Actions
Bug #9818
closed
Rudder's LDAP server configuration does not allow to query the monitor DB
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:
Description
Since we added strict ACLs in the LDAP server configuration for Rudder, it is no longer possible to query the cn=monitor backend, that provides useful statistics about the database usage and queries, in particular cache usage for the BDB/HDB backend.
This is because the ACLs do not allow any access except for the strict minimum, but the root DN for the main database bypasses ACLs so that has never been a problem. Since cn=monitor is actually a different database, the root DN from the main database doesn't have that bypass.
We need to add in an ACL to allow this.
Updated by Jonathan CLARKE 
Updated by
Actions