Microsoft KB Archive/200890

= SNMP Security Extended by Service Pack 4 =

Article ID: 200890

Article Last Modified on 11/1/2006

-

APPLIES TO


 * Microsoft Windows NT Server 4.0 Standard Edition
 * Microsoft Windows NT Server 4.0 Enterprise Edition

-



This article was previously published under Q200890



SUMMARY
Windows NT 4.0 Service Pack 4 added new security settings to SNMP. The security settings can be found by opening Control Panel, and double-clicking Network. Click the Services tab, select SNMP, click Properties, and then click Security.



MORE INFORMATION
Service Pack 4 has added extended community security to the SNMP service. Now, both the community name is checked for authentication and the host can define a level of access. These levels of access are closely aligned with the MIB access variable. The community security levels are as follows:
 * NONE - Cannot read or write any variables.


 * NOTIFY - An unsolicited message issent to an SNMP management system.


 * READ-ONLY - Cannot set any values.


 * READ-WRITE - Can read or write any variables that the MIB definition allows.


 * READ-CREATE - Allows the creation of a new row.

The interaction of the MIB access variable and the community security level can be seen in the following example:

If your community access level is set to READ-ONLY and the MIB access variable is set at READ-WRITE, the following operations would be valid: get-request, get-next-request, get-response, and trap. Note that the set-request is blocked by the more restrictive community access level. So, the combination of these two security parameters determines the level of functionality the user has with SNMP.

