78538bc48b84bdf5f1ae0127177f07a29660c9a8
Benjamin Renard Added README file on provid...

Benjamin Renard authored 11 years ago

1) Script to check LDAP syncrepl replication state between two servers
2) ===================================================================
3) 
4) This script check LDAP syncrepl replication state between two servers.
5) One server is consider as provider and the other as consumer.
6) 
7) This script can check replication state with two method :
8)  - by the fisrt, entryCSN of all entries of LDAP directory will be
9)    compare between two servers
10)  - by the second, all values of all atributes of all entries will
11)    be compare between two servers.
12) 
13) In all case, contextCSN of servers will be compare and entries not
14) present in consumer or in provider will be notice. You can decide to
15) disable contextCSN verification by using argument --no-check-contextCSN.
16) 
17) This script is also able to "touch" LDAP object on provider to force
18) synchronisation of this object. This mechanism consist to add '%%TOUCH%%'
19) value to an attribute of this object and remove it just after. The
20) touched attribute is specify by parameter --touch. Of course, couple of
21) DN and password provided, must have write right on this attribute.
22) 
Benjamin Renard Add informations about --re...

Benjamin Renard authored 11 years ago

23) If your prefer, you can use --replace-touch parameter to replace value
24) of touched attribute instead of adding the touched value. Use-ful in
25) case of single-value attribute.
26) 
Benjamin Renard Added README file on provid...

Benjamin Renard authored 11 years ago

27) To use this script as Nagios plugin, use -n argument
28) 
29) Requirement
30) -----------
31) 
32) A single couple of DN and password able to connect to both server 
33) and without restriction to retrieve objects from servers.
34) 
35) Usage
36) -----
37) 
38)   Usage: check_syncrepl_extended [options]
39)   
40)   Options:
41)     --version             show program's version number and exit
42)     -h, --help            show this help message and exit
43)     -p PROVIDER, --provider=PROVIDER
44)                           LDAP provider URI (example :
45)                           ldaps://ldapmaster.foo:636)
46)     -c CONSUMER, --consumer=CONSUMER
47)                           LDAP consumer URI (example :
48)                           ldaps://ldapslave.foo:636)
49)     -D DN, --dn=DN        LDAP bind DN (example :
50)                           uid=nagios,ou=sysaccounts,o=example
51)     -P PWD, --pwd=PWD     LDAP bind password
52)     -b BASEDN, --basedn=BASEDN
53)                           LDAP base DN (example : o=example)
54)     -f FILTER, --filter=FILTER
55)                           LDAP filter (default : (objectClass=*))
56)     -d, --debug           Debug mode
57)     -n, --nagios          Nagios check plugin mode
58)     -q, --quiet           Quiet mode
59)     --no-check-certificate
60)                           Don't check the server certificate (Default : False)
61)     --no-check-contextCSN
62)                           Don't check servers contextCSN (Default : False)
63)     -a, --attributes      Check attributes values (Default : check only
64)                           entryCSN)
65)     --exclude-attributes=EXCL_ATTRS
66)                           Don't check this attribut (only in attribute check
67)                           mode)
68)     --touch=TOUCH         Touch attribute giving in parameter to force resync a
69)                           this LDAP object from provider. A value '%%TOUCH%%'
70)                           will be add to this attribute and remove after. The
71)                           user use to connect to the LDAP directory must have
72)                           write permission on this attribute on each object.
Benjamin Renard Add informations about --re...

Benjamin Renard authored 11 years ago

73)     --replace-touch       In touch mode, replace value instead of adding.