MADMAN Working Group Glenn Mansfield [glenn@aic.co.jp] INTERNET-DRAFT Cyber Research Inc. draft-ietf-madman-dsa-mib-1-03.txt S.E.Kille [S.Kille@isode.com] ISODE Consortium March 1997 LDAP/CLDAP/X.500 Directory Services Monitoring MIB Status of this Memo This document is an Internet Draft. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months. Internet Drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material or to cite them other than as a "working draft" or "work in progress." To learn the current status of any Internet-Draft, please check the 1id-abstracts.txt listing contained in the Internet-Drafts Shadow Directories on ds.internic.net, nic.nordu.net, ftp.nisc.sri.com, or munnari.oz.au. Abstract This document defines a portion of the Management Information Base (MIB). It defines the MIB for monitoring Directory Services. This MIB will be used in conjunction with the APPLICATION-MIB for monitoring Directory Servers (DS)s. Table of Contents 1. The SNMPv2 Network Management Framework ....................... 2 2. The Directory Services Model .................................. 2 3. MIB Model for DS Management .................................. 3 4. MIB design .................................................... 4 5. The Directory Server Monitoring MIB ........................... 5 6. Changes from RFC1567 ..........................................19 7. Acknowledgements ..............................................20 8. References ....................................................20 Security Considerations ...........................................21 Authors' Addresses ................................................21 Expires: September 7, 1997 [Page 1] Internet Draft March 7 1997 1. The SNMPv2 Network Management Framework. The major components of the SNMPv2 Network Management framework are described in the documents listed below. o RFC 1902 [1] defines the Structure of Management Information (SMI), the mechanisms used for describing and naming objects for the purpose of management. o STD 17, RFC 1213 [2] defines MIB-II, the core set of managed objects (MO) for the Internet suite of protocols. o RFC 1905 [3] defines the protocol used for network access to managed objects. Textual conventions are defined in RFC 1903 [4], and conformance statements are defined in RFC 1904 [5]. The framework is adaptable/extensible by defining new MIBs to suit the requirements of specific applications/protocols/situations. 1.1. Object Definitions. Managed objects are accessed via a virtual information store, the MIB. Objects in the MIB are defined using the subset of Abstract Syntax Notation One (ASN.1) defined in the SMI. In particular, each object type is named by an OBJECT IDENTIFIER, which is an administratively assigned name. The object type together with an object instance serves to uniquely identify a specific instantiation of the object. For human convenience, often a textual string, termed the descriptor, is used to refer to the object type. 2. The Directory Services Model. In the following we adopt the X.500 model [6] which covers the X.500 Directory System Agents (DSA) [6] which run over the OSI suite of protocols, (C)LDAP[7,8] frontends to DSAs and, the native LDAP Directory Servers which run directly over TCP or other protocols. The Directory contains information in the form of entries. An entry is a collection of attributes and is uniquely identified by a name, the Distinguished Name (DN). The entries are arranged in a hierarchical tree-like structure called the Directory Information Tree (DIT). Expires: September 7, 1997 [Page 2] Internet Draft March 7 1997 The Directory Server (DS) is an application process. Clients or User Agents (UA) are provided access to the Directory which maybe local or distributed, by the Directory Servers (DS). A client or User Agent requests a Directory Server to perform some operation on the Directory. The DS is responsible for performing the operation and after completing its effort to carry out the request, returns a response to the UA. A DS may use information stored in its local database or interact with (chain the request to) other DSs to service the UA request. Alternatively, a DS may return a reference to another DS. The local database of a DS consists of the part of the Directory that is mastered by the DS, the part of the Directory for which it keeps slave copies and cached information that is gathered during the operation of the DS. In the connection oriented mode a UA "binds" to a DS with a particular identification. The DS may authenticate the identity of the UA. In the connectionless mode as is employed in CLDAP [CLDAP] no binding and/authentication is carried out between the UA and the DS. The following type of operations are carried out by the DS : Read, Compare, Addition of an Entry (AddEntry), Modification of an Entry (ModifyEntry), Modification of a DN (ModifyRDN), Deletion of an Entry (RemoveEntry), List, Search, Abandon. Some DSs do not support some type of operations. For example CLDAP does not support AddEntry, ModifyEntry, ModifyRDN, RemoveEntry etc. In response to requests results and/or errors are returned by the DS. 3. MIB Model for DS Management. A DS-manager may wish to monitor several aspects of the operational DS. He/she may want to know the process related aspects- the resource utilization of the operational DS; the network service related aspects e.g. inbound-associations, outbound-associations, operational status, and finally the information specific to the DS application- its operations and performance. The MIB defined in this document covers the portion which is specific to the DS-application. The network service related part of the MIB, and the host-resources related part of the MIB, as well other parts of interest to a Manager monitoring the DS-application, are covered in separate documents [9][10]. Expires: September 7, 1997 [Page 3] Internet Draft March 7 1997 4. MIB design. The basic principle has been to keep the MIB as simple as possible. The Managed objects included in the MIB are divided into three tables- OpsTable, EntryTable and IntTable. - The OpsTable provides summary statistics on the accesses, operations and errors. - The EntriesTable provides summary statistics on the entries held by the DS and on cache performance. - The IntTable provides some useful information on the interaction of the monitored DS with peer DSs. There are references to the Directory itself for static information pertaining to the DS. These references are in the form of "Directory Distinguished Name" [11] of the corresponding object. It is intended that DS management applications will use these references to obtain further related information on the objects of interest. Expires: September 7, 1997 [Page 4] Internet Draft March 7 1997 5. The Directory Monitoring MIB. DS-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, Counter32, Gauge32, OBJECT-TYPE, FROM SNMPv2-SMI DisplayString, TimeStamp, FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF applIndex, DistinguishedName, URLString, FROM NETWORK-SERVICES-MIB dsMIB MODULE-IDENTITY LAST-UPDATED "9703050000Z" ORGANIZATION "IETF Mail and Directory Management Working Group" CONTACT-INFO " Glenn Mansfield Postal: Cyber Research Inc. 6-6-3, Minami Yoshinari Aoba-ku, Sendai, Japan 989-32. Tel: +81-22-303-4012 Fax: +81-22-298-9654 E-mail: glenn@aic.co.jp" DESCRIPTION " The MIB module for monitoring Directory Services." ::= { experimental XXX} dsOpsTable OBJECT-TYPE SYNTAX SEQUENCE OF DsOpsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " The table holding information related to the DS operations." ::= {dsMIB 1} dsOpsEntry OBJECT-TYPE SYNTAX DsOpsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " Entry containing operations related statistics Expires: September 7, 1997 [Page 5] Internet Draft March 7 1997 for a DS." INDEX { applIndex } ::= {dsOpsTable 1} DsOpsEntry ::= SEQUENCE { -- Bindings dsAnonymousBinds Counter32, dsUnauthBinds Counter32, dsSimpleAuthBinds Counter32, dsStrongAuthBinds Counter32, dsBindSecurityErrors Counter32, -- In-coming operations dsInOps Counter32, dsReadOps Counter32, dsCompareOps Counter32, dsAddEntryOps Counter32, dsRemoveEntryOps Counter32, dsModifyEntryOps Counter32, dsModifyRDNOps Counter32, dsListOps Counter32, dsSearchOps Counter32, dsOneLevelSearchOps Counter32, dsWholeSubtreeSearchOps Counter32, -- Out going operations dsReferrals Counter32, Expires: September 7, 1997 [Page 6] Internet Draft March 7 1997 dsChainings Counter32, -- Errors dsSecurityErrors Counter32, dsErrors Counter32 } -- CLDAP does not use binds; for A CLDAP DS the bind -- related counters will be inaccessible. -- -- CLDAP and LDAP implement "Read" and "List" operations -- indirectly via the "search" operation; the following -- counters will be inaccessible for CLDAP and LDAP DSs: -- dsReadOps, dsListOps -- -- CLDAP does not implement "Compare", "Add", "Remove", -- "Modify", "ModifyRDN"; the following counters will be -- inaccessible for CLDAP DSs: -- dsCompareOps, dsAddEntryOps, dsRemoveEntryOps, -- dsModifyEntryOps, dsModifyRDNOps. -- -- CLDAP and LDAP DS's do not return Referrals -- the following fields will remain inaccessible for -- CLDAP and LDAP DSs: dsReferrals. dsAnonymousBinds OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of anonymous binds to this DS from UAs since application start." ::= {dsOpsEntry 1} dsUnauthBinds OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of un-authenticated binds to this DS since application start." ::= {dsOpsEntry 2} dsSimpleAuthBinds OBJECT-TYPE Expires: September 7, 1997 [Page 7] Internet Draft March 7 1997 SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of binds to this DS that were authenticated using simple authentication procedures since application start." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 8.1.2.1.1. and, RFC1777 Section 4.1" ::= {dsOpsEntry 3} dsStrongAuthBinds OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of binds to this DS that were authenticated using the strong authentication procedures since application start. This includes the binds that were authenticated using external authentication procedures." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Sections 8.1.2.1.2 & 8.1.2.1.3. and, RFC1777 Section 4.1." ::= {dsOpsEntry 4} dsBindSecurityErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of bind operations that have been rejected by this DS due to inappropriateAuthentication or invalidCredentials." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 12.7.2 and, RFC1777 Section 4." ::= {dsOpsEntry 5} dsInOps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of operations forwarded to this DS from UAs or other DSs since application start up." ::= {dsOpsEntry 6} Expires: September 7, 1997 [Page 8] Internet Draft March 7 1997 dsReadOps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of read operations serviced by this DS since application startup." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 9.1." ::= {dsOpsEntry 7} dsCompareOps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of compare operations serviced by this DS since application startup." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 9.2. and, RFC1777 section 4.8" ::= {dsOpsEntry 8} dsAddEntryOps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of addEntry operations serviced by this DS since application startup." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 11.1. and, RFC1777 Section 4.5." ::= {dsOpsEntry 9} dsRemoveEntryOps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of removeEntry operations serviced by this DS since application startup." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 11.2. and, RFC1777 Section 4.6." ::= {dsOpsEntry 10} Expires: September 7, 1997 [Page 9] Internet Draft March 7 1997 dsModifyEntryOps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of modifyEntry operations serviced by this DS since application startup." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 11.3. and, RFC1777 Section 4.4." ::= {dsOpsEntry 11} dsModifyRDNOps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of modifyRDN operations serviced by this DS since application startup." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 11.4.and, RFC1777 Section 4.7" ::= {dsOpsEntry 12} dsListOps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of list operations serviced by this DS since application startup." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 10.1." ::= {dsOpsEntry 13} dsSearchOps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of search operations- baseObject searches, oneLevel searches and wholeSubtree searches, serviced by this DS since application startup." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 10.2. and, RFC1777 Section 4.3." ::= {dsOpsEntry 14} Expires: September 7, 1997 [Page 10] Internet Draft March 7 1997 dsOneLevelSearchOps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of oneLevel search operations serviced by this DS since application startup." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 10.2.2.2. and, RFC1777 Section 4.3." ::= {dsOpsEntry 15} dsWholeSubtreeSearchOps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of wholeSubtree search operations serviced by this DS since application startup." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 10.2.2.2. and, RFC1777 Section 4.3." ::= {dsOpsEntry 16} dsReferrals OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of referrals returned by this DS in response to requests for operations since application startup." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 12.6." ::= {dsOpsEntry 17} dsChainings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of operations forwarded by this DS to other DSs since application startup." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.518, 1988: Section 14." ::= {dsOpsEntry 18} Expires: September 7, 1997 [Page 11] Internet Draft March 7 1997 dsSecurityErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of operations forwarded to this DS which did not meet the security requirements. " REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Section 12.7. and, RFC1777 Section 4." ::= {dsOpsEntry 19} dsErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of operations that could not be serviced due to errors other than security errors, and referrals. A partially serviced operation will not be counted as an error. The errors include NameErrors, UpdateErrors, Attribute errors and ServiceErrors." REFERENCE " CCITT Blue Book Fascicle VIII.8 - Rec. X.511, 1988: Sections 12.4, 12.5, 12.8 & 12.9. and, RFC1777 Section 4." ::= {dsOpsEntry 20} -- Entry statistics/Cache performance dsEntriesTable OBJECT-TYPE SYNTAX SEQUENCE OF DsEntriesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " The table holding information related to the entry statistics and cache performance of the DSs." ::= {dsMIB 2} dsEntriesEntry OBJECT-TYPE SYNTAX DsEntriesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " Entry containing statistics pertaining to entries held by a DS." INDEX { applIndex } ::= {dsEntriesTable 1} Expires: September 7, 1997 [Page 12] Internet Draft March 7 1997 DsEntriesEntry ::= SEQUENCE { dsMasterEntries Gauge32, dsCopyEntries Gauge32, dsCacheEntries Gauge32, dsCacheHits Counter32, dsSlaveHits Counter32 } -- A (C)LDAP frontend to the X.500 Directory will not have -- MasterEntries, CopyEntries; the following counters will -- be inaccessible for LDAP/CLDAP frontends to the X.500 -- directory: dsMasterEntries, dsCopyEntries, dsSlaveHits. dsMasterEntries OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of entries mastered in the DS." ::= {dsEntriesEntry 1} dsCopyEntries OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of entries for which systematic (slave) copies are maintained in the DS." ::= {dsEntriesEntry 2} dsCacheEntries OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of entries cached (non-systematic copies) in the DS. This will include the entries that are cached partially. The negative cache is not counted." ::= {dsEntriesEntry 3} Expires: September 7, 1997 [Page 13] Internet Draft March 7 1997 dsCacheHits OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of operations that were serviced from the locally held cache since application startup." ::= {dsEntriesEntry 4} dsSlaveHits OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Number of operations that were serviced from the locally held object replications ( shadow entries) since application startup." ::= {dsEntriesEntry 5} -- The dsIntTable contains statistical data on the peer DSs -- with which the monitored DSs (attempt to) interact. This -- table will provide a useful insight into the effect of -- neighbours on the DS performance. -- The table keeps track of the last "N" DSs with which the -- monitored DSs has interacted (attempted to interact), -- where "N" is a locally-defined constant. dsIntTable OBJECT-TYPE SYNTAX SEQUENCE OF DsIntEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " Each row of this table contains some details related to the history of the interaction of the monitored DSs with their respective peer DSs." ::= { dsMIB 3 } Expires: September 7, 1997 [Page 14] Internet Draft March 7 1997 dsIntEntry OBJECT-TYPE SYNTAX DsIntEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " Entry containing interaction details of a DS with a peer DS." INDEX { applIndex,dsIntIndex } ::= { dsIntTable 1 } DsIntEntry ::= SEQUENCE { dsIntIndex INTEGER, dsName DistinguishedName, dsTimeOfCreation TimeStamp, dsTimeOfLastAttempt TimeStamp, dsTimeOfLastSuccess TimeStamp, dsFailuresSinceLastSuccess Counter32, dsFailures Counter32, dsSuccesses Counter32, dsURL URLString } dsIntIndex OBJECT-TYPE SYNTAX INTEGER (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION " Together with applIndex it forms the unique key to identify the conceptual row which contains useful info on the (attempted) interaction between the DS (referred to by applIndex) and a peer DS." ::= {dsIntEntry 1} dsName OBJECT-TYPE SYNTAX DistinguishedName MAX-ACCESS read-only STATUS current DESCRIPTION " Distinguished Name of the peer DS to which this Expires: September 7, 1997 [Page 15] Internet Draft March 7 1997 entry pertains." ::= {dsIntEntry 2} dsTimeOfCreation OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION " The value of sysUpTime when this row was created. If the entry was created before the network management subsystem was initialized, this object will contain a value of zero." ::= {dsIntEntry 3} dsTimeOfLastAttempt OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION " The value of sysUpTime when the last attempt was made to contact this DS. If the last attempt was made before the network management subsystem was initialized, this object will contain a value of zero." ::= {dsIntEntry 4} dsTimeOfLastSuccess OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION " The value of sysUpTime when the last attempt made to contact this DS was successful. If there have been no successful attempts this entry will have a value of zero. If the last successful attempt was made before the network management subsystem was initialized, this object will contain a value of zero." ::= {dsIntEntry 5} Expires: September 7, 1997 [Page 16] Internet Draft March 7 1997 dsFailuresSinceLastSuccess OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " The number of failures since the last time an attempt to contact this DS was successful. If there has been no successful attempts, this counter will contain the number of failures since this entry was created." ::= {dsIntEntry 6} dsFailures OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Cumulative failures since the creation of this entry." ::= {dsIntEntry 7} dsSuccesses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Cumulative successes since the creation of this entry." ::= {dsIntEntry 8} dsURL OBJECT-TYPE SYNTAX URLString MAX-ACCESS read-only STATUS current DESCRIPTION " URL of the DS application." ::= {dsIntEntry 9} Expires: September 7, 1997 [Page 17] Internet Draft March 7 1997 -- Conformance information dsConformance OBJECT IDENTIFIER ::= { dsMIB 4 } dsGroups OBJECT IDENTIFIER ::= { dsConformance 1 } dsCompliances OBJECT IDENTIFIER ::= { dsConformance 2 } -- Compliance statements dsOpsCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMPv2 entities which implement the DS-MIB for monitoring DS operations." MODULE -- this module MANDATORY-GROUPS { dsOpsGroup } ::= { dsCompliances 1 } dsEntryCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMPv2 entities which implement the DS-MIB for monitoring DS operations, entry statistics and cache performance." MODULE -- this module MANDATORY-GROUPS { dsOpsGroup,dsEntryGroup } ::= { dsCompliances 2 } dsIntCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION " The compliance statement for SNMPv2 entities which implement the DS-MIB for monitoring DS operations and the interaction of the DS with peer DSs." MODULE -- this module MANDATORY-GROUPS { dsOpsGroup, dsIntGroup } ::= { dsCompliances 3 } Expires: September 7, 1997 [Page 18] Internet Draft March 7 1997 -- Units of conformance dsOpsGroup OBJECT-GROUP OBJECTS { dsAnonymousBinds, dsUnauthBinds, dsSimpleAuthBinds, dsStrongAuthBinds, dsBindSecurityErrors,dsInOps, dsReadOps, dsCompareOps, dsAddEntryOps, dsRemoveEntryOps, dsModifyEntryOps, dsModifyRDNOps, dsListOps, dsSearchOps, dsOneLevelSearchOps, dsWholeSubtreeSearchOps,dsReferrals, dsChainings, dsSecurityErrors, dsErrors} STATUS current DESCRIPTION " A collection of objects for monitoring the DS operations." ::= { dsGroups 1 } dsEntryGroup OBJECT-GROUP OBJECTS {dsMasterEntries, dsCopyEntries, dsCacheEntries, dsCacheHits, dsSlaveHits} STATUS current DESCRIPTION " A collection of objects for monitoring the DS entry statistics and cache performance." ::= { dsGroups 2 } dsIntGroup OBJECT-GROUP OBJECTS { dsName, dsTimeOfCreation, dsTimeOfLastAttempt, dsTimeOfLastSuccess, dsFailuresSinceLastSuccess,dsFailures, dsSuccesses, dsURL} STATUS current DESCRIPTION " A collection of objects for monitoring the DS's interaction with peer DSs." ::= { dsGroups 3 } END 6. Changes from RFC1567. - dsURL MO has been added - The MO called dsWholeTreeSearchOps has been renamed to dsWholeSubtreeSearchOps - Some cosmetic changes in the DESCRIPTION clauses - The MIB has been been generalised to cover (C)LDAP frontends to the X.500 directory, and native LDAP based Directory servers Expires: September 7, 1997 [Page 19] Internet Draft March 7 1997 o the directory operations have been abstracted o the MO definitions are generalised. 7. Acknowledgements This draft is the product of discussions and deliberations carried out in the Mail and Directory Management Working Group (ietf-madman-wg). 8. References [1] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure of Management Information for version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1902, SNMP Research,Inc., Hughes LAN Systems, Dover Beach Consulting, Inc., Carnegie Mellon University, January 1996. [2] McCloghrie, K., and M. Rose, Editors, "Management Information Base for Network Management of TCP/IP-based internets: MIB-II", STD 17, RFC 1213, Hughes LAN Systems, Performance Systems International, March 1991. [3] Case, J., McCloghrie, K., Rose, M., and S, Waldbusser, "Protocol Operations for version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, SNMP Research,Inc., Hughes LAN Systems, Dover Beach Consulting, Inc., Carnegie Mellon University, January 1996. [4] Case, J., McCloghrie, K., Rose, M., Waldbusser, S., "Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1903, January 1996. [5] Case, J., McCloghrie, K., Rose, M., Waldbusser, S., "Conformance Statements for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1904, January 1996. [6] CCITT Blue Book, "Data Communication Networks: Directory", Recommendations X.500-X.521, December 1988. [7] Yeong, W., Howes, T., and Kille, S., "Lightweight Directory Access Protocol", RFC 1777, Performance Systems International, University of Michigan, ISODE Consortium, March 1995. [8] Young, A., "Connection-less Lightweight X.500 Directory Access Protocol", RFC 1798, ISODE Consortium, June 1995. [9] Kille, S., WG Chair, and N. Freed, Editor, "The Network Services Monitoring MIB", RFC 1565, ISODE Consortium, Innosoft, January Expires: September 7, 1997 [Page 20] Internet Draft March 7 1997 1994. [10]Grillo, P., and S. Waldbusser, "Host Resources MIB", RFC 1514, Network Innovations, Intel Corporation, Carnegie Mellon University, September 1993. [11]Kille, S., "A String Representation of Distinguished Names (OSI- DS 23 (v5))", RFC 1485, ISODE Consortium, July 1993. [12]Kille, S., Huizer, E., Cerf, V., Hobby, R., and S. Kent, "A Strategic Plan for Deploying an Internet X.500 Directory Service", RFC 1430, ISODE Consortium, SURFnet bv, Corporation for National Research Initiatives, University of California, Davis, Bolt, Beranek and Newman, February 1993. Security Considerations Security issues are not discussed in this memo. Authors' Addresses Glenn Mansfield Cyber Research Inc. 6-6-3 Minami Yoshinari Aoba-ku, Sendai 989-32 Japan Phone: +81-22-303-4012 EMail: glenn@aic.co.jp Steve E. Kille ISODE Consortium The Dome, The Square Richmond TW9 1DT UK Phone: +44-181-332-9091 EMail: S.Kille@isode.com Expires: September 7, 1997 [Page 21]