Search Exchange

Search All Sites

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

check_kdc

Rating
3 votes
Favoured:
0
Hits
97779
Files:
FileDescription
check_kdccheck_kdc

Help Support Ethan Galstad's New Project:

Help Support Ethan

A Message From The Founder...

As the founder of Nagios, I'm asking for your help in a cause that's dear to my heart.

I'm launching a new project to help better the world by providing the information, ideas, and inspiration that I believe can improve the lives of people everywhere.

I know you're busy managing networks, but I would appreciate it if you would consider liking my Facebook page and showing your support for the content and messages I produce by sharing them with your friends and family.

You can learn more about my project by visiting ethangalstad.me/nagios. Thank you for your time. I wish you all the best in your endeavors, whatever they may be.

- Ethan

Check Kerberos 5 KDC with shell commands
Check acquiring a Kerberos ticket using a keytab. This doesn't require the Perl Kerberos stuff, unlike check_krb5.
Reviews (2)
byparski, February 28, 2013
Works well allthough the documentation is pretty lacking. I had to change the path to kinit in the script to:

/usr/bin/kinit

Otherwise it worked out of the box. Great!
Here is a patch to make it authenticate using Kerberos password as well and not just keytab. I have also hard-coded the path for utils.sh as it was in a different location from where I stored this plugin. So modify utils.sh path according to your environment.

4a5
> # Modified by Rahul Amaram
12d12
. /usr/lib/nagios/plugins/utils.sh
23a25
> -w, --password=PASSWORD Password for the principal
54a57
> -w|--password) shift; password=$1; shift;;
61c64
if [ -z "$kdc" -o -z "$principal" ] || [ -z "$keytab" -a -z "$password" ]; then
92c95,99
&1`
---
> if [ -n "$password" ]; then
> err=`KRB5_CONFIG=$conf expect -c "log_user 0; spawn kinit -c \"$cc\" \"$principal\"; expect -re \"Password for .*: \"; send \"$password\r\"; expect eof; send_user \"\\$expect_out(buffer)\"; catch wait result; exit [lindex \\$result 3]"`
> else
> err=`KRB5_CONFIG=$conf kinit -c "$cc" -k -t "$keytab" "$principal" 2>&1`
> fi
98c105
echo "CRITICAL Getting Kerberos ticket: `echo $err | sed -r 's/^.*?kinit:\s*//' | head -n 1`"