# MCldap.ctl:262: Collects LDAP Information # $Id: MCldap.ctl,v 1.6 2015/05/29 11:41:06 RDA Exp $ # ARCS: $Header: /home/cvs/cvs/RDA_8/src/scripting/lib/collect/EXPLORER/MCldap.ctl,v 1.6 2015/05/29 11:41:06 RDA Exp $ # # Change History # 20140710 PRA Add zones documentation. =head1 NAME EXPLORER:MCldap - Collects LDAP Information =head1 DESCRIPTION This module collects LDAP-related information. =cut use Mrc # Initialization var $VALIDATE = true keep $VALIDATE section begin var $ERR = '---## Associated Errors' var $TOC = '%TOC%' var $TOP = '[[#Top][Back to top]]' run EXPLORER:XPLRlib('ldap') #------------------------------------------------------------------------------ # XPLR_ldap section #------------------------------------------------------------------------------ section XPLR_ldap # Validate the execution context call log_run('Processing LDAP sections ...') =head2 LDAP-Related Configuration Gathers LDAP information using the following commands: =over 2 =item o C =item o C =item o C =item o C =item o C =item o C =item o C =item o C =item o C =item o C =item o C =back Also collects the following configuration files: =over 2 =item o F =item o F =item o F =back =cut debug ' Inside LDAP collection, gathering LDAP information' pretoc '2:LDAP' # Populate table of commands to collect => [zone,outfile,command,descr,grouphdr] loop $rec (get_zones(false)) {if $loc = defined($nam = $rec->[0]) var ($ttl,$pre,$exe) = (concat('From Zone ',$nam),\ concat('zones/',$nam),\ concat('/usr/sbin/zlogin ',$nam)) else var ($ttl,$pre,$exe) = ('From Global Zone') var $top = $rec->[1] var (@cmd,@fil) = () if compare('FINAL',$rec->[2],'5.7') call push(@cmd,\ ['var/ldap/not-ldap.out',\ undef,\ 'LDAP data gathered for Oracle Solaris 8 or higher versions only.',\ '---+ LDAP']) else {# Treat a LDAP client if ?testFile('f',catFile($top,'var','ldap','ldap_client_file')) {call push(@cmd,\ '---+ LDAP Client',\ ['var/ldap/client/ldaplist',\ '/usr/bin/ldaplist',undef,\ '---++ Naming Information'],\ ['var/ldap/client/ldaplist-d',\ '/usr/bin/ldaplist','-d',\ '---++ Database Attributes'],\ ['var/ldap/client/ldaplist-l',\ '/usr/bin/ldaplist','-l',\ '---++ All Attributes'],\ ['var/ldap/client/ldaplist-l.-profile',\ '/usr/bin/ldaplist','-l profile',\ '---++ Profile Attributes'],\ ['var/ldap/client/ldap_cachemgr-g',\ '/usr/lib/ldap/ldap_cachemgr','-g',\ '---++ Cache Manager Configuration and Statistics']) var $bdn = value(grepFile('/var/ldap/ldap_client_file',\ '^NS_LDAP_SEARCH_BASEDN=','f')) if value(grepFile('/var/ldap/ldap_client_file','^NS_LDAP_SERVERS=','f')) {loop $svr (split('\s*,\s*',last)) {var $arg = concat('-h ',quote($svr),' -b ') call push(@cmd,\ [concat('var/ldap/client/acidefs.',$svr),\ '/usr/bin/ldapsearch',concat($arg,quote($bdn),' aci=\* aci'),\ '---++ Access Control Instructions (ACI)'],\ [concat('var/ldap/client/statistics_base.',$svr),\ '/usr/bin/ldapsearch',concat($arg,'cn=monitor -s base objectclass=*'),\ '---++ Statistics (Scope Base)'],\ [concat('var/ldap/client/statistics_one.',$svr),\ '/usr/bin/ldapsearch',concat($arg,'cn=monitor -s one objectclass=*'),\ '---++ Statistics (Scope One Level)']) } } if compare('SAME',$rec->[2],'5.8') call push(@cmd,\ ['var/ldap/client/ldapclient-l',\ '/usr/sbin/ldapclient','-l',\ '---++ LDAP Client Cache']) else call push(@cmd,\ ['var/ldap/client/ldapclient-list',\ '/usr/sbin/ldapclient','list',\ '---++ LDAP Client Cache']) # Indicate the LDAP client directory structure to collect call push(@fil,\ ['var/ldap/client','/var/ldap',true]) } else call push(@cmd,\ ['var/ldap/client/not-configured.out',\ undef,\ 'This system is not configured as a native LDAP client',\ '---+ LDAP Client']) # Treat a LDAP server if compare('SAME',$rec->[2],'5.8') call push(@cmd,\ ['var/ldap/server/no_bundled_srv.out',\ undef,\ 'There is no LDAP-server software bundled with this Solaris version',\ '---+ LDAP Server']) elsif ?testDir('d',catDir($top,'var','ds5')) {loop $dir (findDir(lastDir(),'^\.','v')) {var $ins = replace($dir,'slapd-') call push(@cmd,\ concat('---+ LDAP Server ',$ins),\ [concat('var/ldap/server/',$ins,'/directoryserver-s-monitor'),\ '/usr/sbin/directoryserver',concat('-s ',quote($ins),' monitor'),\ '---++ Performance Monitoring Information']) # Indicate the LDAP server files to collect call push(@fil,\ [concat('var/ldap/server/',$ins,'/access'),\ concat('/var/ds5/',$dir,'/logs/access')],\ [concat('var/ldap/server/',$ins,'/errors'),\ concat('/var/ds5/',$dir,'/logs/errors')]) } } else call push(@cmd,\ ['var/ldap/server/not-configured.out',\ undef,'This system is not configured as a LDAP server',\ '---+ LDAP Server']) } # Create the report debug ' Inside LDAP collection, collecting from ',nvl($nam,'global'),' zone' report concat('ldap_z_',nvl($nam,'global')) title '---+!! ',$ttl title $TOC # Collect the commands call do_remote($pre,$exe,$top,@cmd) # Collect the files prefix {title '---+ Configuration files' title ' * Links point to files that have been collected in their original \ format. Opening them directly in your browser can present \ risks. To prevent them, access the file outside the browser or \ use the link to save them and use an adequate viewer.' write '|*File Path*| *Size*|*Last Modified Date*|' } call do_collect_fil(@fil) if hasOutput(true) write $TOP # Add the file to the table of content if isCreated(true) toc '3:[[',getFile(),'][rda_report][',$ttl,']]' } unpretoc =head2 Zones =for zone begin ldap By default, collects information from the global zone only. When local zone collections are requested explicitly, collects LDAP-related information from the selected local zones using the following commands: =over 2 =item o C =item o C =item o C =item o C =item o C =item o C =item o C =item o C =item o C =item o C =item o C =back =for zone end =head1 SEE ALSO L, L, L =head1 COPYRIGHT NOTICE Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved. =head1 TRADEMARK NOTICE Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. =cut