Sun ONE logo     Previous     Contents     Index     Next    
Sun ONE Directory Server Administration Guide



Chapter 13   Monitoring Directory Server Using SNMP

The Simple Network Management Protocol (SNMP) is a standardized management protocol for monitoring and managing devices and application in real time. Directory Server provides a subagent interface so that it can be monitored by an SNMP manager application. This allows network applications to know the status of the directory server and obtain metrics about its activity.

However, the Directory Server SNMP subagent only contains read-only values and SNMP management applications cannot perform actions on the server. Nor does the subagent send SNMP traps, which are messages to report events.

In general, the activity and error logs described in Chapter 12 "Managing Log Files," provide much more detailed information about the server, and LDAP is the protocol of choice for securely accessing and modifying the server configuration. However, the SNMP subagent does allow Directory Server instances to participate in existing network management systems.

This chapter contains the following topics:

SNMP in Sun ONE Servers

SNMP allows a management application to query applications and devices which run an agent or subagent application. The SNMP agent or subagent gathers information from the application or device in response to a query from the SNMP manager. This information is structured as variables in tables which are defined by a management information base (MIB) for the agent.

Usually, the network manager queries the SNMP variables in the subagent, and the subagent return the requested value. SNMP also defines a mechanism that allows an agent to report an event by sending a trap message to all network managers. However, Directory Server does not implement traps, and its subagent will never send a trap message.

You can have multiple subagents installed on a host machine. For example, if you have Directory Server, Enterprise Server, and Messaging Server all installed on the same host, the subagents for each of these servers communicates with the same master agent. In the Windows environment, the master agent is the SNMP service provided by the Windows operating system. In the UNIX environment, the master agent is installed with the Sun ONE Administration Server.

For further information, see Chapter 11, "Using SNMP to Monitor Servers," in the Sun ONE Server Console Server Management Guide.

The general procedure for setting up your server to be monitored through SNMP is the following:

  1. Compile the Directory Server MIB and integrate it into your SNMP management system. Refer you your system's documentation.
  2. Set up SNMP on your machine, then configure and start the SNMP master agent through the Administration Server console, according to your platform.
  3. Configure the SNMP subagent through the Directory Server console.
  4. Start the SNMP subagent through the Directory Server console, if applicable to your platform.
  5. Access the SNMP managed objects defined by the MIB and exposed through the agents. This step is entirely dependent on your SNMP management system.

The steps that are specific to Directory Server configuration are described in the following sections.

Overview of the Directory Server MIB

The Directory Server's MIB has the following object identifier:

iso.org.dod.internet.private.enterprises.netscape.nsldap
(nsldapd OBJECT IDENTIFIER ::= { 1.3.6.1.4.1.1450.7 })

And it is defined in the following file:

ServerRoot/plugins/snmp/netscape-ldap.mib

The MIB defines the variables that can be monitored through SNMP and the type of values they contain. The directory MIB is broken into four distinct tables of managed objects:

  • Operations table - Contains statistics about binds, operations, referrals and errors in the directory server. Values for these variables are also available in the attributes of the cn=snmp,cn=monitor entry of the directory. See "Monitoring Attributes" in Chapter 4 of the Sun ONE Directory Server Reference Manual.
  • Entries Table - Contains counts of entries in the directory and entry cache hits. Values for these variables are also mixed in with operation variables in the attributes of the cn=snmp,cn=monitor entry of the directory. See "Monitoring Attributes" in Chapter 4 of the Sun ONE Directory Server Reference Manual.
  • Interaction Table - Contains statistics about the last 5 directory servers with which this directory server has communicated. The objects of this table are described in "SNMP Monitoring" in Chapter 8 of the Sun ONE Directory Server Deployment Guide.
  • Entity Table - Contains variables that describe this instance of Directory Server, such as its server ID and version. The objects of this table are described in "SNMP Monitoring" in Chapter 8 of the Sun ONE Directory Server Deployment Guide.

Before you can use the directory's MIB, you must compile it along with the MIBs that you will find in the following directory:

ServerRoot/plugins/snmp/mibs

For information on how to compile MIBs, see your SNMP product documentation.

Setting Up SNMP

The steps for setting up SNMP monitoring for your directory depend on whether your host platform is UNIX, AIX, or Windows:

  1. Set up SNMP on your platform as described in the following sections:
  2. Follow the instrcutions for "Configuring SNMP in the Directory Server"
  3. Restart SNMP as described in "Starting and Stopping the SNMP Subagent".

On UNIX Platforms

To set up SNMP support for your Directory Server on a UNIX machine other than AIX, you must configure and start the master agent using the Administration Server Console.

If you are using the default port settings (161 for SNMP) then Administration Server and Directory Server must be run as root user. If you reconfigure the master agent to use ports higher than 1000, then it is not necessary to be root user.

By default, the master agent uses port 161 which conflicts with the default port of the native SNMP agent on most platforms. You must either disable the native SNMP agent before starting the master agent or plan to configure the master agent to use another port. To disable the native SNMP agent, refer to your platform documentation. To configure and start the master agent, follow the instructions in "Configuring the Master Agent on UNIX Systems" in Chapter 11 of the Sun ONE Server Console Server Management Guide.

On AIX Platforms

On the AIX platform, you do not need to set up the master agent. Instead, when the SNMP daemon is running on AIX, it supports SMUX which replaces the master agent. However, you need to change the AIX SNMP daemon configuration.

If you are using the default port settings (199 for SMUX) then Administration Server and Directory Server must be run as root user. If you reconfigure the master agent to use ports higher than 1000, then it is not necessary to be root user.

AIX uses several configuration files to filter its communications. One of them, snmpd.conf, needs to be changed so that the SNMP daemon accepts the incoming messages from the SMUX subagent. For more information, see the online manual page for snmpd.conf. You need to add a line to define each subagent.

For example, you might add this line to the snmpd.conf:

smux 1.3.6.1.4.1.1.1450.7 "" IP_address net_mask

where IP_address is the IP address of the host the subagent is running on, and net_mask is the network mask of the host.



Note

Do not use the loopback address 127.0.0.1. Always use the real IP address of the host.



If you need more information, see your AIX platform documentation.

On Windows Platforms

It is important to note that the master agent on Windows is the SNMP Service and not the SNMP agent as is the case on other platforms. Using information stored in the Windows registry, the SNMP Service invokes a DLL to access monitoring information in the directory server.

To set up SNMP support for Directory Server on a Windows machine, you must first install and configure the SNMP service through the Windows control panel. Refer to your Windows operating system documentation for instructions.

Configuring SNMP in the Directory Server

After setting up the SNMP agent or service on your platform, you must configure the SNMP parameters in your Directory Server instance. To configure SNMP settings from the Directory Server console:

  1. On the top-level Configuration tab of the Directory Server console, select the server node at the root of the configuration tree, then select the SNMP tab in the right-hand panel.
  2. Select the "Enable Statistics Collection" checkbox. By default, statistics for SNMP variables are not collected in order to improve resource usage. If you do not use SNMP and do not monitor the attributes of the cn=snmp,cn=monitor entry through LDAP, you should leave this checkbox disabled.
  3. For UNIX servers, you must enter the hostname and port number of the master agent in the corresponding text fields.
  4. The defaults are localhost and port 199, respectively.

  5. Enter information in the text fields of the Descriptive Properties box. These values will be reflected in the SNMP Entity table exposed by this server:
    • Description - Enter a description of your directory server, similar to the description field for this instance in the topology tree of the Sun ONE Server Console.
    • Organization - Enter the name of the company or internal organization to which the directory server belongs.
    • Location - Enter a geographical location for the directory server host.
    • Contact - Enter the email address or contact information of the directory server administrator.

  6. Click Save to store your changes.
  7. Start or restart the SNMP subagent on UNIX platforms or the SNMP service on a Windows platform, as described in the following section.

Starting and Stopping the SNMP Subagent

The following procedures describe how to start, restart or stop the SNMP subagent on UNIX platforms, including AIX, and the SNMP service on Windows platforms.



Note

If you add another server instance on the same host, and you want the instance to be part of the SNMP network, you must restart the SNMP subagent (UNIX and AIX) or SNMP service (Windows).



On UNIX and AIX Platforms

To start, stop, and restart the SNMP subagent for a directory running on UNIX:

  1. On the top-level Configuration tab of the Directory Server console, select the server node at the root of the configuration tree, then select the SNMP tab in the right-hand panel.
  2. Use the subagent control buttons below the Descriptive Properties box to start stop, or restart the subagent.
  3. Stopping the directory does not stop the directory subagent. If you want to stop the subagent, you must do so from this tab.

On Windows Platforms

To start, stop and restart the SNMP service for a directory running on Windows:

  1. Open the Windows Control Panel and select Services.
  2. Select SNMP from the list of Services.
  3. Click Start to start the SNMP Service, click Stop to stop the SNMP Service, or click Stop then Start to restart the SNMP Service.
  4. Stopping the directory does not stop the Windows SNMP service, you must do so explicitly from the Control Panel.


Previous     Contents     Index     Next    
Copyright 2003 Sun Microsystems, Inc. All rights reserved.