-
To
configure the LDAP external server locations,
use
the dsconfig
tool.
$ bin/dsconfig
-
Enter
the host name or IP address for your Directory Proxy Server, or
press Enter to accept the default,
localhost
.Directory Proxy Server host name or IP address [localhost]:
-
Enter
the number corresponding how you want to connect to the Directory Proxy Server, or press Enter to accept the default,
LDAP
.How do you want to connect? 1) LDAP 2) LDAP with SSL 3) LDAP with StartTLS
-
Enter
the port number for your Directory Proxy Server, or press Enter
to accept the default,
389
.Directory Proxy Server port number [389]:
-
Enter
the administrator's bind distinguished name (DN) or press Enter to accept the default
cn=Directory Manager
. Then enter the password.Administrator user bind DN [cn=Directory Manager]: Password for user 'cn=Directory Manager':
-
In the
Directory Proxy Server main menu
, enter the number corresponding to LDAP health checks. - Enter the number to create a new LDAP Health Check, and then press n to create a new health check from scratch.
-
Select the type of health check you want to
create.
This example demonstrates the creation of a new search LDAP health check.
>>> Select the type of LDAP Health Check that you want to create: 1) Admin Alert LDAP Health Check 2) Custom LDAP Health Check 3) Groovy Scripted LDAP Health Check 4) Replication Backlog LDAP Health Check 5) Search LDAP Health Check 6) Third Party LDAP Health Check 7) Work Queue Busyness LDAP Health Check ?) help c) cancel q) quit Enter choice [c]: 5
-
Enter a name for the new health
check.
In this example, the health check is named
Get example.com
.>>>> Enter a name for the search LDAP Health Check that you want to create: Get example.com
-
To enable the new health check, enter 1.
>>>> Configuring the 'enabled' property Indicates whether this LDAP health check is enabled for use in the server. Select a value for the 'enabled' property: 1) true 2) false ?) help c) cancel q) quit Enter choice [c]: 1
-
Configure the properties of the health
check.
You might need to modify the
base-dn
property as well as one or more response time thresholds for non-local external servers, accommodating WAN latency.The following is a Search LDAP Health Check for the single entry dc=example,dc=com, which allows non-local responses of up to 2 seconds to still be considered healthy.
>>>> Configure the properties of the Search LDAP Health Check Property Value(s) ----------------------------------------------------------- 1) description - 2) enabled true 3) use-for-all-servers false 4) base-dn "dc=example,dc=com" 5) scope base-object 6) filter (objectClass=*) 7) maximum-local-available-response-time 1 s 8) maximum-nonlocal-available-response-time 2 s 9) minimum-local-degraded-response-time 500 ms 10) minimum-nonlocal-degraded-response-time 1 s 11) maximum-local-degraded-response-time 10 s 12) maximum-nonlocal-degraded-response-time 10 s 13) minimum-local-unavailable-response-time 5 s 14) minimum-nonlocal-unavailable-response-time 5 s 15) allow-no-entries-returned true 16) allow-multiple-entries-returned true 17) available-filter - 18) degraded-filter - 19) unavailable-filter - ?) help f) finish - create the new Search LDAP Health Check d) display the equivalent dsconfig arguments to create this object b) back q) quit