Integrated Management Database Configuration

Integrated Management Database Configuration
Avaya Integrated Management
Release 5.2
Integrated Management Database
Configuration
November 2009
© 2009 Avaya Inc.
All Rights Reserved.
Notice
While reasonable efforts were made to ensure that the information in this
document was complete and accurate at the time of printing, Avaya Inc. can
assume no liability for any errors. Changes and corrections to the information
in this document may be incorporated in future releases.
For full legal page information, please see the complete document, Avaya
Legal Page for Software Documentation, Document number 03-600758.
To locate this document on the website, simply go to
http://www.avaya.com/support and search for the document number in the
search box.
Documentation disclaimer
Avaya Inc. is not responsible for any modifications, additions, or deletions to
the original published version of this documentation unless such modifications,
additions, or deletions were performed by Avaya. Customer and/or End User
agree to indemnify and hold harmless Avaya, Avaya's agents, servants and
employees against all claims, lawsuits, demands and judgments arising out of,
or in connection with, subsequent modifications, additions or deletions to this
documentation to the extent made by the Customer or End User.
Link disclaimer
Avaya Inc. is not responsible for the contents or reliability of any linked Web
sites referenced elsewhere within this documentation, and Avaya does not
necessarily endorse the products, services, or information described or offered
within them. We cannot guarantee that these links will work all of the time and
we have no control over the availability of the linked pages.
Warranty
Avaya Inc. provides a limited warranty on this product. Refer to your sales
agreement to establish the terms of the limited warranty. In addition, Avaya’s
standard warranty language, as well as information regarding support for this
product, while under warranty, is available through the following Web site:
http://www.avaya.com/support
Copyright
Except where expressly stated otherwise, the Product is protected by copyright
and other laws respecting proprietary rights. Unauthorized reproduction,
transfer, and or use can be a criminal, as well as a civil, offense under the
applicable law.
Avaya support
Avaya provides a telephone number for you to use to report problems or to ask
questions about your product. The support telephone number
is 1-800-242-2121 in the United States. For additional support telephone
numbers, see the Avaya Web site:
http://www.avaya.com/support
Contents
Preface
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
Purpose. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
Intended audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
Conventions used in this document . . . . . . . . . . . . . . . . . . . . . . . . .
7
Additional resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
8
Product documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
8
How to access documents on the Web. . . . . . . . . . . . . . . . . . . . . . . .
8
Chapter 1: Resources and Notices . . . . . . . . . . . . . . . . . . . . .
9
Getting help with the installation . . . . . . . . . . . . . . . . . . . . . . . .
Avaya Technology and Consulting . . . . . . . . . . . . . . . . . . . .
Avaya Global Services Delivery . . . . . . . . . . . . . . . . . . . . . .
Avaya Global Technical Services. . . . . . . . . . . . . . . . . . . . . .
Avaya Professional Services . . . . . . . . . . . . . . . . . . . . . . . .
Customized Management Solutions for Avaya Integrated Management.
.
.
.
.
.
.
9
9
9
10
10
11
Avaya contact information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
11
Third party resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
12
System security notices. . . .
Network security . . . . . .
Toll fraud security . . . . .
Avaya disclaimer. . . .
Toll fraud intervention .
.
.
.
.
.
12
12
13
13
13
Chapter 2: Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
15
What is new in this release . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Release 5.2 Service Pack 3 . . . . . . . . . . . . . . . . . . . . . . . . . .
Release 5.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
15
15
15
PC Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
17
Configuration checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
18
Chapter 3: Setting up Integrated Management Database . . . . . . . . .
19
Configuring LDAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Issue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
19
19
19
Installing Integrated Management Database in a customer specified directory. .
20
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Generating a random password for the Performance and Administration administrator user
20
November 2009
3
Contents
Using the randomly generated password . . . . . . . . . . . . . . . . . .
21
Switching to the old Java plug-in. . . . . . . . . . . . . . . . . . . . . . . . . . .
22
Configuring a new installation . . . . . . . . . . . . . . . . . . . . . . . . . . . .
23
Procedure 1: Logging into the Integrated Management Database . . . . . . .
24
Notifying the administrator when the user login fails . . . . . . . . . . . .
24
Procedure 2: Adding locations . . . . . . . . . . . . . . . . . . . . . . . . . .
25
Procedure 3: Configuring e-mail notification . . . . . . . . . . . . . . . . . .
26
Procedure 4: Configuring the security defaults for Integrated Management Database27
Procedure 5: Configuring the SNMP settings . . . . . . . . . . . . . . . . . .
28
Procedure 6: Configuring the LDAP server connection . . . . . . . . . . . .
29
RADIUS authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
30
Procedure 7: Configuring a RADIUS server . . . . . . . . . . . . . . . . . . .
31
Testing connectivity information for a RADIUS server . . . . . . . . . . . . .
32
Authentication, Authorization and Accounting . . . . . . . . . . . . . . . . .
32
Procedure 8: Configuring Authentication, Authorization and Accounting . .
34
Sequence of AAA configuration methods . . . . . . . . . . . . . . . . . .
35
Delay in the appearance of the MultiSite Administrator user manager . .
35
Procedure 9: Adding a Secure Services Gateway as an element . . . . . . .
36
Procedure 10: Adding a Network Management System element . . . . . . . .
37
Procedure 11: Adding elements . . . . . . . . . . . . . . . . . . . . . . . . .
38
Adding a voice system . . . . . . . . . . . . . . . . . . . . . . . . . . . .
38
Adding a messaging system or a similar application server . . . . . . . .
41
Procedure 12: Creating an Fault and Performance Manager role . . . . . . .
43
Editing an Fault and Performance Manager role . . . . . . . . . . . . . .
45
Procedure 13: Adding a user . . . . . . . . . . . . . . . . . . . . . . . . . . .
46
Copying an Integrated Management Database user . . . . . . . . . . . . . .
48
Creating an Integrated Management Database role . . . . . . . . . . . . . . .
48
Creating a custom Integrated Management Database role . . . . . . . . .
49
Editing an Integrated Management Database role. . . . . . . . . . . . . . . .
50
Deleting an Integrated Management Database role . . . . . . . . . . . . . . .
51
Procedure 14: Adding an LDAP group . . . . . . . . . . . . . . . . . . . . . .
52
Copying an LDAP group . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
53
Importing configuration data . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
55
Importing user data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
59
Exporting data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
61
Viewing the Integrated Management Database administration log. . . . . . . . .
62
Backing up Integrated Management Database . . . . .
Backing up data using the GUI utility . . . . . . . .
Scheduling backups using the GUI utility . . . . . .
Cancelling scheduled backups using the GUI utility
62
62
63
65
4 Avaya Integrated Management Database Configuration
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents
Backing up data using the Command Line method . . . . . . . . . . . . . . .
65
Restoring Integrated Management Database . . . . . . . . . . . . . . . . . . . .
Restoring data using the GUI utility . . . . . . . . . . . . . . . . . . . . . . .
Restoring data using the Command Line method . . . . . . . . . . . . . . . .
66
66
67
Index
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
69
November 2009
5
Contents
6 Avaya Integrated Management Database Configuration
Preface
Purpose
This document explains how to configure Avaya Integrated Management database (IMD).
Prerequisites
Setting up IMD requires familiarity with network administration, knowledge of the Red Hat
implementation of the Linux operating system, and proficiency with Linux administration. This
document does not impart this knowledge but is nevertheless essential for a successful
installation.
This is why Avaya recommends that workstation or network administrators take the primary role
in the initial configuration of Integrated Management Database.
Intended audience
This guide is intended for workstation or network administrators.
Conventions used in this document
In this document, we use the following typographical conventions:
●
We use bold type for emphasis and for any information that you should type; for example:
save translation.
●
We use Courier font for any information that the computer screen displays; for example:
login.
●
We use arrows to indicate options that you should select on cascading menus; for
example: “Select File>Open” means choose the “Open” option from the “File” menu.
November 2009
7
Preface
Additional resources
For help to use IMD, access the IMD online help. It explains how you can perform basic
administration tasks. To access the online help, click Help on the Integrated Management
Database page.
Product documentation
The latest version of Avaya Integrated Management product documentation, including this
document, is available from the Avaya Support Web Site. To view or download these
documents from the Web, you must have access to the Internet, an Internet browser, and
Adobe Reader. Adobe Reader 8.0 is provided on the Avaya Integrated Management CD and is
also available from http://www.adobe.com. See How to access documents on the Web on
page 8 for instructions on how to view or download these documents.
How to access documents on the Web
To view or download documents from the Avaya Support Web Site, follow these steps:
1. Access http://www.avaya.com/support.
2. Click Find Documentation and Technical Information by Product Name.
3. Click the letter I in the alphabet listing.
4. Click the Integrated Management - All Applications link.
5. Under DOCUMENT CATEGORIES, click View all documents to display a list of available
documents for that product or offer.
6. Click on Title to view product specific documentation.
8 Avaya Integrated Management Database Configuration
Chapter 1: Resources and Notices
Avaya provides our customers with a variety of planning, consulting, and technical services.
The sections below briefly describe the resources and services that are available.
Client executives are your primary contact to obtain information and explore options to meet
your specific business needs.
Getting help with the installation
If you are located within the United States and you want help installing or setting up IMD, call
your Avaya representative.
If you are located outside the United States, call your Avaya representative or distributor. Call at
least four weeks before the date on which you want to install and configure IMD.
Avaya Technology and Consulting
Avaya Technology and Consulting (ATAC) works with client teams to develop detailed solutions
for connectivity to Avaya media servers running Avaya Aura™ Communication Manager
software. The ATAC also designs network configurations to support IMD.
Avaya Global Services Delivery
Avaya Global Services Delivery (GSD) provides support to Avaya Integrated Management
client teams, field technicians, and customers. The GSD will bill customers for support on a time
and materials basis if the following conditions exist:
●
Customers do not provide remote access.
●
Customers do not have a current maintenance agreement
●
Customers do not procure and install the required systems and software as defined in the
Avaya Integrated Management Services Support Plan
●
Customers request support that is outside the purchase agreement
The GSD does not support hardware or software that customers purchase from third-party
vendors.
November 2009
9
Resources and Notices
Avaya Global Technical Services
Avaya Global Technical Services answers customer calls about products in Avaya Integrated
Management. They will either answer your questions directly or connect you with an associate
who can answer questions about the products.
Avaya Professional Services
The Avaya Professional Services (APS) team of Avaya Integrated Management (AIM)
consultants offers customers the following services:
●
Platform readiness verification
●
Avaya Integrated Management architectural planning, design, and overview
●
Remote turnkey implementation and installation
●
Avaya Integrated Management server configuration
●
Customer acceptance verification
●
Custom onsite services
●
Onsite and remote knowledge transfer
The APS Data Group consists of the following teams:
●
Avaya Integrated Management Consultants
The Avaya Integrated Management consulting team offers planning, design, implementation,
consulting, and knowledge transfer services for the entire Avaya Integrated Management suite.
This includes Site Administration, Voice Announcement Manager, Network Management
Console with Software Update Manager, MultiSite Administrator, and Fault and Performance
Manager.
The thrust of the APS team is to bring the correct methodology to these complex application
deployments that span various regions, and to provide continuity to the overall project. Through
proper integration and consulting, our customers can leverage the Avaya Integrated
Management suite to lower the total cost of ownership, and proactively manage their VoIP
network comfortably and confidently.
●
Data Network Implementation Engineering
The Data Network Implementation Engineering (formerly RNIS) team implements and upgrades
or upgrades, existing or new data networks. This team analyzes the network design
requirements and performance expectations of the customer. The team then creates the
hardware and software installation specification used to implement data devices that include
Cajun, VPN, Wireless LAN, Secure Gateways, Extreme, Juniper, and multivendor data
equipment.
10 Avaya Integrated Management Database Configuration
Avaya contact information
The APS Data Group provides support on a contract basis. Contact your local Avaya Account
Team or Business Partner to purchase any implementation offer from the team. For more
information, see Table 1: Customer-Accessible Resources on page 12, or contact Jon Machak
at 248-213-3788 or mjk@avaya.com.
Customized Management Solutions for Avaya Integrated
Management
The Integrated Management Product Team understands customers’ needs and is focused on
customer satisfaction. See Table 1: Customer-Accessible Resources on page 11 for contact
information. The Product Team will assist customers with Avaya Integrated Management
projects and will provide:
●
Project Management — An Integrated Management project person will work with the
customer to access configuration and customization requirements for any or all
applications within each Avaya Integrated Management offer. If custom work is required,
the evaluation will include a proposed statement of work and price. Note that this offer is
not intended to provide installation for customers that choose to implement Integrated
Management applications using Avaya Services or third-party implementation services.
●
Training — Basic training can be performed remotely using an interactive medium to
display the applications and a conference bridge for audio. On-site training can be
customized to meet the customer’s needs. Customized training will focus on application
functionality that is relevant to the customer and provide focused knowledge transfer to
facilitate application specific training.
Avaya contact information
Table 1 provides contact information that you may use if you need assistance during the
process of installing and setting up Avaya Integrated Management.
Table 1: Customer-Accessible Resources
Resource
Contact Information
Avaya Support Center
http://www.avaya.com/support
Avaya Global
Technical Services
+1 800 242-2121 x15921
Avaya Professional
Services (APS)
+1 800 730-9108, prompt 3
November 2009 11
Resources and Notices
Table 1: Customer-Accessible Resources
Resource
Contact Information
Integrated
Management Product
Team
Send e-mail to: mjk@avaya.com
Toll Fraud Intervention
+1 800 643-2353, prompt 1
Third party resources
Table 2 lists contact information for third party vendors.
Table 2: Vendor web sites
Vendor
Web Sites
Microsoft
Main site: http://www.microsoft.com
Red Hat Linux
Main site: http://www.redhat.com
System security notices
Customers are solely responsible for the security of their system, network, and access to
hardware and software. The sections below define the precautions that all customers should
take to maintain the security of their systems.
Network security
IMD uses the standard security features on the supported Red Hat Linux operating system.
Avaya strongly recommends that customers use passwords to prohibit access to their systems
and to routinely change those passwords to maintain security.
!
SECURITY ALERT:
SECURITY ALERT:
Customers should always change passwords immediately after external vendors
have completed installation, maintenance, troubleshooting, or other tasks on their
system.
12 Avaya Integrated Management Database Configuration
System security notices
Toll fraud security
Although IMD is generally not at risk for toll fraud, customers are solely responsible for the
security of their entire telecommunications system.
Toll Fraud is the unauthorized use of a company’s telecommunications system by unauthorized
parties. Unauthorized parties are persons other than the company’s employees, agents,
subcontractors, or persons working on behalf of the company. Toll fraud can result in substantial
additional charges for the company’s telecommunications services.
The company’s system manager is responsible for the security of the company’s system, which
includes programming and configuring the equipment to prevent unauthorized use.
Avaya disclaimer
Avaya does not warrant that this product is immune from or will prevent unauthorized use of
common-carrier telecommunications services or facilities accessed through or connected to it.
Avaya will not be responsible for any charges that result from such unauthorized use.
Toll fraud intervention
If customers suspect that they are a victims of toll fraud and need technical assistance, they
should refer to the phone number listed in Customer-Accessible Resources on page 11.
November 2009 13
Resources and Notices
14 Avaya Integrated Management Database Configuration
Chapter 2: Overview
Avaya Integrated Management Database (IMD) is a common data store for device data, such
as configurations of voice systems, SIP servers, messaging systems, system adjuncts, and
managed applications, that Avaya Integrated Management applications share. The following
Avaya Integrated Management applications use the information stored in Integrated
Management Database:
●
Avaya MultiSite Administration (MSA)
●
Avaya Fault and Performance Manager (FPM)
What is new in this release
Release 5.2 Service Pack 3
This release supports Avaya Aura™ Communication Manager running on the Next Gen S8800
server platform in simplex and duplex modes.
●
Support for the new platform Next Gen S85xx server
●
Support for the new platform Next Gen S87xx server
Release 5.2
Avaya Integrated Management Database Release 5.2 introduces the following enhancements:
●
Provision to block users from modifying the user password from MultiSite Administrator/
Fault and Performance Manager.
●
Support for the following platforms that run Communication Manager 5.2:
- S8300B, S8300C and S8300D
- S8500B and S8500C
- S8510
- S8710, S8720, S8720XL and S8730
- S8400 and S8400B
●
Support for the Integrated Management Database Web client so that it runs on the Mozilla
Firefox Web browser version 3.0.
November 2009
15
Overview
●
Support for the RADIUS authentication of the GUI access of the application
Integrated Management Database software provides a new page, titled RADIUS Server, to
configure the RADIUS server or servers to be used for authentication.
●
Support for the following additional user authentication configurations:
- RADIUS accounts that use Local permissions stored in Integrated Management
Database
- RADIUS accounts that use the open LDAP store
- RADIUS accounts that use the Microsoft Active Directory store
●
Provision of a Test RADIUS Servers button that tests the RADIUS server information from
Integrated Management Database
This button helps test the connection to the RADIUS server.
●
Provision of a Copy button next to each user on the Users list that helps create a new
Integrated Management Database user by copying or duplicating the settings of an
existing user
●
Provision of a Copy button on the LDAP Groups page that helps create a new LDAP
Group by copying or duplicating the settings of an existing LDAP Group
●
Provision of a new Integrated Management Database Roles page in the Integrated
Management Database application for the addition, deletion and editing of Integrated
Management Database roles for users and LDAP groups
●
Provision of the capability PositionCarriers on the Fault and Performance Manager roles
definition
●
Addition of an Exporting Data capability besides the Importing Data capability
IM allows users to export both Elements and Users data in the .csv format.
●
Support for a new Secure Enhanced Alarm Receiver (SEAR) element
●
Addition of an e-mail notification to the administrator to unlock Integrated Management
Database login if the application locks the login of a user
User login is disabled when the login attempts of a user exceed the number of
Authentication Fails set.
●
Support for the installation of Integrated Management Database in a customer specified
directory
●
Provision for the random generation of passwords for the Performance and Administration
administrator users
16 Avaya Integrated Management Database Configuration
PC Requirements
PC Requirements
To access Avaya Integrated Management Database, your PC should meet the following
requirements:
Parameter
Requirement
Operating system
Microsoft Windows XP Professional with Service Pack 2,
Microsoft Windows 2000 Professional with Service Pack 4,
Microsoft Windows 2000 Server with Service Pack 4,
Microsoft Windows 2003 Standard Edition Server with Service Pack 2,
Microsoft Windows 2003 Enterprise Edition Server with Service Pack 2,
Microsoft Windows Vista Business (32-bit and 64-bit editions), or
Microsoft Windows Vista Enterprise (32-bit and 64-bit editions)
Other software
Internet Explorer 6.0 with Service Pack 1 or
Internet Explorer 7.0 and
Mozilla Firefox 3.0
Processor
1.5 GHz
RAM
512 MB
Available
Disk Space
Minimum: 100 MB on the drive that contains the Windows System folder
(normally but not always the C: drive)
Maximum: Up to 1GB (if this computer is running all Integrated
Management client applications)
CD-ROM
Optional
Network
Connectivity
TCP/IP
IP Addresses
Static or dynamic (DNS preferred)
Display
SVGA
November 2009
17
Overview
Configuration checklist
If you upgraded an existing system that runs Avaya Integrated Management Release 5.0, you
can log into Integrated Management Database and administer the system.To configure the
RADIUS server, see Procedure 7: Configuring a RADIUS server on page 31.To configure
Authentication, Authorization and Accounting in Integrated Management Database, see
Procedure 8: Configuring Authentication, Authorization and Accounting on page 34.
If you performed a new installation of the Avaya Integrated Management Release 5.2 software,
you must configure Integrated Management Database. To configure Integrated Management
Database, see Configuring a new installation on page 23.
18 Avaya Integrated Management Database Configuration
Chapter 3: Setting up Integrated Management
Database
In Avaya Integrated Management (IM), the device data, such as configurations of voice
systems, messaging systems, system adjuncts, managed applications, and user accounts are
stored in the Integrated Management Database. The Integrated Management applications,
Avaya MultiSite Administration and Avaya Fault and Performance Manager, share this data.
The Avaya Integrated Management applications retrieve this data and verify user accounts from
Integrated Management Database.
You must configure Integrated Management Database to use the Integrated Management
applications.
If you upgraded an existing system that runs Avaya Integrated Management Release 5.0
software, you can log into Integrated Management Database and administer the system. To
configure the RADIUS server, see Procedure 7: Configuring a RADIUS server on page 31. To
configure Authentication, Authorization and Accounting in Integrated Management Database,
see Procedure 8: Configuring Authentication, Authorization and Accounting on page 34.
If you performed a new installation of the Avaya Integrated Management Release 5.2 software,
see Configuring a new installation on page 23 for the configuration procedure.
Configuring LDAP
Issue
Users who added the Active Directory Server as the LDAP server in Integrated Management
Database, and were placed under the SubDN of the BaseDN, could not log in to MultiSite
Administrator.
Resolution
IM 5.2 addresses this issue by changing the LDAP implementation for Integrated Management
Database and MultiSite Administrator. Changes were made to the field for the LDAP User in
Integrated Management Database. An increase in the length of the field now makes it possible
for the user to enter the complete administrator DN in the field.
November 2009
19
Setting up Integrated Management Database
Note:
If a user is placed under a BaseDN different from the BaseDN in Integrated
Management Database, then the LDAP administrator DN must be configured in
Integrated Management Database.
Note:
If a user, who has configured the LDAP server in Integrated Management Database, enters just
the user name in the LDAP Administrator settings, the system displays a pop-up warning. The
warning asks the user to enter the complete UserDN, if the user is placed under a different
BaseDN.
Installing Integrated Management Database in a customer
specified directory
IM Release 5.2 supports the installation of Integrated Management Database in a customer
specified directory. The default directory continues to be /opt/avaya, but the Performance and
Administration installer makes provision for users to specify an alternate directory to install
Integrated Management Database on the Linux server.
Note:
The equivalent for /opt in Release 5.2 is <install location>.
Note:
Generating a random password for the Performance and
Administration administrator user
Earlier versions of IM had a predefined password for the administrator password. This
predefined password compromised password security. IM 5.2 enhances password security with
a mechanism that replaces the predefined password for the administrator user in the
Performance and Administration 5.2 installer.
The new mechanism provides the user the options to:
Note:
●
specify a password
●
leave the password field blank so that the system can generate a randon password
Note:
Support for this feature is available only for fresh IM 5.2 installations and the
system displays a message to this effect on the installer screen. The system also
displays the message during an installation in the console mode. Support for this
feature does not extend to upgrades.
20 Avaya Integrated Management Database Configuration
Generating a random password for the Performance and Administration administrator user
During the Performance and Administration installation, the system displays a prompt for the
administrator user.
You can enter the password for the admin. user or let the system generate the password
manually for you.
At the prompt, the administrator user can specify a password or leave the field blank. The
password that the user specifies must be alphanumeric, at least eight characters long, without
special characters, and without spaces. If the administrator user enters a password that is less
than eight characters long or contains spaces, the system displays the following error message:
You have entered an invalid password.
If the user leaves the Password field blank, the system generates a random password and
displays it to the user. This is done only when the installation is complete. The system does not
display it immediately. The user can neither copy nor edit the password. The same password is
also available in the file <Sys Mgmt Installation Directory>/avaya/VisAbility/html/
im_env.props as an AIM_ADMIN variable.
The user logs in to Integrated Management Database the first time with this password.
Thereafter, the user can reset the password.
Note:
Note:
IThe equivalent for the directory /opt in release 5.2 is < install location >.
Using the randomly generated password
To use the randomly generated password:
1. Complete a fresh IM 5.2. installation.
During the installation, the system displays a prompt for a password for the administrator
user. If the user fails to enter a password, the application retrieves the random password
from the im_env.props file as the variable AIM_ADMIN.
2. Use this password to log into Integrated Management Database.
Integrated Management Database accepts this password and the system displays the
change password message.
Note:
Note:
If the user enters a password, it must be alphanumeric, have atleast eight
characters, and without spaces or special characters. If the user enters a
password, the user can access Integrated Management Database with it.
November 2009
21
Setting up Integrated Management Database
Switching to the old Java plug-in
IM ensures that fresh or upgrade installations of Performance and Administration 5.2.13 on
RHEL 5, 32 or 64 bits, display the JRE version as 1.6.0_11. JDK 1.6.0_05 has been replaced
with JRE 1.6.0_11.
Performance and Administration enables the new Java Plug-in by default. However, if the user
encounters problems when running the applets with the new Java Plug-in, the user can switch
to the old Java plug-in.
To switch to the old Java plug-in:
1. Click Start.
2. Click Control Panel.
3. Double-click Java Control Panel.
4. Click the Advanced tab on Java Control Panel.
5. Scroll to the Java Plug-in entry.
6. Clear the Enable next-generation Java Plug-in check box.
7. Click OK and restart the browser.
22 Avaya Integrated Management Database Configuration
Configuring a new installation
Configuring a new installation
If you performed a new installation of the Avaya Integrated Management Release 5.2 software,
you must configure Integrated Management Database. To configure Integrated Management
Database, perform the following procedures:
1. Log into Integrated Management Database. For the procedure, see Procedure 1: Logging
into the Integrated Management Database on page 24.
2. Add locations to Integrated Management Database. For the procedure, see Procedure 2:
Adding locations on page 25.
3. Configure the e-mail notification. For the configuration procedure, see Procedure 3:
Configuring e-mail notification on page 26.
4. Configure the security defaults for Integrated Management Database. For the configuration
procedure, see Procedure 4: Configuring the security defaults for Integrated Management
Database on page 27.
5. Configure the SNMP settings. For the configuration procedure, see Procedure 5:
Configuring the SNMP settings on page 28.
6. Configure the LDAP server connection. For the configuration procedure, see Procedure 6:
Configuring the LDAP server connection on page 29.
7. Configure the RADIUS server. For the configuration procedure, see Procedure 7:
Configuring a RADIUS server on page 31.
8. Configure AAA. For the procedure, see Procedure 8: Configuring Authentication,
Authorization and Accounting on page 34.
9. Add a Secure Services Gateway (SSG) as an element to Integrated Management
Database. For the procedure, see Procedure 9: Adding a Secure Services Gateway as an
element on page 36.
10. Add Network Management System elements to Integrated Management Database. For the
procedure, see Procedure 10: Adding a Network Management System element on page 37.
11. Add elements to Integrated Management Database. For the procedure, see Procedure 11:
Adding elements on page 38.
12. Create Fault and Performance Manager Roles. For the procedure, see Procedure 12:
Creating an Fault and Performance Manager role on page 43.
13. Add users to Integrated Management Database. For the procedure, see Procedure 13:
Adding a user on page 46.
14. Add LDAP groups to Integrated Management Database. For the procedure, see Procedure
14: Adding an LDAP group on page 52.
November 2009
23
Setting up Integrated Management Database
Procedure 1: Logging into the Integrated Management Database
To log into Integrated Management Database:
1. Using Microsoft Internet Explorer 6.0 or a later version of it, proceed to the IP address,
FQDN or hostname of the Linux server to view the Avaya Integrated Management Launch
Products page.
2. The system displays the Before You Begin page.
3. Click Continue.
The system displays the Logon page. The first time you log into Integrated Management
Database, you must change the default password.
4. Click Change Password.
The system displays the Change Password page.
5. In the User ID box, enter admin.
6. In the Current Password field, enter admin123.
7. In the New Password field, enter your new password.
8. In the Re-Type New Password field, re-enter your new password.
9. Click Change Password.
The system displays the message: Status: Password successfully changed.
10. Click Go to IMD Login.
The system displays the Logon page.
11. In the User ID field, enter admin.
12. In the Password field, enter your new password, and click Logon.
The system displays the Integrated Management Database Administrator page.
For the procedure to add locations, see Procedure 2: Adding locations on page 25.
Notifying the administrator when the user login fails
Integrated Management Database users that have their logins disabled, after more
Authentication Fails than the number permitted, may notify their administrators to have their
logins unlocked.
To notify the administrator in the event of a login lock:
If the number of attempted logins exceeds the number set as # Authentication Fails on Users,
the system displays a box with the following message: Login has been disabled. Contact
your administrator.
24 Avaya Integrated Management Database Configuration
Configuring a new installation
●
Click Notify to Admin.
The system displays the Notify to Administrator page.
The page holds the following pertinent information:
●
the e-mail ID of the administrator
●
the address of the server to which the user attempted login
●
the status of the authentication attempt
●
details as to whether it was successful
●
the status of the e-mail transmission from the server such as details as to whether it was
successful.
Your administrator receives the following e-mail: I am a user of IMD and my name is.... My IMD login
has been locked. Please unlock it.
Procedure 2: Adding locations
You should add at least one location to Integrated Management Database. To add a location:
1. Click Locations on the navigation pane.
The system displays the Locations page.
2. Click New location.
The system displays the Add Location page.
3. Enter the information for the new location.
Note:
Note:
It is important to enter the following information for a location:
- Contact
- Telephone number of the contact
- E-mail address of the contact
4. When finished, click Add.
5. Repeat Steps 2 through 4 for each location.
When finished, see Procedure 3: Configuring e-mail notification on page 26 for information on
configuring e-mail notification.
November 2009
25
Setting up Integrated Management Database
Procedure 3: Configuring e-mail notification
You must configure the SMTP server so that MultiSite Administrator and Fault and Performance
Manager can send e-mail notifications. To configure the e-mail server information:
1. Click Email Server on the navigation pane.
The system displays the Change SMTP Email Server Configuration page.
2. In the Primary SMTP Server area, enter the IP address or fully-qualified domain name
(FQDN) of the primary SMTP server
3. In the SMTP Service TCP Port field, enter the TCP port number of the server. The TCP
port number for SMTP is usually 25.
4. In the SMTP Server Login field, enter the login ID for the SMTP server. The login ID is
optional.
5. In the SMTP Server Password field, enter the password for the SMTP server. The
password is optional.
6. In the Re-Type SMTP Server Password field, re-enter the password for the SMTP server.
7. In the Avaya IM Email From field, enter the e-mail account that you want the system to
display in the From field in the e-mail messages sent from MultiSite Administrator and Fault
and Performance Manager.
8. In the Secondary SMTP Server area, enter the IP address or FQDN of the secondary
server in the SMTP Server IP Address box. The secondary SMTP server is used for
redundancy and backup purposes.
9. In the SMTP Service TCP Port field, enter the TCP port number of the server.
10. In the SMTP Server Login field, enter the login ID for the SMTP server.
11. In the SMTP Server Password field, enter the password for the SMTP server.
12. In the Re-Type SMTP Server Password field, re-enter the password for the SMTP server.
13. In the Avaya IM Email From field, enter the e-mail account that you want the system to
display in the From field in the e-mail messages sent from MultiSite Administrator and Fault
and Performance Manager.
14. When finished, click Save.
15. If you want to send an e-mail message to verify that the SMTP email server is configured
properly within Integrated Management Database, enter your e-mail address in the text box
next to the Send Test Email button, and then click Send Test Email to.
The system displays the IMD Email Server Test page and shows the progress and status of
the SMTP sessions even while it sends the test e-mail to the specified e-mail address.
16. Click Close Window.
26 Avaya Integrated Management Database Configuration
Configuring a new installation
When finished, configure the security defaults. For the procedure, see Procedure 4: Configuring
the security defaults for Integrated Management Database on page 27.
Procedure 4: Configuring the security defaults for Integrated
Management Database
Use this procedure to change the defaults for the following security settings:
●
The frequency at which users can change their passwords
●
The minimum length of passwords
●
The frequency at which passwords expire
●
The number of failed login attempts before the user is locked out of the system
●
Provision to block users from modifying their Integrated Management Database account
settings
●
Provision to block users from changing the user password from MultiSite Administrator/
Fault and Performance Manager
●
Provision to block multiple instances of the same user logging into Integrated Management
Database
●
The time limit for a session
To configure the defaults for the security settings:
1. Click Security on the navigation pane.
The system displays the Change Security Defaults page.
2. From the Allowed Password Change Frequency box, enter the frequency at which users
can change their passwords. The options available are Daily, None, Hourly, Weekly, and
Monthly.
3. In the Password Minimum Length field, enter the minimum length required for passwords.
If you want to disable the minimum required length for passwords, enter 0.
Note:
Note:
For security reasons, you should enable the minimum length of password
feature.
4. In the Password Aging Interval field, enter the number of days after which passwords will
expire. If you do not want passwords to expire, enter 0.
Note:
Note:
For security reasons, you should enable the password aging feature.
5. In the Invalid Password Attempts field, enter the number of failed login attempts after
which the user is locked out of the system. If you do not want users to ever get locked out of
the system due to invalid login attempts, enter 0.
November 2009
27
Setting up Integrated Management Database
Note:
Note:
For security reasons, you should enable the invalid password attempts feature.
6. If you want to prevent users from modifying their Integrated Management Database account
settings, select the Block User Self Modification check box.
7. If you want to block multiple instances of the same user logging into Integrated
Management Database, select the Block Concurrent Users check box.
Note:
Note:
The check box for Delete was disabled in Integrated Management Database 5.0
to prevent the deletion of users who accessed Integrated Management Database
under the Concurrent Users provision. Integrated Management Database 5.2 has
revoked this disablement and allows the IMDSuperUser to delete users.
8. If you want to prevent users from modifying the user password from MultiSite Administrator/
Fault and Performance Manager, select Disable Change Password.
9. If you want to specify the time limit for a session, enter the appropriate setting in the
Session Limit box. If the Block Concurrent Users check box is selected, and the session
limit has expired, the other user will be able to log into Integrated Management Database.
Note:
Note:
If the Block Concurrent Users check box is selected, and a user clicks Close
on the browser window, the session is kept open until the session limit expires. If
the user tries to log in again, then the system displays a User already logged in
message. A user who wants to leave a session has to log out from Integrated
Management Database.
10. When finished, click Save.
When finished, configure the SNMP settings. For the configuration procedure, see Procedure 5:
Configuring the SNMP settings on page 28.
Procedure 5: Configuring the SNMP settings
You can define a global default SNMP configuration for Fault and Performance Manager. Fault
and Performance Manager uses this default configuration to access media gateways and other
devices that do not have an SNMP community string directly defined.
To configure the SNMP settings:
1. Click SNMP on the navigation pane.
The system displays the Change SNMP Configuration page.
2. If you want to enable SNMPv1, select the SNMPv1 Enabled check box.
3. If you want to enable SNMPv2, select the SNMPv2 Enabled check box.
28 Avaya Integrated Management Database Configuration
Configuring a new installation
4. In the SNMP Read Community field, enter the SNMP get community string. This is used to
validate SNMP set requests.
5. In the SNMP Write Community field, enter the SNMP set community string. This is used to
validate SNMP set requests.
6. When finished, click Save.
When finished, configure the LDAP server connection. For the configuration procedure, see
Procedure 6: Configuring the LDAP server connection on page 29.
Procedure 6: Configuring the LDAP server connection
Use this procedure to configure the LDAP server connection and authentication information that
MultiSite Administrator and Fault and Performance Manager will use for authentication.
If you use Microsoft Active Directory, the default group number attribute is called
primaryGroupID. If you use OpenLDAP or LDAPS, the default group number attribute is called
gidNumber. Make sure you enter this primaryGroupID/gidNumber for the Integrated
Management Database groups.
To configure the LDAP server connection and authentication information:
1. Click LDAP Server on the navigation pane.
The system displays the Change LDAP Server Configuration page.
2. In the Primary LDAP Server area, in the LDAP Server IP Address/FQDN box, enter the
IP address or fully qualified domain name (FQDN) of the primary LDAP server.
3. In the LDAP Service TCP Port field, enter the TCP port number of the LDAP server. The
TCP port number for LDAP is usually 389. When SSL is selected, the port is usually 636.
4. Select the LDAP Server SSL Enabled check box if SSL is enabled on the LDAP server.
5. Select the LDAP Server MD5 Enabled check box if MD5 is enabled on the LDAP server.
6. In the LDAP Server BaseDN field, enter the baseDN for the LDAP server.
7. In the LDAP User field, enter the login ID for the LDAP server.
8. In the LDAP Password field, enter the password for the LDAP server. The password is
optional.
9. In the Secondary LDAP Server area, in the LDAP Server IP Address/FQDN box, enter
the IP address or fully qualified domain name (FQDN) of the secondary LDAP server.
10. In the LDAP Service TCP Port field, enter the TCP port number of the LDAP server. The
TCP port number for LDAP is usually 389. When SSL is selected, the port is usually 636.
11. Select the LDAP Server SSL Enabled check box if SSL is enabled on the LDAP server.
12. Select the LDAP Server MD5 Enabled check box if MD5 is enabled on the LDAP server.
13. In the LDAP Server BaseDN box, enter the baseDN for the LDAP server.
November 2009
29
Setting up Integrated Management Database
14. In the LDAP User field, enter the login ID for the LDAP server.
15. In the LDAP Password field, enter the password for the LDAP server. The password is
optional.
16. In the Retry Configuration area, enter the number of times you want to retry the
connection to the LDAP server or servers. A retry occurs when Integrated Management
Database receives LDAP read errors during authentication sessions.
17. In the Seconds between Retries field, enter the interval, in seconds, between each retry.
18. Select Active Directory if you want to use LDAP Active Directory for the Primary LDAP
Server or the Secondary LDAP Server.
19. When finished, click Save.
20. If you want to verify that the connection to the LDAP server or servers is configured properly
within Integrated Management Database, click Test LDAP Servers.
The system displays the IMD LDAP Server Test window and displays the progress and
status of the connection to the LDAP server or servers.
Note:
Note:
The system displays the Test LDAP button only after you save the settings.
21. Click Close Window.
22. Click OK.
RADIUS authentication
In IM 5.2, MultiSite Administrator, Fault and Performance Manager and Integrated Management
Database support authentication of users through RADIUS. These applications connect to the
RADIUS server to authenticate a user. Integrated Management Database is the logical place to
have the authentication configured as the IP address and other parameters of this server is
shared information. Authentication with the RADIUS server is done with the use of a shared
secret: the authentication process uses a challenge and response routine to establish the
authenticity of a user.
The addition of extra logs for RADIUS and LDAP users in Integrated Management Database
ensures that logs are reported correctly in Integrated Management Database. The extra logs
also ascertain the exact causes for RADIUS or LDAP authentication failures.
Integrated Management Database provides a RADIUS Server page to configure the RADIUS
server or servers to be used for authentication.
30 Avaya Integrated Management Database Configuration
Configuring a new installation
Procedure 7: Configuring a RADIUS server
To access the Radius server page:
1. Enter your user ID and password and log into Integrated Management Database.
The system displays the IMD Database Administration page.
2. Click RADIUS Server on the navigation pane.
The system displays the Change Radius Server Configuration page.
To configure the Primary RADIUS server.
3. In the RADIUS Server IP Address/FQDN field, enter the values for the RADIUS Server IP
Address or FQDN.The default value is blank.
4. In the RADIUS Service TCP Port field, enter the value for the RADIUS Service TCP
Port.The default value is 1812.
5. In the RADIUS Server Shared Secret field, enter the RADIUS server shared secret.The
default value is blank.
6. In the RADIUS User field, enter the name of the RADIUS user.The default value is blank.
7. In the RADIUS Password field, enter a RADIUS password.The default value is blank.
To configure the Secondary RADIUS Server.
8. In the RADIUS Server IP Address/FQDN field, enter the values for RADIUS Server IP
Address or FQDN.The default value is blank.
9. In the RADIUS Service TCP Port field, enter the value for the RADIUS Service TCP
Port.The default value is1812.
10. In the RADIUS Server Shared Secret field, enter the RADIUS server shared secret.The
default value is blank.
11. In the RADIUS User field, enter the name of the RADIUS user.The default value is blank.
12. In the RADIUS Password field, enter a RADIUS password.The default value is blank.
To configure retries.
13. In the Number of Retries field, enter a value.The default value is 5.
14. In the Seconds between retries field, enter a value.The default value is 5.
15. Click Save.
The RADIUS server configurations are saved.
Applications use the Timeout and Retry values when dealing with RADIUS connection issues
during authentication sessions. The Timeout field controls the number of seconds the module
pauses in its processing before it processes the information that the server has failed to
respond. A user can make five attempts before the application stops further attempts.
November 2009
31
Setting up Integrated Management Database
Note:
Configure RADIUS as the primary authentication option on the Change AAA
Configuration page in Integrated Management Database for the proper
functioning of RADIUS.
Note:
Testing connectivity information for a RADIUS server
IM 5.2 provides a Test RADIUS Servers button to test the connectivity of the RADIUS servers.
This button tests the RADIUS server information from Integrated Management Database.
To test the connectivity information configured for the RADIUS servers:
1. Click RADIUS Server on the navigation pane.
The system displays the Change RADIUS Server Configuration page.
2. Enter values for the Primary RADIUS, the Secondary RADIUS Server, or both.
3. Click Save.
The system displays the RADIUS Configuration page.
4. Click Test RADIUS Servers.
The system displays the IMD RADIUS Server Test page with the results of the RADIUS
server connectivity test.
Note:
The system displays the Test RADIUS Servers button only after you save the
settings.
Note:
Authentication, Authorization and Accounting
The Integrated Management Database process of Authentication, Authorization and Accounting
(AAA) for users who try accessing the IM applications needs user accounts and assigned roles.
The system administrator creates user accounts in the RADIUS authentication system. For
authorization, a user needs to have a role assigned, using a Group ID, directly within Integrated
Management Database or on an LDAP server.
Methods used for authentication and authorization
Integrated Management Database authenticates and authorizes users in two ways: through
login group numbers or through matches for local Integrated Management Database
permissions.
●
Using login group numbers
32 Avaya Integrated Management Database Configuration
Configuring a new installation
Integrated Management Database follows the steps in this section to authenticate and authorize
users with the login group numbers.
1. A user with a user account and assigned role accesses Integrated Management Database,
MultiSite Administrator or Fault and Performance Manager.
2. The application queries RADIUS for the authentication of the user. The application uses a
user name and a password for the authentication.
3. The application queries the LDAP server for the profile number and login group number of
the user, if the configuration for the authorization mechanism is LDAP.
Applications use the profile number to select a user profile within Integrated Management
Database or MultiSite Administrator. Integrated Management Database holds the Fault and
Performance Manager profile.The user profile controls the access to be provided to the user: If
no group number matches the value obtained from the LDAP server, then the application denies
access to the user.
●
Using matches for local Integrated Management Database permissions
Integrated Management Database follows the steps in this section to authenticate and authorize
users with matches for local Integrated Management Database permissions.
1. A user accesses Integrated Management Database, MultiSite Administrator or Fault and
Performance Manager.
2. The application queries RADIUS for the authentication of the user. The application uses a
user name and a password for the authentication.
3. The application checks the local Integrated Management Database permissions for a match
to the authenticated user name and uses that role for authorization, if LOCAL authorization
is configured.
If no user name matches the user name that the RADIUS server authenticated, then the
application denies access to the user.
Note:
The application logs all user access attempts through an external RADIUS
server, irrespective of success and failure.
Note:
Salient features:
●
Integrated Management Database holds the IP address and credentials for access to the
RADIUS server.
●
For local authorization, Integrated Management Database holds the user profile definitions
for itself and Fault and Performance Manager .
●
MultiSite Administrator holds the user profile information or permissions it needs.
●
For LDAP authentication, the user is assigned a group number instead of a user ID.
●
Integrated Management Database, Fault and Performance Manager and MultiSite
Administrator provide authorizations based on group number permissions.
November 2009
33
Setting up Integrated Management Database
Procedure 8: Configuring Authentication, Authorization and
Accounting
Integrated Management Database initially authenticates a user through the Primary
Authentication method configured on the Change AAA Configuration screen. If the Primary
Authentication method configured is either LDAP or RADIUS, and the Primary Authentication
method fails to authenticate the user, Integrated Management Database attempts to
authenticate the user through its own store of users. You can configure AAA the following way.
To configure AAA:
1. Click AAA Configuration on the navigation pane.
The system displays the Change AAA Configuration page. You can use this page to specify
the primary authentication and authorization mechanisms that Integrated Management
Database, MultiSite Administrator and Fault and Performance Manager will use.
2. Select the primary authentication method.
You can select the primary authentication method from the following options:
●
RADIUS
●
LDAP
●
LOCAL
3. Select the primary authorization method.
You can select the primary authorization method from the following options:
●
LDAP
●
LOCAL
4. Click Save.
Note:
The default method for both authentication and authorization is LOCAL.
Note:
The hierarchy of Integrated Management Database AAA configurations is as follows:
●
RADIUS + LDAP
●
RADIUS + LOCAL
●
LDAP + LDAP
●
Local + LOCAL
In the case of LDAP authentication, the only authorization option possible is LDAP.
In the case of LOCAL authentication, the only authorization option possible is LOCAL.
34 Avaya Integrated Management Database Configuration
Configuring a new installation
Note:
If the Primary Authentication Method is LDAP, and the Primary Authorization
Method is LDAP, this section represents the combination as LDAP + LDAP.
Note:
Sequence of AAA configuration methods
The selection made in the Change AAA Configuration page decides the sequence of AAA
configuration methods that will follow. Presented below are different scenarios that use different
combinations as the primary or first method for authentication, authorization and accounting.
RADIUS + LDAP as the primary AAA configuration
1. Select RADIUS + LDAP as AAA configuration on the Change AAA Configuration page.
2. If this mode fails, Integrated Management Database selects the LDAP + LDAP mode.
3. If this mode too fails, Integrated Management Database selects the LOCAL + LOCAL
mode.
RADIUS + Local as the primary AAA configuration
The sequence of AAA configuration methods changes if the primary configuration is RADIUS +
LOCAL.
1. Select RADIUS + LOCAL as the AAA configuration on the Change AAA Configuration page.
2. If this mode fails, Integrated Management Database selects the LOCAL + LOCAL mode.
LDAP + LDAP as the primary AAA configuration
The sequence of AAA configuration methods changes if the primary configuration is LDAP +
LDAP.
1. Select LDAP + LDAP as the AAA configuration on the Change AAA Configuration page.
2. If this mode fails, Integrated Management Database selects the LOCAL + LOCAL mode.
LOCAL + LOCAL as the AAA configuration
Local authentication is always available: it is the last method attempted irrespective of the
methods selected before it.
Delay in the appearance of the MultiSite Administrator user manager
Delays occur in the appearance of the MultiSite Administrator user manager in the following
case:
●
If the LDAP server details, such as IP address or FQDN, are incorrect
- To resolve the problem, set AAA details to LOCAL or remove the LDAP server IP
address from Integrated Management Database.
November 2009
35
Setting up Integrated Management Database
Procedure 9: Adding a Secure Services Gateway as an element
Use this procedure if you are likely to use a Secure Services Gateway (SSG) to process adjunct
or messaging alarms through Fault and Performance Manager.
To add an SSG as an element:
1. Click Elements on the navigation pane.
The system displays the Elements page.
2. Click New Element.
The system displays the Add Element page.
3. In the Element Name field, enter the host name of the SSG server.
4. From the Element Type field, select Other.
5. In the Sold To Number field, enter the location.
6. In the Product Id field, enter the product ID for the SSG server.
Note:
Note:
Fault and Performance Manager requires the product ID.
7. In the Note box, enter any notes you want for the SSG server. This box is a note pad in
which you can enter up to 255 characters.
8. From the Location field, select the location for the SSG.
9. From the Platform Type field, select Secure Services Gateway.
10. Select the Active check box if you want the SSG element to be activated when you are
finished adding it. This check box is enabled by default.
11. If you want to use Fault and Performance Manager with this system:
a. From the FPM box, select the Fault and Performance Manager system you want to use.
b. In the IP Address/FQDN field, enter the IP address or FQDN of the system.
c. Select the Use SSH check box.
d. In the SSH Key field, enter the RSA SSH key.
Note:
Note:
If you do not enter the RSA SSH key, the key will not be validated, but SSH will
be used for encryption only.
e. In the Telnet/SSH Port field, enter 22.
f. In the Management URL field, enter the URL of the element’s management application:
https://ssg-hostname/ssg.
36 Avaya Integrated Management Database Configuration
Configuring a new installation
12. In the Allowed Users box, select the users who will have access to this element.
To select multiple users, press and hold the Ctrl key, and then click on the appropriate
users.
13. In the Allowed Groups box, select the LDAP groups that will have access to this element.
To select multiple groups, press and hold the Ctrl key, and then click on the appropriate
group.
14. When finished, click Add.
The SSG server is added as a managed element.
Repeat Steps 2 through 14 to add another system.
When finished, add a Network Management System element. For steps to add a Network
Management System element, see Procedure 10: Adding a Network Management System
element on page 37.
Procedure 10: Adding a Network Management System element
Use this procedure if you want to add a Network Management System element.
To add a Network Management System element:
1. Click Elements on the navigation pane.
The system displays the Elements page.
2. Click New Element.
The system displays the Add Element page.
3. In the Element Name field, enter the name of the element.
4. From the Element Type field, select Integrated Mgmt.
5. In the Sold To Number field, enter the location.
6. In the Note box, enter any notes you want for the system. This box is a note pad in which
you can enter up to 255 characters.
7. From the Location box, select the location for the system.
8. From the Platform Type box, select NMS.
9. Select the Active check box if you want the new element to be activated when you are
finished adding it. This check box is enabled by default.
10. From the NMS box, select the Network Management System you want to use.
11. From the FPM Applications box, select the appropriate Fault and Performance Manager
system.
12. When finished, click Add.
November 2009
37
Setting up Integrated Management Database
13. Repeat Steps 2 through 13 to add another Network Management System configuration.
When you are finished adding Network Management System elements, proceed to add
elements. For steps to add an element, see Procedure 11: Adding elements on page 38.
Procedure 11: Adding elements
You can add the following elements:
Note:
●
Voice systems
●
Messaging systems
●
IVR systems
●
Call management systems
●
SIP servers
●
Avaya Voice Over IP Monitoring Manager servers
●
Adjuncts SSG and SEAR
Note:
Integrated Management Database 5.2 no longer provides the SSG tab, which
was earlier available along with the FPM and MSA tabs, on the Add Element and
Edit Element pages when a user clicked New Element or Edit on the Elements
page of Integrated Management Database.
Adding a voice system
To add a voice system:
1. Click Elements on the navigation pane.
The system displays the Elements page.
2. Click New Element.
The system displays the Add Element page.
3. In the Element Name field, enter the name of the element.
4. From the Element Type field, select Voice System.
5. In the Sold To Number field, enter the location.
6. In the Product Id field, enter the product ID for the voice system.
7. In the Note box, enter any notes you want for the voice system. This box is a note pad in
which you can enter up to 255 characters.
8. From the Location box, select the location for the voice system.
9. From the Platform Type box, select the type of voice system.
38 Avaya Integrated Management Database Configuration
Configuring a new installation
10. Select the Active check box if you want the new voice system element to be activated when
you are finished adding it. This check box is enabled by default.
11. If you want to use MultiSite Administrator with this voice system:
a. From the MSA box, select the MultiSite Administrator system you want to use.
b. In the Login field, enter the SAT login for the voice system.
c. In the Password field, enter the password for the SAT login.
d. In the Re-enter Password field, re-enter the password for the SAT login.
e. In the IP Address/FQDN field, enter the SAT IP address or FQDN.
f. If you have an Avaya S87xx voice system that is configured for high availability, enter the
alternate SAT IP address or FQDN in the Alternate IP Address/FQDN box.
g. If the system uses SSH authentication:
1. Select the Use SSH check box.
2. In the SSH Key field, enter the RSA SSH key. See the Communication Manager
documentation for information on how to determine the RSA SSH key. If you have an
Avaya S87xx voice system that is configured for high availability, enter the RSA SSH
key for the server you specified in the IP Address/FQDN box.
Note:
Note:
If you do not enter the RSA SSH key, the key will not be validated, but SSH will
be used for encryption only.
3. If you have an Avaya S87xx voice system that is configured for high availability, in the
Alternate SSH Key box, enter the RSA SSH key for the server you specified in the
Alternate IP Address box.
h. In the Telnet/SSH Port field, enter the SAT port number.
i. If the system uses ASG:
1. In the ASG Key field, enter the ASG key.
2. In the Re-enter ASG Key field, re-enter the ASG key.
j. In the Total Channels field, enter the total number of channels.
k. In the Dedicated Channels field, enter the number of dedicated channels.
Note:
Note:
The number of Dedicated Channels cannot exceed the number of Total
Channels.
12. If you want to use Fault and Performance Manager with this voice system:
a. From the FPM box, select the Fault and Performance Manager system you want to use.
b. In the Login field, enter the SAT login for the voice system.
c. In the Password field, enter the password for the SAT login.
November 2009
39
Setting up Integrated Management Database
d. In the Re-enter Password field, re-enter the password for the SAT login.
e. In the IP Address/FQDN field, enter the SAT IP address or FQDN.
f. If you have an Avaya S87xx voice system that is configured for high availability, enter the
alternate SAT IP address/FQDN in the Alternate IP Address box.
g. If the system uses SSH authentication:
1. Select the Use SSH check box.
2. In the SSH Key field, enter the RSA SSH key. See the Communication Manager
documentation for information on how to determine the RSA SSH key. If you have an
Avaya S87xx voice system that is configured for high availability, enter the RSA SSH
key for the server you specified in the IP Address/FQDN box.
Note:
Note:
If you do not enter the RSA SSH key, the key will not be validated, but SSH will
be used for encryption only.
3. If you have an Avaya S87xx voice system that is configured for high availability, in the
Alternate SSH Key box, enter the RSA SSH key for the server you specified in the
Alternate IP Address box.
h. In the Telnet/SSH Port field, enter the SAT port number.
i. If the system uses ASG:
1. In the ASG Key field, enter the ASG key.
2. In the Re-enter ASG Key field, re-enter the ASG key.
j. In the Management URL area, enter the URL of the voice system’s management
application.
13. In the Allowed Users box, select which Integrated Management Database users will have
access to this element.
To select multiple users, press and hold the Ctrl key, and then click on the appropriate
users.
14. In the Allowed Groups box, select which LDAP groups will have access to this element.
To select multiple groups, press and hold the Ctrl key, and then click on the appropriate
groups.
15. When finished, click Add.
16. Repeat Steps 2 through 15 to add another voice system.
When you are finished adding elements, proceed to creating an Fault and Performance
Manager role. For steps to create an Fault and Performance Manager role, see Procedure 12:
Creating an Fault and Performance Manager role on page 43.
40 Avaya Integrated Management Database Configuration
Configuring a new installation
Adding a messaging system or a similar application server
Use this procedure to add:
●
A Messaging system, for example, such as Intuity Audix LX
●
A Call Management System
●
A Conversant/Avaya IVR system
●
A Secure Services Gateway system
●
A SIP server, for example, Avaya SIP Enablement Services server
●
An Avaya Voice Over IP Monitoring Manager server
●
An Avaya Expanded Meet-Me Conferencing (EMMC) server
To add a messaging system, Call Management System, or other element:
1. Click Elements on the navigation pane.
The Elements page appears.
2. Click New Element.
The system displays the Add Element page.
3. In the Element Name field, enter the name of the element.
4. From the Element Type box, select Other.
5. In the Sold To Number field, enter the location.
6. In the Product Id field, enter the product ID for the system.
Note:
Note:
Elements that Avaya Fault and Performance Manager manages require the
product ID on adjuncts.
7. In the Note box, enter any notes you want for the system. This box is a note pad in which
you can enter up to 255 characters.
8. From the Location box, select the location for the system.
9. From the Platform Type box, select the type of system.
10. Select the Active check box if you want the new element to be activated when you are
finished adding it. This check box is enabled by default.
11. If you just added an Intuity Audix 5.1 or later system, an Intuity LX system, or an MMA
Messaging Server and want to use MultiSite Administrator with this system:
a. From the MSA box, select the MultiSite Administrator system you want to use.
b. In the Login field, enter the login for the messaging system.
c. In the Password field, enter the password for the messaging system login.
d. In the Re-enter Password field, re-enter the password for the messaging system login.
November 2009
41
Setting up Integrated Management Database
e. In the IP Address/FQDN field, enter the IP address or FQDN of the messaging system.
f. If the system uses SSH authentication:
1. Select the Use SSH check box.
2. In the SSH Key field, enter the RSA SSH key. See the messaging system
documentation for information on how to determine the RSA SSH key.
Note:
Note:
If you do not enter the RSA SSH key, the key will not be validated, but SSH will
be used for encryption only.
g. In the Telnet/SSH Port field, enter the TCP port number that should be used to connect
to the messaging system.
h. In the System Password field, enter the password for the system. The system password
is not usually required.
i. In the Re-enter System Password field, re-enter the password for the system.
j. From the Queue Name box, select the voice system queue for the messaging system.
MultiSite Administrator uses a voice system queue to control connectivity to a messaging
system. While the MultiSite Administrator server makes a separate telnet connection to
the messaging system, the voice system queue you specify here will control the starting
and stopping of this connection.
k. In the Total Channels field, enter the total number of channels.
l. In the Dedicated Channels field, enter the number of dedicated channels.
m. If you are adding a Modular Messaging system, that is, you selected Modular
Messaging in the Platform Type box, enter the Base DN of the system in the Base DN
box. The default setting is ou=people, dc=Avaya. Change this setting only if you are
sure it is a different value.
12. If you want to use Fault and Performance Manager with this system:
a. From the FPM box, select the Fault and Performance Manager system you want to use.
b. In the IP Address/FQDN field, enter the IP address or FQDN of the system.
c. If the system uses SSH authentication:
1. Select the Use SSH check box.
2. In the SSH Key field, enter the RSA SSH key. See the messaging system
documentation for information on how to determine the RSA SSH key.
Note:
Note:
If you do not enter the RSA SSH key, the key will not be validated, but SSH will
be used for encryption only.
d. In the Telnet/SSH Port field, enter the port number of the messaging system.
e. In the Management URL area, enter the URL of the element’s management application.
42 Avaya Integrated Management Database Configuration
Configuring a new installation
13. In the Allowed Users box, select which Integrated Management Database users will have
access to this element.
To select multiple users, press and hold the Ctrl key, and then click on the appropriate
users.
14. In the Allowed Groups box, select which LDAP groups will have access to this element.
To select multiple groups, press and hold the Ctrl key, and then click on the appropriate
groups.
15. When finished, click Add.
16. Repeat Steps 2 through 15 to add another system.
When you are finished adding elements, see Procedure 12: Creating an Fault and Performance
Manager role on page 43 for the procedure to create an Fault and Performance Manager role.
Procedure 12: Creating an Fault and Performance Manager role
Use this procedure to create roles that you will assign to Fault and Performance Manager users.
You can set each role to have one or more of the following capabilities:
●
CreateReports
Assigns the user the following capabilities:
- create new reports that will be stored on the Fault and Performance Manager server for
future use
- schedule reports to be run automatically in the background by the Fault and Performance
Manager server
●
Administration (Admin)
Assigns the user the following capability:
- access the FPM Administration menu item for the scheduling of data collection and
reports, system groups, and trunk group lists from the Fault and Performance Manager
user interface
●
BusyoutRelease
Assigns the user the following capabilities:
- Busy/Release boards, trunks, trunk groups, stations, and ports from the Fault and
Performance Manager user interface
●
Acknowledge
Assigns the user the following capability:
- acknowledge alerts within the Fault and Performance Manager user interface
November 2009
43
Setting up Integrated Management Database
●
ReadOnly
Assigns the user the following capability:
- run the Fault and Performance Manager user interface with a read-only permission,
where nothing can be done to voice systems, reports, or scheduling
●
MovePN
Assigns the user the following capability:
- move port networks from one call controller to another within an ESS cluster
●
Helper
Assigns the user the following capability:
- access the HelpDesk feature, which links the Communication Manager manuals to the
Fault and Performance Manager user interface within Exception reports.
●
EditAssistRule
Assigns the user the following capability:
- invoke automatic troubleshooting wizards on some maintenance objects within a voice
system. Some of the troubleshooting wizards may perform service tests that affect the
voice system.
Integrated Management Database automatically installs and configures the following default
Fault and Performance Manager roles:
●
FPMbrowse
The FPMbrowse role has the ReadOnly capability.
●
FPMadmin
The FPMadmin role has the CreateReports, Admin, BusyoutRelease, Acknowledge,
MovePN, Helper, and Assist capabilities.
●
PositionCarriers
The PositionCarriers role has the capability to specify the order of carriers in the G650
cabinets.
You can assign these default roles to Fault and Performance Manager users, or you can create
and assign custom roles.
To create a custom Fault and Performance Manager role:
1. Click FPM Roles on the navigation pane.
The system displays the FPM Roles page.
2. Click Add.
The system displays the Add FPM Role page.
3. In the Enter Role Name field, enter the name for the Fault and Performance Manager role.
44 Avaya Integrated Management Database Configuration
Configuring a new installation
4. In the Available Capabilities list box, select the capability you want to assign to this role. If
you want to assign multiple capabilities to this role, press and hold the Ctrl key down on
your keyboard and click on each capability you want to select.
5. Click Select.
The system displays the selected capabilities in the Capabilities assigned to this role
box.
6. Click Add.
The system displays a page confirming that the role was added successfully.
7. Click OK.
8. Repeat Steps 2 through 7 for each Fault and Performance Manager role you want to create.
When finished, see Procedure 13: Adding a user on page 46 for steps to add a user.
Editing an Fault and Performance Manager role
You can edit an Fault and Performance Manager role and assign new capabilities to it.
To assign a new capability to an existing user:
1. Click FPM Roles on the navigation pane.
The system displays the FPM Roles page.
2. Select a role on the FPM Roles page and click Edit.
The system displays the Edit FPM Role page.
3. In the Available Capabilities list box, select the capability you want to assign to this role. If
you want to assign multiple capabilities to this role, press and hold the Ctrl key down on
your keyboard and click on each capability you want to select.
4. Click the button to transfer the capabilities you selected to the Capabilities assigned to
this role box.
The system displays the selected capabilities in the Capabilities assigned to this role
box.
5. Click Update.
The system displays a page with the message that the role was updated successfully.
6. Click OK.
November 2009
45
Setting up Integrated Management Database
Procedure 13: Adding a user
Use this procedure to add Integrated Management Database users, Fault and Performance
Manager users, and MultiSite Administrator users.
To add a user:
1. Click Users on the navigation pane.
The system displays the Users page.
2. Click New User.
The system displays the Add User page.
3. In the Login box, enter the login for the user.
4. In the User Name field, enter the name of the user.
5. In the Email Address field, enter the e-mail address of the user.
6. In the Phone Number field, enter the telephone number of the user.
7. In the Password field, enter the password for the user's login.
8. In the Re-type Password field, re-enter the password for the user's login.
9. If you want to prevent this user from logging in, select the Login Disabled check box.
Note:
Note:
The Failed Attempts box displays the current number of failed login attempts
this user has made. When a user is locked out, you can reset this value to 0.
10. If you want this user to be able to log in and administer Integrated Management Database,
perform the following steps:
a. Select the IMD check box.
The system displays a Roles button next to the IMD check box.
b. Click Roles.
The system displays the Assign IMD Roles to a User page.
c. Select the check box of each role you want to assign to this user. You can assign multiple
Integrated Management Database roles to a user.
d. Click Save.
The system displays a page confirming that the role was updated successfully.
e. Click OK.
11. If you want this user to be able to log in and administer Fault and Performance Manager,
perform the following steps:
46 Avaya Integrated Management Database Configuration
Configuring a new installation
a. Select the FPM check box.
The system displays a Roles button next to the FPM check box.
b. Click Roles.
The system displays the Assign FPM Roles to a User window.
c. Select the check box of each role you want to assign to this user. You can assign multiple
Fault and Performance Manager roles to a user.
d. Click Save.
The system displays a page confirming that the role was updated successfully.
e. Click OK.
12. If you want this user to be able to log in and administer MultiSite Administrator, perform one
of the following steps:
●
If you want this user to have super user privileges on MultiSite Administrator, select
the MSA Super User check box.
●
If you want this user to have administration privileges on MultiSite Administrator,
select the MSA check box.
The system displays the following warning: This User/Group will be assigned the
default Custom Priveleges within Multisite administration. If an alternate
Custom Privelege is desired, then the Custom Privelege must be created and/or
assigned within the MultiSite Administration application. Click OK to continue.
●
If you want this user to only administer users on MultiSite Administrator, select the
MSA User Admin Only check box.
13. From the Allowed Elements box, select the elements this user will be able to access.
To select multiple elements, press and hold the Ctrl key, and then click on the appropriate
elements.
14. Click Add.
15. Repeat Steps 2 through 14 for any other users you want to add.
If you want to add LDAP groups to Integrated Management Database, see Procedure 14:
Adding an LDAP group on page 52.
Otherwise, Integrated Management Database is now configured. When you want to quit
Integrated Management Database, click Exit on the navigation pane.
November 2009
47
Setting up Integrated Management Database
Copying an Integrated Management Database user
You can create a new Integrated Management Database user based on the settings of an
existing user.
Use the Copy button on the Users page, provided in addition to the earlier Edit and Delete
buttons, to copy a user. You can copy a user as an operation and create a new user based on
the settings of the selected user.
To copy a user:
1. Click Users on the navigation pane.
The system displays the Users page.
2. Select a user and click Copy.
The system displays the Copy Users page.
The page retains some copied user information.The remaining fields, where information has
not been copied, require new entries.
3. Enter new values for the Login, User Name, Email Address, Phone Number, and
Password fields as these are left blank on the copied page.
4. Click Add.
The Users page displays the new user.
Creating an Integrated Management Database role
Integrated Management Database 5.2 provides a new IMD Roles page that allows you to add,
delete and edit Integrated Management Database roles for users and LDAP groups.
To access Integrated Management Database roles:
1. Click IMD Roles on the navigation pane.
The system displays the IMD Roles page. This page names the Integrated Management
Database Roles and lists the capabilities assigned to the roles.
2. Select a role and click Add, Edit or Delete to add, edit or delete a role.
3. Select a role and click Show Users/ Groups.
The system displays the Show IMD User/Group Assignments for Role page. This page
gives the user names, group names and descriptions of the LDAP groups that are assigned
the role.
48 Avaya Integrated Management Database Configuration
Configuring a new installation
Default Integrated Management Database Roles
Integrated Management Database automatically installs and configures the following default
Integrated Management Database roles:
●
IMDSuperUser
This role has the ManageUsers, ManageGroups, FPMRoles, IMDRoles, ChangeSecurity,
SNMPConfig, ManageElements, LDAPConfig, RADIUSConfig, EmailConfig, ManageApps,
ManageLocations, Import, Export and ViewLogs capabilities.
●
IMDAuditor
This role has the ReadOnly and ViewLogs capabilities.
●
IMDPassMgr
This role has the ChangePasswds and ViewLogs capabilities.
●
IMDSecurity
This role has the following capabilities: ManageUsers, FPMRoles, IMDRoles,
ChangeSecurity, SNMPConfig and ViewLogs.
Note:
After an upgrade from 5.0, the application upgrades only the users of the
UserAdmin role to the IMDSecurity role.
Note:
●
IMDAdmin
This role has the following capabilities: ManageElements, LDAPConfig, RADIUSConfig,
EmailConfig, ManageApps, ManageLocations, Import, Export and ViewLogs.
●
ManageGroups
This role has the capability to manage groups.
You can either assign these default roles, or you can create and assign custom roles to
Integrated Management Database users.
Creating a custom Integrated Management Database role
To create a custom Integrated Management Database role:
1. Click IMD Roles on the navigation pane.
The system displays the IMD Roles page.
2. Click Add.
The system displays the Add IMD Role page.
3. In the Enter Role Name box, enter the name for the Integrated Management Database
role.
November 2009
49
Setting up Integrated Management Database
4. In the Available Capabilities list box, click the capability you want to assign to this role. If
you want to assign multiple capabilities to this role, press and hold the Ctrl key down on
your keyboard and click on each capability you want to select.
5. Click the directional button to transfer these capabilities from the Capabilities Available
box to the Capabilities assigned to this role box.
The system displays the selected capabilities in the Capabilities assigned to this role
box.
6. Click Add.
The system displays a page confirming that the role was added successfully.
7. Click OK.
Repeat Steps 2 through 7 for each Integrated Management Database role you want to
create.
Editing an Integrated Management Database role
You can also edit an Integrated Management Database role.
To edit an Integrated Management Database role:
1. Click IMD Roles on the navigation pane.
The system displays the IMD Roles page.
2. Select a role.
3. Click Edit.
The system displays the Edit IMD Role page. This page displays the role name and two
boxes: Available Capabilities and Capabilities assigned to this role.
Note:
Note:
You cannot edit the IMDSuperUser role.
4. To add capabilities, click the directional button to transfer capabilities from the Available
Capabilities box to the Capabilities assigned to this role box. To remove capabilities
from a role, click the directional button to transfer capabilities from the Capabilities
assigned to this role box to the Available Capabilities box.
5. Click Update.
The system displays a page with the message that the role was updated successfully.
6. Click OK.
50 Avaya Integrated Management Database Configuration
Configuring a new installation
Deleting an Integrated Management Database role
You can also delete an Integrated Management Database role.
To delete an Integrated Management Database role:
1. Select the role you want to delete.
2. Click Delete.
The system displays the Delete IMD Role page that seeks a confirmation to delete the
selected role.
3. Click Delete.
The system displays a page that confirms the role was deleted.
4. Click OK.
When you upgrade Integrated Management Database, it executes the following changes.
●
Integrated Management Database changes those users with IMD Super User check box
selected so that they have the IMD check box selected, and assigns them the
IMDSuperUser role.
●
Integrated Management Database changes those users with IMD User Admin Only
checkbox selected so that they have the IMD checkbox selected, and assigns them the
IMDSecurity role
●
Integrated Management Database removes the IMD User Admin Only and IMD Super
User checkboxes.
November 2009
51
Setting up Integrated Management Database
Procedure 14: Adding an LDAP group
Use this procedure to add LDAP groups. The settings you specify for an LDAP group will apply
to all members of the group.
To add an LDAP group:
1. Click LDAP Groups on the navigation pane.
The system displays the LDAP Groups page.
2. Click New Group.
The system displays the Add LDAP Group page.
3. In the Group Number field, enter the number for the LDAP group.
4. In the Group Description field, enter a description of this group.
5. If you want to prevent members of this group from logging in, select the Group Disabled
check box.
6. If you want members of this group to be able to log in and administer Integrated
Management Database, perform one of the following steps:
a. Select the IMD check box.
The system displays the Roles button next to the IMD check box.
b. Click Roles.
The system displays the Assign IMD Roles to a User window.
c. Select the check box of each role you want to assign to this group. You can assign
multiple Integrated Management Database roles to a group.
d. Click Save.
The system displays a page that confirms the role was updated successfully.
e. Click OK.
7. If you want members of this group to be able to log in and administer Fault and
Performance Manager, perform the following steps:
a. Select the FPM check box.
The system displays the Roles button next to the FPM check box.
b. Click Roles.
The system displays the Assign FPM Roles to a User window.
c. Select the check box of each role you want to assign to this group. You can assign
multiple Fault and Performance Manager roles to a group.
d. Click Save.
The system displays a page that confirms the role was updated successfully.
52 Avaya Integrated Management Database Configuration
Configuring a new installation
e. Click OK.
8. If you want members of this group to be able to log in and administer MultiSite
Administrator, perform one of the following steps:
●
If you want members of this group to have super user privileges on MultiSite
Administrator, select the MSA Super User check box.
●
If you want members of this group to have administration privileges on MultiSite
Administrator, select the MSA check box.
The system displays the following warning: This User/Group will be assigned the
default Custom Priveleges within Multisite administration. If an alternate
Custom Privelege is desired, then the Custom Privelege must be created and/or
assigned within the MultiSite Administration application.
●
If you want members of this group to only administer users on MultiSite Administrator,
select the MSA User Admin Only check box.
9. From the Allowed Elements box, select the element or elements this group will be able to
access.
To select multiple elements, press and hold the Ctrl key, and then click on the appropriate
elements.
10. Click Add.
11. Repeat Steps 2 through 10 for any other LDAP groups you want to add.
Integrated Management Database is now configured. When you want to quit Integrated
Management Database, click Exit on the navigation pane.
Copying an LDAP group
You can use the Copy button on the LDAP Groups page to create a new LDAP Group based on
the settings of an existing LDAP Group. When you copy LDAP group information, the copy
retains the LDAP Group information for some fields while other fields require new entries. The
copy retains information for the following fields:
●
Group Disabled
●
IMD Roles
FPM
●
FPM Roles
MSA
●
MSA Super User
●
MSA User Admin Only
●
Allowed Elements
November 2009
53
Setting up Integrated Management Database
You can edit the copied information.The Group Name and Group Description fields that
remain blank require new values.
To copy an LDAP group:
1. Click LDAP Groups on the navigation pane.
The system displays the LDAP Groups page.
2. Select the group to be copied and click Copy.
The system displays the Copy LDAP Group page.
3. Make entries where necessary and click Add.
Integrated Management Database adds the new group to LDAP Groups.
54 Avaya Integrated Management Database Configuration
Importing configuration data
Importing configuration data
You can import configuration data from a system, for example, a voice system or messaging
system, into Integrated Management Database. The configuration data you want to import must
be in a comma-separated values (.csv) file. Table 3 shows the format for data in the .csv file. To
import user data, see Importing user data on page 59.
Note:
Note:
You can download a sample .csv configuration data file from the Import page in
Integrated Management Database.
Table 3: Format of Configuration Data in an Import File
Field
Field Description
1
Application Type (MSA or FPM
2
Application Instance (for example, FPM-nodename)
3
Element Name
4
Element Type (Voice System, Integrated Mgmt, Other)
5
Element Sold To
6
Element Platform. The Element Platform depends on the
Element Type in Field 4.
If Field 4 contains Voice System, Field 6 can only
contain one of the following entries (tags): Multipoint
Conf Sys, S8100, S83XX, S84XX, S85XX, S87XX,
ProLogix, IP600, G3R, G3I, G3SI, CSI, Definity1,
BladeCentre, or other. See Table 4: Voice System
Elements on page 57 for a description of these entries.
If Field 4 contains Other, Field 6 can only contain one of
the following entries: Definity Audix, Intuity Audix,
Intuity Interchange, Call Management System,
Conversant, Modular Messaging, Message
Networking, Intuity Audix 770, Intuity Audix LX, SSG,
VMM, SIP-CC Server, Avaya IVR, EMMC, or Other. See
Table 5: Other Elements on page 58 for a description of
these entries.
If Field 4 contains Integrated Mgmt, Field 6 can only
contain NMS.
7
Element Active (Y or N)
8
Element Product ID
9
Element Location ID Number (0 if it is unknown)
1 of 2
November 2009
55
Setting up Integrated Management Database
Table 3: Format of Configuration Data in an Import File (continued)
Field
Field Description
10
Service Name (OSSI, TELNET, SNMP, SAT,
FPMTELNET, PATELNET, or PROXY)
11
Service TCP Port Number
12
Service IP Address
13
Service Alternate IP Address (S87xx platforms only)
14
Service Login ID
15
Service Password
16
SSH Flag (Y or N)
17
SSH Key
18
Alternate SSH Key
19
ASG Key
20
Number of Dedicated Channels (SAT only)
(0 for non-SAT services)
21
Number of Total Channels (SAT only)
(0 for non-SAT services)
22
Queue Name (TELNET only)
23
System Password (TELNET only)
24
MMA Base DN
25
Service Management URL
26
Service FPM Applications List
27
End of Record indicator (X)
2 of 2
56 Avaya Integrated Management Database Configuration
Importing configuration data
Table 4 lists the“tag for each supported Voice System element. You must enter the appropriate
tag in Field 6 when you enter Voice System in Field 4.
Table 4: Voice System Elements
Product Name
Tag
Multipoint Conference
System
Multipoint Conf Sys
Avaya S8300/S8300B/
S8300C
S83XX
Avaya S8400
S84XX
Avaya S8500/S8500B/
S8500C
S85XX
Avaya S8700/S8710/S8720/
S8720XL
S87XX
Avaya S8100
S8100
ProLogix
ProLogix
IP600
IP600
Definity Server R
G3R
Definity Server I
G3I
Definity Server SI
G3SI
Definity Server CSI
CSI
DEFINITY ONE
Definity1
BladeCenter
BladeCentre
Other
other
November 2009
57
Setting up Integrated Management Database
Table 5 lists the tag for each supported Other element. You must enter the appropriate tag in
Field 6 when you enter Other in Field 4.
Table 5: Other Elements
Product Name
Tag
Definity Audix
Definity Audix
Intuity Audix
Intuity Audix
Intuity Interchange
Intuity Interchange
Call Management System
Call Management System
Conversant
Conversant
Avaya IVR
Avaya IVR
Modular Messaging
Modular Messaging
Message Networking
Message Networking
Intuity Audix 770
Intuity Audix 770
Intuity Audix LX
Intuity Audix LX
SIP Server
SIP-CC Server
Avaya Voice Over IP
Monitoring Manager Server
VMM
Secure Services Gateway
SSG
Avaya Expanded Meet-Me
Conferencing Server
EMMC
Other
Other
Table 6 lists the tag for each supported Integrated Mgmt element. You must enter the
appropriate tag in Field 6 when you enter Integrated Mgmt in Field 4.
Table 6: Integrated Mgmt Elements
Product Name
Tag
NMS
NMS
58 Avaya Integrated Management Database Configuration
Importing user data
To import a configuration data file into Integrated Management Database:
1. Click Import on the navigational pane.
The system displays the Import page.
2. In the Element & Service Configuration area, click Browse, and select the .csv file you want
to import.
3. Click Import.
Note:
Note:
While importing files, Integrated Management Database blocks files with blank
spaces or ';' from filenames.
Importing user data
You can import user data into Integrated Management Database. The user data you want to
import must be in a comma-separated values (.csv) file. Table 7 shows the format for data in the
.csv file.
Note:
Note:
You can download a sample csv user data file from Import page in Integrated
Management Database.
Table 7: Format of User Data in an Import File
Field
Field Description
1
Login
2
Password
3
Full User Name
4
Email Address
5
Phone Number
6
Role Name
7
Role Application Type
1 of 2
November 2009
59
Setting up Integrated Management Database
Table 7: Format of User Data in an Import File (continued)
Field
Field Description
8
Role Table Name
This value is only needed for Fault and Performance
Manager roles.
Note:
Note:
“fpm_roles” is the only table name
supported for the “FPM” Application Type
(field 7). Currently, no other applications
support roles tables.
9
Role Value
10
Capability
11
Element Name
12
End or Record indicator (X)
2 of 2
Table 8 lists the valid entries for each Role Name, Role Application Type, and Role Table Name.
Table 8: Role Attributes
Role Name
Role Application
Type
Role Table Name
FPMadmin
FPM
fpm_roles
FPMbrowse
FPM
fpm_roles
The contents of a sample .csv file are shown below. This sample contains four records. A
carriage return indicates the end of a record.
joe,passwd,Joe User,joe@avaya.com,,admin,IMD,,,,switch1,X
joe,,,,,fpm,IMD,,,,switch2,X
joe,,,,,FPMadmin,FPM,fpm_roles,,,switch3,X
joe,,,,,,,,,,switch4,X
This sample file will create the login “joe” with Integrated Management Database administration
and Fault and Performance Manager administration capabilities on switch1, switch2, switch3,
and switch4. The only required field is Login. You must define the Password, Full Name, and
60 Avaya Integrated Management Database Configuration
Exporting data
Email Address fields for the first occurrence of a user entry within the .csv file. Subsequent
lines are used for defining permissions to applications and voice systems for the specified login.
To import a user data file into Integrated Management Database:
1. Click Import on the navigational pane.
The system displays the Import page.
2. In the Users & Permissions area, click Browse, and select the .csv file you want to import.
3. Click Import.
Exporting data
Integrated Management Database supports the ability to export Elements and Service
Configuration data, and Users and Permissions data, in the comma separated values (.csv)
format that makes it possible for the import of data back into Integrated Management Database.
The export function uses the .csv format because it is a simple way to transfer a large volume of
database information, without worry about special file types.
To export users and permissions data:
1. Click Export on the navigation pane.
The system displays the Export page. The page displays two sections, Element and Service
Configuration, and Users and Permissions configuration, with separate check boxes for
each.
2. Click Export under Users and Permissions to export user data.
The system displays the File Download box. You can open, save or cancel the users
export .csv file.
3. Click Open to open the .csv file with Microsoft Office Excel.
4. Click Save. Browse to the directory where you want to save the file and click Save.
Note:
Note:
Integrated Management Database does not export passwords. Enter passwords
manually in the exported .csv file.
To export elements and service configuration data:
1. Click Export on the navigation pane.
The system displays the Export page.
2. Click Export under Element and Service Configuration.
Integrated Management Database exports the element and service configuration data in the
.csv format.
November 2009
61
Setting up Integrated Management Database
Viewing the Integrated Management Database
administration log
If you are unsure about any tasks you performed in Integrated Management Database, check
the IM Administration log. The Integrated Management Database Administration log shows a
record of every major Integrated Management Database event that has occurred in the current
month. After one month, the data in the Integrated Management Database log is archived. A
maximum of 12 monthly archives are stored. After 12 months, the oldest monthly archive is
overwritten by the latest monthly archive. The Integrated Management Database log archives
are stored in cd/var/avaya/imd/log.
To view the Integrated Management Database log, click View Log on the navigation pane. The
system displays the IMD Administration Log page.
Backing up Integrated Management Database
You can perform a backup of Integrated Management data using the Graphical User Interface
(GUI) utility or the command line method. The GUI utility also allows you to schedule backups to
run automatically on a daily, weekly, or monthly basis. This section provides these procedures.
Backing up data using the GUI utility
To use the GUI utility to back up Integrated Management data on the Linux server, follow these
steps:
1. Ask all users to log off the system.
2. Log in as root on the Linux server.
3. Select Applications > Avaya > Integrated Management Data Backup & Restore.
The system displays the Integrated Management Backup and Restore dialog box
4. Click the Backup/Restore Data Now tab.
5. Click Backup.
6. Select the checkboxes for the applications you want to back up.
7. Enter a filename for the Integrated Management data backup file.
62 Avaya Integrated Management Database Configuration
Backing up Integrated Management Database
8. Do one of the following:
●
To store the backup file on this machine, click Local, and then perform the following:
a. Click Browse.
The system displays the Select Directory dialog box.
b. Select the directory where you want to store the backup file.
c. Click Select Directory.
The system displays the directory you selected in the Integrated Management
Backup and Restore dialog box.
d. Click Backup Data.
The system displays the Backing up Data dialog box while the data is backed up.
When the backup is finished, the system displays the message Local Data Operation
Successful.
e. Click OK.
f. In the Integrated Management Backup and Restore dialog box, click Close.
●
To store the backup file on a remote machine, click Remote, and then perform the
following:
a. Enter the IP address or FQDN of the remote computer.
b. Enter the FTP user ID.
c. Enter the password.
d. Enter the name of the folder where you want to store the backup file.
e. Click Backup Data.
The system displays the Backing up Data dialog box while the data is backed up.
When the backup is finished, the system displays the message Remote Data
Operation Successful.
f. Click OK.
g. In the Integrated Management Backup and Restore dialog box, click Close.
Scheduling backups using the GUI utility
To use the GUI utility to schedule automatic backups of the Integrated Management data on the
Linux server, follow these steps:
1. Ask all users to log off the system.
2. Log in as root on the Linux server.
November 2009
63
Setting up Integrated Management Database
3. Select Applications > Avaya > Integrated Management Data Backup & Restore.
The system displays the Integrated Management Backup and Restore dialog box.
4. Select the Automatic Data Backups tab.
5. Enter the e-mail address of the administrator.
6. Select the checkboxes for the applications you want to back up.
7. Select the frequency--daily, weekly, or monthly--for which you want the backup to run.
8. Depending upon your selection, select the following:
●
If the backup is to run daily, then specify the Hour.
●
If the backup is to run weekly, then specify the Day and Hour.
●
If the backup is to run monthly, then specify the Date and Hour.
9. Do one of the following:
●
To store the backup file on this machine, click Local, and then do the following:
a. Click Browse.
The system displays the Select Directory dialog box.
b. Select the directory where you want to store the backup file.
c. Click Select Directory.
The system displays the directory you selected in the Integrated Management
Backup and Restore dialog box.
d. Click Schedule Backup.
e. In the Integrated Management Backup and Restore dialog box, click Close.
●
To store the backup file on a remote machine, click Remote, and then do the following:
a. Enter the IP address or FQDN of the remote computer.
b. Enter the FTP user ID.
c. Enter the password.
d. Enter the name of the folder where you want to store the backup file.
e. Click Schedule Backup.
f. In the Integrated Management Backup and Restore dialog box, click Close.
64 Avaya Integrated Management Database Configuration
Backing up Integrated Management Database
Cancelling scheduled backups using the GUI utility
To cancel the schedule of automatic backups of Integrated Management data on the Linux
server, follow these steps:
1. Ask all users to log off the system.
2. Log in as root on the Linux server.
3. Select Applications > Avaya > Integrated Management Data Backup & Restore.
The system displays the Integrated Management Backup and Restore dialog box.
4. Click the Automatic Data Backups tab.
5. Click Unschedule at the bottom of the Integrated Management Backup and Restore
dialog box.
6. Click Close.
Backing up data using the Command Line method
To use the command line method to back up Integrated Management data on the Linux server,
follow these steps:
1. Ask all users to log off the system.
2. Log in as root on the Linux server.
3. Perform one of the following steps:
●
To back up all Integrated Management application data, type /usr/sbin/IMbackup
<backup_file> all in the terminal emulation window and press Enter.
●
To back up specific Integrated Management application data, type /usr/sbin/
IMbackup <backup_file> [app1 app2 app3] in the terminal emulation window
and press Enter.
Designate the specific Integrated Management application for app1, app2, or app3
as follows:
- FPM for Avaya Fault and Performance Manager
- MSA for Avaya MultiSite Administration
- IMD for Avaya Integrated Management Database
For example, to back up Integrated Management Database and MultiSite Administration
data, you would type:
/usr/sbin/IMbackup /var/avaya/IM4.0/IMD_MSA_Data_MMDDYY IMD MSA
and press Enter.
November 2009
65
Setting up Integrated Management Database
Restoring Integrated Management Database
You can perform a restore of Integrated Management data using the Graphical User Interface
(GUI) utility or the command line method. This section provides both procedures.
When you restore Integrated Management data, the data is read from the backup input file and
then imported in the applications. You can restore selective applications from the backup input
file. For example, if you backed up all Integrated Management applications, you can restore
specific applications or restore all applications from the backup file.
Restoring data using the GUI utility
To use the GUI utility to restore Integrated Management data on the Linux server, follow these
steps:
1. Ask all users to log off the system.
2. Log in as root on the Linux server.
3. Select Applications > Avaya > Integrated Management Data Backup & Restore.
The system displays the Integrated Management Backup and Restore dialog box.
4. Click Backup/Restore Data Now .
5. Click Restore.
6. Click the checkboxes for the applications you want to restore.
7. Do one of the following:
●
If the backup file is on this machine, click Local, and then do the following:
a. Click Browse.
The system displays the Select File dialog box.
b. Select the backup file that contains the data you want to restore.
c. Click Select File.
The system displays the file you selected in the Integrated Management Backup
and Restore dialog box.
d. Click Restore Data.
The system displays the Restoring Data dialog box while the data is restored. When
the restore is finished, the system displays the message Local Data Operation
Successful.
e. Click OK.
f. In the Integrated Management Backup and Restore dialog box, click Close.
66 Avaya Integrated Management Database Configuration
Restoring Integrated Management Database
●
If the backup file is one a remote machine, click Remote Option, and then do the
following:
a. Enter the IP address or FQDN of the remote computer.
b. Enter the FTP user ID.
c. Enter the password.
d. Enter the name of the folder where the backup file is located.
e. Click Restore Data.
The system displays the Restoring Data dialog box while the data is restored. When
the restore is finished, the system displays the message Remote Data Operation
Successful.
f. Click OK.
g. In the Integrated Management Backup and Restore dialog box, click Close.
Restoring data using the Command Line method
To use the command line method to restore Integrated Management data on the Linux server,
follow these steps:
1. Ask all users to log off the system.
2. Log in as root on the Linux server.
3. Perform one of the following steps:
●
To restore all Integrated Management application data, type /usr/sbin/IMrestore
<backup_file> all in the terminal emulation window and press Enter.
●
To restore specific Integrated Management application data, type /usr/sbin/
IMrestore <backup_file> [app1 app2 app3] in the terminal emulation window
and press Enter.
Designate the specific Integrated Management application for app1, app2, or app3
as follows:
- FPM for Avaya Fault and Performance Manager
- MSA for Avaya MultiSite Administration
- IMD for Avaya Integrated Management Database
November 2009
67
Setting up Integrated Management Database
68 Avaya Integrated Management Database Configuration
Index
Index
A
N
Administration Log
view . . . . . . . . . . . . . . . . . .
Authentication, Authorization and Accounting
Avaya
support web site . . . . . . . . . . . .
Avaya Technology and Consulting (ATAC) .
. . . . 62
. . . . 32
. . . . . 8
. . . . . 9
C
network
security . . . . . . . . . . . . . . . . . . . . . 12
P
passwords, changing . . . . . . . . . . . . . . . . 12
R
configuration
getting help. . . . . . . .
contact information
third party . . . . . . . .
contact information for Avaya .
customer specified directory .
. . . . . . . . . . . . 9
. . . . . . . . . . . 12
. . . . . . . . . . . .11
. . . . . . . . . . . 20
RADIUS authentication . . . . . . . . . . . . . . . 30
RADIUS server configuration . . . . . . . . . . . . 31
Red Hat web site . . . . . . . . . . . . . . . . . . 12
resources
Avaya Global Technical Services . . . . . . . . . 10
Customized Management Solutions for Avaya Integrated
Management . . . . . . . . . . . . . . . . . 11
E
export data . . . . . . . . . . . . . . . . . . . . 61
G
Global Services Delivery . . . . . . . . . . . . . . . 9
GSD . . . . . . . . . . . . . . . . . . . . . . . . 9
S
security
Avaya disclaimer . .
for networks . . . . .
network . . . . . . .
notices . . . . . . .
toll fraud . . . . . .
toll fraud intervention
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
13
12
12
12
13
13
Technical Service Organization
toll fraud . . . . . . . . . . .
Avaya disclaimer . . . . .
intervention . . . . . . . .
TSO . . . . . . . . . . . . .
typographical conventions . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.9
13
13
13
.9
.7
H
help with configuration . . . . . . . . . . . . . . . . 9
I
IMD
import data . . . . .
new installation . . .
IMD Administration Log
view . . . . . . . .
import data . . . . . .
installation
checklist . . . . . .
overview . . . . . .
. . . . . . . . . . . . . 55, 59
. . . . . . . . . . . . . . 23
. . . . . . . . . . . . . . 62
. . . . . . . . . . . . . 55, 59
. . . . . . . . . . . . . . 18
. . . . . . . . . . . . . . 18
T
W
web sites
third-party . . . . . . . . . . . . . . . . . . . . 12
M
Microsoft web site . . . . . . . . . . . . . . . . . 12
November 2009
69
Index
70 Avaya Integrated Management Database Configuration
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising