Configuring a health check using dsconfig
Steps
-
To configure the LDAP external server locations, use the
dsconfig
tool.$ bin/dsconfig
-
Enter the host name or IP address for your PingDirectoryProxy server, or press Enter to accept the default,
localhost
.Directory Proxy Server host name or IP address [localhost]:
-
Enter the number corresponding how you want to connect to the PingDirectoryProxy server, or press Enter to accept the default,
LDAP
.How do you want to connect? 1) LDAP 2) LDAP with SSL 3) LDAP with StartTLS
-
Enter the port number for your PingDirectoryProxy server, or press Enter to accept the default,
389
.Directory Proxy Server port number [389]:
-
Enter the administrator’s bind distinguished name (DN) or press Enter to accept the default
cn=Directory Manager
. Then enter the password.Administrator user bind DN [cn=Directory Manager]: Password for user 'cn=Directory Manager':
-
In the
PingDirectoryProxy main menu
, enter the number corresponding to LDAP health checks. -
Enter the number to create a new LDAP Health Check, and then press
n
to create a new health check from scratch. -
Select the type of health check you want to create.
Example:
This example demonstrates the creation of a new search LDAP health check.
>>> Select the type of LDAP Health Check that you want to create: 1) Admin Alert LDAP Health Check 2) Custom LDAP Health Check 3) Groovy Scripted LDAP Health Check 4) Replication Backlog LDAP Health Check 5) Search LDAP Health Check 6) Third Party LDAP Health Check 7) Work Queue Busyness LDAP Health Check ?) help c) cancel q) quit Enter choice [c]: 5
-
Enter a name for the new health check.
Example:
In this example, the health check is named
Get example.com
.>>>> Enter a name for the search LDAP Health Check that you want to create: Get example.com
-
To enable the new health check, enter
1
.>>>> Configuring the 'enabled' property Indicates whether this LDAP health check is enabled for use in the server. Select a value for the 'enabled' property: 1) true 2) false ?) help c) cancel q) quit Enter choice [c]: 1
-
Configure the properties of the health check.
You might need to modify the
base-dn
property as well as one or more response time thresholds for non-local external servers, accommodating WAN latency.Example:
The following example is a Search LDAP Health Check for the single entry
dc=example,dc=com
, which allows non-local responses of up to 2 seconds to still be considered healthy.>>>> Configure the properties of the Search LDAP Health Check Property Value(s) ----------------------------------------------------------- 1) description - 2) enabled true 3) use-for-all-servers false 4) base-dn "dc=example,dc=com" 5) scope base-object 6) filter (objectClass=*) 7) maximum-local-available-response-time 1 s 8) maximum-nonlocal-available-response-time 2 s 9) minimum-local-degraded-response-time 500 ms 10) minimum-nonlocal-degraded-response-time 1 s 11) maximum-local-degraded-response-time 10 s 12) maximum-nonlocal-degraded-response-time 10 s 13) minimum-local-unavailable-response-time 5 s 14) minimum-nonlocal-unavailable-response-time 5 s 15) allow-no-entries-returned true 16) allow-multiple-entries-returned true 17) available-filter - 18) degraded-filter - 19) unavailable-filter - ?) help f) finish - create the new Search LDAP Health Check d) display the equivalent dsconfig arguments to create this object b) back q) quit