[Date Prev][Date Next] [Chronological] [Thread] [Top]

Antw: Re: Recommended ACL for nagios monitoring

>>> Michael StrÃder<michael@stroeder.com> schrieb am 25.11.2013 um 18:18 in
Nachricht <52938656.3000806@stroeder.com>:
> ML mail wrote:
>> I would like to monitor connectivity to my OpenLDAP using nagios with its
>> check_ldap script and was wondering which minimal ACL would you recommend
>> for that purpose?
> It really depends on what you want to check.
> Things which come to mind:
> 1. Performance data from cn=monitor

Can you give an example query filter? I wonder since what version cn=monitor
works reasonably. I have configured it in my "somewhat older" (TM) openLDAP
server, but never could get anything reasonable out of it.

There things do not appear in the naming contexts intentionally, right?


> 2. Count entries in your databases with noop-search control (does not scale
> for many entries)
> 3. Read syncrepl topology from cn=config to automatigally check connection 
> to
> the replicas found therein and compare contextCSN values in DB suffixes.
> Ciao, Michael.