How to get last login time of users through script?


Hi,

I want to find out last login time of the users in a OU, for this i
have written following script which gives me fullName, mail, and last
modified time but not lastLoginTime.
------------------------------------------------------------
export HOST=naam.lab.com

ldapsearch -b ou=internal,ou=Users,o=mynet \
-h ${HOST} \
-p 389 \
-D ou=internal,ou=Users,o=mynet \
-s sub fullName mail modifyTimestamp lastLoginTime
-------------------------------------------------------------

i have done attribute mapping in LDAP with eDir, by LDAP-->LDAP
Options-->attribute Mapping.
eDir Attribut LDAp Attribute
Last Login Time <> lastLogintime
Login Time <> loginTime

but still i didn't get any value from lastLoginTime and loginTime
attributes.

Does it required any more configuration for this?

please help!

Thanks in advance.


--
vaibhavkhare
------------------------------------------------------------------------
vaibhavkhare's Profile: http://forums.novell.com/member.php?userid=124227
View this thread: http://forums.novell.com/showthread.php?t=454058

Tags:

  • vaibhavkhare wrote:

    >
    > Hi,
    >
    > I want to find out last login time of the users in a OU, for this i
    > have written following script which gives me fullName, mail, and last
    > modified time but not lastLoginTime.
    > ------------------------------------------------------------
    > export HOST=naam.lab.com
    >
    > ldapsearch -b ou=internal,ou=Users,o=mynet \
    > -h ${HOST} \
    > -p 389 \
    > -D ou=internal,ou=Users,o=mynet \
    > -s sub fullName mail modifyTimestamp lastLoginTime
    > -------------------------------------------------------------
    >
    > i have done attribute mapping in LDAP with eDir, by LDAP-->LDAP
    > Options-->attribute Mapping.
    > eDir Attribut LDAp Attribute
    > Last Login Time <> lastLogintime
    > Login Time <> loginTime
    >
    > but still i didn't get any value from lastLoginTime and loginTime
    > attributes.
    >
    > Does it required any more configuration for this?
    >
    > please help!
    >
    > Thanks in advance.


    ldapsearch -H ldaps://10.200.200.40 -D cn=admin,o=admin -w novell -b
    cn=evandermaas,o=org -x loginTime

    # extended LDIF
    #
    # LDAPv3
    # base <cn=evandermaas,o=org> with scope subtree
    # filter: (objectclass=*)
    # requesting: loginTime
    #

    # EvanderMaas, org
    dn: cn=evandermaas,o=org
    loginTime: 20120328053253Z



    --
    Cheers,
    Edward
  • -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    You're trying to bind with an OU. While that could work in theory,
    you're not sending a password so you're actually doing a weird bind
    without a password, and a bind without a password is by definition an
    anonymous bind. It is unlikely that you can get this attribute
    anonymously. Solution: Bind as a user with rights. This is the -D
    option you are specifying.

    The attribute mappings you added are not needed; feel free to remove
    them or leave them... doesn't matter.

    Good luck.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v2.0.18 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

    iQIcBAEBAgAGBQJPdFZkAAoJEF XTK08PnB5zHoP/3gYzdp4TXkkRr6aBqtufxKm
    ZaDBwVAYAG/b542BjaNqIWjItp8IVgq/ NSuXv86phOQm1c0naHVruiYmV4M0Vzj
    q5BD2I61kigvvMvJLRWLiixVLwRvdH1RS5LCpiQNYo5Y3XbW8j1VqCZo0M E3Keg
    G/yWePzXN R1R3ScgFkyGmVvMDOUmEsBqHySZP2KKgAC6e9crFtLMFIV1ivBfoPC
    euHmeS4V9jKL5IMzGKC9g/VPiabIv1QWGnBIBLw9xDCZaNf3A5H4qGf59VqLU8Cs
    iHdStA80GmdvvhC1nkWafdBRTChyXTCGCeu1gdSP5C0XvF6OZWTPbFDN6v84eNHI
    5/16wHBWNls/1i E4cs7jL6xldhUfd70T0j7biq2LWtzaf70Lijbi2IfK sx5Q9l
    pvwS5siAFwhECc4SF0XbbMwRmooEh7jOdmYWZd27M/MypR3sPmzaX3pzaDnqKrcE
    VgRC5ncIe/eza71cH87Lq pdMJMm6N0LM aAmjNMFzK65wHyBtdgQ5foSqFWmXc7
    OVc1CDmKgwnX5d0slpWF0i7eNIivSp144OVcBcXTNCvhg5eqvPoen1xgdoQ1oqcC
    26Hdt0SH/e Uyx2uONUqYdRdMfWQjKU20Lenz8IX77BZZyDpkGHlcmOGVSOkZvW3
    XfD LBQCLZ2ULC7aqoFD
    =Obxq
    -----END PGP SIGNATURE-----
  • -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    You're trying to bind with an OU. While that could work in theory,
    you're not sending a password so you're actually doing a weird bind
    without a password, and a bind without a password is by definition an
    anonymous bind. It is unlikely that you can get this attribute
    anonymously. Solution: Bind as a user with rights. This is the -D
    option you are specifying.

    The attribute mappings you added are not needed; feel free to remove
    them or leave them... doesn't matter.

    Good luck.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v2.0.18 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

    iQIcBAEBAgAGBQJPdFZkAAoJEF XTK08PnB5zHoP/3gYzdp4TXkkRr6aBqtufxKm
    ZaDBwVAYAG/b542BjaNqIWjItp8IVgq/ NSuXv86phOQm1c0naHVruiYmV4M0Vzj
    q5BD2I61kigvvMvJLRWLiixVLwRvdH1RS5LCpiQNYo5Y3XbW8j1VqCZo0M E3Keg
    G/yWePzXN R1R3ScgFkyGmVvMDOUmEsBqHySZP2KKgAC6e9crFtLMFIV1ivBfoPC
    euHmeS4V9jKL5IMzGKC9g/VPiabIv1QWGnBIBLw9xDCZaNf3A5H4qGf59VqLU8Cs
    iHdStA80GmdvvhC1nkWafdBRTChyXTCGCeu1gdSP5C0XvF6OZWTPbFDN6v84eNHI
    5/16wHBWNls/1i E4cs7jL6xldhUfd70T0j7biq2LWtzaf70Lijbi2IfK sx5Q9l
    pvwS5siAFwhECc4SF0XbbMwRmooEh7jOdmYWZd27M/MypR3sPmzaX3pzaDnqKrcE
    VgRC5ncIe/eza71cH87Lq pdMJMm6N0LM aAmjNMFzK65wHyBtdgQ5foSqFWmXc7
    OVc1CDmKgwnX5d0slpWF0i7eNIivSp144OVcBcXTNCvhg5eqvPoen1xgdoQ1oqcC
    26Hdt0SH/e Uyx2uONUqYdRdMfWQjKU20Lenz8IX77BZZyDpkGHlcmOGVSOkZvW3
    XfD LBQCLZ2ULC7aqoFD
    =Obxq
    -----END PGP SIGNATURE-----

  • You are doing an anonymous bind (due to no password) and those two
    attributes are not Public Read, thus are not accessible that way. You
    need to bind with a password and a DN that has sufficient priv to read
    those attributes.


    --
    peterkuo
    ------------------------------------------------------------------------
    peterkuo's Profile: http://forums.novell.com/member.php?userid=88
    View this thread: http://forums.novell.com/showthread.php?t=454058


  • You are doing an anonymous bind (due to no password) and those two
    attributes are not Public Read, thus are not accessible that way. You
    need to bind with a password and a DN that has sufficient priv to read
    those attributes.


    --
    peterkuo
    ------------------------------------------------------------------------
    peterkuo's Profile: http://forums.novell.com/member.php?userid=88
    View this thread: http://forums.novell.com/showthread.php?t=454058


  • You are doing an anonymous bind (due to no password) and those two
    attributes are not Public Read, thus are not accessible that way. You
    need to bind with a password and a DN that has sufficient priv to read
    those attributes.


    --
    peterkuo
    ------------------------------------------------------------------------
    peterkuo's Profile: http://forums.novell.com/member.php?userid=88
    View this thread: http://forums.novell.com/showthread.php?t=454058