Uses of dsm_sa_snmp32d and snmpd in RHEL4?

beer9 used Ask the Experts™
In my Dell Server having RHEL4, I see these process are running
/usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/ -a

I would like to understand what these process is doing. Are they necessary?
Does they compromise any system related issue? Which script started these process. Thanks!
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2017
I think these are the dell openmanager setup.
I.e. browse to the http://your_server_name:1311 and you should be able to login.
The SNMP part is likely to send out the SNMP traps in the event of failure: power supply, memory, Array, etc..

The snmpd might be part of your configuration.
Run the following command:
snmpwalk -v 2c -c public localhost.

This will connect to the /usr/sbin/snmpd and will display the various SNMP MIB/OID parameters you have.
Double check /etc/snmpd.conf that public community is read-only.
Alternatively, the system snmpd is part of the relaying mechanism to send out the SNMP traps (alerts).
Those are not standard SNMP processes. Most Linux systems that run SNMP remote management services do not have them. They are clearly Dell-specific management agents that have been installed on the system.

That you got by installing Dell management agents on the server, or some type of 'dell management' pack, perhaps it is included in the OpenManage tools. They implement what is referred to as the Dell MIB.

Which facilitates and works together with other points of management on Dell servers,   e.g.  IPMI Alarms, or a DRAC add-on management card with SNMP and E-mail alerts configured  (which IMO is a more important place for general alerts to be setup; if a _really_ bad error occurs, the server may be offline and unable to provide useful info,  so having the DRAC card send a detailed alert can be quite useful).

The processes are management agents for monitoring the health and status of Dell server chassis and mainboard hardware from a network management station.    

For example,  the management processes allow you to ask the server questions about the chassis temperature, what fans are installed, and are they working,  what ports are on the chassis,  what devices are plugged in and operational  (keyboardPortStatus, keyboardPortSecurityState, keyboardPortConnectorType),  what CPUs and memory modules installed, their health status,  what power supplies are installed, and are they online.

They generally pose any notable risk only if you have not customized SNMP communities for your site, or firewalled unsolicited port 161  traffic at your network perimeter;  otherwise, SNMP can expose some basic configuration information about your server.    Most admins will want to change the "public"  community to a secret  common name  used for all servers.

This is normally done by editing a file such as   /etc/snmp/snmpd.conf
and restarting SNMP by using    /etc/init.d/snmpd restart

(If you have a network management station, one would also often want to specify it as a trap sink, so the server would send actual traps on error conditions)

Your server shouldn't die if  you kill SNMP management agents,  but most companies want to know when a component in an important server such as a fan, power supply, memory DIMM, or hard drive experiences a serious error.

E.g.  If the server were deployed in a real corporate data center,  chances are, the corporation would have a policy  that the Dell servers run SNMP (or other) management agents with certain settings,  for the server hardware, and for RAID controllers.


Thank you :-)

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial