Hi, I have installed the Samba AD DC Version 4.6.3 and we are trying to enable Event Logging. We have followed the procedure given in https://wiki.samba.org/index.php/Event_Logging. But I am unable to get the Samba AD DC to write the events into Log. Also I am not able to figure out where the directory and files are created. We need to generate audit logs of Users and AD DC administrator User. Coming to DLL file creation, how do we create it? Can some one give more details? My smb.conf is attached herewith. -- Thanks & Regards, Anantha Raghava DISCLAIMER: This e-mail communication and any attachments may be privileged and confidential to eXza Technology Consulting & Services, and are intended only for the use of the recipients named above If you are not the addressee you may not copy, forward, disclose or use any part of it. If you have received this message in error, please delete it and all copies from your system and notify the sender immediately by return e-mail. Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions. Do not print this e-mail unless required. Save Paper & trees. -------------- next part -------------- # Global parameters [global] netbios name = DC1 realm = KTKBANKLTD.COM workgroup = KTKBANKLTD #interfaces = 127.0.0.1 172.20.107.30 dns forwarder = 172.16.202.10 server role = active directory domain controller idmap_ldb:use rfc2307 = yes #Parameter added to set eventlog eventlog list = Application System Security SyslogLinux [netlogon] path = /usr/local/samba/var/locks/sysvol/ktkbankltd.com/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No
On Fri, 2017-05-05 at 08:15 +0530, Anantha Raghava via samba wrote:> Hi, > > I have installed the Samba AD DC Version 4.6.3 and we are trying to > enable Event Logging. We have followed the procedure given in > https://wiki.samba.org/index.php/Event_Logging. But I am unable to > get > the Samba AD DC to write the events into Log. Also I am not able to > figure out where the directory and files are created. > > We need to generate audit logs of Users and AD DC administrator User.This sadly isn't a description of how to log events for the AD DC. The good news is that comprehensive authentication and authorization event logging as human-readable strings and JSON is a feature that has been added to Samba for 4.7, due in September. Thanks for your interest, and please have a play with it, and let us know how if it covers what you need! Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
Hello Andrew, Thanks for your quick response. We will definitely work with 4.7 when it is released. Since AD DC with 4.6.3 is critical for us, is there any way we can write events and read, if not using Windows Event Viewer? -- Thanks & Regards, Anantha Raghava DISCLAIMER: This e-mail communication and any attachments may be privileged and confidential to eXza Technology Consulting & Services, and are intended only for the use of the recipients named above If you are not the addressee you may not copy, forward, disclose or use any part of it. If you have received this message in error, please delete it and all copies from your system and notify the sender immediately by return e-mail. Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions. Do not print this e-mail unless required. Save Paper & trees. On Friday 05 May 2017 09:13 AM, Andrew Bartlett wrote:> On Fri, 2017-05-05 at 08:15 +0530, Anantha Raghava via samba wrote: >> Hi, >> >> I have installed the Samba AD DC Version 4.6.3 and we are trying to >> enable Event Logging. We have followed the procedure given in >> https://wiki.samba.org/index.php/Event_Logging. But I am unable to >> get >> the Samba AD DC to write the events into Log. Also I am not able to >> figure out where the directory and files are created. >> >> We need to generate audit logs of Users and AD DC administrator User. > This sadly isn't a description of how to log events for the AD DC. The > good news is that comprehensive authentication and authorization event > logging as human-readable strings and JSON is a feature that has been > added to Samba for 4.7, due in September. > > Thanks for your interest, and please have a play with it, and let us > know how if it covers what you need! > > Thanks, > > Andrew Bartlett >