14.10 Persistent Search: Configuring for eDirectory Events

NetIQ eDirectory has an event service that enables applications to be notified of significant events that occur within the Directory. Some of these events are general events that can pertain to any Directory service. Other events are specific to eDirectory and its special features.

eDirectory events are exposed to applications through two different extensions to the LDAP protocol:

  • An implementation of the Persistent Search Control

    The Persistent Search feature of NetIQ eDirectory is a search operation that keeps going after the initial set of matching entries is returned. Persistent Search is an extension to the LDAP v3 search operation that moves the burden of checking for updates within a search result set from the client to the server. The Persistent Search control allows the client to perform a normal LDAP search operation (specifying the base DN, scope of search, search filter, and so on) and then, rather than having the server return a SearchResultDone message at the end, the operation maintains a connection so the client can be updated each time an entry in the result set changes. This allows the client to maintain a cache of the entries it is interested in, or trigger some logic whenever an update occurs.

    The article “Persistent Search: A Simple LDAP Change Notification Mechanism” describes this extension in further detail.

  • Monitor Events (an extended LDAP operation that is specific to eDirectory)

Applications that use eDirectory event services can place a heavy computational load on the directory. Various administrative parameters are available to help control how event services are used on individual eDirectory servers. These parameters are stored on the LDAP Server object. Use NetIQ iManager to set these parameters.

Specific applications that use the event service might require that you set these parameters to specific values. The documentation for such applications will indicate specific requirements for the application.

For more information, see “Understanding and Using Persistent Search in eDirectory”.

14.10.1 Managing Persistent Searches

You can use iManager to view or edit persistent searches.

  1. In iManager, click the Roles and Tasks button Roles and Tasks button.

  2. Click Directory Administration > Modify Object.

  3. Enter the name and context of the LDAP server object you want to modify, or click Browse button and browse or search for the LDAP server object.

    The LDAP Server icon
  4. Click OK, then click Searches on the General tab.

    The Searches page
  5. Enable persistent searches.

    By default, the Enable Persistent Search check box is checked. To disable and prevent persistent searches on this server, uncheck the check box.

    NOTE:If you disable a previously established persistent search operation, the operation might continue even after this option is disabled and the server is refreshed.

  6. Control the number of concurrent persistent searches on this server.

    Specify a value in the Maximum Concurrent Persistent Searches field. A value of zero allows unlimited concurrent persistent searches.

    The Maximum Concurrent Persistent Searches field
  7. Control whether to ignore size and time limits.

    To control whether size and time limits should be ignored after the persistent search request has sent the initial search result set, check the Ignore Size and Time Limits When Monitoring Persistent Search Events check box.

    If you don't select this option, the entire persistent search operation is subject to the search restrictions. If either limit is reached, the search will fail, with the appropriate error message.

  8. Click Apply, then click OK.

14.10.2 Controlling Use of the Monitor Events Extended Operation

  1. In iManager, click the Roles and Tasks button Roles and Tasks button.

  2. Click LDAP > LDAP Options.

  3. Click View LDAP Servers, then click the name of an LDAP server.

  4. Click Events.

    Property pages for LDAP servers
  5. Control whether client applications can monitor events on this LDAP server.

    To enable client applications to monitor events on this LDAP server, check the Enable Event Monitoring check box.

    To disable the monitoring of events, uncheck the check box.

  6. Control the maximum load that event monitoring applications can place on the server.

    Enter a value in the Maximum Event Monitoring Load field.

    Processing event data and sending event notifications to monitoring applications involves computational overhead on the LDAP server. For a given event, the exact load on the server depends on the frequency of the event being monitored, the data associated with the event, and the number of client applications monitoring the event.

    The Maximum Event Monitoring Load is a relative value that reflects how much of a load the event monitoring extension is allowed to place on the server. A zero value indicates no limit. To find an appropriate value for this attribute, experiment.

  7. Click Apply, then click OK.