Documentation forServer & Application Monitor
Monitoring your applications and environment is a key capability of Hybrid Cloud Observability and is also available in a standalone module, Server & Application Monitor (SAM). Hybrid Cloud Observability and SAM are built on the self-hosted SolarWinds Platform.

OpenLDAP

This SAM application monitor template assesses the performance of an OpenLDAP server by retrieving performance data from the cn=Monitor sub-tree.

Prerequisites:

  • Perl is installed on the target server.
  • SNMP is installed on the target server
  • You must have permission to monitor slapd processes on the target server.
  • Enable the OpenLDAP monitoring branch by adding the following lines to the slapd.conf file, which is located here: /etc/openldap/slapd.conf.

    database monitor access to dn.subtree="cn=Monitor" by * read by * none

Create a user on the Linux/Unix server with the same, case sensitive, username and password, as OpenLDAP. OpenLDAP has Manager as the default user, which is equivalent to the OpenLDAP administrator. Create the user, Manager, on the server and set the password to be the same for Manager in OpenLDAP.

See the following example:

[root@centos56 ~]# useradd Manager [root@centos56 ~]# passwd Manager Changing password for user Manager. New UNIX password:Retype new UNIX password: passwd: all authentication tokens updated successfully.[root@centos56 ~]#

Credentials

User with access to the OpenLDAP and Linux/Unix servers.

Component Arguments and Syntax

All components use the ldapsearch command with arguments to get the required values, as in the following:ldapsearch -x -D 'cn=User,dc=your,dc=domain' -w password -b 'cn=Monitor' -s base '(objectClass=*)' '+'

The three arguments below are used in the following order:

perl ${SCRIPT} cn=${USER} ${PASSWORD} dc=your,dc=domain

  • Username – This argument specifies which user will get the required statistic from the OpenLDAP server using the following format: cn=${USER}. By default, this argument will use the username from the application. Normally, this argument should remain unchanged.
  • Password – This argument specifies the user's password. By default, it will use the password from the application's username. Normally, this argument should remain unchanged.
  • Domain – This argument specifies the domain name and should be formatted in the following manner: dc=your,dc=domain. This is where you set your domain. For example: dc=example,dc=com or dc=test1,dc=testing,dc=com

Below is an example using the Command Line field with arguments used in any component monitor:

perl ${SCRIPT} cn=${USER} ${PASSWORD} dc=example,dc=com

Component monitors

Operations Rate per Sec

This monitor returns the rates per second of different LDAP operations. All rates are calculated as the number of specific queries for five seconds, and then divided by five. Information about LDAP operations are taken from the cn=Operations,cn=Monitor sub-tree. Returned values are as follows:

It is possible that scripts will return non-integer values.

  • Total – This component returns the total number of LDAP operations.
  • Bind – This component returns the number of Bind operations occurring on the server. The LDAP Bind operation can be used to authenticate to the LDAP Server.
  • Unbind – This component returns the number of Unbind operations occurring on the server. The LDAP Unbind operation is used to indicate that the client wants to disconnect from the server.
  • Add – This component returns the number of Add operations occurring on the server. The LDAP Add operation can be used to create an entry in the LDAP Server.
  • Delete – This component returns the number of Delete operations occurring on the server. The LDAP Delete operation can be used to remove an entry or sub-tree from the server.
  • Modify – This component returns the number of Modify operations occurring on the server. The LDAP Modify operation can be used to alter an existing entry in the LDAP Server.
  • Compare – This component returns the number of Compare operations occurring on the server. The LDAP Compare operation can be used to determine whether a specified entry contains a given attribute value.
  • Search – This component returns the number of Search operations occurring on the server. The LDAP Search operation can be used to identify entries in the LDAP Server that match a given set of criteria.

Active Operations

This monitor returns the number of active operations.

Current Connections

This monitor returns the number of current OpenLDAP connections.

Bytes Sent Rate per Sec

This monitor returns the number of bytes sent, per second, by the server.

Uptime

This monitor shows the server uptime, in seconds. The returning message shows the time in days, hours, minutes, and seconds.

Read Waiters

This monitor returns the number of connections that are waiting to read data.

Write Waiters

This monitor returns the number of connections that are waiting to write data.

Process Monitor (SNMP): slapd

This component monitor returns CPU and memory usage of the slapd daemon. If this counter is unavailable, there may be a problem with your SNMP configuration or the slapd service has stopped.

LDAP User Experience Monitor

This component monitor tests the capabilities of the Light Weight Directory Access Protocol (LDAP) server and measures the time it takes to perform an LDAP query.

By default, this monitor is disabled.