For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Blue_whale's avatar
Blue_whale
Icon for Cirrocumulus rankCirrocumulus
Jul 07, 2022

Why do we use username and password in Healthcheck Monitor ?

Hi Team ,    We have an LDAP VIP , and we could see the heathcheck monitor which is applied to the pool has username password enabled and used . Why do we need to authenticate first before checkin...
application delivery
ldap
monitor
Nikoolayy1's avatar
Nikoolayy1
Icon for MVP rankMVP
Jul 07, 2022

If you want to make a monitor to just check check the service then you can use tcp monitor on the port of the LDAP and this is called service check. The F5 LDAP monitor is an application monitor that checks the application itself so not only LDAP needs to reply but the reply is checked if it is valid.

 

https://support.f5.com/csp/article/K17472

 

If your AD server supports anonymous searches by specific source IP addresses you may create external bash script monitor with the "ldapsearch" linux comman that will log into the LDAP without password but I do not recommend it.

https://support.f5.com/csp/article/K71282813

 

https://support.f5.com/csp/article/K15811