[SAC] Re-enable LDAP user creation
Alex M
tech_dev at wildintellect.com
Mon May 9 08:51:20 PDT 2016
On 05/09/2016 11:08 AM, Sandro Santilli wrote:
> On Mon, May 09, 2016 at 07:49:37AM -0700, Alex Mandel wrote:
>> On 05/09/2016 07:38 AM, Sandro Santilli wrote:
>
>>> It's enabled now, we got 5 new registered users, 2 of which have
>>> the _same_ email (something else to disallow?).
>>>
>>
>> Well not until we have a password reset. I could see kicking back the
>> form, saying - you've already registered.
>
> We badly need the email confirmation thing, no dubt.
> Frank: do you think you could work on that ?
>
>>> ldapsearch -x "(&(createTimestamp>=20160509000000Z))"
>>>
>>
>> Ya I'm wondering if we should run a daily report, or hourly, that emails
>> SAC or at least the main admins if more than x number of accounts have
>> been made in the last hour (maybe 20). Since that would be a good sign
>> of bulk registration. This would use the ldapsearch above...
>
> Another 2 accounts were just registered, and they uid doesn't
> look sane at all to me:
>
> kumartinkusingh08
> ct7316944
>
> I can't match those to the IP they came from as I don't know how
> to extract createTimestamp from LDAP, the apache log does not contain
> information about the name AND the script creator itself does not
> create any log.
>
ldapsearch -H ldaps://ldap.osgeo.org/ -b dc=osgeo,dc=org -x
"(&(createTimestamp>=20160401100000Z))" +
The + sign at the end dumps the createTimestamp
Alex
More information about the Sac
mailing list