man Smokeping::probes::LDAP (Fonctions bibliothèques) - a LDAP probe for SmokePing

NAME

Smokeping::probes::LDAP - a LDAP probe for SmokePing

OVERVIEW

Measures LDAP search latency for SmokePing

SYNOPSIS

 *** Probes ***

 +LDAP

 forks = 5
 offset = 50%
 passwordfile = /some/place/secret
 step = 300

 # The following variables can be overridden in each target section
 attrs = uid,someotherattr
 base = dc=foo,dc=bar
 binddn = uid=testuser,dc=foo,dc=bar
 filter = uid=testuser # mandatory
 mininterval = 1
 password = mypass
 pings = 5
 port = 389
 scope = one
 start_tls = 1
 timeout = 10
 version = 3

 # [...]

 *** Targets ***

 probe = LDAP # if this should be the default probe

 # [...]

 + mytarget
 # probe = LDAP # if the default probe is something else
 host = my.host
 attrs = uid,someotherattr
 base = dc=foo,dc=bar
 binddn = uid=testuser,dc=foo,dc=bar
 filter = uid=testuser # mandatory
 mininterval = 1
 password = mypass
 pings = 5
 port = 389
 scope = one
 start_tls = 1
 timeout = 10
 version = 3

DESCRIPTION

This probe measures LDAP query latency for SmokePing. The query is specified by the target-specific variable `filter' and, optionally, by the target-specific variable `base'. The attributes queried can be specified in the comma-separated list `attrs'.

The TCP port of the LDAP server and the LDAP version to be used can be specified by the variables `port' and `version'.

The probe can issue the starttls command to convert the connection into encrypted mode, if so instructed by the `start_tls' variable. This requires the 'IO::Socket::SSL' perl module to be installed.

The probe can also optionally do an authenticated LDAP bind, if the `binddn' variable is present. The password to be used can be specified by the target-specific variable `password' or in an external file. The location of this file is given in the probe-specific variable `passwordfile'. See Smokeping::probes::passwordchecker(3 pm) for the format of this file (summary: colon-separated triplets of the form `<host>:<bind-dn>:<password>')

The probe tries to be nice to the server and does not send authentication requests more frequently than once every X seconds, where X is the value of the target-specific min_interval variable (1 by default).

VARIABLES

Supported probe-specific variables:

forks: Run this many concurrent processes at maximum Example value: 5 Default value: 5
offset: If you run many probes concurrently you may want to prevent them from hitting your network all at the same time. Using the probe-specific offset parameter you can change the point in time when each probe will be run. Offset is specified in % of total interval, or alternatively as 'random', and the offset from the 'General' section is used if nothing is specified here. Note that this does NOT influence the rrds itself, it is just a matter of when data acqusition is initiated. (This variable is only applicable if the variable 'concurrentprobes' is set in the 'General' section.) Example value: 50%
passwordfile: Location of the file containing usernames and passwords. Example value: /some/place/secret
step: Duration of the base interval that this probe should use, if different from the one specified in the 'Database' section. Note that the step in the RRD files is fixed when they are originally generated, and if you change the step parameter afterwards, you'll have to delete the old RRD files or somehow convert them. (This variable is only applicable if the variable 'concurrentprobes' is set in the 'General' section.) Example value: 300

Supported target-specific variables:

attrs: The attributes queried. Example value: uid,someotherattr
base: The base to be used in the LDAP query Example value: dc=foo,dc=bar
binddn: If present, authenticate the LDAP bind with this DN. Example value: uid=testuser,dc=foo,dc=bar
filter: The actual search to be made Example value: uid=testuser This setting is mandatory.
mininterval: The minimum interval between each query sent, in (possibly fractional) second s. Default value: 1
password: The password to be used, if not present in <passwordfile>. Example value: mypass
pings: How many pings should be sent to each target, if different from the global value specified in the Database section. Note that the number of pings in the RRD files is fixed when they are originally generated, and if you change this parameter afterwards, you'll have to delete the old RRD files or somehow convert them. Example value: 5
port: TCP port of the LDAP server Example value: 389
scope: The scope of the query. Can be either 'base', 'one' or 'sub'. See the Net::LDAP documentation for details. Example value: one Default value: sub
start_tls: If true, encrypt the connection with the starttls command. Disabled by default. Example value: 1
timeout: LDAP query timeout in seconds. Example value: 10 Default value: 5
version: The LDAP version to be used. Example value: 3

AUTHORS

Niko Tyni <ntyni@iki.fi>

BUGS

There should be a way of specifying TLS options, such as the certificates involved etc.

The probe has an ugly way of working around the fact that the IO::Socket::SSL class complains if start_tls() is done more than once in the same program. But It Works For Me (tm).

Sections du manuel

Commandes
Appels systèmes
Fonctions bibliothèques
- posix
- o
- ssl
- fun
- cc
- bind
- ncurses
- form
- menu
- curses
- erl
- perl
- tiff
- tcl
- iv
- iwidgets
- nas
- debug
- gdbm
- ggi
- ruby
- abz
- alleg
- ber
- caca
- el
- gle
- snmp
- ncp
- ossp
- diet
- m17n
- f
- plplot
- pub
- PVM
- rtl
- tclrl
- tclx
- tk
- WN
- blt
- readline
- pm
Fichiers spéciaux
Formats
Jeux
Conventions
Administration système
Fonctions noyau
Nouveau

cd ~tigrou/pwet.fr/man/linux/Fonctions bibliothèques/Smokeping::probes::LDAP