Previous Topic: Configuring the OneView MonitorNext Topic: Installing the Administrative UI to an Existing Application Server

Installation and Upgrade GuidesPolicy Server Installation GuideSNMP Support

SNMP Support

This section contains the following topics:

SNMP Support Overview

Prerequisites for Windows and UNIX Systems

Configure the SNMP Agent on Windows

Configure the SNMP Agent on UNIX Systems

SNMP Support Overview

SNMP support includes a Management Information Base (MIB), an SNMP Agent, and the Event SNMP Trap library. You can configure the SNMP Agent and Event SNMP Trap library independently and enable one or disable the other or vice versa. The SNMP Agent enables monitoring applications to retrieve operational data from the OneView Monitor. The SNMP Agent sends data to the SNMP manager and supports SNMP request handling.

The following figure shows the architecture between the management application, OS Master Agent, SNMP Agent, and the OneView Monitor.

Graphic showing the architecture between the management application, OS Master Agent, SNMP Agent, and the OneView Monitor

The OS Master Agent, such as the native Solaris SunSolstice Master Agent, invokes the SNMP Agent once you restart the Master Agent. Upon receiving an SNMP request from the management application the OS Master Agent forwards the SNMP request to the SNMP Agent. The SNMP Agent contacts the OneView Monitor, retrieves the required information using Monitor Client API, and then sends the response to the Master Agent. The Master Agent, in turn, forwards the response to the management application.

If you do not configure the SNMP Agent during the Policy Server installation, all the SNMP files are still installed in case you want to use the Agent later. However, to get the Agent running, you need to manually get the Agent started by configuring the SNMP Agent on a Windows or UNIX system.

The Event SNMP Trap library converts some CA SiteMinder® events into SNMP traps before sending them to the management application as noted in the following figure. The trap library captures events sent by the Policy Server, decides if SNMP traps are to be generated on a given event, and generates a trap.

Graphic showing the Event SNMP Trap library converting some SiteMinder events into SNMP traps before sending them to the management application

Note: For more information on the SNMP Agent and the OneView Monitor, see the Policy Server Administration Guide.

Prerequisites for Windows and UNIX Systems

You need to have a Master Agent installed with your operating system before installing or using the SNMP Agent.

Windows Prerequisites

SiteMinder SNMP support on Windows requires the SNMP service. For more information about installing the SNMP service, see the Windows online help system.

UNIX Systems Prerequisites

The following section details UNIX prerequisites for SNMP support:

Solaris

You need the native Solaris SunSolstice Master Agent, which comes with the operating system.

Linux

For the supported Master Agent on Red Hat Advanced Server 3.0, upgrade the net–snmp package to net-snmp-5.1-2.1 or greater.

To upgrade the net–snmp package to net-snmp-5.1-2.1 or greater, use the following setting in the snmpd.conf file for the net–snmpd command:

proxy -c public -v 1 localhost:8001 .1.3.6.1.4.1.2552

Note: After you upgrade the net–snmp package, add proxy support to the snmpd.conf file.

You can find the snmpd.conf file specific to CA SiteMinder® in the following location (The host usually has many snmpd.conf files):

/opt/siteminder/etc/snmp/conf/snmpd.conf

Configure the SNMP Agent on Windows

To configure the SNMP agent on Windows

  1. Be sure that the NETE_PS_ROOT environment variable is set to the CA SiteMinder® installation directory. The Policy Server installation program should have already done this.
  2. Open siteminder_home\config\snmp.conf file and edit the last row to contain the full path to siteminder_home\log\snmp.log.

    Note: You only need to do this if you did not specify the Policy Server installation program to automatically configure SNMP.

    Correct example: LOG_FILE=C:\Program Files\Netegrity\siteminder\ log\snmp.LOG

    Incorrect example: LOG_FILE=$NETE_PS_ROOT\log\snmp.log

  3. Edit the windows_dir/java_service.ini file.

    Note: You only need to do this if you did not specify the Policy Server installation to automatically configure SNMP.

    1. Set SERVICE_BINARY_NAME to the full path name of JavaService.exe.

      Example: SERVICE_BINARY_NAME=c:\winnt\JavaService.exe

    2. Set WORKING_DIR to the full path to directory siteminder_home\bin:

      Example: WORKING_DIR=C:\Program files\Netegrity\siteminder\bin

    3. Set JRE_PATH to the full path of javaw.exe.
  4. Run siteminder_home\bin\thirdparty\proxyreg.exe to change the registry keys for the apadll.dll and snmp.conf: 
    proxyreg.exe full_path_for_apadll.dll full_path_for_snmp.conf

    Important! Before running a CA SiteMinder® utility or executable on Windows Server 2008, open the command line window with administrator permissions. Open the command line window this way, even if your account has administrator privileges.

    Example: proxyreg.exe "c:\program files\netegrity\siteminder\ bin\ thirdparty\apadll.dll" "c:\programfiles\netegrity\ siteminder\ config\ snmp.conf"

  5. Run WINNT dir/JavaService.exe with the -install option, to register the Netegrity SNMP agent as a WINNT service.
  6. Start the Netegrity SNMP agent by using the Windows Services dialog box.
  7. Restart the SNMP service.
How to Configure SNMP Event Trapping on Windows

Configuring SNMP event trapping on Windows requires you to:

  1. Enable SNMP event trapping.
  2. Configure snmptrap.config.
Enable SNMP Event Trapping

To enable SNMP event trapping, use the XPSConfig utility to set the event handler library (eventsnmp.dll) to the XPSAudit list. The default location of eventsnmp.dll is policy_server_home\bin.

policy_server_home

Specifies the Policy Server installation location.

Note: More information on using the XPSConfig utility to set event handler libraries exists in the Policy Server Administration Guide.

After enabling SNMP event trapping, configure the snmptrap.conf file.

Configure snmptrap.conf

To configure the SNMP configuration file

  1. Edit snmptrap.conf.

    Note: snmptrap.conf is located in policy_server_home\config.

    policy_server_home

    Specifies the Policy Server installation location.

  2. For the specified trap(s) that you want to receive, uncomment out the appropriate line(s).
  3. Specify the IP Address, port number, and community for where you want the trap to be sent.
  4. Save the snmptrap.config file with the new changes.
  5. Restart the Policy Server.

More Information:

Stop and Restart the Policy Server

Configure the SNMP Agent on UNIX Systems

To configure the SNMP Agent on UNIX systems

  1. Ensure the NETE_PS_ROOT environment variable is set to the CA SiteMinder® installation directory. The Policy Server installation program should have already done this.

    Example: /home/smuser/siteminder

  2. Edit the file /etc/snmp/conf/RunSubagent.sh:
    1. Set the correct JRE path: JAVA_HOME=$INSTALL_HOME/bin/jdk/<required_version>/jre
    2. Set the correct CA SiteMinder® path:

      Example: INSTALL_HOME=/home/smuser/siteminder

      Note: The INSTALL_HOME variable should contain the full path for the CA SiteMinder® installation directory.

  3. Restart the SNMP daemon on Solaris
    1. Become root.
    2. Goto /etc/rc3.d.
    3. Execute the S76snmpdx script twice, as follows:

      sh S76snmpdx stop to stop the running Solaris master agent.

      sh S76snmpdx start to start the Solaris master agent and Netegrity subagent.

How to Configure SNMP Event Trapping on UNIX Systems

Configuring SNMP event trapping on UNIX systems requires you to:

  1. Enable SNMP event trapping.
  2. Configure snmptrap.config.
Enable SNMP event trapping

To enable SNMP event trapping, use the XPSConfig utility to set the event handler library (libeventsnmp.so) to the XPSAudit list. The default location of libeventsnmp.so is policy_server_home/lib.

policy_server_home

Specifies the Policy Server installation location.

Note: More information on using the XPSConfig utility to set event handler libraries exists in the Policy Server Administration Guide.

After enabling SNMP event trapping, configure the snmptrap.config file.

Configure snmptrap.config

To configure snmptrap.config

  1. Edit snmptrap.config, which is located in /home/smuser/siteminder/config.
  2. For the specified trap(s) that you want to receive, uncomment out the appropriate line(s).
  3. Specify the IP Address, port number, and community for where you want the trap to be sent.
  4. Save the snmptrap.config file with the new changes.
  5. Restart the Policy Server.

More Information:

Stop and Restart the Policy Server

Stop and Restart the Policy Server

In order for the SNMP configurations changes to take effect, you need to stop and restart the Policy Server using the Status tab of the Policy Server Management Console.

Test SNMP Gets for Red Hat Enterprise Linux Advanced Server

You should test SNMP Gets after configuring SNMP.

To test SNMP Gets

  1. Start the native SNMP master agent. On Red Hat AS, the master agent is not started automatically on start up as is the case on Solaris and HP-UX. To start the master agent, go to the /etc/rc1.d directory and run the following command (run as root): 
    K50snmpd start
  2. Start the Netegrity subagent using the following command (run as root): 
    sh /etc/init.d/NetegrityAgent
  3. To stop the Netegrity subagent on Red Hat AS, run the following command as root: 
    sh $NETE_PS_ROOT/etc/snmp/conf/StopSubagent.sh