LDAP monitoring nonstandard port
list Ryan Davis
Hello, I am running ApacheDS as my internal LDAP on a non standard port. I seem to not be able to monitor that port via Xymon. A tcpdump of the destination server shows Xymon still attempting to monitor port 389 even though I have told my hosts.cfg file to use the port it is listening on. Does anyone have any clues to this? I am running 4.3.12 on a Linux server.
list Mark Felder
▸
On Thu, Dec 5, 2013, at 10:56, Ryan Davis wrote:
Hello, I am running ApacheDS as my internal LDAP on a non standard port. I seem to not be able to monitor that port via Xymon. A tcpdump of the destination server shows Xymon still attempting to monitor port 389 even though I have told my hosts.cfg file to use the port it is listening on. Does anyone have any clues to this? I am running 4.3.12 on a Linux server.
Can you post the actual syntax you're using in hosts.cfg so we can try to replicate it?
list Ryan Davis
Yes here is the complete line from my hosts.cfg 192.168.1.5 ldapserver # ldaplogin="uid=someid,ou=someou:somepass" ldap://ldapserver:1389/dc=home,dc=lan??sub?(sn=actualuser)
▸
On Thu, Dec 5, 2013 at 2:50 PM, Mark Felder <user-db141d317836@xymon.invalid> wrote:
On Thu, Dec 5, 2013, at 10:56, Ryan Davis wrote:Hello, I am running ApacheDS as my internal LDAP on a non standard port. I seem to not be able to monitor that port via Xymon. A tcpdump of the destination server shows Xymon still attempting to monitor port 389 even though I have told my hosts.cfg file to use the port it is listening on. Does anyone have any clues to this? I am running 4.3.12 on a Linux server.Can you post the actual syntax you're using in hosts.cfg so we can try to replicate it?
list John Thurston
▸
On Thu, Dec 5, 2013, at 10:56, Ryan Davis wrote:I am running ApacheDS as my internal LDAP on a non standard port. I seem to not be able to monitor that port via Xymon. A tcpdump of the destination server shows Xymon still attempting to monitor port 389 even though I have told my hosts.cfg file to use the port it is listening on.
On 12/6/2013 5:10 AM, Ryan Davis wrote:
Yes here is the complete line from my hosts.cfg 192.168.1.5 ldapserver # ldaplogin="uid=someid,ou=someou:somepass" ldap://ldapserver:1389/dc=home,dc=lan??sub?(sn=actualuser)
I suspect that you are not actually performing the extended ldap test, but are performing the basic test on the port defined in protocols.cfg. One way to confirm this would be to change the definition in procols.cfg and see if the test against 'ldapserver' is then performed on the new port. The man page for hosts.cfg contains the following line:
This type of LDAP test requires that xymonnet(1) was built with support for LDAP, e.g. via the OpenLDAP library.
If your xymon was not built with OpenLDAP libraries, you will have only
the basic ldap test available.
--
Do things because you should, not just because you can.
John Thurston XXX-XXX-XXXX
user-ce4d79d99bab@xymon.invalid
Enterprise Technology Services
Department of Administration
State of Alaska
list Ryan Davis
Thanks for the suggestion on the protocols. Tested by changing the port and got it working. So now I'm trying to figure out my configure and Makefile and the configure file finds the OpenLDAP library: Checking for LDAP ... Compiling with LDAP works OK LBER library not needed Linking with LDAP works OK Xymonnet report below. xymonnet version 4.3.12 SSL library : OpenSSL 1.0.0 29 Mar 2010 LDAP library: OpenLDAP 20423 So what am I missing here? This is also checking my external LDAP that does run on 389.
▸
On Fri, Dec 6, 2013 at 11:57 AM, John Thurston <user-ce4d79d99bab@xymon.invalid>wrote:
On Thu, Dec 5, 2013, at 10:56, Ryan Davis wrote:I am running ApacheDS as my internal LDAP on a non standard port.I seem to not be able to monitor that port via Xymon. A tcpdump of the destination server shows Xymon still attempting to monitor port 389 even though I have told my hosts.cfg file to use the port it is listening on.On 12/6/2013 5:10 AM, Ryan Davis wrote:Yes here is the complete line from my hosts.cfg 192.168.1.5 ldapserver # ldaplogin="uid=someid,ou=someou:somepass" ldap://ldapserver:1389/dc=home,dc=lan??sub?(sn=actualuser)I suspect that you are not actually performing the extended ldap test, but are performing the basic test on the port defined in protocols.cfg. One way to confirm this would be to change the definition in procols.cfg and see if the test against 'ldapserver' is then performed on the new port. The man page for hosts.cfg contains the following line:This type of LDAP test requires that xymonnet(1) was built with supportfor LDAP, e.g. via the OpenLDAP library.If your xymon was not built with OpenLDAP libraries, you will have only the basic ldap test available. -- Do things because you should, not just because you can. John Thurston XXX-XXX-XXXX user-ce4d79d99bab@xymon.invalid Enterprise Technology Services Department of Administration State of Alaska
list Ryan Davis
Still looking for an answer to get both ldaps monitored.
▸
On Friday, December 6, 2013, Ryan Davis wrote:
Thanks for the suggestion on the protocols. Tested by changing the port and got it working. So now I'm trying to figure out my configure and Makefile and the configure file finds the OpenLDAP library: Checking for LDAP ... Compiling with LDAP works OK LBER library not needed Linking with LDAP works OK Xymonnet report below. xymonnet version 4.3.12 SSL library : OpenSSL 1.0.0 29 Mar 2010 LDAP library: OpenLDAP 20423 So what am I missing here? This is also checking my external LDAP that does run on 389.
On Fri, Dec 6, 2013 at 11:57 AM, John Thurston <user-ce4d79d99bab@xymon.invalid<javascript:_e({}, 'cvml', 'user-ce4d79d99bab@xymon.invalid');>▸
wrote:On Thu, Dec 5, 2013, at 10:56, Ryan Davis wrote:I am running ApacheDS as my internal LDAP on a non standard port.I seem to not be able to monitor that port via Xymon. A tcpdump of the destination server shows Xymon still attempting to monitor port 389 even though I have told my hosts.cfg file to use the port it is listening on.On 12/6/2013 5:10 AM, Ryan Davis wrote:Yes here is the complete line from my hosts.cfg 192.168.1.5 ldapserver # ldaplogin="uid=someid,ou=someou:somepass" ldap://ldapserver:1389/dc=home,dc=lan??sub?(sn=actualuser)I suspect that you are not actually performing the extended ldap test, but are performing the basic test on the port defined in protocols.cfg. One way to confirm this would be to change the definition in procols.cfg and see if the test against 'ldapserver' is then performed on the new port. The man page for hosts.cfg contains the following line:This type of LDAP test requires that xymonnet(1) was built with supportfor LDAP, e.g. via the OpenLDAP library.If your xymon was not built with OpenLDAP libraries, you will have only the basic ldap test available. -- Do things because you should, not just because you can. John Thurston XXX-XXX-XXXX
user-ce4d79d99bab@xymon.invalid <javascript:_e({}, 'cvml', 'user-ce4d79d99bab@xymon.invalid');> Enterprise Technology Services Department of Administration State of Alaska