refactor(dhcp-scope-usage): improve code

Author: markuslf

check-plugins/dhcp-scope-usage/README.md

@@ -4,11 +4,7 @@
 
 Checks the IPv4 scope usage for a Windows DHCP server service using the PowerShell command `Get-DhcpServerv4ScopeStatistics -ComputerName "dhcpServer.contoso.com"`. Have a look at <https://docs.microsoft.com/en-us/powershell/module/dhcpserver/get-dhcpserverv4scopestatistics> for details.
 
-If you provide `--winrm-hostname`, the check plugin will execute all Powershell commands via WinRM, otherwise it will run locally. This allows the plugin to run on Linux servers as well. By using the [winrm Python module](https://github.com/diyan/pywinrm), this plugin supports various transport methods in order to authenticate with the WinRM server. The options that are supported in the transport parameter are:
-
-* `basic`: Basic auth only works for local Windows accounts, not domain accounts. Credentials are base64 encoded when sending to the server.
-* `kerberos`: Will use Kerberos authentication for domain accounts which only works when the client is in the same domain as the server and the required dependencies are installed. Obtain a Kerberos ticket on Linux (`kinit`) or use a keytab. Ensure `/etc/krb5.conf` and DNS/SPNs are correct so Kerberos to the Windows service succeeds.
-* `ntlm`: Will use NTLM authentication for both domain and local accounts (default).
+If you provide `--winrm-hostname`, the check plugin will execute all Powershell commands via WinRM, otherwise it will run locally. This allows the plugin to run on Linux servers as well.
 
 Hints:
 
@@ -32,9 +28,9 @@ Hints:
 ```text
 usage: dhcp-scope-usage [-h] [-V] [--always-ok] [-c CRIT] [-H HOSTNAME]
                         [--test TEST] [-w WARN] [--winrm-domain WINRM_DOMAIN]
-                        [--winrm-hostname WINRM_HOSTNAME]
-                        [--winrm-password WINRM_PASSWORD]
-                        [--winrm-transport {basic,ntlm,kerberos}]
+                        --winrm-hostname WINRM_HOSTNAME
+                        --winrm-password WINRM_PASSWORD
+                        [--winrm-transport {basic,ntlm,kerberos,credssp,plaintext}]
                         [--winrm-username WINRM_USERNAME]
 
 Checks the IPv4 scope usage for a Windows DHCP server service.
@@ -54,14 +50,14 @@ options:
   --winrm-domain WINRM_DOMAIN
                         WinRM Domain Name. Default: None
   --winrm-hostname WINRM_HOSTNAME
-                        Target Windows computer on which the Windows commands
-                        are to be executed. Default: None
+                        Target Windows computer on which the command will be
+                        executed.
   --winrm-password WINRM_PASSWORD
-                        WinRM Account Password. Default: None
-  --winrm-transport {basic,ntlm,kerberos}
+                        WinRM Account Password.
+  --winrm-transport {basic,ntlm,kerberos,credssp,plaintext}
                         WinRM transport type. Default: ntlm
   --winrm-username WINRM_USERNAME
-                        WinRM Account Name. Default: None
+                        WinRM Account Name. Default: Administrator
 ```
 
 

check-plugins/dhcp-scope-usage/dhcp-scope-usage

@@ -24,13 +24,16 @@ from lib.globals import (STATE_CRIT, STATE_OK,  # pylint: disable=C0413
                           STATE_UNKNOWN, STATE_WARN)
 
 __author__ = 'Linuxfabrik GmbH, Zurich/Switzerland'
-__version__ = '2025100601'
+__version__ = '2025103002'
 
 DESCRIPTION = """Checks the IPv4 scope usage for a Windows DHCP server service."""
 
+DEFAULT_CRIT = 90
 DEFAULT_HOSTNAME = 'localhost'
 DEFAULT_WARN = 80
-DEFAULT_CRIT = 90
+DEFAULT_WINRM_DOMAIN = None
+DEFAULT_WINRM_TRANSPORT = 'ntlm'
+DEFAULT_WINRM_USERNAME = 'Administrator'
 
 
 def parse_args():
@@ -84,40 +87,44 @@ def parse_args():
 
     parser.add_argument(
         '--winrm-domain',
-        help='WinRM Domain Name. Default: %(default)s',
+        help='WinRM Domain Name. '
+             'Default: %(default)s',
         dest='WINRM_DOMAIN',
-        default=None,
+        default=DEFAULT_WINRM_DOMAIN,
     )
 
     parser.add_argument(
         '--winrm-hostname',
-        help='Target Windows computer on which the Windows commands are to be executed. Default: %(default)s',
+        help='Target Windows computer on which the command will be executed.',
         dest='WINRM_HOSTNAME',
-        default=None,
+        required=True,
     )
 
     parser.add_argument(
         '--winrm-password',
-        help='WinRM Account Password. Default: %(default)s',
+        help='WinRM Account Password.',
         dest='WINRM_PASSWORD',
-        default=None,
+        required=True,
     )
 
     parser.add_argument(
         '--winrm-transport',
-        help='WinRM transport type. Default: %(default)s',
+        help='WinRM transport type. '
+             'Default: %(default)s',
         dest='WINRM_TRANSPORT',
-        choices=['basic', 'ntlm', 'kerberos'],
-        default='ntlm',
+        choices=['basic', 'ntlm', 'kerberos', 'credssp', 'plaintext'],
+        default=DEFAULT_WINRM_TRANSPORT,
     )
 
     parser.add_argument(
         '--winrm-username',
-        help='WinRM Account Name. Default: %(default)s',
+        help='WinRM Account Name. '
+             'Default: %(default)s',
         dest='WINRM_USERNAME',
-        default=None,
+        default=DEFAULT_WINRM_USERNAME,
     )
 
+
     args, _ = parser.parse_known_args()
     return args
 
@@ -142,8 +149,6 @@ def main():
             if lib.base.LINUX:
                 lib.base.cu('Running this check plugin directly on Linux is not supported. Use the --winrm parameters.')
             result = lib.powershell.run_ps(cmd)
-        if not result:
-            lib.base.cu('Got nothing back.')
         stdout, stderr, retc = result['stdout'], result['stderr'], result['retc']
     else:
         # do not call the command, put in test data

check-plugins/dhcp-scope-usage/icingaweb2-module-director/dhcp-scope-usage.json

@@ -60,12 +60,12 @@
                 },
                 {
                     "datafield_id": 6,
-                    "is_required": "n",
+                    "is_required": "y",
                     "var_filter": null
                 },
                 {
                     "datafield_id": 7,
-                    "is_required": "n",
+                    "is_required": "y",
                     "var_filter": null
                 },
                 {
@@ -149,12 +149,12 @@
                 },
                 {
                     "datafield_id": 15,
-                    "is_required": "n",
+                    "is_required": "y",
                     "var_filter": null
                 },
                 {
                     "datafield_id": 16,
-                    "is_required": "n",
+                    "is_required": "y",
                     "var_filter": null
                 },
                 {
@@ -241,7 +241,8 @@
                 "dhcp_scope_usage_critical": 90,
                 "dhcp_scope_usage_hostname": "localhost",
                 "dhcp_scope_usage_warning": 80,
-                "dhcp_scope_usage_winrm_transport": "ntlm"
+                "dhcp_scope_usage_winrm_transport": "ntlm",
+                "dhcp_scope_usage_winrm_username": "Administrator"
             },
             "volatile": null,
             "zone": null,
@@ -291,7 +292,8 @@
                 "dhcp_scope_usage_windows_critical": 90,
                 "dhcp_scope_usage_windows_hostname": "localhost",
                 "dhcp_scope_usage_windows_warning": 80,
-                "dhcp_scope_usage_windows_winrm_transport": "ntlm"
+                "dhcp_scope_usage_windows_winrm_transport": "ntlm",
+                "dhcp_scope_usage_windows_winrm_username": "Administrator"
             },
             "volatile": null,
             "zone": null,
@@ -320,6 +322,18 @@
                     "entry_value": "Kerberos",
                     "format": "string",
                     "allowed_roles": null
+                },
+                {
+                    "entry_name": "credssp",
+                    "entry_value": "Credssp",
+                    "format": "string",
+                    "allowed_roles": null
+                },
+                {
+                    "entry_name": "plaintext",
+                    "entry_value": "Plaintext",
+                    "format": "string",
+                    "allowed_roles": null
                 }
             ],
             "uuid": "aa2cdf76-9797-4c27-b90c-27de3d88824f"
@@ -345,6 +359,18 @@
                     "entry_value": "Kerberos",
                     "format": "string",
                     "allowed_roles": null
+                },
+                {
+                    "entry_name": "credssp",
+                    "entry_value": "Credssp",
+                    "format": "string",
+                    "allowed_roles": null
+                },
+                {
+                    "entry_name": "plaintext",
+                    "entry_value": "Plaintext",
+                    "format": "string",
+                    "allowed_roles": null
                 }
             ],
             "uuid": "6f7bcd30-f6e4-490c-b30f-5955422d7bbe"
@@ -407,7 +433,7 @@
         "6": {
             "varname": "dhcp_scope_usage_winrm_hostname",
             "caption": "Dhcp Scope Usage: Winrm Hostname",
-            "description": "Target Windows computer on which the Windows commands are to be executed.",
+            "description": "Target Windows computer on which the command will be executed.",
             "datatype": "Icinga\\Module\\Director\\DataType\\DataTypeString",
             "format": null,
             "settings": {
@@ -506,7 +532,7 @@
         "15": {
             "varname": "dhcp_scope_usage_windows_winrm_hostname",
             "caption": "Dhcp Scope Usage: Winrm Hostname",
-            "description": "Target Windows computer on which the Windows commands are to be executed.",
+            "description": "Target Windows computer on which the command will be executed.",
             "datatype": "Icinga\\Module\\Director\\DataType\\DataTypeString",
             "format": null,
             "settings": {