17. Tools

LinOTP comes with some tools to ease system maintenance.

17.1. linotp-sql-janitor

It will delete old entries in the SQL Audit log table. It can take a high and a low watermark. If the number of entries exceed the high watermark, old entries are deleted, so that only the <low watermark> newest entries remain.

This tool by default is run via cron once a day.

You can specify the watermarks using the command line (–high, –low), or entries in linotp.ini (linotpAudit.sql.highwatermark, linotpAudit.sql.lowwatermark). The default is set to high=10000 and low=5000.

17.2. linotp-tokens-used

This in fact is a munin [1] plugin to monitor the total amount of managed tokens, the number of unassigned tokens and the number of inactive tokens.

Of course the output can be used to be dumped to any other file.

The output can be used to set up a dynamic pay per use licensing model.

17.3. linotp-backup

This shell script backs up the database and the encryption key to an PGP encrypted backup file.

17.4. linotp-restore

This shell script restores a previously backed up database and encryption key.

17.5. linotp-convert-token

This script converts a Safeword dat seed file to an Aladdin/SafeNet XML file.

17.6. linotp-convert-xml-to-csv

This script converts an Aladdin XML file to an OATH CSV file.

17.7. linotp-decrypt-otpkey

This script can be used for debug purposes. It helps to decrypt an OTP seed from the token database.

17.8. LinotpLDAPProxy.pm

This is a perl module to be used with an OpenLDAP server to setup an LDAP proxy, to perform LDAP binds (authentication) with OTP values.