Project

General

Profile

Scénario #27607

Scribe AD : Restaurer la fonctionnalité "'historique des connexions" dans l'EAD

Added by Gérald Schwartzmann over 2 years ago. Updated 9 months ago.

Status:
Terminé (Sprint)
Priority:
Normal
Assigned To:
Category:
-
Start date:
11/30/2020
Due date:
12/18/2020
% Done:

100%

Story points:
5.0
Remaining (hours):
0.00 hour
Velocity based estimate:
3 days
Release:
Release relationship:
Auto

Description

Depuis le passage à ScribeAD, l'historique des connexions ne fonctionne plus.
Partie Historique des connexions dans http://eole.ac-dijon.fr/documentations/2.7/completes/HTML/ModuleScribe/co/17-connexion.html

Solutions à mettre en œuvre

  • Pour EOLE 2.7.2 (le pôle pourra s'occuper du portage vers les versions supérieures une fois la fonctionnalité validée)
  • Définir une ou plusieurs commande permettant de récupérer les informations
    • proposition, utiliser : journalctl -t smbd_audit (cf. #27607#note-7)
    • si nécessaire : corriger les options dans global_smb_ad.tmpl (full_audit:prefix = %u|%I|%m|%S) (exemple : remplacer %m par %M, %a ?, %R ?, %U ?)
    • sélectionner uniquement les informations pertinentes (ex : quel intérêt d'avoir une colonne remplie de Vista ?)
  • Mettre à jour la documentation en expliquant la nouvelle méthode pour afficher les logs de connexion (page EAD + FAQ)

Critères d'acceptation

smbd_audit.png View (294 KB) Gilles Grandgérard, 12/01/2020 01:16 PM

Historique.png View (52.5 KB) Matthieu Lamalle, 12/03/2020 02:58 PM


Subtasks

Tâche #31282: Modifier le filtre du full_auditFerméMatthieu Lamalle

Tâche #31283: Adapter l'ead pour récupérer les logs de connexion depuis journalctlFerméMatthieu Lamalle

Tâche #31348: Depuis ScribeAD 2.7.1, le 'vfs object = full_audit' est écrasé par 'recycle' (ou autres cas)FerméGilles Grandgérard


Related issues

Related to Distribution EOLE - Tâche #31286: Valider le scénario Scribe AD : Restaurer la fonctionnalité "'historique des connexions" dans l'EAD Fermé 12/03/2020

History

#1 Updated by Gérald Schwartzmann over 2 years ago

  • Description updated (diff)

#2 Updated by Gilles Grandgérard about 2 years ago

  • Release deleted (ScribeAD et clients)

#3 Updated by Joël Cuissinat almost 2 years ago

  • Description updated (diff)

#4 Updated by Joël Cuissinat over 1 year ago

  • Release set to Carnet de produit (Cadoles)

#5 Updated by Joël Cuissinat over 1 year ago

  • Story points set to 6.0

#6 Updated by Joël Cuissinat over 1 year ago

  • Subject changed from Scribe AD : Afficher l'historique des connexions dans l'EAD to Scribe AD : Restaurer la fonctionnalité "'historique des connexions" dans l'EAD

#7 Updated by Gilles Grandgérard 10 months ago

Une idée :

cat /etc/samba/smb.conf
full_audit:prefix = %u|%I|%m|%S

cat /etc/eole/release
EOLE_MODULE=scribe
EOLE_VERSION=2.7
EOLE_RELEASE=2.7.2

journalctl -t smbd_audit

nov. 19 10:57:15 scribe smbd_audit[19596]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|icones_|disconnect|ok|icones$
nov. 19 10:57:19 scribe smbd_audit[19596]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|groupes|connect|ok|groupes
nov. 19 10:57:22 scribe smbd_audit[19596]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|commun|connect|ok|commun
nov. 19 10:57:24 scribe smbd_audit[19596]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|professeurs|connect|ok|professeurs
nov. 19 10:57:34 scribe smbd_audit[19596]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|IPC_|disconnect|ok|IPC$
nov. 19 11:14:03 scribe smbd_audit[19596]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|disconnect|ok|admin
nov. 19 11:14:03 scribe smbd_audit[19596]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|groupes|disconnect|ok|groupes
nov. 19 11:14:03 scribe smbd_audit[19596]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|professeurs|disconnect|ok|professeurs
nov. 19 11:14:03 scribe smbd_audit[19596]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|commun|disconnect|ok|commun
nov. 19 12:22:53 scribe smbd_audit[29570]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|connect|ok|admin
nov. 19 12:39:54 scribe smbd_audit[29570]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|disconnect|ok|admin
nov. 19 14:21:37 scribe smbd_audit[22040]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|IPC_|connect|ok|IPC$
nov. 19 14:21:37 scribe smbd_audit[22040]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|connect|ok|admin
nov. 19 14:21:48 scribe smbd_audit[22040]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|IPC_|disconnect|ok|IPC$
nov. 19 14:28:41 scribe smbd_audit[22040]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|disconnect|ok|admin
nov. 20 09:14:28 scribe smbd_audit[6055]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|connect|ok|admin
nov. 20 09:30:28 scribe smbd_audit[6055]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|disconnect|ok|admin
nov. 20 11:09:59 scribe smbd_audit[19793]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|commun|connect|ok|commun
nov. 20 11:09:59 scribe smbd_audit[19793]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|groupes|connect|ok|groupes
nov. 20 11:09:59 scribe smbd_audit[19793]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|professeurs|connect|ok|professeurs
nov. 20 11:10:51 scribe smbd_audit[19793]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|connect|ok|admin
nov. 20 11:24:03 scribe smbd_audit[19793]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|IPC_|connect|ok|IPC$
nov. 20 11:24:14 scribe smbd_audit[19793]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|IPC_|disconnect|ok|IPC$
nov. 20 13:42:00 scribe smbd_audit[7104]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|IPC_|connect|ok|IPC$
nov. 20 13:42:00 scribe smbd_audit[7104]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|connect|ok|admin
nov. 20 13:42:13 scribe smbd_audit[7104]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|IPC_|disconnect|ok|IPC$
nov. 20 14:08:01 scribe smbd_audit[7104]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|disconnect|ok|admin
nov. 20 15:18:06 scribe smbd_audit[19984]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|connect|ok|admin
nov. 20 15:47:07 scribe smbd_audit[19984]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|disconnect|ok|admin
nov. 20 15:47:38 scribe smbd_audit[19793]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|commun|disconnect|ok|commun
nov. 20 15:47:38 scribe smbd_audit[19793]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|professeurs|disconnect|ok|professeurs
nov. 20 15:47:38 scribe smbd_audit[19793]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|groupes|disconnect|ok|groupes
nov. 20 15:47:38 scribe smbd_audit[19793]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|disconnect|ok|admin
-- Reboot --
nov. 23 15:29:37 scribe smbd_audit[7622]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|IPC_|connect|ok|IPC$
nov. 23 15:29:37 scribe smbd_audit[7622]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|connect|ok|admin
nov. 23 15:29:47 scribe smbd_audit[7622]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|IPC_|disconnect|ok|IPC$
nov. 23 15:45:37 scribe smbd_audit[7622]: DOMSCRIBE\admin|192.168.0.206|192.168.0.206|admin|disconnect|ok|admin
nov. 24 10:23:09 scribe smbd_audit[19916]: DOMSCRIBE\admin|192.168.0.208|192.168.0.208|IPC_|connect|ok|IPC$
nov. 24 10:23:09 scribe smbd_audit[19916]: DOMSCRIBE\admin|192.168.0.208|192.168.0.208|admin|connect|ok|admin
nov. 24 10:23:21 scribe smbd_audit[19916]: DOMSCRIBE\admin|192.168.0.208|192.168.0.208|IPC_|disconnect|ok|IPC$
nov. 24 10:49:09 scribe smbd_audit[19916]: DOMSCRIBE\admin|192.168.0.208|192.168.0.208|admin|disconnect|ok|admin

nov. 24 17:43:09 scribe smbd_audit[9517]: DOMSCRIBE\admin|192.168.0.208|192.168.0.208|IPC_|192.168.0.208|Vista|SMB2_10|admin|disconnect|ok|IPC$
nov. 24 17:45:40 scribe smbd_audit[9785]: nobody|192.168.0.208|pc-447410|IPC_|192.168.0.208|Vista|SMB2_10||connect|ok|IPC$
nov. 24 17:45:57 scribe smbd_audit[9785]: nobody|192.168.0.208|pc-447410|IPC_|192.168.0.208|Vista|SMB2_10||disconnect|ok|IPC$

#8 Updated by Joël Cuissinat 10 months ago

  • Due date set to 12/18/2020
  • Target version set to Prestation Cadoles MEN 49-51
  • Start date set to 11/30/2020
  • Release changed from Carnet de produit (Cadoles) to EOLE 2.7.1.3
  • Story points changed from 6.0 to 5.0

#9 Updated by Joël Cuissinat 10 months ago

  • Description updated (diff)

#10 Updated by Joël Cuissinat 10 months ago

  • Description updated (diff)

#11 Updated by Joël Cuissinat 10 months ago

  • Description updated (diff)

#12 Updated by Joël Cuissinat 10 months ago

  • Description updated (diff)

#13 Updated by Gilles Grandgérard 10 months ago

  • Description updated (diff)

#14 Updated by Matthieu Lamalle 10 months ago

  • Assigned To set to Matthieu Lamalle

#15 Updated by Matthieu Lamalle 10 months ago

Sur etb1, avec un pc joint au domaine, et connexion avec l'utilisateur admin/eole, à l'execution de journalctl -t smb_audit:

root@scribe:~# journalctl -t smb_audit
-- Logs begin at Thu 2020-07-02 18:52:03 CEST, end at Mon 2020-11-30 11:30:01 CET. --
-- No entries --
root@scribe:~# journalctl -t smbd
-- Logs begin at Thu 2020-07-02 18:52:03 CEST, end at Mon 2020-11-30 11:30:44 CET. --
nov. 27 00:00:10 scribe smbd[8435]: [2020/11/27 00:00:10.340650,  0] ../lib/util/become_daemon.c:124(daemon_ready)
nov. 27 00:00:10 scribe smbd[8435]:   STATUS=daemon 'smbd' finished starting up and ready to serve connections
nov. 27 00:00:25 scribe smbd[8435]: [2020/11/27 00:00:25.355129,  0] ../source3/printing/nt_printing.c:187(nt_printing_init)
nov. 27 00:00:25 scribe smbd[8435]:   nt_printing_init: error checking published printers: WERR_ACCESS_DENIED
nov. 27 00:02:22 scribe smbd[11165]: [2020/11/27 00:02:22.292135,  0] ../lib/util/become_daemon.c:124(daemon_ready)
nov. 27 00:02:22 scribe smbd[11165]:   STATUS=daemon 'smbd' finished starting up and ready to serve connections
nov. 27 00:02:31 scribe smbd[11165]: [2020/11/27 00:02:31.316376,  0] ../source3/libads/kerberos_util.c:74(ads_kinit_password)
nov. 27 00:02:31 scribe smbd[11165]:   kerberos_kinit_password SCRIBE$@DOMPEDAGO.ETB1.LAN failed: Cannot contact any KDC for requested realm
nov. 27 00:02:31 scribe smbd[11165]: [2020/11/27 00:02:31.317511,  0] ../source3/printing/nt_printing.c:187(nt_printing_init)
nov. 27 00:02:31 scribe smbd[11165]:   nt_printing_init: error checking published printers: WERR_ACCESS_DENIED
-- Reboot --
nov. 27 01:57:36 scribe smbd[3863]: [2020/11/27 01:57:36.059068,  0] ../lib/util/become_daemon.c:124(daemon_ready)
nov. 27 01:57:36 scribe smbd[3863]:   STATUS=daemon 'smbd' finished starting up and ready to serve connections
nov. 27 01:57:45 scribe smbd[3863]: [2020/11/27 01:57:45.084322,  0] ../source3/libads/kerberos_util.c:74(ads_kinit_password)
nov. 27 01:57:45 scribe smbd[3863]:   kerberos_kinit_password SCRIBE$@DOMPEDAGO.ETB1.LAN failed: Cannot contact any KDC for requested realm
nov. 27 01:57:45 scribe smbd[3863]: [2020/11/27 01:57:45.084615,  0] ../source3/printing/nt_printing.c:187(nt_printing_init)
nov. 27 01:57:45 scribe smbd[3863]:   nt_printing_init: error checking published printers: WERR_ACCESS_DENIED
nov. 27 01:58:58 scribe smbd[5980]: [2020/11/27 01:58:58.320245,  0] ../lib/util/become_daemon.c:124(daemon_ready)
nov. 27 01:58:58 scribe smbd[5980]:   STATUS=daemon 'smbd' finished starting up and ready to serve connections
nov. 27 01:59:07 scribe smbd[5980]: [2020/11/27 01:59:07.337235,  0] ../source3/libads/kerberos_util.c:74(ads_kinit_password)
nov. 27 01:59:07 scribe smbd[5980]:   kerberos_kinit_password SCRIBE$@DOMPEDAGO.ETB1.LAN failed: Cannot contact any KDC for requested realm
nov. 27 01:59:07 scribe smbd[5980]: [2020/11/27 01:59:07.337567,  0] ../source3/printing/nt_printing.c:187(nt_printing_init)
nov. 27 01:59:07 scribe smbd[5980]:   nt_printing_init: error checking published printers: WERR_ACCESS_DENIED
nov. 27 02:00:26 scribe smbd[7136]: [2020/11/27 02:00:26.448947,  0] ../lib/util/become_daemon.c:124(daemon_ready)
nov. 27 02:00:26 scribe smbd[7136]:   STATUS=daemon 'smbd' finished starting up and ready to serve connections
nov. 27 02:00:35 scribe smbd[7136]: [2020/11/27 02:00:35.469280,  0] ../source3/libads/kerberos_util.c:74(ads_kinit_password)
nov. 27 02:00:35 scribe smbd[7136]:   kerberos_kinit_password SCRIBE$@DOMPEDAGO.ETB1.LAN failed: Cannot contact any KDC for requested realm
nov. 27 02:00:35 scribe smbd[7136]: [2020/11/27 02:00:35.470085,  0] ../source3/printing/nt_printing.c:187(nt_printing_init)
nov. 27 02:00:35 scribe smbd[7136]:   nt_printing_init: error checking published printers: WERR_ACCESS_DENIED
nov. 27 02:02:14 scribe smbd[9002]: [2020/11/27 02:02:14.856717,  0] ../lib/util/become_daemon.c:124(daemon_ready)
nov. 27 02:02:14 scribe smbd[9002]:   STATUS=daemon 'smbd' finished starting up and ready to serve connections
nov. 27 02:02:23 scribe smbd[9002]: [2020/11/27 02:02:23.873270,  0] ../source3/libads/kerberos_util.c:74(ads_kinit_password)
nov. 27 02:02:23 scribe smbd[9002]:   kerberos_kinit_password SCRIBE$@DOMPEDAGO.ETB1.LAN failed: Cannot contact any KDC for requested realm
nov. 27 02:02:23 scribe smbd[9002]: [2020/11/27 02:02:23.873703,  0] ../source3/printing/nt_printing.c:187(nt_printing_init)
nov. 27 02:02:23 scribe smbd[9002]:   nt_printing_init: error checking published printers: WERR_ACCESS_DENIED
nov. 27 02:03:43 scribe smbd[10118]: [2020/11/27 02:03:43.849165,  0] ../lib/util/become_daemon.c:124(daemon_ready)
nov. 27 02:03:43 scribe smbd[10118]:   STATUS=daemon 'smbd' finished starting up and ready to serve connections
nov. 27 02:03:52 scribe smbd[10118]: [2020/11/27 02:03:52.869230,  0] ../source3/libads/kerberos_util.c:74(ads_kinit_password)
nov. 27 02:03:52 scribe smbd[10118]:   kerberos_kinit_password SCRIBE$@DOMPEDAGO.ETB1.LAN failed: Cannot contact any KDC for requested realm
nov. 27 02:03:52 scribe smbd[10118]: [2020/11/27 02:03:52.869555,  0] ../source3/printing/nt_printing.c:187(nt_printing_init)
nov. 27 02:03:52 scribe smbd[10118]:   nt_printing_init: error checking published printers: WERR_ACCESS_DENIED
nov. 27 02:05:09 scribe smbd[11039]: [2020/11/27 02:05:09.751621,  0] ../lib/util/become_daemon.c:124(daemon_ready)

#16 Updated by Joël Cuissinat 10 months ago

  • Release changed from EOLE 2.7.1.3 to EOLE 2.7.2

#17 Updated by Gilles Grandgérard 10 months ago

vérifier ce jour.
voir snapshot

#18 Updated by Emmanuel GARETTE 10 months ago

Je viens de retester, voici toutes les étapes :

  • démarrage de etb1.amon-2.7.2-instance-default
  • démarrage de etb1.scribe-2.7.2-instance-AvecImport
  • démarrage de etb1.pcprofs-10
  • sur le poste windows log avec l'utilisateur pcadmin
  • démarrage de firefox avec accès à http://salt/joineole
  • exécution du script|acceptation de la clé salt
  • log avec l'utilisateur test.prof
  • démarrage de l'explorateur de fichier et accès à u:\
root@scribe:~# journalctl -t smbd_audit
-- Logs begin at Thu 2020-07-02 18:52:03 CEST, end at Tue 2020-12-01 16:07:09 CET. --
-- No entries --

#19 Updated by Emmanuel GARETTE 10 months ago

En fait ca fonctionne dans ACA mais pas etb1.

#20 Updated by Matthieu Lamalle 10 months ago

Après plusieurs essais et template de sorti, voici ce que nous pouvons proposer.
Attention, il n'y a pas possibilité de distinguer mes utilisateur des pc dans les filtres.

#21 Updated by Gilles Grandgérard 10 months ago

l'image est OK.

tu peux enlever les Computer en appliquant les mêmes règles que dans https://dev-eole.ac-dijon.fr/projects/eole-ad-dc/repository/revisions/master/entry/scripts/create_adhome.sh

rappel: les comptes d'ordinateur se terminent par '$'. Dans Samba le $ est remplacé par '_'

#22 Updated by Joël Cuissinat 10 months ago

  • Related to Tâche #31286: Valider le scénario Scribe AD : Restaurer la fonctionnalité "'historique des connexions" dans l'EAD added

#23 Updated by Matthieu Lamalle 9 months ago

  • Status changed from Nouveau to Résolu

#24 Updated by Laurent Flori 9 months ago

  • Status changed from Résolu to Terminé (Sprint)

Also available in: Atom PDF