LDAP Sync Log File Access

Scenario: You may be an Adobe Connect Administrator and want to access the LDAP sync logs to see who has been (via an LDAP sync) brought into Adobe Connect, removed from Adobe Connect, or has been added or removed from a group membership, and when.  The problem is that these logs are only accessible for the most part, on the server itself by a server admin who can log into the Configuration Console on the localhost and access them manually via the Directory Service area of the console.  This is not accessible from outside of the actual Connect server.

The solution is to use the API to find all the LDAP sync logs on the system (which are actually treated as content) and access them with just an Administrator username and password to the system.  Here’s how:

1) Log into the Adobe Connect interface as user with Administrator priviledges.
2) Assuming your Licensed account-id has not been changed, it will be ’7′ so you can make the following API call:

http://{serverURL}/api/xml?action=sco-expanded-contents&sco-id=7&filter-icon=logos

Where 7 is the account ID and you filter on ‘icon=logos’ (not sure why)…

Result will look like this (example response):

<results>
<status code=”ok”/>
<expanded-scos>
<sco depth=”2″ sco-id=”12345” folder-id=”11005″ type=”content” icon=”logos” lang=”en” source-sco-id=”” display-seq=”0″ source-sco-type=”” source-sco-icon=”” content-source-sco-icon=”” duration=””>
<name>{ds-sync}</name>
<url-path>/p5u78ftvvsi/</url-path>
<date-created>2013-10-29T20:10:17.660-04:00</date-created>
<date-modified>2014-01-14T21:42:27.150-05:00</date-modified>
</sco>
</expanded-scos>
</results>

The name of the item should be {ds-sync} (short for Directory Service Synchronization).

3) Then use the following call to get all sync logs under that folder:

http://{serverURL}/api/xml?action=sco-expanded-contents&sco-id=12345

Where the sco-id is the one from the first call and will be the sco-id of the sync folder (so yours will be different than my example of 12345)

It will list all sync logs with their scos (like below).

They all have a name format of: {sync-sco-preview} + the date.
They all have an icon=archive

4) Look for the one you want, and then navigate to the file via the URL (value in RED in the response below).

Example response:

<results>
<status code=”ok”/>
<expanded-scos>
<sco depth=”0″ sco-id=”12345″ folder-id=”11005″ type=”content” icon=”logos” lang=”en” source-sco-id=”” display-seq=”0″ source-sco-type=”” source-sco-icon=”” content-source-sco-icon=”” duration=””>
<name>{ds-sync}</name>
<url-path>/p5u78ftvvsi/</url-path>
<date-created>2013-10-29T20:10:17.660-04:00</date-created>
<date-modified>2014-01-14T21:42:27.150-05:00</date-modified>
</sco>
<sco depth=”1″ sco-id=”26150″ folder-id=”12345″ type=”content” icon=”archive” lang=”en” source-sco-id=”” display-seq=”0″ source-sco-type=”” source-sco-icon=”” content-source-sco-icon=”” duration=””>
<name>{sync-sco-preview} [2014-01-14 18:23:35.47]</name>
<url-path>/p26150/</url-path>
<date-created>2014-01-14T21:23:35.470-05:00</date-created>
<date-modified>2014-01-14T21:23:35.470-05:00</date-modified>
</sco>
<sco depth=”1″ sco-id=”26017″ folder-id=”12345″ type=”content” icon=”archive” lang=”en” source-sco-id=”” display-seq=”0″ source-sco-type=”” source-sco-icon=”” content-source-sco-icon=”” duration=””>
<name>{sync-sco-preview} [2014-01-14 06:37:23.88]</name>
<url-path>/p26017/</url-path>
<date-created>2014-01-14T09:37:23.880-05:00</date-created>
<date-modified>2014-01-14T09:37:23.880-05:00</date-modified>
</sco>
…….
</expanded-scos>
</results>

 

Comments are closed.