Simple LDAP Caching Unix Daemon

Simple LDAP Caching Unix Daemon


I wrote this simple LDAP Caching unix daemon 2 yrs back when we faced lot of issue with Integrating Apache with LDAP authentication
using Apache ldap auth module. We were able to configure it properly however we faced slowness issue.

Basically We wanted to use Nagios (Check_mk Multisite) with LDAP authentication. So we wrote this unix daemon.
As of now this is very simple (no theading/forking and it is blocking) However it is working perfectly without any issue (for Nagios web interface authentication and few other web based tools, around 300+ users).

Download Perl files-



* Custom Apache Handler – to use this daemon for basic authentication

root@arunb:~# cat /etc/init.d/
use strict;
use warnings;
use Proc::Daemon;

no warnings ‘uninitialized’;
if ( $ARGV[0] =~ m/start/ ) {
my $continue = 1;
$SIG{TERM} = sub { $continue = 0 };
while ($continue) { eval { `/usr/local/ –daemon`;};}

} else { print ” * Usage: $0 {start}”;}
print “\n”;

Step 1] Run Daemon – (edit LDAP related varibles)

Copy perl file at following location on your system /usr/local/
OR Change path in “” startup file

* Start process-

root@:~# /etc/init.d/ start

* Make sure only one ldapcached process running?

root@:~# ps aux | grep ldap | grep -v grep
root 19441 0.0 0.0 6212 1408 ? S 15:03 0:00 /usr/bin/perl /etc/init.d/ start
root 19442 0.0 0.2 8656 4916 ? S 15:03 0:00 ldapcached

Step 2] How to test-

root@:~$ perl –client ‘my-ldap-user’ ‘my-ldap-pass’

root@:~$ perl –client ‘my-ldap-user’ ‘my-ldap-pass’

Step 3] How I should use/integrate in Application-

Say I want to use this ldapcached unix daemon for Apache/Basic Authentication –

NOTE- Make sure to copy module in Perl module directory or Check Apache error log for any error.

ScriptAlias /nagios/cgi-bin “/usr/lib64/nagios/cgi”

<Directory “/usr/lib64/nagios/cgi”>
Order allow,deny
Allow from all
AuthType Basic
AuthName “Nagios GUI”
PerlAuthenHandler Apache::MyHandler
Require valid-user

Thank you,

Similar Posts:

Leave a Reply

Your email address will not be published.