I do have question though. Is there a way to authenticate users against opennms db using a php/mysql database instead of ht authentication.

Greg

Happy to here you like work here. How far are you getting with apache? Can you at least login and see the index.shtml page? What errors are you seeing? You might also want to check your apache access.log and error.log.

Doug

Love the work your doing. I have successfully installed the noc portion using your script…
My problem is in configuring the apache2 web server. I am not an expert using apache2.
My system is built on SLES 10 sp2, running OpenNMS 1.8.4.

I tried following your instructions and some how still not working.

Any additional help you could give me would be greatly appreciated.

Andre

Thanks so much. I will try out your suggestions and let you know how I fare.

Rgds
Jef

What I try to do is ask everyone to use the same read community string and version 2c. If that doesn’t work then I ask groups to use a common string and version on an entire subnet. In some cases neither of those requests meet security requirements. Because of shared server rooms and DMZs I have about 80 specific entries in my snmp-config.xml file.

To save time, I normally add nodes to OpenNMS assuming they use the default string. Later I run a report that tells me which nodes do not have SNMP working and then use testsnmp to figure out where to add them in the snmp-config.xml file. I’ll post the script for that report in the next month. It’s not a great solution but it works for me.

I also have a script that scans a discovery list of IPs and runs testsnmp for each IP. Again, this is just a helper script, the basic problem remains and I think it will always be a hard one to deal with. The future may bring a script that writes the snmp-config.xml automatically but I have not had a need to go that far yet.

Here’s what my snmp-config.xml looks like, except the real one has several more subnets and specific entries. Notice I also have to deal with some devices that are SNMP version 1 specific. The default string is at the bottom.

<?xml version=”1.0″?>

<snmp-config port=”161″ retry=”3″ timeout=”120000″
read-community=”ABCXYZ!@#”
max-vars-per-pdu=”100″ version=”v2c” >

<definition read-community=”sdUIO^P” write-community=”zeke”>
<specific>192.168.14.14</specific>
<specific>192.168.10.1</specific>
<specific>192.168.78.63</specific>
<specific>192.168.78.64</specific>
<specific>192.168.78.65</specific>
<specific>192.168.78.81</specific>
<specific>192.168.78.87</specific>
<specific>192.168.48.88</specific>
<specific>192.168.62.217</specific>
</definition>

<definition read-community=”Jygf%$g” write-community=”zeke”>
<specific>10.127.48.24</specific>
<specific>10.127.48.25</specific>
<specific>10.127.48.26</specific>
<specific>10.127.48.27</specific>
<specific>10.127.48.28</specific>
<specific>10.127.48.17</specific>
</definition>

<definition read-community=”UHIHUI^&%”
write-community=”zeke” version=”v1″>
<specific>10.127.48.13</specific>
<specific>10.127.48.14</specific>
<specific>10.127.48.15</specific>
</definition>

<definition read-community=”&H^F$” write-community=”zeke”>
<range begin=”192.168.81.0″ end=”192.168.81.255″/>
</definition>

<definition read-community=”KJH^%$” write-community=”zeke”>
<range begin=”192.168.6.0″ end=”192.168.6.255″/>
</definition>

<definition read-community=”ABCXYZ!@#” write-community=”zeke”>
<range begin=”0.0.0.0″ end=”255.255.255.255″/>
</definition>

</snmp-config>

It seems one can assign only one community string to a subnet. It will obviously be impractical to enter more than 50 interfaces in ONMS each with its own community string.

I really want to discover a subnet and allow the scanner to try all four community strings on each interface. Is this possible?

Thanks
Jef Will