3
Smokeping::probes::LDAP - a LDAP probe for SmokePing
7
Measures LDAP search latency for SmokePing
17
passwordfile = /some/place/secret
20
# The following variables can be overridden in each target section
21
attrs = uid,someotherattr
23
binddn = uid=testuser,dc=foo,dc=bar
24
filter = uid=testuser # mandatory
38
probe = LDAP # if this should be the default probe
43
# probe = LDAP # if the default probe is something else
45
attrs = uid,someotherattr
47
binddn = uid=testuser,dc=foo,dc=bar
48
filter = uid=testuser # mandatory
60
This probe measures LDAP query latency for SmokePing.
61
The query is specified by the target-specific variable `filter' and,
62
optionally, by the target-specific variable `base'. The attributes
63
queried can be specified in the comma-separated list `attrs'.
65
The TCP port of the LDAP server and the LDAP version to be used can
66
be specified by the variables `port' and `version'.
68
The probe can issue the starttls command to convert the connection
69
into encrypted mode, if so instructed by the `start_tls' variable.
70
This requires the 'IO::Socket::SSL' perl module to be installed.
72
The probe can also optionally do an authenticated LDAP bind, if the `binddn'
73
variable is present. The password to be used can be specified by the
74
target-specific variable `password' or in an external file.
75
The location of this file is given in the probe-specific variable
76
`passwordfile'. See Smokeping::probes::passwordchecker(3pm) for the format
77
of this file (summary: colon-separated triplets of the form
78
`<host>:<bind-dn>:<password>')
80
The probe tries to be nice to the server and does not send authentication
81
requests more frequently than once every X seconds, where X is the value
82
of the target-specific "min_interval" variable (1 by default).
86
Supported probe-specific variables:
92
Run this many concurrent processes at maximum
100
If you run many probes concurrently you may want to prevent them from
101
hitting your network all at the same time. Using the probe-specific
102
offset parameter you can change the point in time when each probe will
103
be run. Offset is specified in % of total interval, or alternatively as
104
'random', and the offset from the 'General' section is used if nothing
105
is specified here. Note that this does NOT influence the rrds itself,
106
it is just a matter of when data acqusition is initiated.
107
(This variable is only applicable if the variable 'concurrentprobes' is set
108
in the 'General' section.)
114
Location of the file containing usernames and passwords.
116
Example value: /some/place/secret
120
Duration of the base interval that this probe should use, if different
121
from the one specified in the 'Database' section. Note that the step in
122
the RRD files is fixed when they are originally generated, and if you
123
change the step parameter afterwards, you'll have to delete the old RRD
124
files or somehow convert them. (This variable is only applicable if
125
the variable 'concurrentprobes' is set in the 'General' section.)
131
Supported target-specific variables:
137
The attributes queried.
139
Example value: uid,someotherattr
143
The base to be used in the LDAP query
145
Example value: dc=foo,dc=bar
149
If present, authenticate the LDAP bind with this DN.
151
Example value: uid=testuser,dc=foo,dc=bar
155
The actual search to be made
157
Example value: uid=testuser
159
This setting is mandatory.
163
The minimum interval between each query sent, in (possibly fractional) second
170
The password to be used, if not present in <passwordfile>.
172
Example value: mypass
176
How many pings should be sent to each target, if different from the global
177
value specified in the Database section. Note that the number of pings in
178
the RRD files is fixed when they are originally generated, and if you
179
change this parameter afterwards, you'll have to delete the old RRD
180
files or somehow convert them.
186
TCP port of the LDAP server
192
The scope of the query. Can be either 'base', 'one' or 'sub'. See the Net::LDAP documentation for details.
200
If true, encrypt the connection with the starttls command. Disabled by default.
206
LDAP query timeout in seconds.
214
The LDAP version to be used.
223
Niko Tyni <ntyni@iki.fi>
227
There should be a way of specifying TLS options, such as the certificates
230
The probe has an ugly way of working around the fact that the
231
IO::Socket::SSL class complains if start_tls() is done more than once
232
in the same program. But It Works For Me (tm).
b'\\ No newline at end of file'