LDAP monitoring nonstandard port
Hello,
I am running ApacheDS as my internal LDAP on a non standard port. I seem to not be able to monitor that port via Xymon. A tcpdump of the destination server shows Xymon still attempting to monitor port 389 even though I have told my hosts.cfg file to use the port it is listening on.
Does anyone have any clues to this? I am running 4.3.12 on a Linux server.
On Thu, Dec 5, 2013, at 10:56, Ryan Davis wrote:
Hello,
I am running ApacheDS as my internal LDAP on a non standard port. I seem to not be able to monitor that port via Xymon. A tcpdump of the destination server shows Xymon still attempting to monitor port 389 even though I have told my hosts.cfg file to use the port it is listening on.
Does anyone have any clues to this? I am running 4.3.12 on a Linux server.
Can you post the actual syntax you're using in hosts.cfg so we can try to replicate it?
Yes here is the complete line from my hosts.cfg
192.168.1.5 ldapserver # ldaplogin="uid=someid,ou=someou:somepass" ldap://ldapserver:1389/dc=home,dc=lan??sub?(sn=actualuser)
On Thu, Dec 5, 2013 at 2:50 PM, Mark Felder <feld at feld.me> wrote:
On Thu, Dec 5, 2013, at 10:56, Ryan Davis wrote:
Hello,
I am running ApacheDS as my internal LDAP on a non standard port. I seem to not be able to monitor that port via Xymon. A tcpdump of the destination server shows Xymon still attempting to monitor port 389 even though I have told my hosts.cfg file to use the port it is listening on.
Does anyone have any clues to this? I am running 4.3.12 on a Linux server.
Can you post the actual syntax you're using in hosts.cfg so we can try to replicate it?
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
On Thu, Dec 5, 2013, at 10:56, Ryan Davis wrote:
I am running ApacheDS as my internal LDAP on a non standard port. I seem to not be able to monitor that port via Xymon. A tcpdump of the destination server shows Xymon still attempting to monitor port 389 even though I have told my hosts.cfg file to use the port it is listening on.
On 12/6/2013 5:10 AM, Ryan Davis wrote:
Yes here is the complete line from my hosts.cfg
192.168.1.5 ldapserver # ldaplogin="uid=someid,ou=someou:somepass" ldap://ldapserver:1389/dc=home,dc=lan??sub?(sn=actualuser)
I suspect that you are not actually performing the extended ldap test, but are performing the basic test on the port defined in protocols.cfg. One way to confirm this would be to change the definition in procols.cfg and see if the test against 'ldapserver' is then performed on the new port.
The man page for hosts.cfg contains the following line:
This type of LDAP test requires that xymonnet(1) was built with support for LDAP, e.g. via the OpenLDAP library.
If your xymon was not built with OpenLDAP libraries, you will have only the basic ldap test available.
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Enterprise Technology Services Department of Administration State of Alaska
Thanks for the suggestion on the protocols. Tested by changing the port and got it working. So now I'm trying to figure out my configure and Makefile and the configure file finds the OpenLDAP library:
Checking for LDAP ... Compiling with LDAP works OK LBER library not needed Linking with LDAP works OK
Xymonnet report below. xymonnet version 4.3.12 SSL library : OpenSSL 1.0.0 29 Mar 2010 LDAP library: OpenLDAP 20423
So what am I missing here? This is also checking my external LDAP that does run on 389.
On Fri, Dec 6, 2013 at 11:57 AM, John Thurston <john.thurston at alaska.gov>wrote:
On Thu, Dec 5, 2013, at 10:56, Ryan Davis wrote:
I am running ApacheDS as my internal LDAP on a non standard port.
I seem to not be able to monitor that port via Xymon. A tcpdump of the destination server shows Xymon still attempting to monitor port 389 even though I have told my hosts.cfg file to use the port it is listening on.
On 12/6/2013 5:10 AM, Ryan Davis wrote:
Yes here is the complete line from my hosts.cfg
192.168.1.5 ldapserver # ldaplogin="uid=someid,ou=someou:somepass" ldap://ldapserver:1389/dc=home,dc=lan??sub?(sn=actualuser)
I suspect that you are not actually performing the extended ldap test, but are performing the basic test on the port defined in protocols.cfg. One way to confirm this would be to change the definition in procols.cfg and see if the test against 'ldapserver' is then performed on the new port.
The man page for hosts.cfg contains the following line:
This type of LDAP test requires that xymonnet(1) was built with support
for LDAP, e.g. via the OpenLDAP library.
If your xymon was not built with OpenLDAP libraries, you will have only the basic ldap test available.
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Enterprise Technology Services Department of Administration State of Alaska
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
Still looking for an answer to get both ldaps monitored.
On Friday, December 6, 2013, Ryan Davis wrote:
Thanks for the suggestion on the protocols. Tested by changing the port and got it working. So now I'm trying to figure out my configure and Makefile and the configure file finds the OpenLDAP library:
Checking for LDAP ... Compiling with LDAP works OK LBER library not needed Linking with LDAP works OK
Xymonnet report below. xymonnet version 4.3.12 SSL library : OpenSSL 1.0.0 29 Mar 2010 LDAP library: OpenLDAP 20423
So what am I missing here? This is also checking my external LDAP that does run on 389.
On Fri, Dec 6, 2013 at 11:57 AM, John Thurston <john.thurston at alaska.gov<javascript:_e({}, 'cvml', 'john.thurston at alaska.gov');>
wrote:
On Thu, Dec 5, 2013, at 10:56, Ryan Davis wrote:
I am running ApacheDS as my internal LDAP on a non standard port.
I seem to not be able to monitor that port via Xymon. A tcpdump of the destination server shows Xymon still attempting to monitor port 389 even though I have told my hosts.cfg file to use the port it is listening on.
On 12/6/2013 5:10 AM, Ryan Davis wrote:
Yes here is the complete line from my hosts.cfg
192.168.1.5 ldapserver # ldaplogin="uid=someid,ou=someou:somepass" ldap://ldapserver:1389/dc=home,dc=lan??sub?(sn=actualuser)
I suspect that you are not actually performing the extended ldap test, but are performing the basic test on the port defined in protocols.cfg. One way to confirm this would be to change the definition in procols.cfg and see if the test against 'ldapserver' is then performed on the new port.
The man page for hosts.cfg contains the following line:
This type of LDAP test requires that xymonnet(1) was built with support
for LDAP, e.g. via the OpenLDAP library.
If your xymon was not built with OpenLDAP libraries, you will have only the basic ldap test available.
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov <javascript:_e({}, 'cvml', 'John.Thurston at alaska.gov');> Enterprise Technology Services Department of Administration State of Alaska
Xymon mailing list Xymon at xymon.com <javascript:_e({}, 'cvml', 'Xymon at xymon.com');> http://lists.xymon.com/mailman/listinfo/xymon
participants (3)
-
feld@feld.me
-
john.thurston@alaska.gov
-
rdavis542@gmail.com