check_kadmin.pl

                                

        
        

            
            

                

    

    
check_kadmin


check_kadmin.pl is a plugin for monitoring the kadmin daemon.

It uses an admin user with minimal privileges and a keytab to connect to the kadmin daemon to check if the daemon is accepting connections and authenticating users.


Usage:


./check_kadmin.pl [-h] | [-p port] [-w warn time] [-c critical time] -u admin_princ -k keytab -r realm


Options:


Flag
        Description
    
-h, --help
        Print this help message
    
-p, --port
        Specify a port to use (default is kadmin)
    
-w, --warning
        Return a warning if plugin takes greater than -w seconds
    
-c, --critical
        Exit critical if plugin reaches -c seconds
    
-u, --user
        Specifies the kadmin admin account to login with
    
-k, --keytab
        Specifies the keytab file containing the key
    
-r, --realm
        Specifies the realm
    


Note:


You should create an admin prinicple for this plugin and use an ACL to give it minimal privilages.  It only has to be abel to connect to the kadmin daemon.
You will need to configure your krb5.conf file for each realm you wish to test.