8DG41426LAAA - V1 - 1350 OMS Administration Guide PDF

Title page
1350 OMS | 9.5

1350 OMS Administration Guide, Vol 1: Common Tools and Processes
8DG42146LAAA-Vol1
Issue 1
October 2011
Legal notice
Legal notice
Alcatel, Lucent, Alcatel-Lucent and the Alcatel-Lucent logo are trademarks of Alcatel-Lucent. All other trademarks are the property of their respective
owners.
The information presented is subject to change without notice. Alcatel-Lucent assumes no responsibility for inaccuracies contained herein.
Copyright 2011 Alcatel-Lucent. All rights reserved.
Notice
Every effort was made to ensure that the information in this document was complete and accurate at the time of printing. However, information is subject to
change.
Warranty
Alcatel-Lucent provides a limited warranty for this product. For more information, consult your local Alcatel-Lucent customer support team.
Ordering information
The ordering number for this document is 8DG42146LAAA-Vol1. To order 1350 OMS information products, contact your local Alcatel-Lucent customer
support team.
Technical support
For technical support, contact your local customer service support team. You can reach them via the Web at the Alcatel-Lucent Customer Support web site
(http://www.alcatel-lucent.com/support) or the customer support telephone number listed at the Alcatel-Lucent Contact Us web site (http://www.alcatellucent.com/contact).
Information product support
For questions or concerns about this or any other Alcatel-Lucent information product, please contact us at one of the following numbers: (888) 727 3615 (for
the continental United States) +1 (630) 713 5000 (for all countries).
Contents
About this document
Purpose
.......................................................................................................................................................................................... xiii
xiii
Reason for reissue ...................................................................................................................................................................... xiii

xiii
Safety information
..................................................................................................................................................................... xiii
xiii
Intended audience
...................................................................................................................................................................... xiii
xiii
Conceptual and task content ................................................................................................................................................... xiv

xiv
Format of task content
.............................................................................................................................................................. xiv
xiv
Typographical conventions used for content

Marking conventions used for content
..................................................................................................................... xv
................................................................................................................................ xv
Technical content ........................................................................................................................................................................ xvi

xvi
Treatment of terms ..................................................................................................................................................................... xvi
xvi
Related documentation
........................................................................................................................................................... xvii
xvii
Document formats ................................................................................................................................................................... xviii

xviii
On-line help
............................................................................................................................................................................... xviii
xviii
How to comment
1
................................................................................................................................................................ xix
xix
........................................................................................................................................................................ xix
xix
Product and Administration Overview

Overview ...................................................................................................................................................................................... 1-1
1-1
1350 OMS Overview ............................................................................................................................................................... 1-2
1-2
1350 OMS Modules for System Resiliency and Northbound Communication ................................................. 1-6
1-6
ANTP
............................................................................................................................................................................................ 1-7
1-7
Common Security and Access .............................................................................................................................................. 1-8

1-8
System Administrator Responsibilities ........................................................................................................................... 1-10
1-10
....................................................................................................................................................................................................................................
1350 OMS
iii
8DG42146LAAA-Vol1 9.5
Issue 1 October 2011
Contents
....................................................................................................................................................................................................................................
Applications and Their Instances

Overview ...................................................................................................................................................................................... 2-1
2-1
Instance Overview .................................................................................................................................................................... 2-2
2-2
Remove an Instance of an Application
............................................................................................................................. 2-4
2-4
Free System Resources Used by an Application Instance

3
......................................................................................... 2-6
2-6
Configurations
Overview ...................................................................................................................................................................................... 3-1
3-1
Configuration Preparation
..................................................................................................................................................... 3-2
3-2
1350 OMS EML IP Configuration
..................................................................................................................................... 3-4
3-4
Static Routing Configurations .............................................................................................................................................. 3-5

3-5
Routing Configurations for Client Applications ............................................................................................................ 3-8
3-8
Multi-LAN Configurations ................................................................................................................................................. 3-10
3-10
4
Node Name Management

Overview ...................................................................................................................................................................................... 4-1
4-1
Node Name Management Tool
............................................................................................................................................ 4-3
4-3
Establish a Group and Initialize Node Name Management Persistent Data ....................................................... 4-7
4-7
Add a New Member to the Group
...................................................................................................................................... 4-9
4-9
Add a New External Node to the Group ........................................................................................................................ 4-12

4-12
Remove a Member from a Group ..................................................................................................................................... 4-14
4-14
List the Database Contents of a Group Member Node ............................................................................................. 4-16
4-16
Align All Group Member Nodes to a Specified Member Node ............................................................................ 4-17
4-17
Align One Group Member Node to Another Group Member Node .................................................................... 4-18
4-18
Open Two Groups for Communication .......................................................................................................................... 4-20
4-20
Import Node Information Between Two Different Groups ..................................................................................... 4-22
4-22
Merge Nodes in Two Groups into One Group ............................................................................................................. 4-24
4-24
Change the IP Address of a Remote Node
.................................................................................................................... 4-26
4-26
....................................................................................................................................................................................................................................
1350 OMS
iv
Contents
....................................................................................................................................................................................................................................
Change the IP Address of the Current/Local Node .................................................................................................... 4-30

4-30
Change the Hostname of a Remote Node ...................................................................................................................... 4-34
4-34
Change the Hostname of the Current/Local Node
..................................................................................................... 4-37
4-37
Change the Subnetwork Mask ........................................................................................................................................... 4-41

4-41
Change the Gateway IP Address and Hostname ......................................................................................................... 4-42
4-42
Add a Server to the Current DNS Configuration ........................................................................................................ 4-44
4-44
Change a Server in the Current DNS Configuration ................................................................................................. 4-46
4-46
Remove a Server from the Current DNS Configuration .......................................................................................... 4-48
4-48
5
System Backup and Restore

Overview ...................................................................................................................................................................................... 5-1
5-1
Backup and Restore Overview ............................................................................................................................................. 5-2
5-2
scbackup Overview .................................................................................................................................................................. 5-3
5-3
Backup Strategies
..................................................................................................................................................................... 5-6
5-6
Backup Tape Sets ...................................................................................................................................................................... 5-8

5-8
Backup Restrictions and Requirements .......................................................................................................................... 5-10
5-10
Troubleshoot a Backup ......................................................................................................................................................... 5-11
5-11
Restore and screstore
............................................................................................................................................................ 5-13
5-13
Troubleshoot a Restore ......................................................................................................................................................... 5-15

5-15
Mirror Configurations ........................................................................................................................................................... 5-20
5-20
Run scdisk_read_check to Read and Check the Disk ............................................................................................. 5-21
5-21
Perform a Tape Check
.......................................................................................................................................................... 5-23
5-23
Run scbackup for a Local Disk or an Application Instance Backup
................................................................... 5-24
5-24
Run scbackup Using a Disk Directory as the Supporting Output Media ........................................................... 5-29
5-29
Verify the Readability of the fbackup Tape
.................................................................................................................. 5-33
5-33
Boot from the IRT .................................................................................................................................................................. 5-34

5-34
Run screstore to Restore Data from the fbackup Media
.......................................................................................... 5-37
5-37
Run the scmirrorfs Tool to Set Up the Mirrored Configuration ............................................................................ 5-44
5-44
....................................................................................................................................................................................................................................
1350 OMS
v
Contents
....................................................................................................................................................................................................................................
Mirror Disks
Overview ...................................................................................................................................................................................... 6-1
6-1
Mirrored Disk Overview ........................................................................................................................................................ 6-2
6-2
Install the Mirror Disk/UX .................................................................................................................................................... 6-4
6-4
Configure Disk Fault Protection with Mirror Disk/UX .......................................................................................... 6-6
6-6
Network Depot
Overview ...................................................................................................................................................................................... 7-1
7-1
Network Depot Overview ...................................................................................................................................................... 7-2
7-2
Run scbuilddepot to Create or Update the Platform Software Depot .................................................................... 7-4
7-4
Add Software to the Platform Software Depot .............................................................................................................. 7-7
7-7
Create the Application Software Depot ............................................................................................................................ 7-8
7-8
Edit the .rhosts file to Authorize Access to the Application Software Depot ................................................... 7-10
7-10
General Operations
Overview ...................................................................................................................................................................................... 8-1
8-1
Restart the HP Servers ......................................................................................................................................................... 8-2
8-2
Decompress a Compressed .gz File
................................................................................................................................... 8-5
8-5
Eject a CD-ROM ....................................................................................................................................................................... 8-7

8-7
9
Security
Overview ...................................................................................................................................................................................... 9-1
9-1
Security Overview .................................................................................................................................................................... 9-3
9-3
Security Banners
....................................................................................................................................................................... 9-6
9-6
Security Profiles ........................................................................................................................................................................ 9-8

9-8
Web Portal Macro Functions and Default User Profiles .......................................................................................... 9-11
9-11
PMC Management Macro Functions and Default User Profiles
.......................................................................... 9-12
9-12
Session Management Macro Functions and Default User Profiles ...................................................................... 9-13
9-13
Alarm and FM Related Macro Functions and Default User Profiles .................................................................. 9-14
9-14
....................................................................................................................................................................................................................................
1350 OMS
vi
Contents
....................................................................................................................................................................................................................................
User Management Macro Functions and Default User Profiles ............................................................................ 9-16
9-16
SMF Macro Functions and Default User Profiles ...................................................................................................... 9-17
9-17
Audit and Log Files ............................................................................................................................................................... 9-20
9-20
Sample security.parms File ................................................................................................................................................. 9-24
9-24
System Security Parameters
............................................................................................................................................... 9-26
9-26
Prepare to Set Up Security .................................................................................................................................................. 9-36

9-36
Set Up Security with Any Profile ..................................................................................................................................... 9-38
9-38
Change a Manufacturer's Default Passwords ............................................................................................................... 9-40
9-40
Verify and Kill Processes ..................................................................................................................................................... 9-42
9-42
Remove Security ..................................................................................................................................................................... 9-44
9-44
Troubleshoot and Fix Old Password Problems
........................................................................................................... 9-46
9-46
Troubleshoot and Fix /etc/passwd File Problems ....................................................................................................... 9-47

9-47
Authorize Access to the Depot Machine ........................................................................................................................ 9-49
9-49
10
HP Printer Configurations
Overview
................................................................................................................................................................................... 10-1
10-1
Printer Configuration Overview
....................................................................................................................................... 10-2
10-2
Configure a Printer in the Local Spooler Queue ......................................................................................................... 10-3

10-3
Start the Spooler
..................................................................................................................................................................... 10-8
10-8
Configure a Printer Booting upon Booting from the Local System

11
.................................................................... 10-9
10-9
Troubleshooting
Overview
................................................................................................................................................................................... 11-1
11-1
General Troubleshooting
Troubleshooting
Ping a Node
...................................................................................................................................................................... 11-3
11-3
.............................................................................................................................................................................. 11-6
11-6
Activate the KDC Log .......................................................................................................................................................... 11-8

11-8
Deactivate the KDC Log ................................................................................................................................................... 11-10
11-10
....................................................................................................................................................................................................................................
1350 OMS
vii
Contents
....................................................................................................................................................................................................................................
System / Environment
Overview
................................................................................................................................................................................. 11-11
11-11
OS Percentage Usage .......................................................................................................................................................... 11-12

11-12
Manage Semaphores ........................................................................................................................................................... 11-13
11-13
Unblock the Login to the 1350 OMS
Remote Commands
........................................................................................................................... 11-14
11-14
............................................................................................................................................................. 11-15
11-15
Kerberos Configuration
..................................................................................................................................................... 11-16
11-16
System Installation and Customization

Overview ................................................................................................................................................................................. 11-18
11-18
Troubleshoot 1350 OMS System License Problems ............................................................................................... 11-19
11-19
Remove the WDM Component from the 1350 OMS ............................................................................................. 11-21
11-21
Product Installation
Troubleshoot Product Installation Failures (no space/file busy)
........................................................................ 11-24
11-24
Upgrade the MW-OS Application .................................................................................................................................. 11-27

11-27
Configure and Test the Centralized User-DB in a Distributed Environment ................................................. 11-29
11-29
Product Customization
Overview ................................................................................................................................................................................. 11-33
11-33
Customize a 1350 OMS Component while Other Components Are Running
............................................. 11-34
11-34
Perform a Manual Customization/De-customization (without using the Install Wizard) .......................... 11-36
11-36
Perform a Fast Customization of the MS-GUI Package ........................................................................................ 11-38
11-38
Customizing WDM to Exclude the Remote eOMS ................................................................................................. 11-40
11-40
System Applications Management
PMC2 Process Monitoring
............................................................................................................................................... 11-41
11-41
SAS, UDM, LDAP .............................................................................................................................................................. 11-44

11-44
Web Desktop Administration ........................................................................................................................................... 11-47
11-47
Cannot Connect to the Authentication Server
........................................................................................................... 11-57
11-57
....................................................................................................................................................................................................................................
1350 OMS
viii
Contents
....................................................................................................................................................................................................................................
Work Arounds for the MS-GUI
...................................................................................................................................... 11-59
11-59
Work Arounds for Database Management .................................................................................................................. 11-63

11-63
General Work Arounds for Application Problems
................................................................................................... 11-65
11-65
Work Arounds for File System Management ............................................................................................................. 11-67

11-67
NMA Basic Debug/Configuration Notes
Logging .................................................................................................................................................................................... 11-69
11-69
Configuration ......................................................................................................................................................................... 11-72
11-72
12
GSP and MP Configuration

Overview
................................................................................................................................................................................... 12-1
12-1
GSP and MP Overview
........................................................................................................................................................ 12-2
12-2
Configure the GSP ................................................................................................................................................................. 12-3

12-3
Verify Access to the GSP LAN Console ...................................................................................................................... 12-11
12-11
Access to the GSP Console
.............................................................................................................................................. 12-13
12-13
Configure the MP ................................................................................................................................................................. 12-15

12-15
13
File System Management

Overview
................................................................................................................................................................................... 13-1
13-1
File System Management Overview
............................................................................................................................... 13-2
13-2
File System Management Tools ........................................................................................................................................ 13-3

13-3
A
List of Abbreviations
Abbreviations ............................................................................................................................................................................ A-1
A-1
Index
....................................................................................................................................................................................................................................
1350 OMS
ix
Contents
....................................................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
x
List of tables
9-1
................................................................................................................................ 9-27
....................................................................................................................................................................................................................................
1350 OMS
xi
List of tables
....................................................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
xii
About this document

About this document
Purpose
This preface provides an overview of this information product (IP), which is the 1350
OMS Administration Guide, Vol 1: Common Tools and Processes.
The purpose of the 1350 OMS Administration Guide, Vol 1: Common Tools and Processes
is to explain to system and network administrators how to administer and to maintain the
1350 OMS 9.5.
Reason for reissue
This document has been reissued on October 2011 to support the 1350 OMS 9.5.
Safety information
This document does not contain any safety information (cautions or warnings) because
the 1350 OMS is a software product.
Important! When working with any hardware that is associated with any piece of
software, always refer to the safety information that the hardware manufacturer provides
for that particular piece of hardware. For example, when working with an HP server,
refer to safety information that is provided in the HP documentation for that server.
When working with any Alcatel-Lucent network element, refer to safety information that
is provided in the Alcatel-Lucent documentation for that particular NE.
Intended audience
The 1350 OMS Administration Guide, Vol 1: Common Tools and Processes is written
primarily for operations personnel who administer and maintain the 1350 OMS. This
document can be used by anyone who needs specific administration information about the
features, applications, and operations of the 1350 OMS. These people are you, its users.
...................................................................................................................................................................................................................................
1350 OMS
xiii
About this document

....................................................................................................................................................................................................................................
Conceptual and task content
In the broadest sense, this document contains the following types of content:
Conceptual content, which is background information, is given so users can better

understand the tasks that must be performed. The presentation of conceptual
information varies according to the topic being explainedsections, subsections,
tables, figures, and screen captures can be commonly found.
Task content, which includes step-by-step instructions, is provided so users can
administer, provision, and maintain the system. The task information is typically
presented as series of tasks that follows the conceptual information.
The conceptual information complements and enhances the step-by-step instructions that
are found in each task. To optimize the use of the conceptual and task content, users
should consider the following:
The conceptual information should be used to broaden your general knowledge of the
network management system. It is best if you read all conceptual information and
have a good understanding of the concepts being presented before undertaking the
step-by-step instructions given in any task.
The conceptual and task portions of the document have extensive hyperlinks. Use
these links to toggle between the two types of information presented so you can
access all pertinent information related to particular concepts and tasks.
The task information is based on a user needs analysis that has been performed for
each management system user job; therefore, use the task information to get the job at
hand done quickly and with minimal system impact.
Format of task content
Each task consists of sections that are called When to use, Related information, Before
you begin, and Task. The intent of these sections is self-explanatorythey explain when
you should use the task, any related information that you would need to know while doing
the task, and what you need to consider or do before you start the task.
When a task does not have any related information that must be considered before it is
started, the Related information section for that task states the following:
This task does not have any related information.
When a task does not have any conditions that must be considered before it is started, the
Before you begin section for that task states the following:
This task does not have any preconditions.
Each Task section consists of steps. The completion of all steps, which are sequentially
numbered, is required for the entire task to be completed successfully. In some instances,
a step might be prefaced with the wording Optional, which indicates that the step can be
....................................................................................................................................................................................................................................
1350 OMS
xiv
About this document

....................................................................................................................................................................................................................................
skipped and the task can still be completed successfully. A task is considered to be
completed when all of its steps are completed and when the wording End of Steps
appears.
Many times, the management system affords users with multiple ways to accomplish the
same task. In these instances, this type of task gives the user several Methods of how to
accomplish the same set of steps successfully.
Typographical conventions used for content
This document uses the following typographical conventions:
User input or path navigation on the administration and application GUIs is

identified with this type.
User input in the UNIX environment is identified with this

type.
System output in the UNIX environment is identified with

this type..
GUI fields/parameters and their options are identified with this type.
Document titles or words that are being defined or emphasized are identified with this
type.
Marking conventions used for content
The following convention is used to indicate a path, which is a flow of buttons and/or
menu items that you must navigated through to arrive at a destination on the GUI:
Actions > EML > Create NE
This same convention is also used to show a path through a series of menu items, for
example:
Click the filtering tool and select Node > Node Type.
All mouse selections are presumed to be left clicks. Right click mouse selections are
indicated as the following:
Right click the highlighted item and follow the path: Search > Clients.
Or, if brevity is needed, the same path could be documented as:
RClick item > Search > Clients.
Occasionally, a set of 1350 OMS features is not supported for all NEs or for all operating
components and/or environments. This set of features is clearly marked to show these
exceptions.
....................................................................................................................................................................................................................................
1350 OMS
xv
About this document

....................................................................................................................................................................................................................................
Technical content
In general, the technical content in this document is augmented by technical content that
is provided in other documents in this documentation set and/or in the document set of the
particular network element (NE ) or piece of hardware in the network configuration. It is
the user's responsibility to read all pertinent material in all documentation sets in order to
understand a particular concept or procedure and/or to implement the procedure in his or
her working environment.
This document contains information on the complete line of NEs that the 1350 OMS
supports. Each release of the 1350 OMS and its applications supports certain NEs within
the Alcatel-Lucent family of optical NEs. Mention of NEs or specific NE features in the
text of this document, or any document in the 1350 OMS documentation set, that are not
supported in this particular product release can apply to prior or future product releases.
Such material may not be currently visible or operable on the GUI and/or the server and
has been added only as a convenience for our customers. This material is subject to
change. For a list of NEs that are supported in the 1350 OMS 9.5, contact your
Alcatel-Lucent local customer service support team.
This document, or any document in the 1350 OMS documentation set, may contain
information that is related to features, service packs (SPs), maintenance releases, or other
updates that our product and its applications supported in prior releases or is to support in
the near future. This material may not be visible or operable on the supported servers
and/or GUI, and has been added only as a convenience for our customers. This material is
subject to change. For a list of all supported features for a particular release, contact your
Treatment of terms
A term that is presented in the text of this document, along with any used abbreviation for
the term, is typically defined where the term is initially introduced.
Many of the more generic terms that are defined in this document, along with the terms
that are defined in other documents in this documentation set, are also defined in the
Glossary, which is part of the 1350 OMS Getting Started Guide. We encourage our users
to rely on the Glossary for a comprehensive set of terms and any abbreviations of the
terms.
....................................................................................................................................................................................................................................
1350 OMS
xvi
About this document

....................................................................................................................................................................................................................................
Related documentation
The following documents are related to the 1350 OMS Administration Guide, Vol 1:
Common Tools and Processes, 9.5:
1. The 1350 OMS Installation Guide (8DG42146MAAA) explains how to perform the
installation of the 1350 OMS and its components.
2. The 1350 OMS Getting Started Guide (8DG42146AAAA) explains the look-and-feel
of the 1350 OMS user and administration GUIs to new users. This document contains
a complete explanation of the 1350 OMS information product set and a glossary of
terms that is applicable to the documentation set.
3. The 1350 OMS Administration Guide (8DG42146LAAA) explains how to use the
tools and the administration GUIs to administer and maintain the element
management layer, network management layer, and service management layer of the
1350 OMS.
This document consists of the following volumes:
The 1350 OMS Administration Guide, Vol 1: Common Tools and Processes
(8DG42146LAAA-Vol1) explains how to administer and maintain the common
tools and processes that are associated with the 1350 OMS.
4.
5.
6.
7.
The 1350 OMS Administration Guide, Vol 2: Common GUI Functions

(8DG42146LAAA-Vol2) explains how to administer and maintain the common
administration GUIs that are associated with the 1350 OMS.
The 1350 OMS EML Guide (8DG42146BAAA) explains how to administer and
provision the 1350 OMS EML application of the 1350 OMS, which is the element
management layer of the 1350 OMS.
The 1350 OMS PKT Guide (8DG42146DAAA) explains how to administer and
provision the Packet (PKT) application of the 1350 OMS that provides Ethernet
network management layer support.
The 1350 OMS SDH Guide (8DG42146CAAA) explains how to administer and
provision the Synchronous Digital Hierarchy (SDH) network management layer of the
1350 OMS.
The 1350 OMS WDM Guide (8DG42146QAAA) explains how to administer and
provision the 1350 OMS WDM, which provides the Wavelength Division
Multiplexing (WDM) and Dense Wavelength Division Multiplexing (DWDM)
network management layer for the 1350 OMS.
8. The 1350 OMS Service Assurance Guide (8DG42146FAAA) explains alarm

management and performance monitoring for the 1350 OMS.
9. 1350 OMS CLI Reference (8DG42146KAAA) provides detailed reference material on
the Command Line Interface for the advanced user of the 1350 OMS.
10. The 1350 OMS eOMS Guide explains how to administer and provision the eOMS.
....................................................................................................................................................................................................................................
1350 OMS
xvii
About this document

....................................................................................................................................................................................................................................
The document consists of the following volumes:

The 1350 OMS eOMS Guide, Vol 1: Getting Started (8DG42146RAAA-Vol1)
explains the look-and-feel of the1350 OMS eOMS GUI. In addition, this
document contains a glossary of terms for the 1350 OMS eOMS set of documents.
The 1350 OMS eOMS Guide, Vol 2: Administration (8DG42146RAAA-Vol2)
explains how to administer the 1350 OMS eOMS.
The 1350 OMS eOMS Guide, Vol 3: Network Element Management
(8DG42146RAAA-Vol3) explains how to use the 1350 OMS eOMS to provision
and manage network elements.
The 1350 OMS eOMS Guide, Vol 4: Connection Management (8DG42146RAAAVol4) explains how to provision and manage connections in the 1350 OMS eOMS
environment of the 1350 OMS.
The 1350 OMS eOMS Guide, Vol 5: Ethernet Management (8DG42146RAAAVol5) explains how to use the Ethernet Management feature to provision and
manage Ethernet connections in the 1350 OMS eOMS environment of the 1350
OMS.
The 1350 OMS eOMS Guide, Vol 6: Service Assurance (8DG42146RAAA-Vol6)
explains how to manage and interpret fault and performance monitoring
information that is collected from the 1350 OMS eOMS environment of the 1350
OMS.
The 1350 OMS 9.5 also supports modules for system resiliency and northbound
communication. These modules are explained in the following documents:
The 1350 OMS HA Guide (8DG42146GAAA) explains how to install, administer, and
use the High Availability feature.
The 1350 OMS OI Guide (8DG42146HAAA) explains how to install, administer, and
use the Open Interfaces that are supported for the 1350 OMS.
In addition, the 1350 OMS 9.5 also supports migration activities with related
documentation. Contact your Alcatel-Lucent local customer service support team for
additional details.
Document formats
This document is available for use in HTML format and PDF.

The on-line HTML version of the document has a search capability, a table of contents in
the front matter of the document, a partial table of contents in each chapter, and an index.
The PDF version can be viewed on-line; or it, or portions of it, can be printed locally at
the user's discretion.
On-line help
The 1350 OMS help systems are designed to consider the task that the user is performing
and to help the user complete the task.
....................................................................................................................................................................................................................................
1350 OMS
xviii
About this document

....................................................................................................................................................................................................................................
Contact sensitive help, which defines many GUI fields, is available; and other types of
help can be accessed from the GUI menu.
The entire document set that supports the Alcatel-Lucent 1350 OMS 9.5 release can be
ordered on CD-ROM. The ordering number for this CD-ROM is 8DG42147AAAA. The
ordering number for this particular document is 8DG42146LAAA-Vol1. Contact your
local Alcatel-Lucent local customer service support team for details.
In addition, to order the 1350 OMS and/or any of its applications, add-on features or
upgrades, contact your local Alcatel-Lucent local customer service support team.
How to comment
To comment on this document, go to the Online Comment Form (http://infodoc.alcatellucent.com/comments/) or e-mail your comments to the Comments Hotline
(comments@alcatel-lucent.com).
....................................................................................................................................................................................................................................
1350 OMS
xix
About this document

....................................................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
xx
1roduct and
P
Administration Overview
Overview
Purpose
This chapter provides an overview of the 1350 OMS and the system administration
functions provided to maintain the 1350 OMS applications.
Contents
1350 OMS Overview
1-2
1350 OMS Modules for System Resiliency and Northbound Communication
1-6
ANTP
1-7
Common Security and Access
1-8
System Administrator Responsibilities
1-10
...................................................................................................................................................................................................................................
1350 OMS
1-1
1350 OMS Overview
....................................................................................................................................................................................................................................
1350 OMS Overview

1350 OMS and its supported management layers
The 1350 OMS is a network management system that supports several management
layers that can accommodate and grow with a customer's optical network.
The Element Management Layer, or EML, provides the functionality that is needed to
access any Alcatel-Lucent supported network elements (NEs) that are deployed in a
customer network. The EML provides a single access point for communication with an
NE.
The Network Management Layer, or NML, provides the functionality that is needed to
commission, provision, and supervise the network that is deployed in a customer premise.
The Service Management Layer, or SML, provides the functionality that is needed to
commission, provision, and supervise a Virtual Private Network (VPN) that an
Alcatel-Lucent customer deploys to its end users or to its customers.
1350 OMS and its applications
The 1350 OMS is the Alcatel-Lucent converged and unified network management
system. It manages the complete portfolio of Alcatel-Lucent's active network elements
(NEs) and it maintains the complete portfolio of Alcatel-Lucent's legacy NEs.
The 1350 OMS consists of the following set of integrated, licensed applications:
1350 OMS EML (p. 1-2)
1350 OMS PKT (p. 1-3)
1350 OMS SDH (p. 1-3)
1350 OMS WDM (p. 1-3)
Refer to the 1350 OMS Getting Started Guide for a more detailed system description.
1350 OMS EML
The 1350 OMS EML application provides element level management (EML) capabilities
for both Alcatel-Lucent ANSI and ETSI NEs. Its set of protocol adapters supports basic
NE functions such as NE MIB backup/restore and software downloads. Because the 1350
OMS provides all of the element layer functions that are required to manage the deployed
network, it requires the 1350 OMS EML application and/or the 1350 OMS eOMS legacy
management system to also be deployed. (See Legacy management and NE support
(p. 1-4).)
....................................................................................................................................................................................................................................
1350 OMS
1-2
1350 OMS Overview
....................................................................................................................................................................................................................................
Refer to the following documents and contact your Alcatel-Lucent local customer service
support team for additional details:
1350 OMS EML Guide

1350 OMS Service Assurance Guide
1350 OMS PKT
The 1350 OMS PKT application provides Ethernet network management layer support
along with provisioning, alarm correlation, and historical PM data services. Ethernet
services include Multi-Protocol Label Switching (MPLS), Transport-Multi-Protocol Label
Switching (T-MPLS), bridging, connection-oriented traffic, and packet rings.
1350 OMS PKT Guide
1350 OMS SDH
The 1350 OMS SDH application provides the Synchronous Digital Hierarchy (SDH)
network management layer along with provisioning, alarm correlation, and PM
correlation capabilities. The 1350 OMS SDH functions as a client for the 1350 OMS
WDM application and as a server for the 1350 OMS PKT application.
1350 OMS SDH

1350 OMS CLI Reference
For 1350 OMS support of SDH in a legacy system, refer to Legacy management and NE
support (p. 1-4) for details.
1350 OMS WDM
The 1350 OMS WDM application provides Wavelength Division Multiplexing (WDM)
and Dense Wavelength Division Multiplexing (DWDM) support along with provisioning,
alarm correlation, and historical PM correlation capabilities.
1350 OMS WDM Guide

....................................................................................................................................................................................................................................
1350 OMS
1-3
1350 OMS Overview
....................................................................................................................................................................................................................................
For 1350 OMS support of WDM and DWDM in a legacy system, refer to Legacy
management and NE support (p. 1-4) for details.
1350 OMS software and the Web
1350 OMS is run through an Internet browser-based Graphical User Interface (GUI). It
supports the standard web features that a browser offers, such as bookmarks, back,
forward, reload, and print.
The Web Desktop is the available mechanism that both system administrators and users
can use to access the 1350 OMS GUI. It provides a central access point from which both
system administrators and users are authenticated and from which they can navigate to
the Web Portal to access the 1350 OMS applications.
The Web Portal is a Java application that is started when the administrator or user logs in
from the Web Desktop. The Web Portal provides the administrator with a view of all 1350
OMS applications and manages GUI navigation between the subsystem components. The
Web Portal also provides various methods of navigationsuch as menus, icons, and a left
tree navigation areabetween applications and tools.
From the 1350 OMS Web Portal, administrators can set up each application and its users,
and users can access the network and element level applications that enable the family of
Alcatel-Lucent NEs to be provisioned.
Refer to the 1350 OMS Getting Started Guide for a more detailed description of the look
and feel of the software and for a glossary of terms and acronym list.
Legacy management and NE support
Through its Web Portal, the 1350 OMS provides users with the ease of accessing and
using the familiar embedded Optical Management System (eOMS) to provision the NEs
that are managed through the 1350 OMS eOMS and the NEs that are managed through an
XML-over-socket (XoS) interface (such as TNA, CNA, or ITM-SC).
Refer to the following documents for additional information on the 1350 OMS eOMS:
1350 OMS eOMS Guide, Vol 1: Getting Started

1350 OMS eOMS Guide, Vol 2: Administration
1350 OMS eOMS Guide, Vol 3: Network Element Management
1350 OMS eOMS Guide, Vol 4: Connection Management

1350 OMS eOMS Guide, Vol 5: Ethernet Management
1350 OMS eOMS Guide, Vol 6: Service Assurance
Because the 1350 OMS provides all of the element layer functions that are required to
manage the deployed network, it requires the 1350 OMS EML application and/or the
1350 OMS eOMS legacy management system to also be deployed. (See 1350 OMS
EML (p. 1-2).)
....................................................................................................................................................................................................................................
1350 OMS
1-4
1350 OMS Overview
....................................................................................................................................................................................................................................
1350 OMS supported NEs
The 1350 OMS supports the Alcatel-Lucent family of optical network elements (NEs). To
accommodate the world of optical transmission standards, these NEs operate using
different transport structures and they support different native command languages.
Contact your local customer support team for a list of NEs that are supported by the 1350
OMS and its particular applications.
Important! Each release of the 1350 OMS and its applications supports certain NEs
within the Alcatel-Lucent family of optical NEs. Mention of NEs or specific NE features
in the text of this document, or any document in the 1350 OMS documentation set, that
are not supported in this particular product release can apply to prior or future product
releases. Such material may not be currently visible or operable on the GUI and/or the
server and has been added only as a convenience for our customers. This material is
subject to change. For a list of NEs that are supported in the 1350 OMS 9.5, contact your
....................................................................................................................................................................................................................................
1350 OMS
1-5
1350 OMS Modules for System Resiliency and Northbound

Communication
....................................................................................................................................................................................................................................
1350 OMS Modules for System Resiliency and Northbound

Communication
1350 OMS HA
The 1350 OMS supports High Availability (HA) as an added value module, which is
referred to as the 1350 OMS HA. The 1350 OMS HA software package is installed on top
of an already installed and configured NML and EML platform and independently of any
other application such as the 1350 OMS SDH, 1350 OMS PKT, or 1350 OMS WDM or
any element manager such as the 1350 OMS EML or 1350 OMS eOMS.
As its name suggests, the 1350 OMS HA provides high availability to these applications
whose main task is to manage transport networks. It protects the 1350 OMS applications
and its HP server platform against hardware and software failures that could be caused
by system failures (such as the failure of the system power supply or a system
component), a site failure (such as a natural disaster or fire), a backplane failure, a
processor failure, or any unplanned outage.
The 1350 OMS HA is explained in detail in the 1350 OMS HA Guide
(8DG42146GAAA). This document includes installation, administration, and user
information for the 1350 OMS High Availability (HA) feature.
Contact your Alcatel-Lucent local customer service support team for additional details.
1350 OMS OI
The 1350 OMS OI software package is installed on top of an already installed and
configured MW-INT platform and independently of any other application such as the
1350 OMS SDH, 1350 OMS PKT, or 1350 OMS WDM any element manager such as the
1350 OMS EML or 1350 OMS eOMS.
The 1350 OMS OI enables the 1350 OMS applications to export or import data to
multiple external operation systems (OSs). The 1350 OMS OI is a flexible, powerful, and
effective set of generic OS-to-OS interfaces (GENOS) that allow an external OS to
synchronize alarms, performance monitoring, network inventory, and remote inventory
data with any of the 1350 OMS applications.
The 1350 OMS OI is explained in detail in the 1350 OMS OI Guide (8DG42146HAAA).
This document includes installation, administration, and user information for the Open
Interfaces (OIs) that are supported for the 1350 OMS.
Contact your Alcatel-Lucent local customer service support team for additional details.
....................................................................................................................................................................................................................................
1350 OMS
1-6
ANTP
....................................................................................................................................................................................................................................
ANTP
ANTP Overview
ANTP is an Alcatel-Lucent proprietary network time protocol (NTP) that enables a

precise, real-time clock alignment between the NEs and a reference clock source, such as
an ANTP server. ANTP is based on an algorithm that NTP implements and uses in the
UNIX environment.
While NTP functions in TCP/IP environment, ANTP protocol is based on OSI layer 3
(Connectionless Network Protocol, or CLNP) communication services. To synchronize
the NE and the reference source, modifications in the interface and packet format of
standard NTP product enable it to be plugged on top of CLNP.
ANTP is based on a client-server paradigm. The NE functions as the client, while the
ANTP server is typically located on the network manager. The client (the NE)
periodically queries the server to discover the current time and date on the server. This
periodic query enables round trips delays and average statistical values to be calculated
for the best real-time alignment of the client (the NE) and server.
ANTP and RTC distributed system architecture
To guarantee the alignment of the operations systems (OSs) and the NE clocks, ANTP
must keep the NEs synchronized with the reference clock servers, independent of the
reference source; therefore, the network must be synchronized internally and externally.
For example, ANTP gets its clock speed from a UNIX-based workstation and
distributes the clock speed to the NEs. The native NTP protocol then gets the real-time
clock (RTC) speed from an external device, such as a global positioning satellite (GPS),
and distributes the clock speed to the OSs. The clock is then distributed by one
workstation (likely the OS itself) to the NEs using ANTP protocol.
To guard against DCN or workstation failures, two ANTP servers exist in the
management network. One ATNP server has a higher priority than the other ANTP server.
If one server fails, the NE automatically refers to the other. Only a double ANTP server
failure, or a failure in the related DCN, would force the NEs to function in RTC
free-running clock-mode. In general, the two ANTP servers do not have to be co-located.
....................................................................................................................................................................................................................................
1350 OMS
1-7
....................................................................................................................................................................................................................................

Platform security
The 1350 OMS affords secure configuration modes that run on existing certified/validated
hardware and software without any, or with acceptable levels of, performance
degradation.
The hardware vendor of choice guarantees that the platform has built-in protection
mechanisms that avoid security circumvention during setup, re-configuration, start-up,
boot time, or system shut down prior to any applications being operational. The system
hardware configuration is designed to use redundant components such as disks, CPUs,
and memory to ensure data integrity if a system failure should occur.
Operating system security for logins
The operating system requires a non-blank (not null) user ID for successful user login into
the 1350 OMS platform and any default identifiers (user IDs and/or passwords) must be
disabled, including default system users.
Important! Both operating system users and administrators do not have any rights that
are automatically granted or defaulted to them at the application level.
Operating system security restrictions of commands and protocols
The operating system restricts the following:
The number of ports and services that the application uses.

The default or purposeful activation of certain UNIX/Linux commands (such as
rlogin, rsh, whois, traceroute, ...) and protocols (such as TFPT, ...).
Operating system and third party software maintenance
Operating system patches for UNIX, Linux, or Windows that are classified as an
emergency or an urgent/recommended patch are evaluated, certified, and validated to
determine the impact, if any, to the 1350 OMS. Contact your Alcatel-Lucent local
customer service support team for details.
Third party application security restrictions
The 1350 OMS restricts the number of ports and services that the third party application
(including databases such as Oracle) uses.
All third party applications must restrict the use of non-blank (not null) user passwords
for platform access. In addition, scripts for third part applications prohibit the use of
passwords in clear text. Any default passwords are changed to customer specific
passwords during installation.
....................................................................................................................................................................................................................................
1350 OMS
1-8
....................................................................................................................................................................................................................................
System-wide OA&M security
The 1350 OMS affords a single backup and restore capability for all data domains that are
associated with the core applications. In addition, the system supports a central start/stop
of the entire platform, one embedded component, or one process group.
For Disaster Recovery configurations, a system backup facility is available if the security
of a system has been compromised and recovery to a secure state is needed.
Terminal servers, workstations, and client desktop PCs
User desktop PCs are vulnerable components of a network management solution. Even if
dedicated desktops are used, the use of shared corporate PCs as network management
client desktops has become a clear trend. Often, these shared corporate PCs run other
applications and have direct Internet access; consequently, these machines can be attacked
directly, infected with malware, or used as jumping-off points to attack an organizations
internal network.
To combat the vulnerability of Microsoft products, the 1350 OMS supports both the
Internet Explorer and the Mozilla Firefox browsers.
To separate the PC (the access zone) from the web server (the session zone), the 1350
OMS supports the use of its GUI over Windows, GUI servers (such as GoGlobal),
Workstations, or Citrix terminal servers.
To determine entire system configuration, all software, including 1350 OMS, third party
software, client software, plug-ins, and patches, should be accounted for.
The 1350 OMS supports a Windows terminal server and up to 15 client sessions per
server. The client sessions can originate from HP-UX and/or Windows PC client
terminals.
....................................................................................................................................................................................................................................
1350 OMS
1-9
....................................................................................................................................................................................................................................

Overview
The system administrator of the 1350 OMS is responsible for the initial and day-to-day
administration of the 1350 OMS system and its applications and add-on features.
The system administrator must be knowledgeable of the HP servers and the HP-UX
operating system, which are the platform of the 1350 OMS. The system administrator
must have a working knowledge of UNIX commands, MS Windows-based PCs, web
browsers, and network data communications.
Most importantly, the system administrator must be familiar with the documentation that
is provided with each hardware and software component of the 1350 OMS and its
applications and add-on features.
Application management
The system administrator is responsible for managing the 1350 OMS and its applications
and keeping the HP-UX OS up and running, which includes the following:
Process monitoring and configuration

Logs management
Trace management
Backup and restore operations
NE maintenance including software downloads and saving TPs
Reconfigurations (stack and processes)
Preventative Maintenance
The system administrator is responsible for preventative maintenance of the 1350 OMS
and its applications, which includes the following:
Minimize the consequences of hardware and software failures

Avoid full file systems
Corrective Maintenance
The system administrator is responsible for corrective maintenance of the 1350 OMS and
its applications, which includes the following:
Power supplies
Full file systems
Hardware failures (disk crashes, SCSI errors)
Software failures (Panix UNIX operating system, application bugs)
....................................................................................................................................................................................................................................
1350 OMS
1-10
2 pplications and Their

A
Instances
Overview
Purpose
This chapter provides the administrator with the conceptual information and the
associated tasks that pertain to the instances of a particular 1350 OMS application.
Contents
Instance Overview
2-2
2-4
2-6
...................................................................................................................................................................................................................................
1350 OMS
2-1
Instance Overview
....................................................................................................................................................................................................................................
Instance Overview
Instance definition
The 1350 OMS supports the 1350 OMS PKT, 1350 OMS SDH, and 1350 OMS WDM
applications, along with the 1350 OMS eOMS and 1350 OMS EML element level
management systems (EMLs). Each single running occurrence of any of these
applications or EMLs that is installed and customized in the 1350 OMS management
system is referred to as an instance.
The MW-INT, which is the Middleware Interface, manages each application or EML
instance.
Instance format
A single running occurrence of an application or EML is an instance. Multiple instances

of an application or EML mean that the application or EML has been loaded several
times. In the 1350 OMS, an instance of an application or EML has this format:
<Application_Instance>
Where:
Application is the supported 1350 OMS application, which can be the 1350 OMS PKT,
1350 OMS SDH, or 1350 OMS WDM applications or the 1350 OMS eOMS or 1350
OMS EML EMLs.
Examples:
Examples of instance names could be the following:

SDH_1-1.0
EOMS_2-5.6
EML_2-4.1
PKT_1-8.1
Customization and decustomization of instances
Each application instance requires customization; and when an application instance is

removed from the 1350 OMS and from MW-INT control, the process is called
decustomization and the tool that is invoked is Decustom.
....................................................................................................................................................................................................................................
1350 OMS
2-2
Instance Overview
....................................................................................................................................................................................................................................
Types of instances
The 1350 OMS supports the following types of instances:
A Master instance is that instance of an application that supplies all data concerning
that application.
A Client instance is that instance of an application that is requesting all data
concerning the application from the master instance.
When configuring a 1350 OMS application, that configuration must be created only on
Master instances. The configuration is not required on client instances.
Related tasks
The following tasks are related to instances:
Remove an Instance of an Application (p. 2-4)
Free System Resources Used by an Application Instance (p. 2-6)
To install an instance of an application, refer to the 1350 OMS Installation Guide.
....................................................................................................................................................................................................................................
1350 OMS
2-3
....................................................................................................................................................................................................................................

When to use
Use this task to remove an instance of an application.

Related information
See the following topic in this document:
Instance Overview (p. 2-2)
For details about how to install an instance of an application, refer to the 1350 OMS
Installation Guide.
Before you begin
When an application instance is being removed from the 1350 OMS is said to be
decustomized.
Task
Complete the following steps to remove the instance of an application.

...................................................................................................................................................................................................
From the Web portal, follow this path to stop the application by selecting the name of the
application instance.
Actions > Stop > Selected item
Result: The application instance is stopped.
...................................................................................................................................................................................................
Log out from application or the 1350 OMS (alcatel) account.

...................................................................................................................................................................................................
Log in as root.
...................................................................................................................................................................................................
Enter the following command line to remove/decustomize the instance from the
MW-INT:
,root> /alcatel/Kernel/script/Decustom <Application_Instance>
Example:
/alcatel/Kernel/script/Decustom PKT 1-9.5
The MW-INT no longer manages this instance of the 1350 OMS PKT named PKT 1-9.5.
....................................................................................................................................................................................................................................
1350 OMS
2-4
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the following command lines to remove all files that are associated with the
application instance:
,root> cd /usr/Systems [Enter]
,root> rm -Rf <Application_Instance>/* [Enter]
,root> rm -f /alcatel/BackupArea/<Application_Instance> [Enter]
,root> rm -f /alcatel/MirrorArea/<Application_Instance> [Enter]
...................................................................................................................................................................................................
Enter the following command lines to kill any and all process that belong to the
application or the 1350 OMS (alcatel) user:
,root> ps -efa
grep <application user> [Enter]
Enter the following command to kill all process numbers that the previous command
listed:
,root> kill -<process number> [Enter]
,root> ps -efa | grep alcatel [Enter]
Carefully identify those processes that belong to the particular application that is to be
removed. Enter the following command to kill all process numbers that the previous
command listed:
,root> kill -<process number> [Enter]
...................................................................................................................................................................................................
If a new release of the application is to be installed, all current packages for the release
must be removed.
First, enter the following command lines to remove the remaining directories for NMS,
NMA, and NMC:
,root> cd /alcatel/<release number>/NMS [Enter]
,root> rm -rf <application> [Enter]
,root> cd /alcatel/<release>/NMA [Enter]
,root> rm -rf <application>*/ <release> [Enter]
On the master workstation only, enter the following commands:

,root> cd /alcatel/<release>/NMC [Enter]
,root> rm -rf TAO_INT/<release> [Enter]
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
2-5
....................................................................................................................................................................................................................................

When to use
Use this task to free the system resources that an instance of application uses.
Related information
Instance Overview (p. 2-2)
For details about how to install an instance of an application, refer to the 1350 OMS
Installation Guide.
Before you begin
Use this task only to free system resources such as a logical volume and disk space, swap
space, and the UNIX kernel configuration.
Task
Complete the following steps to free the system resources application instance uses.
...................................................................................................................................................................................................
Log in as root user.

,root # /SCINSTALL/bin/scmanageswp [Enter]
Result: The SWP (Software Package) main menu outputs its main menu, which is
similar to the following:
---------------SWP MAIN MENU
1 - Predispose new SWP
2 - View predisposed SWP
3 - Remove SWP
4 - Create new SWP INSTANCE
5 - View created SWP INSTANCE
6 - Remove SWP INSTANCE
a - apply
e - Exit
Insert choice and press [Enter]:
----------------
...................................................................................................................................................................................................
Select 6 and press Enter.

Result: The SWP outputs a display that is similar to the following:
Remove INSTANCE
....................................................................................................................................................................................................................................
1350 OMS
2-6
....................................................................................................................................................................................................................................
Item SWP Name

SWP Version INSTANCE Number INSTANCE
Dimension
---- --------------- ----------- --------------- -------------------1
<App Name>
<Release> 1
<Application>_IM_Medium
Enter 'q' to Quit, 'd' to Display again or the Item Number :
...................................................................................................................................................................................................
Select the number of the particular application instance to be removed and press Enter.
<application instance number> [Enter]
Selected INSTANCE is candidate to be removed from system:
<application instance>
<number selected>
Please confirm your selection ? (y/n)
...................................................................................................................................................................................................
If the number that represents the application instance to be removed is correct, enter y for
yes and press Enter.
y [Enter]
Remove planned for INSTANCE: <Application_Instance>
Press [Enter] to continue.
=>>> WARNING: No more INSTANCE are configured on this system.
...................................................................................................................................................................................................
Press Enter.
Press Enter again.
[Enter] [Enter]
Result: The SWP main menu outputs its main menu again.
...................................................................................................................................................................................................
Select a to Apply:
a [Enter]
Result: The SWP begins the removal. As the logical file system is modified, the
workstation reboots.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
2-7
....................................................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
2-8
Configurations
3
Overview
Purpose
This chapter provides the administrator with the conceptual information and the
associated tasks that pertain to the configuration of the overall 1350 OMS.
Contents
3-2
3-4
Static Routing Configurations
3-5
Routing Configurations for Client Applications
3-8
Multi-LAN Configurations
3-10
...................................................................................................................................................................................................................................
1350 OMS
3-1
Configurations
....................................................................................................................................................................................................................................
Configuration process
The installed TMN system applications must be configured to run properly; and to run
properly, the following must be created:
Configuration files
Databases
The configuration must be created only on master systems. The configuration is not
required on client systems.
1350 OMS EML Configuration
Before starting the configuration of any 1350 OMS EML instance, you must configure all
LAN interfaces that are planned to be used by Retix Stack using the HP System
Management Homepage (SMH) application. For each LAN interface (including lan0),
you must define an alias name for the SUPERVISION_AREA during the configuration. This
information is used to define the relationship between the Retix Stack and the LAN
interface.
Important! The alias name of the interface must be different from the hostname. The
suggested name is the following:

osilan <LAN number>
Where:
<LAN number> is the LAN logical number, which allows the LAN card to be readily
identified with Retix Stack configured.

When the LAN interfaces have been configured with the SMH application, you must
remove the unnecessary reference to the hostname added by SMH into the /etc/hosts
(excluding lan0) for a new IP Address definition line.
Example:
If you configure the lan1 of host_xx to the address 192.200.200.21 with alias osilan1,
SMH adds the following new line in the /etc/hosts file:
192.200.200.21 host_xx osilan1
You have to change this line by removing the reference to host_xx. It should resemble the
following:
192.200.200.21 osilan1
Save the modified /etc/hosts file.
....................................................................................................................................................................................................................................
1350 OMS
3-2
Configurations
....................................................................................................................................................................................................................................
Master and client integration
If any application client instances exist and the 1350 OMS SDH is not installed, the 1350
OMS EML clients must be integrated with their master. Refer to the for details.
....................................................................................................................................................................................................................................
1350 OMS
3-3
Configurations
....................................................................................................................................................................................................................................

IP routing configuration
To guarantee the functioning of the 1350 OMS EML, the internet protocol (IP) routing
must be correctly configured on the following:
The Industry Standard Architecture (ISA) boards on ADMs.

Any external client application (for example: USM).
IP routing for the ISA board
With dynamic routing, you can guarantee the service if a single failure occurs. To reach
the ISA boards from the Element manager and USM, the IP routing must be configured
correctly. Since the ISA boards are always in a different subnetwork, a configuration file
must be used to specify how the destination is to be reached.
The configuration file depends on the type of routing to be used.
The different types of routing are the following:
Static routing
Static routing does not have any impact on the TCP/IP networking; but, if the gateway
goes down, the destinations are unreachable.
Dynamic routing
With dynamic routing, you can guarantee the service if a single failure occurs.
Important! With both routing methods, the network mask (netmask) must be the same
for all interfaces that belong to the same subnetwork.

If different values of the netmask are set on the interfaces, communication is not
guaranteed and dynamic routing cannot operate.
....................................................................................................................................................................................................................................
1350 OMS
3-4
Configurations
....................................................................................................................................................................................................................................

Static Routing Configuration Example for the ISA Board
To enable the communication between 1350 OMS EML systems and the ISA boards with
static routing, administrators must use the route command to declare the network where
the ISA boards are located and the relationship with the gateway.
For configuring static routing, the following format of the route command is used:
...,sys,root # route add net <network> netmask <mask> <gateway> 1 [Enter]
Where:
network is the IP network address (logical AND IP address of node and netmask) to
which the ISA board IP belongs. For example: an ISA with IP address 10.6.4.33 and
netmask 255.255.0.0 belongs to the network 10.6.0.0.
mask is the bit setting. If the bit is set to 1, it identifies the part of the address that is
related to the network. If the bit is set to 0, it identifies the host in the address.
gateway is the IP address of the router or ADM GNE that allows access to the destination
ISA board.
When the right configuration is reached, add following lines to the

/etc/rc.config.d/netconf file so the information is saved after a system reboot:
..,sys,root # vi /etc/rc.config.d/netconf [Enter]
Type G and insert the following lines:

ROUTE_DESTINATION [<x>]=net <network>
ROUTE_MASK [<x>]=<netmask>
ROUTE_GATEWAY [<x>]=<gateway>
ROUTE_COUNT [<x>]=1
ROUTE_ARGS [<x>]=
Where:
<x> is the last defined ROUTE_DESTINATION number plus 1 or 0 (zero) if a route
destination is not yet defined.

<mask> is the bit setting. If the bit is set to 1, it identifies the part of address related to the
network. If the bit is set to 0, it identifies the host in the address.

<network> is the IP network address (logical AND IP address of node and netmask) to
which the ISA board IP belongs.

<gateway> is the IP address of the router or ADM GNE that allows access to the
destination ISA board.

Save and exit the file by typing x! and press the Enter key.
....................................................................................................................................................................................................................................
1350 OMS
3-5
Configurations
....................................................................................................................................................................................................................................
Important! Remember to add a new routing destination to the routing table for each
new network defined for the ISA board. (Edit the /etc/rc.config.d/netconf file.)
Static Routing Configuration Example on the Master Workstation
To configure the 1350 OMS EML master system (Lan0, IP address = 10.2.1.6 and Lan1,
IP address = 10.3.7.5) to reach the ISA board (IP address = 10.61.4.33), the gateway to
reach the network where the ISA board is located must be defined. Using example
addresses, the ISA board can be reached from a Gateway Network Element (GNE), which
means that the IP address of the GNE is used as the gateway. (Note that in other
configurations, the gateway can be a router.) The ISA board network can be identified by
executing the logical AND between the IP address of the board, which is 10.61.4.33 and
its netmask:
IP address = 10.61.4.33
Logical AND'd
Netmask =
255.255.0.0
---------------------------network =
10.61.0.0
The configuration is created by defining a GNE IP address (10.3.7.6) as a gateway to

reach the ISA board (IP address = 10.61.4.33), with following command:
..,sys,root # route add network 10.61.0.0 netmask 255.255.0.0
10.3.7.6 1 [Enter]
Check network connectivity by executing the ping command from the 1350 OMS EML
master system to the ISA board (IP address = 10.61.4.33):
..,sys,root # ping 10.61.4.33 64 10 [Enter]
Use the netstat -r command to verify the routing table contents.

When the correct configuration is reached, add the proper configuration lines to the
/etc/rc.config.d/netconf file.
Note: when the gateway GNE fails, the ISA board will become unreachable in this
configuration. To recover, you must modify the routing table to remove the route from
the failed GNE (IP address 10.3.7.6) and to set up a new route from an alternative
GNE (for example, IP address 10.3.7.7).
Static Routing Configuration Example on the 1350 OMS EML Client
The 1350 OMS EML client function includes all machines that run the 1350 OMS EML.
The 1350 OMS EML client (Lan0, IP address = 10.2.1.7) must communicate with the ISA
board (IP 10.61.4.33) through the 1350 OMS EML master system and the GNE.
You must define lan0 of 1350 OMS EML master system as the gateway by entering
following command on the 1350 OMS EML client system:
....................................................................................................................................................................................................................................
1350 OMS
3-6
Configurations
....................................................................................................................................................................................................................................
..,sys,root # route add 10.61.0.0 netmask 255.255.0.0 10.2.1.6 1

[Enter]
Check the network connectivity by executing a ping command from the 1350 OMS EML
client to the ISA board:
..,sys,root # ping 10.61.4.33 64 10 [Enter]
Important! The ping command can fail because the 1350 OMS EML master system is
not yet configured to forward the packages.

When the right configuration is reached, add the following configuration lines to
the/etc/rc.config.d/netconf file:

ROUTE_COUNT [<x>]=1
ROUTE_ARGS [<x>]=
Where:

<mask> is the bit setting. If the bit is set to 1, it identifies the part of address related to the
network. If the bit is set to 0, it identifies the host in the address.


....................................................................................................................................................................................................................................
1350 OMS
3-7
Configurations
....................................................................................................................................................................................................................................

Overview
Using the 1350 OMS EML with a multi-stack option requires additional configuring to
enable the correct communication between the client and the master applications. They
must communicate with each other within an environment where the Retix Stacks can be
installed on the 1350 OMS EML master system, and they can be instanced for each LAN
card equipped on the system. The client application can be installed on the 1350 OMS
EML master and presentation instances and also on the 1350 OMS SDH and US.
To enable communication of all the installed applications in the configuration, the
administrator must configure the communication among all LAN cards involved.
For Retix Stacks instances on the lan0 card, additional configurations are not required
because the connectivity and/or the routing has to be guaranteed to allow other
communications.
For Retix Stacks instances on a LAN that are different from lan0, the connectivity must
be created and verified.
The most common 1350 OMS EML configuration with a multi-stack option has two or
more LAN cards, each of which is connected to a different LAN segment. This
configuration allows traffic to be shared on different segments, and is used to avoid the
mixing of IP and OSI traffic.
When the Retix Stacks is configured on a LAN board other than lan0, the routing table on
the 1350 OMS EML client machine must be configured.
Examples of the following configuration scenarios are provided:
Systems that are located in the same site that partially share the same LAN segment;
see Same site systems sharing same LAN segment (p. 3-8).
Systems that are located in different sites that have full router connections; see
Different site systems with full router connections (p. 3-9).
Systems that are located in different sites that do not have full router connections; see
Different site systems without full router connections (p. 3-9).
Same site systems sharing same LAN segment
This configuration includes having two systems that are located in the same site partially
share the same LAN segment. In this configuration, the internal routing of the HP-UX
system can set up the communication, which means that the packets from lan0 of the
1350 OMS EML client reach the lan1 of the 1350 OMS EML master through lan0 of the
1350 OMS EML master itself.
For this configuration, enter the following command on the 1350 OMS EML client
system:
....................................................................................................................................................................................................................................
1350 OMS
3-8
Configurations
....................................................................................................................................................................................................................................
..,sys,root # route add <IP address lan1 SHM> <IP address lan0
SHM> 1 [Enter]
Enter the following command to verify the correct data entry on the 1350 OMS EML
client:
..,sys,root # ping <IP address lan1 SHM> [Enter]


ROUTE_DESTINATION [<x>]=<IP address lanx 1350 OMS EML master>
ROUTE_GATEWAY [<x>]=<IP address lan0 1350 OMS EML master>
ROUTE_COUNT [<x>]=1
Where:
<x> is the next available value. Check the already existing ROUTE_GATEWAY in the
file.
<IP address lanx 1350 OMS EML master> is the IP address of the LAN that differs from
lan0, which must be reached by passing through lan0.

<IP address lan0 1350 OMS EML master> is the IP address of lan0 of the 1350 OMS
EML master system.

Important! Before you modify the /etc/rc.config.d/netconf file, copy the original file
by entering (as root) the following command

cp /etc/rc.config.d/netconf /etc/rc.config.d/netconf.orig
Different site systems with full router connections
In this configuration, all involved routers must be configured to route the IP protocol and
to allow the communication among all LAN cards.
Different site systems without full router connections
This configuration includes having two systems that are located in different sites that do
not have full router connections; different LAN segments exist and only the lan0 segment
is connected by way of IP routers. In this configuration, the internal routing of the HP-UX
system can set up the communication.
Important! On the router that is connected to the 1350 OMS EML master lan0, you
must configure the 1350 OMS EML master system as the next hop to reach the lan1.
....................................................................................................................................................................................................................................
1350 OMS
3-9
Configurations
....................................................................................................................................................................................................................................
Overview
When the 1350 OMS EML is installed with HP-UX 11.11 (Hewlett Packard Unix) , all
LANs that are present in configurationfor both master and presentation systemsmust
have an IP address, even if they are not being used.
The Retix Stack can be used on more than one LAN board. Every LAN board that is
being used must be configured with an appropriate TCP/IP address. Usually lan0 is
automatically configured by the HP-UX Operating System in the installation phases, but
other LANs must also be configured.
LAN configuration guidelines
The following guidelines apply when configuring a LAN board:
Other machines that are connected to the Local Area Network (LAN) cannot have the
same IP address.
All used IP addresses must be defined in a specific addressing plan, which the
customer typically provides.
Other boards cannot be configured on the same machine with an IP address that
belongs to the same subnetwork.
If two LAN boards belong to the same subnetwork on the same system, the UNIX
routing process cannot determine which way to transmit the messages.
The first and the last address of each subnetwork is reserved.
The network IP address 127.0.0.0 cannot be used.
To identify the subnetwork of an IP address, you have to perform the local AND between
the IP address and the netmask.
Examples:
Two addresses that look similar, but belong to different networks:
IP address 192.1.1.1 with netmask 255.255.255.0 -> Subnet 192.1.1.0
Two addresses that look different, but belong to the same network:
To check the relationship between IP Address and netmask, enter the ifconfig command
for each LAN board and check the broadcast value. The values must be different.
Example:
..,sys,root # ifconfig lan1
....................................................................................................................................................................................................................................
1350 OMS
3-10
Configurations
....................................................................................................................................................................................................................................
lan1: flags=963<UP,BROADCAST,NOTRAILERS,RUNNING,PROMISC,MULTICAST
inet 192.1.1.1 netmask ffffff00 broadcast 192.1.1.255
..,sys,root # ifconfig lan2
lan2: flags=963<UP,BROADCAST,NOTRAILERS,RUNNING,PROMISC,MULTICAST
inet 192.1.2.1 netmask ffffff00 broadcast 192.1.2.255
The IP belongs to this ISA board. For example: an ISA board with the IP address of
10.6.4.33 has the netmask of 255.255.0.0 and belongs to the network 10.6.0.0.
Where:
<mask> is the bit setting. If the bit is set to 1, the address part that is related to the
network is identified. If the bit is set to 0, the host address is identified.



ROUTE_COUNT [<x>]=1
ROUTE_ARGS [<x>]=
Where:

<mask> is the bit setting. If the bit is set to 1, address part that is related to the network is
identified. If the bit is set to 0, the host address is identified.


Important! Remember to add a new routing destination to the routing table for each
new network defined for the ISA board. (Edit the /etc/rc.config.d/netconf file.)
....................................................................................................................................................................................................................................
1350 OMS
3-11
Configurations
....................................................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
3-12

4
Overview
Purpose
This chapter provides the 1350 OMS network administrator with the conceptual
information and the associated tasks that pertain to the Node Name Management tool.
Contents
4-3
Establish a Group and Initialize Node Name Management Persistent Data
4-7
4-9
Add a New External Node to the Group
4-12
Remove a Member from a Group
4-14
List the Database Contents of a Group Member Node
4-16
Align All Group Member Nodes to a Specified Member Node
4-17
Align One Group Member Node to Another Group Member Node
4-18
Open Two Groups for Communication
4-20
Import Node Information Between Two Different Groups
4-22
Merge Nodes in Two Groups into One Group
4-24
4-26
Change the IP Address of the Current/Local Node
4-30
Change the Hostname of a Remote Node
4-34
4-37
Change the Subnetwork Mask
4-41
Change the Gateway IP Address and Hostname
4-42
Add a Server to the Current DNS Configuration
4-44
...................................................................................................................................................................................................................................
1350 OMS
4-1
Overview
....................................................................................................................................................................................................................................
Change a Server in the Current DNS Configuration
4-46
Remove a Server from the Current DNS Configuration
4-48
....................................................................................................................................................................................................................................
1350 OMS
4-2
....................................................................................................................................................................................................................................

Node Name Management tool definition and purpose
The Node Name Management tool is one of the administrator tools that is a part of the
Alcatel-Lucent Middle Ware Operating System (MS_OS) package of support tools. This
package of tools eases the administration of the HP-UX operating system in the
Alcatel-Lucent software environment.
The Node Name Management tool provides a centralized and integrated mechanism to
administer the IP address and hostname for the HP servers that are used within the 1350
OMS application. It allows the administrator to configure the TCP/IP address and
hostname, along with the relationship of the TCP/IP address to the hostname, on all of the
nodes in a 1350 OMS network.
Important! This tool does not provide any support for the design of the IP network.
Node Name Management tool and the working group concept
The Node Name Management tool is based on a working group concept. The working
group is an entity that includes all of the nodes that need to communicate and work
together. The first node that is placed in the working group creates the group and is a
group member; other nodes can then be added.
Each node that belongs to the working group has a copy of the entire node name
repository, and it can add a new member to the group, or remove an existing one. These
nodes are referred to as member nodes. Any action can be completed if a quorum of
member nodes exists. Refer to the Add a New Member to the Group (p. 4-9) task.
Besides member nodes, the Node Name Management tool also supports external nodes in
the working group repository database. External nodes are other nodes in the TPC/IP
network; meaning, they are nodes such as printers or any other machines that are not
running the 1350 OMS application based on the MW-INT. These external nodes can be
added and removed like a member node, however, they cannot remove or add other
nodes, nor can they be used to reach the node group member quorum. Refer to the Add a
New External Node to the Group (p. 4-12) task.
Node Name Management tool interface and basic functions
The Node Name Management tool supports the following basic functions through a menu
driven interface:
Network Management Nodes (V2.3.5) Management options:
1-INIT
= network map init.
2-ADD
= add a node
3-REMOVE = remove a node
11-CHIPADDR
= change IP addr.
12-CHNODENAME = change hostname
13-CHNETMASK = change netmask
....................................................................................................................................................................................................................................
1350 OMS
4-3
....................................................................................................................................................................................................................................
4-PUT
= put network map
5-LIST
= list network map
6-TOTALIGN = alignment each node
7-ACTALIGN = alignment a single node
8-GRPOPEN = open the current group
9-GRPIMPORT = import a remote group
10-GRPMERGE = merge two groups
Enter management option [0..17] :
14-CHGATEWAY
15-DNSADD
16-DNSCHANGE
17-DNSREMOVE
=
=
=
=
change
add to
change
remove
gateway
DNS
DNS
from DNS
[0] - exit
The following menu options are available:

1. INIT is used to install the first 1350 OMS system in the entire group and to initialize
the Node Management persistent data to create the group to which group members are
to belong. Refer to the Establish a Group and Initialize Node Name Management
Persistent Data (p. 4-7) task.
2. ADD is used to add a new node/host and to enable the addition of any type of
node/host to the database. Standalone member nodes, external nodes, and cluster
nodes can be added. Refer to the Add a New Member to the Group (p. 4-9) and the
Add a New External Node to the Group (p. 4-12) tasks.
3. REMOVE is used to remove an existing node/host from the database. Current member
nodes, external nodes, and cluster nodes can be removed. Refer to the Remove a
Member from a Group (p. 4-14) task.
4. PUT is used to update the node name database of a remote group member, which can
be useful to align a node database.
5. LIST is used to view the database contents of the current or any other group member
node. Refer to the List the Database Contents of a Group Member Node
(p. 4-16) task.
6. TOTALIGN is used to align all group member nodes to one specified member. Refer to
the Align All Group Member Nodes to a Specified Member Node (p. 4-17) task.
7. ACTALIGN is used to align a specific group member node to another group member
node. Refer to the Align One Group Member Node to Another Group Member
Node (p. 4-18) task.
8. GRPOPEN is used to open groups for communication; that is, to enable communication
between distinct two groups to which both the current and the remote hosts belong.
Refer to the Open Two Groups for Communication (p. 4-20) task.
9. GRPIMPORT is used to import information between groups; that is, to include the
remote group descriptions on the current local group hosts. Refer to the Import Node
Information Between Two Different Groups (p. 4-22) task.
10. GRPMERGE is used to merge the nodes that belong to two groups into one group; that
is, to obtain a single group that contains the description of the nodes of both groups.
Refer to the Merge Nodes in Two Groups into One Group (p. 4-24) task.
11. CHIPADDR is used to change the Internet Protocol (IP) address of a system that is
configured with the Node Name Management tool. Refer to the Change the IP
Address of a Remote Node (p. 4-26) and Change the IP Address of the
Current/Local Node (p. 4-30) tasks.
....................................................................................................................................................................................................................................
1350 OMS
4-4
....................................................................................................................................................................................................................................
12. CHNODENAME is used to change the node/host name. Refer to the Change the
Hostname of a Remote Node (p. 4-34) and Change the Hostname of the
Current/Local Node (p. 4-37) tasks.
13. CHNETMASK is used to change the subnetwork mask of a group member host. Refer to
the Change the Subnetwork Mask (p. 4-41) task.
14. CHGATEWAY is used to change the current gateway Internet Protocol (IP) address and
host name of a group member host. Refer to the Change the Gateway IP Address and
Hostname (p. 4-42) task.
15. DNSADD is used to add a new server to the current Domain Name Service (DNS)
configuration of a group member host. Refer to the Add a Server to the Current DNS
Configuration (p. 4-44) task.
16. DNSCHANGE is used to modify the current Domain Name Service (DNS) configuration
of a group member host. Refer to the Change a Server in the Current DNS
Configuration (p. 4-46) task.
17. DNSREMOVE is used is used to remove an existing server from the current Domain
Name Service (DNS) configuration of a group member host. Refer to the Remove a
Server from the Current DNS Configuration (p. 4-48) task and the Change a Server
in the Current DNS Configuration (p. 4-46) task.
0 is used to exit the Node Name Management tool.
Node Name Management tool security
The use of the Node Name Management tool security is two fold. It is used for the
following:
To include a new node in the group, a member node has to add the new node to the
database.
To authorize group access, the new node must perform an add action on the other
group members.
Example:
A group has three member nodes named hosta, hostb, and hostc. To add hostd to the
group, hosta, hostb, or hostc would have to add hostd to the database, which means that
all three nodes would then know hostd and its IP address, and would have to accept
requests implicitly from that source. Once hostd has been added to the database, hostd
would then have to accept the working group membership by performing an add action
itself by specifying one of the other group members. With this action, hostd authorizes the
other group member to operate on itself.
....................................................................................................................................................................................................................................
1350 OMS
4-5
....................................................................................................................................................................................................................................
Node Name Management tool functional restrictions
The Node Name Management tool bases network communication on the MW-INT
Remotizer library, which means that the MW-INT has to be installed and customized
before it can correctly execute the Node Name Management tool. The Node Name
Management tool cannot be started before MW-INT installation and customization.
For the correct execution of the tool, the involved machines cannot differ more than 5
minutes in their system times.
Important! The relevant system time does not take into account time zones, so
administrators must check the time difference by entering the following command:
date -u
Refer to the 1350 OMS Installation Guide for more details on time synchronization.
Node Name Management tool network example
The following example aids in the understanding of the Node Name Management tool.
Example:
The following five HP9000 servers are within one network management system. Their
identifying information is as follows:
hostaIP address 192.200.49.1Role SDH Client

hostbIP address 192.202.21.7Role EMLMaster
hostcIP address 192.202.21.8Role SDH Client

hostdIP address 192.202.22.4Role SDH Master
hosteIP address 192.200.22.5Role EMLMaster
In addition, other network equipment, such as routers, local and network printers, PCs,
and time synchronization equipment, can be identified as follows:
router1IP address 192.200.49.244Left LAN router

router2IP address 192.202.21.244Central LAN router
gpsrec1IP address 192.202.21.51Time synchronization through Global Position
System
router3IP address 192.202.22.244Right LAN router
lp1 IP address 192.202.22.6Network line printer
In this example, hosta is connected to a WAN, which in turn, enables it to communicate

with four other hosts, a GPS time receiver, a network printer through three routers.
....................................................................................................................................................................................................................................
1350 OMS
4-6
Establish a Group and Initialize Node Name Management

Persistent Data
....................................................................................................................................................................................................................................

Persistent Data
When to use
Use this task to establish a group and to initialize the Node Name Management persistent
data.
Related information
Node Name Management Tool (p. 4-3)
Before you begin
Be aware that you are installing the first NMS for the entire network.
Task
Complete the following steps to establish a group and to initialize the Node Name
Management persistent data.
...................................................................................................................................................................................................
Log in to a node as root.

Result: You now have superuser privileges.
...................................................................................................................................................................................................
Enter the following command to run the Node Name Management tool:
...sys,root # scNMmng [Enter]
Result: The Network Management Nodes menu is displayed.
...................................................................................................................................................................................................
Enter the number 1 to establish a group and to initialize the Node Name Management
persistent data.
Result: The group is created and the Node Name Management persistent data has
been initialized when the following message is displayed:

** MESSAGE: node "<hostname>" (<IP address>) initialized.
...................................................................................................................................................................................................
To return to the main menu, press Enter.
....................................................................................................................................................................................................................................
1350 OMS
4-7

Persistent Data
....................................................................................................................................................................................................................................
To exit the tool, press 0, then press Enter.

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-8
....................................................................................................................................................................................................................................

When to use
Use this task to add a new member to the group.

Important! This task is to be used only when the new member to be added is running
the TMN system based on the MW-INT.
Related information
See the following topics in this document:

(p. 4-7) task
Before you begin
You must have completed all of the steps in the Establish a Group and Initialize Node
Name Management Persistent Data (p. 4-7) task.
Because the Node Name Management tool has been designed to guarantee the security of
the entire system, the following safeguards apply:
Your access to any group member in the configuration must be formally granted.
You cannot perform any operations on a new group member without prior
authorization to access to it.
You cannot add a new member to a group in one step. Adding a new member to a
group is a two step process in which the new node is first authorized to access the
group, and then the new (which becomes the current) node authorizes communication
with all other nodes belonging to the group.
To add a new member to the group perform the node addition on two group members in
the following order:
1. The new member must be authorized to access the group.
Add the new member on a member node that already belongs to the group. This
addition stores the new member in the database of all the nodes that belong to the
group and makes the new member known to other group members. Refer to Task 1:
Add a New Member to the Group (p. 4-10) task.
2. The newly added (current) member must authorize communication with all group
members.
Execute the add on the newly added (current) node that has just joined the group. This
addition allows the newly added (current) group node member to retrieve the node
name database from any other group member. Refer to Task 2: Make the New
Member Join the Group (p. 4-11) task.
....................................................................................................................................................................................................................................
1350 OMS
4-9
....................................................................................................................................................................................................................................
Important! When executing some commands, the following message might appear. If
it does appear, ignore it.
Redefining sub ConnectionManager::GetConnectionPort at /
alcatel/Kernel/lib/lib_perl/Remotizer.pm line 695
Task 1: Add a New Member to the Group
Complete the following steps to add a new member to the group.

...................................................................................................................................................................................................
Log in to a system that is already a group member as root.

...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 2 to add a new member to the group.

Result: The ADD - Management option is displayed.
...................................................................................................................................................................................................
Enter the number 2 to add a remote group node member.

...................................................................................................................................................................................................
Enter the hostname and IP address of the new remote member. Wait until the tool
completes execution.
Result: The new group member has been added to the group and is known to all other
group members.
...................................................................................................................................................................................................

...................................................................................................................................................................................................
Go to Task 2: Make the New Member Join the Group (p. 4-11).
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-10
....................................................................................................................................................................................................................................
Task 2: Make the New Member Join the Group
Complete the following steps to make the new member join the group.
...................................................................................................................................................................................................
Log in to the new member, which was formerly known as the remote member, as root.
...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 2 to add the new group member to the group.
...................................................................................................................................................................................................
Enter the number 1 to add the current node.

...................................................................................................................................................................................................
Enter the hostname and IP address of the group member node. Wait until the tool
Result: The new node is now a member of the group.
...................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-11
....................................................................................................................................................................................................................................

When to use
Use this task to add a new external node to the group.

Important! This task is to be used only when the new node to be added (such as a
printer) is NOT running the TMN system based on the MW-INT.
Related information

(p. 4-7) task
Before you begin
Complete all of the steps in theEstablish a Group and Initialize Node Name Management
Persistent Data (p. 4-7) task.
Important! When executing some commands, the following message might appear. If
it does appear, ignore it.
Redefining sub ConnectionManager::GetConnectionPort at /
alcatel/Kernel/lib/lib_perl/Remotizer.pm line 695
Task
Complete the following steps to add a new external node to the group.
...................................................................................................................................................................................................

...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 2 to add a new group member to the group.
....................................................................................................................................................................................................................................
1350 OMS
4-12
....................................................................................................................................................................................................................................

...................................................................................................................................................................................................
Enter the number 3 to add a remote external node member.

...................................................................................................................................................................................................
Enter the hostname and IP address of the new host. Wait until the tool completes
execution.
Result: The new group member has been added to the group and is known to all
group members. Its information is automatically distributed to the entire group.

...................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-13
....................................................................................................................................................................................................................................

When to use
Use this task to remove a member from a group.

Important! The remove option of the Node Name Management tool can also remove
a system if it cannot be reached through the network.
Related information
Before you begin

Task
Complete the following steps to remove a member from a group.

...................................................................................................................................................................................................

...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 3 to remove a node from the group.

Result: The Remove menu is displayed.
...................................................................................................................................................................................................
Choose the menu option that is related to the action that you want to execute.
The Remove option enables you to remove the following:
Remove Entry for the Current Node

Entries for the current node can be removed one of two ways:
1. One for the primary or physical hostname
2. Another for the virtual hostname for cluster configurations
Remove Entry for Other Group Member
....................................................................................................................................................................................................................................
1350 OMS
4-14
....................................................................................................................................................................................................................................
You can remove the entry for other group members for both the primary and virtual
hostname.
Remove Entry for External Nodes
You can remove the entry for external nodes.
...................................................................................................................................................................................................
Enter the hostname and IP address of the node to be removed. Wait until the tool
Result: The node has been removed from the group and from all group member
databases.
...................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-15
....................................................................................................................................................................................................................................

When to use
Use this task to list the database contents of a group member node.
Related information
Before you begin

Task
Complete the following steps to list the database contents of a group member node.
...................................................................................................................................................................................................

...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 5 to list the database contents of a group member node.
...................................................................................................................................................................................................
Enter the hostname and IP address of the node in which the database contents are to be
listed. Wait until the tool completes execution.
Result: The database contents of the specified node are displayed.
...................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-16
....................................................................................................................................................................................................................................

When to use
Use this task to align all group member nodes to a specified member node.
Related information
Align One Group Member Node to Another Group Member Node (p. 4-18) task
Before you begin

Task
Complete the following steps to align all group member nodes to a specified node.
...................................................................................................................................................................................................

...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 6 to align all group member nodes to a specified node.
...................................................................................................................................................................................................
Enter the hostname and IP address of the node to which all group members are to be
aligned. Wait until the tool completes execution.
Result: All group member nodes are now aligned with the specified node.
...................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-17
Align One Group Member Node to Another Group Member

Node
....................................................................................................................................................................................................................................

Node
When to use
Use this task to align one group member node to another group member node.
Related information
Align All Group Member Nodes to a Specified Member Node (p. 4-17) task
Before you begin

Task
Complete the following steps to align one group member node to another group member
node.
...................................................................................................................................................................................................

...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 7 to align one group member node to another group member node.
...................................................................................................................................................................................................
Enter the hostname and IP address of the two nodes to be aligned. Wait until the tool
Result: The two group member nodes are now aligned.
...................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
4-18

Node
....................................................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-19
....................................................................................................................................................................................................................................

When to use
Use this task to open groups for communication; that is, to enable communication
between distinct two groups to which both the current and the remote node members
belong.
Related information
Before you begin
The GRPOPEN, GRPIMPORT, and GRPMERGE options of the Node Name

Management tool enable the communication and, eventually, the merging of two different
groups that are configured on the same network.
To perform this type of merge, execute two different tasks in the following sequence:
1. Enable communication between distinct two groups to which both the current and the
remote nodes belong by way of the GRPOPEN option using this task.
2. Then, choose one of the following options and their related tasks:
Include the remote group description on the current group node by way of the
GRPIMPORT option using the Import Node Information Between Two Different
Groups (p. 4-22) task.
Merge the current and remote node groups to obtain a single group that contains the
description of the nodes of both groups by way of the GRPMERGE option using the
Merge Nodes in Two Groups into One Group (p. 4-24) task.
Task
Complete the following steps to open groups for communication.

...................................................................................................................................................................................................
Log in to the group member system that you want to enable a remote connection to as
root.
...................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
4-20
....................................................................................................................................................................................................................................

...................................................................................................................................................................................................
Enter the number 8 to open the current group.

...................................................................................................................................................................................................
Enter the hostname and IP address of the remote node to which you want to link. Wait
until the tool completes execution.
Result: The two groups to which the current and the remote nodes belong are now
linked and can communicate.

...................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-21
....................................................................................................................................................................................................................................

When to use
Use this task to import information between groups; that is, to include the remote group
descriptions on the current local group nodes.
Related information
Before you begin

node groups that are configured on the same network.
To perform this type of merge, execute two different tasks in the following sequence:
1. Enable communication between the two distinct groups to which both the current and
the remote nodes belong via the option GRPOPEN using the Open Two Groups for
Communication (p. 4-20) task. Note: this task requires you to complete the Open
Two Groups for Communication (p. 4-20) task.
2. Then, choose one of the following options and their related tasks:
Include the remote group description on the current group host by way of the
GRPIMPORT option using this task.
description of the nodes of both groups by way of the GRPMERGE option using the
Merge Nodes in Two Groups into One Group (p. 4-24) task.
Task
Complete the following steps to import information between two different groups.
...................................................................................................................................................................................................
Complete the steps in the Open Two Groups for Communication (p. 4-20) task.
...................................................................................................................................................................................................
Log in to the group member system for which you want to configure the nodes of the
remote group as root.
Important! The group member system MUST BE the same remote node that you
specified during the Open Two Groups for Communication (p. 4-20) task.
....................................................................................................................................................................................................................................
1350 OMS
4-22
....................................................................................................................................................................................................................................

...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 9 to import the information of the remote group.

...................................................................................................................................................................................................
Enter the hostname and IP address of the remote node to which you want to link. Wait
Important! The hostname and IP address MUST BE the same remote node hostname
and IP address that you specified during the Open Two Groups for Communication
(p. 4-20) task.
Result: The configuration of each node member of a local group includes the
description of all node members of the remote group.

...................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-23
....................................................................................................................................................................................................................................

When to use
Use this task to merge the nodes that belong to two groups into one group; that is, to
obtain a single group that contains the description of the nodes of both groups.
Related information
Before you begin

node groups that are configured on the same network.
To perform this type of merge, you must execute two different tasks in the following
sequence:
1. Enable communication between two distinct groups to which both the current and the
remote nodes belong by way of the GRPOPEN option using the Open Two Groups
for Communication (p. 4-20) task. Note that Step 1 of this task requires you to
complete the Open Two Groups for Communication (p. 4-20) task.
2. Then choose one of the following options and their related tasks:
Include the remote group description on the current group node by way of the
GRPIMPORT option using the Import Node Information Between Two Different
Groups (p. 4-22) task.
description of the nodes of both groups by way of the GRPMERGE option using this
task.
Task
Complete the following steps to merge the nodes that belong to two groups into one
group.
...................................................................................................................................................................................................
Complete the steps in the Open Two Groups for Communication (p. 4-20) task.
...................................................................................................................................................................................................
Log in to the group member system for which you want to configure the nodes of the
remote group as root.
Important! The group member system MUST BE the same remote node that you
specified during the Open Two Groups for Communication (p. 4-20) task.
....................................................................................................................................................................................................................................
1350 OMS
4-24
....................................................................................................................................................................................................................................

...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 10 to merge the nodes that belong to two groups into one group.
...................................................................................................................................................................................................
Enter the hostname and IP address of the remote node to which you want to merge. Wait
Important! The hostname and IP address MUST BE that of the same remote node that
you specified during the Open Two Groups for Communication (p. 4-20) task.
Result: All node members of the two groups have been merged into a single group.
...................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-25
....................................................................................................................................................................................................................................

When to use
Use this task to change the IP address of a remote node; meaning, change the IP address
on a remote network node, but not the IP address of the node to which you are logged on.
Related information
Change the IP Address of the Current/Local Node (p. 4-30)
Before you begin

Important!
Some key points to remember about changing an IP address are the
following:
To communicate using the hostname alias, two nodes must have the correct hostname
and IP address in the /etc/hosts file.
The relationship between the hostname and IP address must be changed in the entire
network.
The new IP address must agree with IP addressing plan of the local area network
(LAN) in which the system is to operate. Duplicate IP addresses are not allowed.
When the IP address is changed or when the IP network or subnetwork (RFC 1878) is
changed, any related routing information must also be changed.
When the IP address is changed on a node, communication with that node can be lost.
Any open connection can come down because changing the IP address shuts down
LAN services.
The Node Name Management tool (scNMmng) cannot be run on any node in which
the IP address is to be changed by using remote network connections (such as a telnet
connection or Xterminal emulation GOGlobal-UX), the X Motif interface, or any
connection that involves the LAN interface because the connection can be lost and the
Common Desktop Environment (CDE) can get blocked. If you are changing the IP
address on an HP9000 workstation, exit any CDE interface and log in in console
mode (black screen).
Because the tool cannot identify when it begins execution from a network opened
shell, it cannot perform any checks to prevent execution from an incorrect source.
....................................................................................................................................................................................................................................
1350 OMS
4-26
....................................................................................................................................................................................................................................
To perform this type of change, execute two different tasks in the following order:
1. Change the IP address of a remote node; meaning, change the IP address on a remote
network node, but not the IP address of the node to which you are logged on. This
change is performed in this task.
2. Change the IP address of the current/local node; meaning, the IP address of the node
to which you are currently logged on. This change is performed in the Change the IP
Address of the Current/Local Node (p. 4-30) task.
Important! The change must be performed in this order. Communication cannot be
established again unless both of these tasks are completed. In addition, before you
proceed with another set of tasks, verify that communication is once again established
between the nodes that have the new IP addresses and the remaining group members.
Task
Complete the following steps to change the IP address of a remote node; meaning, change
the IP address on a remote network node, but not the IP address of the node to which you
are logged on
...................................................................................................................................................................................................
Log in to the group member node as root.

Note: In the steps that follow, the examples given are in relationship to the text and
example provided in Node Name Management tool network example (p. 4-6). As you
look at the examples, imagine that you are working on the hostb node and are changing
the IP address of the hostc node from the IP address of 192.202.21.8 to 192.202.21.99.
Example:
hostb in Node Name Management tool network example (p. 4-6).

...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 11 to change the IP address of a remote member node.

Result: The CHANGE-IP - Management options: menu is displayed:
CHANGE-IP - Management options:
1 - change the IP addr. on current node
2 - change the IP addr. on remote node (member)
[0] - Main menu
....................................................................................................................................................................................................................................
1350 OMS
4-27
....................................................................................................................................................................................................................................

...................................................................................................................................................................................................
Enter the number 2 to change the IP address of the remote member node.
Result: The tool begins to prompt you for the hostname, old IP address, new IP
address, and network ID of the remote member node/host.

...................................................................................................................................................................................................
Enter the hostname for the remote host/node at the following prompt:
Please insert the HOSTNAME for remote host :
<remote host/node name> [Enter]
Example:
hostc in Node Name Management tool network example (p. 4-6).

...................................................................................................................................................................................................
Enter the old IP address for the remote host/node at the following prompt:
Please insert the OLD IP ADDR. for remote host :
<old IP address of the remote host/node> [Enter]
Example:
192.202.21.8 in Node Name Management tool network example (p. 4-6).

...................................................................................................................................................................................................
Enter the new IP address for the remote host/node at the following prompt:
Please insert the NEW IP ADDR. for remote host :
<new IP address of the remote host/node> [Enter]
Example:

...................................................................................................................................................................................................
Enter the network ID for the remote host/node at the following prompt:
Please insert the NETWORK ID for remote host :
<LAN ID for the remote host/node> [Enter]
Example:
0=lan1, 1=lan1, ... in Node Name Management tool network example (p. 4-6).
Result: The tool prompts you to confirm your choices.
...................................................................................................................................................................................................
At the following prompt, answer Y for yes:
....................................................................................................................................................................................................................................
1350 OMS
4-28
....................................................................................................................................................................................................................................
Do you confirm the execution [Y/N - def.=Y]? : Y

Result: The tool outputs the following warning:
WAIT THE END OF THE ACTIVITY (DO NOT PRESS ANY KEY !!).
When the tool completes execution, it displays the following:

** MESSAGE: IP ad. of "<hostname>" (<current IP address>)
changed in <new IP address>. Press [Enter] to continue.
The IP address of the indicated node has been changed.

...................................................................................................................................................................................................
10

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-29
....................................................................................................................................................................................................................................

When to use
Use this task to change the IP address of the current/local node, meaning, the IP address
of the node to which you are currently logged on.
Related information
Change the IP Address of a Remote Node (p. 4-26)
Before you begin

Important!
Some key points to remember about changing an IP address are the
following:
network.
The new IP address must agree with IP addressing plan of the local area network
(LAN) in which the system is to operate. Duplicate IP addresses are not allowed.
When the IP address is changed or when the IP network or subnetwork (RFC 1878) is
changed, any related routing information must also be changed.
When the IP address is changed on a node, communication with that node can be lost.
Any open connection can come down because changing the IP address shuts down
LAN services.
The Node Name Management tool (scNMmng) cannot be run on any node in which
the IP address is to be changed by using remote network connections (such as a telnet
connection, Xterminal emulation, GoGlobal-UX), the X Motif interface, or any
connection that involves the LAN interface because the connection can be lost and the
CDE can get blocked. If you are changing the IP address on an HP9000 workstation,
exit any CDE interface and log in in console mode (black screen).
Because the tool cannot identify when it begins execution from a network opened
shell, it cannot perform any checks to prevent execution from an incorrect source.
1. Change the IP address of the remote node; meaning, change the IP address on the
remote network node, but not the IP address of the node to which you are logged on.
This change is performed in the Change the IP Address of a Remote Node
(p. 4-26) task.
2. Change the IP address of the current/local node; meaning, the IP address of the node
to which you are currently logged on. This change is performed in this task.
....................................................................................................................................................................................................................................
1350 OMS
4-30
....................................................................................................................................................................................................................................

between the nodes that have the new IP addresses and the remaining group members.
Task
Complete the following steps to change the IP address of the current/local node; meaning,
the IP address of the node to which you are currently logged on.
...................................................................................................................................................................................................
Complete the steps in the Change the IP Address of a Remote Node (p. 4-26) task.
...................................................................................................................................................................................................
Log in to the current/local group member node as root.

look at the examples, imagine that you are working on hostc node and are changing the IP
address of the hostc node from the IP address of 192.202.21.8 to 192.202.21.99.
Example:

...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 11 to change the IP address of a node.

Result: The CHANGE-IP - Management options: menu is displayed:
CHANGE-IP - Management options:
1 - change the IP addr. on current node
2 - change the IP addr. on remote node (member)
[0] - Main menu
...................................................................................................................................................................................................
Enter the number 1 to change the IP address on the current member node.
....................................................................................................................................................................................................................................
1350 OMS
4-31
....................................................................................................................................................................................................................................
Result: The tool begins to prompt you for the old IP address, new IP address, and
network ID of the current host/node.

...................................................................................................................................................................................................
Enter the old IP address for the current/local node at the following prompt:
Please insert the OLD IP ADDR. for local host :
<old IP address of the current/local host> [Enter]
Example:

...................................................................................................................................................................................................
Enter the new IP address for the current/local node at the following prompt:
Please insert the NEW IP ADDR. for local host :
<new IP address of the current/local host> [Enter]
Example:

...................................................................................................................................................................................................
Enter the network ID for the current/local node at the following prompt:
Please insert the NETWORK ID for local host :
<LAN ID for the current/local host> [Enter]
Example:
0=lan1, 1=lan1, ... in Node Name Management tool network example (p. 4-6).
Result: The tool prompts you to confirm your choices.
...................................................................................................................................................................................................

Important! Because a re-configuration of MW-INT services is required, the tool
execution might take awhile. Do not abort the execution of the tool.
The IP address of indicated node has been changed.
....................................................................................................................................................................................................................................
1350 OMS
4-32
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
10

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-33
....................................................................................................................................................................................................................................

When to use
Use this task to change the hostname of a remote node; meaning, change the hostname on
a remote network node, but not the hostname of the node to which you are logged on.
Important! The change hostname option of the Node Name Management tool is not
allowed on a cluster member.
Related information

Change the Hostname of the Current/Local Node (p. 4-37)
Before you begin

Important!
Some key points to remember about changing the hostname are the
following:
network.
When the hostname is changed on a node, communication with that node can be lost.
1. Change the hostname of the remote node, meaning, change the host name on a remote
network node, but not the hostname of the node to which you are logged on. This
change is performed in this task.
2. Change the hostname of the current/local node; meaning, change the hostname of the
node to which you are currently logged on. This change is performed in the Change
the IP Address of the Current/Local Node (p. 4-30) task.
between the nodes that have the new hostname and the remaining group members.
....................................................................................................................................................................................................................................
1350 OMS
4-34
....................................................................................................................................................................................................................................
Task
Complete the following steps to change the hostname of a remote node; meaning, change
the hostname on a remote network node, but not the hostname of the node to which you
are logged on
...................................................................................................................................................................................................
Log in to the group member node as root.

illustration provided in Node Name Management tool network example (p. 4-6). As you
look at the examples, imagine that you are working on the hostb node and are changing
the hostname of the hostc node from hostc to hostx.
Example:
hostb in Node Name Management tool network example (p. 4-6).

...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 12 to change the hostname of a remote member node.

Result: The CHANGE-NODE - Management options: menu is displayed:
CHANGE-NODE - Management options:
1 - change the hostname on current node
2 - change the hostname on remote node (member)
[0] - Main menu
...................................................................................................................................................................................................
Enter the number 2 to change the hostname of the remote member node.
Result: The tool begins to prompt you for the old hostname, IP address, and new
hostname of the remote member node/host.

...................................................................................................................................................................................................
Enter the old hostname for the remote host/node at the following prompt:
Please insert the OLD HOSTNAME for remote host :
<old remote host/node name> [Enter]
Example:
....................................................................................................................................................................................................................................
1350 OMS
4-35
....................................................................................................................................................................................................................................

...................................................................................................................................................................................................
Enter the IP address for the remote host/node at the following prompt:
Please insert the IP ADDR. for remote host :
<IP address of the old remote host/node> [Enter]
Example:

...................................................................................................................................................................................................
Enter the new hostname for the remote host/node at the following prompt:
Please insert the NEW HOSTNAME for local host :
<new hostname of the remote host/node> [Enter]
Example:
hostx in Node Name Management tool network example (p. 4-6).

...................................................................................................................................................................................................


** MESSAGE: nodename "<hostname>" changed in <new hostname>.
The hostname of indicated node has been changed.

...................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-36
....................................................................................................................................................................................................................................

When to use
Use this task to change the hostname of the current/local node, meaning, the hostname of
the node to which you are currently logged on.
Important! The change hostname option of the Node Name Management tool is not
allowed on a cluster member.
Related information

Change the Hostname of a Remote Node (p. 4-34)
Before you begin

Important!
Some key points to remember about changing the hostname are the
following:
network.
When the hostname is changed on a node, communication with that node can be lost.
1. Change the hostname of a remote node; meaning, change the host name on a remote
network node, but not the hostname of the node to which you are logged on. This
change is performed in the Change the Hostname of a Remote Node (p. 4-34) task.
2. Change the hostname of the current/local node, meaning change the hostname of the
node to which you are currently logged on. This change is performed in this task.
between the nodes that have the new hostname and the remaining group members.
The end of this task requires a system reboot and the running of the ChangeHostName
tool, which must be run to update the hostname in MW-INT environment (including the
Kerberos database).
....................................................................................................................................................................................................................................
1350 OMS
4-37
....................................................................................................................................................................................................................................
Task
Complete the following steps to change the hostname of the current/local node; meaning,
the hostname of the node to which you are currently logged on.
...................................................................................................................................................................................................
Complete the steps in the Change the Hostname of a Remote Node (p. 4-34) task.
...................................................................................................................................................................................................
Log in to the current/local group member node as root.

look at the examples, imagine that you are working on hostc node and are changing the
hostname of the hostc node from hostc to hostx.
Example:

...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 12 to change the hostname of the local/current node.

Result: The CHANGE-NODE - Management options menu is displayed:
CHANGE-NODE - Management options:
1 - change the hostname on current node
2 - change the hostname on remote node (member)
[0] - Main menu
...................................................................................................................................................................................................
Enter the number 1 to change the IP address on the current member node.
Result: The tool begins to prompt you for the new hostname of the current host/node.
...................................................................................................................................................................................................
Enter the new hostname for the current/local host at the following prompt:
Please insert the NEW HOSTNAME for local host :
<new hostname of the current/local host> [Enter]
Example:
....................................................................................................................................................................................................................................
1350 OMS
4-38
....................................................................................................................................................................................................................................
hostx in Node Name Management tool network example (p. 4-6).

...................................................................................................................................................................................................

Important! Because a reconfiguration of MW-INT services is required, the tool
execution might take awhile. Do not abort the execution of the tool.
When the first execution phase completes, the following message is displayed:
**WARNING: a system reboot will be executed immediately after this operation!
**At the end of system reboot, is mandatory to perform manually the
**following command (as root):
**
**/alcatel/Kernel/etc/ChangeHostName.pl hostname <new_hostname>
The name of the indicated node has been changed

The IP address of indicated node has been changed.

...................................................................................................................................................................................................
Press the Enter key to perform the system reboot:

Enter
Result: The system is rebooted.
...................................................................................................................................................................................................
Once the system reboots, log in to the system as root.

...................................................................................................................................................................................................
10
Enter the following command line to execute the ChangeHostName tool, which is run to
update the hostname in MW-INT environment (including the Kerberos database):
/alcatel/Kernel/etc/ChangeHostName.pl hostname <new_hostname>
Example:
In the Node Name Management tool network example (p. 4-6), <new_hostname>
would be hostx.
....................................................................................................................................................................................................................................
1350 OMS
4-39
....................................................................................................................................................................................................................................
Result: The execution of the ChangeHostName tool takes about 100 minutes. Do not
abort the tool.

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-40
....................................................................................................................................................................................................................................

When to use
Use this task to change the subnetwork mask, which includes each network interface that
is configured.
Related information
Before you begin

Task
Complete the following steps to change the subnetwork mask, which includes each
network interface that is configured.
...................................................................................................................................................................................................
Log in to the group node in which you want to change the subnetwork mask as root.
...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 13 to change the subnetwork mask.

...................................................................................................................................................................................................
At the prompts, enter the new subnetwork mask and the LAN identification number
(0=lan0, 1=lan1, etc.). Wait until the tool completes execution.
Result: The new subnetwork mask is automatically activated for the current host.
...................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-41
....................................................................................................................................................................................................................................

When to use
Use this task to change the IP address and hostname of a gateway, which includes each
Related information
Before you begin

Task
Complete the following steps to change the IP address and hostname of a gateway on
each network interface that is configured.
...................................................................................................................................................................................................
Log in to the group node in which you want to change the subnetwork mask as root.
...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 14 to change the IP address and hostname of a gateway on each
...................................................................................................................................................................................................
At the prompts, enter the current gateway IP address that is to be replaced.

To modify the default gateway, specify default. Do not specify the current IP gateway
address that is to be replaced. Then, specify the new gateway hostname and the
new gateway IP address.
Wait until the tool completes execution.
....................................................................................................................................................................................................................................
1350 OMS
4-42
....................................................................................................................................................................................................................................
Result: The new gateway, the IP address, and hostname are automatically activated
for the current host.

...................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-43
....................................................................................................................................................................................................................................

When to use
Use this task to add a server to the current Domain Name System (DNS) configuration for
a group member host. If the DNS is not already configured, it is initialized.
Related information
Before you begin

Task
Complete the following steps to add a server in the current Domain Name System (DNS)
configuration for a group member host.
...................................................................................................................................................................................................
Log in to the group member node in which you want to add the DNS configuration
information as root.
...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 15 to add or update the DNS configuration.

...................................................................................................................................................................................................
Enter the hostname of the new DNS server at the following prompt:
Please insert the NEW DNS NAMESERVER HOSTNAME for local host :
<new DNS_hostname> <new DNS hostname> [Enter]
Important! You must know the name of the Domain Name Service and the nameserver.
...................................................................................................................................................................................................
Enter the IP address of the new DNS server at the following prompt:
....................................................................................................................................................................................................................................
1350 OMS
4-44
....................................................................................................................................................................................................................................
Please insert the NEW DNS NAMESERVER IP ADDR for local host
<new_DNS IP address> [Enter]
Important! You must know the name of the Domain Name Service and the nameserver.
...................................................................................................................................................................................................
At the next prompt, do one of the following:
If the Domain Name System (DNS) is not yet configured on the current host, enter the
local domain name of the new DNS server.
If the DNS is already configured on the current host, press Enter to confirm the
current local domain name that is automatically displayed.
Please insert the NEW DNS NAMESERVER DOMAIN for local host
<new_DNS domain> [Enter]

Result: The new DNS configuration is automatically updated on the current host.
...................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-45
....................................................................................................................................................................................................................................

When to use
Use this task to modify the current Distributor Names Server (DNS) configuration of a
group member node. Specifically, this task enables you to do the following:
Replace a DNS nameserver that is currently configured with a new DNS nameserver.
Replace the current local domain name with a new domain name.
Perform an update of the search domain list.
Related information
Before you begin

Task
Complete the following steps to modify the current Distributor Names Server (DNS)
configuration of a group member node.
...................................................................................................................................................................................................
Log in to the group member node where you want to change the DNS as root.
...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 16 to add or update the DNS configuration.

...................................................................................................................................................................................................
If you want to replace a DNS nameserver that is currently configured, enter the current
name of the DNS nameserver at the following prompt:
current DNS nameserver name <current DNS nameserver> [Enter]
....................................................................................................................................................................................................................................
1350 OMS
4-46
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
If you want to replace a DNS nameserver that is currently configured, enter the new DNS
server at the following prompt:
new DNS nameserver name <new DNS nameserver> [Enter]
...................................................................................................................................................................................................
If you want to replace the DNS nameserver that is currently configured, enter its new IP
address at the following prompt:
new DNS nameserver IP addr
<IP address of the new DNS server host> [Enter]
...................................................................................................................................................................................................
Optional: To change the DNS local domain name, enter the new name of the local
domain at the following prompt or press Enter to maintain the current local domain
name:
new DNS local domain name
<new DNS local domain name>/<blank for the current search domain
list> [Enter]
...................................................................................................................................................................................................
Optional: To change the current search list, enter the new name of the search list at the
following prompt or press Enter to maintain the current search domain list:
search list for host-name lookup
<Name of the new serach list>/<blank for the current search
domain list> [Enter]

Result: The new DNS configuration is automatically updated on the current member
node.
...................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-47
....................................................................................................................................................................................................................................

When to use
Use this task to remove a server from the current Distributor Names Server (DNS)
configuration.
Related information
Before you begin
If the DNS server specified is the last server that is configured on the local node, the DNS
will be un-configured.
Task
Complete the following steps to remove a server from the current Distributor Names
Server (DNS) configuration.
...................................................................................................................................................................................................
Log in to the group member node where you want to remove the DNS nameserver as
root.
...................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the number 17 to remove the DNS nameserver.

...................................................................................................................................................................................................
At the following prompts, enter the name of the DNS nameserver, which is currently
defined, that must be removed. (Note that the IP address is automatically displayed.)
Please insert the OLD DNS NAMESERVER HOSTNAME for local host:
<current DNS nameserver> [Enter]
Please insert the OLD DNS NAMESERVER IP ADDR. for local host:
<current DNS nameserver IP Address> [Enter]
....................................................................................................................................................................................................................................
1350 OMS
4-48
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
4-49
....................................................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
4-50
S5ystem Backup and

Restore
Overview
Purpose
information and the associated tasks that pertain to the backup and recovery of the 1350
OMS.
Contents
Backup and Restore Overview
5-2
scbackup Overview
5-3
Backup Strategies
5-6
Backup Tape Sets
5-8
Backup Restrictions and Requirements
5-10
Troubleshoot a Backup
5-11
5-13
Troubleshoot a Restore
5-15
Mirror Configurations
5-20
Run scdisk_read_check to Read and Check the Disk
5-21
5-23
Run scbackup for a Local Disk or an Application Instance Backup
5-24
Run scbackup Using a Disk Directory as the Supporting Output Media
5-29
5-33
Boot from the IRT
5-34
5-37
Run the scmirrorfs Tool to Set Up the Mirrored Configuration
5-44
...................................................................................................................................................................................................................................
1350 OMS
5-1
....................................................................................................................................................................................................................................

Backup and restore functional definition
The backup and restore function is one of the administrator functions that is a part of the
Alcatel-Lucent Middle Ware Operating System (MW_OS) package of support tools. This
package of tools eases the administration of the HP-UX operating system in the
Alcatel-Lucent software environment.
Backup and restore can be run through the execution of online commands, and each is
integrated with other MW_OS features (for example, disk mirror management).
Backup and restore storage areas
The backup and restore function can operate on the following different storage areas:
System area, which includes mostly programs, but also application independent data.
Disks that are local to the system, which includes all disks but not shared disks in
cluster systems that share data configurations.
Application instances, which includes application data that is stored on local or on
shared disks.
Backup focuses on the type of data that is stored on the disks. Backup has the ability to
distinguish between system data and application instance data, which can be backed up
separately.
....................................................................................................................................................................................................................................
1350 OMS
5-2
scbackup Overview
....................................................................................................................................................................................................................................
scbackup Overview
Backup objective
The backup procedure provides the administrator with an easy-to-use tool to store, on
tape or on a disk directory (local or remote mounted via Network File System - NFS), the
contents of the disks and the disk partitioning. The backup can be used if a disk failure
occurs or if data corruption becomes evident.
All backups are done using the scbackup command.
Backup tools
The backup procedure uses the following HP-UX tools:
fbackup, which is the backup tool that is included in the HP-UX 11.31 Core.
Ignite-UX, which is an add-on HP tool for system installation services.
The versions of the tool that are certified are listed in the following table. The behavior of
scbackup is only guaranteed with the versions that are listed in the following table. Using
an older version of the tool can cause the backup to fail.
Full System Backup and Restore
Tool
Version
HP-UX 11i
11.31
Ignite-UX
C.7.10.472
scbackup syntax
The command syntax of scbackup is as follows:

The following syntax is the typical format for a backup:
scbackup [-t <minutes>] [-a <dir_name>][-o <option list>] [-d] ARG...
The following syntax must be used when errors occur during the backup and the disk
mirroring must be recovered. The failed backup displays a warning message that this
syntax must be used:
scbackup -R
The following syntax is used to print out the procedure version or for help:
scbackup -v | -h
....................................................................................................................................................................................................................................
1350 OMS
5-3
scbackup Overview
....................................................................................................................................................................................................................................
Where:
-t <minutes> specifies the time to wait in minutes to insert a new tape. If the time
expires, the backup is terminated. The default is an infinite waiting time. This option
is not allowed if the -a option is specified.
-a <dir_ name> specifies that the output of the backup is to be generated in a file that
is stored on the associated disk directory (<dir_name>). This directory can be
mapped on a local disk or on a remote disk that has been mounted by the Network
File Server (NFS). The filename will have the format:
<hostname>_<yymmdd>-<time>_fbackup.out
For example: tlvsnk_101123-15.21_fbackup.out
Important! The disk directory must already be specified in /etc/fstab using the
following syntax:
<directory> <mount-point> <type> <options> <backup frequency> <pass
number> [<comment>]
Example for a local directory:

nodeName:/bck_dir /bck_dir nfs rw,nolargefiles 0 0
Example for a remote directory:

/dev/vg01/lvol3 /bck_dir vxfs nolargefiles,delaylog 0 0
For more information about the syntax of fstab, refer the fstab man page.
-o <option_list> specifies the command options, which can be one of the following:
noIRT | IRTonly
online | offline
One option, or none, can be selected from each pair:

noIRT skips the IRT production.
IRTonly makes only an IRT version.

Note: If the -a option is specified and the creation of the IRT is required, use
either of the following:

scbackup -a <dir_name> ... .
Or:
scbackup a <dir_name> -o IRT only ...
The scbackup does not provide a bootable tape; but, it does provide a bootable
ISO image that can be used to reproduce the current system configuration. (This
bootable image must be burned on a DVD.) The image is stored on the associated
disk directory (<dir_name>) with a filename that has this format:
<hostmane>_<yymmdd>-<time>_image.iso
For example: tlvsnk-101123_15.21_image.iso
online forces the online backup.

offline forces the offline backup.
-d, which is for test purposes only, specifies that a dry-run is to be done. When -d is
specified, most checks are performed, but a tape is not written to. The -d option is not
available if the -a option is specified.
....................................................................................................................................................................................................................................
1350 OMS
5-4
scbackup Overview
....................................................................................................................................................................................................................................
-R specifies that a recovery is to be done. When -R is specified, a recovery from
previous disk mirroring errors occurs.

-v specifies that a version is to be done. It prints the procedure version and exits.
-h specifies that a short help page is to be displayed. It displays the page and exits.
ARG, which are the command arguments, are as follows:
system specifies a system disk backup. Local application instances are ignored.
<name_version_id> specifies an application instance backup. More than one instance
can be specified.
<no arguments> specifies a local disk backup. The entire contents of the local disk
are backed up.

For backups of application instances, the command format, in its simplest form, is the
following:
...,sys,root # scbackup instance_0 ... instance_n [Enter]
This command format produces a tape that contains the application instances that are
listed as command arguments. Each command argument has the following format:
<name>_<version>_<id>
The data for <name>_<version>_<id> can be retrieved with the following command:
scinstance -l
A shared instance backup is allowed only if the instance has status SMVI-SA, which is the
instance is active on its master system.
Example:
....sys,root # scbackup SDH_9.5.0_1 EML_9.5.0_1
This command line backs up two application instances; the tool automatically determines
if these instances should be backed up online or standard/offline.
....................................................................................................................................................................................................................................
1350 OMS
5-5
Backup Strategies
....................................................................................................................................................................................................................................
Backup Strategies
Types of backups
The following types of backups can be done using scbackup:
Online backups (p. 5-6)
Standard backups (p. 5-6)
Online backups
Online backups are used to back up disks without having to shut down and reboot the
system.
Online backups are typically performed during these scenarios:
When the logical volumes to be backed up are mirrored and in a stable state; and, the
administrator does not select the offline option.
During this scenario, the administrator must stop all applications, the logical volumes
are split, the backup is performed, and the administrator is advised that the
applications can be restarted.
When the user has forced an online backup using the online option, which overrides
the default.
During this scenario, the administrator must stop all applications that involve the
particular logical volumes. The applications can be restarted when the backup is
completed.
Standard backups
Standard backups, which are also referred to as offline backups, require the system to be
shut down and a reboot to occur when backing up the local disks. All applications are
stopped, either by a system shutdown or by a command.
A standard backup is performed during the following scenarios:
At least one of the logical volumes to be backed up is not mirrored or its mirroring
state is not stable and the administrator has not selected the online option.
The administrator has forced the backup using the offline option to override the
default.
Instance backups
An instance backup is used to back up the Alcatel-Lucent TMN application data. All
application instances, local or shared, can be backed up. (Local instances can also be
backed up through the steps that are given in the Run scbackup for a Local Disk or an
Application Instance Backup (p. 5-24) task.)
....................................................................................................................................................................................................................................
1350 OMS
5-6
Backup Strategies
....................................................................................................................................................................................................................................
The steps to back up applications instances are those steps that are listed in Run
scbackup for a Local Disk or an Application Instance Backup (p. 5-24) task, unless the
following scenarios occur:
An IRT is not made.

The standard backup does not perform a system shutdown and reboot when the shared
instances have to be backed up. The backup only requires the applications to be shut
down while the backup is writing data to tape.
Refer to scbackup syntax (p. 5-3) for a detailed explanation of the command syntax to
use when backing up an application instance.
After the tool analyzes the options that are specified in the command line, it outputs a
display that is similar to the following:
The backup will be carried out with the following choices:
Ignite Recovery Tape (IRT) : System disk backup
: No
Instances
: SDH_9.5.0_1 EML_9.5.0_1
Time-out on tape changing : No
On-line / Off-Line Backup : Auto
Dry-run exec
: No
Do you want to continue (y|n) ? :
....................................................................................................................................................................................................................................
1350 OMS
5-7
Backup Tape Sets
....................................................................................................................................................................................................................................
Backup Tape Sets

When Backup Tape Sets Can Be Made
Backup tape sets can only be made if the a option is not specified when the scbackup
command is executed.
Number and types of tape sets
Several tape sets can be written to back up the full system. We recommend using two
basic tape sets, plus another set for clustered systems that are in a data sharing
configuration.
The recommended tape sets are the following:
First set: the IRT Set (p. 5-8)

Second set: the fbackup set containing the entire local disk (p. 5-8)
Third set: the fbackup set for the shared application instances (p. 5-9)
Important! If both digital audio tape (DAT) and digital linear tape (DLT) devices are
available, the recommended tape sets can be created using these different types of tape
cassettes; meaning, a DAT tape can be used for the IRT set and DLT tapes for the other
sets. However, each set must be made up of just one type of tape cassettes.
First set: the IRT Set
The first tape set is the Ignite-UX Recovery Tape (IRT) set, which is typically created
online by Ignite-UX, with a reduced HP-UX OS, and run using one 4 GB tape. This set is
produced using the IRTonly option.
The IRT contains a reduced image of the HP-UX operating system and it can be used for
system reboot and a minimal installation. The IRT also contains a description of the local
disk configuration. Ignite-UX can read this configuration upon system installation to
rebuild the disk structure; however, Ignite-UX cannot manage the disk mirroring;
meaning, if the backed up system had mirrored disks, the mirroring must be rebuilt
manually on the recovered system.
Second set: the fbackup set containing the entire local disk
The second tape set is created by the fbackup tool and it contains the entire contents of
the local disk. This backup can be done online or offline. The tool can automatically
choose the most appropriate type of backup depending on the system configuration and
the status; however, the administrator can override any automatic choices.
Depending on the data size, more than one tape might be needed.
....................................................................................................................................................................................................................................
1350 OMS
5-8
Backup Tape Sets
....................................................................................................................................................................................................................................
Third set: the fbackup set for the shared application instances
The third, and optional, tape set is created by fbackup and it contains the contents of
disks where the shared application instances have been configured. This backup can be
done online or offline. The tool can automatically choose the most appropriate type of
backup depending on the system configuration and the status; however, the administrator
can override any automatic choices.
Depending on the data size, more than one tape might be needed.
Alternate tape set combination
An alternate tape set combination could include the following:
First set: the IRT Set (p. 5-8)
Alternate Second set: The system data set.

This set is similar to Second set: the fbackup set containing the entire local disk
(p. 5-8), but it does not include the backup of the local application instances.
Alternate Third set: Third set: the fbackup set for the shared application instances
(p. 5-9).
This set contains the backup of all the application instances defined on the system,
both local and shared. This set can be split further in two subsets: one for local and
one for shared application instances.
....................................................................................................................................................................................................................................
1350 OMS
5-9
....................................................................................................................................................................................................................................

fbackup restrictions
If the system that you are to back up has volume groups that are inactive or logical
volumes that are not mounted, the backup procedure displays warning messages that
these areas will not be backed up.
Important! We strongly recommend that you do not back up file systems that are
mounted using a path that contains a symbolic link because a recovery archive error can
occur during the restore.
Mirror Disk configuration rebuild restriction
After restoring the data, the restore procedure informs the user if the system was mirrored
at the backup time. The mirror rebuild is not managed directly by the restore tool, but it
must be activated separately. Refer to Mirror Configurations (p. 5-20).
For systems that are protected with Mirror/Disk UX, you can proceed with the full online
disk backup using the scbackup tool. After the disk restore is completed with screstore,
you can invoke scmirrorfs to rebuild the mirror configuration. With scmirrorfs, you must
specify the mirror disks to be used. Refer to Run the scmirrorfs Tool to Set Up the
Mirrored Configuration (p. 5-44) for details.
Console restriction
fbackup is executed in single user mode during the HP-UX boot phase.
Important! If you shut off the console terminal or disconnect the Web console during
the execution of fbackup, fbackup is interrupted and the backup does not complete.
Required disk space requirement
The Ignite-UX tool requires at least 128 Mbyte free in the file system where the /var
directory is located.
scbackup-screstore version incompatibility
The scbackup-screstore version 3.2 is compatible with the version 3.0 and newer
versions of the Alcatel-Lucent backup-restore; therefore, the tapes that were produced
with the version 3.0 and newer versions of scbackup-screstore can be used by version
3.2 and beyond.
Important! Label the new tapes correctly and separate them from the old tapes.
....................................................................................................................................................................................................................................
1350 OMS
5-10
....................................................................................................................................................................................................................................
Log files
The scbackup tool creates one log file that records all data that pertains to the entire
backup:
/SCINSTALL/log/scbackup.log
Full mirror faults
The check on the system full mirror can fail for the following reasons:
At least one logical volume is not mirrored.
At least one logical volume has a stale status.
The tool skips the online backup unless the administrator has forced the online backup
with the online option.
System crashes
If a system crash occurs during an online backup, the configuration of the original disk
must be recovered, which is done automatically at system start-up.
Split operation problems
If the applications have not been stopped, problems can occur during the split operation
of an online backup. The backup tool ends and automatically starts a recovery.
Time-out expiration
If the administrator started the backup with the -t option and does not fulfill a request for
a new tape cassette within the set time, the backup tool terminates and must be run again.
Should this scenario occur, backup can be run with the -o noIRT option, which skips the
creation of the IRT.
MERGE-DELETE problems
Any MERGE-DELETE problems are typically the cause of faulty disk mirroring. The
administrator should check the log file for errors and manually run the scbackup -R
command.
Login messages
If problems occur at the end of a standard/offline backup, the fbackup tool displays
warning or error messages upon login. The administrator should check both types of
messages in the /SCINSTALL/log/scbackup.log file to determine the nature of the message
and/or the potential problem.
....................................................................................................................................................................................................................................
1350 OMS
5-11
....................................................................................................................................................................................................................................
After a backup on tape, the following warning message can be ignored:

WARNING: unable to read a volume header.
With Error messages, check the /SCINSTALL/log/scbackup.log to determine the cause of

the errors. The tape set is not useful and the backup must be rerun.
To clear the messages from being displayed, remove the
/var/adm/fbackfiles/fbackup.msg file.
....................................................................................................................................................................................................................................
1350 OMS
5-12
....................................................................................................................................................................................................................................

Restore purpose
The restore tool is used to restore, on the same physical system, the complete contents of
the same physical system where the backup tapes as OS images have been made. Any
system restore on different hardware is not guaranteed.
Restore phases
The restore consists of the following phases:
The first phase uses the IRT tape set or ISO image, and it recreates the Logical
Volume Manager (LVM) disk configuration of the local disks that exists at backup
time. In addition, it installs a minimal operating system that allows the system to be
booted from disk. This phase destroys the existing content of the local disks.
The second phase recovers the contents of the local disks, which are typically grouped
in the volume group vg00. The administrator must run the screstore tool to complete
this phase.
The third, and optional phase, recreates the volume groups for the shared instances
and recovers data on external disks. The administrator must run the screstore tool to
complete this phase.
screstore syntax
The command syntax for screstore is the typical format for a backup:
screstore [-a <dir_name>] [ARG] ...
Where:
-a <dir_name> specifies that the input of restore is a file that is stored on the associated
disk directory (<dir_name>) with the following name:
<hostname>_<yymmdd>-<time>_fbackup.out
Example:
tlvsnk_101123-15.21_fbackup.out
-v prints the version of the tool.
-o displays a short help file.
[ARG] are the command arguments for the application instances.
Example:
...,sys,root # screstore SDH_9.5.0.1
If an argument is not specified, the contents of the entire backup tape or ISO image is
restored/recovered.
....................................................................................................................................................................................................................................
1350 OMS
5-13
....................................................................................................................................................................................................................................
IRT recovery
Note: If you performed a backup on a directory disk (using the a option with the
scbackup command), the IRT is a DVD that contains the bootable ISO image.
The recovery of the Ignite-UX Recovery Tape (IRT), includes the following activities,
which are performed by booting the HP Integrity system from the IRT:
Reconfiguration all of the hard disks in use, exactly as they were, at backup time.
Restoration of a minimum HP-UX operating system on the hard disks so the
frecover tool can be run.
Restoring shared instances
The restore for shared instances is performed the same way in which the restores are
performed for local disks; however, the file systems for these application instances are not
created in the first recovery step by Ignite-UX, so it becomes the responsibility of the
restore tool. Refer to Step 7 of the Run screstore to Restore Data from the fbackup
Media (p. 5-37) task for details.
Any shared instance can be restored to the system providing the following requirements
are met:
The instance is displayed in the following command output:

scinstance l-
The status of the instance is SMVI-SA
The status of the instance is not SMVI-SA, but its volume group has not already been
created.
....................................................................................................................................................................................................................................
1350 OMS
5-14
....................................................................................................................................................................................................................................
IRT rebooting errors
If Ignite-UX encounters errors during the recovery, output similar to the following is
displayed:
ERROR: The disk at HW path: 0/0/1/1.2.0 was specified in the configuration
files but does not exist on the system. And since
allow_disk_remap=false, no attempt to find a substitute will be made.
Because of the error(s) above, the user-interface must be
used to correct them... Non-interactive install canceled.
Press Return to continue:
When the administrator presses Enter, Ignite-UX then outputs a display that is similar to
the following:
Hardware Summary:
System Model: 9000/800/rp7400
+--------------------+---------------+------------------+ [Scan Again]
| Disks: 10 (113.9GB)| Floppies: 0 | LAN cards:
3
|
| CD/DVDs:
1 | Tapes:
1 | Memory:
2040Mb|
| Graphics Ports: 0 | IO Buses: 8 | CPUs:
4
| [H/W Details]
+--------------------+---------------+------------------+
[
Install HP-UX
]
[
Run a Recovery Shell
]
[
Advanced Options
[ Read Sys-Admin Message ]
[ Reboot ]
[ Help ]
This display indicates that something different exists in the system configuration that is
preventing Ignite-UX from performing the automatic recovery; therefore, to bypass the
problem, the administrator must run Ignite-UX manually.
No automatic reboot from the IRT
Occasionally, the machine does not reboot automatically from the IRT. It can stop for a
long time (more than 20 minutes), after the display of the following message:
NOTE: tlinstall is searching filesystem - please be patient
If the reboot does not occur automatically, the administrator can force the reboot by
entering the following command:
[Ctrl]c
Scripts that fail during the reboot from the IRT
Because the IRT restores only a subset of entire HP-UX operating system and nothing
of the particular 1350 OMS application, some errors can occur.
....................................................................................................................................................................................................................................
1350 OMS
5-15
....................................................................................................................................................................................................................................
The following is a useless error message regarding some scripts/tools that have failed.
This type of message should be ignored:
Copy processor logs to /var/tombstones
[FAILED]
Clean UUCP
[FAILED]
Starting HP-UX Secure Shell
[FAILED]
Start Kerberos V5 daemons
[FAILED]
Start mail daemon
[FAILED]
Starting RPC daemon if needed
[FAILED]
Starting Alcatel License Daemon
[FAILED]
* - An error has occurred!
* - Refer to the file /etc/rc.log for more information.
Console messages that are displayed during the reboot from the IRT
Because the IRT restores only a subset of entire HP-UX operating system and nothing
of 1350 OMS application, errors can occur.
The following is a useless error message that occurs when the system is rebooted from the
restored disks. This type of message occurs because of the partial recovery that Ignite-UX
performs and because of the temporary inconsistency between the restored files and the
contents of /etc/inittab. The messages disappear after the recovery of the fbackup set;
and in general, output that is similar to the following display should be ignored:
INIT: Command is respawning too rapidly.
Will try again in 5 minutes.
Check for possible errors.
id: .....
screstore checks and messages
The media that is used as input during the restore process could be the following:
A tape (one or more) or a DVD that is used as the IRT

A tape (one or more) or an ISO image file that is generated by fbackup.
To prevent errors due to a media (tape or DVD) labeling mistake or a simple media swap,
the screstore tool performs initial checks before it starts the restoration of the file system.
If an inconsistency exists between the data that is present on the input media and the
system configuration, screstore outputs an error or warning message for the following
typical reasons:
The IRT media (tape or DVD) and fbackup media (tape or ISO image file) were not
produced on the same system; meaning, media from different systems have been
mixed.
....................................................................................................................................................................................................................................
1350 OMS
5-16
....................................................................................................................................................................................................................................
The source of the media must be checked.

The IRT and fbackup media were produced at different times and with different
system configurations, which means that the administrator is trying to restore an
fbackup media on a system in which the disk configuration is different from the target
file system, on a system that is not available, or on a system that is not large enough to
perform the restore.
The validity of the media must be checked.
The input media is correct, but something was modified during the Ignite-UX
recovery process (interactive restore installation), or after the successful Ignite-UX
recovery and before the screstore process.
If an inconsistency does occur, the screstore process must be stopped to determine and
correct the problem, then screstore must be rerun.
WARNING: Current host is different from...
Output similar to the following occurs when the input media is mixed up. Change the
fbackup media or restart the recovery from the beginning with the correct IRT.
*************************************************************
WARNING:
Current host is different from the one backed up.
Current host -> hosta
Backedup host -> hostb
*************************************************************
ERROR: Volume group name...
When output that is similar to the following is displayed, a volume group configuration
mismatch has occurred; therefore, the IRT and fbackup input media must be verified for
consistency.
***************************************************
ERROR: Volume group name "<volume group name>"
present on tape but not defined on system
***************************************************
WARNING: Volume group name...
When output that is similar to the following is displayed, a volume group configuration
mismatch has occurred; therefore, the IRT and fbackup input media must be verified for
consistency.
***************************************************
WARNING: Volume group name "<vg_name>"
is present on tape but not ACTIVATED on system
***************************************************
....................................................................................................................................................................................................................................
1350 OMS
5-17
....................................................................................................................................................................................................................................
When this warning is displayed, the volume group must be activated with the vgchange
command:
vgchange -a
y <Volume Group>
Error: Logical volume ...
When the following error message is displayed, the IRT and the fbackup input media
must be verified for consistency.
****************************************************
ERROR: Logical volume "<lv_name>"
present on tape but not defined on system
****************************************************
When the following error message is displayed, the logical volume must be mounted with
the mount <lv_name> <mount_point> command.
mount: /dev/vg00/lvol11 was either ignored or not found in /etc/
fstab
***************************************************
ERROR: Logical volume "<lv_name>"
has been created but not mounted on system
***************************************************
If the command succeeds, screstore must be rerun. If the command fails, the IRT and
fbackup input media must be verified for consistency.
WARNING: Different mount points...
must be verified for consistency:
******************************************************************
WARNING: Different mount points found for the Logical volume <lv_name>
actual mount point - > <act_mp>
tape mount point - > <tape_mp>
****************************************************************
ERROR: The mount point...
must be verified for consistency:
******************************************************************
ERROR: Mount Point: <mount_point>
is not a directory
****************************************************************
....................................................................................................................................................................................................................................
1350 OMS
5-18
....................................................................................................................................................................................................................................
WARNING: The mount point...
When the following message is displayed, a nesting of the mount point directory has
occurred. You should have one or more empty directories; and if you do, you can proceed.
If you do not, check the contents of the directories.
******************************************************************
WARNING: Mount Point: <mount_point>
is not an empty directory
****************************************************************
WARNING: The file system mount:
When the following message is displayed, the IRT and fbackup input media were not
produced by the same execution of scbackup and not enough room exists to store the data
on the media.
Use the scextendfs command to extend the file system:
scextendfs <filesystem> <free Megabytes>
******************************************************************
WARNING: The file system mount on <mount_point>
has not enough free space:
to recover the logical volume
actual free space - > 500 Mb
required space - > 550 Mb
*****************************************************************
....................................................................................................................................................................................................................................
1350 OMS
5-19
....................................................................................................................................................................................................................................
The scmirrorfs tool
The scmirrorfs tool is used to assign and/or reassign disks for the mirror copy of data.
This tool requires the administrator to enter the device names of the primary disk and the
alternate disk that must be used to store the mirror copy of the data. Use of the scmirrorfs
tool can possibly change the configuration.
Disk requirements
The following disk requirements apply:
The administrator must know the names of the primary and the alternate disks that are
to be used in the mirror configuration.
The disks that belong to the mirror copy disk do not have to be physically identical to
the main disk set.
The amount of space on both disks must be sufficient to store all of the logical volume
that is currently defined.
The disks that belong to the mirror copy disk set should not share the same SCSI bus
as the main disk. When the configuration script recognizes that the disk that is being
added to the mirror copy is connected to a SCSI bus that is already in use for the main
disk set, output similar to the following is displayed:
WARNING: Controller disk already used in Main path (pvg0)"
Do you want to choose another disk ?
To guarantee the machine functionality if the disk controller fails, you must to choose
another disk that belongs to another chain.
....................................................................................................................................................................................................................................
1350 OMS
5-20
....................................................................................................................................................................................................................................

When to use
Use this task to run scdisk_read_check to read and check the disk before you run
scbackup.
Related information
Backup and Restore Overview (p. 5-2)
Before you begin
Because the online backup determines if a full mirrored/stable disk configuration is

present and, providing the offline backup is not-selected, splits the logical volumes to
prepare the data for the online backup from the mirrored disks, it can call attention to a
latent disk problem; therefore we suggest that you run the scdisk_read_check tool,
which reads and checks the disk prior to running scbackup.
Important! Some disk failures can cause commands to go into endless loops that can
only be terminated by the first reboot of the system.
Task
Complete the following steps to run the scdisk_read_check tool, which reads and checks
the disk.
...................................................................................................................................................................................................
Log in to the system in which the backup is to be performed as root.

...................................................................................................................................................................................................
Enter the following command to initialize the tool:

...,sys,root # scdisk_read_check [Enter]
Result: The scdisk_read_check tool shows you the disk that is being read and
scanned so you can identify certain areas if a failure is found.
=><date/time stamp>
=>START:
OSConf Disk Read check
--- Disk read check for Volume Group: /dev/vg00 --Note: record size is 64 MByte
<date/time stamp> Start read check of disk c2t5d0
Disk Size 8678 MByte (note: must be check 135 records)
135+1 records in
....................................................................................................................................................................................................................................
1350 OMS
5-21
....................................................................................................................................................................................................................................
135+1 records out

real
8:28.0
user
0.0
sys
3.5
<date/time stamp> End successfully
=><date/time stamp>
=>END:
OSConf Disk Read check
...,sys,root #
If the tool executes successfully, you can proceed with the backup.
Important! If the tool issues I/O errors or if it gets stopped (CPU activity does not
occur for the process), a hardware problem exists. Correct the problem before you
proceed with the backup.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
5-22
....................................................................................................................................................................................................................................

When to use
Use this task to perform a tape check using scbackup without the -a option.
Related information
Before you begin
Do not use this task if you have used the -a option during the execution of the scbackup
command.
Task
Complete the following steps to perform a tape check.

...................................................................................................................................................................................................

...................................................................................................................................................................................................
Enter the following command to perform the tape check:

...,sys,root # ls /dev/rmt [Enter]
Result: The command output is displayed..
...................................................................................................................................................................................................
Visually verify that the /dev/rmt exists and that it is not empty.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
5-23
Run scbackup for a Local Disk or an Application Instance

Backup
....................................................................................................................................................................................................................................

Backup
When to use
If you are not using the -a option of the scbackup command, use this task to run the
scbackup tool to run a local disk backup or an application instance backup using a tape as
the output media.
Important! If you are using the -a option of the scbackup command, do not use this task;
use the Run scbackup Using a Disk Directory as the Supporting Output Media
(p. 5-29) task.
Related information
Backup Restrictions and Requirements (p. 5-10)
Troubleshoot a Backup (p. 5-11)
Mirror Configurations (p. 5-20)
Before you begin
This task could take 2 hours to perform. Make sure that you have sufficient time and that
you are available to answer all tool prompts.
The scbackup tool has a 60 minute default for a time-out on the tape request; meaning,
the tool asks you to insert a new tape and you have 60 minutes to insert a new tape. When
you invoke the tool, you can change or disable this time-out period by using the -t option
on the command line:
...,sys,root #
scbackup -t <minutes>
Example:
To increase the time out to 180 minutes, you would enter the following command line:
....sys,root # scbackup -t 180
To disable the time out to 0 minutes, you would enter the following command line:
...,sys,root # scbackup -t 0
....................................................................................................................................................................................................................................
1350 OMS
5-24

Backup
....................................................................................................................................................................................................................................
Task
Complete the following steps to run the scbackup tool using a tape as the output media.
...................................................................................................................................................................................................

Important! The root password is saved in the IRT. This password will be needed during
recovery time. Do not forget this password.

...................................................................................................................................................................................................
Enter the following command to initialize the scbackup tool:

...,sys,root # scbackup [Enter]
Important! This command syntax is the simplest form of the command. It produces an
IRT tape set and backs up the local disks, which are typically the local disks that are in
volume group vg00. Refer to scbackup syntax (p. 5-3) for the complete syntax of the
command and variations on the backup. In addition, to back up an application instance,
refer to Instance backups (p. 5-6) for details and scbackup syntax (p. 5-3) for the
complete syntax of the command.
Result: After the tool analyzes the options that you specified in the command line, it
outputs a display that is similar to the following:

Ignite Recovery Tape (IRT) : Yes
System disk backup
: Yes
Instances
: EML_9.5.0_1 MW_INT_9.5.0.1
Time-out on tape changing
: No
On-line / Off-Line Backup
: Auto
Dry-run exec
: No
...................................................................................................................................................................................................
At the following prompt, answer y for yes:

Do you want to continue (y|n) ? : y
Result: The tool prompts you to enter the tape device that is to be used for writing the
IRT.
...................................................................................................................................................................................................
If the IRT is to be created, enter the tape device that is to be used for writing the IRT and
press Enter, or press Enter to select the file that is displayed:
Enter tape device for Ignite <default=<tape device>>:
<tape device> [Enter]
....................................................................................................................................................................................................................................
1350 OMS
5-25

Backup
....................................................................................................................................................................................................................................
Example:
Enter tape device for Ignite <default=<tape device>>:
/dev/rmt/0m [Enter]
Important! The tape device must be of type NO-REWIND. In addition, its name must be
in the format of the following:
/dev/rmt/<x>mn
Where: x is a digit from 0 to 9.

Result: The tool prompts you to mount a tape in the tape drive.
Please insert a tape labelled 'Ignite' into device <tape_
device>.
Press [Enter] when ready.
...................................................................................................................................................................................................
Mount an unprotected tape cassette and wait until the drive light stops blinking.
...................................................................................................................................................................................................
When the blinking light stops blinking and the device light becomes stable, press Enter to
create the IRT:
Enter
Result: The creation of the IRT can take up to 40 minutes. Any error that is detected
aborts the execution of the tool. The tool outputs the status of the execution on your
monitor.
When the IRT completes without errors, the following message is displayed:
**************************************************
Please, label the Ignite Recovery Tape as:
<host> - Ignite Bootable - <date> <time>
...................................................................................................................................................................................................
Enter the following command lines to print vital information regarding the contents of the
tape. This step is imperative because this information can be useful if a disk failure
occurs.
...,sys,root # vgdisplay
-v [Enter]
...,sys,root # scextendfs -i [Enter]
....................................................................................................................................................................................................................................
1350 OMS
5-26

Backup
....................................................................................................................................................................................................................................
Result: The system outputs vital information regarding the contents of the tape.
...................................................................................................................................................................................................
Label the tape properly, remember the root password that was staved in the IRT, and store
the printout containing the output of the vgdisplay and scextendfs commands with the
tape.
Result: Once the tool completes the creation of the IRT, it prompts you for the
HP-UX device file for the fbackup.
...................................................................................................................................................................................................
Enter the tape device that you want to use to back up the entire disk and press Enter, or
press Enter to select the file that is displayed:
Enter tape device for Fbackup <default=<tape_device>>:
<tape device> <Enter
Example:
Enter tape device for Fbackup <default=<tape device>>:
/dev/rmt/0m [Enter]
Important! The tape device must of type NO-REWIND. In addition, its name must be in
the format of the following:

/dev/rmt/<x>mn
Where: x is a digit from 0 to 9.

Result: The tool verifies that all logical volumes that are going to be backed up are
correctly mounted on the system. In addition, the tool determines if the system should
be backed up online or offline. The system choice can be overridden by using the
option -o. Note: the tool tries to guarantee the consistency of the backed up data; so,
we suggest that you do not override the system choice.
...................................................................................................................................................................................................
10
For an online backup...

If disk splitting is to occur, stop all applications and be present to answer all prompts
that the tool outputs.

One of the copies of the logical volume is removed from the mirror and is used for the
backup. When the disk splitting is completed, the tool prompts you to restart the
applications. Upon backup completion, the logical volumes are automatically reduced,
that is the disk copies are removed from the mirror system for backup, they are put back,
and the mirror is restored to its normal state.
If disk splitting is not to occur, stop all applications and be present to answer all
prompts that the tool outputs. When the backup completes, the tool prompts you to restart
the applications.
....................................................................................................................................................................................................................................
1350 OMS
5-27

Backup
....................................................................................................................................................................................................................................
For a standard (offline) backup...

When the tool prompts you to stop the applications and to continue with the backup, you
must answer Yes or the backup aborts. The tool continues to prompt you to establish a
grace period (in minutes) in which the user can use to log off the system before it shuts
down. If you press Enter without setting a grace time, the system reboots immediately.
After the system shutdown, you must connect to the system console to follow the backup
execution. If the backup fails, you are notified of the backup failure upon login.
For all types of backups...
Important! You must always be present during a backup to answer the prompts that the
tool outputs. Prompts include when to start and stop applications and requests to remove
the current tape and insert a new one. By default, the tool can wait for an indefinite
amount of time for a new tape; therefore, an unattended backup can virtually last forever.
In addition, the tool does not check the contents of the inserted cassette tape. Any data
that has previously been written on a tape is overwritten and lost. Use only new and/or
scratch tapes.
Result: The tool outputs the following:
**************************************************
Please, label the tape volume(s) as:
<host> - Fbackup Volume i of <n>
<date/time stamp> - local full
***************************************************
...................................................................................................................................................................................................
11
Remove and label the tape appropriately.

...................................................................................................................................................................................................
12
View the results of the backup by accessing the following file:

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
5-28
Run scbackup Using a Disk Directory as the Supporting

Output Media
....................................................................................................................................................................................................................................
Run scbackup Using a Disk Directory as the Supporting Output

Media
When to use
If you are using the -a option of the scbackup command, use this task to use a disk
directory as the output media when running scbackup command.
Related information
Before you begin
Use this task if you have used the -a option and you cannot run scbackup for a local disk
or an application instance backup.
Task
Use this task to use a disk directory as the output media when running scbackup
command.
...................................................................................................................................................................................................

Important! The root password is saved in the IRT. You will need this password during
recovery time. Do not forget this password.
Result: You now have superuser priviliges.
...................................................................................................................................................................................................
Optional: To optimize the tool's behavior and to reduce execution time, use the
excluded-list file(s) to specify the application files and directories that are to be excluded
from the backup. The application files and the directories will be backed up by the
application specific tools.
You can have more than one excluded-list file; but, all of the excluded-list files have to be
stored in the /sbin/SC_ExcludeFiles directory, which is created automatically during the
1350OMS-MW_OS installation.
...................................................................................................................................................................................................
Enter the following command to initialize the scbackup tool:

..., sys, root # scbackup -a <dir_name> [Enter]
Where: <dir_name> is the path of the disk directory where scbackup output will be
stored.
....................................................................................................................................................................................................................................
1350 OMS
5-29

Output Media
....................................................................................................................................................................................................................................
Important! This command syntax is the simplest form of the command. It produces an
IRT ISO image file and backs up the local disks, which are typically the local disks that
are in volume group vg00. Refer to scbackup Overview (p. 5-3) for the complete syntax
of the command and variations on the backup. In addition, to back up an application
instance, refer to Instance backups (p. 5-6) for details on how to perform a backup on a
particular instance of an application.
Result: After the tool analyzes the options that you specified in the command line, it
outputs a display that is similar to the following:

Ignite Recovery Tape (IRT) : Yes
System disk backup : Yes
Instances :
Time-out on tape changing : No
On-line / Off-Line Backup : Auto
Dry-run exec : No
Directory archive on disk :<dir_name>
**************************************************************
ATTENTION: You are using the following REMOTE disk directory:
<dir_name>
**************************************************************
...................................................................................................................................................................................................
When the system prompts you to continue, answer y for yes:

Do you want to continue (y|n) ? : y
Result: The tool starts to create an IRT ISO image file that has the format:
<directory>/<hostname>_<yymmdd>-<time>_fbackup.out
Example:
tlvsnk_101123-15.21_fbackup.out
When the IRT ISO image file creation completes without errors, a message similar to
the following is displayed:
**************************************************
ISO Image creation: "/bck_test/tlvsnk-110728_14.52_image.iso"
**************************************************
Bootable ISO Image procedure ended
Press <Enter> to continue...
...................................................................................................................................................................................................
At the following prompt, press Enter to continue:

Press <Enter> to continue...: Enter
....................................................................................................................................................................................................................................
1350 OMS
5-30

Output Media
....................................................................................................................................................................................................................................
Result: The tool continues to save the application files.
When the preliminary checks are finished, the following message is displayed:
********************************************************************
ATTENTION: You are going to perform the standard system backup, but
this requires a system SHUTDOWN-REBOOT.
*******************************************************************
********************************************************************
ATTENTION: It is better to stop applications before shutting down the system,
Please, do it before answering 'YES' next question.
*********************************************************************
WARNING: Answering "NO" to the following question, will terminate the backup
procedure.
Continue with system SHUTDOWN & REBOOT (y|n) ? :
...................................................................................................................................................................................................
At the following prompt, answer y for yes:

Continue with system SHUTDOWN & REBOOT (y|n) ? : y
Result: The tool starts with to shut down and reboot the system.
At some point during the boot sequence, user files are backed up. A message similar
to the following is displayed:
BACKUP: writing on file "/bck_test/tlvsnk-110728_14.55_
fbackup.out"
The tool verifies that all logical volumes that are going to be backed up are correctly
mounted on the system. In addition, the tool determines if the system should be
backed up online or offline. The system choice can be overridden by using the option
-o. Note: the tool tries to guarantee the consistency of the backed up data; so, we
suggest that you do not override the system choice.
When the ISO image that contains the creation of the user files completes without any
errors, a message similar to the following is displayed:
OFF-LINE backup.............................................
OK
The backup is completed and the reboot sequence continues until the end.
...................................................................................................................................................................................................
For an online backup:

If disk splitting is to occur, stop all applications and be present to answer all prompts that
the tool outputs.
....................................................................................................................................................................................................................................
1350 OMS
5-31

Output Media
....................................................................................................................................................................................................................................
One of the copies of the logical volume is removed from the mirror and is used for the
backup. When the disk splitting is completed, the tool prompts you to restart the
applications. Upon backup completion, the logical volumes are automatically reduced;
that is, the disk copies are removed from the mirror system for the backup, they are put
back, and the mirror is restored to its normal state.
If disk splitting is not to occur, stop all applications and be present to answer all prompts
that the tool outputs. When the backup completes, the tool prompts you to restart the
applications.
...................................................................................................................................................................................................
For a standard (offline) backup:

When the tool prompts you to stop the applications and to continue with the backup, you
must answer Yes or the backup aborts. The tool continues to prompt you to establish a
grace period (specified in minutes) in which you can use to log off the system before it
shuts down. If you press Enter without setting a grace period, the system reboots
immediately.
...................................................................................................................................................................................................
View the results of the backup by accessing the following file:

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
5-32
....................................................................................................................................................................................................................................

When to use
Use this task to verify the readability of the fbackup tape.

Important! If you are using the -a option of the scbackup command, you cannot use this
task.
Related information
Backup Restrictions and Requirements (p. 5-10)
Troubleshoot a Backup (p. 5-11)
Before you begin
You cannot use this task if you have specified the -a option of the scbackup command.
Task
Complete the following verify the readability of the fbackup tape.

...................................................................................................................................................................................................
Log in to the system as root user.

...................................................................................................................................................................................................
Mount the first tape in the tape drive.

...................................................................................................................................................................................................
Enter the following command to read the tape:

..., sys,root # /usr/sbin/frecover -rvN -f /dev/rmt/ <tape
device> [Enter]
Result: The command reads the tape. If the command does not display any I/O errors,
the tape is readable.

...................................................................................................................................................................................................
Repeat steps 2 and 3 for every tape that was made during the backup.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
5-33
Boot from the IRT
....................................................................................................................................................................................................................................
Boot from the IRT

When to use
Use this task to boot from the Ignite-UX Recovery Tape (IRT).
Important! If you have specified the -a option of the scbackup command, the IRT will
be a DVD instead of a tape.
Related information
Restore and screstore (p. 5-13)
Troubleshoot a Restore (p. 5-15)
Before you begin

Task
Complete the following steps to boot from the IRT.

...................................................................................................................................................................................................
Switch off the machine.

...................................................................................................................................................................................................
Connect a tape drive that is compatible with the IRT to the system.
...................................................................................................................................................................................................
Insert the IRT into the drive (tape or DVD).

...................................................................................................................................................................................................
Switch on the system.

Result: The following message is displayed:
To discontinue, press any key within 10 seconds.
...................................................................................................................................................................................................
Press any key to get the console main menu.

...................................................................................................................................................................................................
Enter the following command to view the device where the IRT was inserted.
sea
....................................................................................................................................................................................................................................
1350 OMS
5-34
Boot from the IRT
....................................................................................................................................................................................................................................
Result: The system displays information that is similar to the following:

Path# Device Path (dec) Device Path (mnem) Device Type and Utilities Rev
----- ----------------- ------------------ ------------------------- ---P0
0/0/2/0.0 ide.0 Random access media 1
IPL
P1
0/1/1/0.1 intscsia.1 Sequential access media 1
IPL
P2
0/1/1/0.0 intscsia.0 Random access media 1
IPL
P3
0/1/1/1.5 intscsib.5 Random access media 1
IPL
P4
IPL
P5
IPL
Important! A tape device is always referred to as Sequential access media. A DVD

device is always referred to as Ide.0.
...................................................................................................................................................................................................
Enter the following command to boot from the device where the IRT is inserted:
boot <device_path_number>
Where: device_path_number is the path number that corresponds to one of the device
types (tape or DVD) that is listed in the Results of Step 6.
Example:
boot P1
...................................................................................................................................................................................................
At the following prompt, enter N (for No) so you do not interact with the IPL:
Interact with IPL (Y, N or C) > N
Result: The machine begins to boot from the device where the IRT is inserted.
Output similar to the following is displayed:

HARD Booted
ISL Revision ......
ISL Booting hpux (;0) INSTALL
Boot
...: tape (...
If the boot starts correctly, the ISL prompt is not displayed after 3 minutes. Ignite-UX
performs the recovery of the LVM disk structure and the HP-UX OS in a minimum
configuration. You do not have to enter any commands; you only must check the
output for error messages.
....................................................................................................................................................................................................................................
1350 OMS
5-35
Boot from the IRT
....................................................................................................................................................................................................................................
The IRT reboots the system twice. The recovery from the IRT can take up to 90
minutes, depending on the system model. Wait until the end of the second reboot.
If the boot does not start successfully, go to IRT rebooting errors (p. 5-15).
If the machine does not reboot automatically, go to No automatic reboot from the
IRT (p. 5-15).
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
5-36
....................................................................................................................................................................................................................................

When to use
Use this task to run the screstore tool to restore data from the fbackup tapes or by using
a directory as the input source.
Related information
Restore and screstore (p. 5-13)
Before you begin
You can perform this task using one of two methods:
By using a tape, which is explained in Task 1: Using a Tape (p. 5-38).
By using a directory, which is explained in Task 2: Using a Directory (p. 5-41).
Perform this task from the console or from a terminal that is connected to the system
video output. Do not perform this task on an open network session because if you are
disconnected from the network, the restore would not have any recovery procedure and
the restoration would have to be started from the beginning.
Do not log in with the GoGlobal-UX tool. This tool is not available.
When the tool outputs warnings and error messages during the restore process, output that
is similar to the following is displayed:
*****************************************************************************
NOTE: Restore device check issued some warnings.
Restoring from this <device> could result in a wrong system
Please, verify carefully each warning before answering
the following question.
*****************************************************************************
Do you want to continue with restore (y|n) ? :
Where: <device> will be:
tape for an screstore from a tape device
disk archive for restore from an ISO image file
Refer to Troubleshoot a Restore (p. 5-15) and analyze the warnings; and, if necessary,
correct any problems before you answer y to continue the restoration.
....................................................................................................................................................................................................................................
1350 OMS
5-37
....................................................................................................................................................................................................................................
Task 1: Using a Tape
Complete the following steps to run the screstore tool to restore data from the fbackup
tapes.
...................................................................................................................................................................................................
Log in as root using the same password that was active when the backup was done.
After restoring the IRT, only the system is restored, which means that not all of the
required files are currently available; therefore, messages such as the following are
displayed. Ignore these messages because they disappear when the restoration is
completed.
Cannot chdir to /var/news
cat: Cannot open /SCINSTALL/data/boot_version*: No such file
or directory
...................................................................................................................................................................................................
Optional: If you must complete any preliminary tasks on the system before you activate
the restore, create a command file called screstore_init in the SCINSTALL/etc directory
that can be executed before the frecover.
...................................................................................................................................................................................................
Enter the following command to invoke the screstore tool and to start the restoration:
..,sys,root # screstore [Enter]
Important! This command is shown in its simplest form. Refer to screstore syntax
(p. 5-13) for the complete syntax of this command.

Result: The tool prompts you to enter the file that has to be used for the restoration:
**************************************************
Selection of Tape device
Enter tape device for Frecover <default=<tape device>>
...................................................................................................................................................................................................
At the following prompt, enter the HP-UX file that is associated with the tape device
that you want to use for the fbackup tape set and press Enter, or press Enter to select the
file that is displayed:
<directory/filename> [Enter]
Example:
/dev/rmt/0m [Enter]
....................................................................................................................................................................................................................................
1350 OMS
5-38
....................................................................................................................................................................................................................................
Result: The tool prompts you to mount the first tape of the fbackup tape set.
...................................................................................................................................................................................................
Mount the first tape cassette into the tape device, wait until the tape device is ready, and
press Enter to start:
Enter
Result: The tool outputs the expected tape label and asks you to verify it to the tape
that you are have just mounted.

...................................................................................................................................................................................................
If the labels match, specify y to continue.

If the labels do not match, specify n to stop the restoration/recovery.
Result: The recovery procedure continues to check the tape consistency, volume
groups, and logical volumes that are to be restored. If any check fails and the error is
not recoverable, the tool aborts or displays a warning message. When all checks are
completed, the recovery procedure prompts you to continue.
When performing an instance restore, the tool checks the instances that are found on
the tape BEFORE it checks the volume groups. If the mount point for file system of
an instance is not found in the systems, the tool outputs a similar warning and asks
you if you want it to create the mount point. The tool outputs this type of message for
every missing mount point. If you are performing an instance restore, go to Step 7.
Important! Read the warning messages that the tool outputs during this phase and
answer y to continue only if you are sure that the warning messages are meaningless
to your configuration.
...................................................................................................................................................................................................
For an instance restore only, enter y when the tool outputs a display similar to the
following to create mount points:
The mount point <mount point>
does not exist. The procedure will try to create it
Do you want the procedure to create the missing mount point (y|n) ?
Result: The tool invokes the scextends routine, which detects the available hardware
and prompts you to create the instance volume group on an external disk device that it
discovers. If the choice that is discovered is suitable to you, answer y and scextendfs
continues to create the needed mount points.
...................................................................................................................................................................................................
If the tool determines that you must change the run level, stop all TMN applications and
specify y for yes when the tool prompts you to go to run level 3:
Are you ready, system go to run level 3 (y|n) ? : y
....................................................................................................................................................................................................................................
1350 OMS
5-39
....................................................................................................................................................................................................................................
Result: The recovery begins.

Important! Be present during this phase of the recovery because you might have to
load/remove tapes.
...................................................................................................................................................................................................
Mount the next tape when the following message is displayed:

Please MOUNT next TAPE Volume
Result: Once the tape is mounted, the tool outputs a message that is similar to the
following:
message: frecover(5404): Press return when the next volume is
ready on /dev/rmt/0m:
...................................................................................................................................................................................................
10
Press Enter to continue:

Enter
Result: The tool continues to output messages such as the following, which you can
ignore:
frecover(1075): moved emsagent to emsagent.2510 since it was
executing. Remove emsagent.2510 when done.
If you mount the wrong tape, go to Step 11 and note that the tool outputs a message
that is similar to the following:
frecover(5423): incorrect volume mounted;
frecover(5424): expected volume 1, and got 2
frecover(5433): Do you wish to continue using this volume?([yY]/[nN]) n
frecover(5412): Do you wish to try to salvage this volume?([yY]/[nN]) n
frecover(5411): Do you wish to try a different volume? ([yY]/[nN]) y
PLEASE MOUNT next TAPE Volume
...................................................................................................................................................................................................
11
If you mounted the correct tape, the frecover has ended. See the Results in Step 12.
If you mounted the incorrect tape, mount the correct tape now (after the previous message
appears), and then press Enter. Go to Step 12.
...................................................................................................................................................................................................
12
If you initially mounted the incorrect tape and have since mounted the correct tape or if
you initially entered the correct tape, the frecover tool has ended.
....................................................................................................................................................................................................................................
1350 OMS
5-40
....................................................................................................................................................................................................................................
Result: The frecover tool has ended successfully. If the system was mirrored at the
backup time, the procedure reminds you to rebuild the disk mirroring using the
scmirrorfs when ends.
...................................................................................................................................................................................................
13
If you need to rebuild the mirror, activate the scmirrorfs tool.

...................................................................................................................................................................................................
14
Press Enter to continue.

Result: The Physical Group Volume 0 is created to restore the volume groups and the
tool informs you that the system must be restarted for full functionality. In addition, it
prompts you to specify a grace time for the user to log off before a system shut down
occurs.
...................................................................................................................................................................................................
15
At the following prompt, enter the grace time for the user's log off in minutes or press
Enter for an immediate shut down
Enter the grace time for user's logoff before shutting down or
press [Enter] for immediate shutdown
Grace time (in sec.) >
...................................................................................................................................................................................................
16
After the system restart, restore the Alcatel-Lucent TMN applications data following the
appropriate, if any, recovery procedure and you can start up all applications.
E...................................................................................................................................................................................................
N D O F S T E P S
Task 2: Using a Directory
Complete the following steps to run the screstore tool using a disk directory as the input.
...................................................................................................................................................................................................

...................................................................................................................................................................................................
Optional: If you must complete any preliminary tasks on the system before you activate
the restore, create a command file called screstore_init in the SCINSTALL/etc directory
that can be executed before the frecover.
...................................................................................................................................................................................................
Enter the following command to invoke the screstore tool:
....................................................................................................................................................................................................................................
1350 OMS
5-41
....................................................................................................................................................................................................................................
..,sys,root # screstore -a <directory> [Enter]
Where: <directory> is the path of the disk directory where is stored the ISO image file to
use as input for this tool.
Important! This command is shown in its simplest form. Refer to screstore syntax
(p. 5-13) for the complete syntax of this command.

Result: The tool outputs the expected tape label.
...................................................................................................................................................................................................
When the tool outputs the expected tape label, it then asks you to verify it to the tape that
you are have just mounted.
If the ISO image file labels match, enter y to continue:
Is the label OK (y|n) ? : y
If the ISO image file labels do not match, enter n to stop the restoration/recovery:
Is the label OK (y|n) ? : n
Result: The recovery procedure continues to check the tape consistency, volume
groups, and logical volumes that are to be restored. If any check fails and the error is
not recoverable, the tool aborts or displays a warning message. When all checks are
completed, the recovery procedure prompts you to continue.
When performing an instance restore, the tool checks the instances that are found on
the tape BEFORE it checks the volume groups. If the mount point for the file system
of an instance is not found in the system, the tool outputs a similar warning and asks
you if you want it to create the mount point. The tool outputs this type of message for
every missing mount point. If you are performing an instance restore, go to Step 5.
Important! Read the warning messages that the tool outputs during this phase and
answer y to continue only if you are sure that the warning messages are not applicable
to your configuration.
The frecover tool ends successfully. If the system was mirrored at the time of the
backup, the procedure reminds you to rebuild the disk mirroring using the scmirrorfs
when it ends.
...................................................................................................................................................................................................
For an instance restore only, enter y when the tool outputs a display similar to the
following to create mount points:
The mount point <mount point>
does not exist. The procedure will try to create it
Do you want the procedure to create the missing mount point (y|n) ?
....................................................................................................................................................................................................................................
1350 OMS
5-42
....................................................................................................................................................................................................................................
Result: The tool invokes the scextends routine, which detects the available hardware
and prompts you to create the instance volume group on an external disk device that it
discovers. If the choice that is discovered is suitable to you, answer y and scextendfs
continues to create the needed mount points.
...................................................................................................................................................................................................
If you need to rebuild the mirror, run scmirrorfs.

...................................................................................................................................................................................................
Press Enter to continue.

Result: The Physical Group Volume 0 is created to restore the volume groups and the
tool informs you that the system must be restarted for full functionality. In addition, it
prompts you to specify a grace time for the user to log off before a system shut down
occurs.
...................................................................................................................................................................................................
At the following prompt, enter the grace time for the user's log off in minutes or press
Enter for an immediate shut down
Enter the grace time for user's logoff before shutting down or
press [Enter] for immediate shutdown
Grace time (in sec.) >
...................................................................................................................................................................................................
After the system restart, restore the Alcatel-Lucent TMN applications data following the
appropriate, if any, recovery procedure and you can start up all applications.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
5-43
....................................................................................................................................................................................................................................

When to use
Use this task to run the scmirrorfs tool to set up the mirrored disk configuration. This
task requires you to enter the device names of the primary disk and the alternate disk that
must be used to store the mirror copy of the data.
Related information
Before you begin
Read Mirror Configurations (p. 5-20) carefully before you begin this procedure.
Task
Complete the following steps to set up the mirrored disk configuration.

...................................................................................................................................................................................................
Log in as root using the same password that was active when the backup was done.
...................................................................................................................................................................................................
Enter the following command to invoke the scmirrorfs tool:

..,sys,root # scmirrorfs vg00 [Enter]
Result: The tool outputs a display that is similar to the following:
=><date/time stamp>
=>START:
OSConf File(s) System Mirroring
Hardware detection in progress, please wait ........
Total disk(s) found = 6
Total CDRoms found = 1
Press [Enter] to continue...
...................................................................................................................................................................................................
Press the Enter key to continue with the mirror copy of the data.
Result: The tool displays output that is similar to the following. Note the entry for
Pri_Boot.
_______________________________________________________________
Disks Selection
....................................................................................................................................................................................................................................
1350 OMS
5-44
....................................................................................................................................................................................................................................
Mirroring need Alternate Boot disk on Volume Group:"vg00"

______________________________________________________________
Device
MByte Hardware Path
Usage
Type VolGroup
_______________________________________________________________
c1t2d0
8680 0/0/1/1.2.0
Pri_Boot _Main_ vg00
c2t2d0
8680 0/0/2/0.2.0
_(free)_ ______ __
c4t8d0
8680 0/4/0/0.8.0
_(free)_ ______ __
c4t9d0
8680 0/4/0/0.9.0
_(free)_ ______ __
c5t12d0
8680 0/7/0/0.12.0
_(free)_ ______ __
c5t13d0
8680 0/7/0/0.13.0
_(free)_ ______ __
...................................................................................................................................................................................................
At the following prompt, enter the name of an alternative device from which to boot:
Select Alternate BOOT dev name or [q] to quit: <device name>
Result: The tool displays output that is similar to the following. Note the entries for
Pri_Boot and Alt_Boot.
Disk Selection
________________________________________________________________
Device
MByte Hardware Path
Usage
Type
VolGroup
__________________________________________________________________
c1t2d0
8680 0/0/1/1.2.0
c2t2d0
8680 0/0/2/0.2.0
_(free)_ ______ __
c4t8d0
8680 0/4/0/0.8.0
Alt_Boot Mirror vg00
c4t9d0
8680 0/4/0/0.9.0
_(free)_ ______ __
c5t12d0
8680 0/7/0/0.12.0
_(free)_ ______ __
c5t13d0
8680 0/7/0/0.13.0
_(free)_ ______ __
_________________________________________________________________
Confirm selection of device "<device name>"
...................................................................................................................................................................................................
At the following set of prompts, enter y to confirm the selection of the alternate device
from which to boot:
Confirm selection of device <device name>.
Press [y] for yes, [n] for no or [q] to quit, then press [Enter] y
Result: The tool displays output that is similar to the following. Extraneous lines have
been deleted for ease of reading/use.

NOTE:
Updating of LVM physical volume group information file
NOTE:
Set Logical Vol allocation policy to "PVG-strict" x select Volume
Group
NOTE:
Preparation of Mirroring Volume Group: "vg00"
NOTE:
Mirroring all Logical Volume of Volume Group: "vg00"
=><date/time stamp>
....... Mirroring Logical Volume:"/dev/vg00/lvol1",
....................................................................................................................................................................................................................................
1350 OMS
5-45
....................................................................................................................................................................................................................................
with Allocation policy "contiguous"

...
=><date/time stamp>
....... Mirroring Logical Volume:"/dev/vg00/lvol10"
NOTE:
Check /etc/lvmrc ..... =><date/time stamp>
NOTE:
Set Alternate Boot Hardware Path to disk:"c4t8d0"
=><date/time stamp>
=>END:
OSConf File(s) System Mirroring
Restore Warning and/or Error Messages
...................................................................................................................................................................................................
If you receive any restore warnings or error messages, see Troubleshoot a Restore
(p. 5-15) for details.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
5-46
Mirror Disks
6
Overview
Purpose
This chapter provides the 1350 OMS system administrator with the conceptual
information and the associated tasks that pertain to mirrored disks.
Contents
Mirrored Disk Overview
6-2
Install the Mirror Disk/UX
6-4
Configure Disk Fault Protection with Mirror Disk/UX
6-6
...................................................................................................................................................................................................................................
1350 OMS
6-1
Mirror Disks
....................................................................................................................................................................................................................................

Mirrored Disk purpose
Mirror disks have two main purposes in the 1350 OMS system configuration:
Mirrored disks enable the 1350 OMS to remain operational if a single disk fails.
Mirrored disks enable the 1350 OMS to remain operational if a single disk controller
fails.
Mirrored disk configurations, along with the recommended Alcatel-Lucent software and
hardware configuration, afford the best high availability protection; therefore, we urge
administrators to follow the recommendations made.
Note: The new HP Integrity servers rx2660 and rx6600 can be equipped with the HP
Smart Array P400. In these configurations, the mirror disk is not required because the HP
S.A. P400 provides RAID 1 protection at the hardware level, providing the same level of
fault tolerance and improving performance.
Mirror disk installation and configuration is still required on the HP9000 and HP Integrity
servers without HP S.A. P400, such as the rx7640.
To determine if your HP Integrity server is equipped with a HP S.A. P400, enter the
following command:
,root,sys # ioscan kdciss
When the HA S.A. P400 is present, a line like this will be shown:
H/W Path
Class
Description
================================================
0/3/0/0/0/0
ext_bus PCIe SAS SmartArray P400 RAID
Controller
Mirrored disk configuration methods
The configuration of fault disk protection with the Mirror Disk/UX can be performed as
part of one of the following methods:
As part of the initial system installation, which automatically executes disk mirroring
for the entire file system.
As part of the system restoration from a full disk backup, which is explained in the
Run the scmirrorfs Tool to Set Up the Mirrored Configuration (p. 5-44) task and in
the Configure Disk Fault Protection with Mirror Disk/UX (p. 6-6) task.
As part of a new disk mirror configuration, which is explained in the Install the
Mirror Disk/UX (p. 6-4) task.
....................................................................................................................................................................................................................................
1350 OMS
6-2
Mirror Disks
....................................................................................................................................................................................................................................
Mirrored disk configuration example
It is critical for administrators to be able to identify the hard disks that are present in a
configuration and how they are connected to the system box. This information is hidden
in the disk hardware path. The fist dot (.) in the hardware path distinguishes the
controllers.
In the following example, two different buses are shown: 0/5/1/0/4/1 and 0/5/1/0/4/0.
Each one has three disks connected.
Disks Selection
____________________________________________________________________
Device
MByte Legacy Harware Path Usage
Type
VolGroup
____________________________________________________________________
disk17
140000 0/5/1/0/4/1.2.0
disk18
140000 0/5/1/0/4/1.1.0
_(free)_ ______ _______
disk19
140000 0/5/1/0/4/1.0.0
_(free)_ ______ _______
disk20
140000 0/5/1/0/4/0.2.0
_(free)_ ______ ________
disk21
140000 0/5/1/0/4/0.0.0
_(free)_ ______ _______
disk22
140000 0/5/1/0/4/0.1.0
_(free)_ ______ _______
____________________________________________________________________
The best mirror disk configuration, including controller fault resilience, is as follows:
disk17, disk18 and disk19 as Main units.
disk20, disk21 and disk22 as Copy units.
....................................................................................................................................................................................................................................
1350 OMS
6-3
Mirror Disks
....................................................................................................................................................................................................................................

When to use
Use this task to install the Mirror Disk/UX software.

Important! Mirror Disk/UX is usually installed by Alcatel-Lucent installation tools,
along with the HP-UX operating system; however, if you must install Mirror Disk/UX,
use this task.
Related information
Mirrored Disk Overview (p. 6-2)
Before you begin
Because the Mirror Disk/UX is HP Software, verify that the proper use license is
available. In addition, know the name of the source device (the DVD/CD-ROM).
This procedure gives you the choice of installing the software now or postponing the
installation. Note: once you start this procedure, you can continue to install the software
at the current time or you can postpone the installation of the software; however, you
cannot cancel the installation of the software.
The Mirror Disk/UX installation forces a system reboot.
Task
Complete the following steps to install the Mirror Disk/UX software.

...................................................................................................................................................................................................
Log in to the system in which the Mirror Disk/UX software is to be installed as root.
...................................................................................................................................................................................................
Enter the following command to initialize the installation and press Enter:
..,sys, root #
/SCINSTALL/etc/scinstall3PP MIRROR [Enter]
Result: The installation is initialized and the software prompts you to select the
software source.
...................................................................................................................................................................................................
When the software prompts you to select the source as CD/DVD or depot, choose 1,
which is DVD/CD-ROM, and press Enter:
--------------- LAYERED PRODUCTS Repository -------------
....................................................................................................................................................................................................................................
1350 OMS
6-4
Mirror Disks
....................................................................................................................................................................................................................................
1 - DVD/CDRom
2 - DEPOT
q - quit
Insert choice and press [Enter]:
Result: The software prompts you to confirm the source device.

...................................................................................................................................................................................................
When the software prompts you to confirm the source device, enter the correct source
device and press Enter, or select the default by pressing Enter.
--- Device selection for LAYERED Products installation
Enter 'q' to Quit or the CD device [def=/dev/dsk/c3t2d0]:
Result: Before the software begins execution and the system is rebooted, the software
outputs a display similar to the following that gives you a final chance to postpone,
but NOT TO STOP, the installation:
**************************************************************
ATTENTION
Installation require shutdown and reboot
Applications is better already stopped before start installation
************************************************************
Do you want execute installation NOW?:
Press [y] for yes or [n] for no, then press [Enter]
...................................................................................................................................................................................................
When the software prompts you to execute the installation, answer y to start the
installation now or n to postpone, but not stop, the installation:
Press [y] for yes or [n] for no, then press [Enter] y/n [Enter]
Result: If you answered y, to start the installation, the reboot begins.
If you answered n to postpone the installation, resume the installation at a later time
and go to Step 6.
...................................................................................................................................................................................................
If you have postponed the installation, enter the following command line when you are
ready to resume the installation:
...,sys,root #
/SCINSTALL/SCINSTALL start [Enter]
Result: The scinstall installation is restarted.

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
6-5
Mirror Disks
....................................................................................................................................................................................................................................

When to use
Use this task to configure disk fault protection with Mirror Disk/UX after a full disk
backup or if the mirror configuration was skipped for any reason at installation time.
Related information
Mirrored Disk Overview (p. 6-2)
Before you begin
This task requires the following conditions to be met for a mirror disk configuration:
The HP Mirror Disk/UX is authorized and is installed on the system.

The number of available hard disks are sufficient to create a copy of the entire file
system.
After the mirror disk configuration is set up, any file system that belongs to the mirror
group volume is then mirrored.
Task
Complete the following steps to configure disk fault protection with Mirror Disk/UX
after a full disk backup or if the mirror configuration was skipped for any reason at
installation time.
...................................................................................................................................................................................................
Log in to the system in which the alternate boot disk is to be specified as root.
...................................................................................................................................................................................................
Enter the following command to initialize the tool and press Enter:
..,sys, root # scmirrorfs [Enter]
Result: The installation is initialized and the software prompts you to select the
alternate boot device:

____________________________________________________________________
Disks Selection
Mirroring need Alternate Boot disk on Volume Group:"vg00"
____________________________________________________________________
Device MByte Hardware Path
Usage
Type
VolGroup
___________________________________________________________________
c1t2d0
8680 0/0/1/1.2.0
....................................................................................................................................................................................................................................
1350 OMS
6-6
Mirror Disks
....................................................................................................................................................................................................................................
c2t2d0
8680 0/0/2/0.2.0
__Data__ _Main_ vg00D
c4t8d0
8680 0/4/0/0.8.0
_(free)_ ______ ________
D c4t9d0
8680 0/4/0/0.9.0
_(free)_ ______ ________
c5t12d0
8680 0/7/0/0.12.0
_(free)_ ______ ________
c5t13d0
8680 0/7/0/0.13.0
_(free)_ ______ ________
____________________________________________________________________
Select Alternate BOOT dev name or [q] to quit:
...................................................................................................................................................................................................
When the tool prompts you, enter the name of the alternate boot device:
Select Alternate BOOT dev name or [q] to quit:
<name of the alternate boot device>
Important! Refer to Mirrored disk configuration example (p. 6-3) for the naming
conventions and pairing details.

Result: When the amount of disk space requested is reached, the tool displays output
that is similar to the following:

NOTE: Updating of LVM physical volume group information file
NOTE: Set Logical Vol allocation policy = "PVG-strict" on Active Volume Group
NOTE: Preparation of Mirroring Volume Group: "vg00"
NOTE: Mirroring all Logical Volume of Volume Group: "vg00"
=><date/time stamp>
....... Mirroring Logical Volume:"/dev/vg00/lvol1",
with Allocation policy "contiguous"
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
6-7
Mirror Disks
....................................................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
6-8
Network Depot
7
Overview
Purpose
information and the associated tasks that pertain to the management of the Network
Depot.
Contents
Network Depot Overview
7-2
Run scbuilddepot to Create or Update the Platform Software Depot
7-4
Add Software to the Platform Software Depot
7-7
Create the Application Software Depot
7-8
Edit the .rhosts file to Authorize Access to the Application Software Depot
7-10
...................................................................................................................................................................................................................................
1350 OMS
7-1
Network Depot
....................................................................................................................................................................................................................................

Network Depot purpose
The Network Depot tool enables the administrator to create a depot, or a reserved area
where software can be stored.
Network Depot applications
The Network Depot for the 1350 OMS is the repository for the following types of
software:
platform software, which is housed in the Platform software depot (p. 7-2).
application software, which is housed in the Application software depot (p. 7-2)
Platform software depot
After the installation of the HP-UX11i operating system, the administrator can use the
scbuilddepot tool to create the platform software depot by reserving 8 GBytes or more
of space on the machine in which MW_OS is installed. This reserved space can house all
of the software that has been included on the CD-ROM. The creation of the platform
software depot enables the administrator to perform the remainder of the platform
software installation in an unattended mode.
The following tasks are related to the platform software depot:
Run scbuilddepot to Create or Update the Platform Software Depot (p. 7-4)
Add Software to the Platform Software Depot (p. 7-7)
Application software depot
The application software depot is used to house the 1350 OMS application software,
which consists of the MW-INT and all of the 1350 OMS components and feature
packages.
The following table lists the disk space that is required for these packages to swap and
install the packages. The values are specified in Megabytes.
Disk Requirements for the 1350 OMS Application Software
1350 OMSComponent/Package/Feature
MBytes Required for the Depot
1350 OMS EML (EML)
3300
1350 OMS eOMS (eOMS)
850
MW_INT
700
1350 OMS PKT (PKT)
200
1350 OMS SDH
450
....................................................................................................................................................................................................................................
1350 OMS
7-2
Network Depot
....................................................................................................................................................................................................................................
Disk Requirements for the 1350 OMS Application Software

1350 OMSComponent/Package/Feature
Total
MBytes Required for the Depot

5500
The following tasks are related to the applications software depot:
Create the Application Software Depot (p. 7-8)
Edit the .rhosts file to Authorize Access to the Application Software Depot (p. 7-10)
....................................................................................................................................................................................................................................
1350 OMS
7-3
Network Depot
Run scbuilddepot to Create or Update the Platform

Software Depot
....................................................................................................................................................................................................................................
Run scbuilddepot to Create or Update the Platform Software

Depot
When to use
Use this task to run the scbuilddepot tool to create or update the platform software depot.
Related information
Platform software depot (p. 7-2)
Before you begin
To create a platform software depot, you need 8.6 GBytes of free space on an appropriate
hard disk.
Task
Complete the following steps to run scbuilddepot tool to create the platform software
depot.
...................................................................................................................................................................................................
Log in to the system in which the MW_OS software is installed as root.

...................................................................................................................................................................................................
Enter the following command to run the scbuilddepot tool and press Enter:
...,sys,root # scbuilddepot [Enter]
===================================================================
MW_OS Depot Builder
===================================================================
The depot copy requires 8.6 Gbytes extra space on disks
* Do you have enough space available [Y/N] :
...................................................................................................................................................................................................
When the tool prompts you about the space available, answer Y for yes:
The depot copy requires 8.6 Gbytes extra space on disks
* Do you have enough space available [Y/N] Y
....................................................................................................................................................................................................................................
1350 OMS
7-4
Network Depot

Software Depot
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
At the following prompt, enter the source media, which is the CD-ROM, or press Enter
for the default device that is displayed, which is the CD-ROM that was used to install
HP-UX:
* Enter the CDROM device [ /dev/dsk/c1t2d0 ] : Enter
Result: The tool outputs a display that is similar to the following to indicate that it is
checking/extending the directory for the creation of the depot:

NOTE: Checking/Extending /<directory> for depot creation
If the current size of the partition mounted at /<directory> is not large enough, new
disk resources are required until the requested size is reached. The tool outputs a
display that is similar to the following
Analyze Mount Point:"/<directory>"
Request free MegaByte(s): 1950
Evaluate size MegaByte(s): 4128
Hardware detection in progress, please wait ........
Total disk(s) found = 4
Total CDRoms found = 1
...................................................................................................................................................................................................
If additional/new disk resources are required, press the Enter key at the following
prompt:
Press [Enter] to continue... Enter
Result: The tool outputs a display that is similar to the following, which shows you
the amount of free space on each particular device:

Mount Point need 1536MB on /dev/vg00 (PVG0)
__________________________________________________________________
Disks Selection
Mount Point: /<directory>
____________________________________________________________________
Device
MByte Hardware Path
Usage
Type
VolGroup
____________________________________________________________________
c0t5d0
4088 8/12.5.0
c0t6d0
2048 8/12.6.0
__Data__ _Main_ vg00
c1t4d0
2048 8/16/5.4.0
_(free)_ ______ _____
c1t5d0
2048 8/16/5.5.0
_(free)_ ______ _____
___________________________________________________________________
Select Data Area (Main instance) dev name or [q] to quit:
...................................................................................................................................................................................................
At the following prompt, enter the name of the device to be used for the depot:
Select Data Area (Main instance) dev name or [q] to quit:
....................................................................................................................................................................................................................................
1350 OMS
7-5
Network Depot

Software Depot
....................................................................................................................................................................................................................................
Example:
Select Data Area (Main instance) dev name or [q] to quit: c1t4d0
...................................................................................................................................................................................................
When the file system mounted at /<directory> is large enough to house the depot, the
tool prompts you to specify the first disk of the set:
* Please insert CD SWP-OSCONF-V7.1.0 - 1/4 into the drive
press [Enter] when ready
and
Insert the specified CD-ROM.

Press Enter when the LED on the CD-ROM stops blinking.
...................................................................................................................................................................................................
When the tool once again prompts you for the next CD-ROM in the set, replace the
current CD-ROM in the drive with the specified one.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
7-6
Network Depot
....................................................................................................................................................................................................................................

When to use
Use this task to add the following software to the Platform Software Depot:
OSCONF Engine
3PP description
NMS description
Related information
Platform software depot (p. 7-2)
Before you begin

Task
Complete the following steps to add the software to the Platform Software Depot.
...................................................................................................................................................................................................
Insert SWP-1350OMS-MW_OS-V9.5.@@@ DVD in the drive.

...................................................................................................................................................................................................
Enter the following command line to mount the device and press Enter:
...,sys,root # mount -o rr /dev/dsk/<device name>/SD_CDROM [Enter]
...................................................................................................................................................................................................
Enter the following command lines to copy the software package and press Enter to
execute each command line:
...,sys,root # swcopy -x enforce_dependencies=false / [Enter]
-s /SD_CDROM 1350OMS-MW_OS @/<directory>/SCDEPOT [Enter]
...................................................................................................................................................................................................
Enter the following command to dismount the CD-ROM:

...,sys,root # umount /SD_CDROM [Enter]
...................................................................................................................................................................................................
Remove the CD-ROM from the drive.

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
7-7
Network Depot
....................................................................................................................................................................................................................................

When to use
Use this task to create the application software depot.

Related information
Application software depot (p. 7-2)
Before you begin
This task must be completed on the depot machine, which preferably should be a machine
in the network. The machine can be the same machine that you are installing, if you have
sufficient free disk space. Refer to the table in Application software depot (p. 7-2) to
determine how much space, in Megabytes, each software component or feature requires.
Repeat Step 4 to the end of this task for each CD-ROM that contains software that must
be installed.
Task
Complete the following steps to create the application software depot.

...................................................................................................................................................................................................
Log in to an Alcatel-Lucent depot machine as root.

...................................................................................................................................................................................................
Enter the following command to extend the /alcatel directory to allow the storage of the
application software and press Enter:
...,sys,root # scextendfs /alcatel/DEPOT <required disk size>
[Enter]
...................................................................................................................................................................................................
Enter the following command to change directories to the depot directory and press
Enter:
...,sys,root # cd /alcatel/DEPOT [Enter]
Result: You are now in the /alcatel/DEPOT directory.
...................................................................................................................................................................................................
Insert the CD-ROM into the drive.
....................................................................................................................................................................................................................................
1350 OMS
7-8
Network Depot
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the following command to check the CD-ROM type and press Enter:
...,sys,root # fstyp /dev/dsk/ [Enter]
...................................................................................................................................................................................................
Depending on whether the CD-ROM is a cdfs or hfs, use one of the following to mount
the CD at the /SD_CDROM directory:
If the CD-ROM type in the previous step is a cdfs, enter the following command and
press Enter:
...,sys,root # mount -o rr /dev/dsk/<cdrom device file> /SD_
CDROM [Enter]
If the CD-ROM type in the previous step is a hfs, enter the following command and press
Enter:
...,sys,root # mount -r /dev/dsk/<cdrom device file> /SD_CDROM
[Enter]
...................................................................................................................................................................................................
Enter the following command to copy the entire contents of the CD-ROM to the
/alcatel/DEPOT directory and press Enter:
...,sys,root # cp -p /SD_CDROM/* /alcatel/DEPOT [Enter]
...................................................................................................................................................................................................
Enter the following command to unmount the CD-ROM and press Enter:
...,sys,root # umount /SD_CDROM [Enter]
...................................................................................................................................................................................................
Remove the CD-ROM from the drive.

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
7-9
Network Depot
Edit the .rhosts file to Authorize Access to the Application

Software Depot
....................................................................................................................................................................................................................................

Software Depot
When to use
Use this task to edit the .rhosts file to authorize access to the Application Software
Depot.
Related information
Application software depot (p. 7-2)
Before you begin
To retrieve the files for the 1350 OMS application software packages from the depot
machine, the access to these files must be granted to all root users of all machines that
must be installed. To authorize root access, temporarily add the hostname, followed by
the string root to the .rhosts file for each machine involved.
For example, if there were three machines, called hosta, hostb, and hostc (the depot
machine), you would have to install these three systems including the depot machine
(hostc).
All hosts that are defined in the .rhosts file, must also be defined in the /etc/hosts file.
Task
Complete the following steps to edit the .rhosts file to authorize access to the Application
Software Depot.
...................................................................................................................................................................................................
Log in to the machine in which the .rhost file resides.

...................................................................................................................................................................................................
Use the vi editor to access the .rhosts file and add the following lines:
hosta root
hostb root
hostc root
Save the changes that you have made to the file.

...................................................................................................................................................................................................
Specify these same hosts, in the same manner, the /etc/hosts file.
....................................................................................................................................................................................................................................
1350 OMS
7-10
Network Depot

Software Depot
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
At the end of the installation, use the vi editor to access the .rhosts file and delete the
following lines:
hosta root
hostb root
hostc root
Save the changes that you have made to the file.

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
7-11
Network Depot

Software Depot
....................................................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
7-12
General Operations
8
Overview
Purpose
This chapter contains conceptual information and the related tasks that are needed for the
basic operation of the 1350 OMS.
Contents
Restart the HP Servers
8-2
8-5
Eject a CD-ROM
8-7
...................................................................................................................................................................................................................................
1350 OMS
8-1
General Operations
....................................................................................................................................................................................................................................

When to use
Use this task to restart the HP servers periodically. For 1350 OMS HA configurations,
use this task on the standby nodes only.
Related information

Before you begin

Task
Note: Important ! For any restart situation, do not use the reboot command.
...................................................................................................................................................................................................
From the machine on which the application is running, log in as alcatel.

...................................................................................................................................................................................................
Stop the applications using the PMC application. Select the applications on the PMC
window; and from the popup menu, select the command Stop, as shown in figure
....................................................................................................................................................................................................................................
1350 OMS
8-2
General Operations
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
When these operations are completed, log in as root.

...................................................................................................................................................................................................
On the CDE front panel, press the terminal icon to start a Unix terminal application.
Execute the command su -root
Stop the Kernel Services using the following command:
...,sys,root # /alu/Kernel/script/KernelServices stop [Enter]
...................................................................................................................................................................................................
Enter the following command to change directories:
....................................................................................................................................................................................................................................
1350 OMS
8-3
General Operations
....................................................................................................................................................................................................................................
cd /
...................................................................................................................................................................................................
Enter the following command to reboot or stop the HP servers gracefully:

shutdown -r now
or
shutdown -h now
The command is shutdown -h if you want to stop the system completely or

shutdown -r if you want to stop the system and restart it.
Note: If you are connected to the server, the shutdown command outputs the
following message:
SHUTDOWN PROGRAM
<date/time stamp> METDST
Do you want to send your own message? (You must respond with
'y' or 'n'.):
Answer n to the question.

...................................................................................................................................................................................................
When the system is restarted, press the terminal icon to start a UNIX terminal application.
Execute the command su -root to login as root user.
...................................................................................................................................................................................................
Enter the following command to start the Kernel Services:

...,sys,root # /alu/Kernel/script/KernelServices start [Enter]
...................................................................................................................................................................................................
As the alcatel user, start the applications using the PMC application. Select the
applications on the PMC window and from the popup menu, select the command Start.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
8-4
General Operations
....................................................................................................................................................................................................................................

When to use
Use this procedure to decompress a compressed .gz file.

Related information

Before you begin
This task offers you two ways to decompress a file: to decompress the file and to write it
to standard output, which is shown in Step 3, or to decompress a file and to redirect the
output to another file, which is shown in Step 4.
Task
Use this task to decompress a compressed .gz file.

...................................................................................................................................................................................................
From the machine on which the 1350 OMS application is running, log into the
application.
...................................................................................................................................................................................................
To decompress a file and to write it to standard output, go to Step 3.

To decompress a file and to redirect the output to another file, go to Step 4.
...................................................................................................................................................................................................
Enter the following command to decompress a file to standard output:

/usr/contrib/bin/gunzip -c <file to be compressed.gz>
Result: The file that you specified as <file to be compressed.gz> is
decompressed to standard output. You have completed this task.

...................................................................................................................................................................................................
Enter the following command to decompress a file and to redirect the output to another
file:
/usr/contrib/bin/gunzip -c <file to be compressed.gz> > <output
directory/output file>
Example:
/usr/contrib/bin/gunzip -c /tmp/alarm.log.gz > tmp/alarm.log
....................................................................................................................................................................................................................................
1350 OMS
8-5
General Operations
....................................................................................................................................................................................................................................
Result: The file that you specified is decompressed and its output is redirected to the
file specified.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
8-6
General Operations
Eject a CD-ROM
....................................................................................................................................................................................................................................
Eject a CD-ROM
When to use
Use this task to eject a CD-ROM when the CD-ROM does not get ejected as expected.
Related information

Before you begin

Task
Use this task to eject a CD-ROM when the CD-ROM does not get ejected as expected.
...................................................................................................................................................................................................
From the machine on which the 1350 OMS application is running, log in as root.
...................................................................................................................................................................................................
Enter the following command to change directories to the highest level:

cd /
Result: The directory is changed to the highest level directory.
...................................................................................................................................................................................................
Enter the following command lines to facilitate the ejection of the CD-ROM:
fuser -cku /SD_CDROM
umount /SD_CDROM
...................................................................................................................................................................................................
Press the Eject button to retrieve the CD-ROM from the drive.
Result: The CD-ROM is ejected.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
8-7
General Operations
Eject a CD-ROM
....................................................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
8-8
Security
9
Overview
Purpose
information and the associated tasks that pertain to the security of the overall 1350 OMS
network.
Contents
Security Overview
9-3
Security Banners
9-6
Security Profiles
9-8
Web Portal Macro Functions and Default User Profiles
9-11
9-12
Session Management Macro Functions and Default User Profiles
9-13
Alarm and FM Related Macro Functions and Default User Profiles
9-14
User Management Macro Functions and Default User Profiles
9-16
SMF Macro Functions and Default User Profiles
9-17
Audit and Log Files
9-20
Sample security.parms File
9-24
9-26
Prepare to Set Up Security
9-36
Set Up Security with Any Profile
9-38
Change a Manufacturer's Default Passwords
9-40
Verify and Kill Processes
9-42
Remove Security
9-44
...................................................................................................................................................................................................................................
1350 OMS
9-1
Security
Overview
....................................................................................................................................................................................................................................
9-46
Troubleshoot and Fix /etc/passwd File Problems
9-47
Authorize Access to the Depot Machine
9-49
....................................................................................................................................................................................................................................
1350 OMS
9-2
Security
Security Overview
....................................................................................................................................................................................................................................
Security Overview
Security requirements
To guarantee the most secure system possible and to reduce the risk of security breaches,
1350 OMS sets up an HP Trusted System configuration and hardens the system with the
HP-UX Bastille Security Hardening Tool.
This security platform is based on user authentication, which is based on the following:
The system identifies each user with a user identifier, or a UID.
The system grants access to the system through the use of a password.
Security software requirements
The software that the 1350 OMS relies on and the software that is required for the
security set-up procedure is summarized in the following table:
1350 OMS Required Security Software
Description
Product
HP-UX Bastille Security Hardening Tool
B6849AA
HP-UX Secure Shell
T1471Aa
Superuser DO
ixSUDO
Logs rotate Tool
logrotate
Security configuration tool functional overview
Before using the 1350 OMS security configuration tool, scsecurity, the security must be
properly set up to enable the correct access to the system.
When, the tool initiates the security setup a display similar to the following is output:
Created Security Profile for Users
NOTE:
For the active users the security profile setting
will be enabled at the next login.
Executing XDMCP Configuration
Executing FTP Configuration
Executing FTP Banner Configuration
NOTE:
"ftp banner file" has been created: /etc/ftpd/ftp_banner
Please, review/replace the contents of this file
to apply more specifically to your organization.
Converting to a Trusted System ...
System successfully converted to a Trusted System.
Setting Security Defaults
NOTE:
Entering Critical Code Execution.
....................................................................................................................................................................................................................................
1350 OMS
9-3
Security
Security Overview
....................................................................................................................................................................................................................................
Bastille has disabled keyboard interrupts.

NOTE:
Bastille is scanning the system configuration...
Bastille is now locking down your system in accordance with your
answers in the "config" file. Please be patient as some modules
may take a number of minutes, depending on the speed of your machine.
NOTE:
Executing File Permissions Specific Configuration
NOTE:
Executing Daemon Specific Configuration
NOTE:
Executing Account Security Specific Configuration
NOTE:
Executing Inetd Specific Configuration
NOTE:
Executing Sendmail Specific Configuration
NOTE:
Executing DNS Specific Configuration
NOTE:
Executing Apache Specific Configuration
NOTE:
Executing Printing Specific Configuration
NOTE:
Executing FTP Specific Configuration
NOTE:
Executing HP-UX's Security Patch Check Configuration
NOTE:
Executing HP-UX Specific Configuration
NOTE:
Executing IPFilter Configuration"
Disabled cimserver
Disabled hpsmh
Admin Tools have been disabled.
Please check
/var/opt/sec_mgmt/bastille/TODO.txt
for further instructions on how to secure your system.
The tool continues to display output that is similar to the following regarding the Login
Banner Configuration:
Executing Login Banners Configuration
NOTE: "issue login message file" exists: /etc/issue
Please, review its contents adding an "Authorized Use Only"
warning message.
NOTE: "message of the day file" has been created: /etc/motd
warning: commands will be executed using /usr/bin/sh
Updating Password Settings
The network access via SSH has been disabled for root
<date/time stamp>
PAM configured with Default Goglobal root access disable
The network access via GOGLOBAL has been disabled for root.
Disabled cimserver
Disabled hpsmh
Admin Tools have been disabled.
For the trusted-advanced profile, the tool displays output that is similar to the following
regarding the accounting and audit configuration:
Executing Accounting Configuration
Accounting started
Executing Auditing Configuration
....................................................................................................................................................................................................................................
1350 OMS
9-4
Security
Security Overview
....................................................................................................................................................................................................................................
The tool concludes its display with output that is similar to the following that is intended
to call the administrator's attention to when scsecurity should be rerun and a note about
scsecurity revert.
ATTENTION: 'scsecurity' should be rerun whenever new software, OS revisions or
patches are installed.
It should also be rerun any time customizations are made that might
loosen security.
NOTE:
Running 'scsecurity revert' will revert the security changes, but it
may not revert changes made in the interim (manually or by
programs).
In case of differences a copy of the modified files will be kept
so that you can compare them.
.
Security administration user and user groups
The security set up requires/creates the following items:
The security administrator user (security)
Two user groups, whiich are as follows:

The security group for the security administrator (security)
Specific security group for ftp guest users (ftpscoss)
The user ID (UID) and group ID (GID) for these users and groups is defined in advance,
and must agree with the following UIDs and GIDs that have been defined for the 1350
OMS environment:
1350 OMS Security User
User Name
security
UID
199
1350 OMS Group User

Group Name
GID
security
199
ftpscoss*
198
* The user who belongs to the ftp-only group is managed as an ftp guest.
....................................................................................................................................................................................................................................
1350 OMS
9-5
Security
Security Banners
....................................................................................................................................................................................................................................
Security Banners
About security banners and scsecurity
The 1350 OMS security sets up temporary banners pages that are displayed at login time
for both the shell and ftp access. Administrators must customize these two banner pages
with the appropriate information to represent their company and/or their use.
Security banner locations
The displayed banners are stored in the following locations:
The banner that is displayed after the login from the shell is stored in /etc/motd file.
The banner that is displayed on a new terminal is stored in the /etc/issue file.
The banner that is displayed for ftp access is stored in the /etc/ftpd/ftp_banner file.
Banner functional requirements
If the banner file is not present, scsecurity creates it. (It is disabled if scsecurity is
reverted.) Output similar to the following is displayed:
NOTE:
"message of the day file" has been created: /etc/motd

If the banner file does exist, scsecurity does not make any changes. Output similar to the
following is displayed:
NOTE:
"issue login message file" exists: /etc/issue

Please, review its contents adding an "Authorized Use Only"
warning message.
At revert time, scsecurity advises you to remove your customization. Output similar to
the following is displayed:
NOTE:
"issue login message file" was not managed by security: /etc/issue

If you added as suggested an "Authorized Use Only" warning message,
please remove the message.
Security banner template
The banner template that is used to define the banner files contains the following text:
*******************************************************************
NOTICE TO USERS
This computer system is the private property of <COMPANY NAME> whether
individual, corporate or government. It is for authorized use only.
Users (authorized or unauthorized) have no explicit or implicit
expectation of privacy.
....................................................................................................................................................................................................................................
1350 OMS
9-6
Security
Security Banners
....................................................................................................................................................................................................................................
Any or all uses of this system and all files on this system may be
intercepted, monitored, recorded, copied, audited, inspected, and
disclosed to your employer, to authorized site, government, and law
enforcement personnel, as well as authorized officials of government
agencies, both domestic and foreign.
By using this system, the user consents to such interception, monitoring,
recording, copying, auditing, inspection, and disclosure at the
discretion of such personnel or officials. Unauthorized or improper use
of this system may result in civil and criminal penalties and
administrative or disciplinary action, as appropriate. By continuing to
use this system you indicate your awareness of and consent to these terms
and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the
conditions stated in this warning.
********************************************************************
If a revert of scsecurity occurs...

Important! The banner files, including any customized banner files, that scsecurity
creates are saved if a security revert occurs. They can be reused for the next security
activation.
....................................................................................................................................................................................................................................
1350 OMS
9-7
Security
Security Profiles
....................................................................................................................................................................................................................................
Security Profiles
Security profile types
Prior to setting up the security, administrators must select one of the following security
profiles:
one profile named trusted-base

one profile named trusted-advanced
Security profile features
Both the trusted-base and the trusted-advanced profiles set up the HP Trusted System and
remove useless network services; however, differences among the profiles do exist. Refer
to the following table:
Security Profile Features
Feature
trusted-base
trusted-advanced
HP Trusted System Set-up
Shell login banner
ftp login banner
Disable un-used network services*
Disable remote commands*
Disable telnet*
Deactivate NFS*
Deactivate NIS
Disable sendmail daemon*
Predispose sendmail execution

through cron*
Disable ftp real user access
Create Audit log file systems
Create security user
Enable rotation on system log files
Configure Audit
Disable XDMCP external access
Disable root login from anywhere

other than system console*
....................................................................................................................................................................................................................................
1350 OMS
9-8
Security
Security Profiles
....................................................................................................................................................................................................................................
Security Profile Features

Feature
trusted-base
trusted-advanced
Allow only root to use crontab and at

commands*
Prevert execution on commands

traceroute and whois*
*These restrictions are preconfigured on the system at the installation time. Both the
security profiles check if the system configuration is complete and re-apply the restriction
if necessary.
Access to the secure host
When security is activated on the host, the following guidelines apply:
The telnet command is no longer available. The ssh (secure shell) must be used.
The r (remote) commands (such as rlogin and rcp) are disabled; therefore, the ssh
(secure shell) must be used for connections and scp (secure copy) must be used to
copy files.
Secure Shell software is installed on all secure 1350 OMS systems; refer to the ssh and
scpman pages for more information.
Security user-allowed commands
With the trusted-advanced profiles, a special user is automatically created. This special
user can manage other users with root user exception. In addition, this special user can
use the commands that are listed in the following table to change the Trusted System
password database; however, any changes that are made with these commands are lost
during an iteration ofscsecurity revert.
Security User Commands
Command
Description and Use
getprpw
Displays the user's protected password database settings.
modprpw
Modifies the protected password database.

Updates the user's protected password database settings.
This command is only available to the superuser in a Trusted
System.
passwd
Changes/Modifies the login password and associated attributes

with the login name. If the name is omitted, it defaults to
invoking the user's login name.
....................................................................................................................................................................................................................................
1350 OMS
9-9
Security
Security Profiles
....................................................................................................................................................................................................................................
Security and restrictions on High Availability configurations
For High Availability configurations that rely on the OS-Cluster or OS-Resilience,

security for the 1350 OMS must be set up with the same profile on every system. The
different storage methods for passwords can cause serious problems when the security
environments are not exactly aligned.
....................................................................................................................................................................................................................................
1350 OMS
9-10
Security
....................................................................................................................................................................................................................................

File
Web Portal - File
is Allowed
File
Administrator
Constructor
Exit
Change
Password
Check CA
Certificate
Save
Preferences ...
Logout ...
Operator
Viewer
Actions
Web Portal - Actions
is Allowed
Actions
Administrator
Constructor
Operator
Viewer
Launch application
Raise up application
Stop application
Add toolbar
Remove from toolbar
Open folder
Expand folders
Collapse folders
SEC
Security (SEC) Database Management is only allowed for users who have an
Administrator profile.
....................................................................................................................................................................................................................................
1350 OMS
9-11
Security
....................................................................................................................................................................................................................................

Actions
PMC Actions
is Allowed
Actions
Administrator
Exit
Start Selected Item
Stop Selected Item
Set Run Level
Constructor
Operator
Viewer
Synchronize
View
PMC View
is Allowed
View
Administrator
Constructor
Operator
Viewer
Info
Selected Agent Trace
PMC2 Log
Local Configuration
File
Agent Configuration
File
Configuration
PMC Configuration
is Allowed
Configuration
Set Threshold
Administrator
Constructor
Operator
Viewer
....................................................................................................................................................................................................................................
1350 OMS
9-12
Security
Session Management Macro Functions and Default User

Profiles
....................................................................................................................................................................................................................................
Session Management Macro Functions and Default User

Profiles
Actions
Session Administration - Actions
is Allowed
Actions
Administrator
Send a Message
Force Log out
Purge Closed Sessions
Clear table selection
Refresh Table
Constructor
Operator
Viewer
File
Session Management - File
is Allowed
File
Administrator
Duplicate Window
Save Preferences
Show Task Control
Show Common Messages
Stop Application
Close
Exit
Constructor
Operator
Viewer
....................................................................................................................................................................................................................................
1350 OMS
9-13
Security
Alarm and FM Related Macro Functions and Default User

Profiles
....................................................................................................................................................................................................................................

Profiles
Fault
Fault
is Allowed
Users
Administrator
Constructor
Operator
Viewer
Current Alarms
Historical Alarms
Alarm Surveillance Current Alarms

Alarm Surveillance - Current Alarms
is Allowed
Current Alarms
Administrator
Modify Filters
Administration
Synchronization
Constructor
Operator
Viewer
Reserve Alarm
Acknowledge Alarm
Archive Alarm Manually
Manual Purge
Manual Clear
Request Trouble Ticket

Creation
Export Alarm
Information
Get More Alarm

Information
Navigation > Historical

Alarm USM
Navigation > Topology

Manager
Navigation > External

Application
....................................................................................................................................................................................................................................
1350 OMS
9-14
Security

Profiles
....................................................................................................................................................................................................................................
Alarm Surveillance Historical Alarms

Alarm Surveillance - Historical Alarms
is Allowed
Historical Alarms
Administrator
Constructor
Operator
Viewer
Export Alarm
Information
Get More Alarm

Information
Retrieve Public Archive
Retrieve from user file
Remove user file
Navigation > Current

USM
Navigation > External

Application
....................................................................................................................................................................................................................................
1350 OMS
9-15
Security
....................................................................................................................................................................................................................................

User Management
User Management - user management
is Allowed
User Management
Administrator
Create User
Remove User
Find User
Search User ...
Import ...
Export ...
Refresh Contexts
Constructor
Operator
Viewer
System Management
User Management - System Management
is Allowed
System Management
Administrator
Lock/Unlock Database
Shut down hard
Shut down soft
Save preferences
Constructor
Operator
Viewer
Operator
Viewer
Navigation
User Management - Navigation
is Allowed
Navigation
Navigation to ACI
Administrator
Constructor
....................................................................................................................................................................................................................................
1350 OMS
9-16
Security
....................................................................................................................................................................................................................................

Log Management
Log Management - Log File
is Allowed
Log File
Administrator
Constructor
Operator
Log File Info
Log Record
Print
Log File Archive
Log File Delete
Viewer
Log Management - Log Record

is Allowed
Log Recprd
Administrator
Constructor
Operator
Log Record
Filter
Log Record
Update
Log Record Info
Viewer
Trace Management
Trace Management - processes
is Allowed
processes
Edit Trace Level
Administrator
Constructor
Operator
Viewer
Operator
Viewer
Trace File - Trace File

is Allowed
Trace File
Administrator
Constructor
Static View
Dynamic View
Reset View
....................................................................................................................................................................................................................................
1350 OMS
9-17
Security
....................................................................................................................................................................................................................................
Failure Management
FM - Workstation
is Allowed
Workstation
Do a Snapshot
Administrator
Constructor
Operator
Viewer
Operator
Viewer
Operator
Viewer
FM - OS Snapshot
is Allowed
OS Snapshot
Administrator
Constructor
Save Tape
Lock
Unlock
Delete
FM - Options
is Allowed
Options
Set Max
Number of
Snapshots
Administrator
Constructor
Scheduler Management
Scheduler Management - plan
is Allowed
plan
Administrator
New
Edit
Validate
Stop
Delete
Constructor
Operator
Viewer
....................................................................................................................................................................................................................................
1350 OMS
9-18
Security
....................................................................................................................................................................................................................................
Backup Management
Backup Management - job
is Allowed
Job
Administrator
New
Edit
Remove from list
Run
Constructor
Operator
Viewer
Operator
Viewer
Restore Management
Restore Management - load
is Allowed
load
Administrator
Constructor
All
Disk
Tape
Cleanup Management
Cleanup Management - Cleanup
is Allowed
Cleanup
Administrator
Constructor
Operator
Details
Clean
Viewer
....................................................................................................................................................................................................................................
1350 OMS
9-19
Security
Audit and Log Files
....................................................................................................................................................................................................................................
Audit and Log Files

Audit and log files functional overview
When the trusted-advanced security profiles are selected during an iteration of

scsecurity, a set of the following files are created or managed to record relevant system
occurrences:
Audit files (p. 9-20)
Log files (p. 9-21)
On a regular basis, the logrotate tool collects the audit and log files. This tool
periodically verifies the files and moves them from their original location to a dedicated
filesystem on the /.ARCHIVE directory, where the files are compressed, encrypted, and
archived if the option is enabled by ENCRYPT_ARCHIVE security parameter. This process
ensures that the largest amount of data is stored and guarantees a reasonable time between
downloads. Refer to Encryption set up (p. 9-23) for details.
An email list that is available in the WARN_USERS_LIST (p. 9-35) security parameter
should be used to advise the administrator when the data in the ./ARCHIVE file system
exceeds the 80% threshold capacity and when the 90% threshold capacity is crossed.
If the administrator does not move the files to another location or archives the files on
tape before the second threshold is reached, the oldest files are automatically removed to
make space available for the newest files.
Audit files
The 1350 OMS configures the audit system provided in HP-UX to trace security-relevant
system calls and events. (Refer to the audevent HP-UX man page for details.)
The audit records are stored in two specific files that are located in two specific file
systems. Whenever the current file and file system that is in use is full, the system
automatically switches over to the second one. The 1350 OMS monitors this activity
every 5 minutes and saves the data that is stored in the dismissed file into the archive file
system.
The audit files that the HP-UX audit function manages are the following:
/.AUDITING/1/audfile
/.AUDITING/2/audfile
During the initial activation of an trusted-advanced profile, the tool creates the structure
that is used to store the audit files and to produce an output that is similar to the
following:
Executing "Primary Audit log file" File System Configuration
=><date/time stamp>
=>START:
MW_OS Extend/Create File(s) System
....................................................................................................................................................................................................................................
1350 OMS
9-20
Security
Audit and Log Files
....................................................................................................................................................................................................................................
______________________________________________________________________
Analyze Mount Point:"/.AUDITING/1"
Request free: 121 MegaByte(s)
Evaluate size: 128 MegaByte(s)
Create Logical Volume x "/.AUDITING/1"
Extend Mount Point to 128 MByte
Making new file system (vxfs) on Mount Point
Mount /dev/vg00/lvol13 on /.AUDITING/1
Updating /etc/fstab x Mount Point
_____________________________________________________________________
=><date/time stamp>
=>END:
Executing "Secondary Audit log file" File System Configuration
=><date/time stamp>
=>START:
MW_OS Extend/Create File(s)
System______________________________________________________________________
Analyze Mount Point:"/.AUDITING/2"
Create Logical Volume x "/.AUDITING/2"
Extend Mount Point to 128 MByte
Making new file system (vxfs) on Mount Point
Mount /dev/vg00/lvol14 on /.AUDITING/2
Updating /etc/fstab x Mount Point
______________________________________________________________________
=><date/time stamp>
=>END:
When a file is saved in either /.ARCHIVE area, the filename adheres to the following
naming convention:
audfile-<date>-<time>.gz
Example:
audfile-2011_12_10-15:57:49.gz
The /.ARCHIVE file system is automatically created to store more than 10 audit files,
however, when the file system becomes full, the collected audit data is lost.
The current audit file is compressed and moved into the /.ARCHIVE directory each time
the 1350 OMS security reverts to the default HP-UX level through scsecurity revert.
Log files
Some HP-UX system log files are automatically stored in the /.ARCHIVE directory for the
following reasons:
To keep and maintain a long system history

To prevent the abnormal growth of the file
....................................................................................................................................................................................................................................
1350 OMS
9-21
Security
Audit and Log Files
....................................................................................................................................................................................................................................
These log files are compressed and renamed according to the following naming
convention:
<log prefix>-<date>-<time>.gz
Where:
<log prefix> is a unique file prefix that is defined for each log file.
<date> is the date of the move and compression date.
<time> is the time of the move and compression.
gz is the file type extension for gnu zip.
Example:
The /var/adm/cron/log is saved on January 1, 2011 at 15:57:59. In the /.ARCHIVE

directory, the respective log file is called:
cron.log-2011_01_01-15:57:49.gz
Archived Log Files
HP-UX Log File
Prefix
Log file Contains...
Transferred to the
Archive...
/var/adm/wtmp
wtmp
A record of all logins

and logouts in binary
format
Weekly, or when it
becomes greater than
10 Mbytes.
/var/adm/btmp
btmp
Bad login entries, in

binary format, for
each invalid login
attempt
Monthly
/var/adm/syslog/
syslog.log
syslog.log
All messages that are

sent to the UNIX
system log
Weekly; can also be

saved as OLD in case
a system reboot
occurs in the mean
time
/var/adm/syslog/
mail.log
mail.log
Messages issued by
sendmail.
Weekly
/var/adm/cron/log
cron.log
The list of all

commands performed
by the cron daemon
Weekly; can also be

saved as OLD in case
a system reboot
occurs in the mean
time
OLDsyslog.log
OLDcron.log
....................................................................................................................................................................................................................................
1350 OMS
9-22
Security
Audit and Log Files
....................................................................................................................................................................................................................................
Archived Log Files

HP-UX Log File
/var/adm/sulog
Prefix
sulog
Log file Contains...
Transferred to the
Archive...
The timestamp of
each su command
followed by the
username of the
executor and the new
username assumed.
Weekly
Encryption set up
The administrator can change the default security configuration so it archives both the
audit files and log files in encrypted format. To enable this functionality, the administrator
must change the settings of both the ENCRYPT_ARCHIVE (p. 9-29) and
CHANGE_ENCRYPT_PASSWORD (p. 9-28) parameters to YES.
Important! We recommend that the administrator sets the encryption policy for both of
these parameters before the security is activated. It is dangerous to change the encryption
policy after security is activated; and if it must be done, it must be done carefully.
When the ENCRYPT_ARCHIVE and CHANGE_ENCRYPT_PASSWORD parameters
are set to YES, the tool outputs a display that is similar to the following, which requests
the encryption password during the security setup:
Setting Archive Log files Encrypt functionality
Encryption password will be substituted.
Use the previous one to decrypt old saved log files.
Insert the log files encryption password:
Insert again the log files encryption password:
Encryption password defined.
The encrypted audit and log files are then archived with the file extension .gzsec.
Important! After the new setup has been activated, the administrator must remember to
change the setting of the CHANGE_ENCRYPT_PASSWORD parameter to NO;

otherwise, at the next security configuration, the administrator is asked to change the
encryption password.
....................................................................................................................................................................................................................................
1350 OMS
9-23
Security
....................................................................................................................................................................................................................................

Contents of the security.parms file
The following lines display information about the warning and the inactivity timeout:
# NOTE: The variables defined in this file can be configured to
#
best suite your needs, with the restrictions put in
#
evidence using the form "ATTENTION: ...".
#
# YOU CAN MAKE CHANGES UNDER THIS LINE
# Users advised against problems
#
WARN_USERS_LIST="root" ## List of users separated by blank
# Shell Inactivity Timeout
#
SIT=0 ## Shell Inactivity Timeout (seconds) (0=not active)
## Applicable for 'ksh', 'sh' (posix-shell) and 'bash' shell uppercase
The following lines display information about encryption:

# Encrypt Archive
#
# NOTE: TO ACTIVATE THE ENCRYPT FUNCTIONALITY BOTH THE NEXT TWO VARIABLE MUST
BE SET TO "YES",
#
AFTER THE FIRST ACTIVATION YOU CAN AVOID TO BE ASKED FOR THE "ENCRYPTION
PASSWORD CHANGE"
#
SETTING TO "NO" THE VARIABLE CHANGE_ENCRYPT_PASSWORD
# ATTENTION: IF THE VALUE FOR THE ENCRYPT PASSWORD IS DEFINED|CHANGED YOU MUST
REMEMBER IT TO BE
#
ABLE TO DECRYPT THE ENCRYPTED LOG FILES.
ENCRYPT_ARCHIVE="NO"
## Encrypt archive log files:"YES" or "NO"
in uppercase
CHANGE_ENCRYPT_PASSWORD="NO" ## Change encryption password:"YES"
or "NO" in uppercase
The following lines display information about un-trusted systems:

# Parameters for UN-Trusted Systems (SECURITY)
#
PASSWORD_MAXDAYS=180
## Password expiration time interval (days)
#
# ATTENTION: IF THE VALUE OF THE NEXT VARIABLE IS CHANGED YOU SHOULD HAVE
PROBLEMS IN
#
PASSWORD CHANGING. IT IS RECOMMENDED TO KEEP PASSWORD_MINDAYS=0
PASSWORD_MINDAYS=0
## Minimum time interval between password changes
(days)
PASSWORD_WARNDAYS=14
## Password expiration warning time interval (days)
PASSWORD_HISTORY_DEPTH=4
## Password history depth
PASSWORD_MIN_DIGIT_CHARS=1
## Password minimum digit characters
....................................................................................................................................................................................................................................
1350 OMS
9-24
Security
....................................................................................................................................................................................................................................
PASSWORD_MIN_SPECIAL_CHARS=1 ## Password minimum special characters

MIN_PASSWORD_LENGTH=7
## Minimum password length
#
# end of UN-Trusted System parameters
The following lines display information about trusted systems:

# Parameters for Trusted Systems
#
usrpick=YES
## User picks password
syspnpw=NO
## System does not generate pronounceable passwords
rstrpw=YES
## Check password for triviality
nullpw=NO
## Null passwords are not allowed
syschpw=NO
## System does not generate passwords having
characters only
sysltpw=NO
## System does not generate passwords having letters
only
#mintm=PASSWORD_MINDAYS
## ##From SECURITY##
#exptm=PASSWORD_MAXDAYS
## ##From SECURITY##
gptm=21
## Grace period time (days)
llog=0
## Last login time interval (days)
#expwarn=PASSWORD_WARNDAYS ## ##From SECURITY##
umaxlntr=-1
## Maximum number of consecutive unsuccessful login
attempts before the account is locked (use default)
tmaxlntr=3
## Maximum unsuccessful login tries allowed
dlylntr=2
## Delay between login tries
lntmout=30
## Login timeout in seconds
#
# End of Trusted System parameters
The following lines display information about auditing:

# Auditing
#
# ATTENTION: DO NOT CHANGE BELOW THIS LINE AFTER THE FIRST APPLY OF THE
SECURITY
PRI_SWITCH=102400
## Switch size of primary audit log file (kbytes)
SEC_SWITCH=102400
## Switch size of secondary audit log file (kbytes)
....................................................................................................................................................................................................................................
1350 OMS
9-25
Security
....................................................................................................................................................................................................................................

Changing the system security parameters
Some of the settings for the system security parameters, such as the password parameters,
can be changed.
Important! We recommend that the system security parameters be changed before the
security environment is set up because any subsequent changes to the security

environment can result in security breaches or user problems. For example, if the
password lifetime is reduced, users could be deactivated without any advance notice. In
addition, we recommend that the system security parameters for the Trusted System
Configuration are not changed with the HP System Management Homepage (SMH).
Location and access to the system security parameters
The default settings for the security parameters are housed in the following file:
/SCINSTALL/security/lib/security.parms
To customize security parameters, a copy of the default file can be made using the
following command:
cp /SCINSTALL/security/lib/security.parms /
/SCINSTALL/security/data/custom/security.parms
Changes to the custom security.parms file can be made when security is active by
logging in as root, using an editor command, and executing the appropriate command:
scsecurity security
Where: security is used to set up security defaults for the password parameters. See
Table 9-1, System Security Parameters (p. 9-27) for the list of password
parameters.
scsecurity modify
Where: modify is used to change password settings (including setting up security
defaults) for the security parameters, password parameters, trusted system parameters,
and the encryption parameters, which are set only if trusted-advanced is the active
profile. See Table 9-1, System Security Parameters (p. 9-27) for a list of these
parameters.
If a new version of the security parameters file is delivered and a custom security
parameters file is found when a new version of MW-OS is installed, scsecurity outputs a
display similar to the following, which the administrator must follow:
WARNING:a CUSTOM security parameters file has been found:
The file version is different from the new one installed as DEFAULT:
/SCINSTALL/security/lib/security.parms
NOTE: if you made some modification on the custom file, please complete the
....................................................................................................................................................................................................................................
1350 OMS
9-26
Security
....................................................................................................................................................................................................................................
actions reported at follows:

- save the current custom file for reference
cp /SCINSTALL/security/data/custom/security.parms /
/SCINSTALL/security/data/custom/security.parms_save
- copy the default file in the custom directory
cp /SCINSTALL/security/lib/security.parms /
- apply your personal customization on the custom file
- finally remove the old saved custom file
rm /SCINSTALL/security/data/custom/security.parms_save
System security parameters and HA configurations

Important! For High Availability (HA) configurations, the security must be configured
at the same level and with the same parameters that are set on every system. A
non-aligned security set-up can cause serious problems.
System security parameter types
The system security parameters are one of the types that are listed in the following table:
Table 9-1

System Security Parameter Type

Security Parameters
Parameter
SIT (p. 9-33)
WARN_USERS_LIST (p. 9-35)
Encryption Parameters
CHANGE_ENCRYPT_PASSWORD
(p. 9-28)
ENCRYPT_ARCHIVE (p. 9-29)
Password Parameters*
MIN_PASSWORD_LENGTH (p. 9-30)

PASSWORD_HISTORY_DEPTH (p. 9-31)
PASSWORD_MAXDAYS (p. 9-31)
PASSWORD_MINDAYS (p. 9-32)
PASSWORD_MIN_DIGIT_CHARS
(p. 9-32)
PASSWORD_MIN_SPECIAL_CHARS
(p. 9-32)
PASSWORD_WARNDAYS (p. 9-33)
....................................................................................................................................................................................................................................
1350 OMS
9-27
Security
....................................................................................................................................................................................................................................
Table 9-1
(continued)

System Security Parameter Type
Trusted System Parameters**
Parameter
dlylntr (p. 9-29)
gptm (p. 9-29)
llog (p. 9-30)
lntmout (p. 9-30)
nullpw (p. 9-31)
rstrpw (p. 9-33)
syschpw (p. 9-33)
sysltpw (p. 9-34)
syspnpw (p. 9-34)
tmaxlntr (p. 9-34)
umaxlntr (p. 9-35)
usrpick (p. 9-35)
*The password parameters are among the most useful and safest security parameters to
customize.
**We strongly recommend that these parameters are not changed with the HP System
Management Homepage (SMH).
CHANGE_ENCRYPT_PASSWORD
The CHANGE_ENCRYPT_PASSWORD system security parameter specifies whether

the audit and log archive encryption password can be changed. For the initial password
set up, changing this parameter setting is useful; however, when data exists in the archive,
we do not recommend changing the settings of this parameter. The
ENCRYPT_ARCHIVE (p. 9-29) is a related parameter. Refer to Encryption set up
The allowed values are YES and NO.
This parameter is an encryption parameter. This parameter and its values reside in the
following file:
The scsecurity modify command line is used to change the initial value/setting of this
parameter.
....................................................................................................................................................................................................................................
1350 OMS
9-28
Security
....................................................................................................................................................................................................................................
dlylntr
The dlylntr (delay between login tries) system security parameter specifies the maximum
number of seconds that are to elapse between login tries.
The allowed values are numbers that represent elapsed seconds.
This parameter is a Trusted System drive parameter. This parameter and its values reside
in the following file:
parameter.
ENCRYPT_ARCHIVE
The ENCRYPT_ARCHIVE system security parameter specifies whether audit and log
archive encryption should be turned on or off. The CHANGE_ENCRYPT_PASSWORD (p. 9-28) is a related parameter. Refer to Encryption set up (p. 9-23) for
details.
The allowed values are YES, to turn on the archive encryption, and NO, to turn off the
archive encryption.
This parameter is an encryption parameter. This parameter and its values reside in the
following file:
parameter.
gptm
The gptm (grace period time maximum) system security parameter specifies the
maximum number of days that are allowed for a grace period, or that period of time in
which users are allowed to change their passwords.
The allowed values are numbers that represent the number of days. The default value is
21 days.
This parameter is a Trusted System drive parameter, which is also used for password
aging. This parameter and its values reside in the following file:
parameter.
....................................................................................................................................................................................................................................
1350 OMS
9-29
Security
....................................................................................................................................................................................................................................
llog
The llog (last log) system security parameter specifies the user inactivity time, which is
expressed in the number of days, that users have before their accounts are disabled
because they have not logged in to the system.
The allowed values are numbers that represent days; where the number 0 indicates
disabled. Note that setting this parameter to a value other than 0 can cause application
problems for the users.
parameter.
lntmout
The lntmout (login time out) system security parameter specifies the number of seconds
that are to elapse when logging in to the system before users are disconnected from the
network.
The allowed values are numbers that represent elapsed seconds.
parameter.
MIN_PASSWORD_LENGTH
The MIN_PASSWORD_LENGTH system security parameter specifies the minimum

number of characters that are allowed in a password.
The allowed value is a number that represents the number of characters. The default value
is 7characters.
This parameter is a password parameter that handles the structure of a password. This
parameter and its values reside in the following file:
parameter.
....................................................................................................................................................................................................................................
1350 OMS
9-30
Security
....................................................................................................................................................................................................................................
nullpw
The nullpw (null password) system security parameter specifies whether users can enter a
null password.
The allowed values are YES and NO. We strongly recommend that this password is set to
NO to prevent serious breaches in security.
parameter.
PASSWORD_HISTORY_DEPTH
The PASSWORD_HISTORY_DEPTH system security parameter specifies the number

times that users must change their passwords before they are allowed to reuse the same
password.
The allowed value is a number from 1 to 10. The default value is 4.
This parameter is a Password parameter that handles changing a password. This
parameter.
PASSWORD_MAXDAYS
The PASSWORD_MAXDAYS system security parameter specifies the maximum

number of days in which a particular password can remain current; or, the number of days
in the lifetime of one particular password before a user is not allowed system access.
The allowed value is a number that represents the number of days. The default value is
180 days.
This parameter is a password parameter that handles the aging of a password. This
parameter.
....................................................................................................................................................................................................................................
1350 OMS
9-31
Security
....................................................................................................................................................................................................................................
PASSWORD_MINDAYS
The PASSWORD_MINDAYS system security parameter specifies the minimum number

of days in which a particular password can remain current; or, the number of days in the
lifetime of one particular password before the user can change the password.
The allowed value is a number that represents the number of days. The default value is 0
days. Note: setting this parameter to a value other than 0 can cause application problems
for the users. The system prevents users from changing a password that is not older than
the specified number of days, which is the setting of the PASSWORD_MINDAYS.
parameter.
PASSWORD_MIN_DIGIT_CHARS
The PASSWORD_MIN_DIGIT_CHARS system security parameter specifies the

minimum number of digits (numbers) that are allowed in a password.
The allowed value is a number that represents the number of digits allowed. The default
value is one number.
parameter.
PASSWORD_MIN_SPECIAL_CHARS
The PASSWORD_MIN_SPECIAL_CHARS system security parameter specifies the

minimum number of special characters (such as *) that are allowed in a password.
The allowed value is a number that represents the number of special characters that are
allowed. The default value is one special character.
parameter.
....................................................................................................................................................................................................................................
1350 OMS
9-32
Security
....................................................................................................................................................................................................................................
PASSWORD_WARNDAYS
The PASSWORD_WARNDAYS system security parameter specifies the number of days

in which users are warned, upon their login to the system, that their current password is
scheduled to expire.
The allowed value is a number that represents the number of days. The default value is 14
days.
parameter.
rstrpw
The rstrpw (restrict trivial passwords) system security parameter specifies whether
passwords are to be checked for trivialities.
SIT
The SIT (shell inactivity timeout) system security parameter specifies the value in
seconds that the ksh and sh shells can be left inactive before a timeout occurs and the user
is automatically locked out.
The allowed value is a number that represents the number of seconds that can elapse
before a timeout can occur; and the number 0 to disable the feature.
This parameter and its values reside in the following file:
parameter.
syschpw
The syschpw (system character password) system security parameter specifies whether
the system can generate passwords that are composed of only characters.
Since the usrpick (p. 9-35) password is set to YES, this parameter should not be set and
is not a valid option.
....................................................................................................................................................................................................................................
1350 OMS
9-33
Security
....................................................................................................................................................................................................................................
sysltpw
The syschpw (system letter password) system security parameter specifies whether the
system can generate passwords that are composed of only letters.
syspnpw
The syspnpw (system pronounceable password) system security parameter forces the
system to generate a password that users can pronounce.
tmaxlntr
The tmaxlntr (maximum login tries) system security parameter specifies the maximum
number of unsuccessful login attempts before users are disconnected from the network.
The allowed values are numbers. The value of -1 indicates that a check is not to be
performed and a number greater than 0 indicates the number of allowed invalid attempts
before the users are disconnected from the network.
parameter.
....................................................................................................................................................................................................................................
1350 OMS
9-34
Security
....................................................................................................................................................................................................................................
umaxlntr
The umaxlntr (user maximum login tries) system security parameter specifies the
maximum number of consecutive invalid/unsuccessful login attempts before a user
account is locked.
The allowed values are numbers. The value of -1 indicates that a check is not to be
performed and a number greater than 0 means the number of allowed invalid attempts to
log in to the system.
parameter.
usrpick
The usrpick (user pick) system security parameter specifies whether users can choose
their own passwords.
Important! This parameter must always be set to YES.
WARN_USERS_LIST
The WARN_USERS_LIST system security parameter is a list of users, separated by blank

spaces, who are to be e-mailed of security problems. Note: the mail is restricted to 1350
OMS system recipients only. Refer to Audit and log files functional overview
(p. 9-20) for additional details.
The allowed values are a local username and a blank character space that separates one
user from the next.
This parameter is an advanced security parameter. This parameter and its values reside in
the following file:
....................................................................................................................................................................................................................................
1350 OMS
9-35
Security
....................................................................................................................................................................................................................................

When to use
Use this task to prepare for the security set up.

Related information
Security Overview (p. 9-3)
Security Profiles (p. 9-8)
System Security Parameters (p. 9-26)
Before you begin
Each step of this task refers you to other sections in this document that are important in
your understanding of the particular step.
Task
Complete the following steps to prepare for the security set up.
...................................................................................................................................................................................................
To avoid a reboot during the security set-up procedure, determine if you have the correct
software installed. If you do not have one or more pieces of the required software, the
security set up tool automatically activates the software install process and it can reboot
the system.
For the software that the 1350 OMS relies on and the software that is required for the
security set-up procedure, refer to Security software requirements (p. 9-3).
...................................................................................................................................................................................................
Review and select the appropriate security profile for your needs.
Refer to Security Profiles (p. 9-8) and Access to the secure host (p. 9-9) for details
and considerations. In addition, for High Availability systems, refer to Security and
restrictions on High Availability configurations (p. 9-10).
...................................................................................................................................................................................................
To customize security defaults parameters, change the values in the following file:
Important! We strongly recommend that you make any changes before security
activation.
If you do make the modification when the security is configured, log in as root and enter
the following command to apply the new security values to the security configuration:
....................................................................................................................................................................................................................................
1350 OMS
9-36
Security
....................................................................................................................................................................................................................................
...,sys,root # scsecurity security [Enter]

Important! We strongly recommend that you do not change the Trusted System
configuration with the HP System Management Homepage (SMH).
Important! For High Availability configurations, the security must be configured at the
same level and with the same parameters set up on every system. A non-aligned security
setup can cause serious problems. Refer to System Security Parameters (p. 9-26) for
details.
...................................................................................................................................................................................................
To customize any additional advanced, encryption, or Trusted System parameters change

the values in the following file:
If you do make the modification when the security is configured, log in as root and enter
the following command to apply the new security values to the security configuration:
scsecurity modify
Important! We strongly recommend that you do not change any Trusted System
parameters with the HP System Management Homepage (SMH). In addition, some
Trusted System parameters cannot be modified with scsecurity modify.
Refer to System Security Parameters (p. 9-26) for details.

In addition, refer to Location and access to the system security parameters (p. 9-26) for
instructions on how to manage the customization of the security.parms files.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
9-37
Security
....................................................................................................................................................................................................................................

When to use
Use this task to set up security with any profile, which includes the trusted-base or
trusted-advanced profile.
Related information

Prepare to Set Up Security (p. 9-36) task
Before you begin
Step 1 of this task requires you to complete the Prepare to Set Up Security
(p. 9-36) task.
Read Security configuration tool functional overview (p. 9-3) before you proceed with
this task.
For High Availability systems, refer to Security and restrictions on High Availability
configurations (p. 9-10) before you proceed with this task.
Task
Complete the following steps to set up security with any profile, which includes the
trusted-base or trusted-advanced profile.
...................................................................................................................................................................................................
Complete all of the steps in the Prepare to Set Up Security (p. 9-36) task.
...................................................................................................................................................................................................
Log in to the appropriate server as root.

...................................................................................................................................................................................................
Enter the following command followed by the profile type that reflects the appropriate
security level for your installation:
...,sys,root # scsecurity <profile type> [Enter]
Where:
<profile type> is trusted-base or trusted-advanced.
....................................................................................................................................................................................................................................
1350 OMS
9-38
Security
....................................................................................................................................................................................................................................
Result: The scsecurity tool initially checks disk spaces and searches the server for
the required software. If the disk space is insufficient or at least one piece of software
is missing, the tool automatically activates the software install process and it can
reboot the system.
For the software that the 1350 OMS relies on and the software that is required for the
security set-up procedure, refer to Security software requirements (p. 9-3). For
details on the tool output and additional user responses, refer to Security
configuration tool functional overview (p. 9-3).
...................................................................................................................................................................................................
If you are configuring security with a trusted-base profile, go to Step 6.

If you are configuring security with an trusted-advanced profile, go to Step 5.
...................................................................................................................................................................................................
If you are configuring security with a trusted-advanced profile, enter and then re-enter
the new password for the security user when the tool outputs a display similar to the
following:
=><date/time stamp>
=>END:
Created Security Profile for Users
NOTE:
For the active users the security profile setting
will be enabled at the next login.
Executing Security User Configuration
Executing 'security' user creation
Define password for user 'security'
Changing password for security
Last successful password change for security: NEVER
Last unsuccessful password change for security: NEVER
New password:
Re-enter new password:
New password: <enter the new password here>

Re-enter password: <enter the new password here again>
Result: The tool checks the password, and upon its acceptance of the new password,
it outputs a display similar to the following:

Password successfully changed
...................................................................................................................................................................................................
Complete the steps in the Verify and Kill Processes (p. 9-42) task.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
9-39
Security
....................................................................................................................................................................................................................................

When to use
Use this task to change a manufacturer's default passwords.

Related information
Before you begin
To prevent unauthorized access to the system through the 1350 OMS default accounts, we
highly recommended that you provide a new, secure password to the following user
accounts:
axadmin
snml
bmml
wdm
alcatel
Task
Complete the following steps to change a manufacturer's default passwords.

...................................................................................................................................................................................................
Log in to the system in a shell as root .

...................................................................................................................................................................................................
Enter command the following command:

passwd <user>
Where: <user> is one of the following account names: axadmin, snml, bmml, wdm, or
alcatel.
Result: The system prompts you to type a new password.
...................................................................................................................................................................................................
When prompted to enter a new password, type a new password and confirm it without
echo entered characters.
Important! Passwords must meet the rules that are set for the security policy.
....................................................................................................................................................................................................................................
1350 OMS
9-40
Security
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
Repeat step 2 and 3 for each user account.

...................................................................................................................................................................................................
Optional, but strongly recommended: Periodically change the password to the root
account.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
9-41
Security
....................................................................................................................................................................................................................................

When to use
Use this task to verify and kill processes.

Related information
Set Up Security with Any Profile (p. 9-38) task
Before you begin
This task requires you to complete the Prepare to Set Up Security (p. 9-36) and Set Up
Security with Any Profile (p. 9-38) tasks.
When the scsecurity tool has set up the security configuration, you must verify the
contents of the /var/opt/sec_mgmt/bastille/TODO.txt file. In the file, Bastille writes the
running processes that are related to TCP/IP services that have been closed. These
processes are no longer started at the next reboot; however, if you want to guarantee a
higher security level, you must examine the contents of the file and identify these
processes. The process names are usually shown between two dash lines. See the
TODO.txt example that is displayed in Step 1.
Task
Complete the following steps to verify and kill processes.

...................................................................................................................................................................................................
Open the TODO.txt file:

/var/opt/sec_mgmt/bastille/TODO.txt
Result: The file outputs lines of text that are similar to the following:
{<date/time stamp>}
--------------------------------------Deactivating Inetd Service: rtools
--------------------------------------The following process(es) are associated with the inetd service "rtools".
They are most likely associated with a session which was initiated prior to
running Bastille. To disable a process see "kill(1)" man pages or reboot
the system
Active Processes:
###################################
rlogind
###################################
....................................................................................................................................................................................................................................
1350 OMS
9-42
Security
....................................................................................................................................................................................................................................
{<date/time stamp>}
--------------------------------------Deactivating Inetd Service: bootps
--------------------------------------The following process(es) are associated with the inetd service "bootps".
They are most likely associated with a session which was initiated prior to
running Bastille. To disable a process see "kill(1)" man pages or reboot
the system
Active Processes:
###################################
bootpd
###################################
...................................................................................................................................................................................................
Determine the process names that must be killed. Note: the process names are typically
displayed between the two hashed lines.
...................................................................................................................................................................................................
Log in to the system as root.

...................................................................................................................................................................................................
Enter the following command to identify the process identifier (PID):

...,sys, root # UNIX95=ps -C <process name> [Enter]
Where:
process name is the name/names of the process or processes that you identified in the
TODO.txt file.
Result: The process identifies are displayed in the PID column of the command
output.
...................................................................................................................................................................................................
Enter the following command for each identified PID and press Enter.
...,sys,root# kill -15 <PID> [Enter]
...................................................................................................................................................................................................
Repeat Step 4 and Step 5 for each process that is in the TODO.txt file.
...................................................................................................................................................................................................
Ask all authorized users to log out of the current session and log back in so they can be
connected to the system through the secure connection.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
9-43
Security
Remove Security
....................................................................................................................................................................................................................................
Remove Security
When to use
Use this task to remove any existing security or to change the security profile.
Important! We do not recommend that the security configuration is reverted to that of
an unsecured configuration because it can affect password aging and the general
password definition.
Related information
Set Up Security with Any Profile (p. 9-38)

Security user-allowed commands (p. 9-9)
Before you begin
The security revert form of this tool restores the system to the state that it was in before
the security set up. If any changes were made to the system in the interim (either
manually, through the Security user-allowed commands (p. 9-9), or by other programs),
these changes should be reviewed to determine if they have broken the system or
compromised its security.
Note: If the trusted-advanced security profiles are in use, the current audit file is
compressed and moved into the /.ARCHIVE directory each time the 1350 OMS security is
reverted to the default HP-UX level through scsecurity revert.
Task
Complete the following steps to remove any existing security or to change a security
profile.
...................................................................................................................................................................................................
Log in to the system as root:

...................................................................................................................................................................................................
Enter the following command to remove security or to change a security profile:

...,sys,root # scsecurity revert [Enter]
....................................................................................................................................................................................................................................
1350 OMS
9-44
Security
Remove Security
....................................................................................................................................................................................................................................
Result: If any changes were made to the security configuration in the interim (either
manually or by other programs), the tool outputs a display that lists the changes.
...................................................................................................................................................................................................
If you are using the security revert to change a security profile, go to the Set Up Security
with Any Profile (p. 9-38) task to set up a security with a new profile.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
9-45
Security
....................................................................................................................................................................................................................................

When to use
Use this task to troubleshoot and fix old password problems.

Related information
Before you begin
After conversion to the Trusted System or after you used scsecurity revert and you
reapplied a new profile, you might have a problem with your old password during the first
password change. If your password was longer than eight characters, you will not be able
to change it. The system displays output that is similar to the following:
hosta,operator # passwd
Changing password for operator
Old password:
Sorry.
hosta,operator #
Task
Complete the following step to fix a problem with an old password.

...................................................................................................................................................................................................
If you attempt to enter your old password, and your old password is longer than 8
characters, enter only the first 8 characters of the old password.
Result: The system accepts your old password.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
9-46
Security
....................................................................................................................................................................................................................................

When to use
Use this task to troubleshoot and fix /etc/passwd file problems.

Related information
Before you begin
The security for the 1350 OMS converts HP-UX in the Trusted System, along with the
/etc/passwd file. If the /etc/passwd conversion fails, the Trusted System conversion also
fails; however, other security actions are performed. When this problem occurs, output
similar to the following is displayed:
WARNING: Failed to Execute Command: /usr/lbin/tsconvert
Command Output: Creating secure password database...
Directories created.
....
Can't write protected database;
password file unchanged.
ERROR: Trusted system conversion was unsuccessful for an unknown reason.
You may try using SMH to do the conversion instead of Bastille.
Task
Complete the following steps to fix /etc/passwd file problems.

...................................................................................................................................................................................................
Complete the steps in the Remove Security (p. 9-44) task.

...................................................................................................................................................................................................
Use the following command to identify and fix the /etc/passwd error:
...,sys,root # pwck [Enter]
When using the pwck command, ignore irrelevant errors of the following type:
webadmin:*:40:1::/usr/obam/server/nologindir:/usr/bin/false
Login directory not found
goglobal:*:103:20:Graphon database user:/home/goglobal:/bin/sh
Login directory not found
....................................................................................................................................................................................................................................
1350 OMS
9-47
Security
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
Set up the security again.

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
9-48
Security
....................................................................................................................................................................................................................................

When to use
Use this task to authorize access to the depot machine.

Related information
Before you begin
For security, the HP Software Distributor service is disabled. Because the depot
machine must distribute software when the system is configured with a security profile,
the depot machine must be set up to enable the access for the remote hosts.
The swacl command is used to view or modify the Access Control Lists (ACLs), which
are used to protect software products.
Task
Complete the following steps to authorize access to the depot machine.

...................................................................................................................................................................................................
Enter the following command to grant access to the root user on the remote host:
..., root,sys # swacl -l host -M user:root@<hostname>:-r-t:
[Enter]
Result: The root user now has access on the remote host.
...................................................................................................................................................................................................
Enter the following command to remove access of the root user on the remote host:
..., root,sys # swacl -l host -D user:root@<hostname> [Enter]
Result: The root user no longer has access on the remote host.
...................................................................................................................................................................................................
Enter the following command to list the host ACL on the local host:
..., root,sys # swacl -l host [Enter]
Result: The host ACL is now listed on the local host
...................................................................................................................................................................................................
Remove access after the software installation.

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
9-49
Security
....................................................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
9-50
10
10 Printer Configurations
HP
Overview
Purpose
information and the associated tasks that pertain to an HP printer configurations.
Contents
10-2
Configure a Printer in the Local Spooler Queue
10-3
Start the Spooler
10-8
Configure a Printer Booting upon Booting from the Local System
10-9
...................................................................................................................................................................................................................................
1350 OMS
10-1
....................................................................................................................................................................................................................................

The HP printer configuration tool
To configure any HP printer, the HP hppi tool must be used. This tool configures the
printer on the system so software can be downloaded from the network. In addition, this
tool also configures the spooler and the print queues on all declared systems.
Two HP printer configurations
The following printer configurations are supported:
A spool queue configuration is supported.

With this type of configuration, the administrator can configure an existing HP
printer that is already active in the network by creating a spool queue.
Refer to Configure a Printer in the Local Spooler Queue (p. 10-3) for details.
A boot configuration is supported.
With this type of configuration, the administrator can configure an HP printer by
loading the printer configuration remotely upon power-up of the printer.
Refer to Configure a Printer Booting upon Booting from the Local System
....................................................................................................................................................................................................................................
1350 OMS
10-2
....................................................................................................................................................................................................................................

When to use
Use this task to configure a printer in the local spooler queue.

Related information
Printer Configuration Overview (p. 10-2)
Start the Spooler (p. 10-8)
Before you begin
You will need following information when the spool queue is being set up in this task:
The Name is a meaningful 8 character string that you assign to the printer. We advise
you to declare the printer name as an external code with scNMmng.
The IP Address is the network IP address that you assign to the printer.
The Default Queue prompt must be answered as Yes or No:
Is this the system default queue
We recommend that you set the first defined queue as the default queue.
The Banner Page prompt must be answered as Yes or No:
Would you like to issue the banner page at the beginning of
any print job.
Task
Complete the following steps to configure a printer in the local spool queue.
...................................................................................................................................................................................................

...................................................................................................................................................................................................
Enter the following command to initialize the hppi tool for JetDirect printer installation:
..,sys,root # hppi [Enter]
Result: The tool outputs the JetDirect banner page, which is followed by the main
menu:
***************************************************************
*****
*****
*****
***** JetDirect Printer Installer for UNIX
*****
***** Verison E.10.18
*****
*****
....................................................................................................................................................................................................................................
1350 OMS
10-3
....................................................................................................................................................................................................................................
*****
*****
*****
M A I N
M E N U
*****
User: [root]
OS: (HP-UX B.11.11)
I N V E N T
****************************************************************
1) Spooler Administration (super-user only)
2) JetDirect Configuration (super-user only)
- TCP/IP configurable parameters
3) Diagnostics:
- diagnose printing problems
?) Help
q) Quit
Please enter a selection (q - quit):
...................................................................................................................................................................................................
At the main menu, enter 1 to select Spooler Administration.

Result: The tool outputs the Spooler Administration banner page, which is followed
by its main menu:

Spooler:
1) Add printer to local spooler
2) Delete printer from local spooler
4) Install New Model Script
5) Remove Model Script
?) Help
q) Quit
Please enter selection:
...................................................................................................................................................................................................
At the Spooler Administration menu, enter 1 to Add printer to local spooler.

Result: The system prompts you for the printer name or IP address:
...................................................................................................................................................................................................
At the following prompt, enter the printer name or the IP address:

Enter the network printer name or IP address (q - quit):
Note: if you have already declared the printer name in the /etc/hosts file through
scNMmng, enter the printer name. If you have not declared the printer name, enter the IP
address. We recommend that you enter the printer name and not the IP address because
you will have to review/change the printer configuration if the printer IP address changes.
Result: The system outputs a display similar to the following to enable the Realtime
Model Script update:
The latest model script can be downloaded from the web before creating
any queue. This can be done by enabling Realtime Model Script Update.The
Realtime Model Script Update can be Enabled/Disabled from the diagnostics menu.
....................................................................................................................................................................................................................................
1350 OMS
10-4
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
At the following prompt, press the Enter key:

Do you want to Enable Realtime Model Script Update(0-Enable,
default-Disable): Enter
Result: The tool outputs the following list of suggested parameter values:
The following is a list of suggested parameter values for this queue. You
may change any settings by selecting the corresponding non-zero numbers. The
values
will be used to configure this queue when '0' is selected.
To abort this configuration operation, press 'q'.
Configurable Parameters:
Current Settings
--------------------------------------1) Lp destination (queue) name: [<printername>_1]
2) Status Log
[(No Log)]
3) Queue Class
[(Not assigned)
4) Default Queue
[NO]
5) Additional printer configuration...
...................................................................................................................................................................................................
At the following prompt enter 1 to change the LP queue:

Select an item for change, or '0' to configure (q - quit): 1
Result: The tool outputs a display similar to the following that lists the currently used
queue names:
Currently used names:
-------------------(no queues are configured)
...................................................................................................................................................................................................
At the following prompt enter 1 to enter the LP destination name:

Enter the lp destination name (default=<Printer name>_1, q quit): <printer name>
Result: The tool updates the items in the Current Settings of the suggested
parameter values menu.

...................................................................................................................................................................................................
If you are configuring the first print queue or if you want to define this printer as the new
default queue, enter a 4 at the following prompt:
....................................................................................................................................................................................................................................
1350 OMS
10-5
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
10
If you want to set the banner page issue, at the next suggested parameter values menu,
enter 5 at the following prompt:
The following is a list of suggested parameter values for this printer.

To abort this operation, press 'q'.
Configurable Parameters:
Current Settings
--------------------------------------1) Model Script:
[net_lj4x]
2) Default Printing Language
[AUTO]
3) Job Recovery
[ON]
4) True End-of-Job
[ON]
5) Banner Page
[OFF]
6) PostScript Level
[Level 1]
...................................................................................................................................................................................................
11
If you want to set the banner page issue, enter 5 at the following prompt:
Result: The Banner Page current setting is changed from [OFF] to [ON] and the tool
re-displays the submenu issued.

...................................................................................................................................................................................................
12
At the following prompt, enter q to quit:

Select an item for change, or '0' to configure (q - quit): q
Result: The tool re-displays the Printer Characteristics Menu.
...................................................................................................................................................................................................
13
At the following prompt in the Printer Characteristics Menu, enter q to quit:

Result: When the spooler is not running, the tool outputs a display that is similar to
the following:
The spooler is already not running in the system!
It will not be switched on after the configuration
When the spooler is running, the tool outputs a display that is similar to the following:
Ready to shut down the spooler and configure the new print queue.
The spooler will be running again after the configuration is done.
WARNING: If there are jobs currently being printed, and the page count is
enabled (i.e. when True End-of-Job is turned on), this shutdown and rerun
....................................................................................................................................................................................................................................
1350 OMS
10-6
....................................................................................................................................................................................................................................
of the spooler may result in incorrect page count.

...................................................................................................................................................................................................
14
If the spooler is running, enter the following command to verify that a print job is not
queued:
lpstat -t
If the spooler is not running, the tool outputs the following message to remind you to start
the spooler:
WARNING : The spooler is not running!
To print, turn on the spooler (lpsched)
Result: The tool returns to the Spooler Administration menu.

...................................................................................................................................................................................................
15
At the Spooler Administration menu, enter q to exit the Spooler Administration menu.
Please enter selection: q [Enter]
q [Enter]
Result: The tool displays the Direct Printer Installation Main Menu.
...................................................................................................................................................................................................
16
At the Jet Direct Printer Installation Main Menu, enter q to exit the tool.
Please enter a selection (q - quit): q [Enter]
q [Enter]
Result: You have exited the tool.
...................................................................................................................................................................................................
17
Complete the steps in the Start the Spooler (p. 10-8) task.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
10-7
Start the Spooler
....................................................................................................................................................................................................................................
Start the Spooler

When to use
Use this task to start the spooler

Related information
See the following topics in this document::
Configure a Printer in the Local Spooler Queue (p. 10-3)
Before you begin
The HP-UX system spooler is automatically started during system start-up only when a
print queue is defined. When you initially define the first queue, it typically does not run;
therefore, you must use the steps in this task to start the print queue manually.
Task
Complete the following steps to start the spooler.

...................................................................................................................................................................................................

...................................................................................................................................................................................................
Enter the following command to start the spooler:

..,sys,root # lpsched [Enter]
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
10-8
Configure a Printer Booting upon Booting from the Local

System
....................................................................................................................................................................................................................................

System
When to use
Use this task to configure a printer upon booting from the local system.
Related information
Start the Spooler (p. 10-8)
Before you begin
This printer configuration enables you to load the printer configuration remotely upon
power-up time.
If you decide to use this method, we recommend the following:
Choose two HP-UX systems that are configured to set up the printers.
Keep the databases of these two systems synchronized.
You will need the following information when the boot configuration is being set up
during this task:
Name
Name is a meaningful 8 character string that you assign to the printer. We advise that
you declare the printer name as an external code with scNMmng.
IP Address
IP Address is the network IP address that you assign to the printer.
LAN Hardware Address

LAN Hardware Address is the hardware address of the card, which is also known as
MAC(2). This address is typically a hexadecimal string that consists of six

colon-separated sets of hexadecimal notation in the format: 00:30:6E:08:AF:6F. You
must retrieve this address from the printer itself; refer to the printer documentation for
help.
Task
Complete the following steps to configure a printer upon booting from the local system.
...................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
10-9

System
....................................................................................................................................................................................................................................

...................................................................................................................................................................................................
Enter the following command to initialize the hppi tool for JetDirect printer installation:
..,sys,root # hppi [Enter]
Result: The tool outputs the JetDirect banner page, which is followed by the main
menu:
****************************************************************
1) Spooler Administration (super-user only)
2) JetDirect Configuration (super-user only)
- TCP/IP configurable parameters
3) Diagnostics:
- diagnose printing problems
?) Help
q) Quit
Please enter a selection (q - quit):
...................................................................................................................................................................................................
At the main menu, enter 2 to select JetDirect Configuration.

Result: The tool outputs the JetDirect banner page, which is followed by its main
menu:
Printer Network Interface:
1) Create printer configuration in BOOTP/TFTP database
2) Remove printer configuration from BOOTP/TFTP
3) Check Bootp and TFTP operation (super-user only)
- OR Telnet Configure JetDirect:
4) Set IP Address locally
(within your local subnet - router)
5) Open Telnet Session to JetDirect Card
?) Help Me Decide
q) Quit
...................................................................................................................................................................................................
At the JetDirect Configuration menu, enter 1 to Create printer configuration in

BOOTP/TFTP database.
Result: The tool outputs a display similar to the following, which instructs you how
to answer a series of prompts:
These responses apply to all questions:
"q"
- returns you to the next higher level menu
"?"
- prints help text
<return>
- skips optional parameters or selects the default value
....................................................................................................................................................................................................................................
1350 OMS
10-10

System
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
At the following prompt, enter the LAN address of the printer:

Enter the printer's LAN hardware address: <MAC Address> [Enter]
...................................................................................................................................................................................................
At the following prompt, enter the name of the printer:

Enter the network printer name (q - quit): <Printer Name>
...................................................................................................................................................................................................
At the following prompt, enter the IP address of the printer:

Enter IP address: <Printer IP Address>
...................................................................................................................................................................................................
At the following prompt, specify the printer name and the IP address of the printer that
should be added to the /etc/hosts file:
Add <Printer Name> and <Printer IP Address> to /etc/hosts? (y/n/
q, default=y) y
Result: The tool outputs a display similar to the following to remind you to update
your master source:

Printer name and IP address have been added to /etc/hosts.
If your /etc/hosts file is updated automatically from a master source,
add the name and IP address to your master source after the
configuration is complete.
The tool then outputs a display similar to the following on optional parameters that
you can set:
Following are optional parameters you may set for JetDirect. Select any nonzero numbers to make the changes. The settings are used to create a
BOOTP/TFTP database when '0' is selected. To abort the operation, press
'q'
Other optional parameters:
------------------------1) Set printer location (uses tftp)
2) Set printer contact (uses tftp)
3) Set subnetmask
4) Set gateway
5) Set syslog (uses tftp)
6) Change idle timeout (uses tftp)
7) Create access list (up to 10 names). (Default: all allowed).
(uses tftp)
8) Other SNMP parameters: (uses tftp)
(GET/SET community name, trap and community name, authentication
trap)
9) Set HP JetDirect lpd banner page
....................................................................................................................................................................................................................................
1350 OMS
10-11

System
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
At the following prompt, enter 1 to set the printer location:

Select an item for change, or '0' to configure (q - quit):
1 [Enter]
...................................................................................................................................................................................................
10
At the following prompt, enter the name of the printer location:

Enter the printer location (q - quit): <Location name> [Enter]
...................................................................................................................................................................................................
11
At the following prompt, enter 0 to configure the printer:

Result: The tool outputs a display that is similar to the following that confirms the
creation of the BOOTP/TFTP configuration database and the placement of the

configuration data.
Completed creating BOOTP/TFTP configuration database for <Printer Name>
Tftp service is also used to boot up JetDirect. Make sure /var/adm/inetd.sec
allows JetDirect's IP to access ftp service on this node.
Please wait...
(testing, please wait) ...
Testing BOOTP with 080009000000...:
RESULT: Passed BOOTP test 1 with 080009000000.
......
BOOTP/TFTP has been verified functional.
Configuration data is now in place. The next test is to ping the printer for
the IP name you just assigned it. To continue the test, you MUST do the
following so that the printer can configure itself with the configuration
data:
Power cycle the printer.
...................................................................................................................................................................................................
12
Power the printer off and on.

Result: The tool outputs a display that is similar to the following that requests you to
wait until the printer finishes its selftest.

Wait until the printer finishes the self test.
(Note: It may take 20 sec to 1 min for a token ring HP
JetDirect interface to finish the configuration.)
Press the return key to continue the test.
...................................................................................................................................................................................................
13
Press the Enter key on the keyboard to continue the test.

[Enter]
....................................................................................................................................................................................................................................
1350 OMS
10-12

System
....................................................................................................................................................................................................................................

If you are not ready for the next test (for example, the IP name has not
taken
affect in your DNS server), press 'q' to return to the configuration menu now.
...................................................................................................................................................................................................
14
At the following prompt, enter y to send the test files to the printer:
Do you want to send test file(s) to this printer (y/n, default=
n)? y [Enter]

This test is using test files to demonstrate that data bytes can be
transmitted a
cross the HP JetDirect interface setup. As long as a few characters print out,
the test is successful.
The printer must be ready, i.e. online and not printing anything.
The following types of test files can be sent to the printer:
1) text file
(if printer is in PCL or AUTO mode)
2) PostScript file (if printer is in PS or AUTO mode)
3) HP-GL/2 file
(if it is a HPGL/2 plotter)
4) User supplied file
...................................................................................................................................................................................................
15
At the following prompt, enter 2 to indicate that the PostScript file should be transmitted:
Which one should be transmitted? (1/2/3/q, default=1) 2
Result: The tool displays output that is similar to the following that indicates that the
test file has been sent to the named printer:

Sending a test file to <Printer Name> ...
Result: The file has been successfully sent to <Printer Name>.
Check output!
...................................................................................................................................................................................................
16
At the following prompt, press the Enter key to continue:

Press the return key to continue
... [Enter]
Result: The tool displays the JetDirect Configuration Menu.

...................................................................................................................................................................................................
17
At the Jet Direct Configuration Menu, enter q to exit Configuration Menu.

Please selection: q [Enter]
....................................................................................................................................................................................................................................
1350 OMS
10-13

System
....................................................................................................................................................................................................................................
Result: The tool outputs the JetDirect Main Menu.

...................................................................................................................................................................................................
18
At the Jet Direct Main Menu, enter q to exit the tool.

Please enter a selection (q - quit): q [Enter]
Result: You have exited the tool.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
10-14
11
Troubleshooting
11
Overview
Purpose
information and the associated tasks that pertain to troubleshooting the overall 1350
OMS.
Contents
11-3
Troubleshooting
11-3
Ping a Node
11-6
Activate the KDC Log
11-8
Deactivate the KDC Log
11-10
11-11
OS Percentage Usage
11-12
Manage Semaphores
11-13
11-14
Remote Commands
11-15
11-16
11-18
Troubleshoot 1350 OMS System License Problems
11-19
Remove the WDM Component from the 1350 OMS
11-21
11-24
11-24
Upgrade the MW-OS Application
11-27
...................................................................................................................................................................................................................................
1350 OMS
11-1
Troubleshooting
Overview
....................................................................................................................................................................................................................................
Configure and Test the Centralized User-DB in a Distributed Environment
11-29
11-33
11-34
Perform a Manual Customization/De-customization (without using the Install

Wizard)
11-36
Perform a Fast Customization of the MS-GUI Package
11-38
Customizing WDM to Exclude the Remote eOMS
11-40
11-41
11-41
SAS, UDM, LDAP
11-44
Web Desktop Administration
11-47
11-57
11-59
Work Arounds for Database Management
11-63
11-65
Work Arounds for File System Management
11-67
11-69
Logging
11-69
Configuration
11-72
....................................................................................................................................................................................................................................
1350 OMS
11-2
Troubleshooting
Troubleshooting
....................................................................................................................................................................................................................................
Troubleshooting
Overview
Troubleshooting guidelines are provided in terms of symptoms and fixes, and any related
tasks that might accompany the fix.
Network configuration problems
Because the MW-INT and Kerberos configuration is design to provide a high security
level, it must be able to identify the incoming ticket IP address. Therefore, two LAN
interface cards cannot be configured on the same system in the same subnetwork.
# ifconfig lan0
lan0: flags=843<UP,BROADCAST,RUNNING,MULTICAST>
inet 10.12.20.234 netmask ffff0000 broadcast 10.12.255.255
#ifconfig lan1
lan1: flags=843<UP,BROADCAST,RUNNING,MULTICAST>
inet 10.12.21.10 netmask ffff0000 broadcast 10.12.255.255
Note: In the previous output, the subnet mask splits the IP address information into the
subnet and host. The bit that is set to 1 in the netmask identifies the subnet; the bit that is
set to 0 identifies the host. Since the netmask is provided as a hexadecimal bit
representation and the IP address and four figures are dot separated, it is difficult to
identify the two IP address that are masked by netmask, which provides the same subnet.
The easiest way to compare the broadcast information shown is by the ifconfig command.
In the previous output, the display of the same broadcast value indicates if two IP
addresses differ in their binary representation and if they are in the same subnet.
Note: The addressing scheme is designed for optimal network behavior. To improve
network throughput, use the HP Auto Port Aggregation.

Ticket is ineligible for postdating
A common error message that the MW-INT with Kerberos outputs describes time
differences among servers.
FATAL Error while sending command to host = <hostname> - Error = 5 (Ticket is
ineligible for postdating) at /alcatel/<release>/Kernel/lib/lib_perl/
Remotizer.pm
....................................................................................................................................................................................................................................
1350 OMS
11-3
Troubleshooting
Troubleshooting
....................................................................................................................................................................................................................................
line <number>
When the hostname that is displayed in the message refers to a server that is different
from the one that has output the error, a time difference greater than five minutes between
the two severs clocks can exist.
Verify the times on the two system clocks by entering the following command:
...,root,sys $ date -u [Enter]
If the times are out of synchronization, verify the Network Time Protocol (NTP)
configuration. Refer to the 1350 OMS Installation Guide for details.
Cannot contact any KDC for requested realm
When a process on a local server cannot contact the remote or local KDC, output similar
to the following is displayed:
KRB5 XS: Cannot contact any KDC for requested realm while initializing krb5
FATAL Error while sending command to host = <hostname> Error = 5 (Cannot contact any KDC for requested realm)
at /alcatel/<release>/Kernel/lib/lib_perl/Remotizer.pm line <number>
The KDC daemon is not responding on the server that is identified as <hostname>.
Use the steps in the Ping a Node (p. 11-6) task to determine if the host can be reached.
If the host can be reached, log into that host server as root and stop/start the KDC daemon
by entering the following command:
...,root,sys $ /sbin/init.d/krbsrv stop ; /sbin/init.d/krbsrv start [Enter]
Important! When Kerberos is stopped and restarted, system malfunctions can occur.
Unable to connect ConnectionManager
When a process on a local server cannot connect with the remote or local Connection
Manager daemon, communication cannot be established. Output similar to the following
is displayed:
FATAL Error while sending command to host = <hostname> Error = 11 (Unable to connect ConnectionManger) at
/alcatel/<release>/Kernel/lib/lib_perl/Remotizer.pm line <number>
To fix this problem, do the following:

1. Use the steps in the Ping a Node (p. 11-6) task to determine if the remote host can
be reached.
2. Enter the following command to check the Connection Manager daemon on the server
that is named as <hostname>:
...,root,sys $ ps -ef | grep conmgr.exe [Enter]
....................................................................................................................................................................................................................................
1350 OMS
11-4
Troubleshooting
Troubleshooting
....................................................................................................................................................................................................................................
Output similar to the following is displayed. Identify the process that has a 1 in the
parent Process Identifier (PID) column, which is the third column in the output
example. Wait a while and re-enter the same command. If the conmgr process has a 1
as a parent PID and it has the same PID in both the ps outputs, it is stable. If a line is
not displayed or if the two PIDs that are displayed are different, contact your
Alcatel-Lucent local customer service support team immediately.
root 1963
1
5001
root 2136 1963
5001
root 2137 1963
5001
root 9277 18294
0 08:54:19 ?
0:01 /alcatel/<release>/Kernel/bin/conmgr.exe
0 08:54:30 ? 0:00 /alcatel/<release>/Kernel/bin/conmgr.exe

0 08:54:30 ? 0:00 /alcatel/<release>/Kernel/bin/conmgr.exe
0 15:36:11 pts/ta
0:00 grep conmgr.exe
KDC daemon log file
To identify the cause of a problem, you can force Kerberos KDC to log its activity in a
log file. To force KDC to produce a log file, you must change its start-up script and
stop/start the daemon. Refer to the Activate the KDC Log (p. 11-8) and Deactivate the
KDC Log (p. 11-10) tasks for details.
....................................................................................................................................................................................................................................
1350 OMS
11-5
Troubleshooting
Ping a Node
....................................................................................................................................................................................................................................
Ping a Node
When to use
Use this task to ping a node/host; meaning, to verify if a node can communicate with the
local node/host.
Related information
Before you begin
Any node that is connected to the network has one or more network adapters (NAs), each
of which is configured with an IP address. To simplify network access and to allow for a
virtual IP address change, the IP address of the NAs is typically identified with an alias (a
name) that the system automatically translates to an IP address.
Command format:
ping <IP address/host name> <bytes> <packets>
Task
Complete the following step to ping a host.

...................................................................................................................................................................................................
Enter the following command to ping the host through its IP address:
...,root,sys $ ping <IP address/hostname> <bytes> <packets>
Example:
,sys,root # ping <IP address/host name> 64 5
The command outputs a display similar to the following:

PING 192.9.4.42: 64 byte packets
64 bytes from 192.9.4.4: icmp_seq=0. time=0. ms
----192.9.4.4 PING Statistics---5 packets transmitted, 5 packets received, 0% packet loss
round-trip (ms) min/avg/max = 0/0/0
....................................................................................................................................................................................................................................
1350 OMS
11-6
Troubleshooting
Ping a Node
....................................................................................................................................................................................................................................
Result: The system outputs host information as shown in the example. Any error or
output with packet loss equal to 100% means the machine is unreachable or unknown.
If the host is unknown, the system outputs a display that is similar to the following:
ping: host unknown
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
11-7
Troubleshooting
....................................................................................................................................................................................................................................

When to use
Use this task to activate the Kerberos Key Distribution Center (KDC) log.
Related information
Deactivate the KDC Log (p. 11-10)
Before you begin
To identify the cause of problem, you can force the Kerberos KDC to log its activity in a
file. To force KDC to produce a log file, change its start-up script and stop/start the
daemon.
Task
Complete the following steps to activate the Kerberos KDC log.

...................................................................................................................................................................................................
Enter the following command to check free system space in the /var/adm/crash file:
...,root,sys $ bdf /var/adm/crash [Enter]
Result: The system outputs the crash file
...................................................................................................................................................................................................
In the /var/adm/crash file, check the Avail column to determine if more than 10,000
kilobytes are displayed.
...................................................................................................................................................................................................
Enter the following command lines to preserve a safe copy of the KDC start-up
procedure:
...,root,sys $ cd /sbin/init.d [Enter]
...,root,sys $ cp -p krbsrv krbsrv.save [Enter]
...................................................................................................................................................................................................
Using the vi editor, access the krbsrv file and replace the null file output in the kdcd start
command with the log file by changing the following line:
/opt/krb5/sbin/kdcd -l /dev/null
to:
/opt/krb5/sbin/kdcd -l /var/adm/crash/kdcd.log
....................................................................................................................................................................................................................................
1350 OMS
11-8
Troubleshooting
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
Save the change and exit the file.

...................................................................................................................................................................................................
Enter the following command to restart the daemon:

...,root,sys $ /sbin/init.d/krbsrv stop ; /sbin/init.d/krbsrv
start [Enter]
...................................................................................................................................................................................................
Deactivate the KDC daemon log. Go to the Deactivate the KDC Log (p. 11-10) task for
details.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
11-9
Troubleshooting
....................................................................................................................................................................................................................................

When to use
Use this task to deactivate the Kerberos KDC log.

Related information
Activate the KDC Log (p. 11-8)
Before you begin
To deactivate KDC daemon log, simply replace the modified krbswr file with the saved
one, and stop/start KDC.
Task
Complete the following steps to deactivate the Kerberos KDC log.

...................................................................................................................................................................................................
Enter the following command lines to restore the saved KDC start-up configuration:
...,root,sys $ cd /sbin/init.d [Enter]
...,root,sys $ mv krbsrv.save [Enter]
...................................................................................................................................................................................................
Enter the following command to restart the daemon:

...,root,sys $ /sbin/init.d/krbsrv stop ; /sbin/init.d/krbsrv
start [Enter]
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
11-10
Troubleshooting
Overview
....................................................................................................................................................................................................................................
Overview
Purpose
This section explains problems that can arise regarding the system and system
environment.
Contents
OS Percentage Usage
11-12
Manage Semaphores
11-13
11-14
Remote Commands
11-15
11-16
....................................................................................................................................................................................................................................
1350 OMS
11-11
Troubleshooting
OS Percentage Usage
....................................................................................................................................................................................................................................
OS Percentage Usage
What to do
To investigate the Operating System (OS) percentage usage when the system appears too
slow, use the command top -s1.
The IDLE percentage of the machine must be greater than 0; if the IDLE percentage of
the machine is not greater than 0, problems can exist that are related to the following:
Processes: too many processes are running and some of them can be looping.
Memory: the memory usage is too high.
....................................................................................................................................................................................................................................
1350 OMS
11-12
Troubleshooting
Manage Semaphores
....................................................................................................................................................................................................................................
Manage Semaphores
When to use
Use this task to manage semaphores.

Related information
Activate the KDC Log (p. 11-8)
Before you begin

Task
Complete the following steps to manage semaphores.

...................................................................................................................................................................................................
Activate a terminal window on the system server machine.

...................................................................................................................................................................................................
To display the semaphores used in a session, enter the following command:

ipcs -s
Result: The IPC status for the current instance is displayed.
IPC Status from /dev/kmem as of <date/time stamp>
T
ID
KEY
MODE
OWNER
GROUP
Semaphores:
....
s
29 0x00001c13 --ra-ra---axadmin
gadmin
....
...................................................................................................................................................................................................
To remove a semaphore, enter the following command:

ipcrm -s 29
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
11-13
Troubleshooting
....................................................................................................................................................................................................................................

When to use
Use this task to unlock the login to the 1350 OMS.

Related information

Before you begin
The login is blocked because of /alu/Kernel/data/.loginDB.lock file.

Task
Complete the following steps to unlock the login to the 1350 OMS.
...................................................................................................................................................................................................

...................................................................................................................................................................................................
Log in to the system as root user.

...................................................................................................................................................................................................
Log in as root and launch the following two commands to delete (rm) the loginDB.lock
file and to create an empty file:
rm /alu/Kernel/data/.loginDB.lock
echo > /alu/Kernel/data/.loginDB
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
11-14
Troubleshooting
Remote Commands
....................................................................................................................................................................................................................................
Remote Commands
Remotizer
The Remotizer application allows to execute a command on a remote host:

/alu/Kernel/etc/Remotizer.pl
<user>
RemoteExec <host> <unix command>
The IP address of the host must be defined in the file /etc/hosts .

For example: /alu/Kernel/etc/Remotizer.pl RemoteExec kaveri ll root
Note: this command can be used to execute commands with a different users (for
example to execute a command as root user instead of applicative user) on the local
host.
....................................................................................................................................................................................................................................
1350 OMS
11-15
Troubleshooting
....................................................................................................................................................................................................................................
When to use
Use this task if a node is added to the 1350 OMS system configuration.
Related information
Kerberos configuration is listed in the following file:

opt/krb5/krb.conf
Before you begin

Task
...................................................................................................................................................................................................
Activate a Terminal Window on the System server machine.

...................................................................................................................................................................................................
Log in into the system as root user.

...................................................................................................................................................................................................
Enter the following command:

/alcatel/Kernel/bin/SecureSetup.pl -resetKRB
Enter the following command for each node that you have to add:
/alcatel/Kernel/etc/HostDeclarer.pl -add <HOSTNAME>

/alcatel/Kernel/etc/ReapplyKerberosConf.pl
...................................................................................................................................................................................................
Verify if the node is added in the /opt/krb5/krb.conf file.

For example, on a presentation server, the /opt/krb5/krb.conf file must include at least
the presentation node and the master node.
Kerberos log files are the following:
/var/log/krb5kdc.log
/var/log/kadmin.log
/var/log/krb5lib.log
....................................................................................................................................................................................................................................
1350 OMS
11-16
Troubleshooting
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the following command to stop Kerberos services:

/sbin/init.d/krbsrv stop
Note: Ignore any warning messages.

...................................................................................................................................................................................................
Enter the following command to start Kerberos services:

/sbin/init.d/krbsrv start
If necessary, enter the following command to check the process:

ps -ef | grep kdcd
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
11-17
Troubleshooting
Overview
....................................................................................................................................................................................................................................

Overview
Purpose
This section collects problems that can arise during the system installation phase and
system customization phase.
Contents
11-19
11-21
....................................................................................................................................................................................................................................
1350 OMS
11-18
Troubleshooting
....................................................................................................................................................................................................................................

When to use
Use this task to troubleshoot 1350 OMS system license problems.

Related information

Before you begin

Task
Complete the following steps to troubleshoot 1350 OMS system license problems.
...................................................................................................................................................................................................
To determine if any problems exist with the product license, access and read the contents
of the following log file:
/usr/Systems/Global_Instance_9.5.0_Master/maintenance/log/pmc2.log
...................................................................................................................................................................................................
Upgrade the Go-Global and Kerberos licenses.

Connect to the tlvhho server:
http://tlvhho.vim.tlt.alcatel.it
Follow this path:

Validation > Tools > License server
The page shows the list of the license servers. In order to upgrade your machine, enter the
following information:
HOSTNAME (or the IP address)
USERNAME
PASSWORD
Select either ALL FILES, LICENCE FILE, or HOSTS FILE and click the Upgrade button.
Result: An example of the PMC log file follows:
<date/time stamp> ipb062 Global/PMC2: Requested Action [ startup_
sys ] through Command Line
<date/time stamp> ipb062 Global/PMC2: IMSERVER LICENSE: ERROR 1350_8_
CPU_HA_PLTFM#7.1 in 1350_1_CPU#7.1,1350_1_CPU_NR6_UPG#7.1,1350_1_
CPU_MNT#7.1,1350_2_CPU#7.1,1350_2_CPU_NR6_UPG#7.1,1 350_2_CPU_
....................................................................................................................................................................................................................................
1350 OMS
11-19
Troubleshooting
....................................................................................................................................................................................................................................
MNT#7.1,1350_4_CPU#7.1,1350_4_CPU_NR6_UPG#7.1,1350_4_CPU_MNT#7.1,
1350_6_CPU#7.1, 1350_6_CPU_NR6_UPG#7.1,1350_6_CPU_MNT#7.1,1350_8_
CPU#7.1,1350_8_CPU_NR6_UPG#7.1,1350_8_CPU_MNT#7.1
,1350_4_CPU_HA_NR6_UPG#7.1,1350_4_CPU_HA_PLTFM#7.1,1350_6_CPU_HA_NR6_
UPG#7.1,1350_6_CPU_HA_PLTFM# 7.1,1350_8_CPU_HA_NR6_UPG#7.1,1350_8_
CPU_HA_PLTFM#7.1
<date/time stamp> ipb062 Global/PMC2: IMSERVER System status change:
STOP --> WORKING
<date/time stamp> ipb062 Global/PMC2: IM LICENSE RESULT: command =
START system
- Execution denied and Force system shutdown
CAUSE: license library error
<date/time stamp> ipb062 Global/PMC2: IMSERVER System status change:
WORKING --> STOP
...................................................................................................................................................................................................
Enter the ping command to check the license server connection.

...................................................................................................................................................................................................
Determine if GO-Global uses a port that is different from Poseidon (27000).

...................................................................................................................................................................................................
Check the Poseidon license server upgrade and eventually restart. See Poseidon License
server restart.
...................................................................................................................................................................................................
Upgrade the Go-Global licence. See the GoGlobal Upgrade.

...................................................................................................................................................................................................
Restart the Kerberos application. Stop and start Kerberos services. See Kerberos
Configuration (p. 11-16) section.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
11-20
Troubleshooting
....................................................................................................................................................................................................................................

When to use
Use this task to remove the WDM component from the 1350 OMS.
Note: This work around can be used if the Remove.sh -product WDM official patch is
not available.
Related information

Before you begin

Task
Use this task to remove the WDM component from the 1350 OMS if the Remove.sh
-product WDM official patch is not available.
...................................................................................................................................................................................................
Open a terminal window on the system and login as root user.

...................................................................................................................................................................................................
Shut down the WDM application.

...................................................................................................................................................................................................
Verify that the platform_startup_daemon is not running by entering the following

command lines:
ps -ef|grep platform_startup_daemon|grep WDM
<NMS_INSTANCE_DIR>/WDM_PLATFORM/script/lt_stop_daemons .
Example:
/usr/Systems/WDM_3_9.5.0_Master/WDM_PLATFORM/script/lt_stop_
daemons
...................................................................................................................................................................................................
Enter the following command lines to run the RemoveWDM application:

<NMS_INSTANCE_DIR>/WDM_PLATFORM/install/RemoveWDM
Example:
. /usr/Systems/WDM_3_9.5.0_Master/WDM_PLATFORM/install/RemoveWDM
....................................................................................................................................................................................................................................
1350 OMS
11-21
Troubleshooting
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
Enter the following command lines to remove the NMS and NMA directories:
rm
rm
rm
rm
rm
rm
rm
rm
rm
rm
rm
rm
rm
rm
rm
rm
rm
rm
-rf
-rf
-rf
-rf
-rf
-rf
-rf
-rf
-rf
-rf
-rf
-rf
-rf
-rf
-rf
-rf
-rf
-rf
/alu/1350OMS9.5/NMS/WDM
/alu/1350OMS9.5/NMA/SONET_GUISERVER
/alu/1350OMS9.5/NMA/WDM_APPL
/alu/1350OMS9.5/NMA/WDM_DB
/alu/1350OMS9.5/NMA/WDM_GUISERVER
/alu/1350OMS9.5/NMA/WDM_GWS
/alu/1350OMS9.5/NMA/WDM_ORBIX
/alu/1350OMS9.5/NMA/WDM_PLATFORM
/alu/1350OMS9.5/NMA/WDM_REMOTE_EOMS
/alcatel/NMS/WDM
/alcatel/NMA/SONET_GUISERVER
/alcatel/NMA/WDM_APPL
/alcatel/NMA/WDM_DB
/alcatel/NMA/WDM_GUISERVER
/alcatel/NMA/WDM_GWS
/alcatel/NMA/WDM_ORBIX
/alcatel/NMA/WDM_PLATFORM
/alcatel/NMA/WDM_REMOTE_EOMS
...................................................................................................................................................................................................
Enter the following command line to run sw_target_adjuster:

/alcatel/INSTALLER/etc/sw_target_adjuster
...................................................................................................................................................................................................
Enter the following command line to remove the Info.cfg file:

rm -f /usr/Systems/WDM*Master/Kernel/conf/Info.cfg
...................................................................................................................................................................................................
Enter the following command line to remove WDM_DB directory:

rm -fr /usr/Systems/WDM_?/WDM_DB
E...................................................................................................................................................................................................
N D O F S T E P S
Important Notes
After the WDM application has been removed, continue to do the following:
Perform a new WDM installation, custom, and system configuration.

For an upgrade to the same WDM load, reload the same WDM using the following
commands:
cd /alu/Install_Wizard
....................................................................................................................................................................................................................................
1350 OMS
11-22
Troubleshooting
....................................................................................................................................................................................................................................
./Install.sh -force WDM
In the system configuration phase, the MIB value of ORACLE_DB should be set
always to NEW. The load-to-load upgrade operation is not supported.
....................................................................................................................................................................................................................................
1350 OMS
11-23
Troubleshooting
Troubleshoot Product Installation Failures (no space/file

busy)
....................................................................................................................................................................................................................................
When to use
Use this task if the installation of the 1350 OMS fails.

Related information

Before you begin

Task
Complete the following steps if the installation of the 1350 OMS fails.
...................................................................................................................................................................................................

...................................................................................................................................................................................................
Log in into the system as the root user.

...................................................................................................................................................................................................
If the problem that was encountered during installation was no space available, you will
need to extend the file system or the swap area.
To extend the file system, go to step Step 4.
To extend the swap area, go to step Step 5.
If you received the message
Access denied for remote hosts or local hosts during installation, go to
step Step 6.
...................................................................................................................................................................................................
If the problem encountered during installation was no space available, use the following
steps to extend a file system:
Enter the bdf command to get information about file system sizes.
To extend a file system, enter the following command line:
/SCINSTALL/bin/scextendfs <Filesystem name> <free disk space>
....................................................................................................................................................................................................................................
1350 OMS
11-24
Troubleshooting

busy)
....................................................................................................................................................................................................................................
Where:
<filesystem name> is the name of the file system to be extended.
<free disk space> is the total amount of disk space (in Megabytes) that will have
to be available after the scextendfs execution.
If the <filesystem name> does not exist, the command will create it.
According to the installation on the machine, keep following files controlled:
The core file in the maintenance/core directory.
The GEM server trace files under the EML instance directory.
The DB log (Mirror Area) under the EML instance directory:

/usr/Systems/<INSTANCE>>/MirrorArea/axadmin/arch/<hostname>-bin.*
Delete the .arc files if necessary.
The DB log (Mirror Area) under the SDH instance directory:

/usr/Systems/<INSTANCE>/MirrorArea/SDH_1-9.5.0/snml/arch
Example:
/usr/Systems/SDH_1_9.5.0_Master/MirrorArea/SDH_1-9.5.0/snml/arch
The DB log (Mirror Area) under the PKT instance directory:

/usr/Systems/<INSTANCE>/MirrorArea/PKT_1-9.5.0/bmm/arch
Example:
/usr/Systems/PKT_1_9.5.0_Master/MirrorArea/PKT_1-9.5.0/bmml
Note: After you extend the file system, remember to force the packages installation
with the -force parameter. For example:
Install <SDH/EML/PKT/...> -force
...................................................................................................................................................................................................
If the problem encountered during installation was no space available, use the following
steps to extend a swap area:
Enter the swapinfo -t command to get information about the swap area.
To extend the swap area, enter the following command:
scextendfs SWAP xxxx
Execute a ps -ef | grep xxxx to have the PID of the process that block the copy and
stop the process using the command kill -9.
....................................................................................................................................................................................................................................
1350 OMS
11-25
Troubleshooting

busy)
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
If you are installing a component from a local depot (and not the standard product
component repository) and you receive an
Access denied for remote hosts or local hosts message, verify the
security files that are authorizing access by remote hosts and users on local host.
For example, in the /.rhosts file, the line 151.98.28.227 root should be present.
This line allows the root user to execute any command on the 151.98.28.227 host.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
11-26
Troubleshooting
....................................................................................................................................................................................................................................

When to use
Use this task to upgrade the MW-OS application.

Related information

Before you begin

Task
Complete the following steps to upgrade the MW-OS application.

...................................................................................................................................................................................................
Enter the following command to remove 1350OMS-MW_OS:

swremove 1350OMS-MW_OS
...................................................................................................................................................................................................
Enter the following two commands to install 1350OMS-MW_OS:

swinstall -s <HOST_IPADDRESS>:<SW_DEPOT> 1350OMS-MW_OS,r=
<1350OMS-MW_OS PATCH>
/SCINSTALL/etc/scupgrade
Example:
swinstall -s 151.98.250.59:/alu/SWDEPOT_MW_OS81103 1350OMS-MW_OS,
r=9.5.0.03
Note: You must always specify the <SW_DEPOT> field; but; you can omit the
<1350OMS-MW_OS PATCH> field.
Example:
swinstall -s 151.98.250.59:/alu/SWDEPOT_MW_OS95003
In this case, the installation procedure takes the last 1350OMS-MW_OS PATCH that
is present in the specified <SW_DEPOT>.
However, in the <SW_DEPOT>, you can have more than one 1350OMS-MW_OS
PATCH patch; so you can force the installation of a specific 1350OMS-MW_OS
PATCH that is not necessarily the last patch.
Example: The following command will install 1350OMS-MW_OS PATCH 3 from
1350OMS-MW_OS PATCH 4 SW DEPOT:
....................................................................................................................................................................................................................................
1350 OMS
11-27
Troubleshooting
....................................................................................................................................................................................................................................
swinstall -s 151.98.250.59:/alu/SCDEPOT_MW_OS95004 1350OMS-MW_

OS,r=9.5.0.03
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
11-28
Troubleshooting
Configure and Test the Centralized User-DB in a Distributed

Environment
....................................................................................................................................................................................................................................

Environment
When to use
Use this task to configure and test the Centralized User-DB in a distributed environment.
With this task, only one machine belongs to the TMN configuration
(masters/presentations) that is running the User-DB. All other machines will authenticate
and perform user account management on this database.
Related information

Before you begin

Task
Complete the following steps to configure and test the Centralized User-DB in a
distributed environment.
...................................................................................................................................................................................................
Set up the Centralized User-DB on top of 1350OMS 9.1.0.8.6 and beyond.

Before installing any machine, create an option file (-opt_file), with the content that is
shown in the Option file (-opt_file) syntax (p. 11-30) and store it on the file system.
On each machine that belongs to the TMN configuration, run following command as root
user:
/alu/Kernel/bin/KernelCustomize -opt_file <Full Path Name of the
option file>
After you have run the previous command, run the Custom procedure, without any
special parameters, for all of the NMS Instances that are declared on the machine that you
are installing.
Note: SDH/NPR requires the execution of the Graphical System Config after each
customization.
Set up Centralized User-DB on top of 1350OMS 9.1.0.8.7.
This release differs from the previous release because the Centralized User-DB feature is
automatically configured; meaning, the option file is configured and stored in the fixed
path /alu/1350OMS9.1/Kernel/data/UserDBOptions.cfg The option file should be
present before running the Install_Wizard commands to upgrade/install the software.
....................................................................................................................................................................................................................................
1350 OMS
11-29
Troubleshooting

Environment
....................................................................................................................................................................................................................................
Note: If the path does not exist, create it as root user using the following command:
mkdir -p /alu/1350OMS9.1/Kernel/data/
...................................................................................................................................................................................................
To test the feature, configure the following:
One machine that is a pure presentation (for example, an EML client and an SDH
client)
One machine that is a pure master (for example, an EML master)
One machine that is a master for an application, but also includes clients of other
applications (for example, an SDH master plus and EML client)
Note: Each machine could be chosen to host the Centralized User-DB, even if it make
sense to have it on one master.
...................................................................................................................................................................................................
From the configuration that you created, perform the following basic tests:
1. As administrator, connect to each machine belonging to the TMN configuration.
2. Create a few new users. When creating the new users, include profile assignments.
3. For each newly created user, log in to each of the machines and verify that the profile
assignment menus that you enabled for the particular user are available. Base the
verification on the same content that is in the Distributed Configuration. Problems
related to profile content are not impacted by this feature.
4. Backup/Restore the users.
Other tests can be extended to have an exhaustive coverage of the features; but, the tests
that are provided in this step cover the tests that are not done in a security environment
(profile administration).
E...................................................................................................................................................................................................
N D O F S T E P S
Option file (-opt_file) syntax
The syntax of the option file for the Centralized User-DB feature is as follows:
SECTION: INDEX
GLOBAL_SERVICE: USER_LDAP_SERVER_HOST
GLOBAL_SERVICE: USER_LDAP_SPARE_HOST
GLOBAL_SERVICE: USER_LDAP_DOMAIN_SUFFIX
GLOBAL_SERVICE: USER_LDAP_DOMAIN_ADMINGROUP
GLOBAL_SERVICE: USER_LDAP_DOMAIN_ROOTDN
GLOBAL_SERVICE: USER_LDAP_DOMAIN_ROOTPW
GLOBAL_SOCKET: USER_LDAP_SERVER_SOCKET_PORT
GLOBAL_SOCKET: USER_LDAP_SERVER_SSL_PORT
GLOBAL_SOCKET: USER_LDAP_SPARE_SOCKET_PORT
....................................................................................................................................................................................................................................
1350 OMS
11-30
Troubleshooting

Environment
....................................................................................................................................................................................................................................
GLOBAL_SOCKET: USER_LDAP_SPARE_SSL_PORT
SECTION_END:
SECTION: USER_LDAP_SERVER_HOST
SERVICE_VALUE: <LDAP SERVER IP ADDRESS>
KEYWORD_NAME: USER_LDAP_SERVER_HOST
SECTION_END:
SECTION: USER_LDAP_SPARE_HOST
SERVICE_VALUE:<NMS_LOCAL_IPADDRESS>
KEYWORD_NAME: USER_LDAP_SPARE_HOST
SECTION_END:
SECTION: USER_LDAP_DOMAIN_SUFFIX
SERVICE_VALUE: dc=alcatel,dc=com
KEYWORD_NAME: USER_LDAP_DOMAIN_SUFFIX
SECTION_END:
SECTION: USER_LDAP_DOMAIN_ADMINGROUP
SERVICE_VALUE: AdminGroup
KEYWORD_NAME: USER_LDAP_DOMAIN_ADMINGROUP
SECTION_END:
SECTION: USER_LDAP_DOMAIN_ROOTDN
SERVICE_VALUE: LdapMgr
KEYWORD_NAME: USER_LDAP_DOMAIN_ROOTDN
SECTION_END:
SECTION: USER_LDAP_DOMAIN_ROOTPW
SERVICE_VALUE: mGr*LDAP
KEYWORD_NAME: USER_LDAP_DOMAIN_ROOTPW
SECTION_END:
SECTION: USER_LDAP_SERVER_SOCKET_PORT
SERVICE_NUMBER:<LDAP PORT NUMBER>
SERVICE_NAME: ldap
KEYWORD_NAME: USER_LDAP_SERVER_SOCKET_PORT
SECTION_END:
SECTION: USER_LDAP_SERVER_SSL_PORT
SERVICE_NUMBER:<LDAP SSL PORT NUMBER>
SERVICE_NAME: ldaptls
KEYWORD_NAME: USER_LDAP_SERVER_SSL_PORT
SECTION_END:
SECTION: USER_LDAP_SPARE_SOCKET_PORT
SERVICE_NAME: spareldap
KEYWORD_NAME: USER_LDAP_SPARE_SOCKET_PORT
SECTION_END:
SECTION: USER_LDAP_SPARE_SSL_PORT
SERVICE_NAME: spareldaptls
KEYWORD_NAME: USER_LDAP_SPARE_SSL_PORT
SECTION_END:
....................................................................................................................................................................................................................................
1350 OMS
11-31
Troubleshooting

Environment
....................................................................................................................................................................................................................................
Note: The parameters that you must specify values for are the following:
<LDAP SERVER IPADDRESS> is the IP address of the machine that acts/runs the
Centralized User-DB.
<LDAP PORT NUMBER> is the ldap socket port used by the LDAP that is acting as
the Centralized User-DB.
<LDAP SSL PORT NUMBER> is the ldap SSL socket port that is used by the LDAP
that is acting as the Centralized User-DB

If you do not know which port numbers to use, use the port numbers that other
applications are currently not using on the server. Check the /etc/services file for the
full list of port numbers that are currently in use. If you want to assign port numbers
before you install the machine, we recommend that you use the following ports
because they are typically free of IANA port number assignments:
<LDAP PORT NUMBER> : 4992
<LDAP SSL PORT NUMBER> : 4993
Note: Beginning with the 1350OMS 9.1.0.8.7 release, a template of the option file is
available as:
/alu/Install_Wizard/etc/UserDBOptions.cfg.template
This template must be customized with the specific host and ports values.
....................................................................................................................................................................................................................................
1350 OMS
11-32
Troubleshooting
Overview
....................................................................................................................................................................................................................................
Overview
Purpose
This section contains procedures that are useful for 1350 OMS product customizations.
Contents
11-34
Perform a Manual Customization/De-customization (without using the Install

Wizard)
11-36
11-38
11-40
....................................................................................................................................................................................................................................
1350 OMS
11-33
Troubleshooting
Customize a 1350 OMS Component while Other Components

Are Running
....................................................................................................................................................................................................................................

Are Running
When to use
Use this task to customize a 1350 OMS component while other components are running.
Related information

Before you begin

Task
...................................................................................................................................................................................................
To stop processes via the Web Desktop, use the PMC.

To stop processes via the shell, use following commands:
/alu/Kernel/etc/pmc2im
EML 1-9.5.0 shutdown_sys

SDH 1-9.5.0 shutdown_sys
PKT 1-9.5.0 shutdown_sys
EOMS 1-9.5.0 shutdown_sys
To verify that no applications are active, enter the following commands :

ps
ps
ps
ps
- ef
-ef
-ef
-ef
|
|
|
|
grep
grep
grep
grep
axadmin for EML

snml for SDH
bmml for PKT
oms for EOMS
...................................................................................................................................................................................................
Enter the following commands to check for an instance of EML:

alu/Kernel/etc/pmc2im EML 1-9.5.0 check
echo $?
0
1
2
4
-->
-->
-->
-->
RUN
WRONG
STOP
CHANGE in progress
...................................................................................................................................................................................................
Enter the following commands to de-custom the application:

/alu/Kernel/script/Decustom EML 1-9.5.0
/alu/Kernel/script/Decustom SDH 1-9.5.0
/alu/Kernel/script/Decustom PKT 1-9.5.0
....................................................................................................................................................................................................................................
1350 OMS
11-34
Troubleshooting

Are Running
....................................................................................................................................................................................................................................
/alu/Kernel/script/Decustom EOMS 1-9.5.0

...................................................................................................................................................................................................
Enter the following command to de-custom the Kernel application:

/alu/Kernel/script/KernelDecustomize
...................................................................................................................................................................................................
Enter the following commands to clean instances directories:

rm
rm
rm
rm
rm
-Rf
-Rf
-Rf
-Rf
-Rf
/usr/Systems/EML_1*
/usr/Systems/SDH_1*
/usr/Systems/PKT_1*
/usr/Systems/EOMS_1*
/usr/Systems/Global*
...................................................................................................................................................................................................
Enter the following commands to restore /etc/services

diff /etc/services
/alu/Kernel/data/services.base
cp /alu/Kernel/data/services.base /etc/services
...................................................................................................................................................................................................
Enter the following commands to run a re-installation using Install Wizard:

cd /alu/Install_Wizard/
./Install -Upgrade_All
< -fast >
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
11-35
Troubleshooting
Perform a Manual Customization/De-customization (without

using the Install Wizard)
....................................................................................................................................................................................................................................

When to use
Use this task to perform a manual customization/de-customization (without using the

Install Wizard).
Related information

Before you begin

Task
Complete the following steps to perform a manual customization/de-customization

(without using the Install Wizard).
...................................................................................................................................................................................................
Enter the following command to customize a component:

/alu/<NR>/Kernel/script/Custom -prd <SYSTEM>-ver <VERSION> -inst
<INSTANCE> -role <ROLE> -name <NAME> -mhost <MASTER HOST NAME> mtype <KERNEL TYPE> -drv <DRIVER VERSION> -nointeractive -lang
<LANGUAGE>
Example:
To customize EML_1-9.5.0, running on host ipb228:
/alu/Kernel/script/Custom -prd EML -ver 9.5.0 -inst 1 -role
Master -name EML_1 -mhost ipb228 -mtype OS-KERNEL -drv 3.0 nointeractive -lang en_US
...................................................................................................................................................................................................
Enter the following command to de-customize a component:

/alu/>NR>/Kernel/script/Decustom <SYSTEM> <INSTANCE-VERSION>
Example:
For NPR 1-9.5.0 running on host ipb227:
:/alu/Kernel/script/Decustom NPR 1-9.5.0
In addition, enter the following command to clean the file system:

rm -Rf NPR_1 NPR_1-9.5.0 NPR_1_9.5.0_Master
....................................................................................................................................................................................................................................
1350 OMS
11-36
Troubleshooting

....................................................................................................................................................................................................................................
Ignore messages that are similar to the following:

: rm: directory maintenance not removed.
Cannot remove current directory or a mount point
rm: directory NPR_1_9.5.0_Master not removed.
Cannot remove current directory or a mount point.
To verify if the de-customization has been executed with success, verify that the
NMS-SYSTEM is not present in /alcatel/Kernel/data/TOC.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
11-37
Troubleshooting
....................................................................................................................................................................................................................................

When to use
Use this task to perform a fast customization of the MS-GUI package.

Important! To save time, use this task when a new MS-GUI version or patch has to be
installed, customized, and configured on a 1350 OMS system to avoid doing a full 1350
OMS re-customization and re-configuration.
Related information

Before you begin

Task
Complete the following steps to perform a fast customization of the MS-GUI package.
...................................................................................................................................................................................................
Log in to the server as root user.

...................................................................................................................................................................................................
Download the MSGUI software packages from the depot directory /alu/DEPOT.
...................................................................................................................................................................................................
Enter the following commands to install the new MS-GUI package.

Example:
For 1350 OMS 9.5:
alu/1350OMS9.5.0/INSTALLER/Install 1350OMS `hostname` /
file=/alu/DEPOT/1350OMS_MSGUI_INT_<version>_ALL.tar.gz
interactive=no
/alu/1350OMS9.5.0/INSTALLER/Install 1350OMS `hostname` /
file=/alu/DEPOT/1350OMS_MSGUI_INT_<version>.tar.gz interactive=no
...................................................................................................................................................................................................
Enter the following command line to customize and configure the MS-GUI:
cd /alu/Install_Wizard/etc/1350_ConfigMSGUI.sh
...................................................................................................................................................................................................
When the customization and configuration phase is finished, enter the following
command line on the master machine to re-enable the navigation to the EML external
application:
....................................................................................................................................................................................................................................
1350 OMS
11-38
Troubleshooting
....................................................................................................................................................................................................................................
/alu/Kernel/bin/CustomNavigations.pl -sys EML -inst 1-9.5.0 isys EML -iinst 1-9.5.0
Note: In this example, the EML instance is 1.

E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
11-39
Troubleshooting
....................................................................................................................................................................................................................................

When to use
Use this task to customize WDM so it excludes the remote eOMS.

Related information

Before you begin

Task
Complete the following step to customize WDM so it excludes the remote eOMS.
...................................................................................................................................................................................................
In the Customization form, select the following parameter options:

CUST_TYPE : PARTIAL
REMOTE EOMS : NO
Result: By specifying these parameters, WDM is customized so the remote EOMS is
excluded from the WDM customization and from the system config subsystem list.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
11-40
Troubleshooting
....................................................................................................................................................................................................................................

The processes of a product cannot be displayed on client PMC GUI.
Verify the system date of the client PC. The problem arises if the client system date and
time differs for more than five minutes from the master system date and time.
Use the Control Panel -> Date and time to change the client system date and time.
Do not change the Master data and time.
Error while creating connection with pmc gui server
The problem can be solved using a work around restarting the pmc2 gui server :
pmcgs.jar (as reported on the message warning attached)
For example, if its PID is 5270:
root 5270 1 0 Feb 26 ? 9:34 /opt/java1.5/jre/bin/PA_RISC2.0/java cp :./pmcgs.jar:/alu/1350OMS9.5/Kernel/lib/lib_java/krb5
Execute the following command:

# kill -9 5270
Verify that the process is in listen (new PID = 21488):

# /alu/Kernel/bin/lsof -P| grep TCP | grep 21488 java
70u IPv4 0x92554200 0t0 TCP *:5007 (LISTEN) !
21488 root
PMC GUI becomes empty
If the PMC becomes empty, the tree displayed disappears and it does not respond to
commands.
To delete the application, open the Task Manager application using
<ctrl>+<Alt>+<Delete> and terminate the task by selecting it from the list.
....................................................................................................................................................................................................................................
1350 OMS
11-41
Troubleshooting
....................................................................................................................................................................................................................................
VIEW permission denied for system services or product
If the VIEW permission is denied, the two possible causes are the following:
The user has tried to open the Process Monitor GUI too quickly and the system could
be still managing the security configuration structures. Retry to open the Process
Monitor GUI after a few seconds.
If the problem still occurs, some ldap database structure could be damaged. If the
problem is related to the Global Instance, a work around could be to rebuild the
Global Instance ldap database.
Otherwise, if the problem is related to a specific process instance (e.g. EML_1,
SDH_1, PKT_1, ....), a work around would be to rebuild the process ldap database.
If the problem is related to more than one system, rebuild the entire ldap database.
A product Process Monitor cannot be displayed (double semaphores)
The pmc2im product cannot be stopped because a duplicate semaphore is in the file
/alu/Kernel/data/Semaphores.cfg. This problem has been fixed in delivery 1350 OMS
90075 and beyond. To work around the problem, do the following:
...................................................................................................................................................................................................
Edit the /alu/Kernel/data/Semaphores.cfg file to change the duplicated value with a new
one.
For example PMC2_EOMS_1-9.5.0: 7187
In this case, the product and the instance involved are EOMS_1. (PR_IS in the text.)
...................................................................................................................................................................................................
Make the following corrections in the /usr/Systems/<PR_IS>/Kernel/data/INDEX file:

Change:
PMC2_SEM_KEY:<old value>
To:
PMC2_SEM_KEY:<new value>
For example, in the /usr/Systems/EOMS_1/Kernel/data/INDEX file:

PMC2_SEM_KEY: 7187
...................................................................................................................................................................................................
Make the following corrections in the /usr/Systems/<PR_IS>/PMC2/script/pmc2im

file:
Change:
export MNGAGE_SEM_KEY=<old value>
To:
....................................................................................................................................................................................................................................
1350 OMS
11-42
Troubleshooting
....................................................................................................................................................................................................................................
export MNGAGE_SEM_KEY=<new value>
For example, in the /usr/Systems/EOMS_1/PMC2/script/pmc2im file:

export MNGAGE_SEM_KEY=7187
...................................................................................................................................................................................................
Enter the following commands to restart the pmc2im product:

StopPmc2Im
StartPmc2Im
...................................................................................................................................................................................................
Make the following corrections in the /usr/Systems/<PS_IS>//Kernel/data/semaphores

file:
Change:
PMC2_<PR_IS>:<old value>
To:
PMC2_<PR_IS>:<new value>
....................................................................................................................................................................................................................................
1350 OMS
11-43
Troubleshooting
SAS, UDM, LDAP
....................................................................................................................................................................................................................................
SAS, UDM, LDAP

Clean (or rebuild) the LDAP database
The procedure /alu/Install_Wizard/etc/ResetDB.sh cleans the LDAP database. It can be

used before a system configuration. The procedure /alu/Install_Wizard/etc/ResetDB.sh
-p is used to rebuild the LDAP database. It can be used with or without the product
running. The status of services do not affect the procedure.
...................................................................................................................................................................................................
To clean and repopulate ONLY the Global Instance database, enter the following
commands as the root user:
cd /usr/Systems/Global_Instance/LDAP
./script/Stop_LDAP_Service
rm -f data/db/*
/usr/sbin/slapadd -f conf/slapd.conf -l data/ldap_entry.ldif
find . -name /*.imported | /usr/local/bin/perl -ne 'chomp;$t=$_;s/
imported/import/;rename($t,$_)'
cp -p conf/DB_CONFIG data/db/
./script/Start_LDAP_Service
cd ../SEC/repository
find . -name /*.fad.imported | /usr/local/bin/perl -ne 'chomp;$t=$_;
s/fad.imported/fad/;rename($t,$_)'
cd ../integration/script
/configSEC.pl Global Instance version
...................................................................................................................................................................................................
To clean and repopulate ONLY a product Instance database, enter the following
commands as the root user:
If EML_1 is the current EML instance, NMS_USER is axadmin (password is 1353sh); if
SDH_1 is the current SDH instance, NMS_USER is snml (password is system1); if
PKT_1 is the current PKT instance, NMS_USER is bmml (password is system1); if
WDM_1 is the current WDM instance, NMS_USER is wdm (password is lucent!123); if
EOMS_1 is the current EOMS instance, NMS_USER is oms (password is lucent!123).
cd /usr/Systems/<current instance>/LDAP
./script/Stop_LDAP_Service
rm -f data/db/*
/usr/sbin/slapadd -f conf/slapd.conf -l data/ldap_entry.ldif
cp -p conf/DB_CONFIG data/db/
./script/Start_LDAP_Service
....................................................................................................................................................................................................................................
1350 OMS
11-44
Troubleshooting
SAS, UDM, LDAP
....................................................................................................................................................................................................................................
cd ../SEC/repository
find . -name /*.fad.imported | /usr/local/bin/perl -ne 'chomp;$t=$_;
s/fad.imported/fad/;rename($t,$_)'
su <NMS_USER>
cd ../integration/script
./configSEC.pl <system> <instance with version>
exit
Export the LDAP database
The LDAP database is stored as backup with the operator data type, so perform an
operator backup for any OS instance, to have a copy of all existing LDAP databases.
To restore a corrupted LDAP database, perform an operator restore, if a backup was
previously done. For this reason, we strongly recommended to perform an operator
backup, when the OS instances are working well.
To transfer the LDAP database to a safer place, enter the following command to get the
entire tree content of the following directory. Enter the following command for each
EML, SDH, PTK, and EOMS instance.
/usr/Systems/<instance>/BackupArea/.Operator
For example, using the EML instance:

/usr/Systems/EML_1_9.5.0_Master/BackupArea/.Operator
A LDAP database manual backup without using SMF backup tool, can be done by
entering the following commands as root user:
# cd /usr/Systems/EML_1_9.5.0_Master/LDAP/data/export/
# rm ExportedLDAPDB.ldif.gz ExportedUserDB.ldif.gz
# /usr/Systems/EML_1_9.5.0_Master/LDAP/script/ExportImportLdapDb.pl
export EML_1_9.5.0 notinteract
The lastest LDAP backup files are the following

/usr/Systems/EML_1_9.5.0_Master/LDAP/data/export/ExportedLDAPDB.ldif.gz
/usr/Systems/EML_1_9.5.0_Master/LDAP/data/export/ExportedUserDB.ldif.gz
Add a user defined in the LDAP to the AdminGroup group
Use the following steps to add a user defined in LDAP to the AdminGroup group:
...................................................................................................................................................................................................
Create the file to be imported (import.ldif), with the list of users to add to the
AdminGroup:
....................................................................................................................................................................................................................................
1350 OMS
11-45
Troubleshooting
SAS, UDM, LDAP
....................................................................................................................................................................................................................................
dn:cn=AdminGroup,dc=alcatel,dc=com
objectClass: groupOfNames
member: cn=alcatel
member: cn=admin
[add other users if needed]
cn: AdminGroup
...................................................................................................................................................................................................
Enter the following command to edit the content of AdminGroup:

/usr/bin/ldapmodify -D cn=LdapMgr,dc=alcatel,dc=com -p <LDAP_SERVER_
SOCKET_PORT> -h <LDAP_SERVER_HOST> -w mGr*LDAP -f import.ldif x -v
....................................................................................................................................................................................................................................
1350 OMS
11-46
Troubleshooting
....................................................................................................................................................................................................................................

Java Web Start console
How to display the Java Web Start Console

1. For the Windows operating system, launch the javaws shell by entering the following
command:
javaws
2. For HP/UX Operating System, log on as the alcatel user and launch the javaws
shell by entering the following command:
/opt/java1.5/bin/javaws
How to set the javaws traces to display the Java Web Start Console (both Windows
and HP/UX)
1. Open the Edit menu.
2. Click on Preferences.
3. On the Java Control Panel click on Advanced.
On the debugging node, select the following:
Enable Tracing
Enable Logging
4. On the Java Console node, select Show Console.
Java Web Start Console logs
Windows Operating System:

C:/Documents and Settings/<user>/Application Data/Sun/Java/Deployment/log
HP/UX Operating System:
/users/alcatel/.java/deployment/log
Problem with Authentication Services
If a problem is due to LDAP database corruption, do the following:
The procedure /alu/Install_Wizard/etc/ResetDB.sh cleans the LDAP database. It can

be used before a system configuration.
The procedure /alu/Install_Wizard/etc/ResetDB.sh -p rebuilds the LDAP database.

It can be used with or without the product running. The status of services do not affect
the procedure.
User inactivity portal closure
To prevent the LSM portal closure due to user inactivity on Web Desktop, modify one of
the following properties of LSM on the Master station:
Edit the file /usr/Systems/Global_Instance/WebDesktop/SSO_LSM/config/param.cfg
modifying one of the following parameters:
....................................................................................................................................................................................................................................
1350 OMS
11-47
Troubleshooting
....................................................................................................................................................................................................................................
# disable or enable the user inactivity check

USE_INACTIVITY False or True
# Inactivity duration in minutes
INACTIVITY_DURATION number
# Inactivity duration during login phase in minutes
INACTIVITY_LOGIN_DURATION number
Common login problems to start the Web Desktop
The following sections provide several reasons why a new Web Desktop instance cannot
start.
Dirty process on client
If a dirty process exists on the client, the Web Desktop login dialog is not displayed.
Check on the client PC to determine if an old java instance, perl instance, or cmd instance
is running and terminate ( kill) them.
The user forgot a password
Important! Do not use this procedure to remove the user password.

The user, logged as alcatel user, can always change the alcatel password by entering the
following command lines:
cd /usr/Systems/Global_Instance_9.5.0_Master/SEC/script/
./run_usergui.pl
(login integrator / password integrator)

The User Account management window is displayed:
....................................................................................................................................................................................................................................
1350 OMS
11-48
Troubleshooting
....................................................................................................................................................................................................................................
Select the user alcatel in the tree on the left panel and click on the Set Password
button on the bottom of the window. Enter and confirm the new password in the popup
window and confirm it with the Change button.
Execute the following command line to find the PID for SAS process.
ps -ef|grep DSAS|grep -v grep
Execute the following command:

kill -9 PID
Where: PID is the pid of the SAS process that was previously found.
....................................................................................................................................................................................................................................
1350 OMS
11-49
Troubleshooting
....................................................................................................................................................................................................................................
UDM problems
If you receive the following message under other windows and you do not acknowledge
this message, the Web Portal cannot be displayed:
UDM manager is not responding, user preference can not be loaded.
Note: Sometimes the UDM server does not respond even if it is running correctly.
Many times, you can remove the UDM problem by scratching the UDM persistency
files; but, be aware that this operation will remove all user settings:
/usr/Systems/Global_Instance/WACOMO/udm/udmrt/script/Stop_UDM_
Service
cd /usr/Systems/Global_Instance/WACOMO/udm/data/persistency/
rm -rf *
/usr/Systems/Global_Instance/WACOMO/udm/udmrt/script/Start_
UDM_Service
The UDM should now be able to get user connections.

Process blocked on a port
Enter the following command to determine which process uses a port (for example.
ssoLsmPort):
lsof | grep TCP | grep ssoLsmPort
If sockets are blocked on LISTEN:

lsof | grep TCP | grep ssoLsmPort | grep LISTEN | while read uno
pid due;
do kill -9 $pid; done
If blocked on a port (for example: ssoLsmPort):

lsof | grep TCP | grep ssoLsmPort | while
kill -9 $pid; done
read uno pid due; do
Also see Application does not start (needs an already used port) (p. 11-65).
User <user name> not authenticated
If the following message is displayed:

User alcatel not authenticaed. Please retry.
The problem is due to one of the following
The password is not correct. Please verify it.

The LDAP database is corrupt. See SAS, UDM, LDAP (p. 11-44) to clean/rebuild
the database.
....................................................................................................................................................................................................................................
1350 OMS
11-50
Troubleshooting
....................................................................................................................................................................................................................................
SSO Password Policy
Password settings can be changed using the following configuration file:

/alu/NMC/SSO//SSO/servers/sas/config/sec/pwdpolicy.properties
The instance is on the following:
/usr/Systems/Global_Instance/SSO/sas/config/sec/pwdpolicy.properties
The Web Portal must be able to access these settings, so configure the following in the
SSO param.cfg file:
/alu/NMC/SSO_INT//templates/osktemplate/servers/sas/config/param.cfg
The instance is on the following:
/usr/Systems/Global_Instance/SSO/sas/config/param.cfg
Make the following change:
Change:
DEFAULT_PASSWORD_POLICY "cn=defaultPwdPolicy"
To:
DEFAULT_PASSWORD_POLICY "file:pwdpolicy.properties"
If you modify the instance files, you must activate the modifications using the following
procedure::
Exit from all open Web Portals.
Stop and restart the SAS process using following commands:

/usr/Systems/Global_Instance/SSO/sas/script/Stop_SAS_Service
/usr/Systems/Global_Instance/SSO/sas/script/Start_SAS_Service
The pwdpolicy.properties file, with the default content, follows:

#
#
#
#
#
#
#
#
#
#
#
#
#
#
----------------------#
DefaultPasswordPolicy #
----------------------#
The following parameters are used to define a password policy.
This one can then be populated into LDAP using policy.pl
tool and references by DEFAULT_PASSWORD_POLICY parameters.
However, this file can be also directly referenced by
DEFAULT_PASSWORD_POLICY to be used as default password policy by
SAS.
IMPORTANT NOTICE:
In case this file is directly referenced, it is found in
the order specified in the classpath parameter
of the java command. The default order where this file should be
found
(as defined in the classpath used in the start_sas.pl script) is:
1) in /sas/config
....................................................................................................................................................................................................................................
1350 OMS
11-51
Troubleshooting
....................................................................................................................................................................................................................................
# 2) in /data/server
# 3) in /sas/template/config
#
# Therefore, if you are using SEC, you should just check that /data/
server/.properties
# points to the correct SEC Server file or LDAP entry (this insures
that the exact same
# policy is used for SEC and for AWP Change Password feature).
# Otherwise you can just copy this file into /sas/config
# and modify it according to your requirements.
# DefaultPasswordPolicy parameters:
# ----------#
# MinLength #
# ----------#
# minimum number of mandatory charaters in the password
# The value can be specified either using the historical SEC
parameter
# or the new password policy parameter built from the LDAP schema.
# If both are specified, only the historical SEC paramater will be
# taken into account.
# Hardcoded value is 8
#com.alcatel.almap.sec.defaultPasswordPolicy.MinLength =8
almapPwdPolicy.almapPwdMinLength=8
# ----------#
# MinDigits #
# ----------#
# number of digits mandatory in the password
parameter
#com.alcatel.almap.sec.defaultPasswordPolicy.MinDigits=1
almapPwdPolicy.almapPwdMinDigit=1
# -----------#
# MinLetters #
# -----------#
# number of letters (uppercase or lowercase) mandatory in the
password
parameter
# The paramater almapPwdPolicy.almapPwdMinLetter can also be used
#com.alcatel.almap.sec.defaultPasswordPolicy.MinLetters=4
almapPwdPolicy.almapPwdMinLetter=4
# ------------#
....................................................................................................................................................................................................................................
1350 OMS
11-52
Troubleshooting
....................................................................................................................................................................................................................................
#
#
#
#
MinSpecials #
------------#
number of special characters mandatory in the password
The value can be specified either using the historical SEC
parameter
# The special characters list is specified in parameter
# almapPwdPolicy.almapPwdSpecialCharList.
#com.alcatel.almap.sec.defaultPasswordPolicy.MinSpecials=2
almapPwdPolicy.almapPwdMinSpecial=2
# ------------------------#
# almapPwdSpecialCharList #
# ------------------------#
# list of characters that should be considered as special
# when enforcing a minimum number of special characters policy (see
# almapPwdMinSpecial)
# WARNING : for specific / and " character, do not forget to preceed
it by a /
# Hardcoded value is `~!@#$%
&*()_+-={}|[]/:";'<>?,./
almapPwdPolicy.almapPwdSpecialCharList=`~!@#$%
&*()_+-={}|[]//:/";'<>?,./
# ---------------#
# MinUppperCases #
# ---------------#
# number of letters in upper case mandatory in the password
parameter
#com.alcatel.almap.sec.defaultPasswordPolicy.MinUppperCases=1
almapPwdPolicy.almapPwdMinUpperCase=1
# --------------#
# MinLowerCases #
# --------------#
# number of letters in lower case mandatory in the password
parameter
#com.alcatel.almap.sec.defaultPasswordPolicy.MinLowerCases=1
almapPwdPolicy.almapPwdMinLowerCase=1
# --------------------------#
....................................................................................................................................................................................................................................
1350 OMS
11-53
Troubleshooting
....................................................................................................................................................................................................................................
# almapPwdNbConsecutiveChar #
# --------------------------#
# maximum number of consecutive characters that can
# be used in a password. If value is set to 0,
# no restriction will apply.
almapPwdPolicy.almapPwdNbConsecutiveChar=2
# -------------------------#
# almapPwdNoUidCombination #
# -------------------------#
# indicates if the password can or cannot be a case-independent
# re-arrangement of the letters composing the user id (e.g. if the
user id is
# "hantz", the password can or cannot be "ZaNth".
# Hardcoded value is false
almapPwdPolicy.almapPwdNoUidCombination=false
# ----------------------#
# almapPwdMayContainUid #
# ----------------------#
# indicates if the password can or cannot contain
# (case-independently) the user id (e.g. if the user id is
# "hantz", the password can or cannot be "pwdHAnTZ01".
# Hardcoded value is true
almapPwdPolicy.almapPwdMayContainUid=true
# ------------------#
# almapPwdInHistory #
# ------------------#
# maximum number of used passwords stored in the password
# history. If value is 0, used password are not stored
# and may be reused.
almapPwdPolicy.almapPwdInHistory=5
# ---------------#
# almapPwdMinAge #
# ---------------#
# Number of seconds that must elapse since the previous
modification
# before the password can be changed again
# Hardcoded value is 86400 seconds (1 day)
almapPwdPolicy.almapPwdMinAge=86400
# ---------------#
# almapPwdMaxAge #
# ---------------#
# number of seconds after which a modified password will expire.
# If the value is set to 0, the password does not expire.
# the value must be greater than or equal to the value of
almapPwdMinAge
# Hardcoded value is 7776000 seconds (90 days)
almapPwdPolicy.almapPwdMaxAge=7776000
....................................................................................................................................................................................................................................
1350 OMS
11-54
Troubleshooting
....................................................................................................................................................................................................................................
#
#
#
#
----------------------#
almapPwdExpireWarning #
----------------------#
number of seconds which is the period before a password is due to
expire.
# During this period (expirationDate - almapPwdExpireWarning), the
user
# will be notified at login that his password will expire soon and
that
# he should change it. Note that the value must be less than
almapPwdMaxAge.
# If the value is 0, then no warning will be issued before the
password
# expires.
# Hardcoded value is 2592000 (30 days)
almapPwdPolicy.almapPwdExpireWarning=2592000
# -----------------------------#
# almapPwdExpirationGraceDelay #
# -----------------------------#
# number of seconds after a password expiration during which the
user will
# still be allowed to login but will be forced to change his
password.
# After password expiration + grace delay (grace delay can be 0),
# the account is automatically locked,
# Hardcoded value is 1296000 (15 days)
almapPwdPolicy.almapPwdExpirationGraceDelay=1296000
# -------------------#
# almapPwdMaxFailure #
# -------------------#
# number of consecutive failed authentication attempts after which
the
# authentication is locked.
almapPwdPolicy.almapPwdMaxFailure=5
# -----------------------------#
# almapPwdFailureCountInterval #
# -----------------------------#
# Amount of time in seconds after which the authentication failure
attempt
# number is reset, even though no successful authentication
occurred.
# If the value is set to 0, the failure attempt number is only reset
by
# a successful authentication.
# Hardcoded value is 300 (5 minutes)
almapPwdPolicy.almapPwdFailureCountInterval=300
# ------------------------#
# almapPwdLockoutDuration #
# ------------------------#
....................................................................................................................................................................................................................................
1350 OMS
11-55
Troubleshooting
....................................................................................................................................................................................................................................
# Amount of time in seconds during which the password cannot be use

to
authenticate.
# If the value is set to 0, a reset of the administrator is
requested.
# Hardcoded value is 300 (5 minutes)
almapPwdPolicy.almapPwdLockoutDuration=300
# ------------------------#
# almapPwdMaxUnusedPeriod #
# ------------------------#
# Maximum amount of time in seconds after which, if no session has
been
opened,
# the password will be automatically locked.
almapPwdPolicy.almapPwdMaxUnusedPeriod=0
# ------------------#
# almapPwdAttribute #
# ------------------#
# the name of the attribute used as a password.
# Hardcoded value is userPassword
almapPwdPolicy.almapPwdAttribute=userpassword
# -------------------#
# almapPwdEncryption #
# -------------------#
# Indicates if the password should be encrypted or not before
# storing it into the LDAP directory
# Hardcoded value is true
almapPwdPolicy.almapPwdEncryption=true
# -----------------------#
# almapPwdMinDifferences #
# -----------------------#
# number of Differents in a number of character positions in the
password from
the last one
#almapPwdPolicy.almapPwdMinDifferences=2
almapPwdPolicy.almapPwdMinDifferences=2
....................................................................................................................................................................................................................................
1350 OMS
11-56
Troubleshooting
....................................................................................................................................................................................................................................

Procedure
The inability to connect to the Authentication Server occurs when trying to open a Web
Desktop session.
When you cannot connect to the Authentication Server, note the following possible
reasons:
The SAS, LDAP, or Security server application is not running.

If the server is not running:
The SAS server application is not running. Enter the following command to verify
that the server application is running:
ps -ef | grep SAS
LDAP server applications are not running. Enter the following command to verify
that the server application is running:
ps -ef | grep slapd.
An slapd for each product and one for the global instance should be running.
Security Server applications are not running Enter the following command to
verify that the server application is running:
ps -ef | grep SecServer.
A Security Server for each product should be running.
Any hook application cannot be started.
See the following trace file:
/usr/Systems/Global_Instance/maintenance/trace/sas.hooks.trace.
The /usr/Systems/Global_Instance/SSO/sas/config/hooks/StartSession.cfg file
defines the list of hook applications that must be started in order to start a session. The
start session will be blocked for the commands that are not launched in the
background mode.
No space is available.
Space might not be available for the following file system and some processes cannot
write their trace/log files and are aborting.
/usr/Systems/<product>/maintenace
/usr/Systems/Global_Instance_9.5.0_Master
Determine the percentage of free space, which must be at least 95%, with the
following command:
bdf | grep System.
nspd has been restarted.
The system could have restarted the nspd application and SAS cannot reconnect it:
Use the command rm nspd.core to delete the core in
/usr/Systems/Global_Instance/maintenance/core/nspd.
Enter the following commands to restart the SAS:
....................................................................................................................................................................................................................................
1350 OMS
11-57
Troubleshooting
....................................................................................................................................................................................................................................
/usr/Systems/Global_Instance_9.5.0_Master/SSO/sas/script/
Stop_SAS_Service
/usr/Systems/Global_Instance_9.5.0_Master/SSO/sas/script/
Start_SAS_Service
host not reachable (using the hostname) :

If you cannot reach a host using its hostname, but you can reach the host using its IP
address, you must add the corresponding host-ip_addresss in the hosts file of the
Personal Computer. The file is located in the following directory:
%windir%/system32/drivers/etc/hosts
Example:
C:/Windows/System32/drivers/etc/hosts
Kerberos services are down.
Check Kerberos services using the following command:
ps -ef | grep kdcd
Stop and restart Kerberos services. See the Kerberos configuration section
....................................................................................................................................................................................................................................
1350 OMS
11-58
Troubleshooting
....................................................................................................................................................................................................................................

Restart the common server for MS-GUI
When to use: Use this command if the SDH/PKT search and action menu are not
displayed or are partially displayed. This problem is related to a partial SEC
sychronization problem (explained in a pop-up message) after an installation upgrade.
This command could be useful if the MSGUI does not start.
On master machine, enter the following command line
ps -ef | grep -i comsvr_Global | grep -v grep | awk '{print $2}'
| xargs -i kill -9 {}
EML Show Alarm/Show Equipment from MS-GUI
Complete the following steps to disable the security so users can view Alarm/Equipment
from MS-GUI:
...................................................................................................................................................................................................
Edit line 145 of the /usr/Systems/Global_Instance/WebDesktop/MSGUI/start.pl file

by replacing:
debug
With:
user.
...................................................................................................................................................................................................
Edit line 145 of the /usr/Systems/Global_Instance/WebDesktop/MSGUI/msgui.wsd

file by replacing:
<BINDMESS>MSGUI_Global_Instance-810</BINDMESS>
With:
<BINDMESS></BINDMESS>
Edit line 61 in the same file by replacing

<STARTMESSAGE>post NGGUI start,: </:STARTMESSAGE> with
<STARTMESSAGE></:STARTMESSAGE>
...................................................................................................................................................................................................
Enter the following command to restart the common server of the Global Instance:
ps -ef | grep -i comsvr_Global | grep -v grep | awk '{print $2}'
| xargs -i kill -9 {}
....................................................................................................................................................................................................................................
1350 OMS
11-59
Troubleshooting
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................
Delete the following file:

/usr/Systems/Global_Instance/WebDesktop/MSGUI_RESOURCES/FADMapping.xml
...................................................................................................................................................................................................
On the client machine, use ftp to manually retrieve the IntraSystemsNavigations.cfg file
from the /usr/Systems/EML_1/Kernel/data directory to the C:/tmp/runtimeDir/<host
ip address>/EML_1-9.5.0/Kernel/data client directory.
...................................................................................................................................................................................................
As root user, run the following script

...................................................................................................................................................................................................
And, remember to run the following command:

/alu/Kernel/script/UpdateNetworkConnections.pl -nointeract
EML show equipment from MS-GUI (IntraSystemNavigation)
In some 1350 OMS deliveries, in order to navigate to EML USM., do the following:
Verify on client if the directory EML_1-9.5.0/Kernel/data exists.

If the directory is exists, use ftp to retrieve the file IntraSystemsNavigations.cfg
from the directory /usr/Systems/EML_1/Kernel/data to C:/tmp/runtimeDir/<host
ip address>/EML_1-9.5.0/Kernel/data
Execute on the master server the following command line:
Use the following command to introduce KERNEL_DISPATCHER_<EML Instance>

instead of KERNEL_DISPATCHER.
Occasionally (for example after an MSGUI fast customization) to re-enable navigation to
the EML external application, enter the following command on the server:
Example (the instance of EML is 1):
....................................................................................................................................................................................................................................
1350 OMS
11-60
Troubleshooting
....................................................................................................................................................................................................................................
Recover menu items that are hidden/not sensitive
If menu items are hidden, for example EML, SDH, WDM, or PKT items are not
displayed on the Search menu, the reason can be one of the following:
1. The synchronization between SEC services and the common server is not correct.
Restart the common server using following command:
ps -ef | grep -i comsvr_Global | grep -v grep | awk '{print
$2}' | xargs -i kill -9 {}
Stop and restart the MSGUI.

2. If the previous action does not solve the problem, check the following file:
/usr/Systems/Global_Instance/COMMONSVR/conf/jacapi.properties
In the following line:
# list of the used sec servers, format=[ServerId/StandardNS/serverHost:serverPort,
serverId/StandardNS/serverHost:serverPort, ..]
com.alcatel.almap.sec.jacapi7.servers=1/PKT_1-9.5.0/151.98.179.80:5124,
2/WDM_1-9.5.0/151.98.179.80:5090,3/SDH_1-9.5.0/151.98.179.80:5055,4/EML_19.5.0/151.98.179.80:5135
Insert the following:
SecServer_
Example:
# list of the used sec servers, format=[ServerId/StandardNS/serverHost:serverPort,
serverId/StandardNS/serverHost:serverPort, ..]
com.alcatel.almap.sec.jacapi7.servers=1/ SecServer_PKT_19.5.0/151.98.179.80:5124,2/ SecServer_WDM_1-9.5.0/151.98.179.80:5090,3/
SecServer_SDH_1-9.5.0/151.98.179.80:5055,4/ SecServer_EML_19.5.0/151.98.179.80:5135
Restart the common server using the following command:
ps -ef | grep -i comsvr_Global | grep -v grep | awk '{print
$2}' | xargs -i kill -9 {}
Stop and restart the MSGUI.

3. If the previous action does not solve the problem, a bad customization of the product
(e.g. EML) could exist. Stop the server for the product (see How to restart the
services) and re-customize the product.
If the items are present but not sensitive, the GUI server that is related to the system is not
correctly connected. See Server is not correctly connected in the MS-GUI (p. 11-62).
Only as an extreme work around, comment the content of the FADMapping.xml file:
/usr/Systems/Global_Instance-9.5.0/MSGUI/resources/FADMapping.xml
And restart the MS-GUI.
....................................................................................................................................................................................................................................
1350 OMS
11-61
Troubleshooting
....................................................................................................................................................................................................................................
Server is not correctly connected in the MS-GUI
If the server is not correctly connected in the MS-GUI, look in the menu files, button
properties:
If PKT is not connected, restart PktGuiServer on the master (or presentation )

machine. Find the PID with the following command:
ps -ef | grep -i PktGui

Kill -9 PID
If MAP is not connected, restart TopoGuiServer on the master (or presentation )

ps -ef | grep -i Topo

Kill -9 PID
If TDM is not connected, restart TdmGuiServer on the master (or presentation )

ps -ef | grep -i TdmGui

Kill -9 PID
If TM is not connected, restart PnmGs on the master (or presentation ) machine. Find
the PID with the following command:
ps -ef | grep -i Pnm_GS

Kill -9 PID
If WDM is not connected, restart the WDM GUI server on the master (or presentation
) machine.
The WDM GUI server can be restarted using the following procedure:
Login as wdm user.
Enter the following command lines:
/usr/Systems/WDM_1/guiServer/wdm/script/wdm_stop.sh
/usr/Systems/WDM_1/guiServer/wdm/script/wdm_start.sh
/usr/Systems/WDM_1/guiServer/sonet/script/sonet_stop.sh
/usr/Systems/WDM_1/guiServer/sonet/script/sonet_start.sh
....................................................................................................................................................................................................................................
1350 OMS
11-62
Troubleshooting
....................................................................................................................................................................................................................................

EML Database Corruption
Complete the following steps if the EML database is corrupt:

1. Stop the EML system.
2. Execute following commands:
rm /usr/Systems/<INSTANCE>/databases/dbaxadmin/data/MYSQL/
<hostname>-relay-bin.index
rm /usr/Systems/<INSTANCE>/MirrorArea/<INSTANCE>/axadmin/arch/
<hostname>-bin.*
3. After execution, restart the EML.

Rebuild TMF Server Database
Complete the following steps to rebuild the TMF server database.

If the TMF server application cannot start, enter the following commands to rebuild the
GEM database:
1. If the TMF server application cannot start, enter the following commands to rebuild
the GEM database:
cd /usr/Systems/EML_1_9.5.0_Master/MYSQL/script
./db_delete.pl GEMDB
./db_create_empty.pl GEMDB
2. Start MySQL and stop the AppServer process. (The EMLIM group normally has
index 100).
cd /usr/Systems/EML_1_9.5.0_Master/EMLIMGEM3/script
./initDB
3. When the NMA package is installed, create the GEM database.

Note: This step is mandatory for the first installation of this NMA_9.1.0.04 load,
because this load delivers a separate MySQL instance. The step may be skipped for
the future loads if you want to retain the old GEM database.
4. Enter the following commands:
cd /usr/Systems/EML_<ID>/NMAMYSQL
script/configure_mysql
cd /usr/Systems/EML_/EMLIMGEM3/script
./initDB
Stop and Start SDH Database
To connect the Oracle database, enter the following commands to stop and start it
su - snml
. /snml1/.snmlrc
....................................................................................................................................................................................................................................
1350 OMS
11-63
Troubleshooting
....................................................................................................................................................................................................................................
/usr/Systems/SDH_1/ORACLE/databases/dbnml/etc/stop_db immediate
/usr/Systems/SDH_1/ORACLE/databases/dbnml/etc/start_db
Note: To determine if there is enough disk space, execute the following command:
su - snml
. /snml1/.snmlrc
sqlplus sys/manager as sysdba
If the space is reduced, enter the following command to remove archive files
usr/Systems/SDH_1_9.5.0_Master/MirrorArea/SDH_1-9.5.0/snml/arch:
rm *.arch
eOMS Database Setup
When the system is installed on a scratch machine and, after EOMS system configuration,
the procedure reports some errors about the connection to the Oracle Database. We
suggest that you enter the following commands:
/opt/lucent/oms/oms_setup
/opt/lucent/cache/cache_setup
/opt/lucent/platform/bin/lt_add_controller -install
/opt/lucent/platform/bin/lt_add_controller -type NMA -name EML_1_NMA
....................................................................................................................................................................................................................................
1350 OMS
11-64
Troubleshooting
....................................................................................................................................................................................................................................

Application does not start (needs an already used port)
If an application does not start and if you look at its trace file in the
/usr/System/<Instance>/maintenenace/trace directory and you determine that another
application is already using the port, and that port is the busy port and that application is
that application that keeps the port in use, then use the kill command to terminate that
application.
For example, if AS_CUR_IM in EOMS did not start, use the
grep -i ascurim /etc/services | grep -i eoms command to display the port
information, which will be similar to the following output:

ascurim_corba_socket_EOMS_1-9.5.0
# Added by OS-Kernel (Relocatable
ASCURIM__1_EOMS_1-9.5.0 5175/tcp
ASCURIM__2_EOMS_1-9.5.0 5176/tcp
5087/tcp
Service) <date/time stamp>
Use the command netstat -an | grep 5175 to display the state of the port. Output
similar to the following is displayed:
tcp
0
ESTABLISHED
tcp
0
ESTABLISHED
tcp
0
LISTEN
tcp
0
ESTABLISHED
tcp
0
ESTABLISHED
151.98.28.62.56107
151.98.28.62.5175
151.98.28.62.5175
151.98.28.62.56107
*.5175
*.*
151.98.28.62.60309
151.98.28.62.5175
151.98.28.62.5175
151.98.28.62.60309
Use the command /alu/Kernel/bin/lsof -P | grep TCP | grep 5175, which

is the PID of the application that keeps port 5175 in use. Output similar to the following is
displayed:
pnmim
16482 axadmin
18u IPv4 0xe00000016e7ff200
0t0
TCP ipb062:60309->ipb062:5175 (ESTABLISHED)
epimd20440
root
3u IPv4 0xe00000016e4acac0
TCP *:5175 (LISTEN)
epimd
20440
root
11u IPv4 0xe0000001700fc580
0t0
epimd
20440
root
12u IPv4 0xe00000017143eac0
0t0
fmcurusms 26910
root
13u IPv4 0xe000000171582740
0t0
0t0
Enter the command:

....................................................................................................................................................................................................................................
1350 OMS
11-65
Troubleshooting
....................................................................................................................................................................................................................................
ps -ef | grep 20440 root 20440 1

SDH_1-9.5.0_
Feb 23
? 1:54 epim_cmis_
Enter the following command to unblock the port and to start AS_CUR_IM of EOMS:
kill -9 20440
Oracle monitor application is down but there are active oracle processes
If the oracle_monitor_process is down but the command

ps -u axadmin | grep oracle returns an existing process, we suggest that you, as
the axadmin user on EML master server, manually shutdown the current oracle instance.
Note: oracle is also the password that you have to enter.
cd /usr/Systems/EML_*Master/eml/EMLIMSNA/script/
. set_sna_env
sqlplus /nolog
SQL*Plus: Release 10.2.0.3.0 - Production on <date/time stamp>
Copyright (c) 1982, 2006, Oracle. All Rights Reserved.
SQL> connect as sysdba;
Enter user-name: oracle
Enter password: Connected.
SQL> shutdown abort;
....................................................................................................................................................................................................................................
1350 OMS
11-66
Troubleshooting
....................................................................................................................................................................................................................................

EML File System Full
If the EML file system is full, the problem could be related to the mirror area.
If the MySql database is installed, complete the following steps. In the example given, the
EML instance is 1:
1. Verify that MySQL is NOT running; then, stop the EML instance.
2. Enter the following command lines:
cd /usr/Systems/EML_1_9.5.0_Master/MirrorArea/EML_1-9.5.0/
axadmin/arch
rm ipb021-bin.*
touch ipb021-bin.index
In the previous step, you could have saved space, but the command would be the
following:
/usr/Systems/EML_1_9.5.0_Master/MirrorArea/EML_1-9.5.0/ORACLE/
arch
In general, the command is the following:

/usr/Systems/EML_1_9.5.0_Master/MirroeArea/<EML-INST>/ORACLE/arch
SDH File System is Full
If the SDH file system is full, the problem could be related to the Mirror Area.
Complete the following steps:
1. Verify that the MySQL is not running; then, stop SDH instance:
cd /usr/Systems/SDH_1_9.5.0_Master/MirrorArea/SDH_1-9.5.0/
snml/arch
rm *.arc
PKT File System Full
If the PKT file system is full, the problem could be related to the Mirror Area.
1. Verify that the MySQL is not running; then, stop PKT instance:
cd /usr/Systems/PKT_1_9.5.0_Master/MirrorArea/bmml/arch
rm *.arc
....................................................................................................................................................................................................................................
1350 OMS
11-67
Troubleshooting
....................................................................................................................................................................................................................................
To completely clean PKT tables, complete the following steps

1. Stop all PKT applications, except Oracle Database.
2. Connect to the system using the su -bmmml command.
3. Launch the following script:
/usr/Systems/PKT_1/databases/dbbmml/admin/create/
CleanTables.sh
4. Restart the PKT application.

Oracle file system full
If /opt/Oracle reaches 100%, a bug in Oracle occurs.

1. Change directories to the following directory:
/opt/oracle/10.2.0/dbs
2. Use the following command to remove an archive file that has the format
archarch_1_99_658066611.arc:
rm archarch_*.arc
....................................................................................................................................................................................................................................
1350 OMS
11-68
Troubleshooting
Abbreviations
....................................................................................................................................................................................................................................

Logging
Description
The NMA includes two basic sets of logs, each of which can be modified while the server
is up-and-running:
Debug/Trace logs, which trace the NMA server actions.

TL1 logs, which trace the TL1 sent to and received from the NE messages.
Trace/Debug logs
Trace logs are located in the maintenance/gemtrace directory. The basic log files are the
following:
gemServer_ems.trace
gemServer_ems.error
tmfserver.trace
tmfserver.error
jboss_gemServer_ems.log
When logs reach a maximum size, a new log file is created and the old logs are
renumbered. The logs contain the following:
gemServer_ems.trace and gemServer_ems.error
These logs contain tracing for NMA logged from NMA code. If NMA catches an error
and logs it, it will be in these files. At the default INFO level, this log contains major
events such as starting/completing domain alignment and TL1 commands and their
time to completion (TL1 responses are not logged here).
tmfserver.trace and tmfserver.error
These logs contain tracing for the TMF server.
jboss_gemServer_ems.log
This file contains log records from JBoss itself, which includes error messages from
exceptions that are thrown by NMA, but are not caught by NMA (caught by JBoss) .
Additionally, a jboss_gemServer.stdout file captures the standard output of the Java
process. Generally, this file is not used, but thread dumps are written to this file.
These log files are based on a log4j logging package from the Apache group
(http://logging.apache.org). The log4j-defined server-configuration file that controls
logging for the TMF server is the following:
TMF/data/log4j.tmfServer.xml
This file, which can be modified, is located in the following directory:

EMLIMGEM3/jboss/server/ems/conf/log4j.xml
....................................................................................................................................................................................................................................
1350 OMS
11-69
Troubleshooting
Logging
....................................................................................................................................................................................................................................
The logging system is based on a hierarchy of named loggers, the base of which is
com.alcatel.gem.trace.
Two additional loggers are the following:
com.alcatel.gem.trace.tl1pc
com.alcatel.gem.trace.exsnmp
Jboss logging is also based on the same log4j package and detailed logging of JBoss
is also possible. A sample file (Log4J.xml) gives examples for turning on more
detailed JBoss logging, shows how to write to new files, and shows how to set the log
level to specific values for various named loggers.
TL1 logs
TL1 logs are also implemented using log4j, but are not controlled by a typical log4j
configuration file because the logger names are the NE names are therefore dynamic.
Configuration of these files is through the typical configuration used by end users.
TL1 logs are at a low level and they are unprocessed other than basic TL1 parsing. The
content of the TL1 log is basically what comes from the NEthe exact text of the TL1
command, responses, events, and acknowledgements. RTRV-PM commands/responses
are filtered out by defaul, which is controlled by a configuration value.
The TL1 log also shows entries when a session is opened, closed, and fails. TL1
command failure is also logged. One TL1 log file is set for each NE that rolls based on
time (not size) and thus can get large.
The following file:
EMLIMGEM3/jboss/server/ems/deploy/properties-service.xml
contains configuration parameters to control the TL1 logs. Most parameters are well
documented in the XML comments in this file. Changes to TL1 logging do not take affect
until supervision is stopped and restarted. The server does not have to be restarted.
Two additional parameters are available:
tl1comm.neLogMaxDaysKept determines the number of days of TL1 logs that are

kept. The default is 7. The value can range from [1, 14].
If tl1comm.includeInLogPM is true, RTRV-PM-* commands and responses are
included in the TL1 logs.
TL1 I/O logs
TL1 parsing engines also support an additional log, which is named using random
numbers, that is intended to debug I/O problems with an NE. This logging occurs even
before TL1 parsing, and thus can be used to debug scenarios in which an NE is sending
invalid characters or TL1. This log file does not roll; meaning, it can continue to grow
and it is not easy to use and should only be used when really needed.
....................................................................................................................................................................................................................................
1350 OMS
11-70
Troubleshooting
Logging
....................................................................................................................................................................................................................................
The configuration file EMLIMGEM3/jboss/server/ems/deploy/properties-service.xml

can also contain these values.
The following configuration parameters control this logging:
neIOLogPath controls which directory these I/O logs are created in. The directory
must already exist.
neIOLogFlag controls the logging. Possible values are in, out, or both. Any other
value implies the feature is off. The in value logs all input from the NE. The out value
logs all output to the NE, and both logs both input and output.
Possible values are the following
in logs all input to the NE
out logs all output from the NE.

both logs both input and output to the NE.
Any other value besides in, out, or both implies that the feature is off.
When turned on, at supervision time, a file named tl1io_xxxxx.debug is be created that
contains all characters sent over this socket based on the configuration. If multiple NEs
are sharing the same socket (GNE with RNEs), all characters are logged to the same file.
This is a character-by-character log and has no knowledge of TL1 of the NEs involved.
This file also never rolls. Everything from socket open to close is logged into the same
file and the file is never removed. It must be manually removed. Changes to this
configuration require stopping/starting supervision. You should only use this log to debug
cases where the NE generates illegal TL1 that the normal parsing rejects and thus is not
seen in the normal TL1 logs. Do not leave this logging on for long time because you will
run out of disk space.
....................................................................................................................................................................................................................................
1350 OMS
11-71
Troubleshooting
Configuration
....................................................................................................................................................................................................................................
Configuration
Description
The NMA/JBoss combination includes a large number of configuration files to control,

but NMA only adds a few of its own. One is designated for parameters that the end user
can modify. Others should be determined at installation time and not changed.
User configurable file
The file EMLIMGEM3/jboss/server/ems/deploy/properties-service.xml contains

configuration values intended for the end user. The general rule is that changes that are
made here are reflected as soon as possible For example, changes to TL1 time-outs will
be used after only a few seconds. Changes to logging require the starting/stopping of
supervision.
The administrator must be familiar with the behavior of the system in case the values in
this file are missing or invalid.
As an example, assume a numerical parameter has a range of [10, 20] and a default of 15.
If the user configures a value of 1, 10 will be used. If the user configures a value of 37, 20
will be used. If the user configures a value of foo the system will use 15 (the default).
Most available parameters that can be used in this file are well documented. There are a
couple of exceptions (PM and the TL1 I/O logs previously defined).
Non-user configurable file
In addition to the user-configurable

EMLIMGEM3/jboss/server/ems/deploy/properties-service.xml file, another
configuration file, the file EMLIMGEM3/jboss/server/ems/deploy/gemcfgservice.xml, contains parameters that should not be used by a user and could leave the
system unstable if configured incorrectly. There are some important values here that are
discussed below.
eclipse.PostRIGenerationCmd specifies where to write RI information. If not

configured, no RI information will be output.
eclipse.RIOutputDir specifies the command to run after RI information is generated.
If not configured, no command is run. Note that this is independent of the generation.
It is possible to generate the file and not run the command.
ne.supervisionLimit specifies the maximum number of NEs that can be supervised at
one time. There is no limit on the number of NEs that can be declared. This value is
DES encrypted using the class com.alcatel.gem.des.Mangle.
....................................................................................................................................................................................................................................
1350 OMS
11-72
Troubleshooting
Configuration
....................................................................................................................................................................................................................................
The following jython script can generate a new value that limits supervision to 100
NEs:
from com.alcatel.gem.des import Mangle
print Mangle.mangle (100)

The output value can be used directly.
jboss-mysql.force.innodb forces JBoss to create tables of the type InnoDB, which
should only be used with MySQL.
Other Configuration
Other configuration values are usually based on built in JBoss values. These can generally
be found in two places.
Files in the EMLIMGEM3/jboss/server/ems/deploy are scanned by Jboss and are

loaded when possible. Avoid saving backup files and other files in this directory.
JBoss will scan them and try to deploy them. Saving a jar file in this directory is a
sure way to cause problems. Contained directories may also cause problems, but it
depends on the directory and the rules for loading the contents of the contained
directory. For example, anything in the jms directory will be treated just like files in
the deploy directory. Files in the gem.ear directory are not reloaded if the
gem.ear/META-INF/application.xml file (or the jboss-app.xml file) are not also
modified (touched). It is safer to simply not keep backup copies in this directory.
Files in the EMLIMGEM3/jboss/server/ems/conf directory are loaded by JBoss on

startup only. The log4j.xml file is the only exception. Documentation on most of these
files (and some in the deploy directory) can be found at the JBoss web site
(http://labs.jboss.com/jbossas/docs/index.html).
....................................................................................................................................................................................................................................
1350 OMS
11-73
Troubleshooting
Configuration
....................................................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
11-74
12

12
Overview
Purpose
information and the associated tasks that pertain to the Guardian Service Processor (GSP)
and the Management Processor (MP).
Contents
GSP and MP Overview
12-2
Configure the GSP
12-3
Verify Access to the GSP LAN Console
12-11
12-13
Configure the MP
12-15
...................................................................................................................................................................................................................................
1350 OMS
12-1
GSP and MP Overview
....................................................................................................................................................................................................................................
GSP and MP Overview

Two types of configurations
The HP9000 Servers are configured with either of the following:
Guardian Service Processor (GSP)

Management Processor (MP)
Note: The service processor in HP servers is sometimes called the HP Guardian
Service Processor (GSP) or the HP Management Processor (MP). The service
processor is a service and console subsystem on the HP9000 Servers.
Functional requirements
To use the system console, the administrator must use a local VT100 terminal or a PC
with a VT100 terminal emulator.
The GSP can be configured so the system console can be used through a LAN
connection. In addition, GSP rev B provides web console functionality.
If a PC with the VT100 terminal emulator is in use, the administrator must have an
RS-232, 9-24 pin male/male cable adapter.
....................................................................................................................................................................................................................................
1350 OMS
12-2
Configure the GSP
....................................................................................................................................................................................................................................
Configure the GSP

When to use
Use this task to configure the Guardian Service Processor (GSP).

Related information
GSP and MP Overview (p. 12-2)
Before you begin
This task consists of the following tasks:
Task 1: Access the GSP (p. 12-3)
Task 2: Configure the GSP LAN Console (p. 12-4)
Task 3: Configure the Administrator Profile (p. 12-6)
Task 4: Configure the LAN Access (p. 12-10)
To configure the GSP LAN console, you must have the following information available:
An IP address for the GSP

A hostname for GSP
The subnet mask

The IP address of the gateway
Username for GSP administrator (optional)
Password for GSP administrator (optional)
The output samples that are provided in this task are samples from GSP rev A. GSP rev B
might have output that differs.
Task 1: Access the GSP
Complete the following steps to configure the Guardian Service Processor (GSP).
...................................................................................................................................................................................................
Connect a terminal or a PC to the console serial port.

...................................................................................................................................................................................................
Press the Control + b keys to enter the GSP:

<CRTL>+b
Leaving Console Mode-you may lose write access. When Console Mode
returns,
....................................................................................................................................................................................................................................
1350 OMS
12-3
Configure the GSP
....................................................................................................................................................................................................................................
type
Ecf to get console write access
...................................................................................................................................................................................................
Press the Enter key:

[Enter]
[Read only - use
Ecf for console write access.]
...................................................................................................................................................................................................
If the GSP prompt is not displayed, enter the following:

<Ctrl>+E
c f
Result: The GSP>prompt is displayed.
E...................................................................................................................................................................................................
N D O F S T E P S
Task 2: Configure the GSP LAN Console
Complete the following steps to configure the GSP LAN console.

...................................................................................................................................................................................................
At the GSP> prompt, enter the following command to modify LAN connections:
lc [Enter]
Result: The GSP outputs a display that is similar to the following:
This command allows you to modify the LAN configuration.
Current configuration:
MAC Address : 0x00306e0860d4
IP Address
: 127.0.0.1
GSP Host Name: uninitialized
Subnet Mask : 255.255.255.0
Gateway
: 127.0.0.1
...................................................................................................................................................................................................
At the following prompt, enter Y to modify the LAN configuration:

Do you want to modify the LAN configuration? (Y/[N]) Y
....................................................................................................................................................................................................................................
1350 OMS
12-4
Configure the GSP
....................................................................................................................................................................................................................................
Result: The GSP outputs a display that is similar to the following that shows the
current IP address and prompts you for a modification decision:

Current IP Address: 127.0.0.1
Do you want to modify it? (Y/[N])
...................................................................................................................................................................................................
At the following prompt, enter Y to modify the current IP address that is displayed:
Do you want to modify it? (Y/[N]) Y [Enter]
...................................................................................................................................................................................................
At the following prompt, enter the current IP address of the GSP LAN:
Enter new IP Address: <GSP LAN IP Address> [Enter]
New IP Address: <GSP LAN IP Address>
...................................................................................................................................................................................................
At the following prompt, confirm the current IP address of the GSP LAN if it is correct:
New IP Address: <GSP LAN IP Address>
Confirm? (Y/[N]) Y [Enter]
* IP Address will be updated.
In a series of prompts, the GSP prompts you for modifications to the hostname, subnet
mask, and gateway.
...................................................................................................................................................................................................
At the following prompts, enter the appropriate information regarding the GSP host name:
Current GSP Host Name: uninitialized
Enter new GSP Host Name: <hostname> [Enter]
-> GSP Host Name will be updated.
The GSP now prompts for the current subnet mask.

...................................................................................................................................................................................................
At the following prompts, enter the appropriate information regarding the subnet mask:
Current Subnet Mask: 255.255.255.0
....................................................................................................................................................................................................................................
1350 OMS
12-5
Configure the GSP
....................................................................................................................................................................................................................................
Enter new Subnet Mask: <subnet mask> [Enter]

-> Subnet Mask will be updated.
The GSP now prompts for the current gateway.

...................................................................................................................................................................................................
At the following prompts, enter the appropriate information regarding the gateway:
Current Gateway: 127.0.0.1
Do you want to modify it? (Y/[N]) (Default will be IP Address Y
Enter new Gateway: <gateway IP address> [Enter]
New Gateway: <gateway IP address>
Result: The GSP outputs a display that is similar to the following and the GSP
prompt reappears:
-> Gateway will be updated.
-> Settings have been updated.
GSP>
E...................................................................................................................................................................................................
N D O F S T E P S
Task 3: Configure the Administrator Profile
Complete the following steps to configure the administrator profile:

...................................................................................................................................................................................................
At the GSP> prompt, enter the following command to modify the security options so you
can configure the administrator profile:
so [Enter]
This command allow you to modify the security options and access control.
GSP wide parameters are:
. Login Timeout: 1 minutes.
. Number of Password Faults allowed: 3
. Flow Control Timeout: 5 minutes.
...................................................................................................................................................................................................
At the following prompt, enter n so the GSP wide parameters are not modified:
Do you want to modify the GSP wide parameters? (Y/[N]) n
....................................................................................................................................................................................................................................
1350 OMS
12-6
Configure the GSP
....................................................................................................................................................................................................................................
Result: The GSP outputs a display that is similar to the following about the first user
profile. Note all the fields are empty:

User
.
.
.
.
.
.
.
number 1 parameters are:

User's Name:
User's Login:
Organization's Name:
Dial-back configuration: Disabled
Access Level: Operator
Mode: Single
User's state: Disabled
...................................................................................................................................................................................................
At the following prompt, enter y so you can modify the user number 1 parameters:
Do you want to modify the user number 1 parameters? (Y/[N]/Q to
quit) y
Result: The GSP outputs a series of prompts about the current and new user name.
...................................................................................................................................................................................................
At the following prompts, enter the required information for the current and new user
name:
Current User's Name [Enter]
Enter new User's Name root [Enter]
New User's Name root [Enter]
Result: The GSP outputs a message similar to the following about current and new
user name.
-> User's Name will be updated.
The GSP now prompts you for organizational name changes.

...................................................................................................................................................................................................
At the following prompt, enter n so you do not modify the organization name:
Current Organization's Name:
Do you want to modify it? (Y/[N]) N
Result: The GSP outputs a series of prompts about the user name for the login.
...................................................................................................................................................................................................
At the following prompts, enter the required information for the user name for the login.
Logging in as root is not mandatory.
Enter new Login root [Enter]
....................................................................................................................................................................................................................................
1350 OMS
12-7
Configure the GSP
....................................................................................................................................................................................................................................
Enter new Login for confirmation root [Enter]

Result: The GSP outputs a message similar to the following about the current and
new user name.
-> Login will be updated.
The GSP now prompts you for password changes.

...................................................................................................................................................................................................
At the following prompts, enter the required information for the password, which is not
displayed:
Do you want to modify the current password? (Y/[N]) Y
Enter new Password <type new password here> [Enter]
Enter new Password for confirmation
<re-type new password here> [Enter]
Result: The GSP outputs a message similar to the following about the password.
-> Password will be updated.
The GSP now prompts you for dial-back options.

...................................................................................................................................................................................................
At the following prompt, enter n so you do not modify the dial-back options:
Current Dial-back configuration: Disabled
Do you want to modify it? (Y/[N]) N
Result: The GSP outputs a series of prompts about the access level.
...................................................................................................................................................................................................
At the following prompts, enter the required information for the access level:
Current Access Level: Operator
Do you want to modify it? (Y/[N]) Y
Enter new Access Level (Operator / Administrator) A [Enter]
New Access Level: Administrator
Confirm? (Y/[N]): Y [Enter]
Result: The GSP outputs a message similar to the following about the access level.
-> Access level will be updated.
The GSP now prompts you for mode options.

...................................................................................................................................................................................................
10
At the following prompts, enter the required information for the mode:
Current Mode: Single
....................................................................................................................................................................................................................................
1350 OMS
12-8
Configure the GSP
....................................................................................................................................................................................................................................

Enter new Mode (Single / Multiple): M [Enter]
New Mode: Multiple
Result: The GSP outputs a message similar to the following about the mode.
-> Mode will be updated.
The GSP now prompts you for user state options.

...................................................................................................................................................................................................
11
At the following prompts, enter the required information for the current user state:
Current User's state: Disabled
Enter new User's state (Enabled / Disabled): E [Enter]
New User's state: Enabled
Result: The GSP outputs a message similar to the following about the user.
-> User's will be updated.
The GSP now outputs a display similar to the following for the second user profile:
User
.
.
.
.
.
.
.
number 2 parameters are:

User's Name:
User's Login:
Organization's Name:
Dial-back configuration: Disabled
Access Level: Operator
Mode: Single
User's state: Disabled
...................................................................................................................................................................................................
12
At the following prompt, enter q to quit the prompting sequence so the second user
profile is not modified:
Do you want to modify the user number 2 parameters? (Y/[N]/Q to
quit) q
Result: The GSP outputs a message similar to the following:
-> Settings have been updated.
User may be disconnected in this process
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
12-9
Configure the GSP
....................................................................................................................................................................................................................................
Task 4: Configure the LAN Access
Complete the following steps to configure the LAN access.

...................................................................................................................................................................................................
At the GSP> prompt, enter the following command to enable LAN access:
el [Enter]
Current LAN port access: Disabled
Do you want to modify this configuration? (Y/[N]) y [Enter]
LAN port access options:
Note for GSP rev A, a display similar to the following is output:

[A] All access enabled
[D] All access disabled
Note for GSP rev B, a display similar to the following is output:

[A]
[D]
[T]
[W]
All access enabled - both Telnet and Web

Disable LAN port - prevent Telnet and Web access
Telnet only enabled
Web only enabled
...................................................................................................................................................................................................
At the following prompts, enter A to enable all access:

Please indicate the new mode for the LAN port,
or <CR> to retain current value. Choose one of (...): A [Enter]
Result: The GSP outputs a display that is similar to the following that shows that the
new LAN port settings are enabled:

New LAN port access settings will be: Enabled
...................................................................................................................................................................................................
At the following prompt, enter Y to confirm the settings:

Result: The GSP outputs a display that is similar to the following that shows that the
new LAN port settings are enabled:

Current LAN port access: Enabled
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
12-10
....................................................................................................................................................................................................................................

When to use
Use this task to verify access to the GSP LAN console.

Related information
Before you begin
The behavior of the GSP is dependent on the last connection; therefore, the output
samples that are displayed in this task might differ from your output.
Task
Complete the following steps to verify access to the GSP LAN console.
...................................................................................................................................................................................................
Enter the following command to connect to the GSP:

....,sys,root # telnet <GSP IP Address> [Enter]
Result: The GSP displays output that is similar to the following:
Trying...
Connected to .......
Escape character is '
]'.
Local flow control off
Service Processor login: root
Service Processor password:
Hewlett-Packard Guardian Service Processor
9000/800/L1000-36 System Name:
...................................................................................................................................................................................................

9000/800/L1000-36 System Name: [Enter]
[Read only - use
...................................................................................................................................................................................................
At the following prompt, enter the following command:
....................................................................................................................................................................................................................................
1350 OMS
12-11
....................................................................................................................................................................................................................................
[Read only - use Ecf for console write access.]

<Ctrl>+E c f [Enter]
[bumped user - ]
...................................................................................................................................................................................................

[bumped user - ] <Ctrl>+B [Enter]
Leaving Console Mode - you may lose write access. When
Console Mode returns, type Ecf to get console write
access.
GSP>
...................................................................................................................................................................................................
Enter the following command sequence to close the connection:

<Ctrl>+
And, at the Telnet prompt, enter the following:

close [Enter]
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
12-12
....................................................................................................................................................................................................................................

When to use
Use this task to access to the GSP console.

Related information
Before you begin
The behavior of the GSP is dependent on the last connection; therefore, the output
samples that are displayed in this task might differ from your output.
Task
Complete the following steps to access the GSP console.

...................................................................................................................................................................................................
Complete the steps in the Task 1: Access the GSP (p. 12-3) task.
...................................................................................................................................................................................................
At the GSP> prompt, enter the following command to get into console mode in the GSP:
co [Enter]
Leaving Guardian Service Processor Command Interface and entering
Console mode. Type Ctrl-B to reactivate the GSP Command Interface.
...................................................................................................................................................................................................

Type Ctrl-B to reactivate the GSP Command Interface. [Enter]
[Read only - use
...................................................................................................................................................................................................

[Read only - use Ecf for console write access.]
<Ctrl>+E c f [Enter]
[bumped user - ]
....................................................................................................................................................................................................................................
1350 OMS
12-13
....................................................................................................................................................................................................................................
...................................................................................................................................................................................................

[bumped user - ] [Enter]
GenericSysName [HP Release B.11.00] (see /etc/issue)
Console Login:
...................................................................................................................................................................................................
At the following prompt, log in and continue the login process:

Console Login: <user ID> [Enter]
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
12-14
Configure the MP
....................................................................................................................................................................................................................................
Configure the MP
When to use
Use this task to configure the Management Processor (MP).

Related information
Before you begin
To configure the MP LAN console, you must have the following information available:
An IP address for the MP

A hostname for the MP
The subnetmask
The IP address of the gateway
Once you access the MP, you can enter HE to get help on any MP function.
Task
Complete the following steps to configure the Management Processor (MP).

...................................................................................................................................................................................................
Connect a terminal or a PC to the console serial RS-232 port.

...................................................................................................................................................................................................
Press the Enter to enter the MP:

Enter
Result: The tool requests you to log in.
...................................................................................................................................................................................................
At the following prompts, enter the Admin login and password to access the MP:
MP password:
MP login: Admin
MP password: Admin
Result: The tool outputs a welcome screen, followed by a display that is similar to
the following:
MP MAIN MENU:
CO: Consoles
....................................................................................................................................................................................................................................
1350 OMS
12-15
Configure the MP
....................................................................................................................................................................................................................................
VFP:
CM:
CL:
SL:
HE:
X:
Virtual Front Panel (partition status)

Command Menu
Console Logs
Show chassis Logs
Help
Exit Connection
Note at any time you can enter HE to get help on any MP function.
...................................................................................................................................................................................................
At the MP> prompt, enter the CM command to access the Command Menu:
MP> CM
Result: The tool outputs the MP:CM> prompt and a display that is similar to the
following:
Enter HE to get a list of available commands
...................................................................................................................................................................................................
At the MP:CM> prompt, enter the LC command to access the LAN console:
This command modifies the LAN parameters.
Current configuration of MP LAN interface
MAC address
: 00:30:6e:38:b2:d0
IP address
: 127.0.0.1
(0xef000001)
Hostname
: notdefined
Subnet mask
: 255.0.0.0
(0xff000000)
Gateway
: 0.0.0.0
(0x00000000)
Status
: UP and RUNNING
AutoNegotiate : Enabled
Data Rate
: 10 Mb/s
Duplex
: Half
Error Count
: 46e
Last Error
: rx FIFO overflow
The tool then prompts you to modify the LAN configuration.

...................................................................................................................................................................................................
At the following prompt, enter Y to modify the LAN configuration:

Do you want to modify the configuration for the customer LAN?(Y/
[N]) Y
Result: The tool then prompts you to change the IP address.
...................................................................................................................................................................................................
At the following prompts, enter the appropriate information regarding the IP address:
Current IP Address
is: 127.0.0.1
....................................................................................................................................................................................................................................
1350 OMS
12-16
Configure the MP
....................................................................................................................................................................................................................................

Enter new IP Address: <new IP Address> [Enter]
New IP Address
will be: ....<new IP Address>
Please confirm (Y/[N]) Y

-> IP Address will be updated.
Result: The tool now prompts for the network name that is to be assigned to the MP.
...................................................................................................................................................................................................
At the following prompts, enter the appropriate information regarding the network name
that is to be assigned to the MP:
Current MP Network Name
is: notdefined

Enter new MP Network Name : <new MP Network Name> [Enter]
New MP Network Name will be: ...<new MP Network Name>
-> MP Network Name will be updated.
Result: The tool now prompts for information on the subnet mask.
...................................................................................................................................................................................................
At the following prompts, enter the appropriate information regarding the subnet mask:
Current Subnet Mask
is: 255.0.0.0

Enter new Subnet Mask : <new Subnet Mask> [Enter]
New Subnet Mask
will be: .... <new Subnet Mask>

-> Subnet Mask will be updated.
Result: The tool now prompts for the current IP address that is to be assigned to the
gateway.
...................................................................................................................................................................................................
10
At the following prompts, enter the appropriate information regarding the gateway:
Current Gateway
is: 0.0.0.0
Do you want to modify it? (Y/[N])<Default is the IP Address>

Y [Enter]
....................................................................................................................................................................................................................................
1350 OMS
12-17
Configure the MP
....................................................................................................................................................................................................................................
Enter new Gateway : <new Gateway> [Enter]

New Gateway
will be: .... .... <new Gateway>

-> Gateway will be updated.
Result: The tool now displays output similar to the following to indicate that it has
updated all parameters:

-> Parameters have been updated.
...................................................................................................................................................................................................
11
Use telnet to check the connection from another system. If the connection fails, use the
EL command to determine if access is enabled.
E...................................................................................................................................................................................................
N D O F S T E P S
....................................................................................................................................................................................................................................
1350 OMS
12-18
13

13
Overview
Purpose
information that pertains to the File System Management of the 1350 OMS.
Contents
13-2
File System Management Tools
13-3
...................................................................................................................................................................................................................................
1350 OMS
13-1
....................................................................................................................................................................................................................................

File System Management definition
File System Management for the 1350 OMS includes the process and the tools that are
used to manage the disk storage of files and the partitioning of those disks.
The File System Management for the 1350 OMS is based on disk usage upon demand,
which leaves unused disk space that can be allocated when needed. For example, if a new
co-hosting application requires more disk space, that disk space could and would be made
available.
File System Management functional requirements
The File System Management functional requirements for the 1350 OMS are the
following:
The disk management is based on the HP Logical Volume Manager.

Each disk that is managed is placed in a physical volume group.
The Disk Mirror/UX software protects the system from the disk failure.
The Disk Mirror/UX is configured to maintain two copies of data.
Each new disk that is added to the configuration is checked to determine if two disks
are connected to the same SCSI bus or FC bus and if they are assigned to different
physical volumes.
Each logical volume must be configured with the mirror option.
....................................................................................................................................................................................................................................
1350 OMS
13-2
....................................................................................................................................................................................................................................

File System Management Tools overview
The 1350 OMS installation and configuration tools automatically perform file system
management tasks, which reduces the labor involved in disk partitioning and improves
the disk space availability level when it is needed.
The administrator merely must select the disks that are to be used and all other functions
are performed automatically. In addition, the tools enable the administrator to
automatically reserve any disk space that would be needed for each piece of software that
must be installed on a machine.
Because disk dimensioning is static and because any reserved space might not be
sufficient to accommodate future data storage, the following tools are provided:
scmirrorfs (p. 13-3)
scextendfs (p. 13-4)
scdeletefs (p. 13-5)
These tools reduce the system down time and allow maintenance activities to be planned.
These tools can be executed on-line, and any changes that they initiate can take effect
whenever the next system reboot occurs.
File System Management Tools and High Availability Cluster caution
The File System Management Tools, which are scmirrorfs, scextendfs, and scdeletefs
cannot be used on volume groups that are configured in a 1350 OMS High Availability
Cluster.
scmirrorfs
The scmirrorfs tool is used to set up the Disk Mirror/UX configuration on a system in
which the mirror configuration has been not done or has been lost (for example, after a
restore from backup). The scmirrorfs tool requires the Disk Mirror/UX software be
installed and the disk configuration to adhere to the functional requirements specified in
File System Management functional requirements (p. 13-2).
Refer to the following sections of this document for additional information on scmirrorfs:
Chapter 6, Mirror Disks
Run the scmirrorfs Tool to Set Up the Mirrored Configuration (p. 5-44)
....................................................................................................................................................................................................................................
1350 OMS
13-3
....................................................................................................................................................................................................................................
scextendfs
The scextendfs tool is used to extend or to create a file system during the system
installation phase. The tool automatically computes the amount of disk space requested,
including the space for the mirror configuration, and it issues the request for an additional
new disk configuration when needed.
Formats:
scextendfs [-l <log file>] [-O] <Mount Point> <Required Space> [<VolGroup>]
scextendfs [-l <log file>] [-O] -f<File>
scextendfs -a <MountPoint>
scextendfs [-i]
scextendfs [-h]
Where:
-l <log file> specifies an output log file that differs from the default log file
(/SCINSTALL/log/scextendfs.log).
-O specifies that disk overhead is to be added. The overhead is computed as 10% of the
amount of space that is already in use in the specified file system, plus the required space.
<MountPoint> specifies the file system that is to be extended through the mount point. If
a file does not exist with this name, the tool creates a new file system and the related
mount point directory.
<ReqSpace> specifies the required space. This value is managed as file system size
during the creation, or the free space that is required when the file system exists. (Note no
action is taken when the existing file system has more free space available that what is
required.)
<VolGroup> specifies the volume group name for the file system. This parameter is
allowed only during the creation of a new file system. If the volume group does not exit,
the tool creates it.
-f <File> specifies the file that was written in the file system list and the relative space
that was required. The syntax is the following:

<MountPoint> <ReqSpace> [<VolGroup>]
This syntax allows a single command to extend or to create an additional file system.
-a specifies that the specified file system can be extended to the remaining volume group
free space.
-i specifies that the current disk configuration should be made visible.
-h specifies that a description of the procedure call should be provided.
Example:
....................................................................................................................................................................................................................................
1350 OMS
13-4
....................................................................................................................................................................................................................................
This example illustrates how to extend a file system to have 20% more free space.
1. Use the bdf command to determine the file system size:
...,sys,root # bdf /alcatel/DEPOT
Filesystem
kbytes
used
/dev/vg00/lvol19
2228224 1896458
avail %used Mounted on

311075
86% /alcatel/DEPOT
2. Compute 20% of that space from kilobytes to megabytes:

...,sys,root # bc
2228224/100*20
445640
445640/1024 <kilo to mega byte conversion>
435
<Ctrl d>
3. Extend the file system with the scextendfs tool:

...,sys,root # scextendfs /alcatel/DEPOT 435
__________________________________________________________________
Analyze Mount Point:"/alcatel/DEPOT"
Current size: 2176 MegaByte(s)
Current used: 1853 MegaByte(s)
Current free: 303 MegaByte(s)
Extend Mount Point "/alcatel/DEPOT" to 2336 MByte
__________________________________________________________________
4. Re-enter bdf to check the result:

...,sys,root # bdf /alcatel/DEPOT
Filesystem
kbytes
used
/dev/vg00/lvol19
2392064 1896498
avail %used Mounted on

464638
80% /alcatel/DEPOT
scdeletefs
The scdeletefs tool is used to remove a file system that was created with scextendfs.
Important! When scdeletefs removes a file system, that file system cannot be
restored; meaning, the removal of the file system cannot be reversed.

Formats:
scdeletefs [-l <log file>] <Mount Point>
scdeletefs [-l <log file>] -f<File>
scextendfs -g swap
scextendfs [-i]
....................................................................................................................................................................................................................................
1350 OMS
13-5
....................................................................................................................................................................................................................................
scextendfs [-h]
Where:
-l <log file> specifies an output log file that differs from the default log file
(/SCINSTALL/log/scextendfs.log).
<MountPoint> specifies the file system that is to be deleted through the mount point.
-g swap specifies to swap the area garbage collection, which removes more used swap
areas. This command is typically used to remove any TMN applications.

-i specifies that the current disk configuration should be made visible.
-h specifies that a description of the procedure call should be provided.
....................................................................................................................................................................................................................................
1350 OMS
13-6
Appendix A: List of
Abbreviations
Abbreviations
List
Abbreviation
Meaning
ACL
Access Control List
Alt_boot
Alternate Boot Device
ANTP
Alcatel-Lucent network time protocol
CDE
Common Desktop Environment
cdfs/CDfs
Compact-Disk Filesystem
CLI
Command Line Interface
CLNP
Connectionless Network Protocol
CMISE
Common Management Information Service

Element
CNA
CMISE Network Adapter
DAT
Digital Audio Tape
DLT
Digital Linear Tape
DNS
Domain Name Service, Domain Name

System, or Domain Name Server
DVD
Digital Video Disk/Digital Versatile Disk
DWDM
Dense Wavelength Division Multiplexing
EML
Element Management Layer
eOMS
embedded Optical Management System
ETSI
European Telecommunications Standards

Institute
FTP
File Transfer Protocol
...................................................................................................................................................................................................................................
1350 OMS
A-1
Abbreviations
....................................................................................................................................................................................................................................
Abbreviation
Meaning
GID
group ID
GENOS
generic OS-to-OS
GNE
Gateway Network Element
GPS
global positioning satellite
GSP
HP Guardian Service Processor
GUI
Graphical User Interface
HA
High Availability
hfs/HFS
Hierarchical File System
HTML
HyperText Markup Language
inetd
super-server daemon that manages Internet

services
IPR
Independent Peripheral Release
IRT
Ignite Recovery Tape
ISA
Industry Standard Architecture
KDC
Key Distribution Log (Kerberos)
lan/LAN
Local Area Network
LVM
Logical Volume Manager
MP
Management Processor
MIB
Management Information Base
MPLS
Multiple Protocol Label Switching
MW-INT
Middleware Interface
MW-OS
Middle Ware Operating System
NA
Network Adapter
NE
Network Element
NIO
new input/output (java)

narrow input/output in reference to a bus
NMA
Network Management Application
NML
Network Management Layer
NMS
Network Management System
NTP
network time protocol
OI
Open Interface
OSI
Open Systems Interconnection
....................................................................................................................................................................................................................................
1350 OMS
A-2
Abbreviations
....................................................................................................................................................................................................................................
Abbreviation
Meaning
PDF
Portable Document Format
PKT
Packet
PID
Process Identifier
Pri_boot
Primary Boot Device
PVG
Physical Volume Group
rcp
remote copy file; UNIX command
rhost
remote host; UNIX command
rlogin
remote login; UNIX command
RTC
real-time clock
SAN
Storage Area Network
scdisk
scan disk
scp
secure copy; UNIX command
SCSI
Small Computer System Interface
SDH
Synchronous Digital Hierarchy
SEC
Security; as in security database
SMH
HP System Management Homepage
sequential access media
a tape device
SML
Service Management Layer
SNMP
Simple Network Management Protocol
SONET
Synchronous Optical Network
SP
service pack
ssh/SSH
Secure Shell
SWP
Software Package (descriptors)
TCP/IP
Transmission Control Protocol/Internet

Protocol
TL1
Transaction Language 1
TP
termination point
TMN
Telecommunications Management Network
TMPLS
TransportMultiple Protocol Label

Switching
TNA
TL1 Network Adapter
UID
user ID
....................................................................................................................................................................................................................................
1350 OMS
A-3
Abbreviations
....................................................................................................................................................................................................................................
Abbreviation
Meaning
VA
virtual array
vg/volgroup
volume group
vgchange
volume group change
VPN
Virtual Private Network
VT
virtual terminal
wan/WAN
Wide Area Network
WDM
Wavelength Division Multiplexing
XDMCP
X Display Manager Control Protocol
XoS
XML-over-socket
....................................................................................................................................................................................................................................
1350 OMS
A-4
Index
Numerics
1350 OMS
MERGE-DELETE problems, 5-11

Message : The mount point directory, 5-19
applications, 1-2
Message Logical volume ..., 5-18
definition, 1-2
Message Mount Point..., 5-18, 5-18, 5-19
supported NEs, 1-5
Message Volume group name..., 5-17, 5-17
................................................................................................
Mirror Configurations, 5-20
A Access Control Lists (ACLs), 9-49
Mirror Configurations disk requirements, 5-20
Added value modules
Mirror disk configuration rebuild restriction, 5-10
1350 OMS HA, 1-6
No automatic reboot from the IRT, 5-15
1350 OMS OI, 1-6
Perform a Tape Check task, 5-23
ANTP, 1-7
required disk space, 5-10
................................................................................................
Restore Data from the fbackup Tapes task, 5-37
B Backup and recovery
Run scbackup for a Local Disk Backup task, 5-24
backup restrictions, 5-10

Boot from the IRT task, 5-34

task, 5-21
Console messages during reboot from IRT, 5-16
Run the scmirrorfs Tool to Set Up the Mirrored

Configuration task, 5-44
console restriction during, 5-10
scbackup functional overview, 5-6
full mirror faults and troubleshooting, 5-11
scbackup-screstore version incompatibility, 5-10
full system recovery phases, 5-13
screstore checks and messages, 5-16
full system recovery purpose, 5-13
Scripts that fail during the reboot from the IRT, 5-15
functional definition, 5-2
split operation problems, 5-11
IRT rebooting errors, 5-15
system crashes, 5-11
IRT recovery, 5-14
time-out expiration, 5-11
log files and troubleshooting, 5-11
tools, 5-3
login messages, 5-11
troubleshoot Current host is different from..., 5-17
....................................................................................................................................................................................................................................
1350 OMS
IN-1
Index
....................................................................................................................................................................................................................................
Verify the Readability of the fbackup Tape task, 5-33
gptm (grace period time) system security parameter,

9-29
................................................................................................
GSP
C CD-ROM
Access the GSP Console task, 12-13
eject a CD-ROM, 8-7
Configure the GSP task, 12-3
CHANGE_ENCRYPT_PASSWORD system security

parameter, 9-28
Commands
shutdown, 8-2
Verify Access to the GSP LAN Console task, 12-11

................................................................................................
H High Availability
security restrictions on, 9-10
swacl, 9-49
................................................................................................
High Availability (HA)

cautions regarding File System Management, 13-3
D dlylntr (delay between login tries) system security
parameter, 9-29
HP printer
DNSADD, 4-5
configuration tool, 10-2
DNSCHANGE, 4-5
Configure a Printer in the Local Spooler Queue task,

10-3
DNSREMOVE, 4-5
Configure a Printer upon Booting from the Local

System task, 10-9
Documentation
list of available customer documentation, xviii
Start the Spooler task, 10-8
Domain Name Service (DNS), 4-5, 4-5, 4-5
two supported configurations, 10-2
................................................................................................
HP servers
E ENCRYPT_ARCHIVE system security parameter, 9-29
................................................................................................
F File System Management
definition, 13-2
restart, 8-2
................................................................................................
I
Instances
functional requirements, 13-2
Free System Resources Used by an Application

Instance task, 2-6
High Availability cautions and, 13-3
Remove the Instance of an Application task, 2-4
scdeletefs, 13-5
................................................................................................
scextendsfs, 13-4
J javaws, 11-47
scmirrorfs, 13-3
................................................................................................
tools overview, 13-3

Files
decompress a compressed file, 8-5
................................................................................................
G Glossary, xvii
K KDC log
Activate the Kerberos KDC log task., 11-8

Deactivate the Kerberos KDC log task., 11-10
................................................................................................
L Legacy support, 1-4
....................................................................................................................................................................................................................................
1350 OMS
IN-2
Index
....................................................................................................................................................................................................................................
llog (last log) system security parameter, 9-30

lntmout (login time out) system security parameter, 9-30
Logs
Activate the Kerberos KDC log task., 11-8
Deactivate the Kerberos KDC log task., 11-10
................................................................................................
M Management Processor (MP)
Configure the MP task, 12-15

MIN_PASSWORD_LENGTH system security
parameter, 9-30
Mirror disks
configuration example, 6-3
configuration methods, 6-2
Configure the Mirror Disk/UX task, 6-6
Install Mirror Disk/UX task, 6-4
Align All Group Member Nodes to a Specified

Member Node task, 4-17
Align One Group Member Node to Another Group
Member Node task, 4-18
basic functions, 4-5
Change a Server to the Current DNS Configuration
task, 4-46
Change the Gateway IP Address and Hostname task,
4-42
Change the Hostname of a Remote Node task, 4-34
Change the Hostname the Current/Local Node task,
4-37
Change the IP Address a Remote Node task, 4-26
Change the IP Address the Current/Local Node task,
4-30
Change the Subnetwork Mask task, 4-41
purpose, 6-2
Establish a Group and Initialize Node Name

Management Persistent Data task, 4-7
rebuild restriction during backup/recovery, 5-10
external nodes, 4-3
................................................................................................
functional restrictions, 4-6
N NEs
Import Node Information Between Two Different

Groups, 4-22
those supported for this release, 1-5

Network Depot
Add Software to the Platform Software Depot task,
7-7

task, 4-16
member nodes, 4-3
applications, 7-2
Merge Nodes in Two Groups into One Group task,

4-24
Create the Application Software Depot task, 7-8
network example, 4-6
Edit the .rhosts file to Authorize Access to the

Application Software Depot task, 7-10
Open Two Groups for Communication task, 4-20
Run scbuilddepot to Create the Platform Software

Depot, 7-4
Remove a Member from a Group task, 4-14
Node Name Management tool

Add a New External Node to the Group task, 4-12
Add a New Node to the Group task, 4-9
Add a New Server to the Current DNS Configuration
task, 4-44
purpose of, 4-3
Remove a Server from the Current DNS

Configuration task, 4-48
security features, 4-5
working group, 4-3
nullpw (null password) system security parameter, 9-31
....................................................................................................................................................................................................................................
1350 OMS
IN-3
Index
....................................................................................................................................................................................................................................
................................................................................................
encryption set up, 9-23
P PASSWORD_HISTORY_DEPTH system security
gptm (grace period time) system security parameter,

9-29
parameter, 9-31
PASSWORD_MAXDAYS system security parameter,
9-31
PASSWORD_MIN_DIGIT_CHARS system security
parameter, 9-32
PASSWORD_MIN_SPECIAL_CHARS system security
parameter, 9-32
llog (last login) system security parameter, 9-30

lntmout (login time out) system security parameter,
9-30
location and access to the system security
parameters, 9-26
log files, 9-21
PASSWORD_MINDAYS system security parameter,

9-32
MIN_PASSWORD_LENGTH system security

parameter, 9-30
PASSWORD_WARNDAYS system security parameter,

9-33
nullpw (null password) system security parameter,

9-31
................................................................................................
PASSWORD_HISTORY_DEPTH system security

parameter, 9-31
R rstrpw (restrict trivial passwords) system security
parameter, 9-33
................................................................................................
S Safety information, xiii
scdeletefs, 13-5
scextendsfs, 13-4
scmirrorfs, 13-3
Security
access to the secure host, 9-9
audit and log files functional overview, 9-20
audit files, 9-20
PASSWORD_MAXDAYS system security

parameter, 9-31
PASSWORD_MIN_DIGIT_CHARS system security
parameter, 9-32
PASSWORD_MIN_SPECIAL_CHARS system
security parameter, 9-32
PASSWORD_MINDAYS system security parameter,
9-32
PASSWORD_WARNDAYS system security
parameter, 9-33
Prepare to Set Up Security task, 9-36
Remove Security task, 9-44
Authorize Access to the Depot Machine task, 9-49
requirements, 9-3
banner customization, 9-6
restrictions on High Availability configurations, 9-10
Change a Manufacturer's Default Passwords, 9-40

CHANGE_ENCRYPT_PASSWORD system
changing the system security parameters, 9-26
rstrpw (restrict trivial passwords) system security

parameter, 9-33
security administration user, 9-5
security profile features, 9-8
configuration tool functional overview, 9-3
security profile types, 9-8
dlylntr (delay between login tries) ) system security

parameter, 9-29
security user groups, 9-5
ENCRYPT_ARCHIVE system security parameter,

9-29
security.parms file contents, 9-24

Set Up Security with Any Profile task, 9-38
....................................................................................................................................................................................................................................
1350 OMS
IN-4
Index
....................................................................................................................................................................................................................................
SIT (shell inactivity timeout) system security

parameter, 9-33
tmaxlntr (maximum login tries) system security

parameter, 9-34
software requirements, 9-3
TMF
syschpw (system character password) system

sysltpw (system letter password) system security
parameter, 9-34
syspnpw (system pronounceable password) system
rebuild the TMF server database, 11-63

Troubleshooting
cannot contact any KDC for requested realm, 11-4
KDC daemon log file, 11-5
network configuration problems, 11-3
tmaxlntr (maximum login tries) system security

parameter, 9-34
Ping a Node task, 11-6
Troubleshoot and Fix /etc/passwd File Problems,

9-47
unable to connect ConnectionManager, 11-4
Troubleshoot and Fix Old Password Problems., 9-46

types of system security parameters, 9-27
umaxlntr (user maximum login tries) system security
parameter, 9-35
user-allowed commands, 9-9
usrpick (user pick) system security parameter, 9-35
Verify and Kill Processes task, 9-42
ticket is ineligible for postdating, 11-3
................................................................................................
U umaxlntr (user maximum login tries) system security
parameter, 9-35
usrpick (user pick) system security parameter, 9-35
................................................................................................
W WARN_USERS_LIST system security parameter, 9-35
Web Portal, 1-4, 1-4
WARN_USERS_LIST system security parameter,

9-35
shutdown command, 8-2
SIT (shell inactivity timeout) system security parameter,
9-33
swacl command, 9-49
syschpw (system character password) system security
parameter, 9-33
sysltpw (system letter password) system security
parameter, 9-34
syspnpw (system pronounceable password) system
................................................................................................
T Tasks
Free System Resources Used by an Application

Instance task, 2-6
Remove the Instance of an Application task, 2-4
....................................................................................................................................................................................................................................
1350 OMS
IN-5
Index
....................................................................................................................................................................................................................................
....................................................................................................................................................................................................................................
1350 OMS
IN-6

8DG41426LAAA - V1 - 1350 OMS Administration Guide PDF

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

8DG41426LAAA - V1 - 1350 OMS Administration Guide PDF

Uploaded by

Copyright:

Available Formats

Title page

1350 OMS | 9.5

Reason for reissue ...................................................................................................................................................................... xiii

Conceptual and task content ................................................................................................................................................... xiv

Typographical conventions used for content

Technical content ........................................................................................................................................................................ xvi

Document formats ................................................................................................................................................................... xviii

Product and Administration Overview

Common Security and Access .............................................................................................................................................. 1-8

Applications and Their Instances

Free System Resources Used by an Application Instance

1350 OMS EML IP Configuration

Static Routing Configurations .............................................................................................................................................. 3-5

Node Name Management

Add a New External Node to the Group ........................................................................................................................ 4-12

Change the IP Address of the Current/Local Node .................................................................................................... 4-30

Change the Subnetwork Mask ........................................................................................................................................... 4-41

System Backup and Restore

Backup Tape Sets ...................................................................................................................................................................... 5-8

Troubleshoot a Restore ......................................................................................................................................................... 5-15

Run scbackup for a Local Disk or an Application Instance Backup

Boot from the IRT .................................................................................................................................................................. 5-34

Eject a CD-ROM ....................................................................................................................................................................... 8-7

Security Profiles ........................................................................................................................................................................ 9-8

Prepare to Set Up Security .................................................................................................................................................. 9-36

Troubleshoot and Fix /etc/passwd File Problems ....................................................................................................... 9-47

Printer Configuration Overview

Configure a Printer in the Local Spooler Queue ......................................................................................................... 10-3

Configure a Printer Booting upon Booting from the Local System

Activate the KDC Log .......................................................................................................................................................... 11-8

OS Percentage Usage .......................................................................................................................................................... 11-12

System Installation and Customization

Upgrade the MW-OS Application .................................................................................................................................. 11-27

SAS, UDM, LDAP .............................................................................................................................................................. 11-44

Work Arounds for the MS-GUI

Work Arounds for Database Management .................................................................................................................. 11-63

Work Arounds for File System Management ............................................................................................................. 11-67

GSP and MP Configuration

GSP and MP Overview

Configure the GSP ................................................................................................................................................................. 12-3

Configure the MP ................................................................................................................................................................. 12-15

File System Management

File System Management Overview

File System Management Tools ........................................................................................................................................ 13-3

System Security Parameters

About this document

About this document

Conceptual and task content

Conceptual content, which is background information, is given so users can better

Format of task content

About this document

This document uses the following typographical conventions:

User input or path navigation on the administration and application GUIs is

User input in the UNIX environment is identified with this

System output in the UNIX environment is identified with

Marking conventions used for content

About this document

About this document

The 1350 OMS Administration Guide, Vol 2: Common GUI Functions

8. The 1350 OMS Service Assurance Guide (8DG42146FAAA) explains alarm

About this document

The document consists of the following volumes: