DirectorySearch Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
New ListingsDirectory Tree
Directory
gcc2
bygcc2, January 14, 2011
The script is simple and well written.
However it's ESSENTIAL, and not at all obvious, that you put the --nagios option on the command line. Otherwise, when the server is out of sync with the client, the output will tell you, but Nagios will think that the server is OK and not send you any notification.
Also, if the SSL certificate chain is not properly installed, the default logging does not help much:
FAILED : LDAP bind failed. {'desc': "Can't contact LDAP server"}
It's necessary to edit the source and increase the ldap.OPT_DEBUG_LEVEL to get this output:
TLS: warning: cacertdir not implemented for gnutls
TLS: peer cert untrusted or revoked (0x42)
FAILED : LDAP bind failed. {'desc': "Can't contact LDAP server"}
which tells you what you need to know to understand and fix the problem.
However it's ESSENTIAL, and not at all obvious, that you put the --nagios option on the command line. Otherwise, when the server is out of sync with the client, the output will tell you, but Nagios will think that the server is OK and not send you any notification.
Also, if the SSL certificate chain is not properly installed, the default logging does not help much:
FAILED : LDAP bind failed. {'desc': "Can't contact LDAP server"}
It's necessary to edit the source and increase the ldap.OPT_DEBUG_LEVEL to get this output:
TLS: warning: cacertdir not implemented for gnutls
TLS: peer cert untrusted or revoked (0x42)
FAILED : LDAP bind failed. {'desc': "Can't contact LDAP server"}
which tells you what you need to know to understand and fix the problem.
