NetIQ eDirectory for Linux x86_64 v8.8 SP6 [DS]
NetIQ eDirectory for Linux x86_64 v8.8 SP7 [DS]
NetIQ eDirectory for Linux x86_64 v8.8 SP8 [DS]
How to use ndstrace to find out the number of successful and unsuccessful authentications.
As a good practice, an eDirectory administrator needs to know the amount of authentications and LDAP traffic that have been received in order to verify the health, response time and performance of the eDirectory boxes.
This article explains how to set up the ndstrace utility and how to gather the log file in order to analyze the information.
Here is what you will need in order to follow the procedure:
# set ndstrace = nodebug #ndstrace
#set ndstrace= +LDAP #set ndstrace= +AUTH #set ndstrace= +TIME
#ndstrace -l > /tmp/someFileName.log
By doing that you only have to decide how much time you need to gather information (in my case I left the log for an hour). When you decide that you have enough information to work, just cancel the execution control + c
# grep "authentication:simple" someFileName.log |wc -l
Occurrences per authenticated user
#grep "authentication:simple" someFileName.log | cut -d " " -f 5 | sed 's/name://g' | sort | uniq -c
Failed authentication due to an invalid password
# grep "LocalLoginRequest" someFileName.log | grep "failed authentication (-669)" | wc -l
By checking those numbers you can have a good idea of how your eDir box is performing.
For more information about the ndstrace flags, you can see the Novell eDirectory guide http://www.novell.com/documentation/edir873/?page=/documentation/edir873/edir873/data/a2n4mbo.html
Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment. It just worked for at least one person, and perhaps it will be useful for you too. Be sure to test in a non-production environment.