AD Shibboleth Authentication
Peter Schober
peter.schober at univie.ac.at
Fri Oct 18 13:06:03 EDT 2019
* Christopher Bland <chris at fdu.edu> [2019-10-18 18:31]:
> I have a cluster of IDPs which use the JAAS config to authenticate
> users against AD. My jaas.config uses bindDN with bindCredential
> and works fine. My question is on the AD side. I am not seeing any
> kind of log for authentication being create in AD. I am wondering
> what kind of experiences other admins have with regard to tracking
> user authentications in AD?
No idea but with non-JAAS you have logs for those events from the IDP itself:
2019-10-18 17:03:35,132 - $IPADDR - INFO
[net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:166]
- Profile Action ValidateUsernamePasswordAgainstLDAP: Login by '$USER' failed
2019-10-18 17:03:40,218 - $IPADDR - INFO
[net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstLDAP:152]
- Profile Action ValidateUsernamePasswordAgainstLDAP: Login by '$USER' succeeded
-peter
More information about the users
mailing list