MIT, Heimdal and Re: [PATCH] Log transaction and authentication durations.
abartlet at samba.org
Wed Jun 20 17:35:43 UTC 2018
On Wed, 2018-06-20 at 09:23 -0700, Jeremy Allison wrote:
> Just a question. Did we consider this "experimental" audit functionality
> that is provided by the MIT kdc ?
> Is our Heimdal code compatible with this or could be made so ?
Andreas can speak to his own code but looking at this it appears not to
be that specific API:
Andreas was already having to extend the layer he was using for some
other things the Samba audit code was requiring, hence why I was trying
to give him a heads-up.
In short, so far the audit code has been hooked around the 'good/bad
password' APIs as those get us access to the DB entries we need to log
things like SIDs (not in the layer you mention, which is more generic
but less useful to Samba).
I wasn't really expecting this to be such a big drama!
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical