ssh login

Environment

NetIQ eDirectory for Linux x86_64 v8.8 SP6 [DS]

NetIQ eDirectory for Linux x86_64 v8.8 SP7 [DS]

NetIQ eDirectory for Linux x86_64 v8.8 SP8 [DS]

Situation

How to use ndstrace to find out the number of successful and unsuccessful authentications.

As a good practice, an eDirectory administrator needs to know the amount of authentications and LDAP traffic that have been received in order to verify the health, response time and performance of the eDirectory boxes.

This article explains how to set up the ndstrace utility and how to gather the log file in order to analyze the information.

Prerequisites

Here is what you will need in order to follow the procedure:

  • Access to the eDirectory server (via ssh or physical access)
  • Administrative user (i.e. your account is in the sudoers group)
  • The eDirectory box has at least 500 MB of free space (the more debug information you need, the more disk space is required)

Resolution

  1. Get access to the server (in my case I’m using ssh) and sudo to get root access,

    ssh login

    ssh login

  2. Make sure that the eDirectory path is correctly set (in case it is not) you will need to go through your eDirectory bin path (in my case /opt/novell/eDirectory/bin) and execute the ndspath script.

    ndspath

    ndspath

  3. Execute ndstrace command.

    ndstrace execution

    ndstrace execution

  4. Depending on the flags that are enabled, you can see some activity in the ndstrace screen. In order to get a clean trace, first you need to turn off all messages by executing (within the ndstrace screen):
    # set ndstrace = nodebug
    #ndstrace

    clean_ndstrace

    clean_ndstrace

  5. Once you have a clean screen, it’s necessary to enable the LDAP , AUTH and TIME flags.
    #set ndstrace= +LDAP
    #set ndstrace= +AUTH
    #set ndstrace= +TIME
    ndstrace_auth

    ndstrace_auth

    ndstrace_ldap

    ndstrace_ldap

    ndstrace_time

    ndstrace_time

  6. Once these flags are enabled, you will see traffic in the screen . Enter “exit” in order to close the ndstrace utility.

    ndstrace_exit

    ndstrace_exit

  7. After closing the ndstrace utility, you are returned to the terminal prompt. At this point it’s necessary to redirect the ndstrace output to the log file (in my case I’m redirecting to the /tmp directory), so enter:
     #ndstrace -l > /tmp/someFileName.log
    ndstrace_send_to_log

    ndstrace_send_to_log

    By doing that you only have to decide how much time you need to gather information (in my case I left the log for an hour). When you decide that you have enough information to work, just cancel the execution control + c

  8. Once you have enough information you can get important data by running the following commands:Total amount of simple authentications:
    # grep "authentication:simple" someFileName.log |wc -l

    Occurrences per authenticated user

    #grep "authentication:simple" someFileName.log | cut -d " " -f 5 | sed 's/name://g' | sort | uniq -c

    Failed authentication due to an invalid password

    # grep "LocalLoginRequest" someFileName.log | grep "failed authentication (-669)" | wc -l

    By checking those numbers you can have a good idea of  how your eDir box is performing.

For more information about the ndstrace flags, you can see the Novell eDirectory guide http://www.novell.com/documentation/edir873/?page=/documentation/edir873/edir873/data/a2n4mbo.html

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.
Loading...Loading...

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
dlugohernandez
Apr 28, 2014
4:12 pm
Reads:
1,119
Score:
Unrated