From 2e85f9325a797977eea9dfea0a925775ddd211d9 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Feb 2021 12:49:00 +0100 Subject: Merging upstream version 1.29.0. Signed-off-by: Daniel Baumann --- collectors/python.d.plugin/openldap/README.md | 20 ++++++++++++++--- .../python.d.plugin/openldap/openldap.chart.py | 25 ++++++++++++++-------- collectors/python.d.plugin/openldap/openldap.conf | 15 +++++++------ 3 files changed, 41 insertions(+), 19 deletions(-) (limited to 'collectors/python.d.plugin/openldap') diff --git a/collectors/python.d.plugin/openldap/README.md b/collectors/python.d.plugin/openldap/README.md index f1f9de581..4942d0f39 100644 --- a/collectors/python.d.plugin/openldap/README.md +++ b/collectors/python.d.plugin/openldap/README.md @@ -1,6 +1,12 @@ -# openldap + -This module provides statistics information from openldap (slapd) server. +# OpenLDAP monitoring with Netdata + +Provides statistics information from openldap (slapd) server. Statistics are taken from LDAP monitoring interface. Manual page, slapd-monitor(5) is available. **Requirement:** @@ -47,7 +53,15 @@ Statistics are taken from LDAP monitoring interface. Manual page, slapd-monitor( - read - write -### configuration +## Configuration + +Edit the `python.d/openldap.conf` configuration file using `edit-config` from the Netdata [config +directory](/docs/configure/nodes.md), which is typically at `/etc/netdata`. + +```bash +cd /etc/netdata # Replace this path with your Netdata config directory, if different +sudo ./edit-config python.d/openldap.conf +``` Sample: diff --git a/collectors/python.d.plugin/openldap/openldap.chart.py b/collectors/python.d.plugin/openldap/openldap.chart.py index 3266ce400..aba143954 100644 --- a/collectors/python.d.plugin/openldap/openldap.chart.py +++ b/collectors/python.d.plugin/openldap/openldap.chart.py @@ -5,18 +5,19 @@ try: import ldap + HAS_LDAP = True except ImportError: HAS_LDAP = False from bases.FrameworkServices.SimpleService import SimpleService - DEFAULT_SERVER = 'localhost' DEFAULT_PORT = '389' DEFAULT_TLS = False DEFAULT_CERT_CHECK = True DEFAULT_TIMEOUT = 1 +DEFAULT_START_TLS = False ORDER = [ 'total_connections', @@ -49,7 +50,7 @@ CHARTS = { ] }, 'referrals_sent': { - 'options': [None, 'Referrals', 'referals/s', 'ldap', 'openldap.referrals', 'line'], + 'options': [None, 'Referrals', 'referrals/s', 'ldap', 'openldap.referrals', 'line'], 'lines': [ ['referrals_sent', 'sent', 'incremental'] ] @@ -110,7 +111,7 @@ SEARCH_LIST = { 'add_operations': ( 'cn=Add,cn=Operations,cn=Monitor', 'monitorOpInitiated', ), - 'delete_operations': ( + 'delete_operations': ( 'cn=Delete,cn=Operations,cn=Monitor', 'monitorOpCompleted', ), 'modify_operations': ( @@ -143,6 +144,7 @@ class Service(SimpleService): self.timeout = configuration.get('timeout', DEFAULT_TIMEOUT) self.use_tls = configuration.get('use_tls', DEFAULT_TLS) self.cert_check = configuration.get('cert_check', DEFAULT_CERT_CHECK) + self.use_start_tls = configuration.get('use_start_tls', DEFAULT_START_TLS) self.alive = False self.conn = None @@ -159,8 +161,13 @@ class Service(SimpleService): else: self.conn = ldap.initialize('ldap://%s:%s' % (self.server, self.port)) self.conn.set_option(ldap.OPT_NETWORK_TIMEOUT, self.timeout) - if self.use_tls and not self.cert_check: + if (self.use_tls or self.use_start_tls) and not self.cert_check: self.conn.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) + if self.use_start_tls or self.use_tls: + self.conn.set_option(ldap.OPT_X_TLS_NEWCTX, 0) + if self.use_start_tls: + self.conn.protocol_version = ldap.VERSION3 + self.conn.start_tls_s() if self.username and self.password: self.conn.simple_bind(self.username, self.password) except ldap.LDAPError as error: @@ -193,17 +200,17 @@ class Service(SimpleService): num = self.conn.search(dn, ldap.SCOPE_BASE, 'objectClass=*', [attr, ]) result_type, result_data = self.conn.result(num, 1) except ldap.LDAPError as error: - self.error("Empty result. Check bind username/password. Message: ",error) + self.error("Empty result. Check bind username/password. Message: ", error) self.alive = False return None + if result_type != 101: + continue + try: - if result_type == 101: - val = int(result_data[0][1].values()[0][0]) + data[key] = int(list(result_data[0][1].values())[0][0]) except (ValueError, IndexError) as error: self.debug(error) continue - data[key] = val - return data diff --git a/collectors/python.d.plugin/openldap/openldap.conf b/collectors/python.d.plugin/openldap/openldap.conf index 73e8636ed..5fd99a525 100644 --- a/collectors/python.d.plugin/openldap/openldap.conf +++ b/collectors/python.d.plugin/openldap/openldap.conf @@ -65,10 +65,11 @@ update_every: 10 # Set here your LDAP connection settings -#username : "cn=admin,dc=example,dc=com" # The bind user with right to access monitor statistics -#password : "yourpass" # The password for the binded user -#server : 'localhost' # The listening address of the LDAP server. In case of TLS, use the hostname which the certificate is published for. -#port : 389 # The listening port of the LDAP server. Change to 636 port in case of TLS connection -#use_tls : False # Make True if a TLS connection is used -#cert_check : True # False if you want to ignore certificate check -#timeout : 1 # Seconds to timeout if no connection exi +#username : "cn=admin,dc=example,dc=com" # The bind user with right to access monitor statistics +#password : "yourpass" # The password for the binded user +#server : 'localhost' # The listening address of the LDAP server. In case of TLS, use the hostname which the certificate is published for. +#port : 389 # The listening port of the LDAP server. Change to 636 port in case of TLS connection +#use_tls : False # Make True if a TLS connection is used over ldaps:// +#use_start_tls: False # Make True if a TLS connection is used over ldap:// +#cert_check : True # False if you want to ignore certificate check +#timeout : 1 # Seconds to timeout if no connection exi -- cgit v1.2.3