Troubleshooting SNMP Application Logging
Novell Cool Solutions: Trench
By Gary Busby
Digg This -
Posted: 15 Mar 2000
One of the great new features of ZENworks v2.0 is the application distribution reporting. This saves a great deal of time trying to figure out if an application you set up for distribution actually did just that.
At the surface, it may seem quite simple to just check the box for it on the application object and you're off and running. Well, unfortunately, sometimes things don't always go that smoothly. Mainly, not because the product doesn't work, but instead, because it is a complex process that requires it be implemented correctly. There are many steps to ensuring SNMP Application Reporting will work properly. This document will try to provide an explanation of that process, helpful implementation tips, and troubleshooting steps that may assist you in making sure it works properly and as designed.
Review: Inventory Database Server
Before anything will work, the ZENworks Inventory Database Server MUST be up, configured properly, and running for the SNMP traps to even work. This document does not go into details about setting up the Inventory Database, but here are some review points:
- TCP/IP must be running on the server and bound to a NIC.
Note: If you bind IP to multiple NIC's in your server, ensure the NIC that contains the IP gateway is the first NIC bound to IP (autoexec.ncf) and that you use this IP address for the Inventory Database server. It is highly recommended that you don't put the Inventory Database on a server that acts as a router or firewall.
- Ensure the sys\etc\hosts file contains your server's IP address and name AND the loopback address (127.0.0.1)
- Don't put the database on a server with multi-processors enabled.
- Ensure all the required ZENworks modules (for SNMP traps) are loaded and working: (example autoexec.ncf)
search add sys:\java\bin
search add sys:\java\nwgfx
search add sys:\public\zenworks\java
search add vol1:\zenworks\database
- A good indication that SNMP traps are working is after the AlarmManager successfully loads, you will see a "Successful registering Trap receivers" message on the System console.
- If you encounter a "java: Page fault" error after loading AlarmManager, the new Support Pack should fix it.
- The Storer files are not mentioned since they could be on the user's server OR the database server and are not used in the SNMP trap process.
- Volume names may differ in your environment.
For more information on the ZENworks Database Inventory server:
- Inventory Basics from http://zenworksMASTER.com
- Novell ZENworks Documentation
There are some required ZEN client components that need to be installed on a user's workstation to ensure application management will work:
- Workstation Manager
- Application Launcher Service (NT only)
You probably already knew about the Application Launcher Service because it is used to let an application install without the user having local NT elevated rights (Administrator). However, in order for SNMP logging to work, the ZEN client must be able to read the SNMP Trap Target Policy (discussed later). The mechanism for reading all policies is the Workstation Manager component. So, make sure it is installed and configured properly as part of your ZEN client installation on your user's workstations.
*Key Point: Make sure the Workstation Manager's "Trusted Tree" is set correctly. You can set this during the installation of the NT client (custom), but the 9x client sets it according to the tree you log into after you install the client for the first time. You can verify this on the user's workstation in the following registry key:
HKLM\Software\Novell\ Workstation Manager\Identification\tree = "yourtree"
NT: v4.60 SP2 or >
9x: v3.10 SP2 or >
- A TCP/IP stack must be installed and configured properly on the user's workstation for SNMP logging to work.
- The Win9x client must have the Microsoft Winsock 2 update (ws2setup.exe on 3.0x or > client) installed. This update is done automatically by the client installation (unless you deleted it or removed it from the nwsetup.ini). Read Microsoft Knowledgebase article #Q177719 to verify a machine has Winsock 2 installed on Windows 95. Windows 98 installs the Winsock update by default during the OS installation.
Note: SNMP logging does not require the workstation to be imported.
SNMP Trap Target Policy
In order for SNMP logging to work, you must create an SNMP Trap Target Policy (via NWAdmin32). This policy is contained in a Container Policy Package. Where it is created can be completely up to you as long as you take into consideration the following:
- Ensure it is associated to a container (or parent container) of the user that you will be distributing the application object to.
- Make sure that any Search Policies (next section) don't limit the ability for the Workstation Manager to read it. If the workstation can't read the SNMP Trap Target Policy, then SNMP logging will not work.
Be aware that how you set your Search Policy (Search Level and Search Order) may make the difference on whether or not an SNMP Trap Target Policy is getting read at all. Be sure to check any and all Container Policy Package's Search Policy settings in each parent container of the user object all the way up to [Root] (via NWAdmin32).
In more technical terms, Workstation Manager will search each parent container (aka Tree Walking) of the user object to see if the DM:Policy attribute is populated with any policies (including the SNMP Trap Target Policy) until it reaches [Root] or the location set by the Search Policy. If an SNMP Trap Target Policy does not exist OR it exists beyond the scope of the Search Policy, SNMP logging will not work.
To check where a user's workstation will search up to for policies, look for the following registry key:
HKLM\Software\Novell\ User Search Policy\ Context Ceiling = "context.set.in.search.policy"
Also note that SNMP Trap Target Policies are cumulative. In other words, if there is more than one SNMP Trap Target Policy that the Workstation Manager reads on its way to the Context Ceiling or [Root], it will send all the traps to that server as well.
For more information on "Tree Walking" and Search Policies:
- Client Tree Walking from http://zenworksMASTER.com
Now that you have all of the above checked out, let's get down to the nitty-gritty of how the Application Launcher works with SNMP traps.
First of all, make sure in the application object that the "Log events via SNMP Traps" box is checked in the Reporting property sheet and any "Events to Report" you choose (ex. Distribution Success, Failure, etc.). Associate as desired.
Now, when NAL.EXE or NALEXPLD.EXE is launched, it reads the App:Flags attribute of the associated application object to see if reporting is enabled. If it is, it reads the App:Reporting Output attribute to see what options are chosen (SNMP, to a file, or both). It then reads the App:Reporting Events attribute to see what events you checked to log. Depending on what events you chose to log, the SNMP trap is then sent on its way to the ZENworks Database Inventory server as set in the SNMP Trap Target Policy.
The actual SNMP traps (not application distribution information) are logged in the ZENworks Database Inventory server's sys\etc\snmp$log.bin file (created by SNMPLOG.NLM). You can view the contents of the file via TCPCON. Just load TCPCON on the server's System console, and then select DISPLAY LOCAL TRAPS.
This screen is a good indication if SNMP traps are getting sent to the server and where they are coming from. You can see the workstation's IP address and the date/time a trap was sent. Look here to see if a specific user's workstation is sending SNMP traps. If you don't see the user's IP address being logged after an application distribution, then you won't see the application distribution in the ZENworks application reporting feature.
If you aren't seeing "any" information, ensure that logging is turned on. It should be by default. At the server's MONITOR screen, go to Server Parameters > Communications > SNMP Trap Logging = On.
Periodically, this log file can get very large and eat up space on your sys volume. If you do a lot of application distribution logging, you may want to purge this log file periodically. To do this, when you hit the ESC key from within the DISPLAY LOCAL TRAPS window, you will be asked if you want to delete the log files. Choose Yes and you are set.
- If you don't see DISPLAY LOCAL TRAPS, then your server has not been configured for TCP/IP and SNMP correctly.
- Never edit this file manually. Always use TCPCON.
To be able to view the reports, make sure you have the ODBC and JRE components correctly installed on your machine (a.k.a. JReporting Tool). This is done by running the "ZENworks Reporting -- servername" application object on your machine (not users). This object is created during the installation of ZENworks v2.0 and located in the container of the server you installed the database to.
Also, make sure it is set correctly. Verify in the MACROS property sheet of this object that the following are set:
NDS_CONTEXT: set this to the context of the Inventory Database server
NDS_TREE: set this to the tree of the Inventory Database server
SERVER_IPADDRESS: set this to the IP address of the Inventory Database server
SERVER_NAME: set this to the server name of the Inventory Database server
SOURCE_PATH: set to any ZEN 2 server you desire's sys\public directory (UNC pathing)
SOURCE_SUBPATH: set to win32\reporting\client\install (unless you renamed your win32 directory)
All other MACROS should already be set to their default values and OK.
Once this object is installed correctly on your machine, you will have an option in NWAdmin32 from the Tools menu called ZENworks reporting.
To verify your workstation has had the necessary ODBC and reporting components installed. Open the "ODBC Data Sources" (NT) or "ODBC (32-bit)" (9x) icon in Control Panel. In the "User DN" tab, you should see "NDS Reporting" and "Novell Reporting" listed in the "User Data Sources" box.
To look in more detail, double-click "Novell Reporting", and then go to the "Login" property sheet. The user ID should be "DBA" with a password of "sql". In the "Database" property sheet, the "Server name" should be "servernameZENINV", where servername is the name of the database server you want to view the reports from. The "Database name" should always be "zeninv". In the "Network" property sheet, ensure that TCP/IP is checked and it should contain the IP address and port in the following format: HOST=xxx.xxx.xxx.xxx:xxxx.
Novell LogicSource for ZENworks
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com