LDAP Authentication Servers Test
Lightweight directory access protocol (LDAP) is a protocol that helps applications to query user information from directory services/databases in a highly-secure way. To verify and authenticate any user who logs into the target ADC appliance, administrators create and enable one or more LDAP authentication servers and bind them with LDAP policies. When a user logs into the ADC appliance, he/she enters only the username and password. The ADC appliance will then loop through each of the LDAP policies bound with the LDAP servers in priority order and verify the user details with the Active Directory to authenticate his/her access. If an authentication server is down or not enabled, then, the user's information cannot be verified with the Active Directory where the user informartion is stored. This will deprive the users access to the ADC appliance and, sometimes, may completely block the users from logging in to the applaince in future. This is why, administrators should continuously monitor whether the LDAP authentication is enabled or not on the ADC appliance. The LDAP Authentication Servers test helps administrators in this regard!
This test auto-discovers the LDAP authentication servers, and reports whether for each LDAP server is enabled or not. This way, administrators can know if the user login failed due to LDAP authentication failure.
Target of the test : An ADC VPX/MPX
Agent deploying the test : A remote agent
Outputs of the test : One set of results for each LDAP authentication server on the ADC appliance being monitored.
Parameter | Description |
---|---|
Test Period |
How often should the test be executed. |
Host |
The IP address of the host for which the test is being configured. |
NetScaler Username and NetScaler Password |
To monitor an ADC device, the eG agent should be configured with the credentials of a user with read-only privileges to the target ADC device. Specify the credentials of such a user in the NetScaler Username and NetScaler Password text boxes. |
Confirm Password |
Confirm the ADC Password by retyping it here. |
SSL |
The eG agent collects performance metrics by invoking NITRO (ADC Interface Through Restful interfaces and Objects) APIs on the target ADC device. Typically, the NITRO APIs can be invoked through the HTTP or the HTTPS mode. By default, the eG agent invokes the NITRO APIs using the HTTPS mode. This is why, the SSL flag is set to Yes by default. If the target ADC device is not SSL-enabled, then the NITRO APIs can be accessed through the HTTP mode only. In this case, set the SSL flag to No. |
Detailed Diagnosis |
To make diagnosis more efficient and accurate, the eG Enterprise embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option. The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:
|
Measurement | Description | Measurement Unit | Interpretation | ||||||
---|---|---|---|---|---|---|---|---|---|
Is authentication enabled? |
Indicates whether /not this LDAP server is enabled for authentication. |
The numeric values that correspond to these measure values have been given in the table below:
Note: By default, the measure reports the Measure Values listed in the table above to indicate whether/not this LDAP serveris enabled for authentication. However, in the graph of this measure, the same will be represented using the numeric equivalents only. |