[Date Prev][Date Next]
Antwort: Re: openldap health monitoring [Virus checked]
>I'll note that all of your 3 problems were caused by you using MIT Kerberos
>instead of Heimdal. Stanford has been using OpenLDAP in production for
I presume you are right. However:
1) Buchan has built the sasl & co against Heimdal for me, but I'm still having problems. It's better now, but I can still kill the server if I try hard enough. Probably good enough for the "real life", but...
(Possibly these packs aren't well done, or something is still missing, and this will solve itself on a few days.)
2) Even if the problem is solved, I would still prefer to have some script watching over it. That's what scripts are for. :-)
>Have a remote process that queries the server (from Nagios), that pages us
>if slapd stops responding.
This was the one that actually bothered me, because I wasn't sure how to assure that query returns (either result or failure) in reasonable time. In the meantime, I looked at perl::Net::LDAP, and saw that one can define the timeout there. Good enough 4 me.
>Have a local process that checks the resident and virtual sizes of slapd,
>and page us if they are exceed our boundries.
yes, this one is rather simple.
>Have a local process that checks every 5 minutes to see if slapd is
>running. It will page the sys admins and restart slapd if it is not
even simpler, I know.
> Thankfully, none of these ever gets used, but it makes management happy.
Any other stuff worth watching, i.e. likely to go wrong?