Install and Configure SNMP Support

SNMP support includes a Management Information Base (MIB), an SNMP Agent, and the Event SNMP Trap library. You can configure and enable or disable the SNMP Agent and Event SNMP Trap library independently. The SNMP Agent enables monitoring applications to retrieve operational data from the OneView Monitor. The SNMP Agent sends data to the SNMP manager and supports SNMP request handling.
casso1283
SNMP support includes a Management Information Base (MIB), an SNMP Agent, and the Event SNMP Trap library. You can configure and enable or disable the SNMP Agent and Event SNMP Trap library independently. The SNMP Agent enables monitoring applications to retrieve operational data from the OneView Monitor. The SNMP Agent sends data to the SNMP manager and supports SNMP request handling.
The following figure shows the architecture between the management application, OS Master Agent, SNMP Agent, and the OneView Monitor:
SNMP Architecture
SNMP Architecture
The OS Master Agent, such as the native Solaris SunSolstice Master Agent, invokes the SNMP Agent once you restart the Master Agent. Upon receiving an SNMP request from the management application, the OS Master Agent forwards the SNMP request to the SNMP Agent. The SNMP Agent contacts the OneView Monitor, retrieves the required information using Monitor Client API, and then sends the response to the Master Agent. The Master Agent, in turn, forwards the response to the management application.
If you do not configure the SNMP Agent during the Policy Server installation, all the SNMP files are still installed in case you want to use the Agent later. However, to get the Agent running, manually get the Agent started by configuring the SNMP Agent on a Windows or UNIX system.
The Event SNMP Trap library converts some 
SiteMinder
 events into SNMP traps before sending them to the management application as noted in the following figure. The trap library captures events that the Policy Server sends, decides if SNMP traps are generated on a given event, and generates a trap.
SNMP Overview
SNMP Overview
 
To configure SNMP complete the following procedures:
 
 
2
 
 
Verify SNMP Prerequisites
Verify that an SNMP Master Agent is installed for your operating system before you install or use the SNMP Agent  .
 
Windows Prerequisites
 
 
SiteMinder
 SNMP support on Windows requires the SNMP service. For more information about installing the SNMP service, see the Windows online help system.
Linux Prerequisites
 
For the supported Master Agent on Red Hat Advanced Server 3.0, upgrade the net–snmp package to net-snmp-5.1-2.1 or greater.
To upgrade the net–snmp package to net-snmp-5.1-2.1 or greater, use the following setting in the snmpd.conf file for the net–snmpd command:
proxy -c public -v 1 localhost:8001 .1.3.6.1.4.1.2552
 After you upgrade the net–snmp package, add proxy support to the snmpd.conf file.
You can find the snmpd.conf file specific to 
SiteMinder
 in the following location (The host usually has many snmpd.conf files):
/opt/siteminder/etc/snmp/conf/snmpd.conf
Configure the SNMP Agent on Windows
Complete the following procedure to configure the SNMP Agent on Windows.
 
Follow these steps:
 
  1. Be sure that the NETE_PS_ROOT environment variable is set to the 
    SiteMinder
     installation directory. The Policy Server installation program should have already done this.
  2. Open 
    siteminder_home
    \config\snmp.conf file and edit the last row to contain the full path to 
    siteminder_home
    \log\snmp.log.
    This step is only required if you did not specify the Policy Server installation program to configure SNMP automatically.
     
    Correct example:
     LOG_FILE=C:\Program Files\Netegrity\siteminder\ log\snmp.LOG
    Incorrect example:
     LOG_FILE=$NETE_PS_ROOT\log\snmp.log
  3. Edit the w
    indows_dir
    /java_service.ini file.
    This step is only required if you did not specify the Policy Server installation to configure SNMP automatically.
    1. Set SERVICE_BINARY_NAME to the full path name of JavaService.exe.
      Example:
       SERVICE_BINARY_NAME=c:\winnt\JavaService.exe
    2. Set WORKING_DIR to the full path to directory 
      siteminder_home
      \bin:
      Example:
       WORKING_DIR=C:\Program files\Netegrity\siteminder\bin
    3. Set JRE_PATH to the full path of javaw.exe.
  4. Run 
    siteminder_home
    \bin\thirdparty\proxyreg.exe to change the registry keys for the apadll.dll and snmp.conf:
    proxyreg.exe full_path_for_apadll.dll full_path_for_snmp.conf
    casso1283
    If User Account Control (UAC) is enabled in Windows Server, open the command-line window with administrator permissions. Open the command-line window this way even if your account has administrator privileges.
     
    Example:
     proxyreg.exe "c:\program files\netegrity\siteminder\ bin\ thirdparty\apadll.dll" "c:\programfiles\netegrity\ siteminder\ config\ snmp.conf"
  5. Run 
    WINNT dir
    /JavaService.exe with the -install option, to register the Netegrity SNMP agent as a WINNT service.
  6. Start the Netegrity SNMP agent by using the Windows Services dialog.
  7. Restart the SNMP service.
Configure SNMP Event Trapping on Windows
Complete the following procedures to configure SNMP even trapping on Windows.
Enable SNMP Event Trapping
To enable SNMP event trapping, use the XPSConfig utility to set the event handler library (eventsnmp.dll) to the XPSAudit list. The default location of eventsnmp.dll is 
policy_server_home
\bin.
  •  
    policy_server_home
    Specifies the Policy Server installation location.
After you enable SNMP event trapping, configure the snmptrap.conf file.
Configure the snmptrap.conf configuration file
Complete the following procedure to configure the snmptrap.conf configuration file.
 
Follow these steps:
 
  1. Edit snmptrap.conf.
     snmptrap.conf is located in 
    policy_server_home
    \config.
    •  
      policy_server_home
      Specifies the Policy Server installation location.
  2. For the specified trap (or traps) that you want to receive, uncomment out the appropriate line (or lines).
  3. Specify the IP Address, port number, and community for where you want the trap to be sent.
  4. Save the snmptrap.config file with the new changes.
  5. Restart the Policy Server.
Configure the SNMP Agent on UNIX Systems
Complete the following procedure to configure the SNMP Agent on UNIX systems.
 
Follow these steps:
 
  1. Verify that the NETE_PS_ROOT environment variable is set to the 
    SiteMinder
     installation directory.
    Example:
     /home/smuser/siteminder
  2. Edit the file /etc/snmp/conf/RunSubagent.sh:
    1. Set the correct JRE path: JAVA_HOME=$INSTALL_HOME/bin/jdk/<required_version>/jre
    2. Set the INSTALL_HOME variable to the full path to the  
      SiteMinder
       installation directory:
      Example:
       
      INSTALL_HOME
      =/home/smuser/siteminder
Configure SNMP Event Trapping on UNIX Systems
Complete the following procedures to configure SNMP even trapping on UNIX systems.
Enable SNMP event trapping
To enable SNMP event trapping, use the XPSConfig utility to set the event handler library (libeventsnmp.so) to the XPSAudit list. The default location of libeventsnmp.so is 
policy_server_home
/lib.
  •  
    policy_server_home
    Specifies the Policy Server installation location.
Configure the snmptrap.config File
 
Follow these steps:
 
  1. Edit snmptrap.config, which is located in /home/smuser/siteminder/config.
  2. For the specified trap or traps that you want to receive, uncomment out the appropriate line or lines.
  3. Specify the IP Address, port number, and community for where you want the trap to be sent.
  4. Save the snmptrap.config file with the new changes.
  5. Restart the Policy Server.
Test SNMP Gets for Red Hat Enterprise Linux Advanced Server
On Red Hat Enterprise Linux Advanced Server, test SNMP Gets after configuring SNMP.
 
Follow these steps:
 
  1. Start the native SNMP master agent. On Red Hat AS, the master agent is not started automatically on start up. To start the master agent, go to the NETE_PS_ROOT/etc/snmp/conf/ directory and run the following command. Run the command as root.
    K50snmpd start
  2. Start the Netegrity subagent using the following command (run as root):
    sh /etc/init.d/NetegrityAgent
  3. To stop the Netegrity subagent on Red Hat AS, run the following command as root:
    sh $NETE_PS_ROOT/etc/snmp/conf/StopSubagent.sh