Tuesday, September 21, 2004

WMI and SNMP

Microsoft Windows Management Instrumentation (WMI) technology support for Simple Network Management Protocol (SNMP).


  • WMI is used to represent management objects in Windows-based management environments.
  • The WMI scripting interface also provides scripting support.

The WMI technology also provides:

  • Access to monitor, command, and control any managed object through a common, unifying set of interfaces, regardless of the underlying instrumentation mechanism. WMI is an access mechanism.
  • A consistent model of Windows 2000 operating system operation, configuration, and status.
  • A COM Application Programming Interface (API) that supplies a single point of access for all management information.
  • Interoperability with other Windows 2000 management services. This approach can simplify the process of creating integrated, well-architected management solutions.
  • A flexible, extensible architecture. Developers can extend the information model to cover new devices, applications, and so on, by writing code modules called WMI providers, described later in this document.
  • Extensions to the Windows Driver Model (WDM) to capture instrumentation data and events from device drivers and kernel-side components.
  • A powerful event architecture. This allows management information changes to be identified, aggregated, compared, and associated with other management information. These changes can also be forwarded to local or remote management applications.
  • A rich query language that enables detailed queries of the information model.
  • A scriptable API which developers can use to create management applications. The scripting API supports several languages, including Microsoft Visual Basic; Visual Basic for Applications (VBA); Visual Basic, Scripting Edition (VBScript); Microsoft JScript development software. Besides VBScript and JScript, developers can use any scripting language implementation that supports Microsoft ActiveX scripting technologies with this API (for example, a Perl scripting engine). Additionally, you can use the Windows Script Host or Microsoft Internet Explorer to write scripts using this interface. Windows Script Host, like Internet Explorer, serves as a controller engine of ActiveX scripting engines. Windows Script Host supports scripts written in VBScript, and JScript

The WMI technology architecture consists of the following:

  • A management infrastructure. This includes the CIM Object Manager, which provides applications with uniform access to management data and a central storage area for management data called the CIM Object Manager repository.
  • WMI Providers. These function as intermediaries between the CIM Object Manager and managed objects. Using the WMI APIs, providers supply the CIM Object Manager with data from managed objects, handle requests on behalf of management applications, and generate event notifications.

WMI ships with built-in providers (or standard providers) that supply data from sources such as the system registry. The built-in providers include:

  • Active Directory Provider: Acts as a gateway to all the information stored in the Active Directory service. Allows information from both WMI and Active Directory to be accessed using a single API.
  • Windows Installer Provider: Allows complete control of Windows Installer and installation of software through WMI. Also supplies information about any application installed with Windows Installer.
  • Performance Counter Provider: Exposes the raw performance counter information used to compute the performance values shown in the System Monitor tool. Any performance counters installed on a system will automatically be visible through this provider. Supported by Windows 2000.
  • Registry Provider: Allows Registry keys to be created, read, and written. WMI events can be generated when specified Registry keys are modified
  • SNMP Provider: Acts as a gateway to systems and devices that use the Simple Network Management Protocol (SNMP) for management. SNMP MIB object variables can be read and written. SNMP traps can be automatically mapped to WMI events. SNMP provider snmpincl.dll root\snmp Provides access to SNMP MIB data and traps from SNMP-managed devices.
  • Event Log Provider: Provides access to data and event notifications from the Windows 2000 Event Log.
  • Win32 Provider: Provides information about the operating system, computer system, peripheral devices, file systems and security information.
  • WDM Provider: Supplies low level Windows Driver Model driver information for user input devices, storage devices, network interfaces, and communications ports.
  • View Provider: Allows new aggregated classes to be built up from existing classes. Source classes can be filtered for only the information of interest, information from multiple classes can be combined into a single class and data from multiple machines can be aggregated into a single view.

Simple Network Management Protocol (SNMP) is a network management standard that defines a strategy for managing TCP/IP and, more recently, Internet Packet Exchange (IPX) networks.

SNMP uses a distributed architecture that includes:

  • Multiple managed nodes, each with an SNMP entity called an agent which provides remote access to management instrumentation.
  • At least one SNMP entity referred to as a manager which runs management applications to monitor and control managed elements. Managed elements are devices such as hosts, routers, and so on; they are monitored and controlled by accessing their management information.
  • A management protocol, SNMP, is used to convey management information between the management stations and agents. Management information refers to a collection of managed objects that reside in a virtual information store called a Management Information Base (MIB). A MIB thus contains the information requested by the management system.
  • To communicate host information, management systems and agents use SNMP messages. These messages are sent using the User Datagram Protocol (UDP) and are routed between the management system and host by using the Internet Protocol (IP).

Processing Information Requests

  • When a management system requests information, the following sequence occurs:
  • A management system sends a request to an agent using the agent's IP or IPX address.
  • The agent forms an SNMP datagram that contains an SNMP message and the community name to which the management system belongs.
  • The SNMP agent receives the datagram and confirms the community name. If the community name is valid, the SNMP agent retrieves the appropriate data. Otherwise, if the community name is invalid, the request is rejected. If the agent has been configured to send an authentication trap, a trap message is sent.
  • The SNMP datagram is returned to the management system with the requested information.

SNMP Messages

The following SNMP message types are used:

  • Get This is a request message. SNMP management systems use Get messages to request information about a MIB entry on an SNMP agent.
  • Get-Next A type of request message that can be used to browse an entire tree of managed objects.
  • GetBulk A type of request that specifies that the agent transfer as much data as possible, within the limits of message size.
  • Set This is used to send and assign an updated MIB value to an agent.
  • Notification (or Trap) This is an unsolicited message that an agent sends to a SNMP management system when it detects a certain type of event has occurred locally on the managed host. Traps do not required acknowledgements.
  • Inform SNMP Managers can communicate with each other using Inform Requests that require acknowledgements.

WMI SDK support for SNMP

  • The SNMP Provider includes the following components:
    Class, instance, and event Providers that integrate the SNMP information modeling and processing into WMI. These SNMP providers map collections of object values to property values of CIM class instances.
  • An SNMP information module compiler that compiles native SNMP schema information into the format that CIM uses.

Mapping Device Data to CIM Classes
The SNMP Providers map device data to CIM classes through the following methods::

  • Enumerating SNMP Class Definitions. To enumerate a set of class definitions, applications can call IWbemServices::CreateClassEnum or IWbemServices::CreateClassEnumAsync.
    MIB objects are mapped to SNMP CIM classes using the OBJECT-TYPE macro; events are mapped to classes using the TRAP-TYPE and NOTIFICATION-TYPE macros.
    The OBJECT-TYPE macro is used to describe the basic characteristics of a MIB object. The SNMPv1 TRAP-TYPE and SNMPv2C NOTIFICATION-TYPE macros describe the characteristics of an SNMP event.
  • Instantiating SNMP Class Definitions. To instantiate a class definition, applications can call IWbemServices::GetObject or IWbemServices::GetObjectAsync.
  • Enumerating SNMP Class Instances. The SNMP instance Provider services requests to enumerate instances associated with classes that represent device MIBs.
  • Instantiating SNMP Class Instances. The SNMP instance Provider processes requests to instantiate instances of classes that represent MIB objects.
  • Retrieving SNMP Class Instances. To retrieve a particular instance of a SNMP CIM class, applications can call IWbemServices::GetObject or IWbemServices::GetObjectAsync.

SNMP and the CIM Schema
The schema that SNMP uses to define objects differs from that used in the WMI Common Information Model. The SNMPv1 and SNMPv2 schema is called the Structure of Management Information (SMI); it is packaged as MIB files. To define objects, the MIB files use Abstract Syntax Notation 1 (ASN.1), a standard language, and macro definitions that are used as templates for describing the objects. These macros supply information about the object, including its name, identifier, syntax, description, access rights, and so on.

This summary and below examples have been gathered from various sites including MSDN(Microsoft), needless to say I thank the authors for this public information.

Sample Code
  • Read from an SNMP device. The following Visual Basic script example performs a Get operation on a device class.
Set objLocator = CreateObject("wbemscripting.swbemlocator")

Set objServices = objLocator.ConnectServer(, "root\snmp\mngd_hub")

objServices.security_.privileges.AddAsString("SeSecurityPrivilege")

Set objSet = objServices.ExecQuery _

("SELECT * FROM SNMP_NET_DEVICE_123 WHERE hdwr_idx>1",, _

wbemFlagReturnWhenComplete)

for each obj in objset

'do whatever

next

  • Write to an SNMP device. The following script example performs a Set operation on a device class.

Set objLocator = CreateObject("wbemscripting.swbemlocator")

Set objServices = objLocator.ConnectServer(, "root\snmp\mngd_hub")

objServices.security_.privileges.AddAsString("SeSecurityPrivilege")

Set obj= objServices.Get("SNMP_NET_DEVICE_123=@")

obj.deviceLocation = "40/5073"

obj.put_

Posted by Charles Vaz at 10:04 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)