About rootDSE again

For monitoring purpose, a customer needs to get access to the rootDSE entry of each directory server behind DPS.

By default, DPS manages the rootDSE itself so that (in a virtual context) it reflects all the naming contexts and capabilities exposed by the proxy.
Here is one way to have access to the rootDSEs in question:
- the rootDSE DS content is exposed through a data view dedicated to ds monitoring. This dataview view base is choosen to not conflict with any suffix used by client applications, for instance "o=ds status". This data view is associated with a pool containing every directory server. Dn renaming is used to map o=ds status onto rootDSE ("").

Pros: it is possible to expose this data view to monitoring info only via a connection handler; monitoring traffic is not impact by regular client traffic (unless apps are aware of the special suffix!), so it is easy to get the status from N servers with N searches.
Cons: monitoring app must be changed to search for "o=ds status" instead of rootDSE and proxy configuration need to be changed.

Note: please ask Sun support for fix 6767776 if you choose the option above.
Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About


I am Sylvain Duloutre, I work as a Software Architect in the Oracle Directory Integration Team, the customer-facing part of Directory Services & Identity Management Product Development, working on Technical Field Enablement.

The views expressed on this blog are my own and do not necessarily reflect the views of Oracle.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
9
10
11
12
13
14
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today