SDX 6.4.x Network Guide > Reviewing the NIC Configuration > Directory Agents

Directory Agents

Directory agents obtain information from the directory and are active NIC agents; they provide information by:

• Starting at a specified DN, reading directory entries that match the configured filter.
• Making available the directory entries that they read.
• Monitoring and publishing changes in the directory.

Reviewing the Configuration of Directory Agents

To use SDX Configuration Editor to review the configuration for NIC directory agents:

1. In the navigation pane, select a NIC configuration file.
2. Click the Agents tab, and expand the Directory Agent section.

The following sample Directory Agent section, shows a subset of the fields available for configuration.

3. Review the entries in the fields.

See Directory Agent Fields.

Directory Agent Fields

In SDX Configuration Editor, you can modify the following fields in the Directory Agent section of the Agents pane in a NIC configuration file.

Resolvers List

• Names of NIC resolvers to which this agent sends events.
• Value—Comma-separated list of paths to NIC resolvers relative to the Static Configuration object.
• Default—No value
• Example—/realms/assignedIp/E1, /realms/assignedIp/D1
• Property name—pushtoServer

Roles List

• Names of NIC roles.
• Value—List of roles, separated by commas, in the format <realmName>:<roleName>

• <realmName>—Name of realm
• <roleName>—Name of role

• Default—No value
• Property name—pushToRole

Search Base

• DN of the location in the directory from which the agent should read information.
• Value—<DN>, <base>
• Default—No value
• Default—o=Network,<base>
• Property name—baseDN

Search Filter (optional)

• Directory search filter that the agent should use.
• Value—LDAP search filter
• Default—No value
• Example—(objectclass=umcVirtualRouter)
• Property name—searchFilter

Search Scope (optional)

• Location in the directory relative to the base DN from which the NIC agent can retrieve information.
• Value—One of the following options:

• Object—Entry specified in the Search Base field only
• Level—Entry specified in the Search Base field and objects that are subordinate by one level
• Subtree—Subtree of entry specified in the Search Base field

• Default—Subtree
• Property name—searchScope

Server URL

• Location of the directory in URL string format.
• Value—Location of the directory that stores configuration information in URL string format ldap:// <host>:<portNumber>

• <host>—IP address or name of directory host
• <portNumber>—Number of TCP/IP port

• Default—No value
• Example—ldap://127.0.0.1:389/
• Property name—java.naming.provider.url

Backup Servers URL

• List of redundant directories.
• Value—List of URLs separated by semicolons
• Default—No value
• Example—ldap://127.0.0.1:389/
• Property name—net.juniper.smgt.des.backup_provider_urls

Authentication DN

• DN that contains the username that the directory server uses to authenticate the NIC agent.
• Value—<DN>, <base>
• Default—No value
• Example—cn=nic, ou=Components, o=Operators, <base>
• Property name—java.naming.security.principal

Password

• Password that the directory server uses to authenticate the NIC agent.
• Value—<password>
• Guidelines—The password can be encoded in base64 and not visible in plain text. To use an encoded value, use the format {BASE64} <encoded-value>.
• Default—No value
• Example—nic
• Property name—java.naming.security.credentials

Key Attribute Name(s)

• Name of the directory attribute that the NIC agent uses for the network data object called key.
• Value—Name of an attribute in the directory
• Default—No value
• Example—virtualRouterName
• Property name—key.attrNames

Key Attribute Processor

• Java class that the NIC agent uses to generate the data key object.
• Value—Path to Java class
• Default—No value
• Example—net.juniper.smgt.gateway.nic.agent.dir.DnAttributeProcessor
• Property name—key.processor.classname

Value Attribute Name(s)

• Directory attribute that the NIC agent uses for the network data object called value.
• Value—Name of an attribute in the directory
• Guidelines—Specify only if the agent publishes mappings.
• Default—No value
• Example—SaeId
• Property name—value.attrNames

Value Attribute Processor

• Name of the Java class that the NIC agent uses to generate the data value object.
• Value—Path to Java class
• Guidelines—Specify only if the agent publishes mappings.
• Default—No value
• Property name—net.juniper.smgt.gateway.nic.agent.dir.vr.VrAttributeProcessor

Network Data Types

• Names of the data types that this NIC agent publishes. For names of data types, see Chapter 10, NIC Resolution Process.
• Default—No value
• Example—IpPool,Vr
• Property name—networkDataTypes

Publishing Interval

• Interval at which the NIC agent sends updates to the NIC resolvers.
• Value—Number of seconds in the range 0-2147483647
• Default—60
• Example—60
• Property name—publishingInterval

Event Life Expectancy

• Length of time that data is valid after the NIC proxy receives data associated with events published by this agent.
• Value—Number of seconds in the range 0-4294967295

• 0—Data does not expire
• Other values—Actual life expectancy of data

• Default—0
• Property name—eventLifeExpectancy

Directory Eventing Fields

For information about the directory eventing fields, see SDX Getting Started Guide, Chapter 14, Distributing Directory Changes to SDX Components.