OMSA help in unsupported install...

Eric Rostetter rostetter at mail.utexas.edu
Thu Feb 4 12:43:19 CST 2010


Quoting Vanush Misha Paturyan <misha at cs.nuim.ie>:

> I'd start by figuring out how exactly "Access Control" is configured in
> your snmpd.conf file. Find out what security names you have configured,
> what access those security names have and if you are using snmpwalk -v
> 2c -c "public" to walk the tree what does "public" community maps into.

It is a standard setup with the standard read-only public community.

I can snmpwalk the normal mibs fine.  For example, I can smnpwalk the
"standard" mib names such as system, tcp, hwStorage, etc.

Only when I try to access the OMSA mibs do I get nothing back (no error,
no data).

That doesn't mean it isn't access, but it does mean at least some access
is being granted.

> Sample from our configuration we are using here (taken from snmpd.conf)
> com2sec readonly default our_community
> group MyROGroup v1 readonly
> group MyROGroup v2c readonly
> group MyROGroup usm readonly
> view all included .1 80
> access MyROGroup "" any noauth exact all none none

I did try adding:

view all    included  .1
access notConfigGroup "" any noauth exact all none none

and it didn't change anything in a noticible way (things that used to
work still worked, things that used to not work still didn't work).

> this will map community "our_community" (to get rid of default
> "public") to security name "readonly", then map that security name into
> group "MyROGroup", define view called "all" which includes full SNMP
> tree and then give read-only access to group MyROGroup to view "all".

I basically tried that (as above, just adding the view all and access
lines, and also to the fuller extent of changing from public to another
name and all that, and it made no difference.

> You haven't specified what exactly you are snmpwalk-ing remotely. The
> OMSA branch or full system?

Yes, I realized that about 5 seconds after sending the message.  And I
thought about posting an immediate follow up to make it clear I could
read everything except the OMSA values, but decided to just wait and
see what happened with the original message.

> Hope this is helpful

Did not help my actual situation, but I appreciate your time and effort
none-the-less!

> Misha.
> --
> Vanush "Misha" Paturyan
> Senior Technical Officer
> Computer Science Department
> NUI Maynooth


-- 
Eric Rostetter
The Department of Physics
The University of Texas at Austin

Go Longhorns!



More information about the Linux-PowerEdge mailing list