Univention Bugzilla – Full Text Bug Listing |
Summary: | Nagios-Check für LDAP ermittelt IP per Host | ||
---|---|---|---|
Product: | UCS | Reporter: | Tim Petersen <petersen> |
Component: | Monitoring (Prometheus or Nagios) | Assignee: | Felix Botner <botner> |
Status: | CLOSED FIXED | QA Contact: | Philipp Hahn <hahn> |
Severity: | normal | ||
Priority: | P5 | CC: | gohmann, grandjean, walkenhorst |
Version: | UCS 4.0 | ||
Target Milestone: | UCS 4.0-2-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | |||
Bug Depends on: | |||
Bug Blocks: | 42474 |
Description
Tim Petersen
2012-05-08 16:40:33 CEST
This is quite annoying if UDP doesn't work for name resolution. The 'host' command then trys TCP instead (which is good), but this lets UNIVENTION_LDAP_AUTH (check_univention_ldap) fail: > root@ucs2:~# host ucs2 > ;; Truncated, retrying in TCP mode. > ucs2.fqdn.tld has address 172.16.0.12 In this case the variable "IP" of "check_univention_ldap" becomes "in": > /usr/lib/nagios/plugins/check_ldap -H in ... > Could not bind to the LDAP server (In reply to Michael Grandjean from comment #1) > > root@ucs2:~# host ucs2 > > ;; Truncated, retrying in TCP mode. > > ucs2.fqdn.tld has address 172.16.0.12 > > In this case the variable "IP" of "check_univention_ldap" becomes "in": > > > /usr/lib/nagios/plugins/check_ldap -H in ... > > Could not bind to the LDAP server Customer reported that one again via 2015043021000217. Still true for UCS 4.0 YAML: 2015-06-25-univention-nagios.yaml check_univention_ldap now uses the FQDN of the server for the check. Every UCS system has its own ip/name in /etc/hosts. So, dns issues should ruled out. (In reply to Felix Botner from comment #4) > YAML: 2015-06-25-univention-nagios.yaml Please change it to 4.0-2 only. OK: r61489 FYI: Missing `uniupdatecopyright` OK: aptitude -y install '?source-package(^univention-nagios$)~i' OK: zless /usr/share/doc/univention-nagios-common/changelog.Debian.gz OK: /usr/lib/nagios/plugins/check_univention_ldap OK: sevice bind9 stop;/usr/lib/nagios/plugins/check_univention_ldap OK: amd64 i386 (In reply to Stefan Gohmann from comment #5) > Please change it to 4.0-2 only. FIXED: 2015-06-25-univention-nagios.yaml r61586 OK: errata-announce -V 2015-06-25-univention-nagios.yaml RFC: # apt-cache rdepends univention-nagios-client ... univention-server-member Should "ldap/server/name" be checked instead of "hostname", as a Member-Server has no local LDAP server? FYI: The check is currenly only enabled for DCs: 30univention-nagios-client.inst:102 # add ldap check only on role "domaincontroler_*" |