diff options
Diffstat (limited to 'collectors/python.d.plugin/openldap')
| -rw-r--r-- | collectors/python.d.plugin/openldap/openldap.chart.py | 11 | ||||
| -rw-r--r-- | collectors/python.d.plugin/openldap/openldap.conf | 8 |
2 files changed, 15 insertions, 4 deletions
diff --git a/collectors/python.d.plugin/openldap/openldap.chart.py b/collectors/python.d.plugin/openldap/openldap.chart.py index 768ed01e8..3266ce400 100644 --- a/collectors/python.d.plugin/openldap/openldap.chart.py +++ b/collectors/python.d.plugin/openldap/openldap.chart.py @@ -14,6 +14,8 @@ from bases.FrameworkServices.SimpleService import SimpleService DEFAULT_SERVER = 'localhost' DEFAULT_PORT = '389' +DEFAULT_TLS = False +DEFAULT_CERT_CHECK = True DEFAULT_TIMEOUT = 1 ORDER = [ @@ -139,6 +141,8 @@ class Service(SimpleService): self.username = configuration.get('username') self.password = configuration.get('password') self.timeout = configuration.get('timeout', DEFAULT_TIMEOUT) + self.use_tls = configuration.get('use_tls', DEFAULT_TLS) + self.cert_check = configuration.get('cert_check', DEFAULT_CERT_CHECK) self.alive = False self.conn = None @@ -150,8 +154,13 @@ class Service(SimpleService): def connect(self): try: - self.conn = ldap.initialize('ldap://%s:%s' % (self.server, self.port)) + if self.use_tls: + self.conn = ldap.initialize('ldaps://%s:%s' % (self.server, self.port)) + else: + self.conn = ldap.initialize('ldap://%s:%s' % (self.server, self.port)) self.conn.set_option(ldap.OPT_NETWORK_TIMEOUT, self.timeout) + if self.use_tls and not self.cert_check: + self.conn.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) if self.username and self.password: self.conn.simple_bind(self.username, self.password) except ldap.LDAPError as error: diff --git a/collectors/python.d.plugin/openldap/openldap.conf b/collectors/python.d.plugin/openldap/openldap.conf index 6182b3ee2..73e8636ed 100644 --- a/collectors/python.d.plugin/openldap/openldap.conf +++ b/collectors/python.d.plugin/openldap/openldap.conf @@ -67,6 +67,8 @@ update_every: 10 #username : "cn=admin,dc=example,dc=com" # The bind user with right to access monitor statistics #password : "yourpass" # The password for the binded user -#server : 'localhost' # The listening address of the LDAP server -#port : 389 # The listening port of the LDAP server -#timeout : 1 # Seconds to timeout if no connection exists
\ No newline at end of file +#server : 'localhost' # The listening address of the LDAP server. In case of TLS, use the hostname which the certificate is published for. +#port : 389 # The listening port of the LDAP server. Change to 636 port in case of TLS connection +#use_tls : False # Make True if a TLS connection is used +#cert_check : True # False if you want to ignore certificate check +#timeout : 1 # Seconds to timeout if no connection exi |