01-22-2024 02:15 PM
The securitylog is pretty good in that a valid username that fails to login will be recorded.
e.g. a message text for the user will be entered in the table = "User XXX entered invalid password for Core Services"
or if locked then messagetext = "Locked-out user XXX attempted to log on to Core Services"
Both of these messages revolve around a valid username.
If someone uses an invalid username - nothing will end up in this table; which is logical - that's why the table has a usernum in it.
So....
Is there a different table that records invalid attempts where the username doesn't exist?
If so, would someone please provide it?
If not, would this potentially be useful or is it overkill?
Regards,
01-23-2024 04:53 AM
Hello
You should also see entries in the securitylog for invalid users as well. Something similar to the following should be logged when a user that doesn't exist tries to login.
Are you not seeing these messages? If not, what client are you trying to log in to?
01-23-2024 04:53 AM
Hello
You should also see entries in the securitylog for invalid users as well. Something similar to the following should be logged when a user that doesn't exist tries to login.
Are you not seeing these messages? If not, what client are you trying to log in to?
01-23-2024 07:27 AM
Thanks Mike I see it now. I had other logins that were pushing it out of the query, since I used a select top and ordered by logdate desc. I was using the Unity client, so I see what you are seeing above.
Interestingly enough, and I'm not sure I should even put this in here, so if you all want to take administrative control and delete the following I understand.
If you use the thick client the invalid username is stored in the messagetext field. e.g. "Invalid user WHATEVER attempted to log on to the Client module ". Note: this seems like a good idea, unless your client has a tendency to put the password in the username field. In which case, the password gets stored in open text within the messagetext field, albeit all in caps.
01-23-2024 08:36 AM
Great to hear!
I would suggest sending in a Feedback form requesting the same info from Thick be included with Core clients. It very well may be for the reason you stated that we do not, but your submission will spark internal discussion around the topic.
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.