Troubleshooting guide

2 — 5620 SAM user security

2-42 Alcatel-Lucent 5620 Service Aware Manager

5620 SAM

System Administrator Guide

Code 2-3: SamJaasLogin.config file, TACACS+ parameters

TACACSLogin

{

com.timetra.nms.server.jaas.provider.tacacs.auth.TacacsP

lusJaasLoginModule REQUIRED

debug=false

samvsa=true

;

};

6 Save and close the file.

7 Perform one of the following.

a On a standalone main server, or the primary main server in a redundant

system, enter the following:

bash$ /opt/5620sam/server/nms/bin/nmsserver.bash read_config

↵

b On the standby main server in a redundant system, enter the following:

bash$ /opt/5620sam/server/nms/bin/nmsserver.bash force_resta

rt ↵

8 Close the console window.

Configure remote TACACS+ server

9 As the TACACS+ server administrator, add the user group VSA to the TACACS+ user

profile, as shown in the following:

service=sam-app{

sam-security-group="5620_SAM_user_group"

}

where 5620_SAM_user_group is the name of a valid 5620 SAM user group

Procedure 2-36 To configure 5620 SAM remote user authentication

Perform this procedure to configure general 5620 SAM remote user authentication

functions, and to specify the remote LDAP, RADIUS, or TACACS+ servers.

Assign default external user group

1 Using an account with an assigned security scope of command role, choose

Administration→Security→5620 SAM User Security from the 5620 SAM main menu.

The 5620 SAM User Security - Security Management (Edit) form opens.

Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01