Am Tue, 26 Nov 2013 09:21:51 +0100 schrieb "Ulrich Windl" <[email protected]>:
> >>> Michael Ströder<[email protected]> schrieb am 25.11.2013 um > >>> 18:18 in > Nachricht <[email protected]>: > > ML mail wrote: > >> I would like to monitor connectivity to my OpenLDAP using nagios > >> with its check_ldap script and was wondering which minimal ACL > >> would you recommend for that purpose? > > > > It really depends on what you want to check. > > > > Things which come to mind: > > > > 1. Performance data from cn=monitor > > Can you give an example query filter? I wonder since what version > cn=monitor works reasonably. I have configured it in my "somewhat > older" (TM) openLDAP server, but never could get anything reasonable > out of it. > > There things do not appear in the naming contexts intentionally, > right? ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=backload,cn=threads,cn=monitor -s base "(objectClass=monitoredObject)" monitoredInfo ldapsearch -Y EXTERNAL -H ldapi:/// -b 'cn=operations,cn=monitor' -s sub '(objectClass=monitorOperation)' monitorOpCompleted monitorOpInitiated -Dieter -- Dieter Klünter | Systemberatung http://dkluenter.de GPG Key ID:DA147B05 53°37'09,95"N 10°08'02,42"E
