/usr/lib/mon/mon.d/ldap.monitor is in mon 1.2.0-9.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 | #!/usr/bin/perl
#
# This script will search an LDAP server for objects that match the -filter
# option, starting at the DN given by the -basedn option. Each DN found must
# contain the attribute given by the -attribute option and the attribute's
# value must match the value given by the -value option. Servers are given on
# the command line. At least one server must be specified.
# This script use the Net::LDAP, which uses some LDAP libraries like those
# from UMich, Netscape, or ISODE.
#
# Porting to LDAP (from LDAPapi) by Thomas Quinot <thomas@cuivre.fr.eu.org>,
# 1999-09-20.
# Copyright (C) 1998, David Eckelkamp <davide@tradewave.com>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
#
# $Id: ldap.monitor,v 1.1.1.1 2004/06/09 05:18:04 trockij Exp $
#
use Net::LDAP;
use Getopt::Long;
# Here are the default values for the things you can specify via options
$LDAPPort = 389;
$BaseDN = "o=Your Org, c=US";
$Filter = "cn=Directory Admin";
$Attribute = "objectClass";
$Value = "YourValue";
$verbose = 0;
@errs = ();
%OptVars = ("port" => \$LDAPPort,
"basedn" => \$BaseDN,
"filter" => \$Filter,
"attribute" => \$Attribute,
"value" => \$Value,
"verbose" => \$verbose);
if (!GetOptions(\%OptVars,
"port=i", "basedn=s", "filter=s",
"attribute=s", "value=s", "verbose")) {
print "Problems with Options, sorry.\n";
exit 1;
}
# There has to be at least one argument left, the ldap server to query.
if ($#ARGV < 0) {
print "$0: Insufficient arguments. There must be at least 1 server to query\n";
exit 1;
}
# Loop through all the server given on the command line.
$ErrCnt = 0;
foreach $LDAPHost (@ARGV) {
# Open the connection to the server and do a simple, anonymous bind
unless ($ldap = Net::LDAP->new($LDAPHost, port => $LDAPPort)) {
push(@FailedHosts, "$LDAPHost:$LDAPPort");
push(@errs, "ldap_init Failed: host=$LDAPHost:$LDAPPort: $!");
$ErrCnt++;
next;
}
unless ($ldap->bind) {
$ErrCnt++;
push(@FailedHosts, "$LDAPHost:$LDAPPort");
#ldap_perror($ldap, "ldap bind failed: host=$LDAPHost:$LDAPPort\n");
push(@errs, "ldap bind failed: host=$LDAPHost:$LDAPPort");
next;
}
unless ($mesg = $ldap->search(base => $BaseDN, filter => $Filter)) {
my($errnd, $extramsg, $err);
push(@errs, "$LDAPHost " . $mesg->error);
$ldap->unbind;
push(@FailedHosts, "$LDAPHost:$LDAPPort");
$ErrCnt++;
next;
}
$nentries = 0;
foreach $entry ($mesg->entries) {
my $dn = $entry->dn;
$nentries++;
foreach $attr ($entry->attributes) {
$record{$dn}->{$attr} = [$entry->get ($attr)];
}
}
$ldap->unbind;
if ($nentries == 0) {
push(@errs, "$LDAPHost returned no entries");
push(@FailedHosts, "$LDAPHost:$LDAPPort");
$ErrCnt++;
next;
}
# Analyze results.
# Step 1 is to loop through all DNs returned from the search.
print "Looking for $Attribute=$Value\n" if $verbose;
foreach $dn (sort keys %record) {
print "checking object $dn\n" if $verbose;
# Loop through the attributes for this DN
$attrFound = 0;
$goodVal = 0;
foreach $attr (keys %{$record{$dn}}) {
print " checking attr=$attr\n" if $verbose;
next unless ($attr eq $Attribute);
$attrFound++;
print " found correct attribute\n" if $verbose;
# Each value could be/is an array so search the array
foreach $val (@{$record{$dn}{$attr}}) {
print " checking val = $val\n" if $verbose;
next unless ($val eq $Value);
$goodVal++;
print " found correct value\n" if $verbose;
last;
}
last if ($goodVal);
}
if (!$attrFound || !$goodVal) {
print "For object $dn:\n";
}
if (!$attrFound) {
$ErrCnt++;
push(@errs,"Could not find Attribute \"$Attribute\" for DN=$dn");
push(@FailedHosts, "$LDAPHost:$LDAPPort");
} elsif (!$goodVal) {
$ErrCnt++;
push(@errs, "Value \"$Value\" not found for Attribute \"$Attribute\"");
push(@FailedHosts, "$LDAPHost:$LDAPPort");
}
}
}
if ($ErrCnt > 0) {
print join (" ", sort @FailedHosts), "\n";
print join("\n", @errs), "\n";
}
exit $ErrCnt;
|