Smokeping_probes_LDAP(3) | SmokePing | Smokeping_probes_LDAP(3) |
Smokeping::probes::LDAP - a LDAP probe for SmokePing
Measures LDAP search latency for SmokePing
*** Probes *** +LDAP forks = 5 offset = 50% passwordfile = /some/place/secret step = 300 # The following variables can be overridden in each target section attrs = uid,someotherattr base = dc=foo,dc=bar binddn = uid=testuser,dc=foo,dc=bar filter = uid=testuser # mandatory mininterval = 1 password = mypass pings = 5 port = 389 scheme = ldap scope = one start_tls = 1 timeout = 10 verify = optional version = 3 # [...] *** Targets *** probe = LDAP # if this should be the default probe # [...] + mytarget # probe = LDAP # if the default probe is something else host = my.host attrs = uid,someotherattr base = dc=foo,dc=bar binddn = uid=testuser,dc=foo,dc=bar filter = uid=testuser # mandatory mininterval = 1 password = mypass pings = 5 port = 389 scheme = ldap scope = one start_tls = 1 timeout = 10 verify = optional version = 3
This probe measures LDAP query latency for SmokePing. The query is specified by the target-specific variable `filter' and, optionally, by the target-specific variable `base'. The attributes queried can be specified in the comma-separated list `attrs'.
The TCP port of the LDAP server and the LDAP version to be used can be specified by the variables `port' and `version'.
The probe can issue the starttls command to convert the connection into encrypted mode, if so instructed by the `start_tls' variable. This requires the 'IO::Socket::SSL' perl module to be installed.
The probe can also optionally do an authenticated LDAP bind, if the `binddn' variable is present. The password to be used can be specified by the target-specific variable `password' or in an external file. The location of this file is given in the probe-specific variable `passwordfile'. See Smokeping::probes::passwordchecker(3pm) for the format of this file (summary: colon-separated triplets of the form `<host>:<bind-dn>:<password>')
The probe tries to be nice to the server and does not send authentication requests more frequently than once every X seconds, where X is the value of the target-specific "min_interval" variable (1 by default).
Supported probe-specific variables:
Example value: 5
Default value: 5
Example value: 50%
Example value: /some/place/secret
Example value: 300
Supported target-specific variables:
Example value: uid,someotherattr
Example value: dc=foo,dc=bar
Example value: uid=testuser,dc=foo,dc=bar
Example value: uid=testuser
This setting is mandatory.
Default value: 1
Example value: mypass
Example value: 5
Example value: 389
Example value: ldap
Default value: ldap
Example value: one
Default value: sub
Example value: 1
Example value: 10
Default value: 5
Example value: optional
Default value: require
Example value: 3
Niko Tyni <ntyni@iki.fi>
There should be a way of specifying TLS options, such as the certificates involved etc.
The probe has an ugly way of working around the fact that the IO::Socket::SSL class complains if start_tls() is done more than once in the same program. But It Works For Me (tm).
2019-02-24 | 2.7.3 |