Issue 8464 - Documentation for enabling monitoring via cn=config
Summary: Documentation for enabling monitoring via cn=config
Status: VERIFIED FIXED
Alias: None
Product: OpenLDAP
Classification: Unclassified
Component: documentation (show other issues)
Version: unspecified
Hardware: All All
: --- normal
Target Milestone: 2.5.2
Assignee: Quanah Gibson-Mount
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-07-15 00:06 UTC by dave@pandora.com
Modified: 2021-02-26 23:35 UTC (History)
0 users

See Also:


Attachments
dave-rawks-2016-07-14.patch (1.21 KB, patch)
2020-03-22 23:13 UTC, Quanah Gibson-Mount
Details

Note You need to log in before you can comment on or make changes to this issue.
Description dave@pandora.com 2016-07-15 00:06:21 UTC
Full_Name: Dave Rawks
Version: 2.4
OS: debian linux
URL: https://gist.githubusercontent.com/drawks/dd3fa73604bf0d6ac454e515ff2a33f9/raw/74bad4c25342f112d85eafca87f2f2dd7eb47a8f/dave-rawks-160714.patch
Submission from: (NULL) (2620:106:e00f:f167::13)


http://www.openldap.org/doc/admin24/monitoringslapd.html section 20.1 "Monitor
configuration via cn=config(5)" of the documentation simply reads "This section
has yet to be written"

Seeing as how cn=config is the primary/default configuration method in all
current major distributions of openldap and the only method referenced in the
main slapd quickstart guide it feels a major oversight to not provide proper
documentation on how to enable monitoring via this method.


I've attached a patch whichrovivides some minimal instructions to enable
monitoring via cn=config
Comment 1 Ryan Tandy 2016-07-15 01:00:29 UTC
On Fri, Jul 15, 2016 at 12:06:22AM +0000, dave@pandora.com wrote:
>I've attached a patch whichrovivides some minimal instructions to enable
>monitoring via cn=config

Thanks for the patch!

I commented on these points in IRC, duplicating here for the record:

Module loading is a generic task, IMO it doesn't make sense to talk 
about in the context of an individual module. Covering how to load each 
module would get repetitive really quickly.

Also, while the LDIF you wrote makes sense, the way of authenticating to 
the config database is local to each site (the -H ldapi:// -Y EXTERNAL 
in your example is to some extent a Debian-ism), so this is another 
thing that I don't really think should be covered when talking about a 
specific module.

Comment 2 Michael Ströder 2016-07-15 06:28:21 UTC
ryan@openldap.org wrote:
> Module loading is a generic task, IMO it doesn't make sense to talk 
> about in the context of an individual module.

This is true.

But there should be a hint that the monitor database must be the last database
backend (order!). Otherwise it does not see all other backends.

Ciao, Michael.


Comment 3 Quanah Gibson-Mount 2017-03-22 15:30:59 UTC
moved from Incoming to Documentation
Comment 4 OpenLDAP project 2017-09-08 21:30:52 UTC
has patch
Comment 5 Quanah Gibson-Mount 2017-09-08 21:30:52 UTC
changed notes
Comment 6 Quanah Gibson-Mount 2020-03-22 23:12:30 UTC
(In reply to Michael Ströder from comment #2)
> ryan@openldap.org wrote:
> > Module loading is a generic task, IMO it doesn't make sense to talk 
> > about in the context of an individual module.
> 
> This is true.
> 
> But there should be a hint that the monitor database must be the last
> database
> backend (order!). Otherwise it does not see all other backends.

That's technically impossible for some setups, so if that's the case then that would be a bug that needs fixing.

For example, in setups that use the null DN as their base, all other backends must appear first, including monitor.  And I never had any problems with this setup (i.e., the null root backend was tracked just fine in cn=monitor, even though monitor came first).
Comment 7 Quanah Gibson-Mount 2020-03-22 23:13:03 UTC
Created attachment 651 [details]
dave-rawks-2016-07-14.patch
Comment 9 Quanah Gibson-Mount 2021-02-25 16:46:51 UTC
Commits: 
  • 14013507 
by Dave Rawks at 2021-02-25T02:55:20+00:00 
ITS#8464 - Update monitoring docs for cn=config