Project

General

Profile

Actions

Bug #9818

closed

Rudder's LDAP server configuration does not allow to query the monitor DB

Added by Jonathan CLARKE almost 8 years ago. Updated almost 8 years ago.

Status:
Released
Priority:
N/A
Category:
Server components
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

Since we added strict ACLs in the LDAP server configuration for Rudder, it is no longer possible to query the cn=monitor backend, that provides useful statistics about the database usage and queries, in particular cache usage for the BDB/HDB backend.

This is because the ACLs do not allow any access except for the strict minimum, but the root DN for the main database bypasses ACLs so that has never been a problem. Since cn=monitor is actually a different database, the root DN from the main database doesn't have that bypass.

We need to add in an ACL to allow this.

Actions

Also available in: Atom PDF