Administer > Integrate NNMi with a Directory Service through LDAP > Verify the Directory Service Configuration

Verify the Directory Service Configuration

  1. Verify the NNMi LDAP configuration by running the following command:

    nnmldap.ovpl -info

    If the reported configuration is not as expected, verify the settings in the ldap.properties file.

  2. Force NNMi to re-read the LDAP configuration file by running the following command:

    nnmldap.ovpl -reload
  3. Test the configuration for one user by running the following command:

    nnmldap.ovpl -diagnose <NNMi_user>

    Replace <NNMi_user> with the sign-in name of an NNMi user as defined in the directory service.

    Examine the command output and respond appropriately.

  4. Verify that the directory service contains the expected records. Use a web browser or a third-party LDAP browser (for example, the LDAP browser included in Apache Directory Studio) to examine the directory service information.

    Information about the format of a query to a directory service can be found in RFC 1959, An LDAP URL Format, which is available at:

    http://labs.apache.org/webarch/uri/rfc/rfc1959.txt

  5. View the log file to verify that the sign-in request is correct, and to determine if any errors occurred:

    Windows: %NnmDataDir%\log\nnm\nnm.log

    Linux: $NnmDataDir/log/nnm/nnm.log

    • A message similar to the following line indicates that the directory service requires HTTPS communication. In this case, enable SSL as described in Configuring an SSL Connection to the Directory Service.

      javax.naming.AuthenticationNotSupportedException: [LDAP: error code 13 - confidentiality required]
    • A message similar to the following line indicates that a timeout occurred while communicating with the directory service. In this case, increase the value of searchTimeLimit in the ldap.properties file.

      javax.naming.TimeLimitExceededException: [LDAP: error code 3 - Timelimit Exceeded]