Description#We create a lot of custom tools for clients when we are implementing LDAP directories. The LDAPTest tool is a collection of a couple of those tools we have found useful for determining the relative performance of an LDAP server.
The Setup is a little weird as it was setup for working with multiple sites which had multiple environments (like Dev test production) which have multiple servers in each environment.
Warning! #Any of the Buttons with Colored Text either write the LDAP server or require that the "cn=UserT" user exist within the search Base.
Setting up#You need at LEAST three file created to make this work.
Sites File#The program uses a concept of Sites which contain hosts which run services. A site, can contain multiple hosts and each host could run multiple services. There is a site.properties file that contains entries like:
#Site file #Example site1=Company (Note: no Spaces please and the format is site#=name) site1=CompanyOne site2=CompanyTwo
Host Properties Files#You will then need a file with a name like companyOne.properties.
You will have one file for each entry in the Sites File. Each file must be named as sitename.properties
This file would contain the host names similar to:
#host1=hostName (No spaces. This is what shows in report. Does not need to be a DNS Name. Format is like host#)) #host1IP=ipAddress (DNS or IP address) host1=serverName host1IP=172.25.115.101 host2=serverTwoName host2IP=172.25.115.102
Service Properties Files#Finally, you will need a service properties file for each host listed above with each service listed. The name would be similar to serverName.properties.
#Service property file #Service One service1=LDAP service1Port=389 service1DN='cn=admin,dc=companyOne,dc=com' service1Pwd=password service1Base='dc=companyOne,dc=com' service1SubjectDN='cn=UserT,ou=accounting' # Service Two cservice2=LDAPS service2Port=636 service2DN='cn=administrator,cn=users,dc=companyOne,dc=com' service2Pwd=password service2Base='dc=companyOne,dc=com' service2SubjectDN='cn=UserT,ou=accounting' service2SSL=true
Setup Tab#When the program starts it will read the Site file and populate the "Site" combobox on the setup page. When a Site is selected, the "Host" combobox will then be populated. Finally, the "Service" combobox is populated.
Currently, the comboboxes are not editable and the values need to be entered into the property files as indicated. Any of the field boxes maybe changed, however, the changes will not be saved.
On the Setup Tab, the entries are defined as follows:
- Iterations - This is the number of times to perform the operation. This works with the "Authenticate", "Search Attr" and "Read" tests.
- AuthDN - This is the distinguished name to bind (Authenticate) to the directory. (If this is blank, Anoymonous bind is performed)
- Password - Password for the AuthDN entry. (If this is blank, Anoymonous bind is performed)
- SSL - If checked an SSL connection will be performed.
- Anoymonous - if checked, the AuthDN and password is ignored.
- LDAP Base - all operations will look at this level and below.
- SubjectDN - This is the "test" user. The "Create", "Read", "Show", "Add", "AddMore", "Remove One", "Replace", "Remove" and "Delete" tests are performed on this object.
- Set Connection - This sets the parameter above to be used on he tests.
Output Tab#The OutPut tab contains the following:
- The top of the screen is the output area that will show test results and informational messages.
- Clear Button - This clears the Output Screen.
- Authenticate Button - This test will Authenticate and un-authenticate the number of Iterations requested. Time of all Iterations and Iterations per second are displayed. NOTE: Each iteration is a complete tear down of the connection. No binding is done over existing connections.
- Search Attr Button - This test will Authenticate, search for "objectClass = inetOrgPerson" and UN-authenticate the number of Iterations requested. Time of all Iterations and Iterations per second are displayed.
- Mail Button - This test will Authenticate, search for sn="B*" and then search for the "mail" attribute of each entry returned, unauthenticate, and then repeat for sn="C*", sn="D*", sn="W*", sn="S*", and sn="T*". This test was used to attempt to simulate real-world activity of use of a LDAP for mail server lookups.
- Create Button - This will authenticate, create the user specified in the SubjectDN field on the setup tab and UN-authenticate
- Read Button - This will authenticate, read the user entry and all attributes, unauthenticate, and repeat the number of Iterations requested. Time of all Iterations and Iterations per second are displayed.
- Show Button - This will authenticate, read and display the SubjectDN user entry and all attributes, unauthenticate.
- Add Button - This will authenticate, and add "King of Prussia" to the Title attribute for the SubjectDN and UN-authenticate
- AddMore Button - This will authenticate and add "CEO" to the Title attribute for the SubjectDN and UN-authenticate
- Remove One Button - This will authenticate and remove "CEO" to the Title attribute for the SubjectDN and UN-authenticate
- Replace Button - This will authenticate and replace the Title attribute for the SubjectDN with "King of Russia" and UN-authenticate
- Remove Button - This will authenticate and remove the Title attribute Values for the SubjectDN and UN-authenticate
- Delete Button - This will authenticate and delete entry for the SubjectDN and UN-authenticate