Symantec Access Management

Expand all | Collapse all

Looking for a way to show the actual LDAP queries that SiteMinder is running when performing authn/authz with additional attributes being used to do the authn/authz

  • 1.  Looking for a way to show the actual LDAP queries that SiteMinder is running when performing authn/authz with additional attributes being used to do the authn/authz

    Posted Mar 06, 2015 03:11 PM

    Looking for a way to show the actual LDAP queries that SiteMinder is running when performing authn/authz with additional attributes being used to do the authn/authz



  • 2.  Re: Looking for a way to show the actual LDAP queries that SiteMinder is running when performing authn/authz with additional attributes being used to do the authn/authz

    Posted Mar 08, 2015 07:16 PM

    Hi

     

    I can see following being printed in policy server trace log when SM perform authentication. Not sure if that sufficient for your use case. If it is, you can add LDAP component into policy server trace log and add all data fields. For following example, the LDAP information is shown in Message field

     

    [03/09/2015][09:08:02.422][09:08:02][1580][1124][SmDsLdapConnMgr.cpp:1191][CSmDsLdapConn::SearchExts][][][][][][][][][][][][][][][][][][][][][LDAP search of (&(cn=user1)(objectclass=*)) took 0 seconds and 977 microseconds]

    [03/09/2015][09:08:02.423][09:08:02][1580][1124][SmDsLdapProvider.cpp:2242][CSmDsLdapProvider::Search][][][][][][][][][][][][][][][][][][][(Search) Base: 'o=userstore', Filter: '(&(cn=user1)(objectclass=*))'. Status: 1 entries][][Ldap Search callout succeeds.]

     

    Regards,

    Kar Meng