Aegis Ldap Adapter Example Workflow #2 – Monitoring NetIQ eDirectory Server Status

Aegis Ldap Adapter Example Workflow #2 – Monitoring NetIQ eDirectory Server Status

This article looks at simple monitoring of NetIQ eDirectory Server Status using the Event functionality of the Ldap Adapter.

NetIQ eDirectory stores an object of objectclass ncpServer for each eDirectory server in the Directory tree. This has a status attribute which is managed by eDirectory background process, which can be used to determine the status of the Server.

The Ldap Adapter can be configured to monitor the value of this attribute and generate an event if the status is not UP.  This is an ideal trigger point to start an automation workflow.

So what might an eDirectory Health workflow look like?  As ever, there isn't a one size fits all workflow, no two customers want exactly the same thing, so here is a simple example of what can be done.  My knowledge of eDirectory is pretty limited so think about how you can do this better!

1. Ping Server.
2. Check status of eDirectory servers / synchronization (ndsrepiar -T)
3. If still down, restart eDirectory process
4. Check status again
5. Send notification of server status.

So the first thing is to configure the Ldap Adapter to monitor for eDirectory servers being down:


The filter is : (&(objectclass=ncpServer)(!(status=2)))

The filter says to return all objects of objectclass ncpServer, whose status attribute is not equal to 2 (UP).

Now when an eDirectory server becomes unavailable an event will be generated in Aegis :


So we have our event so a trigger can be built based on this event.

1.  Ping Server.

Pinging the Server is a trivial step - just run from the command line and check the responses, or there is activity here to make life even easier :

2. Check status of eDirectory servers / synchronization (ndsrepiar -T)

Ok so before you can do this step, you have to know which Operating System the eDirectory Server is in order to connect to it and issue commands.  This is pretty easy to do, check the version attribute of the eDirectory server.  The object DN is returned in the event so you already have that.

For example the version for windows might look like this: eDirectory for NT x86_64 v8.8 SP7 [DS]

Or Linux : eDirectory for Linux i586 v8.8 SP7 [DS]

So for these versions a simple regex like : eDirectory for\s+(.*?)\s+\.*

will extract the OS type, Linux or NT.

For this example I am just going to look at linux side.  I want to issue the ndsrepair -T command.  To do this, use the inbuilt SSH activity!

If the command error output contains "Unable to connect to NDS Server. NDS server may be down." then at least one eDirectory server is down.

3. If still down, restart eDirectory process

All we do here is connect again with ssh activity and issue the command : rcndsd restart

4. Check status again

Basically loop back to step 2. and re-issue ndsrepair -T.  You'll have to have some retry logic in here to stop it re-trying forever.  Chances are if it fails after first retry you don't need to retry again.

5.  Send notification of server status.

At this stage everything is either back up or still down.  Notify somebody / Create Help Desk ticket etc.

At this point I am hoping you have spotted the glaringly obvious logic issue with this workflow idea!!  If the Ldap Server Aegis connects to itself is down, you won't be able to connect to retrieve events in the first place.   Luckily, if any type of Directory cannot be connected to during an event poll, a triggerable event is generated by the Adapter  in Aegis to indicate a connection problem. So now we have two different events which might trigger an eDirectory Health Workflow!

Think about what other events you might want to create and what automation could be done as a result of that event.  Perhaps when a user is created, you want to automate which groups that user becomes a member of.

Labels (1)


Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.
Top Contributors
Version history
Revision #:
6 of 6
Last update:
‎2020-01-09 16:44
Updated by:
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.