-
Story
-
Resolution: Unresolved
-
Normal
-
dirsrv-11.6
-
None
Description of problem:
When RHDS is down or is unresponsive, the only information provided by the healthcheck tool
is that the connection is refused:
$ dsctl <INSTANCE> healthcheck
Error: Failed to connect to Directory Server instance:
$
It would be useful to get more information about things that could be checked even when the server is not responding.
That includes:
- configuration parameters that can be read from the dse.ldif files
- configuration parameters that are not present in the dse.ldif ( thus having their default values )
- TLS certificates
...
Version-Release number of selected component (if applicable):
$ cat /etc/redhat-release
Red Hat Enterprise Linux release 8.7 (Ootpa)
$
$ rpm -qa | grep 389-ds
389-ds-base-libs-1.4.3.31-6.module+el8dsrv+16980+c4b9cd33.x86_64
cockpit-389-ds-1.4.3.31-6.module+el8dsrv+16980+c4b9cd33.noarch
389-ds-base-1.4.3.31-6.module+el8dsrv+16980+c4b9cd33.x86_64
...
$
How reproducible:
Always.
Steps to Reproduce:
1. Launch the healthcheck tool when the LDAP server is running:
$ dsctl <INSTANCE> healthcheck
...
[13] DS Lint Error: DSCERTLE0002
--------------------------------------------------------------------------------
Severity: HIGH
Check: tls:certificate_expiration
Affects:
– Expired Certificate
Details:
-----------
The certificate (Server-Cert) has expired
Resolution:
-----------
Renew or remove the certificate.
$
2. Stop the server
3. Run the tool. It only reports the fact the server is not responding:
$ dsctl <INSTANCE> healthcheck
Error: Failed to connect to Directory Server instance:
$
Actual results:
No additional data when the server is unresponsive.
Expected results:
Provide information about checks that could be performed even when the server is down.
Additional info:
Customers would typically try to run the healthcheck tool when the server is having issues
( hang, ... ).
