home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Internet Info 1997 December
/
Internet_Info_CD-ROM_Walnut_Creek_December_1997.iso
/
drafts
/
draft_ietf_j_p
/
draft-ietf-madman-dsa-mib-1-02.txt
< prev
next >
Wrap
Text File
|
1997-02-19
|
35KB
|
1,176 lines
MADMAN Working Group Glenn Mansfield [glenn@aic.co.jp]
INTERNET-DRAFT Cyber Research Inc.
draft-ietf-madman-dsa-mib-1-02.txt S.E.Kille [S.Kille@isode.com]
ISODE Consortium
February 1997
LDAP/CLDAP/X.500 Directory Services Monitoring MIB
Status of this Memo
This document is an Internet Draft. Internet Drafts are working
documents of the Internet Engineering Task Force (IETF), its Areas,
and its Working Groups. Note that other groups may also distribute
working documents as Internet Drafts.
Internet Drafts are draft documents valid for a maximum of six
months. Internet Drafts may be updated, replaced, or obsoleted by
other documents at any time. It is not appropriate to use Internet
Drafts as reference material or to cite them other than as a "working
draft" or "work in progress."
To learn the current status of any Internet-Draft, please check the
1id-abstracts.txt listing contained in the Internet-Drafts Shadow
Directories on ds.internic.net, nic.nordu.net, ftp.nisc.sri.com, or
munnari.oz.au.
Abstract
This document defines a portion of the Management Information Base
(MIB). It defines the MIB for monitoring Directory Services. This MIB
will be used in conjunction with the APPLICATION-MIB for monitoring
Directory Servers (DS)s.
Table of Contents
1. The SNMPv2 Network Management Framework ....................... 2
2. The Directory Services Model .................................. 2
3. MIB Model for DS Management .................................. 3
4. MIB design .................................................... 4
5. The Directory Server Monitoring MIB ........................... 5
6. Changes from RFC1567 ..........................................19
7. Acknowledgements ..............................................20
8. References ....................................................20
Security Considerations ...........................................21
Authors' Addresses ................................................21
Expires: August 16, 1997 [Page 1]
Internet Draft February 16 1997
1. The SNMPv2 Network Management Framework.
The major components of the SNMPv2 Network Management framework are
described in the documents listed below.
o RFC 1902 [1] defines the Structure of Management Information
(SMI), the mechanisms used for describing and naming objects
for the purpose of management.
o STD 17, RFC 1213 [2] defines MIB-II, the core set of managed
objects (MO) for the Internet suite of protocols.
o RFC 1905 [3] defines the protocol used for network access to
managed objects.
The framework is adaptable/extensible by defining new MIBs to suit
the requirements of specific applications/protocols/situations.
Managed objects are accessed via a virtual information store, the
MIB. Objects in the MIB are defined using the subset of Abstract
Syntax Notation One (ASN.1) defined in the SMI. In particular, each
object type is named by an OBJECT IDENTIFIER, which is an
administratively assigned name. The object type together with an
object instance serves to uniquely identify a specific instantiation
of the object. For human convenience, often a textual string, termed
the descriptor, is used to refer to the object type.
2. The Directory Services Model.
In the following we adopt the X.500 model [4] which covers the X.500
Directory System Agents (DSA) [4] which run over the OSI suite of
protocols, (C)LDAP[R1,R2] frontends to DSAs and, the native LDAP
Directory Servers which run directly over TCP or other protocols.
The Directory contains information in the form of entries. An entry
is a collection of attributes and is uniquely identified by a name,
the Distinguished Name (DN). The entries are arranged in a
hierarchical tree-like structure called the Directory Information
Tree (DIT).
The Directory Server (DS) is an application process. Clients or User
Agents (UA) are provided access to the Directory which maybe local or
distributed, by the Directory Servers (DS).
A client or User Agent requests a Directory Server to perform some
operation on the Directory. The DS is responsible for performing the
Expires: August 16, 1997 [Page 2]
Internet Draft February 16 1997
operation and after completing its effort to carry out the request,
returns a response to the UA.
A DS may use information stored in its local database or interact
with (chain the request to) other DSs to service the UA request.
Alternatively, a DS may return a reference to another DS.
The local database of a DS consists of the part of the Directory that
is mastered by the DS, the part of the Directory for which it keeps
slave copies and cached information that is gathered during the
operation of the DS.
In the connection oriented mode a UA "binds" to a DS with a
particular identification. The DS generally authenticates the
identity of the UA. In the connectionless mode as is employed in
CLDAP [CLDAP] no binding and/authentication is carried out between
the UA and the DS. The following type of operations are carried out
by the DS : Read, Compare, Addition of an Entry (AddEntry),
Modification of an Entry (ModifyEntry), Modification of a DN
(ModifyRDN), Deletion of an Entry (RemoveEntry), List, Search,
Abandon. Some DSs do not support some type of operations. For example
CLDAP does not support AddEntry, ModifyEntry, ModifyRDN, RemoveEntry
etc. In response to requests results and/or errors are returned by
the DS.
3. MIB Model for DS Management.
A DS-manager may wish to monitor several aspects of the
operational DS. He/she may want to know the process related aspects-
the resource utilization of the operational DS; the network service
related aspects e.g. inbound-associations, outbound-associations,
operational status, and finally the information specific to the DS
application- its operations and performance.
The MIB defined in this document covers the portion which is
specific to the DS-application. The network service related part of
the MIB, and the host-resources related part of the MIB, as well
other parts of interest to a Manager monitoring the DS-application,
are covered in separate documents [5][6].
Expires: August 16, 1997 [Page 3]
Internet Draft February 16 1997
4. MIB design.
The basic principle has been to keep the MIB as simple as possible.
The Managed objects included in the MIB are divided into three
tables- OpsTable, EntryTable and IntTable.
- The OpsTable provides summary statistics on the accesses,
operations and errors.
- The EntriesTable provides summary statistics on the entries
held by the DS and on cache performance.
- The IntTable provides some useful information on the
interaction of the monitored DS with peer DSs.
There are references to the Directory itself for static
information pertaining to the DS. These references are in the form
of "Directory Distinguished Name" [7] of the corresponding object. It
is intended that DS management applications will use these
references to obtain further related information on the objects of
interest.
Expires: August 16, 1997 [Page 4]
Internet Draft February 16 1997
5. The Directory Monitoring MIB.
DS-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE,
NOTIFICATION-TYPE
FROM SNMPv2-SMI
DisplayString, TimeStamp,
TEXTUAL-CONVENTION
FROM SNMPv2-TC
applIndex, DistinguishedName, URLString,
FROM APPLICATION-MIB
MIB MODULE-IDENTITY
LAST-UPDATED "9702190000Z"
ORGANIZATION "IETF Mail and Directory Management Working
Group"
CONTACT-INFO
" Glenn Mansfield
Postal: Cyber Research Inc.
6-6-3, Minami Yoshinari
Aoba-ku, Sendai, Japan 989-32.
Tel: +81-22-303-4012
Fax: +81-22-298-9654
E-mail: glenn@aic.co.jp"
DESCRIPTION
" The MIB module for monitoring Directory Services."
::= { experimental XXX}
dsOpsTable OBJECT-TYPE
SYNTAX SEQUENCE OF DsOpsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" The table holding information related to the
DS operations."
::= {dsMIB 1}
dsOpsEntry OBJECT-TYPE
SYNTAX DsOpsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" Entry containing operations related statistics
Expires: August 16, 1997 [Page 5]
Internet Draft February 16 1997
for a DS."
INDEX { applIndex }
::= {dsOpsTable 1}
DsOpsEntry ::= SEQUENCE {
-- Bindings
dsAnonymousBinds
Counter32,
dsUnauthBinds
Counter32,
dsSimpleAuthBinds
Counter32,
dsStrongAuthBinds
Counter32,
dsBindSecurityErrors
Counter32,
-- In-coming operations
dsInOps
Counter32,
dsReadOps
Counter32,
dsCompareOps
Counter32,
dsAddEntryOps
Counter32,
dsRemoveEntryOps
Counter32,
dsModifyEntryOps
Counter32,
dsModifyRDNOps
Counter32,
dsListOps
Counter32,
dsSearchOps
Counter32,
dsOneLevelSearchOps
Counter32,
dsWholeSubtreeSearchOps
Counter32,
-- Out going operations
dsReferrals
Counter32,
Expires: August 16, 1997 [Page 6]
Internet Draft February 16 1997
dsChainings
Counter32,
-- Errors
dsSecurityErrors
Counter32,
dsErrors
Counter32
}
-- CLDAP does not use binds; for A CLDAP DS the bind
-- related counters will be inaccessible.
--
-- CLDAP and LDAP implement "Read" and "List" operations
-- indirectly via the "search" operation; the following
-- counters will be inaccessible for CLDAP and LDAP DSs:
-- dsReadOps, dsListOps
--
-- CLDAP does not implement "Compare", "Add", "Remove",
-- "Modify", "ModifyRDN"; the following counters will be
-- inaccessible for CLDAP DSs:
-- dsCompareOps, dsAddEntryOps, dsRemoveEntryOps,
-- dsModifyEntryOps, dsModifyRDNOps.
--
-- CLDAP and LDAP DS's do not return Referrals
-- the following fields will remain inaccessible for
-- CLDAP and LDAP DSs: dsReferrals.
dsAnonymousBinds OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of anonymous binds to this DS from UAs
since application start."
::= {dsOpsEntry 1}
dsUnauthBinds OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of un-authenticated binds to this DS since
application start."
::= {dsOpsEntry 2}
dsSimpleAuthBinds OBJECT-TYPE
Expires: August 16, 1997 [Page 7]
Internet Draft February 16 1997
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of binds to this DS that were authenticated
using simple authentication procedures since
application start."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Section 8.1.2.1.1. and, RFC1777 Section 4.1"
::= {dsOpsEntry 3}
dsStrongAuthBinds OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of binds to this DS that were authenticated
using the strong authentication procedures since
application start. This includes the binds that were
authenticated using external authentication procedures."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Sections 8.1.2.1.2 & 8.1.2.1.3. and, RFC1777 Section 4.1."
::= {dsOpsEntry 4}
dsBindSecurityErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of bind operations that have been rejected
by this DS due to inappropriateAuthentication or
invalidCredentials."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Section 12.7.2 and, RFC1777 Section 4."
::= {dsOpsEntry 5}
dsInOps OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of operations forwarded to this DS
from UAs or other DSs since application
start up."
::= {dsOpsEntry 6}
Expires: August 16, 1997 [Page 8]
Internet Draft February 16 1997
dsReadOps OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of read operations serviced by
this DS since application startup."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Section 9.1."
::= {dsOpsEntry 7}
dsCompareOps OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of compare operations serviced by
this DS since application startup."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Section 9.2. and, RFC1777 section 4.8"
::= {dsOpsEntry 8}
dsAddEntryOps OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of addEntry operations serviced by
this DS since application startup."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Section 11.1. and, RFC1777 Section 4.5."
::= {dsOpsEntry 9}
dsRemoveEntryOps OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of removeEntry operations serviced by
this DS since application startup."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Section 11.2. and, RFC1777 Section 4.6."
::= {dsOpsEntry 10}
Expires: August 16, 1997 [Page 9]
Internet Draft February 16 1997
dsModifyEntryOps OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of modifyEntry operations serviced by
this DS since application startup."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Section 11.3. and, RFC1777 Section 4.4."
::= {dsOpsEntry 11}
dsModifyRDNOps OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of modifyRDN operations serviced by
this DS since application startup."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Section 11.4.and, RFC1777 Section 4.7"
::= {dsOpsEntry 12}
dsListOps OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of list operations serviced by
this DS since application startup."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Section 10.1."
::= {dsOpsEntry 13}
dsSearchOps OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of search operations- baseObject searches,
oneLevel searches and wholeSubtree searches,
serviced by this DS since application startup."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Section 10.2. and, RFC1777 Section 4.3."
::= {dsOpsEntry 14}
Expires: August 16, 1997 [Page 10]
Internet Draft February 16 1997
dsOneLevelSearchOps OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of oneLevel search operations serviced
by this DS since application startup."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Section 10.2.2.2. and, RFC1777 Section 4.3."
::= {dsOpsEntry 15}
dsWholeSubtreeSearchOps OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of wholeSubtree search operations serviced
by this DS since application startup."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Section 10.2.2.2. and, RFC1777 Section 4.3."
::= {dsOpsEntry 16}
dsReferrals OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of referrals returned by this DS in response
to requests for operations since application startup."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Section 12.6."
::= {dsOpsEntry 17}
dsChainings OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of operations forwarded by this DS
to other DSs since application startup."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.518, 1988:
Section 14."
::= {dsOpsEntry 18}
Expires: August 16, 1997 [Page 11]
Internet Draft February 16 1997
dsSecurityErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of operations forwarded to this DS
which did not meet the security requirements. "
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Section 12.7. and, RFC1777 Section 4."
::= {dsOpsEntry 19}
dsErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of operations that could not be serviced
due to errors other than security errors, and
referrals.
A partially serviced operation will not be counted
as an error.
The errors include NameErrors, UpdateErrors, Attribute
errors and ServiceErrors."
REFERENCE
" CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988:
Sections 12.4, 12.5, 12.8 & 12.9. and, RFC1777 Section 4."
::= {dsOpsEntry 20}
-- Entry statistics/Cache performance
dsEntriesTable OBJECT-TYPE
SYNTAX SEQUENCE OF DsEntriesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" The table holding information related to the
entry statistics and cache performance of the DSs."
::= {dsMIB 2}
dsEntriesEntry OBJECT-TYPE
SYNTAX DsEntriesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" Entry containing statistics pertaining to entries
held by a DS."
INDEX { applIndex }
::= {dsEntriesTable 1}
Expires: August 16, 1997 [Page 12]
Internet Draft February 16 1997
DsEntriesEntry ::= SEQUENCE {
dsMasterEntries
Gauge32,
dsCopyEntries
Gauge32,
dsCacheEntries
Gauge32,
dsCacheHits
Counter32,
dsSlaveHits
Counter32
}
-- A (C)LDAP frontend to the X.500 Directory will not have
-- MasterEntries, CopyEntries; the following counters will
-- be inaccessible for LDAP/CLDAP frontends to the X.500
-- directory: dsMasterEntries, dsCopyEntries, dsSlaveHits.
dsMasterEntries OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of entries mastered in the DS."
::= {dsEntriesEntry 1}
dsCopyEntries OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of entries for which systematic (slave)
copies are maintained in the DS."
::= {dsEntriesEntry 2}
dsCacheEntries OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of entries cached (non-systematic copies) in
the DS. This will include the entries that are
cached partially. The negative cache is not counted."
::= {dsEntriesEntry 3}
Expires: August 16, 1997 [Page 13]
Internet Draft February 16 1997
dsCacheHits OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of operations that were serviced from
the locally held cache since application
startup."
::= {dsEntriesEntry 4}
dsSlaveHits OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Number of operations that were serviced from
the locally held object replications ( shadow
entries) since application startup."
::= {dsEntriesEntry 5}
-- The dsIntTable contains statistical data on the peer DSs
-- with which the monitored DSs (attempt to) interact. This
-- table will provide a useful insight into the effect of
-- neighbours on the DS performance.
-- The table keeps track of the last "N" DSs with which the
-- monitored DSs has interacted (attempted to interact),
-- where "N" is a locally-defined constant.
dsIntTable OBJECT-TYPE
SYNTAX SEQUENCE OF DsIntEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" Each row of this table contains some details
related to the history of the interaction
of the monitored DSs with their respective
peer DSs."
::= { dsMIB 3 }
Expires: August 16, 1997 [Page 14]
Internet Draft February 16 1997
dsIntEntry OBJECT-TYPE
SYNTAX DsIntEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" Entry containing interaction details of a DS
with a peer DS."
INDEX { applIndex,dsIntIndex }
::= { dsIntTable 1 }
DsIntEntry ::= SEQUENCE {
dsIntIndex
INTEGER,
dsName
DistinguishedName,
dsTimeOfCreation
TimeStamp,
dsTimeOfLastAttempt
TimeStamp,
dsTimeOfLastSuccess
TimeStamp,
dsFailuresSinceLastSuccess
Counter32,
dsFailures
Counter32,
dsSuccesses
Counter32,
dsURL
URLString
}
dsIntIndex OBJECT-TYPE
SYNTAX INTEGER (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" Together with applIndex it forms the unique key to
identify the conceptual row which contains useful info
on the (attempted) interaction between the DS (referred
to by applIndex) and a peer DS."
::= {dsIntEntry 1}
dsName OBJECT-TYPE
SYNTAX DistinguishedName
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Distinguished Name of the peer DS to which this
Expires: August 16, 1997 [Page 15]
Internet Draft February 16 1997
entry pertains."
::= {dsIntEntry 2}
dsTimeOfCreation OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The value of sysUpTime when this row was created.
If the entry was created before the network management
subsystem was initialized, this object will contain
a value of zero."
::= {dsIntEntry 3}
dsTimeOfLastAttempt OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The value of sysUpTime when the last attempt was made
to contact this DS. If the last attempt was made before
the network management subsystem was initialized, this
object will contain a value of zero."
::= {dsIntEntry 4}
dsTimeOfLastSuccess OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The value of sysUpTime when the last attempt made to
contact this DS was successful. If there have
been no successful attempts this entry will have a value
of zero. If the last successful attempt was made before
the network management subsystem was initialized, this
object will contain a value of zero."
::= {dsIntEntry 5}
Expires: August 16, 1997 [Page 16]
Internet Draft February 16 1997
dsFailuresSinceLastSuccess OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" The number of failures since the last time an
attempt to contact this DS was successful. If
there has been no successful attempts, this counter
will contain the number of failures since this entry
was created."
::= {dsIntEntry 6}
dsFailures OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Cumulative failures since the creation of
this entry."
::= {dsIntEntry 7}
dsSuccesses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" Cumulative successes since the creation of
this entry."
::= {dsIntEntry 8}
dsURL OBJECT-TYPE
SYNTAX URLString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" URL of the DS application."
::= {dsIntEntry 9}
Expires: August 16, 1997 [Page 17]
Internet Draft February 16 1997
-- Conformance information
dsConformance OBJECT IDENTIFIER ::= { dsMIB 4 }
dsGroups OBJECT IDENTIFIER ::= { dsConformance 1 }
dsCompliances OBJECT IDENTIFIER ::= { dsConformance 2 }
-- Compliance statements
dsOpsCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMPv2 entities
which implement the DS-MIB for monitoring
DS operations."
MODULE -- this module
MANDATORY-GROUPS { dsOpsGroup }
::= { dsCompliances 1 }
dsEntryCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMPv2 entities
which implement the DS-MIB for monitoring
DS operations, entry statistics and cache
performance."
MODULE -- this module
MANDATORY-GROUPS { dsOpsGroup,dsEntryGroup }
::= { dsCompliances 2 }
dsIntCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
" The compliance statement for SNMPv2 entities
which implement the DS-MIB for monitoring DS
operations and the interaction of the DS with
peer DSs."
MODULE -- this module
MANDATORY-GROUPS { dsOpsGroup, dsIntGroup }
::= { dsCompliances 3 }
Expires: August 16, 1997 [Page 18]
Internet Draft February 16 1997
-- Units of conformance
dsOpsGroup OBJECT-GROUP
OBJECTS {
dsAnonymousBinds, dsUnauthBinds, dsSimpleAuthBinds,
dsStrongAuthBinds, dsBindSecurityErrors,dsInOps,
dsReadOps, dsCompareOps, dsAddEntryOps,
dsRemoveEntryOps, dsModifyEntryOps, dsModifyRDNOps,
dsListOps, dsSearchOps, dsOneLevelSearchOps,
dsWholeSubtreeSearchOps,dsReferrals, dsChainings,
dsSecurityErrors, dsErrors}
STATUS current
DESCRIPTION
" A collection of objects for monitoring the DS
operations."
::= { dsGroups 1 }
dsEntryGroup OBJECT-GROUP
OBJECTS {dsMasterEntries, dsCopyEntries, dsCacheEntries,
dsCacheHits, dsSlaveHits}
STATUS current
DESCRIPTION
" A collection of objects for monitoring the DS
entry statistics and cache performance."
::= { dsGroups 2 }
dsIntGroup OBJECT-GROUP
OBJECTS {
dsName, dsTimeOfCreation, dsTimeOfLastAttempt,
dsTimeOfLastSuccess, dsFailuresSinceLastSuccess,dsFailures,
dsSuccesses, dsURL}
STATUS current
DESCRIPTION
" A collection of objects for monitoring the DS's
interaction with peer DSs."
::= { dsGroups 3 }
END
6. Changes from RFC1567.
- dsURL MO has been added
- The MO called dsWholeTreeSearchOps has been renamed to
dsWholeSubtreeSearchOps
- Some cosmetic changes in the DESCRIPTION clauses
- The MIB has been been generalised to cover (C)LDAP frontends
to the X.500 directory, and native LDAP based Directory servers
Expires: August 16, 1997 [Page 19]
Internet Draft February 16 1997
o the directory operations have been abstracted
o the MO definitions are generalised.
7. Acknowledgements
This draft is the product of discussions and deliberations carried out
in the following working groups:
ietf-madman-wg ietf-madman@innosoft.com
8. References
[1] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure
of Management Information for version 2 of the Simple Network
Management Protocol (SNMPv2)", RFC 1902, SNMP Research,Inc.,
Hughes LAN Systems, Dover Beach Consulting, Inc., Carnegie Mellon
University, January 1996.
[2] McCloghrie, K., and M. Rose, Editors, "Management Information
Base for Network Management of TCP/IP-based internets: MIB-II",
STD 17, RFC 1213, Hughes LAN Systems, Performance Systems
International, March 1991.
[3] Case, J., McCloghrie, K., Rose, M., and S, Waldbusser, "Protocol
Operations for version 2 of the Simple Network Management
Protocol (SNMPv2)", RFC 1905, SNMP Research,Inc., Hughes LAN
Systems, Dover Beach Consulting, Inc., Carnegie Mellon
University, January 1996.
[4] CCITT Blue Book, "Data Communication Networks: Directory",
Recommendations X.500-X.521, December 1988.
[R1]Yeong, W., Howes, T., and Kille, S., "Lightweight Directory
Access Protocol", RFC 1777, Performance Systems International,
University of Michigan, ISODE Consortium, March 1995.
[R2]Young, A., "Connection-less Lightweight X.500 Directory
Access Protocol", RFC 1798, ISODE Consortium, June 1995.
[5] Kille, S., WG Chair, and N. Freed, Editor, "The Network Services
Monitoring MIB", RFC 1565, ISODE Consortium, Innosoft, January
1994.
[6] Grillo, P., and S. Waldbusser, "Host Resources MIB", RFC 1514,
Network Innovations, Intel Corporation, Carnegie Mellon
University, September 1993.
[7] Kille, S., "A String Representation of Distinguished Names (OSI-
DS 23 (v5))", RFC 1485, ISODE Consortium, July 1993.
Expires: August 16, 1997 [Page 20]
Internet Draft February 16 1997
[8] Kille, S., Huizer, E., Cerf, V., Hobby, R., and S. Kent, "A
Strategic Plan for Deploying an Internet X.500 Directory
Service", RFC 1430, ISODE Consortium, SURFnet bv, Corporation for
National Research Initiatives, University of California, Davis,
Bolt, Beranek and Newman, February 1993.
Security Considerations
Security issues are not discussed in this memo.
Authors' Addresses
Glenn Mansfield
Cyber Research Inc.
6-6-3 Minami Yoshinari
Aoba-ku, Sendai 989-32
Japan
Phone: +81-22-303-4012
EMail: glenn@aic.co.jp
Steve E. Kille
ISODE Consortium
The Dome, The Square
Richmond TW9 1DT
UK
Phone: +44-181-332-9091
EMail: S.Kille@isode.com
Expires: August 16, 1997 [Page 21]