Closed lesijac closed 5 years ago
Hi @fredo1988 ,
Today this is not possible, if you think that making a dedicated mode would help, please feel free to send a sample output of the ldap request. This way we'll be able to developp and format such output.
Regards,
Hi @Sims24 ,
thanks for your proposition, I really appreciated. For exemple, when I use Powershell (command : Search-ADAccount -Locked | Select Name) I have in return the name of the account (the AD attribut is CN like "Santa Maria"), I think is sufficient in the first time. To conclued, I would like to see the output for exemple :
I am at your disposal for other questions Regards,
Ok as I'm not a LDAP expert just to be sure that when I perform e.g ldapsearch in commandline with the following query :
(&(samAccountName=*)(objectClass=User)(lockoutTime>=1))
I do have a list of LDAP locked account like :
Santa Maria John Doe Marty McFly
Right ?
As short output is limited to 255 char in plugins guidelines, we will probably rather use an output like below (account details in long output) :
CRITICAL : x locked accounts | locked_account=xusers;warning;critical;0; Santa Maria is locked John Doe is locked Marty McFly is locked
How does it sound to you ? BR
yes for me I think it's the good output,
I add more option : --search-base='OU=xxxx,OU=xxxxxxxx,OU=xxxxxx,DC=xxx,DC=xxxx,DC=xxxx' to check a specific OU.
Roger that
You can use following option: --display-entry='%{samAccountName} locked'
Hello,
when I use the LDAP plugin to see if I have locked AD accounts, when I use --verbose or --debug I have only the number of accounts locked, not the details.
Exemple :
/usr/lib/centreon/plugins/centreon_protocol_ldap.pl --plugin=apps::protocols::ldap::plugin --mode=search --hostname=XX.XX.XX.XX --username='XXXXXXX' --password='XXXXXXX' --search-base='OU=xxxxxx,OU=Users,OU=xxxxxx,DC=xxxxx,DC=xxxxx,DC=xxxxxxx' --search-filter='(&(samAccountName=*)(objectClass=User)(lockoutTime>=1))' --warning='' --critical='0' --verbose
CRITICAL: Number of results returned: 38 | 'time'=0.407s;;;0; 'entries'=38;;0:0;0;
I would like to know if it's possible to see accounts locked?
Thanks in advanced. FJ