Specifications

Chapter 9 Maintaining Open Directory Services 181

3 From the expanded Servers list, select Open Directory.

4 Click Settings, then click General, to see a list of replicas and the status of each one.

The status for a new replica indicates whether it was created successfully. Thereafter,

the status indicates whether the most recent replication attempt was successful.

Viewing Open Directory Status and Logs

You can use Server Admin to view status information and logs for Open Directory

services. The following logs are available:

Directory services server log Â

Directory services error log Â

kadmin log

Â kdc log

LDAP log Â

Password service server log Â

Password service error log Â

Password service replication log Â

slapconfig log

To see directory services status or logs:

1 Open Server Admin and connect to the server.

2 Click the triangle at the left of the server.

The list of services appears.

3 From the expanded Servers list, select Open Directory.

4 Click Overview to see status information.

5 Click Logs and use the View pop-up menu to choose the log you want to see.

The path to the log le appears above the log.

6 Optionally, enter text in the lter eld and press Return to show only lines containing

the text you entered.

Monitoring Open Directory Authentication

You can use password service logs, visible using Server Admin, to monitor failed login

attempts for suspicious activity.

Open Directory uses logs to record failed authentication attempts, including IP

addresses that generate them. Periodically review the logs to determine whether there

are a large number of failed trials for the same password ID, indicating that somebody

might be generating login guesses.