Monitoring LDAPS for slow response time or no response ...

[PhilG]

Hello:
We are using Nagios XI 2014R2.6 and it has been very stable. Much kudos! Maybe soon we'll upgrade to R2.7.
We have just installed 6 new Active Directory Domain Controllers and those are running on Windows 2012 R2 server, which will be replacing some older W2K3 or W2K8 servers.

My AD/Windows Admin has sent me this request:
"It would be great if you can think of a way to monitor LDAPS for slow response time or no response.
This would help during the high traffic start of semester season when LDAPS might get overloaded and cause delays in prism and d2l."

So, I'm looking for assistance on if this is possible in Nagios XI (assuming more than likely, yes), and what documentation should I use to get that going? (I'm working on two other major projects (one being on decommissioning several W2K3 servers before July) for my Director that are eating up my time and trying to meet the deadlines, so, there's my excuse).

Thank you in advance for your assistance.

[jdalrymple]

This is probably the simplest answer:

Code: Select all

[jdalrymple@localhost libexec]$ ./check_tcp -H <WinHost> -p 636
TCP OK - 0.001 second response time on 172.16.101.10 port 636|time=0.000845s;;;0.000000;10.000000

That's a pretty barbaric check, but truth be told it may achieve the desired results if you're just seeking to know how quick the machine responds to a network request. If you'd like to know more about what is going on under the hood that would be here:

Code: Select all

[jrdalrymple@localhost libexec]$ ./check_nrpe -H <WinHost> -c checkcounter -a "Counter=\\NTDS\\LDAP Bind Time"
OK: \NTDS\LDAP Bind Time = 16|'\NTDS\LDAP Bind Timenone'=16;0;0