NetIQ eDirectory for Linux x86_64 v8.8 SP6 [DS]

NetIQ eDirectory for Linux x86_64 v8.8 SP7 [DS]

NetIQ eDirectory for Linux x86_64 v8.8 SP8 [DS]


How to use ndstrace to find out the number of successful and unsuccessful authentications.

As a good practice, an eDirectory administrator needs to know the amount of authentications and LDAP traffic that have been received in order to verify the health, response time and performance of the eDirectory boxes.

This article explains how to set up the ndstrace utility and how to gather the log file in order to analyze the information.


Here is what you will need in order to follow the procedure:

  • Access to the eDirectory server (via ssh or physical access)
  • Administrative user (i.e. your account is in the sudoers group)
  • The eDirectory box has at least 500 MB of free space (the more debug information you need, the more disk space is required)


  1. Get access to the server (in my case I’m using ssh) and sudo to get root access,

    ssh login

    ssh login

  2. Make sure that the eDirectory path is correctly set (in case it is not) you will need to go through your eDirectory bin path (in my case /opt/novell/eDirectory/bin) and execute the ndspath script.



  3. Execute ndstrace command.

    ndstrace execution

    ndstrace execution

  4. Depending on the flags that are enabled, you can see some activity in the ndstrace screen. In order to get a clean trace, first you need to turn off all messages by executing (within the ndstrace screen):
    # set ndstrace = nodebug



  5. Once you have a clean screen, it’s necessary to enable the LDAP , AUTH and TIME flags.
    #set ndstrace= +LDAP
    #set ndstrace= +AUTH
    #set ndstrace= +TIME






  6. Once these flags are enabled, you will see traffic in the screen . Enter “exit” in order to close the ndstrace utility.



  7. After closing the ndstrace utility, you are returned to the terminal prompt. At this point it’s necessary to redirect the ndstrace output to the log file (in my case I’m redirecting to the /tmp directory), so enter:
     #ndstrace -l > /tmp/someFileName.log


    By doing that you only have to decide how much time you need to gather information (in my case I left the log for an hour). When you decide that you have enough information to work, just cancel the execution control + c

  8. Once you have enough information you can get important data by running the following commands:Total amount of simple authentications:
    # grep "authentication:simple" someFileName.log |wc -l

    Occurrences per authenticated user

    #grep "authentication:simple" someFileName.log | cut -d " " -f 5 | sed 's/name://g' | sort | uniq -c

    Failed authentication due to an invalid password

    # grep "LocalLoginRequest" someFileName.log | grep "failed authentication (-669)" | wc -l

    By checking those numbers you can have a good idea of  how your eDir box is performing.

For more information about the ndstrace flags, you can see the Novell eDirectory guide http://www.novell.com/documentation/edir873/?page=/documentation/edir873/edir873/data/a2n4mbo.html

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
Apr 28, 2014
4:12 pm
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow