Module: check_mk
Branch: master
Commit: 137d0d59a5510b386a36777e6c3fe8131db7b8d2
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=137d0d59a5510b…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Wed Jan 16 10:29:27 2013 +0100
Added debugging log for ldap transactions
---
ChangeLog | 1 +
web/htdocs/config.py | 1 +
web/plugins/userdb/ldap.py | 6 +++---
web/plugins/wato/check_mk_configuration.py | 14 ++++++++++++++
4 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index f6215ef..192676e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -27,6 +27,7 @@
* LDAP: Using roles defined in default user profile in role sync plugin processing
* LDAP: Improved error handling in case of misconfigurations
* LDAP: Reduced number of ldap querys during a single page request / sync process
+ * LDAP: Implemnted some kind of debug logging for LDAP communication
1.2.1i4:
Core:
diff --git a/web/htdocs/config.py b/web/htdocs/config.py
index 112ef42..b5ee938 100644
--- a/web/htdocs/config.py
+++ b/web/htdocs/config.py
@@ -602,6 +602,7 @@ def load_default_values(into):
into["ldap_groupspec"] = {}
into["ldap_active_plugins"] = {'email': {}, 'alias': {},
'auth_expire': {}}
into["ldap_cache_livetime"] = 300
+ into['ldap_debug_log'] = None
into["default_user_profile"] = {
'roles': ['user'],
}
diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py
index 35d9ed0..aa63efa 100644
--- a/web/plugins/userdb/ldap.py
+++ b/web/plugins/userdb/ldap.py
@@ -78,7 +78,6 @@ ldap_filter_map = {
'groups': '(objectclass=group)',
},
'openldap': {
- #'users': '(objectcategory=user)',
'users': '(objectclass=person)',
'groups': '(objectclass=groupOfUniqueNames)',
},
@@ -96,8 +95,8 @@ ldap_filter_map = {
# '----------------------------------------------------------------------'
def ldap_log(s):
- pass # no logging by default
- #file('/tmp/ldap.log', 'a').write('%s\n' % s)
+ if config.ldap_debug_log is not None:
+ file(config.ldap_debug_log, "a").write('%s\n' % s)
class MKLDAPException(MKGeneralException):
pass
@@ -223,6 +222,7 @@ def ldap_search(base, filt = '(objectclass=*)', columns = [],
scope = None):
'incomplete results. You should change the scope of
operation '
'within the ldap or adapt the limit settings of the
LDAP server.'))
+ ldap_log(' RESULT length: %d' % len(result))
return result
#return ldap_connection.search_s(base, scope, filter, columns)
#for dn, obj in ldap_connection.search_s(base, scope, filter, columns):
diff --git a/web/plugins/wato/check_mk_configuration.py
b/web/plugins/wato/check_mk_configuration.py
index 1b3963a..0a3b406 100644
--- a/web/plugins/wato/check_mk_configuration.py
+++ b/web/plugins/wato/check_mk_configuration.py
@@ -493,6 +493,20 @@ register_configvar(group,
domain = "multisite",
)
+register_configvar(group,
+ "ldap_debug_log",
+ Optional(
+ Filename(
+ label = _("Absolute path to log file"),
+ default = defaults.var_dir + '/web/ldap-debug.log',
+ ),
+ title = _("LDAP connection diagnostics"),
+ label = _("Activate logging of LDAP transactions into a logfile"),
+ help = _("If this option is used and set to a filename, Check_MK will
create a logfile "
+ "containing details about connecting to LDAP and the single
transactions.")),
+ domain = "multisite")
+
+
def list_roles():
roles = userdb.load_roles()
return [ (i, r["alias"]) for i, r in roles.items() ]