#1668: Provide instructions to block LDAP users
---------------------------+-------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Keywords:
---------------------------+-------------------
There are thousands of fake OSGeo users just waiting to start spam storms,
it is useful as soon as they become active (or otherwise found spammy) to
quickly put those accounts on hold/block. As I couldn't find information
about doing that in https://wiki.osgeo.org/wiki/SAC:LDAP this ticket is to
provide such info.
I know Martin and Alex recently both did some disabling, it would be
useful to make more SAC members capable of doing so.
Another option would be to make the blacklist service-specific, but I
personally hadn't found a way to do that for Trac, for example.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1668>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1668: Provide instructions to block LDAP users
---------------------------+--------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+--------------------
Changes (by wildintellect):
* Attachment "regBydata.png" added.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1668>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1668: Provide instructions to block LDAP users
---------------------------+--------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+--------------------
Comment (by wildintellect):
I managed to dump what I think is the last months worth of user
registrations, with creation times. IP is not a stored attribute from what
I can see. There does seem to be a spike the last few days, and I can
easily make a list of the accounts (though no way to tell which are spam
accounts). See attached plot of the trend over time (will share R code
later if people want it).
{{{
ldapsearch -H ldaps://ldap.osgeo.org/ -b dc=osgeo,dc=org -x
"(&(createTimestamp>=20160401100000Z))" + > osgeoldapsince040116.ldif
}}}
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1668#comment:1>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1668: Provide instructions to block LDAP users
---------------------------+--------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+--------------------
Comment (by strk):
I've added your query to the example queries at
https://wiki.osgeo.org/wiki/SAC:LDAP (and restructured that page a little
bit).
Now I think we need to add, in that page, a commandline to disable (or
drop) those accounts.
Maybe by moving them from osgeo.org dc to something else like "spammers"
organization ?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1668#comment:2>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.