0

I understand that SNMP is a protocol for managing (view/update) system resources information remotely and LDAP is a protocol to access and use directory services information.

But is there any correlation between both protocols? Is one dependent on the other? Do I need to understand SNMP, if I need to understand LDAP thoroughly?

The reason I asked this is I am trying to understand what is LDIF and here when talking about it, there are references of SNMP syntax in this page: https://docs.oracle.com/cd/E10773_01/doc/oim.1014/e10531/schema_overview.htm.

GP92
  • 681
  • 2
  • 9
  • 27

2 Answers2

5

No relation, other than that OID namespace (or hierarchical numbering system) is used for both LDAP object types and SNMP MIB nodes.

The OID namespace is standardized by both the International Telecommunications Union (ITU) and IEC/ISO, so it is just a way for companies to have a guaranteed-unique prefix for any new LDAP object types and/or SNMP objects they might want.

You will also find OID numbers in X.509 certificate extensions, DHCP(v6) vendor suboptions, and other places.

telcoM
  • 4,448
  • 15
  • 25
4

These protocols are completely unrelated. They just share a method to name objects.

The only possible connections I can see:

  • You might be able to monitor an LDAP server via SNMP (like any number of other systems).
  • Also it might be possible with some SNMP (v3) implementations to authenticate against an LDAP service.

Edit re. your comment:

In LDAP, you use object identifiers to describe data structures (but not actual data) in a globally unique (hierarchical) way. As an example, taken from cosine.schema: 

attributetype ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )

would instruct the LDAP server that the field textEncodedORAddress has the OID 0.9.2342.19200300.100.1.2 and must use the syntax described by the OID 1.3.6.1.4.1.1466.115.121.1.15.

The DIT syntax (ou=marketing,ou=people,dc=example,dc=com) is used to describe actual entries of real data.

Sven
  • 98,649
  • 14
  • 180
  • 226
  • Do you mean this syntax: 1.3.6.1.4.1.1466.115.121.1.1 to access information is not specific to SNMP and can be seen with LDAP too. I am only aware of DIT syntax in LDAP: ou=marketing,ou=people,dc=acme,dc=com. Thanks for the link about OID. I will go through it. – GP92 May 14 '18 at 12:03
  • Atleast I am struggling to find a starting point to learn about LDAP and related concepts. somewhere I see this OID syntax and I get confused. – GP92 May 14 '18 at 12:05
  • Thank you..so what I understand is that unless we implement the LDAP service, we do not need to bother about the schema and OID structure, as as a client we are only interested in the actual entries. – GP92 May 14 '18 at 12:41
  • Well, kind of. In most cases, you don't need to create your own schema files, but often you need to understand what kind of entries are acceptable (or required) for a given object class and that means you need to read the schema, but indeed, you don't need to care all that much about OIDs and the nitty gritty details of it. – Sven May 14 '18 at 12:44
  • Thank you..I found this query: /ldapsearch -x -h -b "cn=schema" -s base 'objectclass=*' and is working to get schema. Now it makes sense to me. – GP92 May 14 '18 at 12:50