Alerts     Sign In
[x]

Site Alert(s):

  • Server maintenance Saturday Nov 22, 2008, 12:00 PM - 3:00 PM. The Knowledge Center will be unavailable during this time.
Rate this Article:
You must be signed in to rate again
 Article Feedback Print View
Alternate Languages: N/A

Configuring an LDAP Monitor

Document ID: CTX111109   /   Created On: May 28, 2008   /   Updated On: May 28, 2008
Average Rating: not yet rated

Summary

This article describes how to configure the NetScaler Lightweight Directory Access Protocol (LDAP) User monitor. It is recommended that the basic Active Directory (AD) authentication be configured and properly working before attempting to create an LDAP User Monitor.

Note: An understanding of the Active Directory and LDAP protocol is assumed.

Background

A User Monitor extends the scope of a monitor in that you can use them to track the health of specific applications and protocols that are not natively supported by the system. NetScaler provides several monitors written in PERL for define a User monitor. The files are located in the /nsconfig/monitors directory. The file for monitoring LDAP is the nsldap.pl script.

This monitor takes arguments using the Command Line Interface (CLI) or from within the GUI.

Note: Arguments that are required depend on how Active Directory is configured in your environment.

Mandatory arguments:
base - Base, the root from which the search would begin.
dbn - BindDN, the distinguished name which is used during binding to LDAP server.
password - This is equivalent to the password of the account used for dbn above.

Optional arguments:

filter - This is used to look for existence of particular elements in the LDAP tree.
attribute - This is the attribute name whose values need to be retrieved

Syntax used for the command argument:

-scriptArgs "base=DC=citrix,DC=com;dbn=CN=administrator;password=citrix"

Procedure

To configure a User Monitor for LDAP requires creating both a load balancing server and service that communicates with the LDAP server to be monitored. When configuring the service, it is typically of protocol type TCP and port 389.

After creating the server and service make the following configuration within the NetScaler GUI.

1. Highlight Monitors in the NetScaler GUI under the Load Balancer tree.

2. In the left hand side at the bottom click Add.

3. In the Name field give the monitor a unique name and select from the list of monitor Type of User.

Under the Special Parameters section enter the following for Destination Path:

/nsconfig/monitors/

4. In the Script Name enter the following file name:

nsladap.pl

5. In the Script Arguments enter the string of arguments as defined above for LDAP.

The complete syntax from above is as follows:

base=DC=citrix,DC=com;dbn=administrator;password=citrix

6. After clicking OK you must enable it on the service for which it is configured.

Below is the syntax for configuring the above example using the CLI:

> add monitor monitorldap USER -destIP 10.3.255.157 -destPort 389 -LRTM ENABLED -scriptName nsldap.pl -scriptArgs "base=DC=citrix,DC=com;dbn=administrator;password=citrix"

> bind monitor monitorldap ldapservice

More Information

http://support.microsoft.com/?id=237677 - Using LDIFDE to import and export directory objects to Active Directory

CTX108876 - Configuring LDAP Authentication for NetScaler

CTX114335 - Configuring an LDAP Monitor


This document applies to:

Search
Knowledge Center
Advanced Search
XenApp
XenApp Plugins (Clients)
XenServer
XenDesktop
NetScaler Application Delivery
Access Gateway
EdgeSight
Provisioning Server
WANScaler
Password Manager
>> View All Products
Does it work with Citrix? Verify it - introducing the new Citrix Ready Community Verified
©1999-2008 Citrix Systems, Inc. All rights reserved.