LdapMonitor
Subscribe

From OpenNMS

Jump to: navigation, search

The LdapMonitor enables OpenNMS to monitor the ability of an LDAP server to answer an LDAP query, and to report on the latency involved in query processing.

The capsd configuration and poller configuration in the OPENNMS_HOME/etc/examples directory include an example of using the LdapPlugin to discover and monitor LDAP servers. Note that the poller configuration piece of this is unlikely to work in any environment, since it specifies bogus query and bind parameters.

Configuration

To configure discovery of LDAP services, you need to edit the $OPENNMS_HOME/etc/capsd-configuration.xml file and add a protocol-plugin definition. An example appears in the etc/examples directory. 

   <protocol-plugin protocol="LDAP" class-name="org.opennms.netmgt.capsd.plugins.LdapPlugin" scan="on" user-defined="false">
       <property key="timeout" value="2000" />
       <property key="retry" value="1" />
       <property key="port" value="389" />
   </protocol-plugin>

In order to poll discovered LDAP service, you must also edit the OPENNMS_HOME/etc/poller-configuration.xml file and add both a service (in one or more poller packages) and a monitor (at the bottom of the file). Here is the service definition from the example configuration files of OpenNMS 1.3.10: 

   <service name="LDAP" interval="300000" user-defined="false" status="on">
       <parameter key="port" value="389"/>
       <parameter key="version" value="3"/>
       <parameter key="searchbase" value="DC=example,DC=org,OU=users"/>
       <parameter key="searchfilter" value="CN=testuser"/>
       <parameter key="dn" value="DC=example,DC=org,OU=users,CN=opennms"/>
       <parameter key="password" value="passwordforopennmsuser"/>
       <parameter key="retry" value="2"/>
       <parameter key="timeout" value="3000"/>
   </service>

And here is the corresponding monitor definition, which tells the poller daemon which class to use to poll this service: 

   	<monitor service="LDAP" class-name="org.opennms.netmgt.poller.monitors.LdapMonitor"/>

Service Parameters

Like all monitors, the service tag can take a number of parameters:

name
the name of the service in OpenNMS, this must be the same as the service name specified in capsd-configuration.xml.
interval
how often (in milliseconds) to perform a poll using this monitor
user-defined
whether or not this service is user-defined, used primarily in the UI
status
whether or not the monitor is enabled

Monitor-Specific Parameters

LdapMonitor also takes the following monitor-specific parameters:

port
the port on which to connect to the LDAP server (default: 389)
version
the version of the LDAP protocol to use (default: 3)
searchbase
the search base to use for the test LDAP query (default: "base")
searchfilter
the search filter to use for the test LDAP query (default: "(objectclass=*)")
dn
the LDAP DN with which to attempt to bind for the test query (default: do not attempt to bind)
password
the password used in combination with the value of dn to bind for the test query (default: do not attempt to bind)

Note On Microsoft LDAP: For the DN in windows keep the standard windows formatting of Bottom to Top, i.e. cn=,ou=,dc= etc...

Retrieved from "http://www.opennms.org/wiki/LdapMonitor"