LDAP MIB Tables
The LDAP server’s MIB information is a subset of the specifications of the recommendation entitled Directory Server Monitoring MIB (RFC 2605) that correspond to the LDAP server and some additional information like the LDAP server’s configuration. The MIB information is stored in the following.
-
LDAP MIB static table
-
LDAP MIB total table
-
LDAP MIB current table
-
LDAP MIB association table
-
LDAP MIB environment table
These tables are held in memory and reflect the lifetime of the information stored. The information can be displayed by using the LDAP extended operations ldap_mib_total, ldap_mib_current, ldap_mib_assoc, ldap_mib_env and ldap_mib_dump. (See the dirxextop reference page for details.) It is represented by strings (String), static integer values (Value), dynamic counters (Counter or MaxCounter (maximum number)), or structured values (Structured).
This appendix lists all information stored in these tables.
LDAP MIB Static Table
The LDAP MIB static table stores information that is usually set during initialization performed at start time of the LDAP server.It remains unchanged during lifetime of the LDAP server process.
| MIB attribute | MIB name | Type | Description |
|---|---|---|---|
OS Name |
os_name |
String |
Name of OS |
Phys Memory |
phys_mem_total |
Value |
Real physical memory in MB |
CTX Size |
ctx_size |
Value |
Memory in use by CTX (CTX is the internal DirX Directory memory manager) |
CTX HWM Size |
ctx_size_hwm |
Value |
High water mark of memory used by CTX |
CTX Ulimit |
ctx_limit |
Value |
Maximum amount of memory CTX will use for current process (if exceeded, allocations will fail) |
Avail Memory |
phys_mem_free |
Value |
Available physical memory |
Page size |
mem_page_size |
Value |
Memory page size in bytes |
CPUs |
num_processors |
Value |
Num CPUs online |
Max Fd soft |
max_files_soft |
Value |
Max # of file descriptors (softlimit) |
Max Fd hard |
max_files_hard |
Value |
Max # of file descriptors (hardlimit) |
PID |
pid |
Value |
Process ID |
Host Name |
host_name |
String |
Hostname |
Host IP |
host_ip |
String |
IP4 address |
Server Version |
server_version |
String |
Detailed description of server build, e.g. V6.0 A00 136 2001:01:08 20:10 |
Server Type |
server_type |
String |
Database server type either ‘frontend server’ or ‘backend server’ |
Server Mode |
server_mode |
String |
Either ‘Read Only’ or ‘Read/Write’ |
Contact DSA |
contact_dsa |
String |
Network DSA PSAP address |
DAP Sharing |
backend_sharing |
Value |
Whether same users share same backend connection |
Allow Anonym |
anonym_allowed |
Value |
Whether anonymous users are allowed to access server |
SSL Encryption |
ssl_version |
String |
Encryption strength supported by server |
Start Time |
start_time |
String |
Server start time |
Current Time |
current_time |
String |
Current Time |
Configuration Name |
ldap_configuration |
String |
Used server configuration subentry name |
ClCfg File |
cfg_file |
String |
Used client config file |
Socket Mode |
sock_mode |
String |
Socket mode in use – can be sync or async |
Ldap Port |
ldap_port |
Value |
Port number for plain LDAP requests |
SSL Port |
ssl_port |
Value |
Port number for SSL encrypted LDAP requests |
RPC Port |
rpc_port |
Value |
Port number for RPC requests |
Max Conn |
max_conn |
Value |
Maximum allowed LDAP connections; e.g. 1024 |
Client Idle Time |
cl_idle_time |
Value |
Max time in seconds a client may be idle before server closes connection e.g. 300 |
Backend unbind delay time |
dap_delay_time |
Value |
Max time a shared backend connection is held after last client unbinds |
TCP/IP Response Mode |
tcp_resp_mode |
Value |
Used TCP/IP response mode |
DN Escape Mode |
dn_escape |
String |
Used Mode to escape DNs |
Search Size Limit |
size_limit |
Value |
Max entry count for search requests (0=unlimited) |
Search Time Limit |
time_limit |
Value |
Max time for search (0=unlimited) |
Supported Search Controls |
sup_ctrl |
String |
Supported search controls |
Thread Pool Size |
thr_pool_size |
Value |
Number of LDAP worker threads available |
DAP Pool Size |
dap_pool_size |
Value |
anonymous DAP connection pool size |
Allowed IPs Number |
Counter |
Number of allowed IP addresses |
|
Allowed IP Addresses |
String |
Allowed IP addresses |
|
Denied IPs Number |
Counter |
Number of denied IP addresses |
|
Denied IP Addresses |
String |
Denied IP addresses |
|
IP Allow |
ip_allow |
Strings |
List of IPs granted access to server |
IP Deny |
ip_deny |
Strings |
List of IPs denied access to server |
Black Box Size |
black_box_size |
Value |
LDAP PDU black box size |
LDAP MIB Total Table
The LDAP MIB total table stores information that is accumulated during lifetime of the LDAP server.Usually this information increases and delivers a temporary snapshot of the running LDAP server.
| MIB attribute | MIB name | Type | Description |
|---|---|---|---|
Operations |
tot_op |
Counter |
Number of LDAP operations processed by the server. |
Cache Hits |
cache_ratio |
Counter |
Percentage of search cache hits |
PDU Errors |
pdu_err |
Counter |
Number of illegal PDUs received from clients. |
Client Shutdowns |
cl_shutdowns |
Counter |
Number of socket closes performed by client without regular unbind. |
Referral errors |
referral_err |
Counter |
Number of referral errors occurred in searches. (base obj = Lap referral) |
SSL Connections |
ssl_conns |
Counter |
Number of established SSL connections. |
SSL Errors |
ssl_err |
Counter |
Number of SSL errors on established SSL connections. |
Binds |
binds |
Counter |
Number of LDAP Bind requests processed . |
Bind Errors |
binds_err |
Counter |
Number of unsuccessful LDAP Binds. |
Bind Security Errors |
binds_sec_err |
Counter |
Number of failed binds because of invalid credentials or inappropriate authentication |
Binds V2 |
binds_v2 |
Counter |
Number of LDAP V2 Binds. |
Binds V3 |
binds_v3 |
Counter |
Number of LDAP V3 Binds. |
Binds anonym |
binds_anonym |
Counter |
Number of anonymous LDAP Binds. |
Binds simple |
binds_simple |
Counter |
Number of simple authenticated Binds. |
Binds strong |
binds_strong |
Counter |
Number of strong authenticated binds (SSL client authentication used). |
Unbinds |
unbinds |
Counter |
Number of client issued LDAP Unbinds (Note: if client just closes connection it is counted as a PDU error) |
Searches |
searches |
Counter |
Number of LDAP Searches performed |
Search Errors |
searches_err |
Counter |
Number of unsuccessful searches (e.g. illegal base object, insufficient access rights etc) |
Searched Entries |
searches_entries |
Counter |
Number of returned entries in LDAP Searches |
Searched Attrs |
searches_attrs |
Counter |
Number of returned attributes in LDAP Searches |
Searched Referrals |
searches_referrals |
Counter |
Number of referrals returned in LDAP Searches (not referral err) |
Searches Baselevel |
searches_baselevel |
Counter |
Number of base level searches |
Searches |
searches_onelevel |
Counter |
Number of one level searches |
Searches |
searches_subtree |
Counter |
Number of sub tree searches |
Adds |
adds |
Counter |
Number of Adds performed |
Add Errors |
adds_err |
Counter |
Number of unsuccessful LDAP Adds |
Modifys |
mods |
Counter |
Number of LDAP Modify operations performed |
Modify Errors |
mods_err |
Counter |
Number of unsuccessful LDAP Modify operations |
Modify RDNs |
modrdns |
Counter |
Number of performed LDAP Modify RDN ops |
Modify RDN Errors |
modrdns_err |
Counter |
Number of unsuccessful LDAP Modify RDN ops |
Deletes |
deletes |
Counter |
Number of performed LDAP Delete ops |
Delete Errors |
deletes_err |
Counter |
Number of failed Deletes |
Compares |
compares |
Counter |
Number of performed LDAP Compare ops |
Compare Errors |
compares_err |
Counter |
Number of failed Compares |
Abandons |
abandons |
Counter |
Number of requested LDAP abandon ops |
Extended Ops |
extops |
Counter |
Number of extended operations requested (Note: extended operations are not supported and will be counted as errors) |
Extended Ops Errors |
extops_err |
Counter |
Number of failed Extended Ops |
TCP Bytes sent |
tcp_bytes_out |
Counter |
Number of KB sent to LDAP Clients |
TCP Bytes received |
tcp_bytes_in |
Counter |
Number of KB received from LDAP Clients |
DSA dropouts |
dap_dropouts |
Counter |
Number of failed operations because of backend dropout |
RPC operations |
rpc_ops |
Counter |
RPC operations performed |
Untrusted Conns |
untrusted_conns |
Counter |
Connection attempts from denied IPs |
Added Schema Attributes |
schema_at_adds |
Counter |
Number of new attributes added to schema |
Deletes Schema Attributes |
schema_at_dels |
Counter |
Number of attributes deletions in schema |
Added Schema Objectclasses |
schema_oc_adds |
Counter |
Number of new OCLs added to schema |
Deletes Schema Objectclasses |
schema_oc_dels |
Counter |
Number of OCL deletions in schema |
DirX-API Timeouts |
api_timeouts |
Counter |
Number of operations timed out in DirX Directory-API (feature not active by default) |
TCP-send() timeouts |
tcpsend_timeouts |
Counter |
Number of operations that failed because client has not collected results vis TCP within 30 sec – server closes connection |
LDAP MIB Current Table
The LDAP MIB current table stores information that is accumulated during lifetime of the LDAP server.Usually this information increases and decreases, reflects some status information (Status), for example LDAP cache enabled (ON) and LDAP cache information is valid (valid), or provides the maximum value (MaxCounter) during LDAP server’s lifetime.
| MIB attribute | MIB name | Type | Description |
|---|---|---|---|
Cache Status |
cache_state |
Status |
Current status of LDAP response cache. Values can be ‘ON + valid’, ‘ON + invalid’, ‘OFF + valid’, and ‘OFF + invalid’. |
Cache Hit Ratio |
cache_ratio |
Counter |
Current cache hit ratio. |
LDAP Binds |
curr_lbinds |
MaxCounter |
Number of currently active client LDAP connections open for incoming requests. |
Max LDAP Binds |
max_lbinds |
MaxCounter |
Max number of concurrent LDAP connections seen thus far |
DAP Binds |
curr_dbinds |
MaxCounter |
Number of currently active backend connections to the DSA (Note: the anonymous connection is always held open) |
Max DAP Binds |
max_dbinds |
MaxCounter |
Max Number of concurrent DAP connections seen thus far |
Pool Threads running |
pool_thr_running |
Counter |
Number of currently working pool threads |
Overflow Threads running |
ovfl_thr_running |
Counter |
Number of threads running to handle OP-stack overflow situations |
Overflow Threads idle |
ovfl_thr_idle |
Counter |
Number of idle overflow threads |
Pool Threads idle |
pool_thr_idle |
Counter |
Number of idle pool threads |
Op Stack size |
op_stack_size |
Counter |
Number of currently queued operations waiting for processing |
Max Op Stack size |
op_stack_size_max |
MaxCounter |
Max number of queues operations seen thus far |
Overflow Stack Size |
ovfl_stack_size |
Counter |
Number of currently queued operations on overflow stack (waiting to be processed by overflow thread(s)) |
SD max |
highest_sd |
MaxCounter |
Highest socket descriptor seen so far |
Socket Info |
slist |
Structured |
List of socket information containing fd, state, IP for each socket |
LDAP MIB Association Table
The LDAP MIB association table stores information that is dynamic concerning the content of the entire table and the values of each MIB attribute stored.It provides information concerning the number of LDAP client connections established, general information about each LDAP connection, and all operations running for each LDAP client connection.
The following MIB attributes are provided concerning LDAP connections established:
-
Number of currently established LDAP connections
-
Number of currently established backend (DAP) connections and additional info (anonym, simple, sasl, rebinds, shares, authentication)
The following MIB attributes are provided for each connection established:
-
Peer IP address
-
Socket descriptor used for I/O
-
Type of LDAP bind (anonym, simple, strong)
-
Security (normal, SSL)
-
User DN (if SSL bind, taken from user certificate)
-
SSL user id (issuer + serial) (if security is SSL)
-
Creation time of connection
-
Last activity time of connection
-
LDAP version (2/3)
-
Number of operations started on this connection
-
Number of currently running operations on this connection
-
Bytes transferred/received on current connection
The following MIB attributes are provided for each operation running:
-
Operation type (search, add, modify, .…)
-
Duration thus far
-
Internal Operation Name (e.g. LDAP_Con4_Op23)
-
In use flag (set if operation is processed by a thread)
-
LDAP message ID
-
Unique operation ID
-
Request parameters according to op type (e.g. base object, filter, etc. for search)
Attribute values are represented by their length and not by their current value) -
Internal operation processing state (‘C’ =created, ‘Q’=queued, ‘P’ = PDU received, ‘A’= API called, ‘R’= responding, ‘T’=terminating)
LDAP MIB Environment Table
This table contains the current environment strings as they are known by the server, for example:
Env Infos:
Environment : _=/opt/dirx/bin/dirxdsas
Environment : DIRX_SVC_EXTINFO=libDBAM.so,DBAMDebug_ids,dba_msg_table
Environment : _INIT_UTS_RELEASE=5.8
Environment : nLSPATH=/opt/dirx/nls/msg/en_US.ASCII/%N
Environment : CMXSOCKET=-K30
Environment : LC_MONETARY=en_US.ISO8859-1
Environment : _INIT_UTS_MACHINE=sun4us
Environment : LC_TIME=en_US.ISO8859-1
Environment : DIRX_DSA_CONSISTENCY_CHECK=1
Environment : DIRX_DEL_TIME=720
Environment : PATH=/usr/sbin:/usr/bin:/opt/dirx/bin:/usr/bin
Environment : _INIT_UTS_VERSION=Generic_108528-18
Environment : DIRX_DIRSTR_CHOICE=UTF8
Environment : DIRX_OWN_PSAP=TS=DSA1,NA='TCP/IP_IDM!internet=127.0.0.1+port=21200'
Environment : _INIT_RUN_NPREV=0
Environment : _INIT_NET_STRATEGY=none
Environment : _INIT_UTS_NODENAME=alice
Environment : _INIT_UTS_ISA=sparc
Environment : _INIT_PREV_LEVEL=S
Environment : LC_MESSAGES=C
Environment : LC_CTYPE=en_US.ISO8859-1
Environment : DIRX_INST_PATH=/opt/dirx
Environment : _INIT_UTS_SYSNAME=SunOS
Environment : LC_COLLATE=en_US.ISO8859-1
Environment : LC_NUMERIC=en_US.ISO8859-1
Environment : LD_LIBRARY_PATH=/opt/dirx/lib
Environment : PWD=/
Environment : TZ=MET
Environment : _INIT_RUN_LEVEL=3
Environment : _INIT_UTS_PLATFORM=FJSV,GPUS