slapd-monitor — Monitor backend to slapd
Synopsis
/etc/openldap/slapd.conf
Description
The monitor backend to slapd(8) is not an actual database; if enabled, it is automatically generated and dynamically maintained by slapd with information about the running status of the daemon.
To inspect all monitor information, issue a subtree search with base cn=Monitor, requesting that attributes "+" and "*" are returned. The monitor backend produces mostly operational attributes, and LDAP only returns operational attributes that are explicitly requested. Requesting attribute "+" is an extension which requests all operational attributes.
Configuration
These slapd.conf options apply to the monitor backend database. That is, they must follow a "database monitor" line and come before any subsequent "backend" or "database" lines.
As opposed to most databases, the monitor database can be instantiated only once, i.e. only one occurrence of "database monitor" can occur in the slapd.conf(5) file. Moreover, the suffix of the database cannot be explicitly set by means of the suffix directive. The suffix is automatically set to "cn=Monitor".
The monitor database honors the rootdn and the rootpw directives, and the usual ACL directives, e.g. the access directive.
Other database options are described in the slapd.conf(5) manual page.
Usage
The usage is:
1) enable the monitor backend at configure:
configure --enable-monitor
2) activate the monitor database in the slapd.conf(5) file:
database monitor
3) add ACLs as detailed in slapd.access(5) to control access to the database, e.g.:
access to dn.subtree="cn=Monitor" by dn.exact="uid=Admin,dc=my,dc=org" write by users read by * none
- 4) ensure that the core.schema file is loaded.
The monitor backend relies on some standard track attributeTypes that must be already defined when the backend is started.
Access Control
The monitor backend honors access control semantics as indicated in slapd.access(5), including the disclose access privilege, on all currently implemented operations.
Known Limitations
The monitor backend does not honor size/time limits in search operations.
Files
- /etc/openldap/slapd.conf
default slapd configuration file
See Also
slapd.conf(5), slapd-config(5), slapd.access(5), slapd(8), ldap(3).
Acknowledgements
OpenLDAP Software is developed and maintained by The OpenLDAP Project <http://www.openldap.org/>. OpenLDAP Software is derived from the University of Michigan LDAP 3.3 Release.
Referenced By
collectd.conf(5), slapd.backends(5).