Login: user=<jimmy.nilsson>, method=CRAM-MD5, rip=192.168.5.3,

Regards,

Hi Santa,

Assuming you are running Pearl on your syslog server of choice your line to extract the user and IP from this log will look like this:

#Extract user and IP from string

if ($string =~ /user=\<(\w+\.\w+).*rip=(\d+\.\d+\.\d+\.\d+)/) {$user =$1; $address = $2};


The exact script will vary based on the syslog server you want to use and how you pass the log text to the script. If you look at the example scripts in the document you will find a Pearl one. If you replace the sample regular expression with the one above all you will need to do is determine how to pass the log data to the script in the first place.


Hope this helps!


Nick

  • 2934 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!