Specifications

ManualsBrandsCradlepoint ManualsComputer equipmentEscape

www.linuxjournal.com august 2008 | 73

another, they must have matching community names/strings.

In many deployments, administrators use the default commu-

nity name of public (and/or private), which creates a security

risk. I recommend changing these strings and making them

into a short phrase. You can add numbers and characters to

make the community name more complex to guess/crack, but

I find phrases easier to remember.

Click on the Devices link on the navigation menu on the

left, so that /Devices is listed near the top of the page. Click

on the zProperties tab and scroll down. Enter an SNMP com-

munity string in the zSNMPCommunitiy field. For our test envi-

ronment, I used the string whatsourclearanceclarence. You can

use different strings with different subclasses of systems or

individual systems, but by setting it at the /Devices class, it will

be used for any subclasses unless it is overridden. You also

could list multiple strings in the zSNMPCommunities under the

/Devices class, which allows you to define multiple strings for

the discovery process discussed later. Make sure your commu-

nity string (zSNMPCommunity) is in this list.

Installing Net-SNMP on Linux Clients

Now, let’s set up our Linux systems so they can talk to the

Zenoss server. After installing and configuring the operating

systems on our other Linux servers, install the Net-SNMP

package on each using the following command on the

Ubuntu server:

sudo apt-get install snmpd

And, on the Fedora server use:

yum install net-snmp

Once the Net-SNMP packages are installed, edit out any

other lines in the Access Control sections at the beginning of

the /etc/snmp/snmpd.conf, and add the following lines:

## sec.name source community

com2sec local localhost whatsourclearanceclarence

com2sec mynetwork 192.168.142.0/24 whatsourclearanceclarence

## group.name sec.model sec.name

group MyROGroup v1 local

group MyROGroup v1 mynetwork

group MyROGroup v2c local

group MyROGroup v2c mynetwork

## incl/excl subtree mask

view all included .1 80

## context sec.model sec.level prefix read write notif

access MyROGroup "" any noauth exact all none none

Do not edit out any lines beneath the last Access Control

sections. Please note that the above is only a mildly restrictive

configuration. Consult the snmpd.conf file or the Net-SNMP

documentation if you want to tighten access. On the Ubuntu

server, you also may have to change the following line in the

/etc/snmp/default file to allow SNMP to bind to anything other

than the local loopback address:

SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid'

Installing SNMP on Windows

On the Windows server, access the Add/Remove Programs util-

ity from the Control Panel. Click on the Add/Remove Windows

Components button on the left. Scroll down the list of

Components, check off Management and Monitoring Tools,

and click on the Details button. Check Simple Network

Management Protocol in the list, and click OK to install. Close

the Add/Remove window, and go into the Services console

from Administrative Tools in the Control Panel. Find the

SNMP service in the list, right-click on it, and click on

Properties to bring up the service properties tabs. Click on the

Traps tab, and type in the community name. In the list of Trap

Destinations, add the IP address of the Zenoss server. Now,

click on the Security tab, and check off the Send authentica-

tion trap box, enter the community name, and give it

READ-ONLY rights. Click OK, and restart the service.

Return to the Zenoss management Web page. Click the

Devices link to go into the subclass of /Devices/Servers/Windows,

and on the zProperties tab, enter the name of a domain admin

account and password in the zWinUser and zWinPassword

fields. This account gives Zenoss access to the Windows

Management Instrumentation (WMI) on your Windows systems.

Make sure to click Save at the bottom of the page before

navigating away.

Adding Devices into Zenoss

Now that our systems have SNMP, we can add them into

Zenoss. Devices can be added individually or by scanning the

network. Let’s do both. To add our Ubuntu server into Zenoss,

click on the Add Device link under the Management naviga-

tion section. Enter the IP address of the server and the com-

munity name. Under Device Class Path, set the selection to

/Server/Linux. You could add a variety of other hardware, soft-

ware and Zenoss information on this page before adding a

system, but at a minimum, an IP address name and community

name is required (Figure 1). Click the Add Device button, and

the discovery process runs. When the results are displayed,

click on the link to the new device to access it.

To scan the network for devices, click the Networks link

under Browse By section of the navigation menu. If your

network is not in the list, add it using CIDR notation. Once

added, check the box next to your network and use the drop-

down arrow to click on the Select Discover Devices option.

You will see a similar results page as the one from before.

When complete, click on the links at the bottom of the results

page to access the new devices. Any device found will be

placed in the /Discovered class. Because we should have

discovered the Fedora server and the Windows server,

they should be moved to the /Devices/Servers/Linux and

/Devices/Servers/Windows classes, respectively. This can be

done from each server’s Status tab by using the main drop-down