Added README file on provide more explanation in top of script
This commit is contained in:
Benjamin Renard
parent
618a5d7fff
commit
b4004e2a0f
2 changed files with 99 additions and 1 deletions
90
README
Normal file
90
README
Normal file
|
|
@ -0,0 +1,90 @@
|
|||
Script to check LDAP syncrepl replication state between two servers
|
||||
===================================================================
|
||||
|
||||
This script check LDAP syncrepl replication state between two servers.
|
||||
One server is consider as provider and the other as consumer.
|
||||
|
||||
This script can check replication state with two method :
|
||||
- by the fisrt, entryCSN of all entries of LDAP directory will be
|
||||
compare between two servers
|
||||
- by the second, all values of all atributes of all entries will
|
||||
be compare between two servers.
|
||||
|
||||
In all case, contextCSN of servers will be compare and entries not
|
||||
present in consumer or in provider will be notice. You can decide to
|
||||
disable contextCSN verification by using argument --no-check-contextCSN.
|
||||
|
||||
This script is also able to "touch" LDAP object on provider to force
|
||||
synchronisation of this object. This mechanism consist to add '%%TOUCH%%'
|
||||
value to an attribute of this object and remove it just after. The
|
||||
touched attribute is specify by parameter --touch. Of course, couple of
|
||||
DN and password provided, must have write right on this attribute.
|
||||
|
||||
To use this script as Nagios plugin, use -n argument
|
||||
|
||||
Requirement
|
||||
-----------
|
||||
|
||||
A single couple of DN and password able to connect to both server
|
||||
and without restriction to retrieve objects from servers.
|
||||
|
||||
Usage
|
||||
-----
|
||||
|
||||
Usage: check_syncrepl_extended [options]
|
||||
|
||||
Options:
|
||||
--version show program's version number and exit
|
||||
-h, --help show this help message and exit
|
||||
-p PROVIDER, --provider=PROVIDER
|
||||
LDAP provider URI (example :
|
||||
ldaps://ldapmaster.foo:636)
|
||||
-c CONSUMER, --consumer=CONSUMER
|
||||
LDAP consumer URI (example :
|
||||
ldaps://ldapslave.foo:636)
|
||||
-D DN, --dn=DN LDAP bind DN (example :
|
||||
uid=nagios,ou=sysaccounts,o=example
|
||||
-P PWD, --pwd=PWD LDAP bind password
|
||||
-b BASEDN, --basedn=BASEDN
|
||||
LDAP base DN (example : o=example)
|
||||
-f FILTER, --filter=FILTER
|
||||
LDAP filter (default : (objectClass=*))
|
||||
-d, --debug Debug mode
|
||||
-n, --nagios Nagios check plugin mode
|
||||
-q, --quiet Quiet mode
|
||||
--no-check-certificate
|
||||
Don't check the server certificate (Default : False)
|
||||
--no-check-contextCSN
|
||||
Don't check servers contextCSN (Default : False)
|
||||
-a, --attributes Check attributes values (Default : check only
|
||||
entryCSN)
|
||||
--exclude-attributes=EXCL_ATTRS
|
||||
Don't check this attribut (only in attribute check
|
||||
mode)
|
||||
--touch=TOUCH Touch attribute giving in parameter to force resync a
|
||||
this LDAP object from provider. A value '%%TOUCH%%'
|
||||
will be add to this attribute and remove after. The
|
||||
user use to connect to the LDAP directory must have
|
||||
write permission on this attribute on each object.
|
||||
|
||||
|
||||
Copyright
|
||||
---------
|
||||
|
||||
Copyright (c) 2013 Benjamin Renard
|
||||
|
||||
License
|
||||
-------
|
||||
|
||||
This program is free software; you can redistribute it and/or
|
||||
modify it under the terms of the GNU General Public License version 2
|
||||
as published by the Free Software Foundation.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
|
|
@ -9,8 +9,16 @@
|
|||
# compare between two servers
|
||||
# - by the second, all values of all atributes of all entries will
|
||||
# be compare between two servers.
|
||||
#
|
||||
# In all case, contextCSN of servers will be compare and entries not
|
||||
# present in consumer or in provider will be notice.
|
||||
# present in consumer or in provider will be notice. You can decide to
|
||||
# disable contextCSN verification by using argument --no-check-contextCSN.
|
||||
#
|
||||
# This script is also able to "touch" LDAP object on provider to force
|
||||
# synchronisation of this object. This mechanism consist to add '%%TOUCH%%'
|
||||
# value to an attribute of this object and remove it just after. The
|
||||
# touched attribute is specify by parameter --touch. Of course, couple of
|
||||
# DN and password provided, must have write right on this attribute.
|
||||
#
|
||||
# This script could be use as Nagios plugin (-n argument)
|
||||
#
|
||||
|
|
|
|||
Loading…
Reference in a new issue