Test LDAP Connection

alan_lowrance · ‎09-08-2014

I see there's a Script Include that runs when you press the Test Connection link on the LDAP Server page. We are writing a scheduled job to check the connection intermittently and alert us if the LDAP connection is severed. Below is the relevant script include but calling LDAPClientUtils.testServerConnection() always returns false even if everything is connected fine.

I'd like to not touch the script below but just call it differently or somehow check for those messages/errors instead of relying on that 'testResult' variable that's always false. I don't know why they didn't make it return true if everything's fine though.

gs.include("LDAPUtils");


var LDAPClientUtils = Class.create();
LDAPClientUtils.prototype = Object.extendsObject(AbstractAjaxProcessor, {

       testOUConnection: function() {
         var ouSysId = this.getParameter("sysparm_ouSysId");
   var ldapOu = new GlideRecord("ldap_ou_config");   
   ldapOu.get(ouSysId);

   var result = this.newItem("result");
               var error = this.newItem("error");   
   result.appendChild(error);


   var ldapConnectionTester = new GlideLDAPTestConnectionProcessor(ldapOu.server.toString(), ouSysId);
   var testResult = false;
   try {
   testResult = ldapConnectionTester.testConnection();
   error.setAttribute('code', gs.getSession().getProperty("ldap_test.errorCode"));


   var message = this.newItem('message');
   message.setAttribute('value', GlideXMLUtil.removeInvalidChars(gs.getSession().getProperty("ldap_test.errorMessage")));
   error.appendChild(message);
   }catch(e) {
   error.setAttribute('code', "41000");
   var message = this.newItem('message');
   message.setAttribute('value', GlideXMLUtil.removeInvalidChars(e.getMessage()));
   error.appendChild(message);
   }

   return testResult;
       },

       testServerConnection: function() {
         var serverSysId = this.getParameter("sysparm_serverSysId");


   var result = this.newItem("result");
               var error = this.newItem("error");   
   result.appendChild(error);

         var ldapConnectionTester = new GlideLDAPTestConnectionProcessor(serverSysId, null);
         var testResult = false;
   try {
   testResult = ldapConnectionTester.testConnection();
   error.setAttribute('code', gs.getSession().getProperty("ldap_test.errorCode"));


   var message = this.newItem('message');
   message.setAttribute('value', GlideXMLUtil.removeInvalidChars(gs.getSession().getProperty("ldap_test.errorMessage")));
   error.appendChild(message);
   }catch(e) {
   error.setAttribute('code', "41000");
   var message = this.newItem('message');
   message.setAttribute('value', GlideXMLUtil.removeInvalidChars(e.getMessage()));
   error.appendChild(message);
   }


   return testResult;
       },


       type: 'LDAPClientUtils'
});

alan_lowrance · ‎12-18-2014

Thanks Anwesh, but that method didn't work either. I did find an LDAP Tester scheduled job that was created in 2013 (don't know if that was always there or came over in an update).

I inactivated it and made a modified copy that, on error, calls a new function that makes an incident ticket that goes to our systems team:

testLDAPServers();




function testLDAPServers() {


   var ldapServer = new GlideRecord("ldap_server_config");


   ldapServer.addActiveQuery();


   ldapServer.query();


   gs.include("LDAPUtils");


   var ldapUtils = new LDAPUtils();


   var errMsg = "";


   while (ldapServer.next()) {


   var ldap = new GlideLDAP();


   var dn = ldapServer.dn;


   // get ldap server config


   ldap.setConfigID(ldapServer.getUniqueValue());


   // Setup connection


   var env = ldap.setup();


   if (env == null) {


   errMsg = "Failed environment setup, missing URL";


   gs.eventQueue("ldap.connection_failed",   ldapServer, ldapServer.getDisplayValue(), errMsg);


   gs.logError("LDAP server " + ldapServer.getDisplayValue() + " failed scheduled connection test: " + errMsg, "LDAP");


   continue;


   }


   // try connection


   try {


   var ldapConnectionTester = new GlideLDAPTestConnectionProcessor(ldapServer.getUniqueValue(), null);


   if (!ldapConnectionTester.testConnection()){


   errMsg += "ErrorCode: " + gs.getSession().getProperty("ldap_test.errorCode") + ". ";


   errMsg += "ErrorMessage: " +   GlideXMLUtil.removeInvalidChars(gs.getSession().getProperty("ldap_test.errorMessage")) + ". ";


   // Fire event to trigger email notification if you're looking for that event


   gs.eventQueue("ldap.connection_failed",   ldapServer, ldapServer.getDisplayValue(), errMsg);


   gs.logError("LDAP server " + ldapServer.getDisplayValue() + " failed scheduled connection test. " + errMsg, "LDAP");


   makeINCtoSystems(dn,errMsg);


   }


   } catch(e) {


   // Fire event to trigger email notification if you're looking for that event


   errMsg += e.message;


   gs.eventQueue("ldap.connection_failed",   ldapServer, ldapServer.getDisplayValue(), errMsg);


   gs.logError("LDAP server " + ldapServer.getDisplayValue() + " failed scheduled connection test. " + errMsg, "LDAP");


   gs.log('ldap connection is bad');


   makeINCtoSystems(dn,errMsg);


   }


   }


}


function makeINCtoSystems(dn,errMsg){


   var dupcheck = new GlideRecord('incident');


   dupcheck.addQuery('active',true);


   dupcheck.addQuery('short_description', 'CONTAINS', 'ServiceNow LDAP Connection Failed');


   dupcheck.query();     // Issue the query to the database to get relevant records


   if (dupcheck.next()) {


   return; //cancel if it already finds an open incident with that name


   }


   var make = new GlideRecord('incident');


   make.short_description = 'ServiceNow LDAP Connection Failed';


   make.description = 'ServiceNow reports that it has lost connection to LDAP, no uncached users will be able to log into the system\nServiceNow is set to use '+ dn + '\n' +errMsg;


   make.category = 'systems';


   make.incident_state = 1;


   make.assignment_group.setDisplayValue("Systems");


   make.notify = 2;


   make.contact_type = "self-service";


   make.impact = 1;


   make.urgency = 2;


   //make.priority = 1;


   make.insert();


}

View solution in original post

alan_lowrance · ‎09-10-2014

The test connection link on the LDAP Server page uses a Client Script that does the calls asynchronously (AJAX) and passes any of the errors/warnings through to the page refresh. I don't see anything I can call to check if there are error messages or if everything is alright though. I was hoping that the testResult boolean would update based on the configuration but it doesn't... always shows false.

arijal1 · ‎12-14-2014

Alan,

Please try the LDAPUtils.testServerConnection method instead of the LDAPClientUtils.testServerConnection.

Share with us, how it goes.

Thanks,

Anwesh

alan_lowrance · ‎12-18-2014

Thanks Anwesh, but that method didn't work either. I did find an LDAP Tester scheduled job that was created in 2013 (don't know if that was always there or came over in an update).

I inactivated it and made a modified copy that, on error, calls a new function that makes an incident ticket that goes to our systems team:

testLDAPServers();




function testLDAPServers() {


   var ldapServer = new GlideRecord("ldap_server_config");


   ldapServer.addActiveQuery();


   ldapServer.query();


   gs.include("LDAPUtils");


   var ldapUtils = new LDAPUtils();


   var errMsg = "";


   while (ldapServer.next()) {


   var ldap = new GlideLDAP();


   var dn = ldapServer.dn;


   // get ldap server config


   ldap.setConfigID(ldapServer.getUniqueValue());


   // Setup connection


   var env = ldap.setup();


   if (env == null) {


   errMsg = "Failed environment setup, missing URL";


   gs.eventQueue("ldap.connection_failed",   ldapServer, ldapServer.getDisplayValue(), errMsg);


   gs.logError("LDAP server " + ldapServer.getDisplayValue() + " failed scheduled connection test: " + errMsg, "LDAP");


   continue;


   }


   // try connection


   try {


   var ldapConnectionTester = new GlideLDAPTestConnectionProcessor(ldapServer.getUniqueValue(), null);


   if (!ldapConnectionTester.testConnection()){


   errMsg += "ErrorCode: " + gs.getSession().getProperty("ldap_test.errorCode") + ". ";


   errMsg += "ErrorMessage: " +   GlideXMLUtil.removeInvalidChars(gs.getSession().getProperty("ldap_test.errorMessage")) + ". ";


   // Fire event to trigger email notification if you're looking for that event


   gs.eventQueue("ldap.connection_failed",   ldapServer, ldapServer.getDisplayValue(), errMsg);


   gs.logError("LDAP server " + ldapServer.getDisplayValue() + " failed scheduled connection test. " + errMsg, "LDAP");


   makeINCtoSystems(dn,errMsg);


   }


   } catch(e) {


   // Fire event to trigger email notification if you're looking for that event


   errMsg += e.message;


   gs.eventQueue("ldap.connection_failed",   ldapServer, ldapServer.getDisplayValue(), errMsg);


   gs.logError("LDAP server " + ldapServer.getDisplayValue() + " failed scheduled connection test. " + errMsg, "LDAP");


   gs.log('ldap connection is bad');


   makeINCtoSystems(dn,errMsg);


   }


   }


}


function makeINCtoSystems(dn,errMsg){


   var dupcheck = new GlideRecord('incident');


   dupcheck.addQuery('active',true);


   dupcheck.addQuery('short_description', 'CONTAINS', 'ServiceNow LDAP Connection Failed');


   dupcheck.query();     // Issue the query to the database to get relevant records


   if (dupcheck.next()) {


   return; //cancel if it already finds an open incident with that name


   }


   var make = new GlideRecord('incident');


   make.short_description = 'ServiceNow LDAP Connection Failed';


   make.description = 'ServiceNow reports that it has lost connection to LDAP, no uncached users will be able to log into the system\nServiceNow is set to use '+ dn + '\n' +errMsg;


   make.category = 'systems';


   make.incident_state = 1;


   make.assignment_group.setDisplayValue("Systems");


   make.notify = 2;


   make.contact_type = "self-service";


   make.impact = 1;


   make.urgency = 2;


   //make.priority = 1;


   make.insert();


}