Re: Notification from LDAP Server

[manoj kiran <manojkiran.eda [at] gmail.com>]

Hi Dave,

Thanks for the reply.

If got your point, but how will i know which user attributes got changed ? can the openldap server send a notification ? and how can i receive a notification to nslcd ? if yes how can i achieve that ?

I know which user attributes got changed,i can write a script to invalidate only those user's sessions.

On Tue, Jul 30, 2019 at 8:45 AM Dave Macias <davama [at] gmail.com> wrote:

Script it out so that any sessions of said user are killed. (What we had to do)

Then the user re-establishes the session with new rights.

-dave

On Jul 29, 2019, 11:07 PM -0400, manoj kiran <manojkiran.eda [at] gmail.com>, wrote:

Hi Arthur, 

Looks like I have hit an end here, any help would be appreciated. 

Thanks, 

Manoj

On Thu, Jul 25, 2019, 11:42 AM manoj kiran <manojkiran.eda [at] gmail.com> wrote:

Hi All,

I was a beginner working on a small embedded System which uses nslcd(pam_ldap) as the client for authentication.

When ever the pam_ldap return a success, i have the necessary code to establish a session(persisted) for the specific ldap user.

But the problem which i was facing was :

When ever there is a change in ldap users attributes like password/group in the server, i need a way to obtain a signal from the ldap server to nslcd so that i can invalidate the existing sessions of the respective user whose attributes are changed.

How can we achieve this ? Can anyone help me to point some example/tutorials?

Thanks,

Manoj