Traps are sent only if the corresponding verb request is received by the server. They are not sent in any other cases. For example, ndsDeleteAttribute is sent only when the ndsRemoveEntry (trap number 108) request is sent. But an application can always read the ACLs and decide to check whether the user has sufficient rights to perform the delete operation. In this case, the ndsDeleteAttribute trap is not generated. However, you can use iMonitor to view the verb statistics on a particular server.
To get the traps for all occurrences, set the time interval to zero.
You can enable traps to send only on failure conditions. You can enable traps to get them under all conditions.
To restart ndssnmpsa, stop ndssnmpsa and then start it again.
To stop ndssnmpsa, enter the following:
Linux: /etc/init.d/ndssnmpsa stop
To start ndssnmpsa, enter the following:
Linux: /etc/init.d/ndssnmpsa start
If the installation of the SNMP Group object fails, you can rectify this problem by executing the following command on the server console:
ndsconfig add -m snmp
While installing eDirectory on any supported Windows platform server, if you get an SNMP group object creation error, you need to manually create the SNMP group object. For information on the steps to manually create an SNMP object, see Section 18.0, SNMP Support for NetIQ eDirectory.
The possible cause could be that you have not specified hostname:port or IP_address:port as a paramater to the SERVER command in eDirectory SNMP configuration file.
The eDirectory SNMP configuration file is ndssnmp.cfg. It is located in the following directories:
Linux: /etc/opt/novell/eDirectory/conf/ndssnmp/
Windows: install_directory\SNMP\
When anonymous bind is disabled, LDAP SNMP statistics are not reported.
To resolve this issue:
Allow anonymous bind.
Start the subagent.
Disable/disallow anonymous bind.
When a user tries to start the subagent (ndssnmpsa) by using an incorrect eDirectory password, a segmentation fault error occurs.
To avoid getting this error, ensure that you use the correct eDirectory password while starting the subagent.
After upgrading from eDirectory 8.7.3 to eDirectory 9.0, you might get the following error:
%%% Attempting to restart the NetIQ eDirectory SNMP subagent (ndssnmpsa)... Starting NDS SNMP Subagent ... Initialization failure. Error code : -255 Please Wait... Done %%% Unable to start ndssnmpsa... Please try starting it manually...
This error occurs because with eDirectory 9.0, eDirectory does not listen on the localhost. Earlier the ndssnmp.cfg file had SERVER localhost set by default.
To resolve this error, you need to manually edit the ndssnmp.cfg file and include the host name of the eDirectory server, which needs to be monitored.
For example, type the following in the ndssnmp.cfg file:
SERVER test-server
test-server is the hostname on which eDirectory is running on the default NCP port (that is 524). If eDirectory is running on a different port (for ex: 1524), the entry should be as follows:
SERVER test-server:1524
The subagent can fail with the following message:
Unable to load library: libnetsnmp.so
To resolve this, export the environment variable SNMP_MAJOR_VERSION with the net-snmp library’s (libnetsnmp.so) major version number. For example, you might use the following command:
export SNMP_MAJOR_VERSION=10
When the master agent is restarted on Linux, ndssnmpsa needs to be restarted.
To restart ndssnmpsa, stop ndssnmpsa and then start it again.
To stop ndssnmpsa, enter the following command:
/etc/init.d/ndssnmpsa stop
To start ndssnmpsa, enter the following:
/etc/init.d/ndssnmpsa start
The eDirectory MIB file (<eDirectoryInstallRootDir>\snmp\edir.mib) on Windows compiles with some errors and warnings on HP OpenView. You can ignore these errors.
If LDAP is not configured to run in clear text mode, the name of the trusted root certificate file must be given in the SNMP configuration file (for example, SSLKEY C:\Novell\nds\trust.der) before bringing up the eDirectory SNMP subagent.
ndssnmp.cfg is found in C:\novell\nds\snmp on Windows.
When you install eDirectory 9.0 for the first time (creating a new tree), if the Windows SNMP Service is installed on the server, and the SNMP Service has one or more dependent services, eDirectory cannot shut down the SNMP Service. If this happens, SNMP is not ready to use after the eDirectory installation.
Follow these steps to restart the SNMP service:
Click Start > Settings > Control Panel > Administrative Tools > Services.
Right-click SNMP Service in the Name list, then click Stop.
Click Yes to All.
Right-click SNMP Service in the Name list, then click Start.
If the Windows SNMP Service is installed on a server, and the SNMP Service has one or more dependent services, the eDirectory uninstall does not delete all the SNMP files in the C:\novell\nds folder. However, the other uninstallation processes complete successfully, including the deletion of the SNMP registry entries, and the deconfiguration process that the NetIQ SNMP agent does with DS and the SNMP Service.
To complete the uninstallation:
Click Start > Settings > Control Panel > Administrative Tools > Services.
Right-click SNMP Service in the Name list, then click Stop.
Click Yes to All.
Right-click SNMP Service in the Name list, then click Start.
Manually delete the remaining SNMP files in the C:\novell\nds folder.
SNMP stops working after installing eDirectory and displays the following error message:
SNMP subagent error -672
Workaround:
Install and configure SNMP service after eDirectory is installed.
Run the dssnmpsupport.exe on your eDirectory server.
NOTE:Apply dssnmpsupport.exe only if MpsSvc service is running on the eDirectory server.