Testing LDAP configuration

You can use the ldapsearch utility to test Tivoli Netcool/OMNIbus LDAP configuration without restarting the ObjectServer. ldapsearch connects to the LDAP server, issues a query, and obtains results that are based on your configuration. It does not authenticate users or test ObjectServer user definitions.

ldapsearch is provided with some operating systems and variants are provided by LDAP vendors. The available options and syntax depend on which variant of the utility that you use.

You will need the following information to run a test with ldapsearch:
  • The values of the following properties, as defined in the LDAP properties file ($NCHOME/omnibus/etc/ldap.props):
    • Hostname
    • Port
    • LDAPBindDN
    • LDAPBindPassword
    • LDAPSearchBase
    • LDAPSearchFilter
  • The user name of a user that you want to authenticate.

Instructions and examples for testing Tivoli Netcool/OMNIbus LDAP configuration are given in the following technote:

http://www-01.ibm.com/support/docview.wss?uid=swg21579907

Log file examples

Successful initialization of a user authentication is logged as follows in the ObjectServer log file:
2013-01-02T16:12:49: Information: I-ALD-104-006: About to bind to LDAP server for user cn=Bind User,ou=Webtop,ou=Tivoli,ou=SWG,o=ibm
2013-01-02T16:12:49: Information: I-ALD-104-007: Successful bind to LDAP server for user cn=Bind User,ou=Webtop,ou=Tivoli,ou=SWG,o=ibm
A successful user login is logged as follows in the ObjectServer log file:
2013-01-02T09:07:43: Debug: D-UNK-000-000: secure-login@examplehost.ibm.com: Secure [User One]
2013-01-04T16:57:34: Debug: D-ALD-105-005: About to issue LDAP search with filter 'cn=User One'
2013-01-02T09:07:43: Information: I-ALD-104-012: LDAP search on user User One returned distinguished name cn=User One,ou=OMNIbus,ou=Tivoli,ou=SWG,o=ibm
2013-01-02T09:07:43: Information: I-ALD-104-006: About to bind to LDAP server for user cn=User One,ou=OMNIbus,ou=Tivoli,ou=SWG,o=ibm
2013-01-02T09:07:43: Information: I-ALD-104-007: Successful bind to LDAP server for user cn=User One,ou=OMNIbus,ou=Tivoli,ou=SWG,o=ibm.
2013-01-02T09:07:43: Debug: D-OBX-105-016: Authenticated logon for user User One on host testserver.ibm.com from application GET_LOGIN_TOKEN
2013-01-02T09:07:43: Information: I-OBX-104-007: User User One@examplehost.hursley.ibm.com logged
in successfully (connection ID 1)