Checking up-state of LDAP-protected domains

dbodky · November 18, 2019, 9:05am

Good morning everybody,

I need your help in finding a fitting approach for checking the up-state of several web-adresses behind LDAP-authentication.

Up until now (before LDAP was set up for the websites in question) I used the simple check_http plugin for this use case, but now I am getting warning-states because the websites are returning 401 Unauthorized answers.

Is there a good plugin to fit my use case? My first quick searches couldn’t find any and I am not an LDAP specialist myself, so maybe somebody else could point me to the right direction.

Best regards
Daniel

gkoutsog · November 18, 2019, 9:18am

Hi,

Do you want to get the passwords from LDAP or just check the websites with a user/pass ?

/George

dbodky · November 18, 2019, 9:19am

Hi,

I’d like to check the websites with a valid user/pass combination.

gkoutsog · November 18, 2019, 9:20am

Hi,

Check_http has a lot of options, so take a look at the documetation .

Specifically, you could use something like:

-a, --authorization=AUTH_PAIR
   Username:password on sites with basic authentication

which in ITL translates to:

               "-a" = {
                        value = "$http_auth_pair$"
                        description = "Username:password on sites with basic authentication"
                }

That should get you started

Cheers,
George

dbodky · November 18, 2019, 9:21am

Thank you very much for this hint, I will do some research and come back to this thread.

dbodky · November 18, 2019, 10:28am

Thank you very much @gkoutsog, it did the trick.

I could continue using check_http passing the following parameters, in case anybody wants to reproduce this:

./check_http -H hostname -I 00.00.00.000 -S -u '/url' -a 'username:password'

Notice that it is just the hostname, not the actual FQDN which needs to be passed (it can of course be omitted as well).