Overview#
The LDAP Monitor is used to monitor the Enterprise LDAP server operation and the DirXML Synchronization servers
The LDAP Monitor implemented as a platform independent application using java servlets. The LDAP Monitor has been run on Windows and Linux in the Tomcat5 servlet container.
General Operation#
The LDAP Monitor performs three primary functions (Click on links for details):
Statistics Gathering - Various statistics will be gathered and written to a SQL Database through JDBC driver. The LDAPMonitor does not process the data collected for display.
- LDAP Search - This operation is timed and the time is logged to a file.
- LDAP Modify - This operation is timed and the time is logged to a file.
- LDAP-IDM-LDAP - Modifies an attribute and Measures how long until the change is seen in the downstream LDAP server.
- ReadRoot - A SSL bind and retrieve the information form the rootDSE. This operation is timed and the time is logged to Database.
NOTE: It is anticipated that most the statistics will be done via SNMP and this feature is being phased out. Any LDAP operation timings will still be done by the LDAPMonitor.
Event Monitoring - The following are some of the events that are monitored.
- LDAPS Authentication - Any failure authenticating generates an alert. This process will generate several different errors based on the when in the process failure occurred.
- Connect Error - Implies that a TCP Connection to the LDAPS port failed.
- Bind Error - Implies we made the TCP connection, but could not bind. LDAP error code is supplied
- Replica States - If not on, alert
- DirXML Driver State - If NOT disabled and NOT running, alert.
- DirXML Log Entries - Entries within the DriverSet, any Publisher or Subscriber channels are alerted if greater WARN or above.
- Port Monitoring - A TCP nonBlockingSocket connection is performed to see if the various ports are open and Listening. Any port not accepting a conenct is alerted.
- 524 - NDS
- 636 - LDAPS
- 8389 and 8636 - Our iMonitor ports
Logging - Various events are logged to a file. The level of logging is configurable. Various logging capabilities maybe implemented including a "near" realtime display via the WEB interface.
Alerting - Various events may be sent to various email addresses. All alerts are logged including that a message was sent.
Installation For LDAPMonitor#
Requirements#
- Java 1.5 or later.
- Tomcat 5.9 or Later
- Any JDBC available data base if statistics is gathered.
