[AIX HP-UX Linux Solaris Windows]

Configuring the LDAP URI advisor

The LDAP URI advisor allows you better gauge Lightweight Directory Access Protocol (LDAP) availability by processing a complete request to the LDAP server. The LDAP URI advisor opens a connection to the LDAP serve and sends a BIND request that is based on the advisorrequest field that you define on the server object. The advisor then waits for a response from the LDAP server and returns the elapsed time as a load.

About this task

In situations in which you cannot perform an anonymous bind request to an LDAP server, you can use the LDAP URI advisor to bind with an LDAP server that requires a user name and password. The LDAP URI advisor might provide a more precise measurement of workload, since the LDAP server will be required to process a complete request rather perform only an anonymous bind.

Procedure

  1. Set the advisorrequest field for the server that will use the LDAP URI advisor.
    1. Set the advisorrequest field on the server object with the dscontrol server command. Use the following guidelines for setting the advisorrequest field:
      • Set the advisorrequest field to an LDAP:// URL request that is compliant with the RFC2255 - The LDAP URL Format.
      • Use the bindname extension to perform a bind request that is not anonymous.
      • Load Balancer extends the LDAP URL base with the bindpass extension, allowing you to supply the password for the LDAP server on the URL line. This password must be provided as an optional extension to preserve the portability of the URL.
      For example:
      dscontrol server set cluster@server@port advisorrequest "ldap://ldap1.mycompany.com:389/ou=development,o=mycompany.com??sub?(mail=user@mycompany.com)?bindname=uid=123456789,c=us,ou=development,o=mycompany.com?!bindpass=MYPASS"
      Avoid trouble Avoid trouble: Be aware of the ?!bindpass=MYPASS extension that is used above. Replace MYPASS with the password that is used to authenticate the LDAP request.gotcha
    2. Optional: Set the advisorresponse field on the server object. If you set this field, you must set the value to a substring that is expected to be present in the response from the LDAP server.
  2. Start the LDAP URI advisor. To start the LDAP URI advisor, use the dscontrol advisor command:
    dscontrol advisor start ldapuri cluster@port
    Avoid trouble Avoid trouble: Verify that you are using the LDAP URI advisor, and not the LDAP advisor. The LDAP advisor only supports anonymous bind requests to LDAP servers.gotcha



Related concepts
Advisors
Related reference
Getting service-specific advice with the advisor request or response option
List of advisors
dscontrol advisor
Related information
dscontrol server
Task topic Task topic    

Terms of Use | Feedback

Last updatedLast updated: Jun 20, 2011 4:04:37 PM EDT
File name: tprf_ldapuriadv.html