S YS TE M A D M IN IS TR A TO R G UID E Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 Alcatel-Lucent 5620 SERVICE AWARE MANAGER SYSTEM ADMINISTRATOR GUIDE Alcatel-Lucent Proprietary This document contains proprietary information of Alcatel-Lucent and is not to be disclosed or used except in accordance with applicable agreements. Copyright 2014 © Alcatel-Lucent. All rights reserved.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 Alcatel-Lucent assumes no responsibility for the accuracy of the information presented, which is subject to change without notice. Alcatel, Lucent, Alcatel-Lucent, the Alcatel-Lucent logo, lightRadio, and TiMetra are registered trademarks of Alcatel-Lucent. All other trademarks are the property of their respective owners. Copyright 2014 Alcatel-Lucent. All rights reserved.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 Contents 5620 SAM System Administrator overview 1— 5620 SAM System Administrator Guide overview 1.1 1.2 1.3 1-1 5620 SAM System Administrator Guide overview................................... 1-2 5620 SAM system administrator role ................................................. 1-2 Suggested system administrator role prerequisites............................. 1-3 5620 SAM system administrator task and information map...................
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 Contents 2.8 iv 5620 SAM user security procedures.................................................. 2-16 Procedure 2-1 To reserve an admin account login ............................ 2-16 Procedure 2-2 To create a scope of command role ........................... 2-17 Procedure 2-3 To create a scope of command profile........................ 2-18 Procedure 2-4 To create a span of control .....................................
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 Contents 3— NE user and device security 3.1 3.2 3.3 3.4 3.5 3.6 3.7 3.8 3.9 4— NE user and device security overview ............................................... 3-2 RADIUS, TACACS+, and LDAP .......................................................... 3-2 Combined local and remote authentication ..................................... 3-3 CPM filters and traffic management .................................................
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 Contents Procedure 4-4 To identify differences between a global and local key chain policy or two local key chains ................................... 4-7 5620 SAM advanced configuration tasks 5— 5620 SAM component configuration 5.1 5.2 5.3 5.4 5.5 5.6 vi 5-1 5620 SAM component configuration overview ...................................... 5-2 Changing 5620 SAM default text fields and ID ranges .............................
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 Contents 5.7 6— 5620 SAM database management 6.1 6.2 6.3 7— Procedure 5-21 To enable debug configuration file reloading on an NE for mirror services..................................................... 5-29 Procedure 5-22 To configure throttle rates for subscriber trap events ...........................................................................
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 Contents 7.4 7.5 7.6 8— NE maintenance 8.1 8.2 8.3 8.4 8.5 8.6 viii Redundancy function summary ................................................... 7-10 Redundancy failure scenarios ........................................................ 7-12 Collocated system, primary station unreachable .............................. 7-13 Distributed system, primary server unreachable...............................
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 Contents Procedure 8-11 To configure an NE configuration rollback file storage location ............................................................... 8-22 Procedure 8-12 To create an NE configuration rollback rescue file ........ 8-23 Procedure 8-13 To create NE configuration rollback checkpoint files ..... 8-24 Procedure 8-14 To configure scheduled checkpoint file creation ..........
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 Contents 10 — 5620 SAM maintenance base measures 10.1 10.2 Base measures overview .............................................................. 10-2 Base measures guidelines ............................................................. 10-2 Platform base measures............................................................ 10-3 Inventory base measures...........................................................
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 Contents 14 — As required maintenance tasks 14.1 14.2 14.3 14.4 14.5 14.6 14.7 14.8 14.9 14.10 14.11 14.12 14.13 14-1 General 5620 SAM platform changes ................................................ 14-2 Adding or removing RAM .............................................................. 14-2 Procedure 14-1 To reconfigure a 5620 SAM database after a RAM upgrade ........................................................................
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 Contents Procedure 14-25 To add the OLC state to a template using the GUI builder ................................................................... 14-50 Appendices A. Scope of command roles and permissions A.1 A.2 A.3 xii A-1 Predefined scope of command profiles and roles .................................. A-2 Predefined scope of command profiles ........................................... A-2 Predefined scope of command roles ......
Release 12.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 1— 5620 SAM System Administrator Guide overview 1.1 5620 SAM System Administrator Guide overview 1.2 5620 SAM system administrator role 1-2 1-2 1.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 1 — 5620 SAM System Administrator Guide overview 1.1 5620 SAM System Administrator Guide overview The 5620 SAM System Administrator Guide describes the tasks that are typically performed by a user with an Administrator scope of command role.
Release 12.
Release 12.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 1 — 5620 SAM System Administrator Guide overview Task or information Information location Integration tasks Provides the procedures to allow the 5620 SAM to be integrated with other Alcatel-Lucent products such the 5650 CPAM and 5780 DSC, and other third-party products.
Release 12.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2— 5620 SAM user security tasks 2.1 5620 SAM user security overview 2-2 2.2 User account and group management 2.3 User activity logging 2-3 2-4 2.4 Sample span rule configuration 2-7 2.5 Sample 5620 SAM user authentication configuration 2.6 Remote authentication and authorization 2-9 2-12 2.7 Workflow to configure and manage 5620 SAM user security 2-14 2.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 2.1 5620 SAM user security overview This chapter provides information about user access and user security for various 5620 SAM functional areas. You can configure and manage the following 5620 SAM user security functions and elements: • creating and managing user groups to which 5620 SAM users are assigned.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 2.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks • The assigned user privileges determine the following for a GUI user: • the available 5620 SAM menu options • the parameters on object property forms that are configurable • By default, a user group is assigned access to all 5620 SAM objects. • A user acquires span of control access rights from the associated user group.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks The User Activity form displays a filterable list of the logged user activities, and a filterable list of the logged client and server session activities. Client session activities include connection, disconnection, and access violation. Server session activities include startup and shutdown.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks • When a high-level object such as an NE is deleted, one aggregate activity record is created, rather than multiple NE child object activity records. • The XML text in a log entry is limited to 4000 characters. If an activity generates more than 4000 characters of XML text, the text is truncated, and the truncation is indicated on the log entry form.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Table 2-3 Sample span rule configuration Task Description 1. Create a span that contains the existing customer services. • 2. Create a span of control profile for the service administrator. 3. Create a range policy for each service type that the service administrator for the customer can create. In the sample, the services are IES and VPRN. 4. Create a span rule that contains the customer span.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 2.5 Sample 5620 SAM user authentication configuration Figure 2-1 shows an example of how 5620 SAM user and user group authentication is performed. Note 1 — RADIUS and TACACS+ authentication servers support multiple users. If the 5620 SAM cannot reach the first authentication server, the 5620 SAM sequentially attempts the user authentication using the remaining authentication servers.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Figure 2-1 Sample 5620 SAM user and user group authentication Network CLI Local authentication Jane D 9:30 a.m.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Task Description 1. Configure the remote authentication order for all users Choose Administration→Security→5620 SAM RADIUS/TACACS+ User Authentication from the 5620 SAM main menu. Set the authentication order parameters to: • • • radius tacplus local Also specify the RADIUS and TACACS+ servers using the corresponding tabs on the same form. 2.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 2.6 Remote authentication and authorization The 5620 SAM uses a JAAS security framework to provide authentication and authorization services. When a user logs in to the 5620 SAM, the authentication method used depends on the 5620 SAM login module configuration.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks When a remote 5620 SAM GUI or OSS session terminates, the user account for the session does not get deleted. This allows remote authenticated users to keep details such as filters defined between sessions. One-time password use For increased security, a GUI user can provide an authentication token to a RADIUS or TACACS+ server that is validated only once. This is called one-time password use.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks • 5620 SAM users who currently authenticate remotely can log in to the 5620 SAM using their RADIUS or TACACS+ passwords. • 5620 SAM user authentication requires an account password that observes the 5620 SAM password constraints described in this chapter.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 7 Create span rules, as required, to automatically assign new services to spans other than the Default Service Span. See Procedure 2-6 for more information. 8 Manage user groups, as required. • • Create or modify user groups and assign scope of command and span of control profiles to each group, as required. See Procedure 2-7 for more information. Add workspaces to user groups.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 14 Configure or manage the following 5620 SAM security functions, as required: • • • • • 15 Create a proprietary client GUI login screen. See Procedure 2-30 for more information. Change the maximum number of concurrent 5620 SAM admin user sessions. See Procedure 2-31 for more information. Limit the number of client sessions that the 5620 SAM accepts from one or more client delegate servers.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Procedure 2-2 To create a scope of command role A scope of command role specifies the read, create, update, and delete access permissions for a 5620 SAM object type or package. You can create custom roles by assigning specific access permissions to different 5620 SAM functional areas. The functional areas are organized in packages, methods, and classes.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Procedure 2-3 To create a scope of command profile A scope of command profile contains one or more scope of command roles, and is assigned to a user group. Each user in the group acquires the permissions from the scope of command roles in the profile. 1 Using an account with an assigned security scope of command role, choose Administration→Security→5620 SAM User Security from the 5620 SAM main menu.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 4 Configure the required parameters. 5 Add one or more objects for user access: 6 i Click on the Contents tab. ii Click Add and choose an object type. The Select (object_type) form opens. iii Select one or more objects and click OK. Save your changes and close the form.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks To ensure that span conflicts do not interfere with network troubleshooting, the 5620 SAM allows a user to execute tests on NEs and service sites that are not in an Edit Access span of the user. However, activities such as policy distribution, software upgrades, and statistics collection can be performed only by a user with Edit Access spans that contain the target objects.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks See section 2.4 for a sample span rule configuration and implementation. 1 Using an account with an assigned security scope of command role, choose Administration→Span Rules from the 5620 SAM main menu. The Span Rules form opens. 2 Click Create. The Service Creation Span Rule (Create) form opens. 3 Configure the required parameters.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 9 Save your changes and close the form. 10 If an active client GUI session is affected by the user group modification, restart the GUI client. Procedure 2-8 To add workspaces to a user group 1 Choose Administration→Security→5620 SAM User Security from the 5620 SAM main menu. The 5620 SAM User Security - Security Management (Edit) form opens. 2 Click on the User Groups tab.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 5 Add mandatory workspaces to a specific user group: i Click Add. The Add Workspace form opens. ii Choose a workspace from the list and click OK. Note — All mandatory workspaces that are added to the user group by the Administrator appear in the User Preferences→Workspaces form and in the workspace selector drop-down for each user in the user group and cannot be deleted.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Procedure 2-10 To create a 5620 SAM user account Note — If you want to delete a 5620 SAM user account, schedules associated with the user account are deleted only if the schedule is not associated with a scheduled task. 1 Using an account with an assigned security scope of command role, choose Administration→Security→5620 SAM User Security from the 5620 SAM main menu.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 5 Configure the required parameters. You must change the User Name parameter and configure the User Password and Confirm Password parameters. 6 Save your changes and close the form.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Procedure 2-13 To configure the GUI inactivity timeout A 5620 SAM user with an admin scope of command role can configure a GUI inactivity check that applies to all client GUIs, or to sets of users based on the associated user groups. 1 Choose Administration→Security→5620 SAM User Security from the 5620 SAM main menu. The 5620 SAM User Security - Security Management (Edit) form opens.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Procedure 2-15 To configure authentication failure actions You can specify an authentication message or a lockout for a user account that exceeds the configured number of login authentication attempts. Only non–admin accounts can be locked out. Admin accounts always have access.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 4 Configure the Test Message parameter. 5 Save your changes and close the form. Procedure 2-18 To list inactive user accounts 1 Choose Administration→Security→5620 SAM User Security from the 5620 SAM main menu. The 5620 SAM User Security - Security Management (Edit) form opens. 2 Click on the Users tab. 3 Click Inactive User Search and perform one of the following: a Choose ≥90 Days.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Procedure 2-20 To administratively change the password of a 5620 SAM user The system administrator uses the Security Management form to maintain user accounts. The user can change their password in a separate form. If a user forgets their password, the system administrator can change the password and inform the user of the new password.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Procedure 2-22 To change the password of the current 5620 SAM user You can change a password associated with an active 5620 SAM user account. Note 1 — When a user attempts to log in with an expired password, the user account is suspended. Note 2 — When a user updates a password, the password expiry period is reset. 1 Choose Administration→Security→Change Password from the 5620 SAM main menu.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Procedure 2-24 To assign local tab preferences to users You can assign the exported local tab preferences of a single user to selected users in the 5620 SAM client. 1 Choose Administration→Security→5620 SAM User Security from the 5620 SAM main menu. The 5620 SAM User Security - Security Management (Edit) form opens. 2 Click on the Users tab. 3 Choose one or more users from the list.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 4 Enter a message in the Text Message form and click Send. 5 Close the form. Procedure 2-26 To view and manage active 5620 SAM client sessions 1 Using an account with an assigned security scope of command role, choose Administration→Security→5620 SAM User Security from the 5620 SAM main menu. The 5620 SAM User Security - Security Management (Edit) form opens. 2 Click on the Sessions tab.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks If you choose Remove Connection, the 5620 SAM server stops storing the JMS messages for the session. Note — When you remove a durable subscription, the OSS client can still attempt to connect to the 5620 SAM-O. You can prevent an OSS client from attempting to connect by suspending the OSS user account. See Procedure 2-19 for more information. 6 Close the form.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks b iii Click on the Activity tab. iv Configure the filter criteria, if required, and click Search. A list of activity entries is displayed. View the activities of a specific user: i Click on the Activity tab. ii Specify the required username as the Username filter criterion and click Search. A list of user-specific entries is displayed. 3 Select an entry in the list and click Properties.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 7 To navigate directly to the object of the activity, click View Object. The object properties form opens. Note — The View Object button is dimmed when there is no object associated with the activity, for example, a user login or logout operation. 8 View the activity information and close the form.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Procedure 2-31 To change the maximum number of concurrent 5620 SAM admin user sessions 1 Log in to the main server station as the samadmin user. 2 Navigate to the server configuration directory, typically /opt/5620sam/server/nms/config. 3 Create a backup copy of the nms-server.xml file. 4 Open the nms-server.xml file using a plain-text editor.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 3 Select a client delegate server and click Properties. The Client Delegate Server (Edit) form opens. 4 Configure the Maximum UI Sessions parameter. 5 Save your changes and close the form.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Procedure 2-34 To configure remote authentication and authorization for remote-only users Note 1 — Ensure that remote authentication is enabled. See Procedure 2-33 for information about creating RADIUS and TACACS+ authentication policies. Note 2 — See “Remote authentication and authorization” in section 2.1 for information about remote authentication and authorization for remote-only users.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks iv If RADIUS authentication is enabled, find the RADIUSLogin section of the file and change the samvsa flag to true. Code 2-1 shows an example of the file text: Code 2-1: RADIUS section of SamJaasLogin.config file RADIUSLogin { com.timetra.nms.server.jaas.provider.radius.auth.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Perform one of the following: a If RADIUS authentication is enabled: i Copy the example of the RADIUS dictionary below to the RADIUS dictionary file. Enter changes to the file based on your RADIUS configuration. ii Configure the RADIUS user profile and add a previously defined 5620 SAM user group name to the Sam-security-group-name VSA.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks Procedure 2-35 To change the 5620 SAM Task Manager default settings The Task Manager lets 5620 SAM operators monitor the progress of operational tasks. Only 5620 SAM administrators can change task monitoring parameters. Note — The Task Manager is operational with the default values. 1 Log in to the 5620 SAM main server station as the samadmin user.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks 9 iv Save and close the nms-server.xml file. v Repeat steps 6 and 7 to restart the 5620 SAM server for the changes to take effect. Close the console windows and form. See the 5620 SAM User Guide to monitor the Task Manager. Procedure 2-36 To export all workspaces and local tab preferences You can export all workspaces and local tab preferences from an existing 5620 SAM server to a specified directory.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 2 — 5620 SAM user security tasks If you choose this option, you can click on the Overwrite Existing Workspace(s) check box to allow overwriting of existing workspaces. c Import Tabs Only—to import only local tab preferences from the specified directory. 4 Click Open. A confirmation dialog box displays the number of workspaces and local tab preferences that will be imported from the specified directory. 5 Click Yes.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3— NE user and device security 3.1 NE user and device security overview 3.2 RADIUS, TACACS+, and LDAP 3-2 3.3 CPM filters and traffic management 3.4 DoS protection 3.5 DDoS protection 3.6 IP security 3-2 3-4 3-4 3-5 3-7 3.7 7705 SAR-H firewalls 3-8 3.8 Workflow to manage NE user and device security 3.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 3.1 NE user and device security overview You can use the 5620 SAM to configure security for managed-device access that includes the following: • • • • • • • device user accounts, profiles, and passwords RADIUS, TACACS+, and LDAP authentication for 5620 SAM user accounts MAFs CPM filters DoS protection DDoS protection X.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security You can create device user accounts as a backup to RADIUS, TACACS+, or LDAP authentication. In the event that a RADIUS, TACACS+, or LDAP function fails, the device user account provides device access. TACACS+ and LDAP provide functions that are similar to RADIUS. Note — The 5620 SAM checks for reachability to a TACACS+ server using UDP port 49 to prevent long timeout issues.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 3.3 CPM filters and traffic management Device CPMs provide dedicated traffic management and queuing hardware to protect the control plane. You can use CPM filters to specify which types of traffic to accept or deny, and to allocate and rate-limit the shaping queues for traffic directed to the CPMs. Note 1 — The 7705 SAR does not support Queue filters or MAC CPM IP filters.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security DoS protection limits the number of packets that are received each second, and optionally logs a violation notification if a policy limit is exceeded. You can use the NE System Security form to view the violations for a specific NE.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security Policers are used to enforce a traffic rate-limiting function. Rate limiting is configurable in packets per second or kb/s. Configurable burst tolerance allows extra full handshake attempts, as required by some protocols. When a policer determines that a packet is non-conformant, it discards the packet or marks it as low-priority.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 3.7 7705 SAR-H firewalls The 5620 SAM supports the firewall function on a Release 5.0 7705 SAR-H. Using the 5620 SAM, you can configure firewall policies, view the firewall status and display the firewall faults. The 5620 SAM supports the configuration of an individual NE instance or a policy that applies to multiple NEs. See Procedure 3-16 for more information. Note — Release 6.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 5 Create NE DoS protection policies, as required to control the amount of subscriber-based control-plane traffic that the NE interfaces receive; see Procedure 3-3. 6 View NE DoS protection violations, as required; see Procedure 3-4.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 3.9 NE user and device security procedures This section provides procedures to create and manage security on the managed devices. Procedure 3-1 To configure a MAF Perform this procedure to configure user access to an NE using a management access filter, or MAF.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security If you set the Frame Type parameter to e802dot2SNAP, configure the parameters in the Match Criteria - SNAP panel. If you set the Frame Type parameter to Ethernet II, configure the Ether Type parameter. v Save your changes and close the form. 8 Repeat step 7 to configure an additional MAC entry, if required. 9 Click Apply to save the changes. 10 Distribute the MAF to NEs, as required.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 6 To configure an IPv6 filter entry, perform the following steps. i Click on the IPv6 Entries tab. ii Click Create or choose an entry and click Properties. The CPM IPv6 Filter Entry (Create|Edit) form opens. iii Configure the required parameters. iv Click on the Filter Properties tab. v Configure the required parameters. vi Save your changes and close the form.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 13 Distribute the filter to NEs, as required. 14 Close the open forms. Procedure 3-3 To configure an NE DoS protection policy Perform this procedure to control the amount of subscriber-based control-plane traffic that NE interfaces receive.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security Procedure 3-4 To view NE DoS protection violations 1 Choose Administration→Security→NE System Security from the 5620 SAM main menu. The Select Site form opens. 2 Choose a managed device in the list and click OK. The NE System Security (Edit) form opens. 3 Click on the NE DoS Protection tab. 4 Perform one of the following to view a specific violation type.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 4 To configure a static policer, perform the following steps. i Click on the Static Policers tab. ii Click Create or choose an entry and click Properties. The Static Policer (Create|Edit) form opens. iii Configure the required parameters. iv If the Rate Type parameter is set to Kbps, configure the Rate Limit (Kb/s) and Buffer Space (Bytes) parameters in the Kbps panel.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security iv Use the Select button in the Enforcement panel to choose a policer. Note — If the Type parameter is set to Static, you must choose a static policer. If the Type parameter is set to Dynamic, you must choose a local monitoring policer. However, if the Type parameter is set to Dynamic and the Local Monitoring Bypass parameter is enabled, you cannot specify a local monitoring policer.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 4 Perform the following steps. i Click on the Entries tab. ii Click Create or choose an entry and click Properties. The Site User Profile Match Entry (Create|Edit) form opens. iii Configure the required parameters. The Match String parameter value is a CLI command prefix that defines the scope of the user profile.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 5 When an SNMPv3 user account and group exist on a managed device, you can configure the user authentication parameters. To configure the parameters, perform the following steps. Note — If MD5 or SHA authentication and DES privacy is used, ensure that the keys are on the device and associated with the SNMPv3 user group. 6 i Click on the SNMPv3 tab. ii Configure the required parameters.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 4 Specify the types and order of password authentication to be used to verify the user account password using the Authentication Order 1 through 3 parameters. Set the order from the most preferred authentication method to the least preferred. 5 Configure the password complexity rules using the parameters in the Complexity Rules panel. 6 Click Apply to save the changes.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security Procedure 3-10 To configure an NE TACACS+ authentication policy See the appropriate TACACS+ documentation for more information about configuring TACACS+ servers. 1 Choose Administration→Security→NE TACACS+ Authentication from the 5620 SAM main menu. The NE TACACS+ Authentication form opens. 2 Click Create or choose an entry and click Properties. The Site TACACS+ Policy (Create|Edit) form opens.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security Procedure 3-11 To configure an OmniSwitch RADIUS, TACACS+, or LDAP security authentication policy 1 Choose Administration→Security→NE AOS Security Authentication from the 5620 SAM main menu. The NE AOS Security Authentication form opens. 2 Click Create or choose an entry and click Properties. The Site AOS Security Policy (Create|Edit) form opens. 3 Configure the required parameters.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security vi Configure the required parameters. vii Save and close the form. 5 To configure the CPM hardware queueing for BGP or T-LDP peers, click on the CPM Per-Peer-Queuing tab. 6 To configure user profiles, click on the System User Template tab. Otherwise, go to step 19. The default System User radius_default and tacplus_default templates are listed.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 21 Click on the following child tabs, as required, to view the DoS violations. • • • • • • Per MAC Source Violations Per IP Source Violations Link Specific Port Violations Network Interface Violations SAP Violations SDP Violations 22 Click on the VPRN Network Exceptions tab to configure rate limits for VPRN network exceptions. 23 Configure the required parameters.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 6 Perform the following steps to generate local PKCS#10 certificate request on a local compact flash drive. i Choose Admin Certificate→Generate Local Certificate Request from the More Actions button menu. The Admin Certificate Generate Local Certificate Request form opens. ii Configure the required parameters. iii Click Execute. The local request is generated. iv Close the form.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 11 12 To reload a certificate or keypair file from a local compact flash drive, perform the following steps. i Choose Admin Certificate→Reload File from the More Actions button menu. The Admin Certificate Reload File form opens. ii Configure the required parameters. iii Click Execute. The file content is reloaded. iv Close the form. To clear the OCSP cache, perform the following steps.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 7 Distribute the policy to NEs, as required. 8 Close the open forms. Procedure 3-15 To perform CMPv2 actions 1 Choose Administration→Security→NE PKI Authentication→Site Public Key Infrastructure from the 5620 SAM main menu. The Select Site form opens. 2 Choose an NE in the list and click OK. The Site Security Public Key Infrastructure (Edit) form opens.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 9 Go to step 23. Certificate Request 10 Configure the required parameters in the Action panel: • • • • 11 Action Key Subject Domain Save As File New Key Configure the required parameters in the Protection Algorithm - using Certificate panel: • • Certificate Hash 12 Click Apply to perform the action. 13 Go to step 23.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security Procedure 3-16 To configure a 7705 SAR-H NE firewall Note — The NE firewall function is supported only on a Release 5.0 or later 7705 SAR-H. 1 Choose Administration→Security→NE Firewall→Default NE Firewall from the 5620 SAM main menu. The Firewall - Default (Edit) form opens. 2 Select a site and click Properties. The Firewall Site (Edit) form opens. 3 Configure the required parameters.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security c Service Group d Host Group Note 1 — Policies can be deleted in the following order: • • • Zone Rule Set Host Group or Service Group Note 2 — Host Group or Service Group policies cannot be deleted if rule sets are associated with them. Note 3 — Rule set policies cannot be deleted if they are associated with zones.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security Procedure 3-17 To configure an NE management access firewall on the 7705 SAR-H Caution — If the zone entry using the Management Access Firewall on the 7705 SAR-H is not properly configured, the essential communication channel between 5620 SAM and the NE could be terminated.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 6 Select the newly created NE Management Access Firewall policy and click Properties. 7 The Management Access Firewall form opens. The Configuration Mode parameter in the Policy Configuration panel is in the Draft state. Release the policy and distribute the policy as required. 8 i Click Switch Mode. A confirmation dialog box opens. ii Click Yes to confirm the action.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security vii Choose one of the following from the IP Operator drop-down menu and enter the range, if required: • • EQUAL RANGE viii Save and close the form. 5 Save and close the form. 6 Choose the newly created NE CPM Firewall policy and click Properties. 7 The NE CPM Firewall form opens. The Configuration Mode parameter in the Policy Configuration panel is in the Draft state.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 4 Choose a policy from the list. 5 Click Delete. 6 Click Yes. The policy is deleted. Procedure 3-20 To manually unlock a user account Use this procedure to manually unlock a user account that is locked due to too many failed login attempts. 1 From the 5620 SAM main menu, choose Administration→Security→NE User Configuration. The NE User Configuration form opens. 2 Click Search.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security 6 Choose a local definition and click Properties. The CPM Filter Local Policy form appears. 7 Click on the IPv4 Entries, IPv6 Entries, MAC Entries or Queues tab, depending on the type of statistic you need to clear. 8 Configure the filters and click Search. A list of filter entries appears.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 3 — NE user and device security Procedure 3-23 To manage OCSP cache entries on an NE 1 Choose Administration→Security→NE PKI Authentication→Site Public Key Infrastructure from the 5620 SAM main menu. The Select Site form opens. 2 Choose a managed device in the list and click OK. The Site Security Public Key Infrastructure (Edit) form opens. 3 Click on the OCSP Cache Entries tab. 4 Click Search.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 4— TCP enhanced authentication 4.1 TCP enhanced authentication overview 4-2 4.2 Workflow to configure TCP enhanced authentication for NEs 4-3 4.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 4 — TCP enhanced authentication 4.1 TCP enhanced authentication overview This chapter describes the 5620 SAM support of TCP enhanced authentication for NEs based on the MD5 encryption mechanism described in RFC2385. 5620 SAM TCP enhanced authentication allows the use of powerful algorithms for authenticating routing messages. The 5620 SAM uses a TCP extension to enhance BGP and LDP security.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 4 — TCP enhanced authentication When the 5620 SAM attempts to synchronize the keys in a global key chain with the keys on an NE, the NE does not return the secret key value. After a key chain is deployed to an NE, the shared secret and the encryption algorithm cannot be modified. You can delete a key chain or key only when it is not in use by a protocol.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 4 — TCP enhanced authentication Procedure 4-1 To configure a global TCP key chain 1 Choose Administration→Security→TCP KeyChains from the 5620 SAM main menu. The TCP KeyChains form opens. 2 Click Create or choose a key chain and click Properties. The KeyChain Create|Edit form opens. 3 Configure the required parameters. Note — Do not use a colon in the policy name. The 5620 SAM uses colons as separators for the object full name.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 4 — TCP enhanced authentication Procedure 4-2 To distribute global key chains to NEs Perform the following procedure to distribute one or more global TCP key chains to one or more NEs. When you distribute a global key chain, a local key chain using the Sync With Global distribution mode allows the NE to receive the key chain. Caution — Releasing, distributing, or deleting a TCP keychain or TCP key can be service-affecting.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 4 — TCP enhanced authentication 4 To distribute a key chain: Note — Local definitions of key chains that use the Local Edit Only distribution mode do not allow their NEs to receive the distribution of a global key chain. You must set the distribution mode of a local key chain to Sync With Global if you need the associated NE to receive the distribution of a global key chain. 5 i Select one or more key chains and click Distribute.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 4 — TCP enhanced authentication 3 Click on the Local Definitions tab. The NEs that have a local instance of the key chain are displayed in a list. 4 View the list of NEs to confirm that the key chain is distributed to the required NEs. 5 Close the forms. Procedure 4-4 To identify differences between a global and local key chain policy or two local key chains 1 Choose Administration→Security→TCP KeyChains from the 5620 SAM main menu.
Release 12.
Release 12.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5— 5620 SAM component configuration 5.1 5620 SAM component configuration overview 5-2 5.2 Changing 5620 SAM default text fields and ID ranges 5.3 Workflow to configure 5620 SAM components 5-6 5.4 Software and license configuration procedures 5-7 5.5 System components configuration procedures 5-14 5.6 Network management configuration procedures 5.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration 5.1 5620 SAM component configuration overview The 5620 SAM may require a configuration change after it is installed to meet your specific operational requirements. The procedures in this chapter change the default system-wide behavior of 5620 SAM settings or functional preferences.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration Table 5-1 lists the objects and associated parameters that can be managed using format and range policies.
Release 12.
Release 12.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration 3 4 5.4 d Change the IP address or hostname of a 5620 SAM component, for example, a server or database. See Procedure 5-11. e Enable 5620 SAM database backup file synchronization. See Procedure 5-12. f Modify the default time period of the statistics displayed by the 5620 SAM Statistics Manager search filters.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-1 To view the 5620 SAM release, license, and installed module information 1 To view only the GUI client information: Note — The 5620 SAM release information is also displayed on the form described in step 2. 2 i Choose Help→About 5620 SAM/5650 CPAM from the 5620 SAM main menu. The About the 5620 SAM/5650 CPAM Client Application form opens.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration ii View the contents of the contained file. Note — A license file does not include an object that has a licensed quantity of zero. iii Close the file. iv Close the file decompression utility. Procedure 5-2 To export 5620 SAM license information to a file 1 Choose Help→5620 SAM License Information from the 5620 SAM main menu. The 5620 SAM License (Edit) form opens.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration Importing 5620 SAM license key... Original license key file has been backed up to /opt/5620sam/server/timestamp/SAMLicense.zip Done. where timestamp is a directory name in the following format: yyyy.mm.dd-hh.mm.ss 6 Close the console window. Verify new license information 7 Perform Procedure 5-1 to verify the imported license information.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration 6 Enter the following: YES ↵ The primary main server reads the license file, copies the license file to a backup location, and displays the following status information: Importing 5620 SAM license key... Original license key file has been backed up to /opt/5620sam/server/timestamp/SAMLicense.zip Done. where timestamp is a directory name in the following format: yyyy.mm.dd-hh.mm.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration Verify new license information 14 Perform Procedure 5-1 to verify the imported license information. 15 If a license parameter is incorrect, contact Alcatel-Lucent technical support for assistance. Procedure 5-5 To list the backed-up 5620 SAM license files When you import a new 5620 SAM license, the 5620 SAM creates a backup copy of the existing license files.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-6 To change the default 5620 SAM license expiry notification date The 5620 SAM raises a daily warning alarm as the expiry date of the 5620 SAM license approaches. By default, the first alarm is raised seven days before the expiry date. Perform this procedure to change the default 5620 SAM license expiry notification date. 1 Log in to the main server station as the samadmin user.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration 4 Enter the license key to be distributed. Warning — Change is applied immediately when the OK button is clicked. 5.5 5 Click OK to distribute the license key to all nodes. 6 The Firewall - Default (Edit) form opens. 7 Click OK to close the form. System components configuration procedures The following procedures describe how to configure 5620 SAM system components.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration 4 Enter the following to enable an update notification for clients that connect to the server and to prepare the client configuration files for download. bash$ install_dir/bin/nmsdeploytool.bash deploy ↵ where install_dir is the server installation location, typically /opt/5620sam/server 5 Perform one of the following on each 5620 SAM single-user GUI client station and client delegate server station.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-9 To configure the display of multiple 5620 SAM systems as client GUI login options Perform this procedure to configure a client GUI login form to list multiple 5620 SAM systems as options in a drop-down menu. By default, one 5620 SAM system is listed. Note 1 — You cannot configure a client delegate server to display multiple server options on the client login form.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration iv Modify the nameOne (for standalone) or nameOne and nameTwo (for redundant) parameters to indicate the domain name and hostname of the server, for easier identification by operators. This name does not have to be the hostname of the server domain. In some cases, the name may be the same for the active and standby server in a redundant server domain.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration where new_file_location is the new default GUI table layout and GUI preferences location Note — The specified location can be an absolute file path or a file path relative to install_dir/nms, where install_dir is the client installation location, typically /opt/5620sam/client.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration Typically, an IP address or hostname change on a 5620 SAM component requires a series of component uninstallation and re-installation activities, depending on the scope of the change. The requirements of such an operation depend on the management network topology and other considerations, so must be co-ordinated and performed only under the guidance of Alcatel-Lucent technical support.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration 4 Perform one of the following. a On a RHEL station: i Enter the following: # cd Linux ↵ ii Enter the following: # ./ServerInstall_RHEL_R_r_revision.bin ↵ where R_r is the release identifier, in the form MAJOR_minor revision is the revision identifier, such as R1, R3, or another descriptor b On a Solaris station: i Enter the following: # cd Solarisx86 ↵ ii Enter the following: # .
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration The 5620 SAM main server puts the configuration changes into effect. The 5620 SAM automatically copies subsequent 5620 SAM database backup file sets from the primary database station to the standby database station.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-14 To modify the default time period of statistics displayed on object properties forms By default, the 5620 SAM displays the statistics records collected during the past hour on the Statistics tab on object properties forms. Perform this procedure to modify the default time period of the statistics displayed on the Statistics tab on the object properties form.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration 5 Select an object and property for which you need to apply the name format policy in the Property panel. 6 Click on the Users tab. Note — Only users and user groups that are assigned to this policy are affected by the policy. You can apply one or more format policies to a user or user group. See Chapter 2 for more information about creating users and user groups. 7 Click Add.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration Procedure 5-16 To create or configure a range policy Use this policy to specify the ID range for services, LSPs, L2 and L3 access interfaces. 1 Choose Administration→Format and Range Policies from the 5620 SAM main menu. The Format and Range Polices form opens. 2 Expand Format/Range (Property Rules) and choose Range Policy (Property Rules) from the Select Object Type drop-down menu.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration 5.6 Network management configuration procedures The following procedures describe how to configure system-wide 5620 SAM network management functions. Procedure 5-17 To configure automatic device configuration backup file removal Configure the 5620 SAM to automatically remove the configuration backup files for a device when the device is unmanaged.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration 9 Enter the following at the console prompt to restart the 5620 SAM server: bash$ ./nmsserver.bash force_restart ↵ Caution — Restarting a 5620 SAM server is service-affecting. Ensure that you perform this step only during a scheduled maintenance window. 10 The 5620 SAM main server restarts. The 5620 SAM deletes the configuration backup files of NEs that are subsequently unmanaged.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration enabled="false" defaultBWThreshold="90" linkTunnelCacheMaxSize="1000" tunnelServiceCacheMaxSize="10000" serviceBWCacheMaxSize="50000" /> 8 Change enabled="false” to enabled="true". 9 Save and close the nms-server.xml file. 10 Navigate to the server binary directory, typically /opt/5620sam/server/nms/bin. 11 Enter the following: bash$ ./nmsserver.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration 6 Add the following before the end of the SNMP section, ensuring that there is a space between the last character and the section end, which is marked by a /> tag: verifyNodeIdentity=”1" 7 Save and close the nms-server.xml file. 8 Navigate to the server binary directory, typically /opt/5620sam/server/nms/bin. 9 Enter the following: bash$ ./nmsserver.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration The main server reads the nms-server.xml file and LSP on-demand resynchronization is enabled. Procedure 5-21 To enable debug configuration file reloading on an NE for mirror services Ensure that managed NEs reload the debug configuration file after an NE restarts.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration 7 Save and close the nms-server.xml file. 8 Navigate to the server binary directory, typically /opt/5620sam/server/nms/bin. 9 Enter the following to restart the main server: bash$ ./nmsserver.bash force_restart ↵ Caution — Restarting a 5620 SAM main server is service-affecting. Ensure that you perform this step only during a scheduled maintenance window. The main server restarts.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration Configurable hold-off options prevent subscriber table resyncs for a minimum specified duration after a trap drop is received from the NE, and until a specified time window has elapsed with no additional trap drops received from the NE. Additionally, a maximum hold-off time is specified to prevent excessive periods during which the 5620 SAM is out of sync with the NE.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration 8 Navigate to the server binary directory, typically /opt/5620sam/server/nms/bin. 9 Enter the following: bash$ ./nmsserver.bash read_config ↵ The main server reads the nms-server.xml file and the window trap delayer function is enabled. Procedure 5-24 To create a default SNMPv2 OmniSwitch user on a 5620 SAM system Create a default SNMPv2 OmniSwitch user on a 5620 SAM system.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration 8 Navigate to the server binary directory, typically /opt/5620sam/server/nms/bin. 9 Enter the following: bash$ ./nmsserver.bash read_config ↵ The main server reads the nms-server.xml file and the new SNMPv2 user name is enabled. 5.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration Function or setting Additionally see To configure the system preferences of services associated with a customer such as specifying the default service priority or the automatic removal of empty services. — To perform a service size reduction associated with a customer by moving sites from one service to another.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration Function or setting Additionally see To enable a restriction in the distribution mode for certain types of local policies that will permit local editing only. Additionally, the following applies to this system preference configuration: 5620 SAM User Guide • • • • Policy types supported by this system preference include Access Ingress, Access Egress, Network QoS, ACL MAC, ACL IPv4, and ACL IPv6.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 5 — 5620 SAM component configuration Function or setting Additionally see To configure custom property labels and values on an NE, for example, the location and site name that differs from the actual NE site name. These properties cannot be configured on the NE. Additionally, the following applies to this system preference configuration: — • • • If custom property labels are not configured, the default labels are used.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6— 5620 SAM database management 6.1 5620 SAM database management overview 6-2 6.2 Workflow for 5620 SAM database management 6.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management 6.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management 5620 SAM auxiliary database cluster A 5620 SAM auxiliary database cluster is an optional component group that extends the database throughput and storage for demanding operations such as statistics data collection. This distributed database relieves the central database processing load.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management Incidental tasks 9 For a redundant 5620 SAM database deployment: • • • 6.3 perform a 5620 SAM database switchover; see Procedures 7-4, 7-5, or 7-6 enable or disable automatic database realignment on the main server; see Procedure 7-7 re-establish redundancy after a database activity switch or similar maintenance activity; see Procedures 7-8 and 7-9.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management 2 View the information. 3 Close the Database Manager (Edit) form. Procedure 6-2 To display the auxiliary database status in the GUI Perform this procedure to display information about an auxiliary database in the 5620 SAM client GUI. 1 Choose Administration–>Database from the 5620 SAM main menu. The Database Manager form opens. 2 Click on the Auxiliary Databases tab. The auxiliary databases are listed.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management iii Enter the following: # /etc/init.d/samauxdbproxy status iv 3 View the status. If the status is not Up, contact Alcatel-Lucent technical support for assistance. To display the database status of one auxiliary database, perform the following steps. i Log on to the auxiliary database station as the root user. ii Open a console window. iii Enter the following: # /etc/init.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management Note 1 — Alcatel-Lucent recommends that when you back up the 5620 SAM database, you also back up the NE configuration backup files that are stored on the file system of a main server. See section 14.8 for information. Note 2 — The 5620 SAM backs up the Oracle encryption wallet during a database backup, and restores the wallet during a database restore.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management Procedure 6-5 To perform an immediate 5620 SAM database backup using a CLI Perform this procedure to initiate an on-demand 5620 SAM database backup using a CLI. Caution 1 — Ensure that there is sufficient disk space to store the database backup file set. The backup directory must be at least five times as large as the expected database backup size.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management Depending on the database size, a backup may require several hours to complete. 4 When the backup is complete, close the console window. Procedure 6-6 To create a snapshot of one auxiliary database or an auxiliary database cluster Perform this procedure to create a snapshot of one auxiliary database or an auxiliary database cluster. A snapshot enables the recovery of data in the event of a failure.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management Procedure 6-7 To delete an auxiliary database snapshot set Perform this procedure to delete an auxiliary database snapshot set. Note — A snapshot set is one of the following: • • 6-10 one snapshot, if the snapshot is for only one database in the cluster three snapshots, if the snapshot is of each database in the cluster 1 Choose Administration→Database from the 5620 SAM main menu.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management Procedure 6-8 To schedule 5620 SAM database backups and auxiliary database snapshots Perform this procedure to configure and enable a automated, regular 5620 SAM database backup according to a schedule. You can optionally enable the creation of an auxiliary database snapshot according to the schedule. Caution 1 — Ensure that there is sufficient disk space to store the database backup file set.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management 4 Configure the Scheduled Backup Directory parameter in the Backup Setting panel. The value that you specify is the database station directory in which to save the backup file sets. Each file set is stored in a subdirectory named backupsetn, where n is a sequential number; the highest possible value is the Number to Keep parameter value.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management The following prompt is displayed: Accept value? [y/n/q] (y): 5 Perform one of the following. a Press ↵ to confirm that the supplied password is correct. The following prompt is displayed: Please select one of the following options: 1) Setting failed login attempts 2) Unlock database user 0) Exit Please enter(1,2 or 0): b 6 Press n ↵ if you have incorrectly entered the password; return to step 4.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management 7 To remove the allowed number of failed login attempts, enter 2 ↵. The following messages are displayed, and the 5620 SAM no longer locks the Oracle database user account after multiple login failures. About to change the Oracle database user settings Completed changing the Oracle database user settings 8 Close the console window.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management 6 Enter 2 ↵. The following messages are displayed, and the Oracle database user account is unlocked. About to unlock the database user username Completed unlocking the database user username where username is the Oracle database username 7 Close the console window.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management Procedure 6-12 To configure a size constraint policy Size constraint policies regulate the number of historical records that the 5620 SAM database retains before they are purged. The scheduling of tasks through the 5620 SAM can generate a large volume of archived result information if left unchecked.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management Procedure 6-13 To configure an ageout constraint policy An ageout constraint policy defines the database ageout period for a specific object type. When the age of an object reaches the ageout value, the 5620 SAM deletes the object from the database. The 5620 SAM has the following preconfigured ageout constraint policies: • • • ressubscr.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management Note — If the 5620 SAM is deployed in a redundant configuration, you must perform the following steps on each main server in the deployment. i Log in to the main server station as the samadmin user. ii Open a console window. iii Navigate to the server configuration directory, typically /opt/5620sam/server/nms/config. iv Open the AgeoutConstraint.xml file using a plain-text editor.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 6 — 5620 SAM database management Procedure 6-14 To create a database file policy to manage database log or core dump files You can create database file policies to manage the file size and number of archives for stored alert, listener, trace, audit, and core dump files. When the size and number of files are left unbounded, excessive database disk capacity is consumed.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7— 5620 SAM system redundancy 7.1 5620 SAM system redundancy overview 7.2 5620 SAM system redundancy models 7.3 Redundancy functions 7-2 7-2 7-5 7.4 Redundancy failure scenarios 7-12 7.5 Workflow to perform 5620 SAM system redundancy functions 7-16 7.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy 7.1 5620 SAM system redundancy overview 5620 SAM system redundancy is initially configured during 5620 SAM installation. You use the 5620 SAM GUI, or scripts on a 5620 SAM main server, to perform the following redundancy functions: • • • • Check the 5620 SAM redundant server and database status. Perform a manual activity switch from the primary to the standby main server.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy A 5620 SAM database uses the Oracle DataGuard function to maintain redundancy. During a redundant 5620 SAM installation or upgrade, the Oracle DataGuard synchronization level is set to real-time apply, which ensures that the primary and standby databases are synchronized. Figure 7-1 shows a collocated redundant 5620 SAM deployment.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy A main server role change is called a server activity switch. An automatic database role change is called a failover; a manual database role change is called a switchover. A typical redundant 5620 SAM deployment has a primary server and database in a geographically separate facility from the standby server and database facility.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy When an auxiliary server cannot connect to the primary main server or database, it re-initializes and continues trying to connect until it succeeds or, in the case of a database failover, until the main server directs it to the peer database.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy Server activity switches The standby server initiates an automatic server activity switch when it cannot communicate with the primary server. A 5620 SAM administrator performs a manual server activity switch, which is typically a planned server maintenance or test operation. For security reasons, you cannot use a 5620 SAM GUI or OSS client to perform a server activity switch.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy The following occur after a server activity switch: • If automatic database realignment is enabled, the new primary server performs a • • • • • • database switchover. The GUI clients communicate with the new primary server and display the current redundancy status. The OSS clients must connect to the new primary server.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy The following occurs after a successful database switchover: • The primary server connects to the new primary database. • Archive logging begins on the new primary database. • The primary server directs each auxiliary server to use the new primary database. When a database switchover fails, the primary and standby database roles do not change.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy When a database failover fails, the primary server tries again to communicate with the primary database. If the primary database remains unavailable, the primary server tries again to initiate a failover. Note — After a successful failover, database redundancy is not available. See “Re-establishing database redundancy” in this section.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy The database with which a main server tries to align itself is called the preferred database of the main server. An operator enables automatic database realignment and specifies the preferred database during 5620 SAM server installation, or during server configuration after installation.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy Table 7-2 summarizes the 5620 SAM database redundancy functions. Table 7-2 5620 SAM database redundancy functions Function Notes Database switchover No automatic database realignment occurs after a database switchover.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy 7.4 Redundancy failure scenarios The following describe the 5620 SAM actions in response to various types of redundancy failures. • Primary server loses contact with primary database • • • • • • • • 7-12 If the standby server can communicate with the primary database and the managed NEs, the primary server performs a server activity switch. No database failover occurs.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy Collocated system, primary station unreachable Figure 7-11 shows a collocated system in which the station that hosts the primary server and database is unreachable.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy The following occur when the primary station becomes unresponsive: • The standby server detects the connectivity loss and becomes the primary server. • The new primary server raises alarms about the unavailability of the former standby server and about the activity switch. • If automatic database realignment is enabled, the new primary server initiates a database switchover.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy Figure 7-14 Network failure on primary side, distributed system Connectivity loss Primary main server Standby main server Managed network Primary database Standby database 24119 The following occur after the connectivity loss is detected: • The initial primary server continues to operate as a primary server.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy b 3 7.6 iii Perform a manual activity switch on the primary server. See Procedure 7-3. iv Validate the updated redundancy status. See Procedure 7-1. For 5620 SAM databases: i Verify the redundancy status of the 5620 SAM software. See Procedure 7-1. ii As required, perform a switchover. See Procedures 7-5 and 7-6. iii As required, configure automatic database realignment. See Procedure 7-7.
Release 12.
Release 12.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy Procedure 7-3 To perform a server activity switch Perform this procedure to reverse the primary and standby roles of the main servers in a redundant 5620 SAM system. Consider the following before you perform a server activity switch. • • • • • Each client GUI receives notification of a server activity switch.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy Procedure 7-4 To configure 5620 SAM database switchover behavior Perform this procedure on a redundant 5620 SAM system to specify how database switchovers are executed.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy 3 Click Switchover and respond to the dialog box prompt. Note — The Switchover option is disabled when the correct switchover conditions are not in place, for example, when a switchover or failover is in progress. 4 Click Yes. The 5620 SAM server performs the database switchover. 5 Close the form.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy 4 Enter the following case-sensitive text at the prompt to start the switchover: YES ↵ The 5620 SAM server initiates a database switchover. Progress is indicated by a rolling display of dots in the console window. The database switchover is complete when the CLI prompt reappears. 5 Close the console window when the database switchover is complete.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy 3 Enter the following to switch to the root user: bash$ su - ↵ 4 Navigate to the directory that contains the 5620 SAM installation software. 5 Perform one of the following. a On a RHEL station: i Enter the following: # cd Linux ↵ ii Enter the following: # ./ServerInstall_RHEL_R_r_revision.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy 12 Click Next. 13 Click Next in each subsequent panel until the “Installation Complete” panel is displayed. 14 Select the “Start the 5620 SAM Main Server” parameter. 15 Click Done to close the server configuration utility. 16 Enter the following to switch back to the samadmin user: # exit ↵ 17 Verify the standby main server has started. 18 Log out of the standby main server.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 7 — 5620 SAM system redundancy 4 Click Re-Instantiate Standby, and click Yes. The database reinstantiation begins. The client GUI status bar and the System Information form display the reinstantiation status. The Standby Re-instantiation State changes from In Progress to Success when reinstantiation is complete. The Last Attempted Standby Re-instantiation Time displays the start time of the current reinstantiation.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8— NE maintenance 8.1 NE maintenance overview 8-2 8.2 Workflow to perform NE maintenance 8-9 8.3 Workflow to configure NE configuration rollback 8-10 8.4 Workflow to perform a software upgrade on a 7210 SAS, 7450 ESS, 7705 SAR, 7710 SR, 7750 MG, 7750 SR, 7950 XRS, or OmniSwitch 8-11 8.5 Workflow to perform a 9500 MPR or 9500 MPRe software upgrade 8-12 8.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 8.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Managing NE backups and restores A 5620 SAM backup policy specifies the conditions under which the 5620 SAM performs an NE configuration backup to ensure that the device configuration is not lost in the event of a failure. A default policy that is assigned to all managed NEs is in place after a 5620 SAM installation. You can create and configure multiple backup policies, and you can assign them to multiple NEs.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance During a software upgrade, the 5620 SAM verifies that the new software is compatible with the device type and that the required files are present; otherwise, the upgrade is not attempted. You can use the 5620 SAM to roll back a software upgrade to the previous release in the event of an upgrade failure.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Managing NE configuration rollbacks You can revert to a previous device configuration on a specified 7450 ESS, 7750 SR, or 7950 XRS. A configuration rollback minimizes the impact to services by avoiding a system reboot. 5620 SAM supports up to five simultaneous NE rollback revert and rescue operations.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance NE file system browsing A 5620 SAM operator can browse the file system of a managed NE to list the contents of the compact flash devices. You can browse the file system of a 7210 SAS, 7450 ESS, 7705 SAR, 7710 SR, 7750 SR, 7950 XRS, or OmniSwitch using simple FTP or a CLI session using SSH. The 5620 SAM GUI is used to browse the different types of files.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance • Configuration Save Interval—30 seconds • • • • Delay consecutive configuration save requests for an NE that are less than 30 seconds apart. Interval Repeat Limit—5 Wait up to five Configuration Save Interval periods before performing a configuration save. Retry Scheme—Retry Number Of Times Retry each deployment the number of times specified by Retry Interval.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Figure 8-1 5620 SAM backup process 7750 SR 192.168.10.51 7750 SR 192.168.10.52 7450 ESS 192.168.10.53 7450 ESS 192.168.10.54 1 2 7 4 3 6 Remote storage facility 5620 SAM server (active server in redundant system) 5620 SAM client 5 Standby 5620 SAM server 18162 Figure 8-1 illustrates the activities of the 5620 SAM backup/restore process.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 8.2 Workflow to perform NE maintenance 1 For secure backups, restores and upgrades, verify that SSH2 is correctly configured on the device and that the 5620 SAM mediation policy for the device is configured for secure FTP or SCP. 2 Commission the managed devices using the CLI; see the 5620 SAM User Guide for information.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 9 As required, schedule device software upgrades. Scheduled software upgrades are supported on the following NEs. • • • • • 8.3 8-10 7210 SAS 7450 ESS 7705 SAR 7710 SR 7750 SR • • • • 7750 MG 7950 XRS 9500 MPR 9500 MPRe i Create a 5620 SAM schedule. See Procedure 8-27 for more information. See the 5620 SAM User Guide for information about creating 5620 SAM schedules.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 3 8.4 As required, perform one or both of the following: a Create the NE configuration rollback checkpoint files manually; see Procedure 8-13. b Configure scheduled checkpoint file creation; see Procedure 8-14.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 8.5 5 Perform an on-demand software upgrade or an ISSU to transfer the software image files to each NE that you need to upgrade. See Procedure 8-21 for 7210 SAS 7450 ESS, 7705 SAR, 7710 SR, 7750 MG, 7750 SR, or 7950 XRS upgrade information. See Procedure 8-23 or Procedure 8-24 for OmniSwitch upgrade information.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 2 Download the image package to the 5620 SAM client. Extract the package and ensure that the .DSC file is present in the same folder. When you click on the import button, the image transfer is initiated; see Procedure 8-18. The 5620 SAM copies and temporarily stores the image files. When you click Upgrade Sites, the stored image files are transferred to the FTP server and retrieved by the 9500 MPR or 9500 MPRe.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 4 Click Create. The Software Upgrade Policy (Create) form opens. Note 1 — You can open an FTP or SSH file browser from this form to determine the values to use for the CFlash Image Root Path and CFlash Backup Root Path parameters. Click FTP File Browser or SSH File Browser, as required. See Procedures 8-35 and 8-36 for information about using the file browsers.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 8 Depending on the Transfer Protocol parameter value you specified, configure the FTP or SFTP parameters. 9 Configure the remaining parameters. 10 Click Apply. The Software Upgrade Policy (Create) form name changes to Software Upgrade Policy (Edit). 11 Click on the Software Upgrade Policy Assignment tab and distribute the policy to one or more NEs, as required.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 4 Configure the Policy Type parameter. Note — For the Policy Type parameter, select SR Based Node for the 7210 SAS, 7450 ESS, 7705 SAR, 7710 SR, 7750 MG, 7950 XRS, 9500 MPR, or 9500 MPRe. 5 If you set the Policy Type parameter to SR Based Node, you can perform a reboot after the configuration is restored on the device by specifying the Auto-Reboot After Successful Restore parameter.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 7 Click Apply. 8 Click on the Backup/Restore Policy Assignment tab and distribute the policy to one or more NEs, as required. 9 Close the form. Procedure 8-4 To perform an on-demand device backup, restore, or configuration save When you start an on-demand backup, you back up the device configuration based on the backup policy associated with the NE.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance • • CPM Sync and Pending Reboot Standby - the 5620 SAM is waiting for the reboot of the standby CPM Standby Reboot and Pending Redundant Switch-over - the 5620 SAM is waiting for the switchover to the standby CPM Note — During a backup, if a device is unresponsive to the 5620 SAM because SNMP on the device is disabled, the Backup State column entry for the device does not immediately display the correct value of Failed.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Procedure 8-6 To export an NE configuration backup Perform this procedure to export an NE configuration backup file from the 5620 SAM to the GUI client file system. 1 Choose Administration→NE Maintenance→Backup/Restore from the 5620 SAM main menu. The Backup/Restore form opens. 2 Click on the Backup/Restore Status tab. 3 Select the NE for which you are exporting a backup and click Properties.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Procedure 8-8 To perform a device backup on an OmniSwitch 1 On the Equipment tree, expand the OmniSwitch icon, right-click on an OmniSwitch shelf object, and choose Properties. The Shelf (Edit) form opens. 2 Click on the Software Control Module tab and set the Command to Apply parameter to Certified.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Procedure 8-9 To restore a configuration backup on an OmniSwitch Note 1 — You can import the locally available backup file for the same NE to the 5620 SAM which can be restored. Ensure the backup policy remains the same as was in place during the backup procedure. This will prevent the 5620 SAM from generating an error while importing the file. Note 2 — The restored backup configuration is stored on a working directory.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Procedure 8-10 To certify or synchronize OmniSwitch software 1 Choose Administration→NE Maintenance→OMNI Software Maintenance from the 5620 SAM main menu. The OMNI Software Maintenance form opens. 2 Perform one of the following: a Select one or more NEs from the list and click Certify. Go to step 5. b Select one or more NEs from the list and click Certify and Synchronize. Go to step 5.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 5 To configure the storage location for the NE configuration rollback checkpoint files: i In the Checkpoint File Storage panel, configure the required parameters. ii Configure the Rollback Location Type parameter. iii If you specified FTP, in the Checkpoint File Storage — Remote Location panel, configure the required parameters.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Procedure 8-13 To create NE configuration rollback checkpoint files The checkpoint file storage location must be configured before you can create NE configuration rollback checkpoint files; see Procedure 8-11. You can also automate NE configuration rollback checkpoint file creation; see Procedure 8-14. 1 Choose Administration→NE Maintenance→NE Configuration Rollback from the 5620 SAM main menu.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Procedure 8-14 To configure scheduled checkpoint file creation See the 5620 SAM User Guide for more information about scheduling. You can also create NE configuration rollback checkpoint files manually; see Procedure 8-13. 1 Choose Administration→NE Maintenance→NE Configuration Rollback from the 5620 SAM main menu. The NE Configuration Rollback form opens. 2 Choose a rollback policy and click Properties.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 4 Click on the Checkpoint Files tab. 5 Perform one of the following: a b c d To compare the NE configurations of two checkpoint files: i Choose two checkpoint files. ii Click Compare File and choose Checkpoint Vs Checkpoint. To compare the NE configurations of a checkpoint file and the active configuration: i Choose a checkpoint file. ii Click Compare File and choose Checkpoint Vs Active-Configuration.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 3 Choose a device and click Properties. The NE Rollback (Edit) form opens. 4 Perform one of the following: a b To revert to the NE configuration rollback rescue file: i Click Revert to Rescue File. A dialog box appears. ii Click OK to acknowledge the warning and perform the reversion. To revert to a NE configuration rollback checkpoint file: i Click on the Checkpoint Files tab.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Procedure 8-18 To import device software image or description files to the 5620 SAM database Perform this procedure to import a set of device software files or 9500 MPR/9500 MPRe software description files into the 5620 SAM database for use during device software upgrades. 1 Make the new device software files available to the 5620 SAM.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 5 Click Import. The Open form opens. 6 Navigate to the directory that contains the software image and click Open. Note — If the directory structure is tiered, you must navigate to the directory that contains the boot loader file. For the example in step 1, this directory is the cflash directory.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 3 Click View Dependencies to view the dependency information. 4 Click the check box to confirm the action and click Yes. The operational state of the IO card displays the soft reset status when the soft reset is in progress. Procedure 8-20 To perform a hard reboot of an IOM or XCM 8-30 1 On the Equipment tree, locate an IOM or XCM card slot object by expanding Network→NE→Shelf→Card Slot n.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Procedure 8-21 To perform an ISSU or on-demand software upgrade on a 7210 SAS, 7450 ESS, 7705 SAR, 7710 SR, 7750 MG, 7750 SR, or 7950 XRS Perform this procedure to upgrade the device software on one or more NEs. The following must be true before you attempt a device software upgrade.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Note 1 — If you downgrade a device software image, you must unmanage and delete the device before you perform the downgrade, as described in the 5620 SAM User Guide. Contact Alcatel-Lucent technical support for information about device downgrades. Note 2 — If you attempt to upgrade a 7950 XRS, Release 11.0 R3 or earlier to Release 11.0 R4 or later, the 5620 SAM raises a NodeVersionMismatch alarm.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 6 Navigate to the directory that contains the software image, select the image, and click Open. Note 1 — The directory must contain only the files required for the upgrade. Note 2 — The 7450 ESS, 7710 SR, 7750 MG, 7750 SR, and 7950 XRS use a common software image. The Product Name field displays Alcatel-SR/ESS-7XXX to indicate that the software image is common to multiple devices.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Note 1 — Some device software upgrades, for example, ISSUs, do not require a reboot. See the device documentation for more information. Note 2 — When you perform an ISSU, you can manually soft reset or hard reboot the IOMs or IMMs after the upgrade. A soft reset results in minimal downtime, but has restricted support. See Procedure 8-19 to perform a manual soft reset, or Procedure 8-20 to perform a manual hard reboot.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Procedure 8-22 To upgrade the ISA-AA MDA software Perform this procedure to upgrade only the ISA-AA MDA software on an NE, for example, when the new software includes new AA protocol signatures. Note 1 — You cannot use the procedure to upgrade between major releases; only minor-release ISA-AA upgrades within the same major release are supported.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 2 Back up the device configuration. See Procedure 8-4. 3 Choose Administration→NE Maintenance→Software Upgrade from the 5620 SAM main menu. The Software Upgrade form opens. 4 Click on the Software Images tab and click Import. The Open window appears. 5 Navigate to the directory that contains the software image, select the directory, and click Open. Note — The directory must contain only the isa-aa.tim and md5sums.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 13 If the Software Upgrade parameter in the software upgrade policy is deselected, you must activate the software image. Perform the following steps. Note — Alternatively, you can select the required ISA-AA image on the Software Images tab and click Activate Image. i Edit the following software upgrade policy settings, as described in Procedure 8-1: • • ii Select the required software image and click Upgrade Sites.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance viii Click View Dependencies. A dialog box displays the number of objects that rebooting the ISA-AA MDA may affect. ix Click OK. x When you are certain that rebooting the MDA has no unintended effects, select the check box and click Yes. The 5620 SAM reboots the ISA-AA MDA. xi After the MDA reboots, right-click on the Daughter Card Slot object and choose Turn Up. A dialog box appears. xii Click Yes.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance See Procedure 8-24 for information about performing an ISSU on an OS 6400, OS 6850E, or OS 6855. You can perform the following types of software upgrades: • • • Image file Boot files CPLD/FPGA files (OS 6250 and OS 6450, Release 6.6.3-453R01 and later only) Warning — An OmniSwitch may require a firmware upgrade before a device software upgrade.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance • The directory structure that stores the image and configuration files is divided into two parts: • The certified directory contains files that have been certified by an authorized user as the default files for the switch. • The working directory contains files that may or may not be modified from the certified directory. The working directory is a holding place for new files.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 12 Click OK. The selected NEs reboots using the new software image that was uploaded to the working directory. Caution — Rebooting an NE that is in service is service-affecting. Ensure that the reboot activity occurs during a maintenance window. Note — Alcatel-Lucent recommends monitoring the switch to ensure that the reboot completes successfully. 13 Click Certify Sites. A list of NEs opens.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 24 Click Upgrade Boot files. A list of NEs opens. The list is filtered to display only the device type that is appropriate for the selected files. 25 Choose one or more NEs in the list. 26 Click OK. The boot files are upgraded on the selected NEs. 27 Click on the Software Upgrade Status tab to view the status of the upgrade as it progresses.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 5 Ensure that one of the following is true: • • The Certify Status is Need Certify and the Synchronization Status is Not Synchronized. The Certify Status is Certified and the Synchronization Status is Synchronized. 6 Click OK to apply the changes. A dialog box appears. Click Yes. The Shelf (Edit) form closes. 7 Choose Administration→NE Maintenance→Software Upgrade from the 5620 SAM main menu.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 18 Click OK. A dialog box appears. 19 Click Yes. The software image stored in the NE working directory is copied to the certified directory. The working directory and the certified directory are synchronized so that the same files are in both directories. 20 Click on the Software Upgrade Status tab to view the status of the upgrade as it progresses. Once the sites have been successfully certified, continue to step 21.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance The following prerequisites are required before you can perform an upgrade: • • You need a new license key for each OS 6250 and OS 6450 OmniSwitch to be upgraded. Contact your Alcatel-Lucent sales representative if you need a new software license. You must copy the new license key to a text file and position the file in a folder in the node file system so the file can be imported into the 5620 SAM.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 11 Click Import. The Open form appears. 12 Locate the license key text file in the appropriate folder in the node file system and click Open. The license_key.txt file appears on the Licenses tab on the License Upgrade form. 13 Optionally, review the license key information before the installation by double-clicking on the license_key.txt file. The License Info form appears.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance You need a 5620 SAM user account with an administrator or network element software management scope of command role or a scope of command role with write access to the mediation package before you can perform a 9500 MPR/9500 MPRe software download. See chapter 2 for more information about scope of command roles. 1 Choose Administration→NE Maintenance→Software Upgrade from the 5620 SAM main menu.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Before performing this procedure, you must perform Procedure 8-18 to import the required device software image. 1 Choose Administration→NE Maintenance→Software Upgrade from the 5620 SAM main menu. The Software Upgrade form opens. 2 Select the required software upgrade policy. Note — The 5620 SAM performs the upgrade according to the configuration in the software upgrade policy that is assigned to the NE.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance iii Click Properties in the Task panel to view the 5620 SAM task information, if required. iv Save any changes and close the form. 5 Click Task Action and select the appropriate option to turn up, shut down, or execute the task, if required. 6 Click Delete to remove the scheduled task from the 5620 SAM, if required. You cannot delete a scheduled task that is operationally enabled.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 7 Verify the activation success, as described in Procedure 8-32. 8 Close the form. Procedure 8-30 To export a device software image from the 5620 SAM database to a file system 1 Choose Administration→NE Maintenance→Software Upgrade from the 5620 SAM main menu. The Software Upgrade form opens. 2 Click on the Software Images tab. 3 Select a software image in the list and click Export. A file navigator form opens.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Procedure 8-32 To view the deployment, backup/restore, or software upgrade status of an NE 1 Perform one of the following: a Choose Administration→NE Maintenance→Deployment from the 5620 SAM main menu to view deployment status. The Deployment form opens. Double-click on a deployment in the list. View the deployment status in the deployment properties form.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Procedure 8-34 To view the trap metrics information 1 Choose Tools→Statistics→Trap Metrics Information from the 5620 SAM main menu. The Trap Metrics Information form lists the NEs that generated the most traps during the last collection interval. The collection interval is indicated by the Start Collection Period and End Collection Period values at the top of the form.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance b c Use the contextual menu for an NE. i Select an NE icon in the 5620 SAM network navigation tree or topology map. ii Right-click on the NE icon and choose NE Sessions→File Browser. The FTP File Browser form opens, then displays the Enter the Username and Password form. Use the NE alarm contextual menu. i Select an NE alarm in the 5620 SAM alarm window.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Procedure 8-36 To view an NE file system using an SSH file browser Perform this procedure to browse and list the contents of a managed NE using a secure file browser. You need console and SSH user-account privileges on the NE for access to the NE file system, and an SSH server must be configured on the NE.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 3 4 5 Navigate the file system as required. Perform one of the following actions to open a directory and list the contents: a Double-click on the directory row in the list. b Select the directory row and press O. c Type the path to the directory in the Path field and click Go.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance Click on the Faults tab to view alarm information related to the failure(s). A failure error message is not generated when the alarm is cleared or the failure entry is deleted. If a deployment failure is associated with more than one 5620 SAM GUI, the Problems Encountered form and related forms appear only on the GUI from which the deployment was issued.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 8 — NE maintenance 8 Click Refresh to update the list of failed deployments. 9 Close the form.
Release 12.
Release 12.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 9— 5620 SAM routine maintenance overview 9.1 Routine maintenance overview 9.2 Routine maintenance guidelines 9.3 Obtaining technical assistance 9.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 9 — 5620 SAM routine maintenance overview 9.1 Routine maintenance overview The 5620 SAM maintenance tasks and procedures are intended for NOC operations or other engineering operational staff that are responsible for developing and implementing maintenance procedures in 5620 SAM-managed IP/MPLS networks. The 5620 SAM maintenance tasks and procedures are categorized by the frequency they are performed or on an as required basis.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 9 — 5620 SAM routine maintenance overview 9.3 Obtaining technical assistance Collect the information listed in Table 9-2 before you contact Alcatel-Lucent technical support. The list of Alcatel-Lucent support contacts is available at the following URL: http://support.alcatel-lucent.com.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 9 — 5620 SAM routine maintenance overview 9.4 Routine maintenance checklist Table 9-3 is a checklist of the recommended 5620 SAM routine maintenance tasks. Table 9-3 Recommended 5620 SAM preventive maintenance tasks ✓ Maintenance task Purpose See section Managing alarms • • 11.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 9 — 5620 SAM routine maintenance overview ✓ Maintenance task Purpose See section General 5620 SAM platform changes You must uninstall and reinstall the 5620 SAM software after you make a change to a physical 5620 SAM server, database platform. 14.1 Adding or removing RAM When the amount of RAM on a 5620 SAM database station changes, you must reconfigure the Oracle System Global Area, or SGA. 14.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 10 — 5620 SAM maintenance base measures 10.1 Base measures overview 10.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 10 — 5620 SAM maintenance base measures 10.1 Base measures overview Maintenance base measures can be used by NOC operations or engineering staff that are responsible for maintenance issues to evaluate the activity and performance of network components, for example, client GUI response times when listing equipment. The data from a series of base measures can be used, over time, to track performance trends.
Release 12.
Release 12.
Release 12.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 10 — 5620 SAM maintenance base measures Performance base measures For networks, commonly available tools such as ping, which measures round trip time using ICMP, can be used to determine quantities such as packet loss and round trip delay. See the ping command information in this guide, and the 5620 SAM Troubleshooting Guide, for more information about performing the commands.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 10 — 5620 SAM maintenance base measures Service outage duration The duration of an outage is defined as the difference between the time a service becomes unavailable and the time it is restored. Time between outages is defined as the difference between the start times of two consecutive outages.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 11 — Daily maintenance tasks 11.1 Managing alarms 11-2 11.2 Verifying the synchronization of managed NE and 5620 SAM database information 11-4 11.3 Backing up the 5620 SAM database 11-5 11.4 Collecting and storing 5620 SAM log and configuration files 11-6 11.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 11 — Daily maintenance tasks 11.1 Managing alarms In large 5620 SAM-managed networks where 5620 SAM applications are constantly interacting with a busy network in a non-stop management environment, many alarms are raised on the 5620 SAM.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 11 — Daily maintenance tasks iv Click OK. v Confirm the action. The Ack column in the alarm row indicates that the alarm is acknowledged. vi Right-click on the alarm entry row. The contextual alarm menu appears. vii Choose Delete Alarm(s) from the contextual menu to delete the alarm. Caution — You cannot recover a deleted alarm unless you store alarms in the alarm history log.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 11 — Daily maintenance tasks The deleted alarms are logged to the alarm history logs. To view logged alarm history records: i Choose Tools→Historical Alarms from the 5620 SAM main menu. The Alarm History filter form opens. ii If required, configure the filter criteria to limit the range of historical alarms displayed. iii Click Search. The historical alarms appear based on the filtering criteria.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 11 — Daily maintenance tasks iii If deployments are listed, view the state of a deployment in the State column. The possible deployment states include: • • • • • • • • • iv 2 11.3 Cancelled Deployed Failed (Configuration). Failure occurred because the configuration could not be applied to the specified objects. Failed (Internal Error). Failure occurred due to general error conditions. The state is intended for all other possible errors.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 11 — Daily maintenance tasks 11.4 Collecting and storing 5620 SAM log and configuration files When a 5620 SAM system runs for long periods with significant activity, the number of generated log files can consume a large amount of disk space. You must ensure that the contents of the 5620 SAM log directories are backed up on a regular basis to maintain a system activity record and to save disk space.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 11 — Daily maintenance tasks # is a sequence number; the sequence begins at 0 timestamp is the time of closure, in the following format: YYYY-MM-DD_hh-mm-ss 3 11.5 iv Collect the nms-auxserver.xml file, which contains server configuration settings, from the installation_directory/nms/config directory on each auxiliary server. v Collect the installation_directory/nms/config/nms-client.xml file from each client station.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 12 — Weekly maintenance tasks 12.1 Verifying performance statistics collection 12-2 12.2 Gathering inventory data for device base performance checks 12-3 12.3 Testing 5620 SAM database restores 12-5 12.4 Checking scheduled device backups 12-7 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 12 — Weekly maintenance tasks 12.1 Verifying performance statistics collection Use the performance monitoring statistic log records to determine whether performance statistics are collected within the scheduled interval using the client GUI. Procedure 12-1 To check for performance monitoring statistics collection 1 Choose Tools→Statistics→Statistics Manager from the 5620 SAM main menu. The Statistics Manager form opens.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 12 — Weekly maintenance tasks 7 If there are gaps in the historical record, check the mediation policy to ensure that: • • polling is enabled and administratively up the polling interval for a specific MIB or MIB entry is sufficient for collecting the required statistics Note — Each row that represents a log record shows the Suspect column.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 12 — Weekly maintenance tasks 3 Choose an NE from the list and click Properties. The Network Element (Edit) form opens. 4 Click on the Inventory tab and choose Port (Physical Equipment). The list form displays the results of the inventory search for the selected device. 5 Generate a list based on the inventory collection or comparison that you plan to make.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 12 — Weekly maintenance tasks 12.3 Testing 5620 SAM database restores When you create daily 5620 SAM database backups, the 5620 SAM backups should be tested to ensure that they can be used to restore the 5620 SAM database in the case of a catastrophic failure. Caution — Do not perform the database restore test in the NMS domain. Ensure that there is no IP connectivity to any live network devices.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 12 — Weekly maintenance tasks 9 Perform one of the following. a On a RHEL station: i Enter the following: # cd Linux ↵ ii Enter the following: # ./DBConfig_RHEL_R_r_revision.bin ↵ where R_r is the release identifier, in the form MAJOR_minor revision is the revision identifier, such as R1, R3, or another descriptor b On a Solaris station: i Enter the following: # cd Solarisx86 ↵ ii Enter the following: # .
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 12 — Weekly maintenance tasks 12.4 Checking scheduled device backups When the 5620 SAM performs a device configuration backup, the 5620 SAM FTPs the following files from the NE: • bof.cfg • primary-config file specified in bof.cfg • index file, which is the primary-config file with an .
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 12 — Weekly maintenance tasks 11 12.5 Ensure that the policy is assigned to the device. i Click on the Backup/Restore Policy Assignment tab. The Backup Policy Filter form opens. ii Configure the policy filter criteria and click OK. The Backup Policy - Filter form closes. iii Move the device to the Assigned Sites list if it is not there by selecting the site from the Unassigned Sites list and clicking on the right-arrow.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 13 — Monthly maintenance tasks 13.1 Performing main server and database redundancy switches 13-2 13.2 Checking the 5620 SAM platform performance 13-2 13.3 Checking Windows client platform performance 13-7 13.4 Checking LAN TCP/IP connections between network-management domain elements 13-8 13.5 Generating and storing a user account list 13-11 13.6 Verifying documentation and support contact list updates 13-11 13.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 13 — Monthly maintenance tasks 13.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 13 — Monthly maintenance tasks The top 5620 SAM process listed under the CPU column should be the Java process. However, the Java process should not consume the majority of CPU cycles compared to previous base measures. Some database processes may also take CPU time, depending on the system load. iii Record the data for future base measure comparison of station performance. iv Press CTRL-C to stop the command.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 13 — Monthly maintenance tasks Look for differences in the output of the data for similar loads on each station. Such differences indicate performance degradation. iv Press CTRL-C to stop the command. Use the mpstat command to review the activities performed by the CPU.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 13 — Monthly maintenance tasks Look for differences in the output of the data for similar loads on each station. Such differences indicate performance degradation. iv Press CTRL-C to stop the command. 6 If the station OS is Solaris, go to step 8. 7 Use the iostat command to collect disk read and write data for determining whether there is a disk bottleneck.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 13 — Monthly maintenance tasks device sd1 sd3 r/s 0.1 0.1 Code 13-4: Solaris iostat output example extended device statistics w/s Kr/s Kw/s wait actv svc_t %w 0.2 0.9 3.3 0.0 0.0 34.3 0 0.5 1.1 3.7 0.0 0.0 73.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 13 — Monthly maintenance tasks 13.3 Checking Windows client platform performance You can compare Windows client station performance monthly to: • collect base measure information related to platform performance • ensure that there is no degradation in performance Procedure 13-2 To check Windows client station performance 1 Open a command window on the client station.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 13 — Monthly maintenance tasks 8 Open an MS-DOS command window. 9 Type: tracert station_name ↵ where station_name is the IP address or hostname of the main server to which you need to test connectivity The tracert command provides details about network connectivity. 10 Review the tracert data, including: • • number of hops required to reach the main server average time between hops Record the data for future base measure comparison.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 13 — Monthly maintenance tasks 64 bytes from station_name (station_IP_address): icmp_seq=0, time=1. ms 64 bytes from station_name (station_IP_address): icmp_seq=1, time=0. ms 64 bytes from station_name (station_IP_address): icmp_seq=2, time=0.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 13 — Monthly maintenance tasks The following information is displayed: • • • • 8 13-10 network destination and gateway IP addresses gateway used to reach the network destination IP address of the interface on which communication occurs metric value of the route Store the output as a record for future base measure comparison. Compare routes over time to ensure that there is optimal connectivity.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 13 — Monthly maintenance tasks 13.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 13 — Monthly maintenance tasks You should also regularly check your 5620 SAM platform vendor websites for information about OS patches, updates, and other software and hardware issues. Procedure 13-5 To check for documentation and support updates Note — You need a Support Documentation Service account to view customer documentation. Contact your Alcatel-Lucent account representative for more information. 1 Log in to https://www.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 13 — Monthly maintenance tasks 13.7 iv Click on the link to the global technical support organization that supports your organization. v Check the contact information for your regional Customer Service or Call Center.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 14.1 General 5620 SAM platform changes 14.2 Adding or removing RAM 14.3 Adding LVM disk space 14-2 14-2 14-7 14.4 Relinking the Oracle executable files 14-9 14.5 Changing 5620 SAM database and Oracle user passwords 14-10 14.6 Starting and stopping a 5620 SAM auxiliary server 14.7 Starting and stopping an auxiliary database 14-17 14-18 14.8 Backing up and restoring NE configuration files 14-19 14.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 14.1 General 5620 SAM platform changes After you make a change to the 5620 SAM main server, auxiliary server, or database platform, such as increasing or decreasing the amount of RAM, adding or removing a CPU, or installing another NIC type, you must uninstall and reinstall the 5620 SAM software.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 3 Enter the following to run the Oracle SGA reconfiguration script: # /opt/5620sam/db_name/install/config/db_name/SGA_reconfig.sh ↵ where db_name is the name of the 5620 SAM database, typically samdb 4 When the script execution is complete, enter the following to reboot the database station: # init 6 ↵ The database station reboots.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 4 Enter the following to switch to the root user: bash$ su - 5 Navigate to the directory that contains the 5620 SAM installation software and perform one of the following: a Perform the following steps to open the 5620 SAM server installer on a RHEL station: i Enter the following: # cd Linux ↵ ii Enter the following: # ./ServerInstall_RHEL_R_r_revision.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks Procedure 14-3 To reconfigure a 5620 SAM auxiliary server after a RAM upgrade Perform this procedure to adjust the auxiliary server configuration after a RAM upgrade on the auxiliary server station. Note — You require root and samadmin user privileges on the auxiliary server station to perform this procedure. 1 Log in as the samadmin user on the auxiliary server station. 2 Open a console window.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 5 Navigate to the directory that contains the 5620 SAM installation software and perform one of the following: a Perform the following steps to open the 5620 SAM server installer on a RHEL station: i Enter the following: # cd Linux ↵ ii Enter the following: # ./ServerInstall_RHEL_R_r_revision.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 14.3 Adding LVM disk space A 5620 SAM system occasionally requires additional disk space to accommodate system or network growth. Before you add disk capacity to a component that uses the RHEL LVM function, you must ensure that the disk throughput and latency values of the new volume are within 10% of the values for the current volume.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks iv Enter the following to display the auxiliary server status: bash$ ./auxnmsserver.bash appserver_status ↵ The command returns a status message. v The auxiliary server is stopped when the command returns the following status message: Auxiliary Server is stopped If the command returns a different message, repeat step iv. Do not proceed to the next step until the server is stopped.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks b Perform the following steps to run the disk performance benchmark utility on a 5620 SAM auxiliary server station: bash$ /opt/5620sam/auxserver/nms/bin/unsupported/5620_SAM_IO Test/5620_SAM_IOTest.pl -d target c Perform the following steps to run the disk performance benchmark utility on a 5620 SAM database station: # /opt/5620sam/samdb/install/tools/unsupported/5620_SAM_IOTe st/5620_SAM_IOTest.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks The script relinks the Oracle executable files. 3 14.5 When the script execution is complete, reboot the 5620 SAM database station. Changing 5620 SAM database and Oracle user passwords For greater security, Alcatel-Lucent recommends that you regularly change the 5620 SAM database user and Oracle SYS user passwords. You can optionally change other Oracle-user accounts passwords, if required.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks - database_user_name (installation default is samuser) Other Database Users: - sqltxplain - appqossys - outln - dip - system - exit 5 Enter a user name. The script prompts you for a password.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks Do not proceed until the command returns the following: Done iii Enter the following to start the database proxy: # /etc/rc3.d/S965620SAMOracleProxyWrapper start ↵ Do not proceed until the command returns the following: Done iv b Log out of the database station. If you are changing the database user password, perform the following steps.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks Note 1 — Before you perform the procedure, you must ensure that each 5620 SAM main server, auxiliary server, and database is running and operational. Note 2 — You can use the procedure to change only one user password at a time. To change multiple user passwords, you must perform the procedure multiple times.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks - sqltxplain - appqossys - outln - dip - system - exit 7 Enter a user name. The script prompts you for a password.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks Done iii Enter the following to start the database proxy: # /etc/rc3.d/S965620SAMOracleProxyWrapper start ↵ Do not proceed until the command returns the following: Done iv 14 Log out of the database station. If you are changing the database user password, perform the following steps. i Log in to the standby main server station as the samadmin user.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks -- Primary Server is UP Caution — If the command output indicates that the server is not completely started, wait five minutes and then repeat the step. Do not proceed to the next step until the server is completely started. vii Close the console window on the primary main server. viii Log out of the primary main server.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks vi Navigate to the server binary directory, typically /opt/5620sam/server/nms/bin. vii Enter the following: bash$ ./nmsserver.bash read_config ↵ The primary main server puts the configuration change into effect. 14.6 16 Close the console window. 17 Log out of the primary main server station.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks Procedure 14-9 To stop an auxiliary server Caution — Performing this procedure may be service-affecting. Ensure that you perform this procedure only during a scheduled maintenance period. 1 Choose Administration→System Information from the 5620 SAM main menu. The System Information form opens. 2 Click on the Auxiliary Servers tab. 3 Select the auxiliary server and click Properties.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks Procedure 14-11 To stop an auxiliary database Perform this procedure to stop the auxiliary database software on a station in an auxiliary database cluster. Caution — Performing this procedure may be service-affecting. Ensure that you perform this procedure only during a scheduled maintenance period. 1 Log in to the auxiliary database station as the root user. 2 Open a console window.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 3 Perform one of the following. Note — If you intend to copy and paste a command from this step into the console window, ensure that you remove the line breaks from the command text before you paste the text. a On a RHEL station, enter the following: bash$ tar cf - --exclude='backup' /opt/5620sam/nebackup/ | g zip -c >/opt/5620sam/nebackup/backup/nebackup_`date +"%Y-%m%d-%H-%M"`.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 3 Copy the appropriate NE configuration archive file to the path/nebackup/backup directory. where path is the 5620 SAM installation location, typically /opt/5620sam Note — If you are concurrently restoring the 5620 SAM database, ensure that you use the NE configuration archive file created at the time of the database backup.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 14.9 Restoring and reinstantiating a 5620 SAM database You can restore a 5620 SAM database using a backup copy. Note 1 — The station to which you restore a 5620 SAM database needs the same OS as the station from which the backup is obtained, or the restore fails. Note 2 — Before you perform a 5620 SAM database restore operation, you must shut down the databases and main servers in the 5620 SAM system.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks Procedure 14-14 To restore the database in a standalone 5620 SAM system Perform this procedure to restore a standalone 5620 SAM database using a backup copy of the database.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks ii Enter the following: # cd /etc/init.d ↵ iii Enter the following: # mv 5620SAMServerWrapper inactive.5620SAMServerWrapper ↵ 4 Perform the following steps to uncompress the appropriate NE configuration backup archive file to the /opt/5620sam/nebackup directory on the main server: Note — You must use the archive file created at the time of the database backup.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 6 Perform the appropriate 5620 SAM database uninstallation procedure in the 5620 SAM | 5650 CPAM Installation and Upgrade Guide. Note 1 — Ensure that the Uninstall Oracle Software parameter in the Uninstall Oracle Software panel is not selected. The Oracle software is required for the restored database. Note 2 — Do not perform the final step that describes removing files.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 3) EXIT Please enter(1,2 or 3): Enter 1 ↵. If you are restoring the database on a RHEL station, the following messages are displayed: For Oracle, pre-install will create or reuse user->oracle, group->dba with homedir->/opt/5620sam/oracle11r2. Creating dba group ... Group addition done for dba Oracle user [oracle] new home directory will be [/opt/5620sam/oracle11r2].
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 16 Enter a username for the Oracle management user and press ↵. The following prompt is displayed: Enter the Oracle user [username] home directory [default]: 17 Enter the full path of the Oracle management user home directory and press ↵. The following messages are displayed: Checking or Creating the Oracle user home directory home_dir... Checking user username... Adding username...
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks parameters INFO: About to set ulimit parameters in /etc/security/limits.conf... INFO: Completed setting ulimit parameters in /etc/security/limits.conf... INFO: Completed running Oracle Pre-Install Tasks On a Solaris station, the following messages are displayed as the script execution completes: Creating Oracle11R2 user_attr ... Kernel parameters for user_attr Facility modified in /etc/user_attr.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 21 Navigate to the directory that contains the 5620 SAM installation software and perform one of the following: a On a RHEL station: i Enter the following: # cd Linux ↵ ii Enter the following: # ./DBConfig_RHEL_R_r_revision.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks vii Configure the required parameters in each successive panel until the Database Restore panel is displayed. Use the values recorded during the most recent 5620 SAM database installation or upgrade, and click Next in each panel to continue. viii Click Start Process. The restore process begins. Note — A 5620 SAM database restore takes considerable time, depending on the database size.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks Procedure 14-15 To restore the primary database in a redundant 5620 SAM system Perform this procedure to restore a 5620 SAM database using a database backup created on the same station in a redundant 5620 SAM system. The station is called the primary database station in this procedure.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks The command displays a status message. Note — The 5620 SAM server is stopped when the command displays the following status message: Application Server is stopped If the command displays another message, wait five minutes and repeat step 2 iv. Do not proceed to the next step until the server is stopped.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 6 Perform the following steps to stop the primary 5620 SAM main server: i Log in to the primary main server station as the samadmin user.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks Do not proceed until the command displays the following text string: Done 9 Uninstall the primary 5620 SAM database. See the “To uninstall the 5620 SAM database software” procedure in the 5620 SAM | 5650 CPAM Installation and Upgrade Guide. Note 1 — Ensure that the Uninstall Oracle Software parameter on the Uninstall Oracle Software panel is not selected.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks Please select between the following option: 1) NEW INSTALL OR DB RESTORE OF 5620 SAM 2) UPGRADE OF 5620 SAM 3) EXIT Please enter(1,2 or 3): Enter 1 ↵. If you are restoring the database on a RHEL station, the following messages are displayed: For Oracle, pre-install will create or reuse user->oracle, group->dba with homedir->/opt/5620sam/oracle11r2. Creating dba group ...
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks done The following prompt is displayed: Enter the Oracle user name [default]: 20 Enter a username for the Oracle management user and press ↵. The following prompt is displayed: Enter the Oracle user [username] home directory [default]: 21 Enter the full path of the Oracle management user home directory and press ↵.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks INFO: Completed setting kernel parameters in /etc/sysctl.conf... INFO: About to change the current values of the kernel parameters INFO: Completed changing the current values of the kernel parameters INFO: About to set ulimit parameters in /etc/security/limits.conf... INFO: Completed setting ulimit parameters in /etc/security/limits.conf...
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 26 Navigate to the directory that contains the 5620 SAM installation software and perform one of the following: a To open the 5620 SAM database installation utility on a RHEL station: i Enter the following: # cd Linux ↵ ii Enter the following: # ./DBConfig_RHEL_R_r_revision.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks vii Configure the required parameters in each successive panel until the Database Restore panel is displayed. Use the values recorded during the most recent database installation or upgrade, and click Next in each panel to continue. viii Click Start Process. The restore process begins. Note — A 5620 SAM database restore takes considerable time, depending on the database size.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks The 5620 SAM server is completely started when the command returns the following line of output: -- Primary Server is UP v If the command output indicates that the server is not completely started, wait five minutes and then repeat step 29 iv. Note — Do not proceed to the next step until the server is completely started.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 35 Perform the following steps to enable the standby 5620 SAM main server startup daemon. i Log in to the standby main server station as the root user. ii Open a console window and enter the following: # cd /etc/init.d ↵ iii Enter the following: # mv inactive.5620SAMServerWrapper 5620SAMServerWrapper ↵ 36 Perform the following steps to start the standby 5620 SAM main server.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks The client GUI status bar and the System Information form display the reinstantiation status. The Standby Re-instantiation State changes from In Progress to Success when reinstantiation is complete. The Last Attempted Standby Re-instantiation Time displays the start time of the current reinstantiation. 3 Close the System Information form when the reinstantiation is complete.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 14.10 6 Close the console window when the reinstantiation is complete. 7 Open a 5620 SAM GUI client to verify that the 5620 SAM main servers and databases are functional. The server and database status is displayed in the status bar at the bottom of the GUI.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 8 Navigate to the required bundle example. The path is Script Bundle Examples→Miscellaneous→Remove Inactive Residential Subscriber Instances Bundle. 9 Select the bundle example and click Create Bundle. The Script Bundle (Create) form opens. 10 Configure the Name parameter. 11 Save your changes and close the forms.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks 2 Perform one of the following: a b Generate a list of services in the network. i Specify a filter to narrow the services listed. You can filter based on service ID, customer name, or other criteria as required. ii Order the columns of service data as required. For example, you can click on the Service Name heading to sort the services by name. Generate a list of access interfaces on a service.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks You can check for duplicate names to ensure that naming conventions are followed and to help prevent confusion when you deal with customers or operations staff. Procedure 14-20 uses ports as the objects to check for duplicate names. Procedure 14-20 To check for duplicate port descriptions Perform this procedure to check for duplicate object descriptions on all managed devices.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks You can set the OLC state for the following objects and services: • • • • • • network elements power supply trays card slots daughter cards ports LAGs • • • • composite services services sites SAPs Caution — Changing the OLC state on an object also changes the OLC state on all of its child objects. The operation may take several minutes to complete, depending on the number of objects affected.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks When the OLC state of a composite service or services is changed to in service, access interfaces and sites may not change to in service if they belong to equipment objects that are set to maintenance. The OLC state of the parent object must be in service to change the OLC state of the child object. You can change the OLC state of the parent object regardless of the OLC state of the child object.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks Procedure 14-23 To change the OLC state of equipment or services Caution 1 — Changing the OLC state can affect 5620 SAM performance and can take several minutes to complete. Caution 2 — Changing the OLC state of a parent object changes the OLC state of the child objects. 1 Choose Administration→OLC from the 5620 SAM main menu. The OLC form opens.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 14 — As required maintenance tasks Procedure 14-25 To add the OLC state to a template using the GUI builder Some service objects have an OLC state property. You cannot configure the OLC state property during the configuration of the service object. For 5620 SAM-created service templates, the OLC state property is automatically added to the template. For manually created service templates, the OLC state property is not added to the template.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 Appendices A.
Release 12.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions A.1 Predefined scope of command profiles and roles A-2 A.2 Permissions assignable to 5620 SAM scope of command roles A-4 A.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions A.1 Predefined scope of command profiles and roles This appendix describes the predefined 5620 SAM scope of command profiles and roles, and the access permissions for each predefined role. Predefined scope of command profiles and roles cannot be deleted. Table A-1 provides a summary of the command profiles, roles, and permissions information contained in this appendix.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Table A-3 Predefined scope of command roles Role Access provided Base Read-only Read-only to all objects except for the objects in the SAM Security and Mirror Service Management roles. Administrator GUI access, but no OSSI access, to all objects. Create, modify, delete, import, and export public workspaces. View private or public workspaces in the Manage Workspaces list.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Role Access provided Telnet/SSH Management Telnet or SSH access to NEs from the GUI. CPAM Management Route Analysis of ISIS Topology, OSPF Topology, MPLS Topology, IP Path monitoring, LSP Monitoring, Checkpoints, and Impact Analysis Scenarios for CPAM management. CPAM OSS PCA Route Analysis of ISIS Topology, OSPF Topology, and MPLS Topology for CPAM routing.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Table A-4 Permissions assigned to 5620 SAM scope of command roles Package.Class.Method/Property Description aaa AAA - Configurations for authentication, authorization, and accounting. aaa.RadiusProxyInterface RADIUS Proxy Interface - Access to Radius Proxy Interface configuration. aaa.RadiusProxyServer RADIUS Proxy Server - Access to Radius Proxy Server configuration. aaa.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description aosqos AoS QoS - Quality of Service for Application over Signaling (AoS QoS) Policy and conditions, AoS QoS configuration for Physical Port and Layer 2 Bridge. aosredundancy Aos-Redundancy - AOS Multichassis. aossas AOS SAS - OAM tests specific to AOS nodes. aossas.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description cac CAC - CAC configuration for Physical Links, Physical Port and other CAC related objects. calltrace.WebDAVSharedData Calltrace. Web DAVShared Data - Ability to restrict access to call traces via the WebDAV protocol. ccag CCAG - Cross-Connect Aggregation Group (CCAG) MDA card and forwarding path configuration. cflowd Cflowd - CFLOWD Objects.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description dhcp DHCP - Dynamic Host Configuration Protocol (DHCP) Server for rtr.VirtualRouter and vprn.Site. diameter Diameter - Access to this package is for configuring Diameter related configurations, e.g. Diameter Policy. dns Domain Name System - Domain Name System. dynsvc Dynamic Services - Dynamic Services Configuration.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description ethernetoam.CfmOneWaySlm CFM One Way SLM Test - Access to CFM One Way SLM tests, CFM One Way SLM test definitions, and CFM One Way SLM deployed tests. ethernetoam.CfmSingleEndedLossTest CFM Single Ended Loss Test - Access to CFM Single Ended Loss tests, CFM Single Ended Loss test definitions, and CFM Single Ended Loss deployed tests. ethernetoam.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description fpipe FPipe - All contained objects are listed. Package access is not currently used. fpipe.Fpipe Fpipe Service - Access to Frame Relay Pipe (Fpipe) Service objects themselves. fpipe.Site Fpipe Site - Access to Fpipe Sites. fr Frame Relay - Frame Relay configuration for Service interfaces and routers.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description igh IGH - Interface-Group-Handlers. igmp IGMP - Internet Group Management Protocol (IGMP) configuration for Service interfaces and routers. igmp.Site IGMP Site - Access to IGMP Sites. impact.FullReset Impact. Full Reset - Ability to configure objects which will result in a full reset of the node. Currently applies to 9412 node. impact.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description localuserdb Local User DB - DHCP or PPPoE configuration for Local User Databases on a router. log Statistics - Parent package for all statistics classes. log.LogToFileManager.property_jmsRetries Log To File Manager - property_jmsRetries - LogToFile preferences can only be modified by a user with an administrator role. log.LogToFileManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description lte.GtpProfile GTP Profile - Configuration of GTP Profile. lte.IpPool IP Address Pool - Configuration of IP Address Pool. lte.IpPoolBinding IP Address Pool Binding - Configuration of IP Address Pool Binding. lte.IpPoolEntry IP Address Pool Entry - Configuration of IP Address Pool Entry. lte.LTEEquipment.method_launchQoSAnalyzer Lte.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description lteggsn LTE - All LTE configurations and status. lteggsn.CdrAvpOptionProfile CDR AVP Option Profile - Configuration of CDR AVP Option Profile. lteggsn.DccaRatingGroup DCCA Rating Group - Configuration of Dcca Rating Group. lteggsn.GnReferencePoint Gn Reference Point - Configuration of Gn Reference Point. lteggsn.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description ltemme.MmeInstance.method_deployGcToNode WMM Instance - method_deployGcToNode - Ability to deploy a GC to a node. ltemme.MmeInstance.method_interMmeLoadBalanc e WMM Instance - method_interMmeLoadBalance - Ability to perform inter MME load balancing operation. ltemme.MmeInstance.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description ltepool.TaBinding Tracking Area Binding - Ability to configure associations between a Tracking Area and an MME Pool. lteradius LTE - All LTE configurations and status. lteradius.RadiusGroupProfile RADIUS Group Profile - Configuration of Radius Group Profile. lteradius.RadiusPeerProfile RADIUS Peer Profile - Configuration of RADIUS Peer Profile.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description mmepolicy.WMMPfmMeasGroupName WMM Performance Measurement Group Name - Configuration of Performance Measurement Group Name. mmepolicy.WMMPfmMeasGroups WMM Performance Measurement Groups - Configuration of Performance Measurement Groups. monitor Monitor - Subscriber Host monitoring and SAP monitoring.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description multicast.MfibPing MFIB Ping - Access to MFIB Ping tests, MFIB Ping test definitions, and MFIB Ping deployed tests. multicast.Mrinfo Mrinfo - Access to Mrinfo tests, Mrinfo test definitions, and Mrinfo deployed tests. multicast.Mtrace Mtrace - Access to Mtrace tests, Mtrace test definitions, and Mtrace deployed tests.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description netw.NetworkElement.method_executeMultiCli Network Element - method_executeMultiCli - Execute Multiple CLI commands on this Network Element. netw.NetworkElement.method_GUICrossLaunch Network Element - method_GUICrossLaunch - The ability to launch LTE web-browser based tools. netw.NetworkElement.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description optical.OTUTrail OTU Trail - Access for all OTU trails. optical.TransportService Optical Transport Service - Access for all optical services. opticalacl Optical Access Control Lists - ACL Management. opticalequipment Optical Management - Optical NE Specific Configuration. opticalrouting Optical Routing - Optical Routing Meta.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description propertyrules Property Rules - Range and Format Value Policies. ptp Precision Timing Protocol - Access to this package is for configuring Precision Timing Protocol. qgroup Queue Group Policy - Queue Group Policies. qosprofile Multilink QoS Profile - Multilink PPP QoS Profiles and Multilink Frame Relay QoS Profiles.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description rip Routing Management: RIP - Routing Information Protocol (RIP) configuration for Service interfaces and routers, Authentication Key, Groups, Export and Import Policies. rip.Site RIP Site - Access to RIP Sites. rmd Remote Managed Device - Remote Managed Device Management.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description script.Bundle Script Bundle - Ability to configure script bundles. script.ControlScript Control Script - Ability to configure control scripts. script.ControlScriptVersion Control Script Version - Ability to configure Control script versions. script.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description script.XmlApiConfigTemplate.method_tunnelTempla teExecute Template - method_tunnelTemplateExecute - Ability to execute a tunnel template. script.XmlApiScript XMLAPI Script - Ability to configure XML API scripts. script.XmlApiVersion XMLAPI Version - Ability to configure XML API script versions.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description service.MacPopulate MAC Populate - Access to MAC Populate tests, MAC Populate test definitions, and MAC Populate deployed tests. service.MacPurge MAC Purge - Access to MAC Purge tests, MAC Purge test definitions, and MAC Purge deployed tests. service.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description service.ServiceMemberAuditPolicyEntry Service Membership Audit Policy Entry - Access to Service Member Audit Policy Entry to configure service membership RCA audit behavior. service.SitePing Service Site Ping - Access to Service Site Ping tests, Service Site Ping test definitions, and Service Site Ping deployed tests. service.TemplateService.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description spb.SpokeSdpBindingInterface Spoke SDP Binding Interface - Access to SPB Interface of VPLS Spoke-SDP on a BVPLS Service. squeue Shared Queue Policy - Shared Queue Policies. srmrmtauth SAM Remote Authentication - Remote Authentication for SAM configuration of RADIUS and TACACS+ authentication servers.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description sw Router Admin: Software - Router administration: Backup Files, Card Software, Upgrade schedules, and Accounting Statistics Retrieval. sw.BackupRestoreManager.method_backup Backup/Restore Status - method_backup - Ability to perform a Network Element backup. sw.BackupRestoreManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description vll.Endpoint Endpoint - Access to VLL Endpoints. vll.L2AccessInterface L2 Access Interface - Access to VLL L2 Access Interfaces (except Ipipe). vpls VPLS - Access to this package is for configuring MLD Snooping, PIM Snooping, DHCP Relay, Multicast CAC Level and LAG Port Down events, and discovered VLAN Elements. vpls.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Description workspace Workspace - Ability to view workspaces, and Create/Edit/Delete private workspaces. workspace.WorkspaceManager.method_publicContro l Workspace Manager - method_publicControl - Ability to create/edit/delete public workspaces. wpp WPP - Web Portal Protocol. wpp.Site WPP Site - Access to WPP Sites. (26 of 26) A.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Table A-6 Base Read-only Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.method_execute No access bulk.BulkManager.method_generateBatches No access calltrace.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.method_intraMmeLoadBalance No access ltemme.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.ScriptManager.method_importBundle No access script.ScriptManager.method_importBundleSimulation No access script.XmlApiConfigTemplate.method_execute No access script.XmlApiConfigTemplate.method_executeMulti No access script.XmlApiConfigTemplate.method_executeScript No access script.XmlApiConfigTemplate.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access aaa.RadiusProxyServer Read/write aaa.RadiusServer Read/write aapolicy Read/write aapolicy.DbInfoTransitSubscriberManager.property_dbInfoTransIpAddrRtrvTimeOut Read/update/execute aapolicy.DbInfoTransitSubscriberManager.property_dbInfoTransPrfxAddrRtrvTimeOut Read/update/execute aapolicy.DbInfoTransitSubscriberManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access autoconfig.AutoConfigScriptManager.method_configure Update/execute autoconfig.AutoConfigScriptManager.method_copyContents Update/execute bfd Read/write bgp Read/write bgp.Site Read/write bulk Read/write bulk.BulkChange Read/write bulk.BulkManager.method_execute Update/execute bulk.BulkManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access dhcp Read/write diameter Read/write dns Read/write dynsvc Read/write entity Read/write epipe Read/write epipe.Epipe Read/write epipe.PbbMacName Read/write epipe.Site Read/write equipment Read/write equipment.PortPolicy Read/write equipment.Shelf.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtoltelocalprofile Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write file Read/write filter Read/write filterprefixlist Read/write firewall Read/write fm Read/write fm.AlarmHistoryDatabase.method_purge Update/execute fm.FaultManager Read/write fm.FaultManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ies.L3AccessInterface Read/write ies.Site Read/write ies.SubscriberInterface Read/write igh Read/write igmp Read/write igmp.Site Read/write impact.FullReset Read/write impact.PartialReset Read/write ipfix Read/write ipipe Read/write ipipe.Ipipe Read/write ipipe.L2AccessInterface Read/write ipipe.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lte.DccaProfile Read/write lte.DiameterPeerListEntry Read/write lte.DiameterPeerProfile Read/write lte.DiameterProfile Read/write lte.DiscoveryLog Read/write lte.DupRadiusAccServerGroup Read/write lte.ENBEquipment.method_launchNEM Update/execute lte.EPSPathDiscoveredLinkComponent Read/write lte.EPSPathDiscoveryHint Read/write lte.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lte.RTCountersSession Read/write lte.S11ReferencePoint Read/write lte.S1uReferencePoint Read/write lte.ServingGateway Read/write lte.SgwApn Read/write lte.SgwChargingProfile Read/write lte.SgwRfReferencePoint Read/write lte.SgwS5ReferencePoint Read/write lte.SgwS8ReferencePoint Read/write lte.SgwSignalling Read/write lte.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltehomeagent.MobileIpv4Profile Read/write ltehomeagent.PiReferencePoint Read/write ltemme Read/write ltemme.MmeInstance.method_abortMmeLoadBalance Update/execute ltemme.MmeInstance.method_deployGcToNode Update/execute ltemme.MmeInstance.method_interMmeLoadBalance Update/execute ltemme.MmeInstance.method_intraMmeLoadBalance Update/execute ltemme.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lteradius.RadiusProfile Read/write ltes1mme Read/write ltesecurity Read/write lteservice Read/write ltesgsn Read/write ltesgsn.SgwS12ReferencePoint Read/write ltesgsn.SgwS4ReferencePoint Read/write ltethreshold Read/write lteuserstats Read/write lteuserstats.UserStatsQuery Read/write lteuserstats.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mplstp Read/write mpr Read/write mpr.Al2AccessInterface Read/write mpr.Apipe Read/write mpr.Asite Read/write mpr.Cpipe Read/write mpr.El2AccessInterface Read/write mpr.Epipe Read/write mpr.Esite Read/write mpr.L2AccessInterface Read/write mpr.Site Read/write msappolicy Read/write msdp Read/write multicast Read/write multicast.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netca Read/write netw Read/write netw.AdvertisedNode Read/write netw.NeLimitHolder Read/write netw.NetworkElement Read/write netw.NetworkElement.method_GUICrossLaunch Update/execute netw.NetworkElement.method_NetoAdminProfileBasedLaunch Update/execute netw.NetworkElement.method_NetoViewerProfileBasedLaunch Update/execute netw.NetworkElement.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access opticalequipment Read/write opticalrouting Read/write opticsperf Read/write ospf Read/write ospf.Site Read/write oss No access oth Read/write pae802_1x Read/write pbbvlan Read/write pbbvlan.Site Read/write pbbvlan.VlanPBBEdge Read/write pim Read/write pim.Site Read/write policing Read/write policy Read/write policy.PolicyDefinition.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ressubscr.BgpPeeringPolicy Read/write ressubscr.HostTrackingPolicy Read/write ressubscr.IgmpPolicy Read/write ressubscr.MldPolicy Read/write ressubscr.ResidentialSubscriberManager.property_hostTrkSubscrRtrvTimeOut Read/update/execute ressubscr.ResidentialSubscriberManager.property_resSubscrInstRtrvMax Read/update/execute ressubscr.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.InvokerBinding Read/write script.LargeTextTargetParameter Read/write script.Result Read/write script.Script Read/write script.Script.method_createTargetScript Update/execute script.Script.method_createTargetScripts Update/execute script.ScriptManager Read/write script.ScriptManager.method_configure Update/execute script.ScriptManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.SpanObjectBinding Read/write security.SpanOfControlProfile Read/write security.User Read/write security.UserGroup Read/write securitypolicy Read/write selfconfig Read/write server Read/write service Read/write service.AarpInterface Read/write service.CpePing Read/write service.GneAccessInterface Read/write service.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access sflow Read/write shaperqos Read/write shg Read/write simulator Read/write simulator.SimSession Read/write sitesec Read/write sitesec.LocalUser Read/write sitesec.UserProfile Read/write sitesec.UserPublicKey Read/write slaprofile Read/write slope Read/write slope.QosPool Read/write snmp Read/write snmp.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access svr Read/write svt Read/write svt.BvlanTunnel Read/write svt.L2TPv3Tunnel Read/write svt.MeshSdpBinding Read/write svt.MirrorSdpBinding Read/write svt.MtuPing Read/write svt.SpokeSdpBinding Read/write svt.Tunnel Read/write svt.TunnelPing Read/write svt.VccvPing Read/write svt.VccvTrace Read/write svt.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access vll Read/write vll.Endpoint Read/write vll.L2AccessInterface Read/write vpls Read/write vpls.BL2AccessInterface Read/write vpls.BSite Read/write vpls.Endpoint Read/write vpls.EvpnSite Read/write vpls.IL2AccessInterface Read/write vpls.ISite Read/write vpls.L2AccessInterface Read/write vpls.L2ManagementInterface Read/write vpls.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.method_execute No access bulk.BulkManager.method_generateBatches No access calltrace.WebDAVSharedData No access cli No access cli.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.method_intraMmeLoadBalance No access ltemme.MmeInstance.method_lockMmeAggregateService No access ltemme.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.XmlApiConfigTemplate.method_execute No access script.XmlApiConfigTemplate.method_executeMulti No access script.XmlApiConfigTemplate.method_executeScript No access script.XmlApiConfigTemplate.method_serviceTemplateExecute No access script.XmlApiConfigTemplate.method_tunnelTemplateExecute No access security Read/update/execute security.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access aosredundancy Read/write aps Read/write atm Read/write audit Read/write autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.method_execute No access bulk.BulkManager.method_generateBatches No access bundle Read/write cac Read/write calltrace.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access filter Read/write fm Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote Update/execute fr Read/write generic Read/write generic.GenericObject.method_collectData No access gmpls Read/write hpipe No access igh Read/write impact.FullReset No access impact.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mirror No access mirror.Mirror No access mirror.Site No access mmepolicy No access mpr Read/write multichassis Read/write mwa Read/write nat Read/write neaudit Read/write netw Read/write netw.AdvertisedNode Read/write netw.NetworkElement Read/write netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ranradiom Read/write rca.RcaManager.method_fixProblem No access rca.RcaManager.method_preFixProblem No access resources No access rip Read/write rmd Read/write sasqos.QosPool Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access snmp.PollerManager.method_resync Update/execute sonet Read/write sonetequipment Read/write srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact No access tdmequipment Read/write user Read/write vprn.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access bulk.BulkManager.method_generateBatches No access cac Read/write calltrace.WebDAVSharedData No access cli No access cli.SSH No access cli.Telnet No access cpipe Read/write cpipe.Cpipe Read/write cpipe.Site Read/write db.AuxiliaryDatabase.method_reinstantiationDatabase No access db.AuxiliaryDatabase.method_snapshotDatabase No access db.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access fpipe.Site Read/write generic Read/write generic.GenericObject.method_collectData No access gsmp Read/write hpipe No access hpipe.Hpipe Read/write hpipe.Site Read/write ies Read/write ies.AaInterface Read/write ies.Ies Read/write ies.L3AccessInterface Read/write ies.Site Read/write ies.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltemme.MmeInstance.method_intraMmeLoadBalance No access ltemme.MmeInstance.method_lockMmeAggregateService No access ltemme.MmeInstance.method_unlockMmeAggregateService No access ltepolicyoptions No access mirror No access mirror.Endpoint Read/write mirror.Mirror No access mirror.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access optical Read/write optical.MultipointServicePath Read/write optical.MultipointTransportService Read/write optical.TransportService Read/write ospf Read/write ospf.Site Read/write oss No access oth Read/write pbbvlan Read/write pbbvlan.Site Read/write pbbvlan.VlanPBBEdge Read/write pim Read/write pim.Site Read/write policy.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.CpamLicense.method_clearRouterLimitExceedDueToMultiAdditions No access security.MediationPolicy No access security.RoleBasedAccess No access security.ScopeOfCommandProfile No access security.ScopeOfCommandRole No access security.SpanOfControlProfile No access security.User No access security.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access vlan.L2AccessInterface Read/write vlan.Site Read/write vlan.Vlan Read/write vll Read/write vll.Endpoint Read/write vll.L2AccessInterface Read/write vpls Read/write vpls.BL2AccessInterface Read/write vpls.BSite Read/write vpls.Endpoint Read/write vpls.IL2AccessInterface Read/write vpls.ISite Read/write vpls.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access aaa.RadiusProxyServer Read/write aaa.RadiusServer Read/write aclfilterli No access activation.WebDAVSharedData No access ancp Read/write arp Read/write autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.method_execute No access bulk.BulkManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access generic.GenericObject.method_collectData No access hpipe No access igmp Read/write impact.FullReset No access impact.PartialReset No access l2tp Read/write lag Read/write localuserdb Read/write lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.method_launchQoSAnalyzer No access lteli.DFPeer No access lteli.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_executeMultiCli No access netw.Topology.method_move No access oss No access policy Read/write policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly No access policy.PolicyDefinition.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.RoleBasedAccess No access security.ScopeOfCommandProfile No access security.ScopeOfCommandRole No access security.SpanOfControlProfile No access security.User No access security.UserGroup No access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access aengr Read/write aingr Read/write aosqos Read/write aossas Read/write atmpolicy Read/write autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.method_execute No access bulk.BulkManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access fm.FaultManager.method_editNote Update/execute generic Read/write generic.GenericObject.method_collectData No access hpipe No access impact.FullReset No access impact.PartialReset No access layer2 Read/write lte Read/update/execute lte.AAWhiteListGroup Read/write lte.DiameterProfile Read/write lte.ENBEquipment.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.Topology.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.XmlApiConfigTemplate.method_executeScript No access script.XmlApiConfigTemplate.method_serviceTemplateExecute No access script.XmlApiConfigTemplate.method_tunnelTemplateExecute No access security.CpamLicense.method_clearRouterLimitExceedDueToMultiAdditions No access security.MediationPolicy No access security.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access aaa Read/write aapolicy Read/write accounting Read/write aclfilterli No access activation.WebDAVSharedData No access ancp Read/write aossas Read/write autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.method_execute No access bulk.BulkManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access filter Read/write fm Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote Update/execute generic Read/write generic.GenericObject.method_collectData No access hpipe No access igmp Read/write impact.FullReset No access impact.PartialReset No access l2fwd Read/write lte Read/write lte.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltegw.PcscfResolvedPeerIPEntry Read/write ltegw.SCTPProfile Read/write ltegw.UMTSQoSPolicy Read/write ltehomeagent Read/write lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mmepolicy.MMEGTPProfile Read/write mmepolicy.MMESCTPProfile Read/write mmepolicy.WMMPfmJobEntry Read/write mmepolicy.WMMPfmJobMts Read/write mmepolicy.WMMPfmJobSched Read/write mmepolicy.WMMPfmMeasGroupName Read/write mmepolicy.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ressubscr.IgmpPolicy Read/write ressubscr.MldPolicy Read/write ressubscr.SubMcastCacPolicy Read/write rip Read/write rp Read/write sas Read/write schedule Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access srpythonmgmt Read/write subscrauth Read/write subscrexpmap Read/write subscrident Read/write subscrprofile Read/write svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact No access tod Read/write todsuite Read/write user Read/write vprn.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access cli.SSH No access cli.Telnet No access db.AuxiliaryDatabase.method_reinstantiationDatabase No access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.DatabaseManager.method_reinstantiateStandby No access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lte.DiscoveryLog Read/write lte.DupRadiusAccServerGroup Read/write lte.ENBEquipment.method_launchNEM No access lte.EPSPathDiscoveredLinkComponent Read/write lte.EPSPathInterfaceComponent Read/write lte.EPSPathLinkComponent Read/write lte.EPSPathSapComponent Read/write lte.EPSPathServiceComponent Read/write lte.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.method_intraMmeLoadBalance No access ltemme.MmeInstance.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.Topology Read/write netw.Topology.method_move Update/execute netw.UplinkBofConfiguration Read/write netw.UplinkRouteConfiguration Read/write optical Read/write ospf Read/write ospf.Site Read/write oss No access oth Read/write pim Read/write pim.Site Read/write policy Read/write policy.PolicyDefinition.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.CpamLicense.method_clearRouterLimitExceedDueToMultiAdditions No access security.MediationPolicy No access security.RoleBasedAccess No access security.ScopeOfCommandProfile No access security.ScopeOfCommandRole No access security.SpanOfControlProfile No access security.User No access security.UserGroup No access service.Service.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access bulk.BulkManager.method_generateBatches No access calltrace.WebDAVSharedData No access cli No access cli.SSH No access cli.Telnet No access db.AuxiliaryDatabase.method_reinstantiationDatabase No access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.DatabaseManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.method_intraMmeLoadBalance No access ltemme.MmeInstance.method_lockMmeAggregateService No access ltemme.MmeInstance.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access rules Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.method_createTargetScripts No access script.ScriptManager.method_configure No access script.ScriptManager.method_copyContents No access script.ScriptManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (5 of 5) Table A-16 SAM Management and Operations Package.Class.Method/Property Access aaa Read/write aclfilterli No access activation.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtoltecallpprofile Read/write femtoltelocalprofile Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write firewall Read/write fm Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.method_intraMmeLoadBalance No access ltemme.MmeInstance.method_lockMmeAggregateService No access ltemme.MmeInstance.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.Topology Read/write netw.Topology.method_move Update/execute netw.UplinkBofConfiguration Read/write netw.UplinkRouteConfiguration Read/write opticalacl Read/write opticsperf Read/write oss No access policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.ScopeOfCommandProfile No access security.ScopeOfCommandRole No access security.Span Read/write security.SpanObjectBinding Read/write security.SpanOfControlProfile No access security.User No access security.UserGroup No access securitypolicy Read/write selfconfig Read/write server Read/write service.Service.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.method_execute No access bulk.BulkManager.method_generateBatches No access calltrace.WebDAVSharedData No access cflowd.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.method_launchQoSAnalyzer No access lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access rip Read/write rollback Read/write schedule Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.method_createTargetScripts No access script.ScriptManager.method_configure No access script.ScriptManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-18 Fault Management Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access fm.AlarmHistoryDatabase.method_purge Update/execute fm.FaultManager Read/write fm.FaultManager.method_editNote Update/execute fm.GlobalPolicy Read/write fm.SpecificPolicy Read/write generic Read/write generic.GenericObject.method_collectData Update/execute hpipe No access impact.FullReset No access impact.PartialReset No access lte.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly No access policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal No access rca.RcaManager.method_fixProblem No access rca.RcaManager.method_preFixProblem No access resources No access rip Read/write rmon Read/write script.AbstractScript.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access sw.BackupRestoreManager.method_restore No access sysact No access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-19 Service Test Management Package.Class.Method/Property Access aclfilterli No access activation.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ethernetoam Read/write ethernetoam.CcTest Read/write ethernetoam.CcmTest Read/write ethernetoam.CfmDmmBin Read/write ethernetoam.CfmDmmSession Read/write ethernetoam.CfmEthTest Read/write ethernetoam.CfmLMTest Read/write ethernetoam.CfmLinkTrace Read/write ethernetoam.CfmLmmSession Read/write ethernetoam.CfmLoopback Read/write ethernetoam.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.method_launchQoSAnalyzer No access lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access rca.RcaManager.method_fixProblem No access rca.RcaManager.method_preFixProblem No access resources No access rip Read/write sas Read/write sas.IPSession Read/write sas.TWLBin Read/write sas.TWLSession Read/write sas.TwlReflector Read/write schedule Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.SitePing Read/write service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access service.Y1564TestHeadBiDirectional Read/write snmp.PollerManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access cli.SSH No access cli.Telnet No access db.AuxiliaryDatabase.method_reinstantiationDatabase No access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.DatabaseManager.method_reinstantiateStandby No access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltepolicyoptions No access mirror No access mirror.Mirror No access mirror.Site No access mmepolicy No access netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.ScriptManager.method_exportBundle Update/execute script.ScriptManager.method_importBundle Update/execute script.ScriptManager.method_importBundleSimulation Update/execute script.ScriptScheduledTask Read/write script.TargetParameter Read/write script.TargetParameterItem Read/write script.TargetParameterList Read/write script.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access workspace Read/write workspace.WorkspaceManager.method_publicControl No access (5 of 5) Table A-21 Script Execution Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access hpipe No access impact.FullReset No access impact.PartialReset No access lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.method_launchQoSAnalyzer No access lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.AbstractScript.method_configureTarget Update/execute script.AbstractScript.method_configureTargets Update/execute script.LargeTextTargetParameter Read/write script.Result Read/write script.Script.method_createTargetScript Update/execute script.Script.method_createTargetScripts Update/execute script.ScriptManager Read/write script.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact No access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-22 Mirror Service Management Package.Class.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access hpipe No access impact.FullReset No access impact.PartialReset No access lte.ENBEquipment.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access oss No access policy Read/write policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly No access policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal No access policy.PolicySyncGroupManager Read/write rca.RcaManager.method_fixProblem No access rca.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access service.Service.method_highPriorityServiceDelete Update/execute service.SitePing Read/write service.TemplateService.method_constructServiceTemplate Update/execute service.TemplateService.method_constructTemplatedService Update/execute snmp.PollerManager.method_resync No access srmrmtauth No access subscr.Site Read/write svt Read/write svt.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.method_switchover No access db.SnapshotHistory.method_deleteSnapshot No access equipment.Shelf.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.Topology.method_move No access oss Read/write policy.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.method_resync No access srmrmtauth No access svt.MirrorSdpBinding No access sw.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access equipment.Shelf.method_rebootUpgrade No access femto Read/write femtoltecallpprofile Read/write femtoltelocalprofile Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_executeCli Update/execute netw.NetworkElement.method_executeMultiCli Update/execute netw.Topology.method_move No access oss No access policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly No access policy.PolicyDefinition.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access snmp.PollerManager.method_resync No access srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact No access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access hpipe No access impact.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly No access policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal No access rca.RcaManager.method_fixProblem No access rca.RcaManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access sw.BackupRestoreManager.method_restore No access sysact No access topology Read/write user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-26 CPAM OSS PCA Package.Class.Method/Property Access aclfilterli No access activation.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access hpipe No access impact.FullReset No access impact.PartialReset No access lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access rca.RcaManager.method_fixProblem No access rca.RcaManager.method_preFixProblem No access resources No access rip Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.method_createTargetScripts No access script.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-27 CPAM Topology Simulator Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access hpipe No access impact.FullReset No access impact.PartialReset No access lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.method_launchQoSAnalyzer No access lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access rip Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.method_createTargetScripts No access script.ScriptManager.method_configure No access script.ScriptManager.method_copyContents No access script.ScriptManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-28 Root Cause Analysis (RCA) Object Verification Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access generic.GenericObject.method_collectData No access hpipe No access impact.FullReset No access impact.PartialReset No access lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.method_launchQoSAnalyzer No access lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.method_createTargetScripts No access script.ScriptManager.method_configure No access script.ScriptManager.method_copyContents No access script.ScriptManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-29 Lawful Intercept Management Package.Class.Method/Property Access aclfilterli Read/write activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access generic.GenericObject.method_collectData No access hpipe No access impact.FullReset No access impact.PartialReset No access lte Read/write lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.method_launchQoSAnalyzer No access lteli.DFPeer Read/write lteli.DFPeerCardGroup Read/write lteli.InterceptionTarget Read/write lteli.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access policy.PolicyDefinition.method_setConfigurationModeToReleased Update/execute policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly Update/execute policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal Update/execute policy.PolicySyncGroupManager Read/write rca.RcaManager.method_fixProblem No access rca.RcaManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access snmp.PollerManager Read/write snmp.PollerManager.method_resync Update/execute srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact Read/write user Read/write vprn.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtoltelocalprofile Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access oss No access policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly No access policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal No access rca.RcaManager.method_fixProblem No access rca.RcaManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.UserGroup No access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.method_resync No access srmrmtauth No access svt.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.SnapshotHistory.method_deleteSnapshot No access equipment.Shelf.method_rebootUpgrade No access femto Read/write femtoltecallpprofile Read/write femtoltelocalprofile Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.Topology.method_move No access oss No access policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.method_resync No access srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact No access user Read/write vprn.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtoltelocalprofile Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access oss No access policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly No access policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal No access rca.RcaManager.method_fixProblem No access rca.RcaManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact No access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-33 Application Assurance (AA) Management Package.Class.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write file Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access hpipe No access impact.FullReset No access impact.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access oss No access policy Read/write policy.PolicyDefinition.method_setConfigurationModeToReleased Update/execute policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly Update/execute policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal Update/execute policy.PolicySyncGroupManager Read/write rca.RcaManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access snmp.PollerManager.method_resync No access srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact No access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access hpipe No access impact.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly No access policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal No access propertyrules Read/write rca.RcaManager.method_fixProblem No access rca.RcaManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact No access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-35 Work Order Activation Package.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtoltelocalprofile Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access fr Read/write generic Read/write generic.GenericObject.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.NetworkElement.method_executeMultiCli No access netw.Topology.method_move No access oss No access policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.method_resync No access srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femto Read/write femtoltecallpprofile Read/write femtoltelocalprofile Read/write femtolteoamprofile Read/write femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access netw.NetworkElement.method_executeMultiCli No access netw.Topology.method_move No access oss No access policy.PolicyDefinition.method_setConfigurationModeToReleased No access policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly No access policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal No access rca.RcaManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access srmrmtauth No access svt.MirrorSdpBinding No access sw.BackupRestoreManager.method_backup No access sw.BackupRestoreManager.method_restore No access sysact No access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access femtolterrmprofile Read/write femtoltetransportprofile Read/write femtoperf Read/write filter Read/write fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access hpipe No access impact.FullReset No access impact.PartialReset No access lte.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access policy.PolicyDefinition.method_setDistributionModeToLocalEditOnly No access policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal No access rca.RcaManager.method_fixProblem No access rca.RcaManager.method_preFixProblem No access resources No access rip Read/write script.AbstractScript.method_configureTarget No access script.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access sysact No access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-38 Configuration Management which causes node reset Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access fm.AlarmHistoryDatabase.method_purge No access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access hpipe No access impact.FullReset Read/write impact.PartialReset Read/write lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.method_launchQoSAnalyzer No access lteli.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access resources No access rip Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.method_createTargetScripts No access script.ScriptManager.method_configure No access script.ScriptManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access workspace Read/write workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-39 EPC Operator Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access hpipe No access impact.FullReset No access impact.PartialReset No access isa.MgGroupMember Read/write isa.MgIsaGroup Read/write lte Read/write lte.AAWhiteListGroup Read/write lte.ApnPolicyRuleBase Read/write lte.DccaProfile Read/write lte.DiameterPeerListEntry Read/write lte.DiameterPeerProfile Read/write lte.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lte.PdnS8ReferencePoint Read/write lte.PdnSignalling Read/write lte.PgwChargingProfile Read/write lte.PlmnListPolicy Read/write lte.PlmnListPolicyGroup Read/write lte.QciPolicy Read/write lte.QciPolicyEntry Read/write lte.S11ReferencePoint Read/write lte.S1uReferencePoint Read/write lte.ServingGateway Read/write lte.SgwApn Read/write lte.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltegw.UMTSQoSPolicy Read/write ltehomeagent Read/write ltehomeagent.DNSRedirectServer Read/write ltehomeagent.FAHAPeerList Read/write ltehomeagent.MobileIpv4Profile Read/write ltehomeagent.PiReferencePoint Read/write lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltepool Read/write ltepool.MmeInstanceBinding Read/write ltepool.TaBinding Read/write lteradius.RadiusGroupProfile Read/write lteradius.RadiusPeerProfile Read/write lteradius.RadiusProfile Read/write ltesgsn.SgwS12ReferencePoint Read/write ltesgsn.SgwS4ReferencePoint Read/write ltethreshold Read/write lteuserstats.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access policy.PolicyDefinition.method_setDistributionModeToSyncWithGlobal Update/execute rca.RcaManager.method_fixProblem No access rca.RcaManager.method_preFixProblem No access resources No access rip Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access user Read/write vprn.IPMirrorInterface No access webclient Read/write workspace Read/write workspace.WorkspaceManager.method_publicControl No access (7 of 7) Table A-40 eNodeB NEM Operator Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access fm.FaultManager.method_editNote No access generic Read/write generic.GenericObject.method_collectData No access hpipe No access impact.FullReset No access impact.PartialReset No access lte.ENBEquipment.method_launchNEM Update/execute lte.LTEEquipment.method_launchQoSAnalyzer No access lteli.DFPeer No access lteli.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access rip Read/write script.AbstractScript.method_configureTarget No access script.AbstractScript.method_configureTargets No access script.Script.method_createTargetScript No access script.Script.method_createTargetScripts No access script.ScriptManager.method_configure No access script.ScriptManager.method_copyContents No access script.ScriptManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access workspace.WorkspaceManager.method_publicControl No access (4 of 4) Table A-41 Statistics Plotter Profile Management Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access impact.FullReset No access impact.PartialReset No access lte.ENBEquipment.method_launchNEM No access lte.LTEEquipment.method_launchQoSAnalyzer No access lteli.DFPeer No access lteli.DFPeerCardGroup No access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.Script.method_createTargetScripts No access script.ScriptManager.method_configure No access script.ScriptManager.method_copyContents No access script.ScriptManager.method_exportBundle No access script.ScriptManager.method_importBundle No access script.ScriptManager.method_importBundleSimulation No access script.XmlApiConfigTemplate.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access aclfilterli No access activation.WebDAVSharedData No access autoconfig.AutoConfigScriptManager.method_configure No access autoconfig.AutoConfigScriptManager.method_copyContents No access bulk.BulkManager.method_execute No access bulk.BulkManager.method_generateBatches No access calltrace.WebDAVSharedData No access cli No access cli.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access lteli.InterceptionTarget No access lteli.LILteCfg No access ltemme.MmeInstance.method_abortMmeLoadBalance No access ltemme.MmeInstance.method_deployGcToNode No access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.method_intraMmeLoadBalance No access ltemme.MmeInstance.method_lockMmeAggregateService No access ltemme.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.XmlApiConfigTemplate.method_execute No access script.XmlApiConfigTemplate.method_executeMulti No access script.XmlApiConfigTemplate.method_executeScript No access script.XmlApiConfigTemplate.method_serviceTemplateExecute No access script.XmlApiConfigTemplate.method_tunnelTemplateExecute No access security.CpamLicense.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access bulk.BulkManager.method_execute No access bulk.BulkManager.method_generateBatches No access calltrace.WebDAVSharedData No access cli No access cli.SSH No access cli.Telnet No access db.AuxiliaryDatabase.method_reinstantiationDatabase No access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltemme.MmeInstance.method_interMmeLoadBalance No access ltemme.MmeInstance.method_intraMmeLoadBalance No access ltemme.MmeInstance.method_lockMmeAggregateService No access ltemme.MmeInstance.method_unlockMmeAggregateService No access ltepolicyoptions No access mirror No access mirror.Mirror No access mirror.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access script.XmlApiConfigTemplate.method_tunnelTemplateExecute No access security.CpamLicense.method_clearRouterLimitExceedDueToMultiAdditions No access security.MediationPolicy No access security.RoleBasedAccess No access security.ScopeOfCommandProfile No access security.ScopeOfCommandRole No access security.SpanOfControlProfile No access security.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access cli.SSH No access cli.Telnet No access db.AuxiliaryDatabase.method_reinstantiationDatabase No access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.DatabaseManager.method_reinstantiateStandby No access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access ltepolicyoptions No access mirror No access mirror.Mirror No access mirror.Site No access mmepolicy No access netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch Update/execute netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.ScopeOfCommandProfile No access security.ScopeOfCommandRole No access security.SpanOfControlProfile No access security.User No access security.UserGroup No access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access db.AuxiliaryDatabase.method_snapshotDatabase No access db.DatabaseManager.method_backup No access db.DatabaseManager.method_reinstantiateStandby No access db.DatabaseManager.method_snapshotAllDatabases No access db.DatabaseManager.method_switchover No access db.SnapshotHistory.method_deleteSnapshot No access equipment.Shelf.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access mirror.Site No access mmepolicy No access netw.AdvertisedNode Read/write netw.NetworkElement.method_GUICrossLaunch No access netw.NetworkElement.method_NetoAdminProfileBasedLaunch No access netw.NetworkElement.method_NetoViewerProfileBasedLaunch No access netw.NetworkElement.method_executeCli No access netw.NetworkElement.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A. Scope of command roles and permissions Package.Class.Method/Property Access security.User No access security.UserGroup No access service.Service.method_create No access service.Service.method_highPriorityServiceDelete No access service.TemplateService.method_constructServiceTemplate No access service.TemplateService.method_constructTemplatedService No access snmp.PollerManager.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 A.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 Customer documentation and product support Customer documentation Customer Documentation Welcome Page Technical Support http://support.alcatel-lucent.com Documentation feedback documentation.feedback@alcatel-lucent.
Release 12.0 R6 | November 2014 | 3HE 08861 AAAF TQZZA Edition 01 © 2014 Alcatel-Lucent. All rights reserved. www.alcatel-lucent.
