Intercepting an LDAP in order to gather statistics

452 Views Asked by At

We are looking at building an application that either proxies a standalone LDAP server or delegates to an embedded Java LDAP instance (ie: ApacheDS, OpenDS) in order to log requests and determine who is accessing which applications on our very large corporate network.

My question is is there a good way to intercept an LDAP request and "pull it apart" or have either OpenDS/ApacheDS push notifications of requests coming into LDAP.

2

There are 2 best solutions below

0
On BEST ANSWER

You don't need to do any of that. You can configure LDAP servers to log accesses, either in the LDAP directory itself or elsewhere.

0
On

OpenDJ (the actively developed fork of OpenDS, http://opendj.forgerock.org) has support for multiple and customized access logs, so you can even configure some filters for the specific requests you're interested in.