Instrumentation for monitoring ntlm_auths against domain controllers

Matthew Newton mcn4 at leicester.ac.uk
Wed Oct 19 14:22:31 CEST 2016


On Wed, Oct 19, 2016 at 01:00:34PM +0100, Matthew Newton wrote:
> On Wed, Oct 19, 2016 at 12:49:44PM +0100, Paul Seward wrote:
> > What I'd like to do, is put some instrumentation in place that would allow
> > our monitoring server to fire ntlm_auth's at a specified domain controller
> > (rather than whichever one winbind happens to have connected to) so that we
> > can monitor latency to all of them, and use the resulting graphs to
> > pinpoint any that are under performing.
> > 
> > I can't see an obvious way to make that happen, so if anyone has any
> > pointers we'd really appreciate it!
> 
> You might be able to find which DC is being used, and an
> indicative latency, by writing a small program to call wbcPingDc2
> and note the time taken to respond and which DC was used. Log this

Except here I get

# ./dclatency 
error: unable to ping dc
WBC_ERR_NOT_IMPLEMENTED
# 

:(

Look through wbclient.h. There may be another way.

Matthew


-- 
Matthew Newton, Ph.D. <mcn4 at leicester.ac.uk>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>


More information about the Freeradius-Users mailing list