Tip of the Day: Checking Connections in ITDS

To view a list of open connections against your IBM Tivoli Directory Server (LDAP) you can use netstat.

netstat –an |grep 389

It won’t give you a ton of information, really just the IP address of the machine requesting information. If you want to get more specific information about the LDAP connections, run a base scope query on the monitoring service.

ldapsearch –D cn=root –w password –s base –b “cn=connections,cn=monitors” objectclass=*

output:

connection=71116 : 192.168.55.171 : 2009-02-18 23:50:00 GMT  : 0 : 1 : UID=WPSBIND,OU=robscomputergarage,c=us :  :
connection=73411 : 192.168.55.165 : 2009-02-19 02:29:58 GMT  : 0 : 669 : CN=ROOT :  :

This information tells us a little more about what’s going on with the connections.

connection=*** is the connection number

xxx.xxx.xx.xxx is the IP address of the client.

yyyy-yy-yy is the date when the connection was first established

zz:zz:zz GMT is the time the connection was made. It also shows the timezone of the connection.

The 0 after the timestamp is showing how many operations are pending

669 is the number of operations that have been completed on that connection

CN=ROOT or UID=WPSBIND is the BindDN making the connection.

The very last field, blank in my example (: :) is the type of connection being made. It’s only valid if SSL/TLS is being used.