LdapMonitor
The LDAP monitor tests for LDAP service availability. The LDAP monitor first tries to establish a TCP connection on the specified port. If it succeeds, it attempts to establish an LDAP connection and do a simple search. If the search returns a result within the specified timeout and attempts, the service will be considered available. The scope of the LDAP search is limited to the immediate subordinates of the base object. The LDAP search is anonymous by default. The LDAP monitor uses the com.novell.ldap.LDAPConnection class, and supports most LDAP-compatible directory systems, including Active Directory.
Configuration and use
Parameter | Description | Default value |
---|---|---|
dn {} |
The distinguished name to use if authenticated search is needed. |
n/a |
password {} |
The password to use if authenticated search is needed. |
n/a |
port |
The destination port to attempt connection at. |
389 |
retry |
Number of attempts to get a search result. |
1 |
searchbase |
The base distinguished name to search from. |
base |
searchfilter |
The LDAP search’s filter. |
(objectclass=*) |
version |
The version of the LDAP protocol to use, specified as an integer. |
3 |
{} indicates the parameter supports placeholder substitution.
This monitor implements the Common Configuration Parameters.
Examples
Example uses CentOS/RHEL path name.
For Debian/Ubuntu, use /var/lib/opennms/rrd/response
.
<!-- OpenNMS.org -->
<service name="LDAP" interval="300000" user-defined="false" status="on">
<parameter key="port" value="389"/>
<parameter key="version" value="3"/>
<parameter key="searchbase" value="dc=opennms,dc=org"/>
<parameter key="searchfilter" value="uid=ulf"/>
<parameter key="retry" value="2"/>
<parameter key="timeout" value="3000"/>
<parameter key="rrd-repository" value="/opt/opennms/share/rrd/response"/>
<parameter key="rrd-base-name" value="ldap"/>
<parameter key="ds-name" value="ldap"/>
</service>
<monitor service="LDAP" class-name="org.opennms.netmgt.poller.monitors.LdapMonitor"/>