SDX 6.4.x Getting Started Guide > Distributing Directory Changes to SDX Components > Extending the Directory Eventing System for SDX Components

Extending the Directory Eventing System for SDX Components

The SDX software defines a number of DES properties that extend the standard set. These DES properties have the format:

<connectionPrefix>.des.<propertySuffix>

The variable <connectionPrefix> is a property prefix that depends on the SDX component and the directory to which it connects. The variable <propertySuffix> depends on the DES property.

For example, the property net.juniper.smgt.des.enable_eventing is a property that specifies whether the DES for the NIC agent polls the directory periodically.

The following list describes the <propertySuffix> variables for the DES properties that you can configure for SDX components.

enable_eventing

• Specifies whether the SDX component polls the directory for changes.
• Value

• True—SDX component polls the directory for changes.
• False—SDX component does not poll the directory for changes.

pollinginterval

• Time interval at which the SDX component polls the directory.
• Value—Number of seconds in the range 15-2147483647

event_baseDN

• DN of an entry superior to the data associated with this SDX component in the directory.
• Value—o=<DN>, <base>

• <DN>—DN of superior entry

• Guidelines—If you are storing non-SDX data in the directory, and that data changes frequently whereas the SDX data does not, you may need to adjust the default value to improve performance. For optimal performance, set the value to the DN of an entry superior to both the SDX data and the changing non-SDX data.
• Default—o=umc, <base>

delegate_factory_initial

• Value used by an SDX internal process.
• Value—SDX software sets the value automatically
  

  CAUTION: Do not change this value.

  
  

connection_pool_size

• Number of directory connections that DES uses.
• Value—1
  

  CAUTION: Do not change this value.

  
  

dispatcher_pool_size

• Number of events that the SDX component can receive from the directory simultaneously.
• Value—Integer in the range 1-2147483647
  

  CAUTION: Some SDX components require a specific value for this property. See the documentation for the component to determine whether you can change this value.

  
  

connection_manager_id

• DES connection manager within the JNDI framework.
• Value—Text string
• Example—DIRAGENT_POOL_VR

fake_delete

• Specifies how DES tracks objects deleted from the directory.
• Value—SDX software sets the value automatically
  

  CAUTION: Do not change this value.

  
  

show_fake_delete

• Specifies whether you can view the objects deleted from the directory.
• Value

• True—Deleted objects are visible.
• False—Deleted objects are not visible.

• Default—False
  

  CAUTION: Do not change this value.

  
  

share_connection

• Specifies whether other SDX components running in the same process as this SDX component share a connection to the directory with this SDX component.
• Value—

• True—SDX components share the connection.
• False—SDX components do not share the connection.
  

  CAUTION: Do not change this value.

  
  

backup_provider

• List of redundant directories.
• Value—List of URLs separated by semicolons; URLs have the format
  ldap:// <host>:389

• <host>—IP address or name of the directory host

• Example—ldap://127.0.0.1:389/; ldap://127.0.0.2:389/

enable_sysman

• Specifies whether the SDX SNMP agent exports MIBs for this directory connection.
• Value

• True—SNMP agent exports MIBs.
• False—SNMP agent does not export MIBs.

connect.timeout

• Maximum time that DES waits for the directory to respond.
• Value—Number of seconds in the range 1-2147483647

retry_interval

• Time interval at which DES attempts to connect to the directory.
• Value—Number of seconds in the range 10-2147483647

connectcheck_interval

• Time interval at which DES verifies its connection to the directory.
• Value—Number of seconds in the range 15-2147483647

signatureDN

• DN of the directory entry that specifies the usedDirectory attribute. The usedDirectory attribute identifies the type of directory, such as openLDAP or DirX, to which the SDX software is connected. For information about this attribute, see the LDAP schema files in the SDX software distribution in the directory SDK/doc/ldap or on the Juniper Networks Web site at

http://www.juniper.net/techpubs/software/management/sdx

For information about setting this property, see Identifying the Type of Directory.

If the value of signatureDN is not the DN of a directory entry or is the DN of an entry that does not have a usedDirectory attribute, the SDX software logs an error and proceeds as it would for directory types other than DirX. If the value of the usedDirectory attribute does not correspond to a type of directory that the SDX software supports, the SDX software logs an error and proceeds as it would for directory types other than DirX.

• Value—<DN>
• Default—GlobalUserDatabase.server.signatureDN = o=umc
• Example—GlobalUserDatabase.server.signatureDN = o=SDX, o=Juniper, o=Applications

Example

java.naming.security.principal =  cn=nic,ou=Components,o=Operators,<base>

java.naming.security.credentials =  {BASE64}bmlj

java.naming.provider.url = ldap://127.0.0.1:389/

java.naming.factory.initial=net.juniper.smgt.lib.des.DESInitialContextFactory

net.juniper.smgt.des.enable_eventing = true

net.juniper.smgt.des.delegate_factory_initial = com.sun.jndi.ldap.LdapCtxFactory

net.juniper.smgt.des.connection_pool_size = 1

net.juniper.smgt.des.connection_manager_id = DIRAGENT_POOL_VR

net.juniper.smgt.des.dispatcher_pool_size = 1

net.juniper.smgt.des.fake_delete = true

net.juniper.smgt.des.show_fake_delete = false

net.juniper.smgt.des.directory_init_delta = 2592000

net.juniper.smgt.des.polling_interval = 30

net.juniper.smgt.des.share_connection=true

net.juniper.smgt.des.event_baseDN = <base>

net.juniper.smgt.des.enable_sysman = false

net.juniper.smgt.des.connect.timeout = 10

net.juniper.smgt.des.retry_interval = 30

net.juniper.smgt.des.connectioncheck_interval = 60

net.juniper.smgt.des.signatureDN = o=umc