PingAuthorize

Configuring a health check using dsconfig

Create any health check according to the following instructions.

Steps

  1. Use the dsconfig tool to configure the LDAP external server locations.

    Example:

    $ bin/dsconfig
  2. Type the host name or IP address for your PingAuthorize Server, or press Enter to accept the default, localhost.

    Example:

    PingAuthorize Server host name or IP address [localhost]:
  3. Type the number corresponding to how you want to connect to PingAuthorize, or press Enter to accept the default, LDAP.

    Example:

    How do you want to connect?
      1) LDAP
      2) LDAP with SSL
      3) LDAP with StartTLS
  4. Type the port number for your PingAuthorize Server, or press Enter to accept the default, 389.

    Example:

    PingAuthorize Server port number [389]:
  5. Type the administrator’s bind distinguished name (DN) or press Enter to accept the default (cn=Directory Manager), and then type the password.

    Example:

    Administrator user bind DN [cn=Directory Manager]:
    Password for user 'cn=Directory Manager':
  6. Enter the number corresponding to LDAP health checks.

    1. Enter the number to create a new LDAP health check, then press n to create a new health check from scratch.

  7. Select the type of health check you want to create.

    Example:

    >>> Select the type of LDAP Health Check that you want to create:
    
          1)  Admin Alert LDAP Health Check
          2)  Custom LDAP Health Check
          3)  Groovy Scripted LDAP Health Check
          4)  Replication Backlog LDAP Health Check
          5)  Search LDAP Health Check
          6)  Third Party LDAP Health Check
          7)  Work Queue Busyness LDAP Health Check
    
          ?) help
          c) cancel
          q) quit
    
    Enter choice [c]: 5
  8. Specify a name for the new health check.

    Example:

    In this example, the health check is named Get example.com.

    >>>> Enter a name for the search LDAP Health Check that you want to create: Get example.com
  9. Enable the new health check.

    Example:

    >>>> Configuring the 'enabled' property
    
    Indicates whether this LDAP health check is enabled for use in the server.
    
    Select a value for the 'enabled' property:
    
       1) true
       2) false
    
       ?) help
       c) cancel
       q) quit
    
    Enter choice [c]: 1
  10. Configure the properties of the health check.

    You might need to modify the base-dn property, as well as one or more response time thresholds for non-local external servers, accommodating WAN latency.

    Example:

    The following example is a search LDAP health check for the single entry dc=example,dc=com, which considers non-local responses of up to two seconds healthy.

    >>>> Configure the properties of the Search LDAP Health Check
    
               Property                                   Value(s)
               -----------------------------------------------------------
          1)   description                                -
          2)   enabled                                    true
          3)   use-for-all-servers                        false
          4)   base-dn                                    "dc=example,dc=com"
          5)   scope                                      base-object
          6)   filter                                     (objectClass=*)
          7)   maximum-local-available-response-time      1 s
          8)   maximum-nonlocal-available-response-time   2 s
          9)   minimum-local-degraded-response-time       500 ms
          10)  minimum-nonlocal-degraded-response-time    1 s
          11)  maximum-local-degraded-response-time       10 s
          12)  maximum-nonlocal-degraded-response-time    10 s
          13)  minimum-local-unavailable-response-time    5 s
          14)  minimum-nonlocal-unavailable-response-time 5 s
          15)  allow-no-entries-returned                  true
          16)  allow-multiple-entries-returned            true
          17)  available-filter                           -
          18)  degraded-filter                            -
          19)  unavailable-filter                         -
    
          ?) help
          f) finish - create the new Search LDAP Health Check
          d) display the equivalent dsconfig arguments to create this object
          b) back
          q) quit