Troubleshooting guide

ManualsBrandsAlcatel ManualsComputer equipment2.2-R02

Alcatel-Lucent 5620

SERVICE AWARE MANAGER

SYSTEM ADMINISTRATOR GUIDE

Alcatel-Lucent Proprietary

This document contains proprietary information of Alcatel-Lucent and is not to be disclosed

or used except in accordance with applicable agreements.

SYSTEM ADMI NISTRATOR GUI DE

Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01

Summary of content (560 pages)

PAGE 1
SYSTEM ADMINISTRATOR GUIDE Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 Alcatel-Lucent 5620 SERVICE AWARE MANAGER SYSTEM ADMINISTRATOR GUIDE Alcatel-Lucent Proprietary This document contains proprietary information of Alcatel-Lucent and is not to be disclosed or used except in accordance with applicable agreements. Copyright 2015 © Alcatel-Lucent. All rights reserved.
PAGE 2
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 Alcatel-Lucent assumes no responsibility for the accuracy of the information presented, which is subject to change without notice. Alcatel, Lucent, Alcatel-Lucent, the Alcatel-Lucent logo, lightRadio, and TiMetra are registered trademarks of Alcatel-Lucent. All other trademarks are the property of their respective owners. Copyright 2015 Alcatel-Lucent. All rights reserved. Disclaimers Alcatel-Lucent products are intended for commercial uses.
PAGE 3
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 Contents 5620 SAM System Administrator overview 1— 5620 SAM System Administrator Guide overview 1.1 1.2 1.3 1-1 5620 SAM System Administrator Guide overview................................... 1-2 5620 SAM system administrator role ................................................. 1-2 Suggested system administrator role prerequisites............................. 1-3 5620 SAM system administrator task and information map.......................
PAGE 4
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 Contents 2.8 iv 5620 SAM user security procedures.................................................. 2-16 Procedure 2-1 To reserve an admin account login ............................ 2-17 Procedure 2-2 To create a scope of command role ........................... 2-17 Procedure 2-3 To create a scope of command profile........................ 2-18 Procedure 2-4 To create a span of control .....................................
PAGE 5
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 Contents 3— NE user and device security 3.1 3.2 3.3 3.4 3.5 3.6 3.7 3.8 3.9 4— NE user and device security overview ............................................... 3-2 RADIUS, TACACS+, and LDAP .......................................................... 3-2 Combined local and remote authentication ..................................... 3-3 CPM filters and traffic management ................................................. 3-4 DoS protection....
PAGE 6
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 Contents Procedure 4-3 To verify the distribution of a global key chain to NEs ...... 4-6 Procedure 4-4 To identify differences between a global and local key chain policy or two local key chains ................................... 4-6 5620 SAM advanced configuration tasks 5— 5620 SAM component configuration 5.1 5.2 5.3 5.4 5.5 5.6 5.7 vi 5-1 5620 SAM component configuration overview ......................................
PAGE 7
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 Contents 5.8 6— 5620 SAM applications 6.1 6.2 6.3 6.4 6.5 7— Procedure 5-20 To enable debug configuration file reloading on an NE for mirror services..................................................... 5-28 Procedure 5-21 To configure throttle rates for subscriber trap events ...........................................................................
PAGE 8
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 Contents 8— 5620 SAM system redundancy 8.1 8.2 8.3 8.4 8.5 8.6 9— 9.2 9.3 9.4 9.5 9.6 viii 5620 SAM system redundancy overview ............................................. 8-2 5620 SAM system redundancy models................................................ 8-2 Auxiliary server redundancy ........................................................ 8-4 Redundancy functions ..................................................................
PAGE 9
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 Contents Procedure 9-4 To perform an on-demand device backup, restore, or configuration save............................................................. 9-17 Procedure 9-5 To import an NE configuration backup........................ 9-18 Procedure 9-6 To export an NE configuration backup ........................ 9-19 Procedure 9-7 To restore a device configuration backup other than the most recent ................................................
PAGE 10
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 Contents 5620 SAM routine maintenance tasks 10 — 5620 SAM routine maintenance overview 10.1 10.2 10.3 10.4 11 — 5620 SAM maintenance base measures 11.1 11.2 12.2 12.3 12.4 12.5 13.2 13.3 13.4 13.5 x 13-1 Verifying performance statistics collection ........................................ 13-2 Procedure 13-1 To check for performance monitoring statistics collection .......................................................................
PAGE 11
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 Contents 14.3 14.4 14.5 14.6 14.7 Checking Windows client platform performance.................................. 14-4 Procedure 14-2 To check Windows client station performance............. 14-5 Checking LAN TCP/IP connections between network-management domain elements ................................................................ 14-6 Procedure 14-3 To check network management connections ...............
PAGE 12
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 Contents 15.9 15.10 15.11 15.12 15.13 5620 SAM database export and import............................................ Procedure 15-25 To export a 5620 SAM database ........................... Procedure 15-26 To import a 5620 SAM database ........................... Clearing inactive residential subscriber instances from the 5620 SAM database ........................................................................
PAGE 13
Release 13.
PAGE 14
Release 13.
PAGE 15
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 1— 5620 SAM System Administrator Guide overview 1.1 5620 SAM System Administrator Guide overview 1.2 5620 SAM system administrator role 1-2 1-2 1.
PAGE 16
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 1 — 5620 SAM System Administrator Guide overview 1.1 5620 SAM System Administrator Guide overview The 5620 SAM System Administrator Guide describes the tasks that are typically performed by a user with an Administrator scope of command role.
PAGE 17
Release 13.
PAGE 18
Release 13.
PAGE 19
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 1 — 5620 SAM System Administrator Guide overview Task or information Information location Describes how to perform the following redundancy tasks using the 5620 SAM GUI, or scripts on a 5620 SAM main server: Chapter 8 • • • • Check the 5620 SAM server and database redundancy status. Perform a manual activity switch from the primary to standby server. Enable or disable automatic 5620 SAM database realignment.
PAGE 20
Release 13.
PAGE 21
Release 13.
PAGE 22
Release 13.
PAGE 23
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2— 5620 SAM user security 2.1 5620 SAM user security overview 2-2 2.2 User account and group management 2.3 User activity logging 2-3 2-4 2.4 Sample span rule configuration 2.5 Remote 5620 SAM user access 2-7 2-9 2.6 Sample 5620 SAM user authentication configuration 2-12 2.7 Workflow to configure and manage 5620 SAM user security 2-14 2.
PAGE 24
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 2.1 5620 SAM user security overview This chapter provides information about user access and user security for various 5620 SAM functional areas. You can configure and manage the following 5620 SAM user security functions and elements: • creating and managing user groups to which 5620 SAM users are assigned.
PAGE 25
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 2.
PAGE 26
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security • The assigned user privileges determine the following for a GUI user: • the available 5620 SAM menu options • the parameters on object property forms that are configurable • By default, a user group is assigned access to all 5620 SAM objects. • A user acquires span of control access rights from the associated user group.
PAGE 27
Release 13.
PAGE 28
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security The User Activity form displays a filterable list of the logged user activities, and a filterable list of the logged client and server session activities. Client session activities include connection, disconnection, and access violation. Server session activities include startup and shutdown. The properties form of a client connection log record lists the activities performed by the user during the client session.
PAGE 29
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security • When a high-level object such as an NE is deleted, one aggregate activity record is created, rather than multiple NE child object activity records. • The XML text in a log entry is limited to 4000 characters. If an activity generates more than 4000 characters of XML text, the text is truncated, and the truncation is indicated on the log entry form.
PAGE 30
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Table 2-3 Sample span rule configuration Task Description 1. Create a span that contains the existing customer services. • 2. Create a span of control profile for the service administrator. 3. Create a range policy for each service type that the service administrator for the customer can create. In the sample, the services are IES and VPRN. 4. Create a span rule that contains the customer span.
PAGE 31
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 2.5 Remote 5620 SAM user access In addition to local account management, 5620 SAM user authentication and authorization can be accomplished via remote servers. 5620 SAM supports the following remote user access protocols: • LDAP or LDAPS • RADIUS • TACACS+ Note — Alcatel-Lucent recommends using LDAP Secure, or LDAPS, in a live deployment.
PAGE 32
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Assigning remote users to 5620 SAM user groups User authorization is the assignment of a user to a user group after successful user authentication. By default, the 5620 SAM assigns a remote user to a default user group, if one is specified. Optionally, you can configure the 5620 SAM to assign a group specified by a remote server.
PAGE 33
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security After a communication failure between a GUI client and a 5620 SAM main server when one-time password use is in effect, the GUI client is unable to obtain authentication using the cached credentials from the previous login attempt.
PAGE 34
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 2.6 Sample 5620 SAM user authentication configuration Figure 2-1 shows an example of how 5620 SAM user and user group authentication is performed. Note 1 — RADIUS and TACACS+ authentication servers support multiple users. If the 5620 SAM cannot reach the first authentication server, the 5620 SAM sequentially attempts the user authentication using the remaining authentication servers.
PAGE 35
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Figure 2-1 Sample 5620 SAM user and user group authentication Network CLI Local authentication Jane D 9:30 a.m.
PAGE 36
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Task Description 1. Configure the remote authentication order for all users Choose Administration→Security→5620 SAM Remote User Authentication from the 5620 SAM main menu. Set the authentication order parameters to the following, and then specify the RADIUS and TACACS+ servers on the RADIUS and TACACS tabs. • • • 2.
PAGE 37
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 3 Create scope of command roles or modify the default role to meet your operational requirements; see Procedure 2-2. 4 Create scope of command profiles that contain the appropriate scope of command roles for the types of tasks to be performed; see Procedure 2-3. 5 Create spans or modify the default span to meet your operational requirements. Add 5620 SAM managed objects to the spans; see Procedure 2-4.
PAGE 38
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 13 Manage user accounts, as required. • • • List inactive user accounts; see Procedure 2-18. Suspend or reinstate user accounts; see Procedures 2-19. Manage passwords. • • • • • 14 Broadcast a message to one or more 5620 SAM GUI users; see Procedure 2-25. List and optionally close GUI client sessions; see Procedure 2-26.
PAGE 39
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Procedure 2-1 To reserve an admin account login You can reserve one client GUI session from the maximum number of sessions allowed by the license key, for admin users only. This allows an administrator to manage the existing client GUI sessions. You must have an account with an assigned security scope of command role to perform this procedure.
PAGE 40
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 5 Configure the permissions for the scope of command role: i Click on the Permissions tab. A list of the 5620 SAM packages, classes, and methods is displayed. Note — When you enable the Create permission for a 5620 SAM package, method, or class, the Update/Execute permission is automatically enabled.
PAGE 41
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Procedure 2-4 To create a span of control The span of control for a user is a list of the objects over which the user has control, for example, a group of NEs or services. You can create an original span, or copy an existing span and modify the list of associated objects to create a new span. The objects that are in a span, or that can be added to a span, are called span objects.
PAGE 42
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Each user can control which objects the 5620 SAM displays in maps, lists, and navigation trees, based on the user span of control. The User Preferences form contains a parameter that globally specifies whether the Edit Access span objects of the user appear by default. Objects that are not in a View Access span of the user are not displayed, regardless of the user preference.
PAGE 43
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Blocked Edit and Blocked View spans restrict access to a subset of the objects in another span in the same profile. For example, when multiple span of control profiles each contain the Default Service Span, you can add a customer-specific Blocked View or Blocked Edit span to each profile so that the user group associated with a profile can view or configure only the services of specific customers.
PAGE 44
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Procedure 2-6 To create a span rule A span rule is associated with a format or range policy, and applies to the users and user groups that are specified in the format or range policy. You can associate multiple range policies with one user and service type, which enables the automatic addition of a new service to a specific span based on the service ID specified when the service is created.
PAGE 45
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 3 Configure the required parameters. 4 If the user group is for OSS users or remote GUI users, configure the required parameters in the Remote Users panel. 5 Select a scope of command profile in the Scope of Command panel. 6 Select a span of control profile in the Span of Control panel. 7 If you are modifying a user group, click on the Format and Range Policies tab.
PAGE 46
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 4 Configure the Allow Mandatory Workspaces Only parameter in the Mandatory Workspaces panel: a Select the Allow Mandatory Workspaces Only check box. Note 1 — If you select the Allow Mandatory Workspaces Only check box, the Add button on the User Preferences→Workspaces form is dimmed and the user cannot change the list of workspaces on their User Preferences form.
PAGE 47
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 7 Click Move Up or Move Down to move the workspaces up or down. The workspace at the top of the list is the default workspace. Note 1 — You need a minimum of one workspace in the User Group. Note 2 — If the last user workspace is deleted, the users default workspace in the User Preferences form is replaced by the user group default workspace. 8 Save your changes and close the form.
PAGE 48
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 3 Configure the required parameters. 4 Click Select and choose a user group. 5 If required, test the validity of the user e-mail address by clicking Test E-mail beside the E-mail Address parameter. Note — Before you test the validity of the user e-mail address, ensure that the outgoing SMTP e-mail server and e-mail test message are configured.
PAGE 49
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Procedure 2-12 To configure expiry periods and a GUI inactivity timeout You can configure the global expiry periods for 5620 SAM user accounts, passwords, and client GUI inactivity checks, and per user group expiry periods for client GUI inactivity checks. You can also enable a password history count.
PAGE 50
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 4 iii Enable the Non-Web Override Global Timeout parameter. iv Configure the Non-Web Client Timeout (minutes) parameter. Save your changes and close the form. Procedure 2-14 To configure the minimum allowable user name length 1 Using an account with an assigned security scope of command role, choose Administration→Security→5620 SAM User Security the 5620 SAM main menu.
PAGE 51
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Procedure 2-16 To configure suspended account actions You can specify a suspended account message for a user account when you suspend the user account using the User State parameter. 1 Using an account with an assigned security scope of command role, choose Administration→Security→5620 SAM User Security the 5620 SAM main menu. The 5620 SAM User Security - Security Management (Edit) form opens.
PAGE 52
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 3 Click Inactive User Search and perform one of the following: a Choose ≥90 Days. b Choose ≥180 Days. c Specify another period: i Choose Custom User Inactivity Period. The Custom User Inactivity Period form opens. ii Configure the User inactive greater than or equal to parameter.
PAGE 53
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 3 Select a user and click Properties. The User type_of_user (Edit) form opens. 4 Configure the User Password parameter and the Confirm Password parameter. 5 Save your changes and close the form. Procedure 2-21 To force a 5620 SAM user password change You can force a specific 5620 SAM user to change the user password during the next login attempt.
PAGE 54
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 3 Configure the required password parameters. 4 Save your changes and close the form. Procedure 2-23 To export the local tab preferences of one or more users You can export the local tab preferences of single or multiple users to a specified directory. You can reuse these saved tab preferences settings by importing them later.
PAGE 55
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 5 Navigate to the directory from which you need to assign a tab preference. Note — Only a single user’s tab preferences can be in the specified directory or an error message appears. 6 Click Open and click Yes. The assigned tab preferences overwrite the local tab preferences of the selected users.
PAGE 56
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 5 To close a GUI client session, select a session in the list and click Close Session. Note — Closing a 5620 SAM-O session has additional dependencies; see Procedure 2-27 for more information. 6 Close the form.
PAGE 57
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Procedure 2-28 To view the user activity log You can view user activity log entries associated with the following: • • a user a client session Note 1 — Viewing user activity records other than LI activity records requires a user account with an assigned Administrator or 5620 SAM Management and Operations scope of command role.
PAGE 58
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 5 Depending on the activity Type and Sub Type, the Additional Info panel contains detailed activity information. If required, expand the panel to review the information.
PAGE 59
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Procedure 2-29 To view the user activity associated with an object You can navigate from the properties form of an object to a form that lists the recent user actions associated with the object. 1 Open the required object properties form. 2 Click User Activity. The Activity form opens. Note — The User Activity function is available only for objects that exist in the 5620 SAM database.
PAGE 60
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security This section of the file contains the maximum number of admin sessions that can be configured. max5620SAMAdminSessions="value" where value is the max number of allowed admin user sessions. 6 Save and close the nms-server.xml file. 7 Open a console window. 8 Navigate to the /opt/5620sam/server/nms/bin directory. 9 Enter the following at the prompt: bash$ ./nmsserver.
PAGE 61
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Note 1 — SSL must be enabled in the 5620 SAM system, as described in the 5620 SAM | 5650 CPAM Installation and Upgrade Guide. Note 2 — The remote LDAP server must be operational and accessible to the 5620 SAM system when you perform the procedure. Note 3 — In a redundant 5620 SAM system, you must perform the procedure first on the standby main server. 1 Log in as the samadmin user on the main server station.
PAGE 62
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security -- SAM Server is UP 8 Close the console window. Procedure 2-34 To enable remote user authorization via RADIUS Perform this procedure to enable the 5620 SAM to accept user group assignments from RADIUS servers. Enable RADIUS remote authorization in 5620 SAM Note — You must perform steps 1 to 8 on each main server in the 5620 SAM system. 1 Log in to the main server station as the samadmin user.
PAGE 63
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 8 Close the console window. Configure remote RADIUS server 9 Copy the RADIUS dictionary section in Code 2-2 to the RADIUS dictionary file on the RADIUS server. Note — The vendor ID must be 123.
PAGE 64
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Code 2-3: SamJaasLogin.config file, TACACS+ parameters TACACSLogin { com.timetra.nms.server.jaas.provider.tacacs.auth.TacacsP lusJaasLoginModule REQUIRED debug=false samvsa=true ; }; 6 Save and close the file. 7 Perform one of the following. a On a standalone main server, or the primary main server in a redundant system, enter the following: bash$ /opt/5620sam/server/nms/bin/nmsserver.
PAGE 65
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 2 Select a user group in the Default External User Group panel. Note — Do not select a user group that has the Apply Local Authentication Only parameter enabled, or remote login attempts fail. 3 Save your changes and close the form.
PAGE 66
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security The Bind DN parameter specifies the LDAP attribute set that identifies the user name of an LDAP user who is authorized to perform LDAP lookups, and the Bind DN password is the password of the user. iv Configure the parameters in the User Lookup Settings panel.
PAGE 67
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security (value={USERNAME}) where value is the LDAP attribute or context vi 9 Save your changes. Close the Remote Authentication Manager (Edit) form. Procedure 2-37 To change the 5620 SAM Task Manager settings The Task Manager lets 5620 SAM operators monitor the progress of operational tasks. Only 5620 SAM administrators can change task monitoring parameters. Note — The Task Manager is operational with the default values.
PAGE 68
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security 9 Modify the client configuration, if required. i Log in to a 5620 SAM single-user client or client delegate server station. Note 1 — If you log in to a RHEL client delegate server station, you must log in as the samadmin user. Note 2 — If you log in to a single-user client station, you must log in as the user who installed the client, or as a local administrator. 10 ii Open a console window.
PAGE 69
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 2 — 5620 SAM user security Procedure 2-39 To import workspaces and local tab preferences You can import workspaces, local tab preferences, or both, from a directory. 1 Choose Administration→Security→5620 SAM User Security from the 5620 SAM main menu. The 5620 SAM User Security - Security Management (Edit) form opens. 2 Click Settings and choose Import. The Import Directory window opens.
PAGE 70
Release 13.
PAGE 71
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3— NE user and device security 3.1 NE user and device security overview 3.2 RADIUS, TACACS+, and LDAP 3-2 3.3 CPM filters and traffic management 3.4 DoS protection 3.5 DDoS protection 3.6 IP security 3-2 3-4 3-4 3-5 3-7 3.7 7705 SAR-H firewalls 3-8 3.8 Workflow to manage NE user and device security 3.
PAGE 72
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 3.1 NE user and device security overview You can use the 5620 SAM to configure security for managed-device access that includes the following: • • • • • • • device user accounts, profiles, and passwords RADIUS, TACACS+, and LDAP authentication for 5620 SAM user accounts MAFs CPM filters DoS protection DDoS protection X.
PAGE 73
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security You can create device user accounts as a backup to RADIUS, TACACS+, or LDAP authentication. In the event that a RADIUS, TACACS+, or LDAP function fails, the device user account provides device access. TACACS+ and LDAP provide functions that are similar to RADIUS. Note — The 5620 SAM checks for reachability to a TACACS+ server using UDP port 49 to prevent long timeout issues.
PAGE 74
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 3.3 CPM filters and traffic management Device CPMs provide dedicated traffic management and queuing hardware to protect the control plane. You can use CPM filters to specify which types of traffic to accept or deny, and to allocate and rate-limit the shaping queues for traffic directed to the CPMs. Note 1 — The 7705 SAR does not support Queue filters or MAC CPM IP filters.
PAGE 75
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security DoS protection limits the number of packets that are received each second, and optionally logs a violation notification if a policy limit is exceeded. You can use the NE System Security form to view the violations for a specific NE.
PAGE 76
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security Policers are used to enforce a traffic rate-limiting function. Rate limiting is configurable in packets per second or kb/s. Configurable burst tolerance allows extra full handshake attempts, as required by some protocols. When a policer determines that a packet is non-conformant, it discards the packet or marks it as low-priority.
PAGE 77
Release 13.
PAGE 78
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 3.7 7705 SAR-H firewalls The 5620 SAM supports the firewall function on a Release 5.0 7705 SAR-H. Using the 5620 SAM, you can configure firewall policies, view the firewall status and display the firewall faults. The 5620 SAM supports the configuration of an individual NE instance or a policy that applies to multiple NEs. See Procedure 3-17 for more information. Note — Release 6.
PAGE 79
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 5 Create NE DoS protection policies, as required to control the amount of subscriber-based control-plane traffic that the NE interfaces receive; see Procedure 3-3. 6 View NE DoS protection violations, as required; see Procedure 3-4.
PAGE 80
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 3.9 NE user and device security procedures This section provides procedures to create and manage security on the managed devices. Procedure 3-1 To configure a MAF Perform this procedure to configure user access to an NE using a management access filter, or MAF.
PAGE 81
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security If you set the Frame Type parameter to e802dot2SNAP, configure the parameters in the Match Criteria - SNAP panel. If you set the Frame Type parameter to Ethernet II, configure the Ether Type parameter. v Save your changes and close the form. 8 Repeat step 7 to configure an additional MAC entry, if required. 9 Click Apply to save the changes. 10 Distribute the MAF to NEs, as required.
PAGE 82
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 6 To configure an IPv6 filter entry, perform the following steps. i Click on the IPv6 Entries tab. ii Click Create or choose an entry and click Properties. The CPM IPv6 Filter Entry (Create|Edit) form opens. iii Configure the required parameters. iv Click on the Filter Properties tab. v Configure the required parameters. vi Save your changes and close the form.
PAGE 83
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 13 Distribute the filter to NEs, as required. 14 Close the open forms. Procedure 3-3 To configure an NE DoS protection policy Perform this procedure to control the amount of subscriber-based control-plane traffic that NE interfaces receive.
PAGE 84
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security Procedure 3-4 To view NE DoS protection violations 1 Choose Administration→Security→NE System Security from the 5620 SAM main menu. The Select Site form opens. 2 Choose a managed device in the list and click OK. The NE System Security (Edit) form opens. 3 Click on the NE DoS Protection tab. 4 Perform one of the following to view a specific violation type.
PAGE 85
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security iii Configure the required parameters. iv If the Rate Type parameter is set to Kbps, configure the Rate Limit (Kb/s) and Buffer Space (Bytes) parameters in the Kbps panel. You can specify a default value for these parameters by selecting the Default check box.
PAGE 86
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security iv Use the Select button in the Enforcement panel to choose a policer. Note — If the Type parameter is set to Static, you must choose a static policer. If the Type parameter is set to Dynamic, you must choose a local monitoring policer. However, if the Type parameter is set to Dynamic and the Local Monitoring Bypass parameter is enabled, you cannot specify a local monitoring policer.
PAGE 87
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 4 Perform the following steps. i Click on the Entries tab. ii Click Create or choose an entry and click Properties. The Site User Profile Match Entry (Create|Edit) form opens. iii Configure the required parameters. The Match String parameter value is a CLI command prefix that defines the scope of the user profile.
PAGE 88
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 5 When an SNMPv3 user account and group exist on a managed device, you can configure the user authentication parameters. To configure the parameters, perform the following steps. Note — If MD5 or SHA authentication and DES privacy is used, ensure that the keys are on the device and associated with the SNMPv3 user group. 6 i Click on the SNMPv3 tab. ii Configure the required parameters.
PAGE 89
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 4 Specify the types and order of password authentication to be used to verify the user account password using the Authentication Order 1 through 3 parameters. Set the order from the most preferred authentication method to the least preferred. 5 Configure the password complexity rules using the parameters in the Complexity Rules panel. 6 Click Apply to save the changes.
PAGE 90
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security Procedure 3-10 To configure an NE TACACS+ authentication policy See the appropriate TACACS+ documentation for more information about configuring TACACS+ servers. 1 Choose Administration→Security→NE TACACS+ Authentication from the 5620 SAM main menu. The NE TACACS+ Authentication form opens. 2 Click Create or choose an entry and click Properties. The Site TACACS+ Policy (Create|Edit) form opens.
PAGE 91
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security Procedure 3-11 To configure an OmniSwitch RADIUS, TACACS+, or LDAP security authentication policy 1 Choose Administration→Security→NE AOS Security Authentication from the 5620 SAM main menu. The NE AOS Security Authentication form opens. 2 Click Create or choose an entry and click Properties. The Site AOS Security Policy (Create|Edit) form opens. 3 Configure the required parameters.
PAGE 92
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security vi Configure the required parameters. vii Save and close the form. 5 To configure the CPM hardware queueing for BGP or T-LDP peers, click on the CPM Per-Peer-Queuing tab. 6 To configure user profiles, click on the System User Template tab. Otherwise, go to step 19. The default System User radius_default and tacplus_default templates are listed.
PAGE 93
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 21 Click on the following child tabs, as required, to view the DoS violations. • • • • • • Per MAC Source Violations Per IP Source Violations Link Specific Port Violations Network Interface Violations SAP Violations SDP Violations 22 Click on the VPRN Network Exceptions tab to configure rate limits for VPRN network exceptions. 23 Configure the required parameters.
PAGE 94
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 6 Perform the following steps to generate local PKCS#10 certificate request on a local compact flash drive. i Choose Admin Certificate→Generate Local Certificate Request from the More Actions button menu. The Admin Certificate Generate Local Certificate Request form opens. ii Configure the required parameters. iii Click Execute. The local request is generated. iv Close the form.
PAGE 95
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 11 12 13 14 To reload a certificate or keypair file from a local compact flash drive, perform the following steps. i Choose Admin Certificate→Reload File from the More Actions button menu. The Admin Certificate Reload File form opens. ii Configure the required parameters. iii Click Execute. The file content is reloaded. iv Close the form. To clear the OCSP cache, perform the following steps.
PAGE 96
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 4 Click on the CMPv2 tab and configure the required parameters. 5 To create a CMP key, perform the following steps. Note — A key that is created locally on an NE, for example, using a CLI, is not sent to the 5620 SAM, and is displayed on the Certificate Authority Profile form as N/A. Any N/A keys on an NE must be deleted before the profile can be distributed to the NE. i Click Create.
PAGE 97
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security Action See step Poll 18 Clear Request 20 Abort Request 22 (2 of 2) Initial Registration 6 Configure the required parameters in the Action panel. 7 Perform one of the following: a To perform an initial registration using a password, configure the required parameters in the Protection Algorithm - using Password panel.
PAGE 98
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 17 Go to step 23. Poll 18 Click Apply to send the poll request. 19 Go to step 23. Clear Request 20 Click Apply to send the clear request. 21 Go to step 23. Abort Request 22 Click Apply to send the abort request. 23 Close the open forms. Procedure 3-16 To distribute a license key to all 7705 SAR-H nodes The following procedure is only applicable to the 7705 SAR-H, Release 5.0.
PAGE 99
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security Procedure 3-17 To configure a 7705 SAR-H NE firewall Note — The NE firewall function is supported only on a Release 5.0 or later 7705 SAR-H. 1 Choose Administration→Security→NE Firewall→Default NE Firewall from the 5620 SAM main menu. The Firewall - Default (Edit) form opens. 2 Select a site and click Properties. The Firewall Site (Edit) form opens. 3 Configure the required parameters.
PAGE 100
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security c Service Group d Host Group Note 1 — Policies can be deleted in the following order: • • • Zone Rule Set Host Group or Service Group Note 2 — Host Group or Service Group policies cannot be deleted if rule sets are associated with them. Note 3 — Rule set policies cannot be deleted if they are associated with zones.
PAGE 101
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security Procedure 3-18 To configure an NE management access firewall on the 7705 SAR-H Caution — If the zone entry using the Management Access Firewall on the 7705 SAR-H is not properly configured, the essential communication channel between 5620 SAM and the NE could be terminated.
PAGE 102
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 6 Select the newly created NE Management Access Firewall policy and click Properties. 7 The Management Access Firewall form opens. The Configuration Mode parameter in the Policy Configuration panel is in the Draft state. Release the policy and distribute the policy as required. i Click Switch Mode. A confirmation dialog box opens. ii Click Yes to confirm the action.
PAGE 103
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security vii Choose one of the following from the IP Operator drop-down menu and enter the range, if required: • • EQUAL RANGE viii Save and close the form. 5 Save and close the form. 6 Choose the newly created NE CPM Firewall policy and click Properties. 7 The NE CPM Firewall form opens. The Configuration Mode parameter in the Policy Configuration panel is in the Draft state.
PAGE 104
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 5 Click Delete. 6 Click Yes. The policy is deleted. Procedure 3-21 To manually unlock a user account Use this procedure to manually unlock a user account that is locked due to too many failed login attempts. 1 From the 5620 SAM main menu, choose Administration→Security→NE User Configuration. The NE User Configuration form opens. 2 Click Search. A list of user accounts appears.
PAGE 105
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security 6 Click Yes to confirm the operation. The password history for the selected user at the specified sites is cleared. 7 Click OK. The NE User (Edit) form closes. Procedure 3-23 To clear collected statistics on a CPM filter Use this procedure to clear the IPv4, IPv6, MAC or Queue statistics collected on a local definition of a CPM filter.
PAGE 106
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 3 — NE user and device security Procedure 3-24 To manage OCSP cache entries on an NE 1 Choose Administration→Security→NE PKI Authentication→Site Public Key Infrastructure from the 5620 SAM main menu. The Select Site form opens. 2 Choose a managed device in the list and click OK. The Site Security Public Key Infrastructure (Edit) form opens. 3 Click on the OCSP Cache Entries tab. 4 Click Search.
PAGE 107
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 4— TCP enhanced authentication 4.1 TCP enhanced authentication overview 4-2 4.2 Workflow to configure TCP enhanced authentication for NEs 4-3 4.
PAGE 108
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 4 — TCP enhanced authentication 4.1 TCP enhanced authentication overview This chapter describes the 5620 SAM support of TCP enhanced authentication for NEs based on the MD5 encryption mechanism described in RFC2385. 5620 SAM TCP enhanced authentication allows the use of powerful algorithms for authenticating routing messages. The 5620 SAM uses a TCP extension to enhance BGP and LDP security.
PAGE 109
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 4 — TCP enhanced authentication When the 5620 SAM attempts to synchronize the keys in a global key chain with the keys on an NE, the NE does not return the secret key value. After a key chain is deployed to an NE, the shared secret and the encryption algorithm cannot be modified. You can delete a key chain or key only when it is not in use by a protocol. You can specify whether an NE uses a TCP key for sending packets, receiving packets, or both.
PAGE 110
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 4 — TCP enhanced authentication Procedure 4-1 To configure a global TCP key chain 1 Choose Administration→Security→TCP KeyChains from the 5620 SAM main menu. The TCP KeyChains form opens. 2 Click Create or choose a key chain and click Properties. The KeyChain Create|Edit form opens. 3 Configure the required parameters. 4 Click on the KeyChain Key tab. 5 Click Create or choose a key chain key and click Properties.
PAGE 111
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 4 — TCP enhanced authentication 3 When a key chain is in Draft configuration mode, the Distribute button is disabled and the key chain cannot be distributed to an NE. You must first release the key chain for distribution. To release a key chain: i Select the key chain entry and click Properties. The Key Chain (Edit) form opens. ii Click Switch Mode to acknowledge the Configuration Mode change. The Release form opens.
PAGE 112
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 4 — TCP enhanced authentication iii Choose one or more entries in the Available Local Policies panel and click on the right arrow. The chosen entries move to the Selected Local Policies panel. iv Depending on the current distribution mode of the chosen entries, perform one of the following: • • Click Sync With Global. Click Local Edit Only. The distribution mode of the selected entries changes accordingly.
PAGE 113
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 4 — TCP enhanced authentication 5 Click Local Audit On. The Local Audit form opens. Note 1 — You can cancel the local audit at any time by clicking Local Audit Off on the KeyChain (Edit) form. Note 2 — The 5620 SAM does not identify differences between the Begin Time and End Time properties of key chains. 6 Perform one of the following from the Policy scope menu: a Choose Global and go to step 7. b Choose Local to choose an NE.
PAGE 114
Release 13.
PAGE 115
Release 13.
PAGE 116
Release 13.
PAGE 117
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5— 5620 SAM component configuration 5.1 5620 SAM component configuration overview 5-2 5.2 Changing 5620 SAM default text fields and ID ranges 5.3 5620 SAM licensing 5-6 5.4 Workflow to configure 5620 SAM components 5-7 5.5 Software and license configuration procedures 5-8 5.6 System components configuration procedures 5-14 5.7 Network management configuration procedures 5.
PAGE 118
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration 5.1 5620 SAM component configuration overview The 5620 SAM may require a configuration change after it is installed to meet your specific operational requirements. The procedures in this chapter change the default system-wide behavior of 5620 SAM settings or functional preferences.
PAGE 119
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Table 5-1 lists the objects and associated parameters that can be managed using format and range policies.
PAGE 120
Release 13.
PAGE 121
Release 13.
PAGE 122
Release 13.
PAGE 123
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration 5.4 Workflow to configure 5620 SAM components 1 2 3 As required, manage the 5620 SAM software and license configuration. a View information about the installed 5620 SAM software release, license capacity, and installed 5620 SAM modules; see Procedure 5-1. b Export 5620 SAM license information to a file; see Procedure 5-2. c Update the 5620 SAM license. For a standalone deployment, see Procedure 5-3.
PAGE 124
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration 4 d Enable LSP on-demand resynchronization to disable scheduled resynchronization for some LSP objects; see Procedure 5-19. e Reload the debug configuration file after an NE restarts to ensure mirror services in a managed network resume operation after a reboot or a CPM activity switch; see Procedure 5-20.
PAGE 125
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration 2 To view the 5620 SAM system information: i Choose Help→5620 SAM License Information from the 5620 SAM main menu. The 5620 SAM License (Edit) form opens. ii View the 5620 SAM application information. iii Click on the Devices and Quantities Licensed tab. iv View the device equipment information.
PAGE 126
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration 3 Specify a name, location, and format for the file that is to contain the license information. 4 Click Save. The license information is saved in the specified file. 5 Close the form. Procedure 5-3 To update the 5620 SAM license in a standalone deployment 1 Log in to the main server station as the samadmin user. 2 Open a console window. 3 Navigate to the /opt/5620sam/server/nms/bin directory.
PAGE 127
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-4 To update the 5620 SAM license in a redundant deployment Note 1 — The license files that you import to the primary and standby main servers must contain identical quantity, package, and module parameters.
PAGE 128
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Done. where timestamp is a directory name in the following format: yyyy.mm.dd-hh.mm.ss Note — Importing the new license on the primary main server creates a license mismatch with the standby main server. As a result, the 5620 SAM generates an alarm. The alarm clears automatically after you import the new license on the standby main server, as described later in the procedure. 7 Close the console window.
PAGE 129
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-5 To list the backed-up 5620 SAM license files When you import a new 5620 SAM license, the 5620 SAM creates a backup copy of the existing license files. Perform this procedure to list the backup copy of 5620 SAM license files. 1 Log in to the main server station as the samadmin user. 2 Open a console window. 3 Navigate to the /opt/5620sam/server/nms/bin directory.
PAGE 130
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration 4 Open the nms-server.xml file using a plain-text editor. Caution — Contact your Alcatel-Lucent technical support representative before you attempt to modify the nms-server.xml file. Modifying the nms-server.xml file can have serious consequences that can include service disruption. 5 Locate the following XML tag in the nms-server.
PAGE 131
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration 3 Open a console window. 4 Enter the following to enable an update notification for clients that connect to the server and to prepare the client configuration files for download. bash$ /opt/5620sam/server/nms/bin/nmsdeploytool.bash deploy ↵ 5 Perform one of the following on each 5620 SAM single-user GUI client station and client delegate server station.
PAGE 132
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-8 To configure the display of multiple 5620 SAM systems as client GUI login options Perform this procedure to configure a client GUI login form to list multiple 5620 SAM systems as options in a drop-down menu. By default, one 5620 SAM system is listed. Note 1 — You cannot configure a client delegate server to display multiple server options on the client login form.
PAGE 133
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration iv Modify the nameOne (for standalone) or nameOne and nameTwo (for redundant) parameters to indicate the domain name and hostname of the server, for easier identification by operators. This name does not have to be the hostname of the server domain. In some cases, the name may be the same for the active and standby server in a redundant server domain. The name is not automatically derived from a host lookup.
PAGE 134
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration where new_file_location is the new default GUI table layout and GUI preferences location Note — The specified location can be an absolute file path or a file path relative to install_dir/nms, where install_dir is the client installation location.
PAGE 135
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Typically, an IP address or hostname change on a 5620 SAM component requires a series of component uninstallation and re-installation activities, depending on the scope of the change. The requirements of such an operation depend on the management network topology and other considerations, so must be co-ordinated and performed only under the guidance of Alcatel-Lucent technical support.
PAGE 136
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration 4 Enter the following: # cd Linux ↵ 5 Enter the following: # ./ServerInstall_RHEL_R_r_revision.bin ↵ where R_r is the release identifier, in the form MAJOR_minor revision is the revision identifier, such as R1, R3, or another descriptor The 5620 SAM server configuration utility opens, and displays the Introduction panel.
PAGE 137
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-12 To modify the default time period of statistics displayed by the Statistics Manager search filters By default, the 5620 SAM Statistics Manager limits search results to statistics records collected during the past hour. Perform this procedure to modify the default time period of the statistics displayed by the 5620 SAM Statistics Manager search filters.
PAGE 138
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-13 To modify the default time period of statistics displayed on object properties forms By default, the 5620 SAM displays the statistics records collected during the past hour on the Statistics tab on object properties forms. Perform this procedure to modify the default time period of the statistics displayed on the Statistics tab of an object properties form.
PAGE 139
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration 5 Select an object and property for which you need to apply the name format policy in the Property panel. 6 Click on the Users tab. Note — Only users and user groups that are assigned to this policy are affected by the policy. You can apply one or more format policies to a user or user group. See Chapter 2 for more information about creating users and user groups. 7 Click Add.
PAGE 140
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-15 To create or configure a range policy Use this policy to specify the ID range for services, LSPs, or L2 or L3 access interfaces. 1 Choose Administration→Format and Range Policies from the 5620 SAM main menu. The Format and Range Polices form opens. 2 Expand Format/Range (Property Rules) and choose Range Policy (Property Rules) from the Select Object Type drop-down menu.
PAGE 141
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration 5.7 Network management configuration procedures The following procedures describe how to configure system-wide 5620 SAM network management functions. Procedure 5-16 To configure automatic device configuration backup file removal Configure the 5620 SAM to automatically remove the configuration backup files for a device when the device is unmanaged.
PAGE 142
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-17 To configure service CAC to automatically bind PBB tunnels Configure the service CAC functionality to enable the 5620 SAM to automatically bind PBB tunnels to services based on the available bandwidth. Note 1 — This feature has limited availability. Contact your Alcatel-Lucent technical support representative for information about the availability of this feature.
PAGE 143
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration The main server reads the nms-server.xml file and enables the server CAC features on the client delegate server. Procedure 5-18 To enable alarm reporting to identify duplicate NE system IP addresses Perform this procedure to enable the 5620 SAM to verify the uniqueness of NE system IP addresses.
PAGE 144
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-19 To enable LSP on-demand resynchronization By default, the LSP on-demand resynchronization functionality is disabled. When you enable LSP on-demand resynchronization, the 5620 SAM scheduled resynchronization is then disabled for some LSP objects. See “LSP on-demand resynchronization” in the 5620 SAM User Guide for information about which LSP objects do not support on-demand resynchronization.
PAGE 145
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration 3 Navigate to the /opt/5620sam/server/nms/config directory. 4 Open the nms-server.xml file using a plain-text editor. Caution — Contact your Alcatel-Lucent technical support representative before you attempt to modify the nms-server.xml file. Modifying the nms-server.xml file can have serious consequences that can include service disruption.
PAGE 146
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-21 To configure throttle rates for subscriber trap events The throttle rate defines the number of events that can be received during a specified interval before the NE stops sending individual traps. Configure throttle rates for residential subscriber create and delete event traps on the 7750 SR.
PAGE 147
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration 4 Open the nms-server.xml file using a text editor. Caution — Contact your Alcatel-Lucent technical support representative before you attempt to modify the nms-server.xml file. Modifying the nms-server.xml file can have serious consequences that can include service disruption. 5 Locate the following XML tag:
PAGE 148
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-23 To create a default SNMPv2 OmniSwitch user on a 5620 SAM system Create a default SNMPv2 OmniSwitch user on a 5620 SAM system. Caution — Modify only the parameters specified in this procedure. Unauthorized modification of the nms-server.xml file can seriously affect network management and 5620 SAM performance. 1 Log in to the main server station as the samadmin user.
PAGE 149
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration 5.8 System preferences configuration procedures The following procedure describes how to configure 5620 SAM system preferences that affect the system-wide behavior of various global settings and functions. Procedure 5-24 To configure 5620 SAM system preferences Perform this procedure to customize or change the default value of 5620 SAM system preferences to meet your specific operational requirements.
PAGE 150
Release 13.
PAGE 151
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Function or setting Additionally see Statistic tab Allows you to configure the default behavior associated when exporting statistics files on a 5620 SAM server such as specifying the default log file retention time (applies to accounting and performance statistics) or log file rollover time (applies to performance statistics).
PAGE 152
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Function or setting Additionally see Policies tab Allows you to display or hide the policy names on policy configuration forms for the following: • • 5620 SAM User Guide Access ingress and access egress policies ACL IP, ACL IPv6, and ACL MAC policy filters Allow you to set a restriction in the distribution mode for certain types of local policies that will permit local editing only.
PAGE 153
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 5 — 5620 SAM component configuration Function or setting Additionally see WMM tab Allows you to configure the default behavior for the following 5620 SAM LTE ePC functions: • • • • 5620 SAM LTE RAN User Guide Enable or disable the automatic creation of physical links by the 5620 SAM between SRS and MME 9471 WMMs. The time-to-live time interval for PM statistics on WMM nodes.
PAGE 154
Release 13.
PAGE 155
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 6— 5620 SAM applications 6.1 5620 SAM application overview 6.2 Browser compatibility 6-2 6-2 6.3 User group access permissions 6-2 6.4 Workflow to work with applications 6-2 6.
PAGE 156
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 6 — 5620 SAM applications 6.1 5620 SAM application overview The 5620 SAM provides network management functions using browser-based applications. The use of the 5620 SAM applications is intended mainly for network fault monitoring and troubleshooting purposes. The applications are external to the 5620 SAM client GUI and do not require a local client installation. There can be up to 50 concurrent application sessions. 6.
PAGE 157
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 6 — 5620 SAM applications Procedure 6-1 To configure a supervision group Supervision groups include monitored objects. The type of monitored object depends on the application. For most applications, the monitored objects are NEs. For the Service Supervision application, the monitored objects are services. The criteria for monitored objects in a supervision group are based on inclusion filters.
PAGE 158
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 6 — 5620 SAM applications 7 Click Add to select a the supervision group you created in Procedure 6-1. 8 Save the changes and close the forms. Procedure 6-3 To enable SAP Down State Cause KPI for the Service Supervision application Since the monitoring of the operational state of all SAPs in the 5620 SAM can create performance concerns, you must choose the SAPs you want to monitor by performing this procedure.
PAGE 159
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7— 5620 SAM database management 7.1 5620 SAM database management overview 7-2 7.2 Workflow for 5620 SAM database management 7.
PAGE 160
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management 7.1 5620 SAM database management overview The 5620 SAM uses the following to store data such as network object information and statistics data: • 5620 SAM database • auxiliary database 5620 SAM database A 5620 SAM system requires a central database for persistent storage. The database can be on the same station as a 5620 SAM main server, or on a separate station.
PAGE 161
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management Auxiliary database cluster safeguards The 5620 SAM monitors each member of an auxiliary database cluster, and raises alarms for the following events: • database or database proxy state change • database or database proxy unavailability • loss of one or more cluster members 7.
PAGE 162
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management 14 Test the 5620 SAM database restore function to ensure that 5620 SAM database backups are viable in the event of a failure; see Procedure 13-3. 15 Verify the synchronization of NE and 5620 SAM database information; see Procedure 12-2. Incidental tasks 16 As required, unlock the Oracle database user account due to multiple login failures; see Procedure 7-15.
PAGE 163
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management Procedure 7-2 To display the auxiliary database status using the GUI Perform this procedure to display information about an auxiliary database in the 5620 SAM client GUI. 1 Choose Administration→Database from the 5620 SAM main menu. The Database Manager form opens. 2 Click on the Auxiliary Database Data Centers tab. 3 Select a data center and click Properties.
PAGE 164
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management 3 To display the database status of one auxiliary database: i Log on to the auxiliary database station as the root user. ii Open a console window. iii Enter the following: # /etc/init.d/samauxdb status iv 4 View the status. If the status is not Up, contact Alcatel-Lucent technical support for assistance. Close the console window.
PAGE 165
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management Please select one of the following options: 1) Setting failed login attempts 2) Unlock database user 0) Exit Please enter(1,2 or 0): b 6 Press n ↵ if you have incorrectly entered the password; return to step 4. To specify the allowed number of login failures, perform the following steps. i Enter 1 ↵.
PAGE 166
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management Completed changing the Oracle database user settings 8 Close the console window. Procedure 7-5 To configure Oracle database error monitoring You can configure how the 5620 SAM handles Oracle database errors to provide monitoring information that may help with troubleshooting or the detection of security violations such as SQL injection attacks.
PAGE 167
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management 3 Configure the general policy parameters. 4 Click on the Constrained Packages tab. 5 Right-click on the Size Constraint Policy icon and choose Select Packages. 6 Choose a size constraint package and click OK. The package appears in the navigation tree under the Size Constraint policy.
PAGE 168
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management 3 Review the Object Count information in the Status panel. The information refers to the most recent object deletion, and can help you define the appropriate ageout time and deletion interval values for the policy. 4 Configure the parameters.
PAGE 169
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management Code 7-1: Deletion interval parameters vii Modify the ageoutSyncTime and ageoutInterval values, as required. viii Save and close the AgeoutConstraint.xml file. ix Navigate to the /opt/5620sam/server/nms/bin directory.
PAGE 170
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management 5 Configure the required general file policy parameters and Purge Details panel parameters. 6 Click OK to save your changes and close the form. 7 If required, click Select to apply the new purge details to a default policy. 8 Save your changes and close the Database Manager (Edit) form.
PAGE 171
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management Note 1 — The 5620 SAM backs up the Oracle encryption wallet during a database backup, and restores the wallet during a database restore. In a redundant deployment, the 5620 SAM automatically replicates the encryption wallet from the primary to the standby database after the standby database reinstantiation. Note 2 — During a database backup, the performance of GUI or OSS operations may be affected.
PAGE 172
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management Procedure 7-11 To perform an immediate 5620 SAM database backup using a CLI Perform this procedure to initiate an on-demand 5620 SAM database backup using a CLI. Caution 1 — Ensure that there is sufficient disk space to store the database backup file set. The backup directory must be at least five times as large as the expected database backup size.
PAGE 173
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management Procedure 7-12 To create an auxiliary database cluster snapshot Perform this procedure to manually create a snapshot of one or all auxiliary database cluster members. A snapshot enables the recovery of data in the event of a failure. 1 Choose Administration→Database from the 5620 SAM main menu. The Database Manager (Edit) form opens. 2 Click on the Auxiliary Database Data Centers tab.
PAGE 174
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management 8 Click Delete Snapshot Set, and then click OK in the dialog boxes that appear. 9 Close the open forms. Procedure 7-14 To schedule 5620 SAM database backups and auxiliary database snapshots Perform this procedure to configure and enable automated, regular 5620 SAM database backups and auxiliary database cluster snapshots.
PAGE 175
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management 4 Configure the Scheduled Backup Directory parameter in the Backup Setting panel. The value that you specify is the database station directory in which to save the backup file sets. Each file set is stored in a subdirectory named backupsetn, where n is a sequential number; the highest possible value is the Number to Keep parameter value.
PAGE 176
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 7 — 5620 SAM database management 5 Perform one of the following. a Press ↵ to confirm that the supplied password is correct. The following prompt is displayed: Please select one of the following options: 1) Setting failed login attempts 2) Unlock database user 0) Exit Please enter(1,2 or 0): b 6 Press n ↵ if you have incorrectly entered the password; return to step 4. Enter 2 ↵.
PAGE 177
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8— 5620 SAM system redundancy 8.1 5620 SAM system redundancy overview 8.2 5620 SAM system redundancy models 8.3 Redundancy functions 8-2 8-2 8-5 8.4 Redundancy failure scenarios 8-12 8.5 Workflow to perform 5620 SAM system redundancy functions 8-17 8.
PAGE 178
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy 8.1 5620 SAM system redundancy overview 5620 SAM system redundancy is initially configured during 5620 SAM installation. You use the 5620 SAM GUI, or scripts on a 5620 SAM main server, to perform the following redundancy functions: • • • • Check the 5620 SAM redundant server and database status. Perform a manual activity switch from the primary to the standby main server.
PAGE 179
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy A 5620 SAM database uses the Oracle DataGuard function to maintain redundancy. During a redundant 5620 SAM installation or upgrade, the Oracle DataGuard synchronization level is set to real-time apply, which ensures that the primary and standby databases are synchronized. Figure 8-1 shows a collocated redundant 5620 SAM deployment.
PAGE 180
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy A main server role change is called a server activity switch. An automatic database role change is called a failover; a manual database role change is called a switchover. A typical redundant 5620 SAM deployment has a primary server and database in a geographically separate facility from the standby server and database facility.
PAGE 181
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy When an auxiliary server cannot connect to the primary main server or database, it re-initializes and continues trying to connect until it succeeds or, in the case of a database failover, until the main server directs it to the peer database.
PAGE 182
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy Server activity switches The standby server initiates an automatic server activity switch when it cannot communicate with the primary server. A 5620 SAM administrator performs a manual server activity switch, which is typically a planned server maintenance or test operation. For security reasons, you cannot use a 5620 SAM GUI or OSS client to perform a server activity switch.
PAGE 183
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy The following occur after a server activity switch: • If automatic database realignment is enabled, the new primary server performs a • • • • • • database switchover. The GUI clients communicate with the new primary server and display the current redundancy status. The OSS clients must connect to the new primary server.
PAGE 184
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy The following occurs after a successful database switchover: • The primary server connects to the new primary database. • Archive logging begins on the new primary database. • The primary server directs each auxiliary server to use the new primary database. When a database switchover fails, the primary and standby database roles do not change. No automatic database realignment occurs as a result of a switchover.
PAGE 185
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy When a database failover fails, the primary server tries again to communicate with the primary database. If the primary database remains unavailable, the primary server tries again to initiate a failover. Note — After a successful failover, database redundancy is not available. See “Re-establishing database redundancy” in this section.
PAGE 186
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy The database with which a main server tries to align itself is called the preferred database of the main server. An operator enables automatic database realignment and specifies the preferred database during 5620 SAM server installation, or during server configuration after installation.
PAGE 187
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy Table 8-2 summarizes the 5620 SAM database redundancy functions. Table 8-2 5620 SAM database redundancy functions Function Notes Database switchover No automatic database realignment occurs after a database switchover.
PAGE 188
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy 8.4 Redundancy failure scenarios The following describe the 5620 SAM actions in response to various types of redundancy failures. • Primary server loses contact with primary database • • • • • • • • 8-12 If the standby server can communicate with the primary database and the managed NEs, the primary server performs a server activity switch. No database failover occurs.
PAGE 189
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy Collocated system, primary station unreachable Figure 8-11 shows a collocated system in which the station that hosts the primary server and database is unreachable.
PAGE 190
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy The following occur when the primary station becomes unresponsive: • The standby server detects the connectivity loss and becomes the primary server. • The new primary server raises alarms about the unavailability of the former standby server and about the activity switch. • If automatic database realignment is enabled, the new primary server initiates a database switchover.
PAGE 191
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy Figure 8-14 Network failure on primary side, distributed system Connectivity loss Primary main server Standby main server Managed network Primary database Standby database 24119 The following occur after the connectivity loss is detected: • The initial primary server continues to operate as a primary server.
PAGE 192
Release 13.
PAGE 193
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy 8.5 Workflow to perform 5620 SAM system redundancy functions 1 Configure redundancy during 5620 SAM component installation. See the 5620 SAM | 5650 CPAM Installation and Upgrade Guide. 2 As required, perform manual activity switch and switchover. a b 3 8.6 For 5620 SAM main servers: i View the status of the primary and secondary servers to verify the redundancy status is Up; see Procedure 8-1.
PAGE 194
Release 13.
PAGE 195
Release 13.
PAGE 196
Release 13.
PAGE 197
Release 13.
PAGE 198
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy • • After a server activity switch, the new primary main server deploys outstanding configuration changes to NEs, establishes communication with the auxiliary servers, and synchronizes information with the auxiliary servers. A manual activity switch stops and starts the former primary main server.
PAGE 199
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy Procedure 8-5 To perform a 5620 SAM database switchover using the 5620 SAM client GUI Perform this procedure to use the 5620 SAM client GUI to switch the primary and standby database roles. Before you perform the procedure, ensure that you understand the following implications of a switchover. • • • • The primary and standby database roles are reversed. The primary main server connects to the new primary database.
PAGE 200
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy • • Archive logging begins on the new primary database. The primary main server directs each auxiliary server to connect to the new primary database. Caution — The execution of a database switchover depends on how the database switchover behavior is configured. Alcatel-Lucent recommends you review Procedure 8-4 before you attempt to perform this procedure to verify the current database switchover configuration.
PAGE 201
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy Note 1 — This procedure applies only to redundant 5620 SAM deployments. Note 2 — You must perform this procedure first on the standby main server station, and then on the primary main server station. 1 Log in to the standby main server as the samadmin user. 2 Stop the main server software. i Enter the following: bash$ cd /opt/5620sam/server/nms/bin ↵ ii Enter the following at the prompt: bash$ ./nmsserver.
PAGE 202
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy 10 Click Next in each subsequent panel until the “Database Alignment” panel is displayed. 11 Configure the “Enable Database Alignment” parameter. Note — You must configure this parameter the same way on the standby and primary main servers. 12 If you selected the “Enable Database Alignment” parameter in step 11, select a server to act as the preferred server. 13 Click Next.
PAGE 203
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy Before you attempt to perform this procedure, the following conditions must be true: • • The primary database proxy and the standby database proxy are in contact with the primary 5620 SAM server. The database listener is operating. 1 Log in to the client GUI as a user with the 5620 SAM admin scope of command role. 2 Choose Administration→System Information from the 5620 SAM main menu.
PAGE 204
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 8 — 5620 SAM system redundancy This action will rebuild the standby database. Do you want to proceed? (YES/no) : 5 Enter the following case-sensitive text at the prompt to begin reinstantiation: YES ↵ The 5620 SAM server begins to reinstantiate the former primary database as the standby database. Progress is indicated by a rolling display of dots in the console window. Database reinstantiation is complete when the CLI prompt reappears.
PAGE 205
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9— NE maintenance 9.1 NE maintenance overview 9-2 9.2 Workflow to perform NE maintenance 9-9 9.3 Workflow to configure NE configuration rollback 9-11 9.4 Workflow to perform a software upgrade on a 7210 SAS, 7450 ESS, 7705 SAR, 7710 SR, 7750 MG, 7750 SR, 7950 XRS, or OmniSwitch 9-11 9.5 Workflow to perform a 9500 MPR or 9500 MPRe software upgrade 9-12 9.
PAGE 206
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 9.
PAGE 207
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Managing NE backups and restores A 5620 SAM backup policy specifies the conditions under which the 5620 SAM performs an NE configuration backup to ensure that the device configuration is not lost in the event of a failure. A default policy that is assigned to all managed NEs is in place after a 5620 SAM installation. You can create and configure multiple backup policies, and you can assign them to multiple NEs.
PAGE 208
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance During a software upgrade, the 5620 SAM verifies that the new software is compatible with the device type and that the required files are present; otherwise, the upgrade is not attempted. You can use the 5620 SAM to roll back a software upgrade to the previous release in the event of an upgrade failure.
PAGE 209
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Managing NE configuration rollbacks A configuration rollback allows you to undo configuration changes but minimize the impact to services by avoiding a system reboot. The 5620 SAM allows you to perform up to five simultaneous NE rollback revert and rescue operations. Note 1 — In the configuration rollback process, the 5620 SAM sends snmp-set commands to initiate the creation of the rescue file and checkpoint files.
PAGE 210
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance When you choose one of the compare NE configuration rollback file options, the Checkpoint Compare window opens listing differences between the selected configuration files. The window title displays the names of the NE configuration files that are compared.
PAGE 211
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Example details The example policy settings are the following: • Auto Save Scheme—Every Nth Successful Deployment • • • • • • • • • Initiate a device configuration save after the number of configuration changes specified by Auto Save Threshold. Auto Save Threshold—3 Initiate a configuration save after every three successful deployments, if Auto Save Scheme is set to Every Nth Successful Deployment.
PAGE 212
Release 13.
PAGE 213
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Figure 9-1 illustrates the activities of the 5620 SAM backup/restore process. The labels correspond to events in the following sequence: 9.2 1 At the interval specified—every hour in this example—the 5620 SAM issues an FTP or SCP request to all devices for a backup. 2 The devices use FTP or SCP to send the BOF and configuration files to the 5620 SAM server. 3 The 5620 SAM main server stores the received files.
PAGE 214
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 7 As required, configure NE rollback configuration to revert to a previous router configuration on a specified NE; see section 9.3. 8 As required, perform an on-demand software upgrade or ISSU. • • • • • 9 As required, schedule device software upgrades. Scheduled software upgrades are supported on the following NEs. • • • • • 9-10 For an 1830 PSS software upgrade, see the 5620 SAM Optical User Guide.
PAGE 215
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 9.3 9.4 Workflow to configure NE configuration rollback 1 Configure the storage location for the NE configuration rollback rescue file and checkpoint files; see Procedure 9-11. 2 Create the NE configuration rollback rescue file; see Procedure 9-12. 3 As required, perform one or both of the following: a Create the NE configuration rollback checkpoint files manually; see Procedure 9-13.
PAGE 216
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 9.5 4 Back up the device configuration. See Procedure 9-4 for 7210 SAS, 7450 ESS, 7710 SR, 7750 MG, 7750 SR, or 7950 XRS backup information. See Procedure 9-8 for OmniSwitch backup information. 5 Perform an on-demand software upgrade or an ISSU to transfer the software image files to each NE that you need to upgrade.
PAGE 217
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 2 Download the image package to the 5620 SAM client. Extract the package and ensure that the .DSC file is present in the same folder. When you click on the import button, the image transfer is initiated; see Procedure 9-18. The 5620 SAM copies and temporarily stores the image files. When you click Upgrade Sites, the stored image files are transferred to the FTP server and retrieved by the 9500 MPR or 9500 MPRe.
PAGE 218
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 3 Click Create. The Software Upgrade Policy (Create) form opens. Note 1 — You can open an FTP or SSH file browser from this form to determine the values to use for the CFlash Image Root Path and CFlash Backup Root Path parameters. Click FTP File Browser or SSH File Browser, as required. See Procedures 9-35 and 9-36 for information about using the file browsers.
PAGE 219
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 7 Depending on the Transfer Protocol parameter value you specified, configure the FTP or SFTP parameters. 8 Configure the remaining parameters. 9 Click Apply. The Software Upgrade Policy (Create) form name changes to Software Upgrade Policy (Edit). 10 Click on the Software Upgrade Policy Assignment tab and distribute the policy to one or more NEs, as required.
PAGE 220
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 4 Configure the Policy Type parameter. Note — For the Policy Type parameter, select SR Based Node for the 7210 SAS, 7450 ESS, 7705 SAR, 7710 SR, 7750 MG, 7950 XRS, 9500 MPR, or 9500 MPRe. 5 If you set the Policy Type parameter to SR Based Node, you can perform a reboot after the configuration is restored on the device by specifying the Auto-Reboot After Successful Restore parameter.
PAGE 221
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 7 Click Apply. 8 Click on the Backup/Restore Policy Assignment tab and distribute the policy to one or more NEs, as required. 9 Close the form. Procedure 9-4 To perform an on-demand device backup, restore, or configuration save When you start an on-demand backup, you back up the device configuration based on the backup policy associated with the NE.
PAGE 222
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance • • CPM Sync and Pending Reboot Standby - the 5620 SAM is waiting for the reboot of the standby CPM Standby Reboot and Pending Redundant Switch-over - the 5620 SAM is waiting for the switchover to the standby CPM Note — During a backup, if a device is unresponsive to the 5620 SAM because SNMP on the device is disabled, the Backup State column entry for the device does not immediately display the correct value of Failed.
PAGE 223
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Procedure 9-6 To export an NE configuration backup Perform this procedure to export an NE configuration backup file from the 5620 SAM to the GUI client file system. 1 Choose Administration→NE Maintenance→Backup/Restore from the 5620 SAM main menu. The Backup/Restore form opens. 2 Click on the Backup/Restore Status tab. 3 Select the NE for which you are exporting a backup and click Properties.
PAGE 224
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Procedure 9-8 To perform a device backup on an OmniSwitch 1 On the Equipment tree, expand the OmniSwitch icon, right-click on an OmniSwitch shelf object, and choose Properties. The Shelf (Edit) form opens. 2 Click on the Software Control Module tab and set the Command to Apply parameter to Certified.
PAGE 225
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Procedure 9-9 To restore a configuration backup on an OmniSwitch Note 1 — You can import the locally available backup file for the same NE to the 5620 SAM which can be restored. Ensure the backup policy remains the same as was in place during the backup procedure. This will prevent the 5620 SAM from generating an error while importing the file. Note 2 — The restored backup configuration is stored on a working directory.
PAGE 226
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Procedure 9-10 To certify or synchronize OmniSwitch software 1 Choose Administration→NE Maintenance→OMNI Software Maintenance from the 5620 SAM main menu. The OMNI Software Maintenance form opens. 2 Perform one of the following: a Select one or more NEs from the list and click Certify. Go to step 5. b Select one or more NEs from the list and click Certify and Synchronize. Go to step 5.
PAGE 227
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 5 To configure the storage location for the NE configuration rollback checkpoint files: i In the Checkpoint File Storage panel, configure the required parameters. ii Configure the Rollback Location Type parameter. • • iii 6 If you specified FTP, in the Checkpoint File Storage — Remote Location panel, configure the required parameters.
PAGE 228
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Procedure 9-13 To create NE configuration rollback checkpoint files The checkpoint file storage location must be configured before you can create NE configuration rollback checkpoint files; see Procedure 9-11. You can also automate NE configuration rollback checkpoint file creation; see Procedure 9-14. 1 Choose Administration→NE Maintenance→NE Configuration Rollback from the 5620 SAM main menu.
PAGE 229
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Procedure 9-14 To configure scheduled checkpoint file creation See the 5620 SAM User Guide for more information about scheduling. You can also create NE configuration rollback checkpoint files manually; see Procedure 9-13. 1 Choose Administration→NE Maintenance→NE Configuration Rollback from the 5620 SAM main menu. The NE Configuration Rollback form opens. 2 Choose a rollback policy and click Properties.
PAGE 230
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 4 Click on the Checkpoint Files tab. 5 Perform one of the following: a b c d To compare the NE configurations of two checkpoint files: i Choose two checkpoint files. ii Click Compare File and choose Checkpoint Vs Checkpoint. To compare the NE configurations of a checkpoint file and the active configuration: i Choose a checkpoint file. ii Click Compare File and choose Checkpoint Vs Active-Configuration.
PAGE 231
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 3 Choose a device and click Properties. The NE Rollback (Edit) form opens. 4 Perform one of the following: a b To revert to the NE configuration rollback rescue file: i Click Revert to Rescue File. A dialog box appears. ii Click OK to acknowledge the warning and perform the reversion. To revert to a NE configuration rollback checkpoint file: i Click on the Checkpoint Files tab.
PAGE 232
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Procedure 9-18 To import device software image or description files to the 5620 SAM database Perform this procedure to import a set of device software files or 9500 MPR/9500 MPRe software description files into the 5620 SAM database for use during device software upgrades. 1 Make the new device software files available to the 5620 SAM.
PAGE 233
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 5 Click Import. The Open form opens. 6 Navigate to the directory that contains the software image and click Open. Note — If the directory structure is tiered, you must navigate to the directory that contains the boot loader file. For the example in step 1, this directory is the cflash directory.
PAGE 234
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 3 Click View Dependencies to view the dependency information. 4 Click the check box to confirm the action and click Yes. The operational state of the IO card displays the soft reset status when the soft reset is in progress. Procedure 9-20 To perform a hard reboot of an IOM or XCM 9-30 1 On the Equipment tree, locate an IOM or XCM card slot object by expanding Network→NE→Shelf→Card Slot n.
PAGE 235
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Procedure 9-21 To perform an ISSU or on-demand software upgrade on a 7210 SAS, 7450 ESS, 7705 SAR, 7710 SR, 7750 MG, 7750 SR, or 7950 XRS Perform this procedure to upgrade the device software on one or more NEs. The following must be true before you attempt a device software upgrade.
PAGE 236
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Note 1 — If you downgrade a device software image, you must unmanage and delete the device before you perform the downgrade, as described in the 5620 SAM User Guide. Contact Alcatel-Lucent technical support for information about device downgrades. Note 2 — If you attempt to upgrade a 7950 XRS, Release 11.0 R3 or earlier to Release 11.0 R4 or later, the 5620 SAM raises a NodeVersionMismatch alarm.
PAGE 237
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 6 Navigate to the directory that contains the software image, select the image, and click Open. Note 1 — The directory must contain only the files required for the upgrade. Note 2 — The 7450 ESS, 7710 SR, 7750 MG, 7750 SR, and 7950 XRS use a common software image. The Product Name field displays Alcatel-SR/ESS-7XXX to indicate that the software image is common to multiple devices.
PAGE 238
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Note 1 — Some device software upgrades, for example, ISSUs, do not require a reboot. See the device documentation for more information. Note 2 — When you perform an ISSU, you can manually soft reset or hard reboot the IOMs or IMMs after the upgrade. A soft reset results in minimal downtime, but has restricted support. See Procedure 9-19 to perform a manual soft reset, or Procedure 9-20 to perform a manual hard reboot.
PAGE 239
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Procedure 9-22 To upgrade the ISA-AA MDA software Perform this procedure to upgrade only the ISA-AA MDA software on an NE, for example, when the new software includes new AA protocol signatures. Note 1 — You cannot use the procedure to upgrade between major releases; only minor-release ISA-AA upgrades within the same major release are supported.
PAGE 240
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 2 Back up the device configuration. See Procedure 9-4. 3 Choose Administration→NE Maintenance→Software Upgrade from the 5620 SAM main menu. The Software Upgrade form opens. 4 Click on the Software Images tab and click Import. The Open window appears. 5 Navigate to the directory that contains the software image, select the directory, and click Open. Note — The directory must contain only the isa-aa.tim and md5sums.
PAGE 241
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 13 If the Software Upgrade parameter in the software upgrade policy is deselected, you must activate the software image. Perform the following steps. Note — Alternatively, you can select the required ISA-AA image on the Software Images tab and click Activate Image. i Edit the following software upgrade policy settings, as described in Procedure 9-1: • • ii Select the required software image and click Upgrade Sites.
PAGE 242
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance viii Click View Dependencies. A dialog box displays the number of objects that rebooting the ISA-AA MDA may affect. ix Click OK. x When you are certain that rebooting the MDA has no unintended effects, select the check box and click Yes. The 5620 SAM reboots the ISA-AA MDA. xi After the MDA reboots, right-click on the Daughter Card Slot object and choose Turn Up. A dialog box appears. xii Click Yes.
PAGE 243
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance See Procedure 9-24 for information about performing an ISSU on an OS 6400, OS 6850E, or OS 6855. You can perform the following types of software upgrades: • • • Image file Boot files CPLD/FPGA files (OS 6250 and OS 6450, Release 6.6.3-453R01 and later only) Warning — An OmniSwitch may require a firmware upgrade before a device software upgrade.
PAGE 244
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance • The directory structure that stores the image and configuration files is divided into two parts: • The certified directory contains files that have been certified by an authorized user as the default files for the switch. • The working directory contains files that may or may not be modified from the certified directory. The working directory is a holding place for new files.
PAGE 245
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 12 Click OK. The selected NEs reboots using the new software image that was uploaded to the working directory. Caution — Rebooting an NE that is in service is service-affecting. Ensure that the reboot activity occurs during a maintenance window. Note — Alcatel-Lucent recommends monitoring the switch to ensure that the reboot completes successfully. 13 Click Certify Sites. A list of NEs opens.
PAGE 246
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 24 Click Upgrade Boot files. A list of NEs opens. The list is filtered to display only the device type that is appropriate for the selected files. 25 Choose one or more NEs in the list. 26 Click OK. The boot files are upgraded on the selected NEs. 27 Click on the Software Upgrade Status tab to view the status of the upgrade as it progresses. Wait until the files have been successfully transferred before going to step 28.
PAGE 247
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 5 Ensure that one of the following is true: • • The Certify Status is Need Certify and the Synchronization Status is Not Synchronized. The Certify Status is Certified and the Synchronization Status is Synchronized. 6 Click OK to apply the changes. A dialog box appears. Click Yes. The Shelf (Edit) form closes. 7 Choose Administration→NE Maintenance→Software Upgrade from the 5620 SAM main menu.
PAGE 248
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 18 Click OK. A dialog box appears. 19 Click Yes. The software image stored in the NE working directory is copied to the certified directory. The working directory and the certified directory are synchronized so that the same files are in both directories. 20 Click on the Software Upgrade Status tab to view the status of the upgrade as it progresses. Once the sites have been successfully certified, continue to step 21.
PAGE 249
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance The following prerequisites are required before you can perform an upgrade: • • You need a new license key for each OS 6250 and OS 6450 OmniSwitch to be upgraded. Contact your Alcatel-Lucent sales representative if you need a new software license. You must copy the new license key to a text file and position the file in a folder in the node file system so the file can be imported into the 5620 SAM.
PAGE 250
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 11 Click Import. The Open form appears. 12 Locate the license key text file in the appropriate folder in the node file system and click Open. The license_key.txt file appears on the Licenses tab on the License Upgrade form. 13 Optionally, review the license key information before the installation by double-clicking on the license_key.txt file. The License Info form appears.
PAGE 251
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance You need a 5620 SAM user account with an administrator or network element software management scope of command role or a scope of command role with write access to the mediation package before you can perform a 9500 MPR/9500 MPRe software download. See chapter 2 for more information about scope of command roles. 1 Choose Administration→NE Maintenance→Software Upgrade from the 5620 SAM main menu.
PAGE 252
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Before performing this procedure, you must perform Procedure 9-18 to import the required device software image. 1 Choose Administration→NE Maintenance→Software Upgrade from the 5620 SAM main menu. The Software Upgrade form opens. 2 Select the required software upgrade policy. Note — The 5620 SAM performs the upgrade according to the configuration in the software upgrade policy that is assigned to the NE.
PAGE 253
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance iii Click Properties in the Task panel to view the 5620 SAM task information, if required. iv Save any changes and close the form. 5 Click Task Action and select the appropriate option to turn up, shut down, or execute the task, if required. 6 Click Delete to remove the scheduled task from the 5620 SAM, if required. You cannot delete a scheduled task that is operationally enabled.
PAGE 254
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 5 Select a software image in the list and click Activate. 6 Click Yes to activate the software image. 7 Verify the activation success, as described in Procedure 9-32. 8 Close the form. Procedure 9-30 To export a device software image from the 5620 SAM database to a file system 1 Choose Administration→NE Maintenance→Software Upgrade from the 5620 SAM main menu. The Software Upgrade form opens.
PAGE 255
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Procedure 9-32 To view the deployment, backup/restore, or software upgrade status of an NE 1 Perform one of the following: a Choose Administration→NE Maintenance→Deployment from the 5620 SAM main menu to view deployment status. The Deployment form opens. Double-click on a deployment in the list. View the deployment status in the deployment properties form.
PAGE 256
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Procedure 9-34 To view the trap metrics information 1 Choose Tools→Statistics→Trap Metrics Information from the 5620 SAM main menu. The Trap Metrics Information form lists the NEs that generated the most traps during the last collection interval. The collection interval is indicated by the Start Collection Period and End Collection Period values at the top of the form.
PAGE 257
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance b c Use the contextual menu for an NE. i Select an NE icon in the 5620 SAM network navigation tree or topology map. ii Right-click on the NE icon and choose NE Sessions→File Browser. The FTP File Browser form opens, then displays the Enter the Username and Password form. Use the NE alarm contextual menu. i Select an NE alarm in the 5620 SAM alarm window.
PAGE 258
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Procedure 9-36 To view an NE file system using an SSH file browser Perform this procedure to browse and list the contents of a managed NE using a secure file browser. You need console and SSH user-account privileges on the NE for access to the NE file system, and an SSH server must be configured on the NE.
PAGE 259
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 3 4 5 Navigate the file system as required. Perform one of the following actions to open a directory and list the contents: a Double-click on the directory row in the list. b Select the directory row and press O. c Type the path to the directory in the Path field and click Go.
PAGE 260
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance Click on the Faults tab to view alarm information related to the failure(s). A failure error message is not generated when the alarm is cleared or the failure entry is deleted. If a deployment failure is associated with more than one 5620 SAM GUI, the Problems Encountered form and related forms appear only on the GUI from which the deployment was issued.
PAGE 261
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 9 — NE maintenance 8 Click Refresh to update the list of failed deployments. 9 Close the form.
PAGE 262
Release 13.
PAGE 263
Release 13.
PAGE 264
Release 13.
PAGE 265
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 10 — 5620 SAM routine maintenance overview 10.1 Routine maintenance overview 10.2 Routine maintenance guidelines 10.3 Obtaining technical assistance 10.
PAGE 266
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 10 — 5620 SAM routine maintenance overview 10.1 Routine maintenance overview The 5620 SAM maintenance tasks and procedures are intended for NOC operations or other engineering operational staff that are responsible for developing and implementing maintenance procedures in 5620 SAM-managed IP/MPLS networks. The 5620 SAM maintenance tasks and procedures are categorized by the frequency they are performed or on an as required basis.
PAGE 267
Release 13.
PAGE 268
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 10 — 5620 SAM routine maintenance overview 10.4 Routine maintenance checklist Table 10-3 is a checklist of the recommended 5620 SAM routine maintenance tasks. Table 10-3 Recommended 5620 SAM preventive maintenance tasks ✓ Maintenance task Purpose See section Managing alarms Check the type and characteristics of the alarms, and to resolve the network problems caused by the alarms. 12.
PAGE 269
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 10 — 5620 SAM routine maintenance overview ✓ Maintenance task Purpose See section 5620 SAM platform modification As required, modify the 5620 SAM main server, auxiliary server or database platform to add or remove a CPU, install another NIC type, or increase or decrease the amount of RAM. 15.
PAGE 270
Release 13.
PAGE 271
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 11 — 5620 SAM maintenance base measures 11.1 Base measures overview 11.
PAGE 272
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 11 — 5620 SAM maintenance base measures 11.1 Base measures overview Maintenance base measures can be used by NOC operations or engineering staff that are responsible for maintenance issues to evaluate the activity and performance of network components, for example, client GUI response times when listing equipment. The data from a series of base measures can be used, over time, to track performance trends.
PAGE 273
Release 13.
PAGE 274
Release 13.
PAGE 275
Release 13.
PAGE 276
Release 13.
PAGE 277
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 11 — 5620 SAM maintenance base measures Performance base measures For networks, commonly available tools such as ping, which measures round trip time using ICMP, can be used to determine quantities such as packet loss and round trip delay. See the ping command information in this guide, and the 5620 SAM Troubleshooting Guide, for more information about performing the commands.
PAGE 278
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 11 — 5620 SAM maintenance base measures Service outage duration The duration of an outage is defined as the difference between the time a service becomes unavailable and the time it is restored. Time between outages is defined as the difference between the start times of two consecutive outages.
PAGE 279
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 12 — Daily maintenance tasks 12.1 Managing alarms 12-2 12.2 Verifying the synchronization of managed NE and 5620 SAM database information 12-3 12.3 Backing up the 5620 SAM database 12-4 12.4 Collecting and storing 5620 SAM log and configuration files 12-5 12.
PAGE 280
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 12 — Daily maintenance tasks 12.1 Managing alarms In large networks where the 5620 SAM is constantly interacting with a busy network, many alarms are raised. You should review alarms on a daily basis to check the type and characteristics of the alarms, and to resolve the network problems caused by the alarms. You should immediately correct physical equipment failure alarms or network device alarms.
PAGE 281
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 12 — Daily maintenance tasks iv Click OK. v Confirm the action. The Ack column in the alarm row indicates that the alarm is acknowledged. vi Right-click on the alarm entry row. The contextual alarm menu appears. vii Choose Delete Alarm(s) from the contextual menu to delete the alarm. Caution — You cannot recover a deleted alarm unless you store alarms in the alarm history log.
PAGE 282
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 12 — Daily maintenance tasks iii If deployments are listed, view the state of a deployment in the State column. The possible deployment states include: • • • • • • • • • iv 2 12.3 Canceled Deployed Failed (Configuration). Failure occurred because the configuration could not be applied to the specified objects. Failed (Internal Error). Failure occurred due to general error conditions. The state is intended for all other possible errors.
PAGE 283
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 12 — Daily maintenance tasks 12.4 Collecting and storing 5620 SAM log and configuration files When a 5620 SAM system runs for long periods with significant activity, the number of generated log files can consume a large amount of disk space. You must ensure that the contents of the 5620 SAM log directories are backed up on a regular basis to maintain a system activity record and to save disk space.
PAGE 284
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 12 — Daily maintenance tasks timestamp is the time of closure, in the following format: YYYY-MM-DD_hh-mm-ss 3 12.5 iv Collect the nms-auxserver.xml file, which contains server configuration settings, from the installation_directory/nms/config directory on each auxiliary server. v Collect the installation_directory/nms/config/nms-client.xml file from each client station. This file contains the client configuration settings.
PAGE 285
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 13 — Weekly maintenance tasks 13.1 Verifying performance statistics collection 13-2 13.2 Collecting device hardware inventory data 13-3 13.3 Testing 5620 SAM database restores 13-5 13.4 Checking scheduled device backups 13-6 13.
PAGE 286
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 13 — Weekly maintenance tasks 13.1 Verifying performance statistics collection Use the performance monitoring statistic log records to determine whether performance statistics are collected within the scheduled interval using the client GUI. Procedure 13-1 To check for performance monitoring statistics collection 1 Choose Tools→Statistics→Statistics Manager from the 5620 SAM main menu. The Statistics Manager form opens.
PAGE 287
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 13 — Weekly maintenance tasks 7 If there are gaps in the historical record, check the mediation policy to ensure that: • • polling is enabled and administratively up the polling interval for a specific MIB or MIB entry is sufficient for collecting the required statistics Note — Each row that represents a log record shows the Suspect column.
PAGE 288
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 13 — Weekly maintenance tasks 4 Click on the Inventory tab and choose Port (Physical Equipment). The list form displays the results of the inventory search for the selected device. 5 Generate a list based on the inventory collection or comparison that you plan to make. For example, to compare weekly lists of access ports, generate a filter to list only access ports.
PAGE 289
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 13 — Weekly maintenance tasks 13.3 Testing 5620 SAM database restores When you create daily 5620 SAM database backups, the 5620 SAM backups should be tested to ensure that they can be used to restore the 5620 SAM database in the case of a catastrophic failure. Caution — Do not perform the database restore test in the NMS domain. Ensure that there is no IP connectivity to any live network devices.
PAGE 290
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 13 — Weekly maintenance tasks 10 Enter the following: # ./DBConfig_RHEL_R_r_revision.bin ↵ where R_r is the release identifier, in the form MAJOR_minor revision is the revision identifier, such as R1, R3, or another descriptor The 5620 SAM database configuration utility opens. 11 Follow the prompts, as specified in the 5620 SAM | 5650 CPAM Installation and Upgrade Guide. Specify a database restore operation.
PAGE 291
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 13 — Weekly maintenance tasks Procedure 13-4 To check scheduled device backup status 1 Choose Administration→NE Maintenance→Backup/Restore from the 5620 SAM main menu. The Backup/Restore form opens. 2 Click on the Backup/Restore Status tab. The managed devices are listed and backup and restore status information is displayed. 3 Select a device and click Properties. The NE Backup/Restore Status form opens.
PAGE 292
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 13 — Weekly maintenance tasks 13.5 5620 SAM database audit log management As part of the 5620 SAM database security, audit log files are automatically created to track database session creation activities. The 5620 SAM does not automatically remove the files. You must monitor the directory that contains the audit log files to ensure that the files do not consume excessive disk space.
PAGE 293
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 14 — Monthly maintenance tasks 14.1 Performing main server and database redundancy switches 14-2 14.2 Checking the 5620 SAM platform performance 14-2 14.3 Checking Windows client platform performance 14-4 14.4 Checking LAN TCP/IP connections between network-management domain elements 14-6 14.5 Generating and storing a user account list 14-8 14.6 Verifying documentation and support contact list updates 14-8 14.
PAGE 294
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 14 — Monthly maintenance tasks 14.
PAGE 295
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 14 — Monthly maintenance tasks Use the mpstat command to review the activities performed by the CPU. 7 i Enter the following: # mpstat time ↵ where time is the interval, in seconds, between CPU polls; a value between 10 and 60 is recommended ii CPU all %usr 0.25 Review the command output. Code 14-1 is an example of mpstat output; Table 14-1 describes each output field.
PAGE 296
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 14 — Monthly maintenance tasks ii Review the command output. Code 14-2 is an example of iostat output; Table 14-2 describes each output field. Code 14-2: iostat output example tps Blk_read/s Blk_wrtn/s 0.01 0.04 6.63 2.94 58.78 261.
PAGE 297
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 14 — Monthly maintenance tasks Procedure 14-2 To check Windows client station performance 1 Open a command window on the client station. 2 Enter the following at the command prompt: ping station_name ↵ where station_name is the IP address or hostname, if DNS is used, of the main server to which you need to test connectivity 3 Review the ping output for round-trip delays or lost packets.
PAGE 298
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 14 — Monthly maintenance tasks The tracert command provides details about network connectivity. 10 Review the tracert data, including: • • number of hops required to reach the main server average time between hops Record the data for future base measure comparison. For example, when the number of hops between a client GUI and main server increases over time, traffic takes longer to travel between them, which can degrade performance. 11 14.
PAGE 299
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 14 — Monthly maintenance tasks LAN congestion may be a problem if packets are received out of order, are dropped, or take too long to complete the round trip. 4 Store the output for future base measure comparison. Compare the output over time to ensure that changes in the data are not caused by deteriorating LAN conditions. 5 Check the routing information. i Open a console window on the station.
PAGE 300
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 14 — Monthly maintenance tasks 14.
PAGE 301
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 14 — Monthly maintenance tasks You should also regularly check your 5620 SAM platform vendor websites for information about OS patches, updates, and other software and hardware issues. Procedure 14-5 To check for documentation and support updates Note — You need a Support Documentation Service account to view customer documentation. Contact your Alcatel-Lucent account representative for more information. 1 Log in to https://www.alcatel-lucent.
PAGE 302
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 14 — Monthly maintenance tasks 14.7 iv Click on the link to the global technical support organization that supports your organization. v Check the contact information for your regional Customer Service or Call Center.
PAGE 303
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 15.1 5620 SAM platform modification 15.2 Changing 5620 SAM passwords 15.3 Auxiliary server operation 15-2 15-11 15-20 15.4 Cflowd auxiliary server operation 15.5 Auxiliary database operation 15-21 15-22 15.6 Auxiliary database failure recovery 15-24 15.7 Backing up and restoring NE configuration files 15-25 15.8 Restoring and reinstantiating a 5620 SAM database 15.
PAGE 304
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 15.1 5620 SAM platform modification A 5620 SAM component may require reconfiguration or another type of action in response to a change in the available platform resources. Caution — To avoid a network management outage, Alcatel-Lucent strongly recommends that you contact 5620 SAM technical support before you modify the platform of a 5620 SAM component.
PAGE 305
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 3 Perform the following steps to stop the main server, if it is running: i Enter the following: bash$ cd /opt/5620sam/server/nms/bin ↵ ii Enter the following to stop the main server application: bash$ ./nmsserver.bash force_stop ↵ iii Enter the following to display the main server status: bash$ ./nmsserver.bash appserver_status ↵ The command displays a status message.
PAGE 306
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 14 Click Done. The installer closes. 15 Close the console window. Procedure 15-2 To reconfigure a 5620 SAM database after a RAM upgrade Perform this procedure after a change in the amount of RAM that is available to the 5620 SAM database. Caution — This procedure requires a restart of the 5620 SAM database, which is service-affecting.
PAGE 307
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks workstation. The database memory requirements will be adjusted to account for the additional load. Will the database co-exist with a 5620 SAM server on this workstation [Yes/No]: 7 Enter Yes or No, as required, and press ↵. Messages like the following are displayed: INFO: About to remove kernel parameters set by a previous run of this script from /etc/sysctl.
PAGE 308
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 3 Enter the following: bash$ cd /opt/5620sam/server/nms/bin ↵ 4 Enter the following to stop the auxiliary server application: bash$ ./auxnmsserver.bash auxforce_stop ↵ 5 Enter the following to display the auxiliary server status: bash$ ./auxnmsserver.bash auxappserver_status ↵ The command displays a status message.
PAGE 309
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 17 Click Done. The installer closes. 18 Close the console window. Procedure 15-4 To reconfigure a Cflowd auxiliary server Perform this procedure to update the Cflowd auxiliary server configuration after a change in the available platform resources. Caution — This procedure requires a restart of the Cflowd auxiliary server, which is service-affecting.
PAGE 310
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks DCP database is started successfully Starting 5620 SAM DCP server...... 5620 SAM DCP server is started successfully 7 Close the console window.
PAGE 311
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks iii Navigate to the /opt/5620sam/auxserver/nms/bin directory. iv Enter the following: bash$ ./auxnmsserver.bash auxforce_stop ↵ v Enter the following to display the auxiliary server status: bash$ ./auxnmsserver.bash auxappserver_status ↵ The command returns a status message.
PAGE 312
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 2 If you are performing the test on a main or auxiliary server station, enter the following to switch to the root user: bash$ su ↵ 3 Perform one of the following to run the disk performance utility. a On a main or auxiliary server station, enter the following: # unsupported/5620_SAM_IOTest/5620_SAM_IOTest.
PAGE 313
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 3 Enter the following: bash$ /opt/5620sam/instance_name/install/config/database_name/re linkOracle.sh ↵ where instance_name is the name of the 5620 SAM database instance, for example, samdb The script relinks the Oracle executable files. 4 When the script execution is complete, enter the following to reboot the database station: # init 6 ↵ The station reboots, and the 5620 SAM database initializes. 15.
PAGE 314
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 3 Enter the following: # passwd samadmin ↵ The following prompt is displayed: New Password: 4 Enter the new password and press ↵. The following prompt is displayed: Confirm New Password: 5 Enter the new password again and press ↵. The password is changed. Record the new password and store it in a secure location. 6 Close the console window. 7 Log out of the component station.
PAGE 315
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 6 Close the console window. 7 Log out of the auxiliary database station. Procedure 15-9 To change the Oracle SYS or 5620 SAM database user password in a standalone 5620 SAM system Perform this procedure to change the password of a user associated with the 5620 SAM database or Oracle functions in a standalone 5620 SAM system.
PAGE 316
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks - dip - system - exit 5 Enter a user name. The script prompts you for a password.
PAGE 317
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks Done 11 v Close the console window. vi Log out of the database station. Perform the following steps. i Navigate to the /opt/5620sam/server/nms/bin directory on the main server station. ii Enter the following to restart the main server: bash$ ./nmsserver.bash force_restart ↵ iii Enter the following to display the server status: bash$ ./nmsserver.
PAGE 318
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks Note 1 — Before you perform the procedure, you must ensure that each 5620 SAM main server, auxiliary server, and database is running and operational. Note 2 — You can use the procedure to change only one user password at a time. To change multiple user passwords, you must perform the procedure multiple times.
PAGE 319
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks - sqltxplain - appqossys - outln - dip - system - exit 7 Enter a user name. The script prompts you for a password.
PAGE 320
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks iii Enter the following to start the database proxy: # /etc/rc3.d/S965620SAMOracleProxyWrapper start ↵ Do not proceed until the command returns the following: Done 14 iv Close the console window. v Log out of the database station. Perform the following steps. i Log in to the standby main server station as the samadmin user. ii Navigate to the /opt/5620sam/server/nms/bin directory.
PAGE 321
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks -- Primary Server is UP Caution — If the command output indicates that the server is not completely started, wait five minutes and then repeat the step. Do not proceed to the next step until the server is completely started. vii On the standby main server, enter the following to start the main server: bash$ ./nmsserver.bash start ↵ The standby main server starts.
PAGE 322
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 15.3 16 Close the open console windows. 17 Log out of the primary main server station. Auxiliary server operation The following procedures describe how to operate an auxiliary server. Procedure 15-11 To start an auxiliary server 1 Choose Administration→System Information from the 5620 SAM main menu. The System Information form opens. 2 Click on the Auxiliary Servers tab.
PAGE 323
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 3 Select the auxiliary server and click Properties. The Auxiliary Server (Edit) form opens. 4 Set the Operation Mode parameter to In Maintenance Mode. 5 Click OK to commit the change and close the form. The auxiliary server stops. 6 15.4 Close the System Information form. Cflowd auxiliary server operation The following procedures describe how to operate a Cflowd auxiliary server.
PAGE 324
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks The server stops, and the following messages are displayed: Stopping 5620 SAM DCP server... 5620 SAM DCP server is stopped successfully Stopping 5620 SAM DCP database... DCP database is stopped successfully Procedure 15-15 To display the Cflowd auxiliary server status 1 Log in to the Cflowd auxiliary server station as the root user. 2 Open a console window.
PAGE 325
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks Procedure 15-16 To start an auxiliary database Perform this procedure to start the auxiliary database software on a station in an auxiliary database cluster. 1 Log in to the auxiliary database station as the root user. 2 Open a console window. 3 Enter the following to start the database proxy: # /etc/init.d/samauxdbproxy start ↵ 4 Enter the following to start the database: # /etc/init.
PAGE 326
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 15.6 Auxiliary database failure recovery Auxiliary database cluster performance may be degraded by the failure or poor performance of a cluster member. You must return a failed or failing member to full operation to prevent further cluster performance degradation.
PAGE 327
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks The main server reads the updated configuration and integrates the auxiliary database with the cluster. 15.7 9 Close the console window. 10 Open a 5620 SAM GUI client. 11 Choose Administration→Database from the 5620 SAM main menu. The Database Manager (Edit) form opens. 12 Click on the Auxiliary Database Data Centers tab.
PAGE 328
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks A compressed archive file named YYYY-MM-DD-hh-mm.tgz is created in the /opt/5620sam/nebackup/backup directory, where YYYY-MM-DD-hh-mm is the file creation time. 4 When the backup operation is complete, copy the file to a secure station that is not part of the 5620 SAM system. If you lack access to such a station, and the 5620 SAM system is redundant, copy the file to the standby main server station.
PAGE 329
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 15.8 Restoring and reinstantiating a 5620 SAM database You can restore a 5620 SAM database using a backup copy. Caution — A 5620 SAM database restore requires a shutdown of each 5620 SAM database and main server in the 5620 SAM system, which causes a network management outage.
PAGE 330
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks Procedure 15-21 To restore the database in a standalone 5620 SAM system Perform this procedure to restore a standalone 5620 SAM database using a backup copy of the database.
PAGE 331
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks ii Enter the following: # cd /etc/init.d ↵ iii Enter the following: # mv 5620SAMServerWrapper inactive.5620SAMServerWrapper ↵ 4 Perform the following steps to stop the 5620 SAM database: i Log in to the database station as the root user. ii Enter the following: # cd /etc/rc3.d ↵ iii Enter the following to stop the Oracle proxy daemon: # .
PAGE 332
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 11 Enter the following: # ./OracleSw_PreInstall.sh ↵ Note — The default values displayed by the script are shown as [default]. To accept a default value, press ↵. If you specify a value other than the default, you must record the value for use when the OracleSw_PreInstall.sh script is run during a software upgrade, or when the Oracle management user information is required by Alcatel-Lucent technical support.
PAGE 333
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks The user [username] for the group [group] already exists locally. Do you want to use the existing user? [Yes/No]: 15 Perform one of the following. a Enter Yes ↵; the following messages are displayed: Checking or Creating the Oracle user home directory /opt/5620sam/oracle12r1... Checking user username... WARNING: Oracle user with the specified name already exists locally.
PAGE 334
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 16 Perform one of the following. a If you specify a new user in step 15, the following prompt is displayed: Please assign a password to the UNIX user username .. New Password: Perform the following steps. i Type a password and press ↵. The following prompt is displayed: Re-enter new Password: ii Retype the password and press ↵.
PAGE 335
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 18 Enter the following to switch to the Oracle management user: # su - Oracle_management_user_name ↵ where Oracle_management_user_name is the name of the RHEL user with Oracle management privileges, typically oracle 19 Navigate to the directory that contains the 5620 SAM installation software. 20 Enter the following: # cd Linux ↵ 21 Enter the following: # ./DBConfig_RHEL_R_r_revision.
PAGE 336
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks viii Click Start Process. The restore process begins. Note — A 5620 SAM database restore takes considerable time, depending on the database size. 23 ix When the Installation Complete panel is displayed, open a separate console window and run the script specified in the panel. x When the script execution is complete, click Done to close the installation utility. The database begins to initialize.
PAGE 337
Release 13.
PAGE 338
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 4 Perform the following steps to stop the standby 5620 SAM database: i Log in to the standby database station as the root user. ii Enter the following: # cd /etc/rc3.d ↵ iii Enter the following to stop the Oracle proxy daemon: # ./S965620SAMOracleProxyWrapper stop ↵ iv Enter the following to stop the 5620 SAM database daemon: # .
PAGE 339
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 7 Perform the following steps to disable the primary 5620 SAM main server startup daemon: i Enter the following to switch to the root user: # su ↵ ii Enter the following: # cd /etc/init.d ↵ iii Enter the following: # mv 5620SAMServerWrapper inactive.5620SAMServerWrapper ↵ 8 Perform the following steps to stop the primary 5620 SAM database: i Log in to the primary database station as the root user.
PAGE 340
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 12 Verify that the database backup file set is in the original backup directory on the primary database station. If it is not, copy the backup file set saved in step 1 to the original backup directory. Note — The path to the backup file set must be the same as the initial path to the file set after backup creation.
PAGE 341
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks If you specify a new group, the following message is displayed: done 18 If you specify an existing group, the following prompt is displayed: WARNING: Group group already exists locally. Do you want to use the existing group? [Yes/No]: Perform one of the following. 19 a Enter Yes ↵. b Enter No ↵. Go to step 17.
PAGE 342
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks Checking user username... Adding username... Changing ownership of the directory /opt/5620sam/oracle12r1 to username:group. About to unlock the UNIX user [username] Unlocking password for user username. passwd: Success Unlocking the UNIX user [username] completed Please assign a password to the UNIX user username .. New Password: 21 Perform one of the following.
PAGE 343
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks INFO: Completed setting kernel parameters in /etc/sysctl.conf... INFO: About to change the current values of the kernel parameters INFO: Completed changing the current values of the kernel parameters INFO: About to set ulimit parameters in /etc/security/limits.conf... INFO: Completed setting ulimit parameters in /etc/security/limits.conf...
PAGE 344
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks v Click Choose and use the file browser form that opens to specify the directory that contains the backup file set. Note — You must specify the original database backup directory verified in step 12. vi Click Next. The General Database Restore Info panel is displayed. vii Configure the required parameters in each successive panel until the Database Restore panel is displayed.
PAGE 345
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks The command returns server status information. If the main server is not completely started, the first line of status information is the following: Main Server is not ready...
PAGE 346
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 35 Perform the following steps to enable the standby 5620 SAM main server startup daemon. i Log in to the standby main server station as the root user. ii Open a console window and enter the following: # cd /etc/init.d ↵ iii Enter the following: # mv inactive.5620SAMServerWrapper 5620SAMServerWrapper ↵ 36 Perform the following steps to start the standby 5620 SAM main server.
PAGE 347
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks The client GUI status bar and the System Information form display the reinstantiation status. The Standby Re-instantiation State changes from In Progress to Success when reinstantiation is complete. The Last Attempted Standby Re-instantiation Time displays the start time of the current reinstantiation. 3 Close the System Information form when the reinstantiation is complete.
PAGE 348
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 15.9 6 Close the console window when the reinstantiation is complete. 7 Open a 5620 SAM GUI client to verify that the 5620 SAM main servers and databases are functional. The component status is displayed in the status bar.
PAGE 349
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks Stop main servers 3 Perform the following steps on each main server station to stop the main server application. Note — In a redundant deployment, you must stop the standby main server first. i Enter the following to switch to the samadmin user: # su - samadmin ↵ ii Open a console window.
PAGE 350
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 7 Enter the following: bash$ path/install/config/samdb/SAMDb_exportImport.sh -e destina tion ↵ where path is the database installation location, typically /opt/5620sam/samdb destination is the absolute path of the directory that is to hold the database file set Note — To display the script usage, specify the -h option, as follows: SAMDb_exportImport.
PAGE 351
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks The following prompt is displayed: Enter the export encryption password (terminal echo is off): 14 Create and record a database export encryption password. The password is required for a subsequent database import operation. Note — The password can be of any length and use any characters. 15 Type the created password and press ↵.
PAGE 352
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 21 Perform one of the following. a Confirm the space requirement and proceed with the export. i Type y ↵ if the partition has sufficient capacity to hold the exported file set. The following prompt is displayed: Proceed with the export? [y/n/q] (y): ii Press ↵. The database export begins. The script displays information that includes the export log filename and a series of progress indicators.
PAGE 353
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks Stop main servers 1 Perform the following steps on each main server station to stop the main server application. Note — In a redundant deployment, you must stop the standby main server first. i Log in to the main server station as the samadmin user. ii Open a console window.
PAGE 354
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 4 Log in to the database station as the Oracle management user. 5 Open a console window. 6 Enter the following: bash$ path/install/config/samdb/SAMDb_exportImport.
PAGE 355
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 12 Press ↵ if you are sure that the password is entered correctly, or type n ↵ to re-enter the value. The following prompt is displayed: Enter the export encryption password (terminal echo is off): 13 Enter the database export encryption password created during the database export operation.
PAGE 356
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks file Restarting the database... Shutting down the listener Starting import: timestamp where timestamp is the start time of the import operation The script displays a series of progress indicators.
PAGE 357
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 2 Set the Client Timeout (minutes) parameter to 0, which specifies no timeout. Setting the parameter to 0 ensures that the 5620 SAM GUI client session does not close because of user inactivity while the script execution is in progress. 3 Save your changes and close the form. Configure a script bundle 4 Choose Tools→Scripts from the 5620 SAM main menu. The Scripts form opens.
PAGE 358
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 15.11 Listing customer service information Record customer service information to: • document which devices and interfaces are used to handle customer traffic • provide raw data for post-processing customer trends and customer information Procedure 15-28 To save a list of service information Perform this procedure to generate and export a list of services or service objects.
PAGE 359
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 15.
PAGE 360
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks 4 Scan the list for duplicate names. Note — By default, ports are assigned a description based on the card type when the Description parameter is not configured. 5 15.13 If you find a duplicate description, modify the description based on your naming conventions. i Select the port and click Properties. The Physical Port (Edit) form opens.
PAGE 361
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks Note — An NE shelf inherits the OLC state of the NE, and is read-only. In addition, you can specify on properties forms that the 5620 SAM reverts the OLC state to the in-service or maintenance mode after a specified time, depending on the current OLC state of the object or service. In addition, you can specify in NE discovery rules that the current OLC state reverts after the resynchronization is complete.
PAGE 362
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks You must add the OLC state property to manually created service templates, as described in Procedure 15-34. Procedure 15-30 To view the OLC state of equipment or services 1 Choose Administration→OLC from the 5620 SAM main menu. The OLC form opens. 2 Choose a service or network object from the drop-down menu and click Search. The form displays a list of objects based on the search criteria.
PAGE 363
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks The OLC state of the selected object changes in the filtered list panel. Note — You can configure the Revert OLC State parameter on the properties form for the object. The Revert OLC State parameter allows you to specify that the object automatically reverts to either the In Service mode or the Maintenance mode after a selected time, depending on the current OLC state of the object.
PAGE 364
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 15 — As required maintenance tasks Perform the following procedure to add the OLC state property to a manually created template. 15-62 1 Open the GUI builder. See the 5620 SAM Scripts and Templates Developer Guide. 2 Create a combo box component and enter olcState for the Name combo box component attribute. 3 Enter the value “maintenance” for the List combo box component attribute.
PAGE 365
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 Appendices A.
PAGE 366
Release 13.
PAGE 367
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions A.1 Predefined scope of command profiles and roles A-2 A.2 Permissions assignable to 5620 SAM scope of command roles A-4 A.
PAGE 368
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions A.1 Predefined scope of command profiles and roles This appendix describes the predefined 5620 SAM scope of command profiles and roles, and the access permissions for each predefined role. Predefined scope of command profiles and roles cannot be deleted. Table A-1 provides a summary of the command profiles, roles, and permissions information contained in this appendix.
PAGE 369
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Table A-3 Predefined scope of command roles Role Access provided Base Read-only Read-only to all objects except for the objects in the SAM Security and Mirror Service Management roles. Administrator GUI access, but no OSSI access, to all objects. Create, modify, delete, import, and export public workspaces. View private or public workspaces in the Manage Workspaces list.
PAGE 370
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Role Access provided Telnet/SSH Management Telnet or SSH access to NEs from the GUI. CPAM Management Route Analysis of ISIS Topology, OSPF Topology, MPLS Topology, IP Path monitoring, LSP Monitoring, Checkpoints, and Impact Analysis Scenarios for CPAM management. CPAM OSS PCA Route Analysis of ISIS Topology, OSPF Topology, and MPLS Topology for CPAM routing.
PAGE 371
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Table A-4 Permissions assigned to 5620 SAM scope of command roles Package.Class.Method/Property Description aaa AAA - Configurations for authentication, authorization, and accounting. aaa.RadiusProxyInterface RADIUS Proxy Interface - Access to Radius Proxy Interface configuration. aaa.RadiusProxyServer RADIUS Proxy Server - Access to Radius Proxy Server configuration. aaa.
PAGE 372
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description aosqos AoS QoS - Quality of Service for Application over Signaling (AoS QoS) Policy and conditions, AoS QoS configuration for Physical Port and Layer 2 Bridge. aosredundancy Aos-Redundancy - AOS Multichassis. aossas AOS SAS - OAM tests specific to AOS nodes. aossas.
PAGE 373
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description cac CAC - CAC configuration for Physical Links, Physical Port and other CAC related objects. calltrace.WebDAVSharedData Calltrace. Web DAVShared Data - Ability to restrict access to call traces via the WebDAV protocol. ccag CCAG - Cross-Connect Aggregation Group (CCAG) MDA card and forwarding path configuration. cflowd Cflowd - CFLOWD Objects. cflowd.
PAGE 374
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description dctr.VplsVirtualSite Virtual Site VPLS - Access to VPLS eVPN-Sites on a VPLS Service. dctr.VprnVirtualSite Virtual Site VPRN - Access to VPLS eVPN-Sites on a VPLS Service. dhcp DHCP - Dynamic Host Configuration Protocol (DHCP) Server for rtr.VirtualRouter and vprn.Site.
PAGE 375
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description ethernetoam.CfmOneWayDelayTest CFM One Way Delay Test - Access to CFM One Way Delay tests, CFM One Way Delay test definitions, and CFM One Way Delay deployed tests. ethernetoam.CfmOneWaySlm CFM One Way SLM Test - Access to CFM One Way SLM tests, CFM One Way SLM test definitions, and CFM One Way SLM deployed tests. ethernetoam.
PAGE 376
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description fm.GlobalPolicy Global Alarm Behavior - Access to configure the global alarm behavior. fm.SpecificPolicy Specific Alarm Policy - Access to configure specific alarm policies. fpipe FPipe - All contained objects are listed. Package access is not currently used. fpipe.Fpipe Fpipe Service - Access to Frame Relay Pipe (Fpipe) Service objects themselves.
PAGE 377
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description ies.AaInterface IES AA Interface - Access to IES AA Interfaces. ies.Ies IES Service - Access to Internet Enhanced Service (IES) Service objects themselves. ies.L3AccessInterface IES L3 Access Interface - Access to IES L3 Access Interfaces. ies.Site IES Site - Access to IES Sites. ies.
PAGE 378
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description ldp Routing Management: LDP - Label Distribution Protocol (LDP) configuration for Service interfaces and routers, Session, MD5 Key, Equal-Cost Multipath Routing (EMCP), Forwarding Equivalency Class (FEC), Policies, and Peers. lldp LLDP - Link Layer Discovery Protocol (LLDP) configuration on equipment.PhysicalPort.
PAGE 379
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description lte.EPSPathServiceComponent EPS Path Service Component - Configuration of EPS Path Service Component. lte.EPSPathSiteComponent EPS Path Site Component - Configuration of EPS Path Site Component. lte.FqdnGroupProfile FQDN Group Profile - Configuration of FQDN Group Profile. lte.FqdnNameEntry FQDN Name Entry - Configuration of FQDN Name Entry. lte.
PAGE 380
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description lte.SgwS5ReferencePoint SGW S5 Reference Point - Configuration of SGW S5 Reference Point. lte.SgwS8ReferencePoint SGW S8 Reference Point - Configuration of SGW S8 Reference Point. lte.SgwSignalling Serving Gateway Signalling - Configuration of Serving Gateway Signalling. lte.
PAGE 381
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description lteli LTE LI - All LTE LI configurations and status. lteli.DFPeer LTE LI Delivery Function Peer - Configuration of LTE LI Delivery Function Peer. lteli.DFPeerCardGroup LTE LI Delivery Function Peer Card Group Status - Display of LTE LI Delivery Function Peer Card Status. lteli.
PAGE 382
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description ltepolicyoptions.PolRuleUnitFlwDescription Policy Rule Unit Flow Description Entry - Configuration of Flow Description Entry. ltepolicyoptions.ServiceClassIndicator Service Class Indicator - Configuration of ServiceClassIndicator Profile. ltepolicyoptions.TrafficHashProfile Traffic Hash Profile - Configuration of Traffic Hash Profile. ltepolicyoptions.
PAGE 383
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description mmepolicy.MMEEmergencyNumListPolicy WMM Emergency Number List - Configuration of Emergency Number List. mmepolicy.MMEEmergencyNumListTblPolicy WMM Emergency Number List Table - Configuration of Emergency Number List Table. mmepolicy.MMEGTPProfile WMM GTP Profile - Configuration of GTP Profile. mmepolicy.
PAGE 384
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description mpr.Esite 9500 MPR Epipe Site - Access to the service instance objects. mpr.L2AccessInterface 9500 MPR Cpipe L2 Access Interface - Access to L2AccessInterface objects. mpr.Site 9500 MPR Cpipe Site - Access to the service instance objects. msappolicy MSAP Policy - MSAP policy configuration.
PAGE 385
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description neaudit NE Audit Management - Ability to manage NE Audits. nelicense NeLicense - Apply License on the node. netca NE Threshold Crossing Alerts - Manage NE Threshold Crossing Alert profiles. netw Network - Network objects: groups and links. netw.AdvertisedNode Advertised Node - Control of Discovered Nodes. netw.
PAGE 386
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description olc.OLCSchedulerManager.property_leadTimeForNot ification OLC Scheduler Manager - property_leadTimeForNotification - OLC preferences can only be modified by a user with an administrator role. openflow OpenFlow - OpenFlow configuration and status on a router. optical Optical Management - Optical NE Specific Information. optical.
PAGE 387
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description policy.PolicyDefinition.method_setDistributionMode ToSyncWithGlobal Policy Definition - method_setDistributionModeToSyncWithGlobal Ability set Configuration Mode to Sync with Global and synchronize local policies with the most recent released global policy. policy.
PAGE 388
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description ressubscr.ResidentialSubscriberManager.property_re sSubscrInstRtrvMax Residential Subscriber Manager - property_resSubscrInstRtrvMax Service preferences can only be modified by a user with an administrator role. ressubscr.ResidentialSubscriberManager.
PAGE 389
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description saspm SAS PM - Access to OAM Performance Monitoring Objects. sasqos 7210 and 1830 QoS - QoS Policies for 7210 and 1830 nodes. sasqos.QosPool QoS Pool - Access to QoS Pools for 7210 nodes. schedule Schedule - All scheduled tasks; Cron Actions, OSS Commands, CLI Scripts and Schedules.
PAGE 390
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description script.TemplateBinding Template Binding - Ability to configure associations between templates. script.Version Version - Ability to configure CLI script versions. script.XmlApiConfigTemplate Template - Ability to configure XML API templates. script.XmlApiConfigTemplate.method_execute Template - method_execute - Ability to create an object from a template.
PAGE 391
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description service Service Management - Parent package for all services; Composite Services and Connectors and Access Policy Queue Override Policies. service.AarpInterface AARP Interface - Access to AARP Interface configuration between AARP. service.CpePing CPE Ping - Access to CPE Ping tests, CPE Ping test definitions, and CPE Ping deployed tests. service.
PAGE 392
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description service.ServiceManager.property_propagateSiteNam eToService Service Manager - property_propagateSiteNameToService - Service preferences can only be modified by a user with an administrator role. service.ServiceManager.
PAGE 393
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description snmp.PollerManager.method_resync Mediation - method_resync - Ability to resync a Network Element. Requires 'update' access on netw.NetworkElement. sonet SONET Sync - SONET Synchronization for Shelf and Processor Cards. sonetequipment SONET Equipment - SONET Equipment configuration. spanrules Span Rules - Span Rules for service creation.
PAGE 394
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description svt.MtuPing MTU Ping - Access to MTU Ping tests, MTU Ping test definitions, and MTU Ping deployed tests. svt.SpokeSdpBinding Spoke SDP Binding - Access to Spoke SDP Binding configuration. svt.Tunnel Tunnel - Access to Tunnel (or SDP object) configuration. svt.
PAGE 395
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description udptunnel UDP Tunnel - Access to UDP Tunnel. user User Preference - SAM Client GUI preferences for Info Tables. vlan VLAN - Access to this package is for configuring TLS, MVR, Super VLAN, Customer VLAN, SAP and MSAP, Network Interfaces (Uplink Ports) and VLAN configuration for a MST Instance. vlan.
PAGE 396
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description vprn.Vprn VPRN Service - Access to Virtual Private Routed Network (VPRN) Service objects themselves. vprn.VprnPing VPRN Ping - Access to VPRN Ping tests, VPRN Ping test definitions, and VPRN Ping deployed tests. vprn.VprnTrace VPRN Trace - Access to VPRN Trace tests, VPRN Trace test definitions, and VPRN Trace deployed tests.
PAGE 397
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A.
PAGE 398
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Role Link Statistics Profile Plotter Management Table A-41 Admin Neto Launch Table A-42 Viewer Neto Launch Table A-43 Default Neto Launch Table A-44 Ageout Constraint Policy Management Table A-45 Purge Records Table A-46 (2 of 2) Table A-6 Base Read-only Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.
PAGE 399
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access genericne.GenericNeProfileManager.method_checkFileContent No access genericne.GenericNeProfileManager.method_installFile No access hpipe No access impact.FullReset No access impact.
PAGE 400
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access rca.RcaManager.method_fixProblem No access rca.RcaManager.method_preFixProblem No access resources No access rip Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.method_createTargetScripts No access script.
PAGE 401
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-7 Administrator Package.Class.Method/Property Access aaa Read/write aaa.RadiusProxyInterface Read/write aaa.RadiusProxyServer Read/write aaa.RadiusServer Read/write aapolicy Read/write aapolicy.
PAGE 402
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access aossas.CPETestHead Read/write apipe Read/write apipe.Apipe Read/write apipe.Site Read/write aps Read/write arp Read/write atm Read/write atm.AtmPing Read/write atmpolicy Read/write audit Read/write autoconfig Read/write autoconfig.AutoConfigScriptManager.method_configure Update/execute autoconfig.AutoConfigScriptManager.
PAGE 403
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.AuxiliaryDatabase.method_reinstantiationDatabase Update/execute db.AuxiliaryDatabase.method_snapshotDatabase Update/execute db.DatabaseManager.method_backup Update/execute db.DatabaseManager.method_reinstantiateStandby Update/execute db.DatabaseManager.method_snapshotAllDatabases Update/execute db.DatabaseManager.method_switchover Update/execute db.
PAGE 404
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ethernetoam.CfmOneWaySlm Read/write ethernetoam.CfmSingleEndedLossTest Read/write ethernetoam.CfmSlmSession Read/write ethernetoam.CfmTwoWayDelayTest Read/write ethernetoam.CfmTwoWaySlm Read/write ethernetoam.
PAGE 405
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access genericne.GenericNeProfileManager.method_installFile Update/execute gmpls Read/write gsmp Read/write hip.EMServer Read/write hip.EMSystem Read/write histcorr Read/write hpipe No access hpipe.Hpipe Read/write hpipe.Site Read/write icmp.DnsPing Read/write icmp.IcmpPing Read/write icmp.IcmpTrace Read/write ies Read/write ies.
PAGE 406
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lag Read/write layer2 Read/write ldp Read/write lldp Read/write lmg Read/write localuserdb Read/write log Read/write log.LogToFileManager.property_jmsRetries Read/update/execute log.LogToFileManager.property_retention Read/update/execute log.LogToFileManager.property_rollover Read/update/execute lps Read/write lte Read/write lte.
PAGE 407
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lte.IpPool Read/write lte.IpPoolBinding Read/write lte.IpPoolEntry Read/write lte.LTEEquipment.method_launchQoSAnalyzer Update/execute lte.MobileNodeRegion Read/write lte.NETCELinkState Read/write lte.PDNGateway Read/write lte.PdnApn Read/write lte.PdnGxReferencePoint Read/write lte.PdnRfReferencePoint Read/write lte.
PAGE 408
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lteggsn.GnReferencePoint Read/write lteggsn.GpReferencePoint Read/write lteggsn.GyAvpOptionProfile Read/write lteggsn.PdnGyReferencePoint Read/write lteggsn.PgwGaReferencePoint Read/write lteggsn.SgwGaReferencePoint Read/write ltegw Read/write ltegw.ApnListPolicy Read/write ltegw.ApnListPolicyGroup Read/write ltegw.
PAGE 409
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltepolicyoptions.ChargingRuleUnit Read/write ltepolicyoptions.DhcpSGPeerEntry Read/write ltepolicyoptions.DhcpServerGroupProfile Read/write ltepolicyoptions.GxAvpOptionProfile Read/write ltepolicyoptions.PolRuleUnitFlwDescription Read/write ltepolicyoptions.PolicyRule Read/write ltepolicyoptions.PolicyRuleBase Read/write ltepolicyoptions.
PAGE 410
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mld Read/write mmepolicy No access mmepolicy.MMEEmergencyNumListPolicy Read/write mmepolicy.MMEEmergencyNumListTblPolicy Read/write mmepolicy.MMEGTPProfile Read/write mmepolicy.MMESCTPProfile Read/write mmepolicy.WMMPfmJobEntry Read/write mmepolicy.WMMPfmJobMts Read/write mmepolicy.WMMPfmJobSched Read/write mmepolicy.
PAGE 411
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access multicastmgr Read/write multichassis Read/write mvpls Read/write mvpls.BL2AccessInterface Read/write mvpls.BSite Read/write mvpls.EvpnSite Read/write mvpls.IL2AccessInterface Read/write mvpls.ISite Read/write mvpls.L2AccessInterface Read/write mvpls.Mvpls Read/write mvpls.Site Read/write mvrp Read/write mwa Read/write nat Read/write nat.
PAGE 412
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access nqueue Read/write ntp Read/write ntp.NTPBroadcast Read/write ntp.NTPMulticast Read/write olc Read/write olc.OLCSchedulerManager.property_autosetMaintenanceOLCStateOnAdminDown Read/update/execute olc.OLCSchedulerManager.property_createAlarmNotification Read/update/execute olc.OLCSchedulerManager.
PAGE 413
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access policy.PolicySyncGroupManager Read/write policytestutil Read/write portscheduler Read/write ppp Read/write pppoe Read/write propertyrules Read/write ptp Read/write qgroup Read/write qosprofile Read/write radioequipment Read/write radiusaccounting Read/write ranlicense Read/write ranradiom Read/write rca Read/write rca.RcaManager.
PAGE 414
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access rules Read/write sas Read/write sas.IPSession Read/write sas.TWLBin Read/write sas.TWLSession Read/write sas.TestManager.property_sasNumberOfHours Read/update/execute sas.TestManager.property_sasRetention Read/update/execute sas.TestManager.property_sasRollover Read/update/execute sas.TwlReflector Read/write sasqos Read/write sasqos.
PAGE 415
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.Version Read/write script.XmlApiConfigTemplate Read/write script.XmlApiConfigTemplate.method_execute Update/execute script.XmlApiConfigTemplate.method_executeMulti Update/execute script.XmlApiConfigTemplate.method_executeScript Update/execute script.XmlApiConfigTemplate.method_serviceTemplateExecute Update/execute script.XmlApiConfigTemplate.
PAGE 416
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access service.Service.method_highPriorityServiceDelete Update/execute service.Service.property_svcPriority Read/update/execute service.ServiceManager.property_alarmAggregationCompositeService Read/update/execute service.ServiceManager.property_alarmAggregationSdp Read/update/execute service.ServiceManager.
PAGE 417
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access spanrules Read/write spb Read/write spb.AccessInterface Read/write spb.NetworkInterface Read/write spb.SpokeSdpBindingInterface Read/write squeue Read/write srmrmtauth Read/write srpythonmgmt Read/write srrp Read/write statistics Read/write statsplot Read/write subscr Read/write subscr.
PAGE 418
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access tca Read/write tca.TCAManager.property_maxTCAAlarmLimit Read/update/execute tca.TCAManager.
PAGE 419
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access vprn.L3AccessInterface Read/write vprn.Site Read/write vprn.SubscriberInterface Read/write vprn.Vprn Read/write vprn.VprnPing Read/write vprn.VprnTrace Read/write vrrp Read/write vs Read/write webclient Read/write wlangw Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl Update/execute wpp Read/write wpp.
PAGE 420
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femto Read/write femtoltecallpprofile Read/write femtoltelocaloverride Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.
PAGE 421
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.Topology.method_move No access oss No access policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.
PAGE 422
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.method_resync No access srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact No access user Read/write vprn.
PAGE 423
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access cli.SSH No access cli.Telnet No access db.AuxiliaryDatabase.method_reinstantiationDatabase No access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.DatabaseManager.method_reinstantiateStandby No access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.
PAGE 424
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access isa.MgGroupMember Read/write isa.MgIsaGroup Read/write l2fib Read/write lag Read/write lldp Read/write lmg Read/write lte Read/write lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.method_launchQoSAnalyzer No access lte.SubscAndEquipmentTraces Read/write lteanr Read/write lteli.DFPeer No access lteli.
PAGE 425
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli Update/execute netw.NetworkElement.method_executeMultiCli Update/execute netw.Topology Read/write netw.Topology.method_move Update/execute netw.UplinkBofConfiguration Read/write netw.UplinkRouteConfiguration Read/write ntp Read/write ntp.
PAGE 426
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.ScriptManager.method_importBundle No access script.ScriptManager.method_importBundleSimulation No access script.XmlApiConfigTemplate.method_execute No access script.XmlApiConfigTemplate.method_executeMulti No access script.XmlApiConfigTemplate.method_executeScript No access script.XmlApiConfigTemplate.method_serviceTemplateExecute No access script.
PAGE 427
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access workspace.WorkspaceManager.method_publicControl No access (6 of 6) Table A-10 Service Management Package.Class.Method/Property Access aaa Read/write aaa.RadiusProxyServer Read/write aaa.RadiusServer Read/write aclfilterli No access activation.WebDAVSharedData No access ancp Read/write antispoof Read/write apipe Read/write apipe.
PAGE 428
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.DatabaseManager.method_switchover No access db.SnapshotHistory.method_deleteSnapshot No access dctr.VirtualSpokeSdpBinding Read/write dhcp Read/write epipe Read/write epipe.Epipe Read/write epipe.PbbMacName Read/write epipe.Site Read/write equipment.Shelf.
PAGE 429
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ies.SubscriberInterface Read/write igmp Read/write igmp.Site Read/write impact.FullReset No access impact.PartialReset No access ipipe Read/write ipipe.Ipipe Read/write ipipe.L2AccessInterface Read/write ipipe.
PAGE 430
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mpr.Apipe Read/write mpr.Asite Read/write mpr.Cpipe Read/write mpr.El2AccessInterface Read/write mpr.Epipe Read/write mpr.Esite Read/write mpr.L2AccessInterface Read/write mpr.Site Read/write mvpls Read/write mvpls.BL2AccessInterface Read/write mvpls.BSite Read/write mvpls.EvpnSite Read/write mvpls.IL2AccessInterface Read/write mvpls.
PAGE 431
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access pim.Site Read/write policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly No access policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal No access rca.RcaManager.method_fixProblem No access rca.RcaManager.
PAGE 432
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access service.RedundantInterface Read/write service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate Update/execute service.TemplateService.method_constructTemplatedService No access shg Read/write snmp.PollerManager.method_resync No access spb Read/write spb.
PAGE 433
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access vpls.L2AccessInterface Read/write vpls.L2ManagementInterface Read/write vpls.Site Read/write vpls.Vpls Read/write vprn Read/write vprn.AaInterface Read/write vprn.IPMirrorInterface No access vprn.L3AccessInterface Read/write vprn.Site Read/write vprn.SubscriberInterface Read/write vprn.
PAGE 434
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access cli.SSH No access cli.Telnet No access connprof Read/write crdtctrl Read/write db.AuxiliaryDatabase.method_reinstantiationDatabase No access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.DatabaseManager.method_reinstantiateStandby No access db.DatabaseManager.
PAGE 435
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.method_intraMmeLoadBalance No access ltemme.MmeInstance.
PAGE 436
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access rca.RcaManager.method_fixProblem No access rca.RcaManager.method_preFixProblem No access resources No access ressubscr Read/write ressubscr.BgpPeeringPolicy Read/write ressubscr.HostTrackingPolicy Read/write ressubscr.IgmpPolicy Read/write ressubscr.MldPolicy Read/write ressubscr.
PAGE 437
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access sitesec Read/write slaprofile Read/write snmp.PollerManager.method_resync No access srmrmtauth No access srpythonmgmt Read/write subscr Read/write subscr.Site Read/write subscrauth Read/write subscrexpmap Read/write subscrident Read/write subscrprofile Read/write svt.MirrorSdpBinding No access sw.BackupRestoreManager.
PAGE 438
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access bulk.BulkManager.method_generateBatches No access calltrace.WebDAVSharedData No access cli No access cli.SSH No access cli.Telnet No access db.AuxiliaryDatabase.method_reinstantiationDatabase No access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.DatabaseManager.
PAGE 439
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lte.DiameterProfile Read/write lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.method_launchQoSAnalyzer No access lte.TrustedPeerListPolicy Read/write ltehomeagent.DNSRedirectServer Read/write ltehomeagent.FAHAPeerList Read/write ltehomeagent.MobileIpv4Profile Read/write lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.
PAGE 440
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access oss No access policing Read/write policy Read/write policy.PolicyDefinition.method_setConfigurationModeToReleased Update/execute policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly Update/execute policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal Update/execute policy.
PAGE 441
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.User No access security.UserGroup No access service Read/write service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access shaperqos Read/write slope Read/write snmp.
PAGE 442
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access bulk.BulkManager.method_execute No access bulk.BulkManager.method_generateBatches No access calltrace.WebDAVSharedData No access cli No access cli.SSH No access cli.Telnet No access connprof Read/write crdtctrl Read/write db.AuxiliaryDatabase.method_reinstantiationDatabase No access db.AuxiliaryDatabase.method_snapshotDatabase No access db.
PAGE 443
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access genericne.GenericNeProfileManager.method_installFile No access hpipe No access igmp Read/write impact.FullReset No access impact.PartialReset No access l2fwd Read/write lte Read/update/execute lte.DccaProfile Read/write lte.DiameterPeerListEntry Read/write lte.DiameterPeerProfile Read/write lte.ENBEquipment.method_launchNEM No access lte.
PAGE 444
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltehomeagent Read/write lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.
PAGE 445
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mmepolicy.WMMPfmJobMts Read/write mmepolicy.WMMPfmJobSched Read/write mmepolicy.WMMPfmMeasGroupName Read/write mmepolicy.WMMPfmMeasGroups Read/write mplstp Read/write mpr Read/write msappolicy Read/write multicast Read/write netca Read/write netw Read/write netw.AdvertisedNode Read/write netw.NetworkElement.
PAGE 446
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access rip Read/write rp Read/write sas Read/write schedule Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.method_createTargetScripts No access script.ScriptManager.method_configure No access script.ScriptManager.
PAGE 447
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access subscrident Read/write subscrprofile Read/write svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact No access tod Read/write todsuite Read/write user Read/write vprn.
PAGE 448
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.DatabaseManager.method_reinstantiateStandby No access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.method_switchover No access db.SnapshotHistory.method_deleteSnapshot No access dhcp Read/write equipment.Shelf.
PAGE 449
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lte.ApnFqdnIpEntry Read/write lte.ApnPolicyRuleBase Read/write lte.DiscoveryLog Read/write lte.DupRadiusAccServerGroup Read/write lte.ENBEquipment.method_launchNEM No access lte.EPSPathDiscoveredLinkComponent Read/write lte.EPSPathInterfaceComponent Read/write lte.EPSPathLinkComponent Read/write lte.EPSPathSapComponent Read/write lte.
PAGE 450
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltehomeagent.PiReferencePoint Read/write lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.
PAGE 451
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.Topology Read/write netw.Topology.method_move Update/execute netw.UplinkBofConfiguration Read/write netw.UplinkRouteConfiguration Read/write optical Read/write ospf Read/write ospf.
PAGE 452
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.XmlApiConfigTemplate.method_serviceTemplateExecute No access script.XmlApiConfigTemplate.method_tunnelTemplateExecute No access security.CpamLicense.method_clearRouterLimitExceedDueToMultiAdditions No access security.MediationPolicy No access security.RoleBasedAccess No access security.ScopeOfCommandProfile No access security.
PAGE 453
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.method_execute No access bulk.BulkManager.method_generateBatches No access calltrace.WebDAVSharedData No access cli No access cli.SSH No access cli.Telnet No access db.AuxiliaryDatabase.method_reinstantiationDatabase No access db.AuxiliaryDatabase.
PAGE 454
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.method_intraMmeLoadBalance No access ltemme.MmeInstance.
PAGE 455
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access rip Read/write rsvp Read/write rtr Read/write rules Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.method_createTargetScripts No access script.ScriptManager.method_configure No access script.ScriptManager.
PAGE 456
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access sw.BackupRestoreManager.method_restore No access sysact No access tunnelmgmt Read/write user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (5 of 5) Table A-16 SAM Management and Operations Package.Class.
PAGE 457
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access dctr.VlanRange Read/write entity Read/write equipment.Shelf.
PAGE 458
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lte.NETCELinkState Read/write lteanr Read/write lteggsn Read/write ltegw Read/write ltehomeagent Read/write lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.
PAGE 459
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.AdvertisedNode Read/write netw.NetworkElement Read/write netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.
PAGE 460
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.XmlApiConfigTemplate.method_execute No access script.XmlApiConfigTemplate.method_executeMulti No access script.XmlApiConfigTemplate.method_executeScript No access script.XmlApiConfigTemplate.method_serviceTemplateExecute No access script.XmlApiConfigTemplate.method_tunnelTemplateExecute No access security Read/update/execute security.CpamLicense.
PAGE 461
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access tca Read/write user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl Update/execute (6 of 6) Table A-17 Network Element Software Management Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.
PAGE 462
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access genericne.GenericNeProfileManager.method_checkFileContent No access genericne.GenericNeProfileManager.
PAGE 463
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli Update/execute netw.NetworkElement.method_executeMultiCli Update/execute netw.Topology.method_move No access netw.UplinkBofConfiguration Read/write netw.UplinkRouteConfiguration Read/write oss No access policy.PolicyDefinition.
PAGE 464
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.UserGroup No access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.method_resync Update/execute srmrmtauth No access svt.
PAGE 465
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.method_switchover No access db.SnapshotHistory.method_deleteSnapshot No access equipment.Shelf.
PAGE 466
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltepolicyoptions No access mirror No access mirror.Mirror No access mirror.Site No access mmepolicy No access netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.
PAGE 467
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.MediationPolicy No access security.RoleBasedAccess No access security.ScopeOfCommandProfile No access security.ScopeOfCommandRole No access security.SpanOfControlProfile No access security.User No access security.UserGroup No access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.
PAGE 468
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access bulk.BulkManager.method_execute No access bulk.BulkManager.method_generateBatches No access calltrace.WebDAVSharedData No access cli No access cli.SSH No access cli.Telnet No access db.AuxiliaryDatabase.method_reinstantiationDatabase No access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.
PAGE 469
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access genericne.GenericNeProfileManager.method_checkFileContent No access genericne.
PAGE 470
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mpls.LspTrace Read/write mpls.P2MPLspPing Read/write mpls.P2MPLspTrace Read/write multicast.MfibPing Read/write multicast.Mrinfo Read/write multicast.Mtrace Read/write netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.
PAGE 471
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.XmlApiConfigTemplate.method_executeMulti No access script.XmlApiConfigTemplate.method_executeScript No access script.XmlApiConfigTemplate.method_serviceTemplateExecute No access script.XmlApiConfigTemplate.method_tunnelTemplateExecute No access security.CpamLicense.method_clearRouterLimitExceedDueToMultiAdditions No access security.
PAGE 472
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (6 of 6) Table A-20 Script Management Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig Read/write autoconfig.AutoConfigScriptManager.method_configure Update/execute autoconfig.
PAGE 473
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access generic Read/write generic.GenericObject.method_collectData No access genericne.GenericNeProfileManager.method_checkFileContent No access genericne.GenericNeProfileManager.method_installFile No access hpipe No access impact.FullReset No access impact.PartialReset No access lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.
PAGE 474
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access resources No access rip Read/write schedule Read/write script Read/write script.AbstractScript.method_configureTarget Update/execute script.AbstractScript.method_configureTargets Update/execute script.Bundle Read/write script.ControlScript Read/write script.ControlScriptVersion Read/write script.HandlerBinding Read/write script.
PAGE 475
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.RoleBasedAccess No access security.ScopeOfCommandProfile No access security.ScopeOfCommandRole No access security.SpanOfControlProfile No access security.User No access security.UserGroup No access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.
PAGE 476
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.DatabaseManager.method_reinstantiateStandby No access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.method_switchover No access db.SnapshotHistory.method_deleteSnapshot No access equipment.Shelf.
PAGE 477
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mirror No access mirror.Mirror No access mirror.Site No access mmepolicy No access netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.
PAGE 478
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.TargetScript Read/write script.XmlApiConfigTemplate.method_execute No access script.XmlApiConfigTemplate.method_executeMulti No access script.XmlApiConfigTemplate.method_executeScript No access script.XmlApiConfigTemplate.method_serviceTemplateExecute No access script.XmlApiConfigTemplate.method_tunnelTemplateExecute No access security.CpamLicense.
PAGE 479
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.method_execute No access bulk.BulkManager.method_generateBatches No access calltrace.WebDAVSharedData No access cli No access cli.SSH No access cli.Telnet No access db.AuxiliaryDatabase.method_reinstantiationDatabase No access db.AuxiliaryDatabase.
PAGE 480
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.method_intraMmeLoadBalance No access ltemme.MmeInstance.method_lockMmeAggregateService No access ltemme.
PAGE 481
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.Script.method_createTargetScripts No access script.ScriptManager.method_configure No access script.ScriptManager.method_copyContents No access script.ScriptManager.method_exportBundle No access script.ScriptManager.method_importBundle No access script.ScriptManager.method_importBundleSimulation No access script.XmlApiConfigTemplate.
PAGE 482
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access vprn.IPMirrorInterface Read/write webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (5 of 5) Table A-23 OSS Management Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.
PAGE 483
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access generic Read/write generic.GenericObject.method_collectData No access genericne.GenericNeProfileManager.method_checkFileContent No access genericne.GenericNeProfileManager.method_installFile No access hpipe No access impact.FullReset No access impact.PartialReset No access lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.
PAGE 484
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access resources No access rip Read/write schedule Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.method_createTargetScripts No access script.ScriptManager.method_configure No access script.ScriptManager.
PAGE 485
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-24 Telnet/SSH Management Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.
PAGE 486
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access generic.GenericObject.method_collectData No access genericne.GenericNeProfileManager.method_checkFileContent No access genericne.GenericNeProfileManager.method_installFile No access hpipe No access impact.FullReset No access impact.PartialReset No access lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.
PAGE 487
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access rip Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.method_createTargetScripts No access script.ScriptManager.method_configure No access script.ScriptManager.method_copyContents No access script.ScriptManager.
PAGE 488
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-25 CPAM Management Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.
PAGE 489
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access genericne.GenericNeProfileManager.method_installFile No access hpipe No access impact.FullReset No access impact.PartialReset No access lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.method_launchQoSAnalyzer No access lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.
PAGE 490
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.method_createTargetScripts No access script.ScriptManager.method_configure No access script.ScriptManager.method_copyContents No access script.ScriptManager.method_exportBundle No access script.ScriptManager.
PAGE 491
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.method_execute No access bulk.BulkManager.method_generateBatches No access calltrace.WebDAVSharedData No access cli No access cli.
PAGE 492
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.method_intraMmeLoadBalance No access ltemme.MmeInstance.
PAGE 493
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.ScriptManager.method_importBundle No access script.ScriptManager.method_importBundleSimulation No access script.XmlApiConfigTemplate.method_execute No access script.XmlApiConfigTemplate.method_executeMulti No access script.XmlApiConfigTemplate.method_executeScript No access script.XmlApiConfigTemplate.method_serviceTemplateExecute No access script.
PAGE 494
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.method_execute No access bulk.BulkManager.method_generateBatches No access calltrace.WebDAVSharedData No access cli No access cli.SSH No access cli.Telnet No access db.
PAGE 495
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.method_intraMmeLoadBalance No access ltemme.MmeInstance.
PAGE 496
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.ScriptManager.method_importBundleSimulation No access script.XmlApiConfigTemplate.method_execute No access script.XmlApiConfigTemplate.method_executeMulti No access script.XmlApiConfigTemplate.method_executeScript No access script.XmlApiConfigTemplate.method_serviceTemplateExecute No access script.XmlApiConfigTemplate.
PAGE 497
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.method_execute No access bulk.BulkManager.method_generateBatches No access calltrace.WebDAVSharedData No access cli No access cli.SSH No access cli.Telnet No access db.
PAGE 498
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.method_intraMmeLoadBalance No access ltemme.MmeInstance.
PAGE 499
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.ScriptManager.method_importBundle No access script.ScriptManager.method_importBundleSimulation No access script.XmlApiConfigTemplate.method_execute No access script.XmlApiConfigTemplate.method_executeMulti No access script.XmlApiConfigTemplate.method_executeScript No access script.XmlApiConfigTemplate.method_serviceTemplateExecute No access script.
PAGE 500
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.method_execute No access bulk.BulkManager.method_generateBatches No access calltrace.WebDAVSharedData No access cflowd.NeCflowd Read/write cflowd.
PAGE 501
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.method_launchQoSAnalyzer No access lteli.DFPeer Read/write lteli.DFPeerCardGroup Read/write lteli.InterceptionTarget Read/write lteli.LILteCfg Read/write ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.
PAGE 502
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access rca.RcaManager.method_preFixProblem No access resources No access rip Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.method_createTargetScripts No access script.ScriptManager.method_configure No access script.
PAGE 503
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access sw.BackupRestoreManager.method_restore No access sysact Read/write user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (5 of 5) Table A-30 Template Script Management Package.Class.Method/Property Access aclfilterli No access activation.
PAGE 504
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access genericne.GenericNeProfileManager.method_checkFileContent No access genericne.GenericNeProfileManager.method_installFile No access hpipe No access impact.
PAGE 505
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal No access rca.RcaManager.method_fixProblem No access rca.RcaManager.method_preFixProblem No access resources No access rip Read/write script Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.
PAGE 506
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.method_resync No access srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.
PAGE 507
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtoltecallpprofile Read/write femtoltelocaloverride Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.
PAGE 508
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.Topology.method_move No access oss No access policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly No access policy.PolicyDefinition.
PAGE 509
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access snmp.PollerManager.method_resync No access srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact No access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.
PAGE 510
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access genericne.GenericNeProfileManager.
PAGE 511
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.Topology.method_move No access oss No access policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly No access policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal No access rca.RcaManager.method_fixProblem No access rca.RcaManager.
PAGE 512
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact No access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.
PAGE 513
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write file Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access genericne.GenericNeProfileManager.
PAGE 514
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.Topology.method_move No access oss No access policy Read/write policy.PolicyDefinition.method_setConfigurationModeToReleased Update/execute policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly Update/execute policy.PolicyDefinition.
PAGE 515
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.method_resync No access srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.
PAGE 516
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femto Read/write femtoltecallpprofile Read/write femtoltelocaloverride Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.
PAGE 517
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.Topology.method_move No access oss No access policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.
PAGE 518
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.method_resync No access spanrules Read/write srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.
PAGE 519
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.DatabaseManager.method_switchover No access db.SnapshotHistory.method_deleteSnapshot No access equipment.Shelf.
PAGE 520
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mirror No access mirror.Mirror No access mirror.Site No access mmepolicy No access netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.
PAGE 521
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.ScopeOfCommandProfile No access security.ScopeOfCommandRole No access security.SpanOfControlProfile No access security.User No access security.UserGroup No access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.
PAGE 522
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.DatabaseManager.method_reinstantiateStandby No access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.method_switchover No access db.SnapshotHistory.method_deleteSnapshot No access equipment.Shelf.
PAGE 523
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mirror No access mirror.Mirror No access mirror.Site No access mmepolicy No access netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.
PAGE 524
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.ScopeOfCommandRole No access security.SpanOfControlProfile No access security.User No access security.UserGroup No access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.
PAGE 525
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.DatabaseManager.method_reinstantiateStandby No access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.method_switchover No access db.SnapshotHistory.method_deleteSnapshot No access equipment.Shelf.
PAGE 526
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mirror.Site No access mmepolicy No access netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.NetworkElement.
PAGE 527
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.User No access security.UserGroup No access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.method_resync No access srmrmtauth No access svt.
PAGE 528
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.DatabaseManager.method_switchover No access db.SnapshotHistory.method_deleteSnapshot No access equipment.Shelf.
PAGE 529
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.Topology.
PAGE 530
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.method_resync No access srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.
PAGE 531
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access equipment.Shelf.method_rebootUpgrade No access femto Read/write femtoltecallpprofile Read/write femtoltelocaloverride Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.
PAGE 532
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lte.EPSPathSegment Read/write lte.EPSPathServiceComponent Read/write lte.EPSPathSiteComponent Read/write lte.FqdnGroupProfile Read/write lte.FqdnNameEntry Read/write lte.GtpPrimaryServerListEntry Read/write lte.GtpPrimeServerGroupProfile Read/write lte.GtpProfile Read/write lte.IpPool Read/write lte.IpPoolBinding Read/write lte.
PAGE 533
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lteggsn Read/write lteggsn.CdrAvpOptionProfile Read/write lteggsn.DccaRatingGroup Read/write lteggsn.GnReferencePoint Read/write lteggsn.GpReferencePoint Read/write lteggsn.GyAvpOptionProfile Read/write lteggsn.PdnGyReferencePoint Read/write lteggsn.PgwGaReferencePoint Read/write lteggsn.SgwGaReferencePoint Read/write ltegw Read/write ltegw.
PAGE 534
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltepmip.S2bReferencePoint Read/write ltepmip.S6bAvpOptionProfile Read/write ltepmip.S6bReferencePoint Read/write ltepolicyoptions No access ltepolicyoptions.AsoOptions Read/write ltepolicyoptions.ChargingRuleUnit Read/write ltepolicyoptions.DhcpSGPeerEntry Read/write ltepolicyoptions.DhcpServerGroupProfile Read/write ltepolicyoptions.
PAGE 535
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mmepolicy.MMEGTPProfile Read/write mmepolicy.MMESCTPProfile Read/write mmepolicy.WMMPfmJobEntry Read/write mmepolicy.WMMPfmJobMts Read/write mmepolicy.WMMPfmJobSched Read/write mmepolicy.WMMPfmMeasGroupName Read/write mmepolicy.WMMPfmMeasGroups Read/write netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch No access netw.
PAGE 536
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.CpamLicense.method_clearRouterLimitExceedDueToMultiAdditions No access security.MediationPolicy No access security.RoleBasedAccess No access security.ScopeOfCommandProfile No access security.ScopeOfCommandRole No access security.SpanOfControlProfile No access security.User No access security.UserGroup No access service.Service.
PAGE 537
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access cli.Telnet No access db.AuxiliaryDatabase.method_reinstantiationDatabase No access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.DatabaseManager.method_reinstantiateStandby No access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.method_switchover No access db.
PAGE 538
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltemme.MmeInstance.method_unlockMmeAggregateService No access ltepolicyoptions No access mirror No access mirror.Mirror No access mirror.Site No access mmepolicy No access netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.
PAGE 539
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.ScopeOfCommandProfile No access security.ScopeOfCommandRole No access security.SpanOfControlProfile No access security.User No access security.UserGroup No access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.
PAGE 540
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.DatabaseManager.method_reinstantiateStandby No access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.method_switchover No access db.SnapshotHistory.method_deleteSnapshot No access equipment.Shelf.
PAGE 541
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mirror No access mirror.Mirror No access mirror.Site No access mmepolicy No access netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.
PAGE 542
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.ScopeOfCommandRole No access security.SpanOfControlProfile No access security.User No access security.UserGroup No access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.
PAGE 543
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.DatabaseManager.method_backup No access db.DatabaseManager.method_reinstantiateStandby No access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.method_switchover No access db.SnapshotHistory.method_deleteSnapshot No access equipment.Shelf.
PAGE 544
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mirror.Mirror No access mirror.Site No access mmepolicy No access netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch Update/execute netw.NetworkElement.method_NetoAdminProfileBasedLaunch Update/execute netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.
PAGE 545
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.SpanOfControlProfile No access security.User No access security.UserGroup No access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.
PAGE 546
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.method_switchover No access db.SnapshotHistory.method_deleteSnapshot No access equipment.Shelf.
PAGE 547
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mmepolicy No access netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch Update/execute netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch Update/execute netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.
PAGE 548
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.UserGroup No access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.method_resync No access srmrmtauth No access svt.
PAGE 549
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.SnapshotHistory.method_deleteSnapshot No access equipment.Shelf.method_rebootUpgrade No access femto Read/write femtoltecallpprofile Read/write femtoltelocaloverride Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.
PAGE 550
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_GUICrossLaunch Update/execute netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.Topology.method_move No access oss No access policy.
PAGE 551
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.method_resync No access srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.
PAGE 552
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access equipment.Shelf.method_rebootUpgrade No access femto Read/write femtoltecallpprofile Read/write femtoltelocaloverride Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.
PAGE 553
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.Topology.method_move No access oss No access policy.PolicyDefinition.
PAGE 554
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.method_resync No access srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.
PAGE 555
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtoltecallpprofile Read/write femtoltelocaloverride Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.
PAGE 556
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.Topology.method_move No access oss No access policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly No access policy.PolicyDefinition.
PAGE 557
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access snmp.PollerManager.method_resync No access srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact No access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.
PAGE 558
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 A.
PAGE 559
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01 Customer documentation and product support Customer documentation Customer Documentation Welcome Page Technical Support http://support.alcatel-lucent.com Documentation feedback documentation.feedback@alcatel-lucent.