Re: Recommended ACL for nagios monitoring

ML mail wrote:

I would like to monitor connectivity to my OpenLDAP using nagios with its check_ldap script and was wondering which minimal ACL would you recommend for that purpose?

It really depends on what you want to check.

Things which come to mind:

1. Performance data from cn=monitor

2. Count entries in your databases with noop-search control (does not scale for many entries)

3. Read syncrepl topology from cn=config to automatigally check connection to the replicas found therein and compare contextCSN values in DB suffixes.

Ciao, Michael.