By: Karl Jaro user 06 Mar 2017 at 6:39 p.m. CST

6 Responses
Karl Jaro gravatar
Hello Gluu, Is there any way to track password changes of users? Is there a .log file to give me this?

By Mohib Zico staff 06 Mar 2017 at 11:50 p.m. CST

Mohib Zico gravatar
Nothing yet but if you track 'userPassword' at attribute... It will help.

By Karl Jaro user 07 Mar 2017 at 3:49 p.m. CST

Karl Jaro gravatar
Thanks for the reply, Mohib. Do you know how I will be able to track that attribute using log viewer? We need to know if the users change their passwords without our permissions.

By Michael Schwartz staff 10 Mar 2017 at 5:34 p.m. CST

Michael Schwartz gravatar
Based on this issue, I'm not sure where the password change is originating. Is it via SCIM? Is it via the oxTrust admin UI? Is it via an authentication script (i.e. change your password after a certain amount of time). Please provide more details.

By Karl Jaro user 10 Mar 2017 at 6:15 p.m. CST

Karl Jaro gravatar
Hi Michael, Thanks for bringing this up, I'm sorry if I was not detailed enough. This would be coming from the oxTrust admin UI, we won't allow users to register/change password on their own. How can I log it?

By Mohib Zico staff 11 Mar 2017 at 7:21 a.m. CST

Mohib Zico gravatar
Hi Karl, You can grab password changing log from ldap audit log. Here is what comes when we change some user's password from oxTrust admin panel: ``` # 11/Mar/2017:13:04:02 +0000; conn=86; op=1 dn: inum=@!A578.3242.DCA8.432A!0001!1DF4.0E33!0000!09F4.48D0,ou=people,o=@!A578.3242.DCA8.432A!0001!1DF4.0E33,o=gluu changetype: modify replace: oxTrustEmail oxTrustEmail: {"operation":null,"value":"foobar@gluu.org","display":"foobar@gluu.org","primary":true,"reference":null,"type":"other"} - replace: userPassword userPassword: {SSHA512}fQo..............Y1AwqNBIIIIIIIIIIIIIIIIIII - replace: objectClass objectClass: gluuPerson objectClass: eduPerson objectClass: inetOrgPerson objectClass: ox-A5783242DCA8432A00011DF40E33 objectClass: top - replace: pwdChangedTime pwdChangedTime: 20170311130402.196Z - replace: modifiersName modifiersName: cn=Directory Manager,cn=Root DNs,cn=config - replace: modifyTimestamp modifyTimestamp: 20170311130402Z ```

By Karl Jaro user 23 Mar 2017 at 8:17 p.m. CDT

Karl Jaro gravatar
Thanks!