OpenLDAP/Monitoring OpenLDAP

From Debuntu

Jump to: navigation, search

done under Debian Lenny

In order to enable OpenLDAP to monitor its activity you will need to make use of the monitor module.

Slapd.conf

To do so, edit /etc/ldap/slapd.conf and add the following next to the other module directives: 

#monitoring stuff
moduleload      back_monitor

Then, at the end of the file add: 

database monitor

access to *
        by peername.ip=127.0.0.1        read
        by * none

This will give read access to connections coming from the local machine and nothing to other. you might want to adjust this to your own policy.

Restart Openldap 

# /etc/init.d/slapd restart

troubleshooting

Finally, you can check it works by querying: 

# ldapsearch -x -b "cn=Monitor" -H ldap://127.0.0.1
...
...
# search result
search: 2
result: 0 Success

# numResponses: 64
# numEntries: 63
Retrieved from "http://wiki.debuntu.org/wiki/OpenLDAP/Monitoring_OpenLDAP"
Personal tools
Namespaces
Variants
Actions
Navigation
Toolbox
Google AdSense