[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Recommended ACL for nagios monitoring
Am Tue, 26 Nov 2013 09:21:51 +0100
schrieb "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>:
> >>> Michael StrÃder<michael@stroeder.com> schrieb am 25.11.2013 um
> >>> 18:18 in
> Nachricht <52938656.3000806@stroeder.com>:
> > ML mail wrote:
> >> I would like to monitor connectivity to my OpenLDAP using nagios
> >> with its check_ldap script and was wondering which minimal ACL
> >> would you recommend for that purpose?
> >
> > It really depends on what you want to check.
> >
> > Things which come to mind:
> >
> > 1. Performance data from cn=monitor
>
> Can you give an example query filter? I wonder since what version
> cn=monitor works reasonably. I have configured it in my "somewhat
> older" (TM) openLDAP server, but never could get anything reasonable
> out of it.
>
> There things do not appear in the naming contexts intentionally,
> right?
ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=backload,cn=threads,cn=monitor
-s base "(objectClass=monitoredObject)" monitoredInfo
ldapsearch -Y EXTERNAL -H ldapi:/// -b 'cn=operations,cn=monitor'
-s sub '(objectClass=monitorOperation)' monitorOpCompleted
monitorOpInitiated
-Dieter
--
Dieter KlÃnter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53Â37'09,95"N
10Â08'02,42"E