Your data. Anywhere you go.

New Relic for iOS or Android


Download on the App Store    Android App on Google play


New Relic Insights App for iOS


Download on the App Store


Learn more

Close icon

389 Directory Server (LDAP)

Published and supported by Bozeman Pass Inc.


Description

This plugin provides metrics for 389 Directory Server (http://www.port389.org). A wide range of metrics are provided for LDAP basic operations (search, add, modify, delete, etc.), connections, and binds, as well as database and backend statistics. The response time to perform sample search and modify operations can also be tracked.

For additional documentation see the GitHub project page: https://github.com/bozemanpass/newrelic_java_ldap_plugin


Installation

To install using NPI (recommended) simply run:

npi install com.bozemanpass.newrelic.ldap

See the New Relic NPI documentation for further information about using NPI or the New Relic plugin documentation if installing manually.

Plugin Configuration

By default, the plugin will try to connect to localhost on port 389 anonymously. This can provide basic information like the number of searches, adds, etc.; however, most of the database and backend metrics are only available when doing an authenticated bind.

It is important never to use cn=Directory Manager. You should use a non-privileged account with read-only access to the monitoring entries (see Server Configuration).

To configure the connection information, including bind credentials, edit config/plugin.json. For example:

  "host": "myldap.mydomain.local",
  "port": 389,
  "use_ssl": false,
  "binddn": "cn=newrelic,ou=monitoring,dc=mydomain,dc=local",
  "bindpw": "mypassword",

If using SSL with a self-signed certificate, set both use_ssl and trust_any_ssl to true:

  "host": "myldap.mydomain.local",
  "port": 636,
  "use_ssl": true,
  "trust_any_ssl": true,

The timedops/modify metric, which reports the time in milliseconds to do a sample modification, will only be attempted if the DN of the entry to modify is specified. For example (using the same account for a self-modify):

    "modify": {
      "dn": "cn=newrelic,ou=monitoring,dc=mydomain,dc=local",
      "attribute": "internationalisdnnumber"
    }

Server Configuration

You should never use a privileged account for monitoring. It is customary to assign the required privileges to a group, and then add a user account to the indicated group. The following example ACIs would enable read access (replace <MY_GROUP_DN> with the DN of your monitoring group):

dn: cn=monitor
changetype: modify
add: aci
aci: (target ="ldap:///cn=monitor*")
 (targetattr != "aci")(version 3.0; acl "Allow read access to Monitoring users"; 
 allow( read, search, compare ) groupdn="ldap:///<MY_GROUP_DN_GOES_HERE>";)

dn: cn=config
changetype: modify
add: aci
aci: (target ="ldap:///cn=monitor,cn=*,cn=ldbm database,cn=plugins,cn=config")
 (targetattr != "aci")(version 3.0; acl "Allow read access to Monitoring users"; 
 allow( read, search, compare ) groupdn="ldap:///<MY_GROUP_DN_GOES_HERE>"";)

dn: cn=monitor,cn=ldbm database,cn=plugins,cn=config
changetype: modify
add: aci
aci: (target ="ldap:///cn=*")
 (targetattr != "aci")(version 3.0; acl "Allow read access to Monitoring users"; 
 allow( read, search, compare ) groupdn="ldap:///<MY_GROUP_DN_GOES_HERE>"";)

Requirements

This plugin requires Java JRE 1.8 or higher.


License

This plugin is released under the MIT license. For more information, refer to the GitHub project page: https://github.com/bozemanpass/newrelic_java_ldap_plugin


Support

Contact Bozeman Pass, Inc. (https://www.bozemanpass.com/contact-us/) with questions.


The 389 Directory Server (LDAP) plugin extends the power of New Relic's monitoring capabilities.


Get This Plugin

Already have a New Relic account? Log in and begin using this plugin.

If you don't have a New Relic account, follow these three simple steps:

How To Install A Plugin

Installing a plugin is simple and fast.

Installing
a Plugin
  1. Step One

    Sign in to your New Relic account

  2. Step Two

    Select and install plugin

  3. Step Three

    Start seeing data

That’s it. You’re done. Simple.

Sign Up for New Relic

Back to top icon