[WIP] Log database changes.
abartlet at samba.org
Thu May 10 04:07:16 UTC 2018
On Mon, 2018-05-07 at 18:05 +0200, Stefan Metzmacher via samba-
> Hi Gary,
> > Current state of this task.
> > Comments appreciated.
> Most of the preparation like the session guid looks good.
> I'm wondering if we want to implement the auditing of the directory
> database similar to Windows using SACLs in the security descriptors
> instead of having custom modules for various types of events.
SACL support would still need the same infrastructure, it would just
provide a way to filter which events to audit, rather than the course-
grained filters we have here.
I see it as a version 2 kind of thing, we need to get this much in
first. So far the client requests have been for class-based logging
(the filtering happens on external log analysis tools).
I would also want to know clearly what the use case is for SACL
logging, because if it is only really valuable in conjunction with a
full Event Log and matching windows exactly, that would be much more
As it stands, our ACLs are a pain to modify (outside the windows GUI),
so in the short time per-server smb.conf options, matching the audit
work done so far seem much more practical.
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 862 bytes
Desc: This is a digitally signed message part
More information about the samba-technical