You can view current information about LDAP servers and listeners using LDAP monitor.

Before you begin

Role required: admin

About this task

The available states are:
  • Active
  • Inactive
  • Error
  • Active (Shutting down...)
  • Error (Shutting down...)

In addition to its current state, the monitor also shows the following.

  • The last message detected by the listener, such as waiting for LDAP changes, error connecting, and so forth.
  • The last LDAP user change, such as new user, updated user, and so forth.
  • The last error that occurred.

To view LDAP monitor:

Procedure

Navigate to All > LDAP > System LDAP > LDAP Monitor.
LDAP monitor

See the table for descriptions of the properties and fields in the screen.

Table 1. LDAP monitor
Field Description
Refresh You can configure the refresh rate by clicking the Refresh field in the LDAP Server Monitor header bar, and selecting the number of seconds between each data refresh. You can also select None to suppress refreshing.
Connection Status The server connection indicator is located on the right side, above the LDAP Listener Status fields. When the server is connected, the box is green and shows Connected. When the server is not connected, the box is red and shows Not Connected. When the server connection is being tested, the box is yellow and shows Testing Connection.
LDAP Server Properties
Edit As you monitor LDAP servers, you can make changes to the properties by clicking Edit in the LDAP Server Monitor screen.
Server URL The combination of the server name and server port where the LDAP Server is listening. Frequently, the port is set to one of the following:
  • 389: the default port for connecting to LDAP in clear text
  • 636: the standard port for connecting to LDAP via an SSL connection

Example value: ldap://10.10.10.3:389/

Your LDAP Server may have more than one URL address. This does NOT establish multiple directory structures from which you can import data, which is done by creating another LDAP Server entry, but does provide for redundancy when you have multiple LDAP Servers to avoid a single point of failure. The LDAP URL addresses are separated with a space character, and the system automatically tries each server address in turn until a valid connection can be made.

Starting search directory The starting directory or RDN (Relative Distinguished Name) where the system begins searching for users or groups.

Example value: DC=service-now,DC=com

No data ABOVE this point is available for import. The instance has visibility into the specified directory and directories BELOW it in the LDAP hierarchy.

MID Server Status The current connection status of the MID Server.
LDAP Listener Status
Current Status This indicates whether the listener is active.
Last Info Message This shows the last message the LDAP server received relating to user and group changes, and the time the message was received.
Last Change This shows the last change made to the LDAP server, and the time it was made.
Last Error This shows the last error that occurred on to the LDAP server, and the time it occurred.