LDAP Platform Service

Topics marked with * relate to features available only in vFabric Hyperic.

Monitor a Remote LDAP Service

You can configure a platform service of type "LDAP" to report the availability of a remote LDAP service.

Resource Plugin, Functions, and Classes

The LDAP service type is managed by HQ's netservices plugin and performs the following functions:

  • Metric collection using the org.hyperic.hq.plugin.netservices.LDAPCollector class.

  • event tracking using the reportEvent method in the Collector class.

Configure the LDAP Service in HQ

You manually configure an LDAP service on operating system platform types.

  1. Navigate to the platform whose Agent will monitor the service.

  2. Select New Platform Service from the Tools menu.

  3. On New Service page, enter a name for the service and select "LDAP" from the Service Type pull-down.

  4. Supply all required values on the Configuration Properties page. Configuration options are defined below in LDAP Configuration Options.

Configuration Properties Page

The Configuration Properties page for the LDAP service type is shown below.

images/download/attachments/79038211/LdapConfigOptions.png

LDAP Configuration Options

Note:

  • Properties in the netservices plugin descriptor set default values of:

  • port to 389

  • sslport to 636

name

description

default

optional

type

Notes

Parent Schema

baseDN

Search Base

The top level of the LDAP directory tree, in X.500 format, for example:

o="hyperic",c=US

ldap

bindDN

Bind DN

true

The user on the external LDAP server permitted to search the LDAP directory within the defined search base. Supply if directory requires authentication prior to search. Not necessary if anonymous searches are allowed.

ldap

bindPW

Bind Password

true

secret

Password for user permitted to search the LDAP directory. Supply if directory requires authentication prior to search. Not necessary if anonymous searches are allowed.

ldap

filter

Search Filter

true

 

Use to specify entries to search using one or more boolean expressions, based on LDAP attributes. If you specify multiple expressions, prefix them with a logical operator. Here are two example filters:

(!(location=SFO*)) - matches if value of location attribute does not begin with "SFO"

||((facility=Mission)(facility=Financial)) - matches if value of location attribute is either "Mission" or "Financial"

ldap

ssl

Use SSL

false

true

boolean

ssl

hostname

Hostname

localhost

false

Hostname of system that hosts the service to monitor. For example: mysite.com

sockaddr

port

Port

A default value for port is usually set for each type of network service by properties in the netservices plugin descriptor.

false

Port where service listens.

sockaddr

sotimeout

Socket Timeout (in seconds)

10

true

int

The maximum amount of time the agent will wait for a response to a request to the remote service.

sockaddr

LDAP Metrics

  • Availability - If the agent can connect to an LDAP services and create an initial context, it reports the services to be reports an ldap service to be available.

  • Connection Metrics

    • All Inbound Connections - Number of inbound connections of all types to the service.

    • All Outbound Connections - Number of outbound connections of all types from the service.

    • Inbound Connections - Number of inbound TCP connections to the service.

    • Outbound Connections - Number of outbound TCP connections from the service.

  • TCP connection state metrics - The number of connections in each connection state is reported:

    • CLOSE_WAIT

    • CLOSED

    • ESTABLISHED

    • FIN_WAIT_1

    • FIN_WAIT_2

    • LAST_ACK

    • LISTEN

    • SYN_RECEIVED

    • SYN_SEND

    • TIME_WAIT

For definitions of TCP connection states, see RFC 793.

LDAP Monitoring Defaults Page

You can enable and disable metrics, select indicator metrics, and change the collection interval for a resource type on its Monitoring Defaults page. To navigate to a resource type's Monitoring Defaults page:

  1. Click the Administration tab.

  2. Click Monitoring Defaults.

  3. Scroll down to the resource type and click Edit Metric Template.

The Monitoring Defaults page for the LDAP service type is shown below:

images/download/attachments/79038211/LdapMetrics.png

Event Tracking

You can enable log tracking for a network service. If you do, the agent will log an event for responses that match the criteria you specify.

To enable log tracking, click the Enable Log Tracking box in the Monitoring section of the Configuration Properties page.

For information about HQ log tracking functionality and configuration options, and how to view log events, see Set Up Log Tracking for a Resource.