11 Replies Latest reply on May 6, 2009 7:02 PM by simonpt

    Monitor for password change or expiration

    jwashburn
    jwashburn May 6, 2009 11:12 AM

      We had a situation recently that has raised some questions.  We have a spam filter that uses ldap to query for real accounts before allowing email in.  A service account is used for the ldap query. 

      That password got changed/expired/something happened to it last night so all email was being blocked.  When I looked at the account in AD the account was not locked out and the password was set not to expire.  I re entered the password and tested LDAP with no issues.

       

      Now here is my question, can you think of any way to setup monitoring using IP monitor to test if a certain account and password is working. 

        • Re: Monitor for password change or expiration
          Peter.Cooper
          Peter.Cooper May 6, 2009 11:27 AM (in response to jwashburn)

          Try using an RPC-type Monitor, such as a Windows Service monitor using "rpc" communication type. Give it the windows credential in question, and get it going on the ipMonitor host (you may need to give that additional account permissions on the ipMonitor host).

          OR

          Use a User Experience Round Trip Email Monitor. It sends and picks up an email. It's PERFECT for your scenario, and covers more than just your spam filter. Be sure to configure the email host in the System Settings if you haven't done so already.

          Let us know if this works for you.

            • Re: Monitor for password change or expiration
              jwashburn
              jwashburn May 6, 2009 11:49 AM (in response to Peter.Cooper)

              Ill try using a server monitor.  I dont think the Exchange Round Trip will work.  If I choose POP3 and then change the port to 25 it gets mad.

               

              An error occurred while communicating with the Exchange Server: The response from the remote device does not adhere to protocol specification

               

              I cant use port 110 because I need to test the SPAM firewall is working and accepting connections and it doesnt take connections from 110 or IMAP.  I need to hit the samp device and have it test.

                • Re: Monitor for password change or expiration
                  Peter.Cooper
                  Peter.Cooper May 6, 2009 12:03 PM (in response to jwashburn)

                  Okay, it's probably best.

                  If you do decide to try the round trip wizard in the future, keep in mind that port 110 is intended for where we pick up the email, not where it is sent. SMTP specific parameters are configured (globally) here:

                  Configuration > System Settings > Email Delivery

                    • Re: Monitor for password change or expiration
                      jwashburn
                      jwashburn May 6, 2009 12:21 PM (in response to Peter.Cooper)

                      Got it thanks, we have our monitoring system doing directly to the exchange box so that wont work for us.

                      Im not sure how monitoring a service using that account is going to help?  Are you saying if I just pick the worksation service for example, and I change the password for the ldap service that monitor will throw an alert?

                        • Re: Monitor for password change or expiration
                          Peter.Cooper
                          Peter.Cooper May 6, 2009 12:34 PM (in response to jwashburn)

                          Im not sure how monitoring a service using that account is going to help?

                          In your scenario, you found that a particular account could not login and do it's business. By having ipMonitor try the account & password on a regular basis, when monitoring a Window Service of your choice, you are essentially monitoring if that account can still be used.

                          Does that make sense?

                          • Re: Monitor for password change or expiration
                            simonpt
                            simonpt May 6, 2009 5:40 PM (in response to jwashburn)

                            Peter's suggestion of using the round trip email monitor has a lot of merit.  It just takes some getting your head around and setting up right.

                            You can have IPM send a test email to an external email address (say, Gmail) via your Exchange server and out via your SMTP gateway.  You configure the Gmail account to automatically forward any emails back to an internal email address, so the test emails come back in through your SMTP gateway (which tests the LDAP credentials and lookup) and into a mailbox on your Exchange server where IPM picks it up via POP3.  You've then tested every link in the chain between you and the outside world and back again, including your ISP, your external MX records, etc.  To make it the ultimate monitor, add a GSM modem so that you can still get alerted when your email is down ;-)

                            We use this monitor exactly as I've described.  It's probably the most valuable monitor we have.

                            Hi Peter.  Welcome back!  Nice to see you back on Thwack with your excellent input.

                            Rgds, Simon