| Measurement |
Description |
Measurement
Unit |
Interpretation |
| Unauth_requests |
The number of unauthenticated/anonymous bind requests received since the last measurement period |
Number
|
All LDAP clients bind (connect) to Novell eDirectory as one of the following types of users:
- [Public] User (Anonymous Bind)
- Proxy User (Proxy User Anonymous Bind)
- NDS or eDirectory User (NDS User Bind)
The type of bind the user authenticates with determines the content that the LDAP client can access. An anonymous bind is a connection that does not contain a username or password. If an LDAP client without a name and password binds to LDAP Services for eDirectory and the service is not configured to use a Proxy User, the user is authenticated to eDirectory as user [Public]. By default, user [Public] is assigned the Browse right to the objects in the eDirectory tree. The default Browse right for user [Public] allows users to browse eDirectory objects, but blocks user access to the majority of object attributes. This measure provides a fair idea of the number of [Public] users who are attempting to connect to Novell eDirectory.
|
| Invalid_requests |
The number of bind requests that have been rejected due to inappropriate authentication or invalid credentials, since the last measurement period |
Number
|
This is a good indicator of the health of the security mechanism. If the value of this measure is unusually high, then you might have to investigate further to determine whether all rejects are genuine.
|
| Read_requests |
The number of read requests received by the eDirectory server since the last measurement period |
Number
|
|
| Add_entry_requests |
The number of addEntry requests received by the eDirectory server |
Number
|
addEntry requests attempt to create a new object - for example, adding a user object using ConsoleOne.
|
| Remove_entry_requests |
The number of addEntry requests received by the eDirectory server since the last measurement period |
Number
|
A removeEntry request attempts to remove an entry from the eDirectory server - for example, deleting a user using ConsoleOne.
|
| Modify_entry_requests |
The number of modifyEntry requests received by the eDirectory server since the last measurement period
|
Number
|
A non-zero value for this measure indicates the number of requests received for modifying one/more eDirectory entries - for example, modifying the attributes of any user using ConsoleOne.
|
| Search_requests |
The number of search requests received since the last measurement period - this includes baseObject searches, oneLevel searches, and whole subtree searches |
Number
|
|
| No_of_chaining |
The number of operations forwarded by this eDirectory server to other eDirectory servers since the last measurement period |
Number
|
An LDAP client issues a request to an LDAP server, but the server cannot find the target entry of the operation locally. Using the knowledge references that it has about partitions and other servers in the eDirectory tree, the LDAP server identifies another LDAP server that knows more about the DN. The first LDAP server then contacts the identified (second) LDAP server. If necessary, this process continues until the first server contacts a server that holds a replica of the entry. eDirectory then handles all the details to complete the operation. Unaware of the server-toserver operations, the client assumes that the first server completed the request. This process is called chaining.While chaining has a fair share of advantages, a high value of this measure could also mean:
- One/more clients might have to wait for feedback while the server chains to resolve the same
- If the operation requires the LDAP server to send many entries across a WAN link, the operation might be very time consuming.
- If several servers are equally capable of progressing the operation, different servers might process two requests to operate on the same entry.
|
| No_of_error_requests |
The number of requests that could not be serviced due to errors other than security errors, and referrals since the last measurement period |
Number
|
A partially serviced operation will not be counted as an error. The errors include naming-related, update-related, attributerelated, and service-related errors. Ideally, the value of this measure should be 0.
|
| Replication_Updates_In |
The number of replication updates fetched or received from eDirectory servers since the last measurement period |
Number
|
The Novell Import Conversion Export utility uses the LDAP Bulk Update/Replication Protocol (LBURP) to send asynchronous requests to an LDAP server. This guarantees that the requests are processed in the order specified by the protocol and not in an arbitrary order influenced by multiprocessor interactions or the operating system's scheduler. LBURP also lets the Novell Import Conversion Export utility send several update operations in a single request and receive the response for all of those update operations in a single response. This adds to the network efficiency of the protocol. The LBURP processor in eDirectory also commits update operations to the database in groups to gain further efficiency in processing the update operations. LBURP can greatly improve the efficiency of your LDIF imports over a traditional synchronous approach.
|
| Replication_Updates_Out |
The number of replication updates sent to or taken by eDirectory servers since the last measurement period |
Number
|
| Incoming_traffic |
The incoming traffic on the interface |
KB
|
This is a good indicator of the level of activity on the eDirectory server.
|
| Outgoing_traffic |
The outgoing traffic on the interface |
KB
|