[Pkg-openldap-devel] [Pkg-nagios-devel] Bug#491233: nagios-plugins: check_ldap should use version 3 of slapd protocol

[Michel Grentzinger]

Le lundi 21 juillet 2008, Jan Wagner a écrit :
> > We have 3 solutions :
> > - check both v2 and v3 in tne main scirpt check_ldap,
>
> you are talking about modifying the script to check at first v3 and if that
> fails check v2? Sounds a bit overkill for me.

I think this is the best solution ! I don't know how much works it requires 
but we have some advantage with this :
- it doesn't break any existing installation,
- it could check both v2 and v3,
- perhaps the script could print if LDAP is running v2 or v3,
- the user haven't to know if LDAP uses protocol 2 or 3
- when the user make the transition from v2 to v3 (or v4, v5), it haven't to 
modify his host in his nagios installation,
- with many server, the nagios user have an overview about each protocol used 
by each LDAP server.

The only drawback is see is the time execution of the script. But if some test 
is good-located in the script, this is a minor problem. That could be :
- add a var name which refer to the defaut protocol (can be changed for the 
future)
- check_ldap with defaut protocol
- check with old protocol
- print the result with name of the protocol(s) used

PS : I don't know if both can be running at the same time. I think yes.

> > - add a check_ldap3,
>
> That is, what I have planned to do.

As I write it up, the user have to look at /usr/lib/nagios2/plugins/ for 
knowing which script must be used.

> > - add a argument to check_ldap,
> > - create a script which migrate old Nagios installation and change v2 to
> > v3 is LDAP uses v3 (allow bind_v2 is not present).
>
> Both will break existing installations using check_ldap command definition!
> This is for me no option we have.

Ok.

Thanks,
-- 
Michel Grentzinger
	OpenPGP key ID : B2BAFAFA
		Available on http://www.keyserver.net