All my hosts are showing up. I followed the instructions on the Dell web site and ITA picked them right up.

http://www.dell.com/content/topics/global.aspx/alliances/en/vmware_resources?c=us&cs=555&l=en&s=biz&...

sorry for late post...just saw this and I recently got my ESX servers to successfully discover in IT Assistant...fully functional under the servers group. The Dell documentation is horrible for this...the instructions they gave me only told me to fill in the trapsink in the /etc/snmp/snmpd.conf file. There is so much more to it. I may have been using old documentation, but here it is in case anyone was interested. At the bottom it shows an example snmpd.conf file...you need ALL these entries in order for your ESX servers to show up, as well as opening up ALL the posted ports. I highlighted in bold the ESX stuff:

Overview

SNMP is the Simple Network Messaging Protocol. It is used to monitor servers, network equipment and other SNMP enabled devices. Three versions of SNMP exist, version 1, 2c, and 3. Most connections are done with version 2c.

SNMP information is organized in a tree format. This tree is called the Object Identifier (OID) tree. These are numeric trees separated by a period. An example OID is .1.3.6.1.4.1. Each object can be a sub-tree, numeric value, string value, etc. Each of the objects are readable and some are writeable. The definitions of each OID and whether it is writable is defined in a Management Information Base (MIB).

RFCs provide MIBs for standard devices and information. Vendors can have unique OIDs assigned to them. In this case, the vendor is responsible for supplying the MIBs for the OIDs.

SNMP uses 2 network ports for traffic and can use both the udp and tcp protocols. SNMP requests are done using either the udp or tcp protocol on port 161. SNMP traps are sent using udp port 162.

Documentation

The configuration file for the SNMP daemon is /etc/snmp/snmpd.conf. Basic configuration of this file for ITA will require the use of the com2sec, group, view, access, trapsink, smuxpeer and pass directives. Each directive will have at least one option to it. These options are separated by a whitspace character (tab or space). Each directive is explained below. During the explanation of these directives, we will build a working snmpd.conf configuration file. These directives are not the full list available. The SNMP daemon is capable of far more than is covered in this document. See the manual page on the snmpd.conf file for a more thorough list of the capabilities of the SNMP daemon.

com2sec

This directive defines a security name based on a set of ip addresses and a community string. A server that matches source and community is assigned to the security model called sec.name. It takes the following 3 arguments in the order listed.

sec.name is a string of alphabetic (a-zA-Z) characters.

source is a set of ip address that are allowed to connect. This can be either a hostname, ip address, a subnet (i.e. 10.1.12.0/24), or the word “default”. Default allows connections from all ip addresses.

community is a string of up to 32 alphabetic characters. Do not use spaces or special characters. It is best to use only upper and lower case alphabetic characters. The community name is case sensitive.

Example:

\# sec.name source community

com2sec ita 192.168.1.50 ITACommunity

com2sec ro 192.168.1.50 ROCommunity

These lines assign the server 192.168.1.50 to the ita security name if it connects using the community name ITACommunity. It assigns the same server to the ro security name if it connects using the community name ROCommunity. All other servers will be denied access.

group

This directive defines a group based upon the security name defined with the com2sec directive and an snmp protocol version. Any server in a security name (sec.name) that connects with the matching protocol version (sec.model) will be assigned to the group group.name. It takes the following 3 arguments in the order listed.

group.name is a string of alphabetic (a-zA-Z) characters.

sec.model is either v1 or v2c.

sec.name is a security name defined with the com2sec directive.

Example:

\# group.name sec.model sec.name

group itagroup v1 ita

group itagroup v2c ita

The group lines here assign any server that is assigned to the ita security model using either v1 or v2c of the snmp protocol to the itagroup group.

We did not assign the ro security name to any group. The com2sec definition for the ro security model was used just as an example and will be excluded in any subsequent examples and the final snmp configuration file.

view

This directive creates a view of a branch of the snmp tree. You can include or exclude branches based on an subtree and mask. We will look at the simplest form of this statement and include a subtree and provide no mask. It takes the following 4 arguments in the order listed.

name is a string of alphabetic (a-zA-Z) characters.

incl/exclude is either the word included or excluded.

subtree is the either the numeric OID or the text MIB definition.

mask is a hexadecimal set of octets to define a mask. This is optional and we will leave this blank. See the manual page for snmpd.conf for any further explanation on mask.

Example:

\# name incl/excl subtree mask(optional)

view all included .1

This creates a view called all that includes the .1 branch of the OID. This is the root of the OID tree. This definition give the view access to every OID on the system.

access

This directive pulls the group and view definitions together. It defines what type of access each defined group has to the OID tree. We will be concerned with the group.name, read and write definitions. It takes the following 8 arguments in the order listed.

group.name this is a group name defined using the group directive.

context should be set to “”.

sec.model should be set to any since it was defined in the group definition.

sec.level should be set to noauth.

prefix should be set to exact.

read should be the name of a defined view. The group.name will have read access to this view.

write should be the name of a defined view. The group.name will have write access to this view.

notif should be set to none.

Example:

\# group.name context sec.model sec.level prefix read write notif

access itagroup "" any noauth exact all all none

This line gives both read and write access to the group itagroup.

pass

This directive passes any request for OID to the program EXE. It takes the following 2 arguments in the order listed.

OID is the object id that requests will be passed for.

EXE is the program that will return an answer for any requests against the OID.

Example:

\# Added for support of bcm5820 cards.

pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820stat

This line passes all requests against the .1.3.6.1.4.1.4413.4.1 OID to the /usr/bin/ucd5820stat program.

trapsink

This directive specifies an snmp trap server and what community name to use to connect to it in order to send traps. It takes the following 2 arguments in the order listed.

host is the hostname or ip address of a server configured to receive snmp traps.

community is the community string to use when connecting to the snmp trap server.

Example:

\# Send traps to the ita box.

trapsink 192.168.1.50 rwcommunity

smuxpeer

This directive allows SMUX based agents such as the Open Manage agent to connect to the snmp daemon. It takes the following 2 arguments in the order listed.

OID is the object id the agent will connect as.

secret is a key the agent will use to connect to the OID. This can be considered a password or such. This is completely optional.

Example:

\# Allow Systems Management Data Engine SNMP to connect to using SMUX

smuxpeer .1.3.6.1.4.1.674.10892.1

This line allows the Open Manage Data Engine SNMP Agent to answer requests against the .1.3.6.1.4.1.674.10892.1 branch of the snmp tree.

SNMP on VMware ESX Server 3

There is another directive that is used to load a shared library in order to access VMware specific MIBs. The directive is call dlmod and the line that is needed is listed below.

\# VMware MIB modules.

dlmod SNMPESX /usr/lib/vmware/snmp/libSNMPESX.so

Ports on the ESX servers firewall need to be opened in order for snmp to function properly. The commands to open these ports are listed below along with the command to allow connections to Open Manage on port 1311.

esxcfg-firewall -o 1311,tcp,in,OpenManageRequest

esxcfg-firewall -o 162,udp,out,snmptrap

esxcfg-firewall -o 162,udp,in,snmptrap

esxcfg-firewall -o 161,tcp,in,snmp

esxcfg-firewall -o 161,tcp,out,snmp

esxcfg-firewall -o 161,udp,in,snmp

esxcfg-firewall -o 161,udp,out,snmp

The firewall configuration can be viewed using the –q option to the esxcfg-firewall command.

The system passes the SNMP GET test in ITA, but fails the SET test.

Make sure the snmpd configuration file on the server does not contain entries for syslocation and syscontact[/b]

Examples

Completed snmpd.conf file. This configuration will allow a system running a ITA to query the server. It will also send snmp traps to the ITA system. The only items that need to changed are the source and community names in the com2sec and trapsink directives.

If you wish to use this on a VMware ESX server, simply place the dlmod line in the files also.

snmpd.conf for Linux

\### snmpd.conf configuration file

\# sec.name source community

com2sec ita 192.168.1.50 ITACommunity

\# group.name sec.model sec.name

group itagroup v1 ita

group itagroup v2c ita

\# name incl/excl subtree mask(optional)

view all included .1

\# group.name context sec.model sec.level prefix read write notif

access itagroup "" any noauth exact all all none

\# Added for support of bcm5820 cards.

pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820stat

\# Send traps to the ita box.

trapsink 192.168.1.50 ITACommunity

\# Allow Systems Management Data Engine SNMP to connect to using SMUX

smuxpeer .1.3.6.1.4.1.674.10892.1

snmpd.conf for ESX 3

\### snmpd.conf configuration file

\# sec.name source community

com2sec ita 192.168.1.50 ITACommunity

\# group.name sec.model sec.name

group itagroup v1 ita

group itagroup v2c ita

\# name incl/excl subtree mask(optional)

view all included .1

\# group.name context sec.model sec.level prefix read write notif

access itagroup "" any noauth exact all all none

\# Added for support of bcm5820 cards.

pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820stat

\# Send traps to the ita box.

trapsink 192.168.1.50 ITACommunity

\# Allow Systems Management Data Engine SNMP to connect to using SMUX

smuxpeer .1.3.6.1.4.1.674.10892.1

\# VMware MIB modules.

dlmod SNMPESX /usr/lib/vmware/snmp/libSNMPESX.so[/b]

Hope this helps

The deployment is actually much simpler:

Download the Openmanage Server Administrator 5.4 from Dell Support

Install on ESX server(s)

edit snmpd.conf as per your config

Add a range discovery in IT Assistant for the subnet the ESX servers are on and perform both Discover and Inventory

Voila!