[Nagiosplug-help] check_ldaps plugin help needed

Dave Worthy dave.worthy at hp.com
Wed Jul 11 12:53:09 CEST 2007


Found the fix. For whatever reason, the check_ldaps would not bind using 
the IP address whilst with the hostname it worked beautifully( using 
$HOSTALIAS$ instead of $HOSTADDRESS$) <--this being the diff from nagios 
binary to command line...i was running cmd line with hostname

Also note that using double quotes around the ldap query parms proved a 
problem when the DN had a space in the name; using single ticks around 
that fixed that issue as well:

command_line $USER1$/check_ldaps -H $HOSTALIAS$ -b o=company.com -p #### 
-D 'cn=mytest,ou=IT Tester, o=company.com' -P $USER5$ -w 150 -c 300 -t 300

Dave Worthy wrote:
>
> I am running nagios 1.2 on a 2.4.21-27.ELsmp i686 host without trouble.
> We are needing to migrate off that host and to a host running
> 2.6.9-34.ELsmp x86_64 host.  I'd like to upgrade, but time won't allow
> currently, so I'm doing a straight port of 1.2 onto the new host for the
> time being.
>
> My issue is that the plugin check_ldaps works on the old host, but not
> the new one.  It gets even more strange.  I can get the command line,
> any user, to run check_ldaps successfully, but the nagios binary
> continues to launch failed check_ldaps connections.
>
> I've updated /etc/openldap/ldap.conf to include TLS_CACERT line to
> indicate location of generic cert to use.  I however don't have much
> knowledge about the ldap innards making this extra difficult to
> troubleshoot.
>
> What I do know is that any user on new host can run check_ldaps and it
> works, but it shows up as failed in the new nagios browser.  The nagios
> binary has to be started as root
>
> Ideas?
>
> Dave
>
> I've also posted here, so hope I'm not double posting:
>
> http://www.meulie.net/portal_plugins/forum/forum_viewtopic.php?8777
>
>
>
>
>

-- 
Dave Worthy
Hewlett-Packard Company
HPIT Linux
(770)517-9986

Planned PTO:  7/17-22





More information about the Help mailing list