Chapter 14 Monitoring Directory Server Using SNMP

The Simple Network Management Protocol (SNMP) is a standardized management protocol for monitoring and managing devices and applications in real time. Directory Server provides a subagent interface so that it can be monitored by an SNMP manager application. This allows network applications to determine the status of the directory server and obtain information about its activity.

The Directory Server SNMP subagent contains read-only values. SNMP management applications cannot perform actions on the server.

In general, the access and error logs described in Chapter 13, "Monitoring Directory Server Using Log Files," provide much more detailed information about the server, and LDAP is the protocol of choice for securely accessing and modifying the server configuration. However, the SNMP subagent does allow Directory Server instances to participate in existing network management systems.

SNMP in Sun Java System Servers

Overview of the Directory Server MIB

Setting Up SNMP

Configuring SNMP in Directory Server

Starting and Stopping the SNMP Subagent

SNMP in Sun Java System Servers

SNMP allows a management application to query applications and devices which run an agent or subagent application. The SNMP agent or subagent gathers information from the application or device in response to a query from the SNMP manager. This information is structured as variables in tables which are defined by a management information base (MIB) for the agent.

Usually, the network manager queries the SNMP variables in the subagent, and the subagent returns the requested value. SNMP also defines a mechanism that allows an agent to report an event by sending a trap message to all network managers. If the subagent and master agent are running before the Directory Server daemon is launched, the Directory Server subagent sends a SMUX trap to the master agent on Directory Server startup or shutdown. The master agent converts this to an SNMP trap.

Multiple subagents can be installed on a host machine. For example, if Directory Server, Application Server, and Messaging Server all installed on the same host, the subagents for each of these servers communicate with the same master agent. The master agent is installed with Administration Server.

The general procedure for setting up your server to be monitored through SNMP is the following:

Compile the Directory Server MIB and integrate it into your SNMP management system. Refer to your system documentation.

Set up SNMP on your machine, then configure and start the SNMP master agent through Sun Java System Server Console.

Configure the SNMP subagent through Directory Server Console.

Start the SNMP subagent through Directory Server Console.

Access the SNMP managed objects defined by the MIB and exposed through the agents. This step is entirely dependent on your SNMP management system.

The steps that are specific to Directory Server configuration are described in the following sections.

Overview of the Directory Server MIB

iso.org.dod.internet.private.enterprises.netscape.nsldap
(nsldapd OBJECT IDENTIFIER ::= { 1.3.6.1.4.1.1450.7 })

The MIB defines the variables that can be monitored through SNMP and the type of values they contain. The directory MIB is broken into four distinct tables of managed objects:

Operations table - Contains statistics about binds, operations, referrals and errors in the directory. Values for these variables are also available in the attributes of the cn=snmp,cn=monitor entry of the directory. See “Monitoring Attributes,” in Chapter 2 of the Directory Server Administration Reference.

Entries Table - Contains counts of entries in the directory and entry cache hits. Values for these variables are also mixed in with operation variables in the attributes of the cn=snmp,cn=monitor entry of the directory. See “Monitoring Attributes,” in Chapter 2 of the Directory Server Administration Reference.

Interactions Table - Contains statistics about the last 5 directory servers with which this directory server has communicated. See the “Interactions Table of Supported SNMP Managed Objects,” in Chapter 2 of the Directory Server Administration Reference.

Entity Table - Contains variables that describe this instance of Directory Server, such as its server ID and version. See the “Entity Table of SNMP Supported Managed Objects,“ in Chapter 2 of the Directory Server Administration Reference.

Before you can use the directory’s MIB, you must compile it along with the MIBs that you will find in the following directory:

Setting Up SNMP

If your system is already running a native SNMP agent that supports SMUX communication, you do not need to install a master agent. However, you must change the native agent's configuration. If your system is not running a native SNMP agent, you must configure and start the master agent using Server Console.

If you are using the default port settings (161 for SNMP) then Administration Server and Directory Server must be run as the root user. If you reconfigure the master agent to use ports higher than 1000, it is not necessary to be root.

By default, the master agent uses port 161 which conflicts with the default port of the native SNMP agent on most platforms. You must either disable the native SNMP agent before starting the master agent or configure the master agent to use another port. To disable the native SNMP agent, refer to your platform documentation. To configure and start the master agent, follow the instructions in “Configuring the Master Agent,” in Chapter 10 of the Administration Server Administration Guide.

Configuring SNMP in Directory Server

After setting up the SNMP agent or service on your platform, you must configure the SNMP parameters in your Directory Server instance. To configure SNMP settings from Directory Server Console:

On the top-level Configuration tab of Directory Server Console, select the server node at the root of the configuration tree, then select the SNMP tab in the right-hand panel.

Select the “Enable statistics collection” checkbox. By default, statistics for SNMP variables are not collected in order to improve resource usage. If you do not use SNMP and do not monitor the attributes of the cn=snmp,cn=monitor entry through LDAP, you should leave this checkbox disabled.

Enter the hostname and port number of the master agent in the corresponding text fields.

The defaults are localhost and port 199, respectively.

Enter information in the text fields of the Descriptive Properties box. These values will be reflected in the SNMP Entity table exposed by this server:

Description - Enter a description of your directory server, similar to the description field for this instance in the topology tree of Server Console.

Organization - Enter the name of the company or internal organization to which the directory server belongs.

Location - Enter a geographical location for the directory server host.

Contact - Enter the email address or contact information of the directory server administrator.

Click Save to store your changes.

Start or restart the SNMP subagent, as described in the following section.

Starting and Stopping the SNMP Subagent

The following procedures describe how to start, restart or stop the SNMP subagent from Directory Server Console. For information on starting and stopping the subagent from the command line, refer to the “directoryserver sagt” command in the Directory Server Administration Reference.


Note	If you add another server instance on the same host, and you want the instance to be part of the SNMP network, you must restart the SNMP subagent.

On the top-level Configuration tab of Directory Server Console, select the server node at the root of the configuration tree, then select the SNMP tab in the right-hand panel.

Use the subagent control buttons below the Descriptive Properties box to start stop, or restart the subagent.

Stopping the directory does not stop the directory subagent. If you want to stop the subagent, you must do so from this tab.

Previous Contents Index Next
Sun Java(TM) System Directory Server 5 2004Q2 Administration Guide