OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Documentation/8464
Full headers

From: dave@pandora.com
Subject: Documentation for enabling monitoring via cn=config
Compose comment
Download message
State:
0 replies:
2 followups: 1 2

Major security issue: yes  no

Notes:

Notification:


Date: Fri, 15 Jul 2016 00:06:21 +0000
From: dave@pandora.com
To: openldap-its@OpenLDAP.org
Subject: Documentation for enabling monitoring via cn=config
Full_Name: Dave Rawks
Version: 2.4
OS: debian linux
URL: https://gist.githubusercontent.com/drawks/dd3fa73604bf0d6ac454e515ff2a33f9/raw/74bad4c25342f112d85eafca87f2f2dd7eb47a8f/dave-rawks-160714.patch
Submission from: (NULL) (2620:106:e00f:f167::13)


http://www.openldap.org/doc/admin24/monitoringslapd.html section 20.1 "Monitor
configuration via cn=config(5)" of the documentation simply reads "This section
has yet to be written"

Seeing as how cn=config is the primary/default configuration method in all
current major distributions of openldap and the only method referenced in the
main slapd quickstart guide it feels a major oversight to not provide proper
documentation on how to enable monitoring via this method.


I've attached a patch whichrovivides some minimal instructions to enable
monitoring via cn=config

Followup 1

Download message
Date: Thu, 14 Jul 2016 18:00:29 -0700
From: Ryan Tandy <ryan@openldap.org>
To: dave@pandora.com
Cc: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8464) Documentation for enabling monitoring via cn=config
On Fri, Jul 15, 2016 at 12:06:22AM +0000, dave@pandora.com wrote:
>I've attached a patch whichrovivides some minimal instructions to enable
>monitoring via cn=config

Thanks for the patch!

I commented on these points in IRC, duplicating here for the record:

Module loading is a generic task, IMO it doesn't make sense to talk 
about in the context of an individual module. Covering how to load each 
module would get repetitive really quickly.

Also, while the LDIF you wrote makes sense, the way of authenticating to 
the config database is local to each site (the -H ldapi:// -Y EXTERNAL 
in your example is to some extent a Debian-ism), so this is another 
thing that I don't really think should be covered when talking about a 
specific module.



Followup 2

Download message
Subject: Re: (ITS#8464) Documentation for enabling monitoring via cn=config
To: ryan@openldap.org, openldap-its@OpenLDAP.org
From: =?UTF-8?Q?Michael_Str=c3=b6der?= <michael@stroeder.com>
Date: Fri, 15 Jul 2016 08:28:21 +0200
ryan@openldap.org wrote:
> Module loading is a generic task, IMO it doesn't make sense to talk 
> about in the context of an individual module.

This is true.

But there should be a hint that the monitor database must be the last database
backend (order!). Otherwise it does not see all other backends.

Ciao, Michael.



Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest


The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org