Professional Documents
Culture Documents
Administrator Guide
3JL-01001-BWAB-PCZZA
Issue: 02
June 2020
2 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide
Table of contents
1 Preface...........................................................................................28
1.1 Documentation ..........................................................................................28
1.2 Conventions used in this guide..................................................................28
1.2.1 Important information.................................................................................29
1.2.2 Navigation steps ........................................................................................30
1.2.3 Procedures with options or substeps.........................................................30
1.3 Multiple PDF file search.............................................................................31
1.4 Contact information ...................................................................................32
Getting started
2 What’s new ....................................................................................36
2.1 What’s new in Release 9.7.03 ...................................................................36
2.2 What’s new in Release 9.7 ........................................................................38
2.3 What’s new in Release 9.6.07 ...................................................................39
2.4 What’s new in Release 9.6.05 ...................................................................41
2.5 What’s new in Release 9.6.03 ...................................................................43
2.6 What’s new in Release 9.6 ........................................................................45
2.7 What’s new in Release 9.5 ........................................................................49
2.8 What’s new in Release 9.4 ........................................................................51
2.9 What’s new in Release 9.3.10 ...................................................................53
3 Overviews......................................................................................56
3.1 Guide overview..........................................................................................56
3.2 Administrative functions overview .............................................................56
3.2.1 Core software management ......................................................................56
3.2.2 Configuration management .......................................................................57
3.2.3 User management .....................................................................................57
3.2.4 Fault management.....................................................................................57
3.2.5 Environment variables ...............................................................................57
3.3 5529 Enhanced Applications .....................................................................58
3.4 Technical support ......................................................................................59
4 Logging in to the 5520 AMS.........................................................60
4.1 Logging in to the 5520 AMS client as an administrator .............................60
4.1.1 Logging in as an administrator ..................................................................60
4.1.2 If a login fails..............................................................................................62
4.1.3 Synchronizing server and client time.........................................................63
4.2 Logging in to the 5520 AMS server as an amssys user ............................64
4.3 Configuring user login from trusted hosts..................................................64
4.4 Restricting server selection in the Login window.......................................65
5 Managing licenses........................................................................68
5.1 Licensing overview ....................................................................................68
5.1.1 Licensing in a cluster .................................................................................70
5.1.2 Subscriber licenses ...................................................................................70
5.1.3 Operator licenses ......................................................................................70
5.1.4 License alarms ..........................................................................................71
Issue: 02 3JL-01001-BWAB-PCZZA 3
Administrator Guide
4 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide
Issue: 02 3JL-01001-BWAB-PCZZA 5
Administrator Guide
6 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide
Issue: 02 3JL-01001-BWAB-PCZZA 7
Administrator Guide
8 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide
Issue: 02 3JL-01001-BWAB-PCZZA 9
Administrator Guide
10 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide
Issue: 02 3JL-01001-BWAB-PCZZA 11
Administrator Guide
12 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide
Index ......................................................................................................634
Issue: 02 3JL-01001-BWAB-PCZZA 13
Administrator Guide
14 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide
List of figures
20 Managing administration settings ............................................278
Figure 1 Acceptable alarm event rates and overload protection mechanisms
implemented by the 5520 AMS ...............................................................301
30 EMS performance monitoring ...................................................514
Figure 2 Components of the EMS Performance Monitoring graph........................515
Figure 3 Average number of backups submitted ...................................................517
Issue: 02 3JL-01001-BWAB-PCZZA 14
Administrator Guide
15 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide
List of tables
1 Preface...........................................................................................28
Table 1 Documentation conventions ......................................................................29
2 What’s new ....................................................................................36
Table 2 What’s new in Release 9.7.03 ...................................................................36
Table 3 What’s new in Release 9.7 ........................................................................38
Table 4 What’s new in Release 9.6.07 ..................................................................40
Table 5 What’s new in Release 9.6.05 ...................................................................41
Table 6 What’s new in Release 9.6.03 ...................................................................43
Table 7 What’s new in Release 9.6 ........................................................................46
Table 8 What’s new in Release 9.5 ........................................................................49
Table 9 What’s new in Release 9.4 ........................................................................52
Table 10 What’s new in Release 9.3.10 ...................................................................53
3 Overviews......................................................................................56
Table 11 Environment variables ...............................................................................57
4 Logging in to the 5520 AMS.........................................................60
Table 12 Error messages at login failure..................................................................62
5 Managing licenses........................................................................68
Table 13 5520 AMS license information...................................................................69
Table 14 License installation from the 5520 AMS server .........................................73
Table 15 License installation error scenarios ...........................................................73
6 Using the 5520 AMS securely......................................................80
Table 16 Options for configuring the 5520 AMS for secure operation......................80
7 Managing SSL ...............................................................................82
Table 17 Secure ports for SSL configuration............................................................91
9 User accounts .............................................................................104
Table 18 Default roles ............................................................................................106
Table 19 5520 AMS function descriptions ..............................................................107
Table 20 User settings parameters ........................................................................123
Table 21 User account parameters ........................................................................126
Table 22 5520 AMS server scripts executed by users in the amssys group ..........135
Table 23 User configuration options for the ams_user_mgr script .........................138
Table 24 Add or modify user input file parameters.................................................139
Table 25 Delete user, suspend user, resume user, list user and expire
password input file parameters................................................................141
Table 26 Reset password input file parameters .....................................................142
Table 27 Options for the ams_user_mgr script ......................................................143
13 Managing NE communication and information .......................178
Table 28 NAT between the 5520 AMS server and the NEs ...................................186
15 Managing subscriber search attributes....................................194
Table 29 Define format for a subscriber attribute parameters ................................196
Table 30 Edit a subscriber search attribute category parameters ..........................199
Issue: 02 3JL-01001-BWAB-PCZZA 16
Administrator Guide
17 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide
Issue: 02 3JL-01001-BWAB-PCZZA 18
Administrator Guide
19 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide
List of procedures
1 Preface...........................................................................................28
Procedure 1 Example of NE navigation convention.......................................................30
Procedure 2 Example of options in a procedure ............................................................30
Procedure 3 Example of substeps in a procedure .........................................................31
Procedure 4 To search multiple PDF files for a term .....................................................31
3 Overviews......................................................................................56
Procedure 5 To find contact information for technical assistance..................................59
4 Logging in to the 5520 AMS.........................................................60
Procedure 6 To log in to the 5520 AMS client as an administrator ................................61
Procedure 7 To synchronize server and client time .......................................................63
Procedure 8 To log in to a 5520 AMS server as amssys ..............................................64
Procedure 9 To restrict login server selection in Windows or Red Hat Enterprise
Linux ..........................................................................................................65
5 Managing licenses........................................................................68
Procedure 10 To add a license key from the 5520 AMS GUI ..........................................72
Procedure 11 To add a license key from the 5520 AMS server.......................................73
Procedure 12 To view license keys..................................................................................74
Procedure 13 To update a license key.............................................................................75
Procedure 14 To add or remove LT licenses ...................................................................76
Procedure 15 To view license usage ...............................................................................76
7 Managing SSL ...............................................................................82
Procedure 16 To generate a customized keystore ..........................................................84
Procedure 17 To list the customized keystore .................................................................84
Procedure 18 To enable SSL between the 5520 AMS server and 5520 AMS GUI
client ..........................................................................................................85
Procedure 19 To enable SSL communication with a customized keystore .....................85
Procedure 20 To confirm the status of SSL .....................................................................87
Procedure 21 To reinstall the Windows or Red Hat Enterprise Linux client to
activate SSL changes................................................................................87
Procedure 22 To switch from the default to a customized keystore.................................88
Procedure 23 To switch from a customized to the default keystore.................................89
Procedure 24 To disable SSL between the 5520 AMS server and the 5520 AMS
GUI client...................................................................................................90
Procedure 25 To install a self-signed certification............................................................92
Procedure 26 To generate a certificate signed by CA .....................................................94
8 Managing HTTPS ..........................................................................98
Procedure 27 To replace the default HTTPS certificate...................................................99
Procedure 28 To enable the HTTP communication .........................................................99
9 User accounts .............................................................................104
Procedure 29 To create a user account.........................................................................133
Procedure 30 To add a new user account to the amssys group....................................135
Procedure 31 To copy the existing input files for the 5520 AMS server scripts .............137
Issue: 02 3JL-01001-BWAB-PCZZA 20
Administrator Guide
21 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide
Issue: 02 3JL-01001-BWAB-PCZZA 22
Administrator Guide
23 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide
Issue: 02 3JL-01001-BWAB-PCZZA 24
Administrator Guide
Procedure 196 To restore the 5520 AMS database on the same standalone server ......386
Procedure 197 To restore the 5520 AMS database on the same cluster ........................386
Procedure 198 To restore the 5520 AMS database on the same geo-redundant
cluster ......................................................................................................387
Procedure 199 To restore the 5520 AMS database on the same geo-redundant
simplex ....................................................................................................388
Procedure 200 To restore the NE backup database........................................................389
Procedure 201 To restore the 5520 AMS database on a new standalone server ...........390
Procedure 202 To restore the 5520 AMS database on a new cluster .............................391
Procedure 203 To restore the 5520 AMS database on a new geo-redundant
cluster ......................................................................................................392
Procedure 204 To restore the 5520 AMS database on a new geo-redundant
simplex ....................................................................................................393
Procedure 205 To back up the 5520 AMS software ........................................................395
Procedure 206 To restore the 5520 AMS software..........................................................396
Procedure 207 To export data using the 5520 AMS GUI.................................................397
Procedure 208 To selectively export records using the 5520 AMS GUI ..........................398
Procedure 209 To import data using the 5520 AMS GUI.................................................403
Procedure 210 To configure the field separator in the 5520 AMS GUI............................405
Procedure 211 To perform a forced inventory data collection .........................................406
Procedure 212 To split a backup file................................................................................407
Procedure 213 To concatenate a split backup file ...........................................................407
22 Managing schedules ..................................................................410
Procedure 214 To create a simple schedule....................................................................412
Procedure 215 To create a complex schedule.................................................................413
Procedure 216 To modify a schedule ..............................................................................415
Procedure 217 To modify a task ......................................................................................415
Procedure 218 To unschedule a task ..............................................................................416
Procedure 219 To delete a schedule ...............................................................................417
Procedure 220 To schedule an NE database backup from the perspective bar..............418
Procedure 221 To schedule an NE database backup from the Network Tree.................419
23 Managing customized web links and operator defaults .........422
Procedure 222 To add a customized web link .................................................................424
Procedure 223 To modify a customized web link.............................................................427
Procedure 224 To delete a customized web link .............................................................428
Procedure 225 To duplicate a customized web link.........................................................429
Procedure 226 To create an operator default template ...................................................430
Procedure 227 To view operator default templates .........................................................430
Procedure 228 To duplicate operator default templates ..................................................431
Procedure 229 To modify operator default templates ......................................................432
Procedure 230 To delete operator defaults......................................................................432
24 Managing CPE vendor ID and country codes ..........................434
Procedure 231 To add a CPE vendor ID and country code.............................................439
Procedure 232 To delete CPE vendor ID and country codes ..........................................440
25 Cluster management ..................................................................444
Procedure 233 To stop an application server without rebalancing the load.....................446
Procedure 234 To evacuate the NEs using the GUI ........................................................447
25 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide
Issue: 02 3JL-01001-BWAB-PCZZA 26
Administrator Guide
27 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Preface
1 Preface
The 5520 AMS provides fault, configuration, and performance management of the
underlying access networks, using a GUI and hierarchical tree navigation. The
5520 AMS also supports network productivity features such as equipment profile
management, NE backup and restore, and NE software management.
1.1 Documentation
The 5520 AMS Release Notice describes changes or enhancements made to the
software and its features, as well as information about delivery, compatibility, and
customer documentation.
The 5520 AMS Solution Planning Guide describes how to plan the purchase and
configuration of hardware and software to support the deployment of the 5520 AMS.
The 5520 AMS Server Configuration Technical Guidelines describes how to prepare
hardware for installation of the 5520 AMS, including information about installing the
server, setting up a cluster and configuring a network.
The 5520 AMS Installation and Migration Guide describes how to install, optimize,
and uninstall the 5520 AMS server, client, and plug-in components, as well as how
to migrate data to the 5520 AMS from other EMSs.
The 5520 AMS Administrator Guide describes administrative functions, including
management of server-client communication, users, NE communication, schedules,
links, and codes.
The 5520 AMS User Guide describes user functions, including monitoring, fault, and
alarm management and performing tasks that are common to the NEs.
The 5520 AMS Northbound Interface Guide describes functions supported by the
5520 AMS NBI.
The 5520 AMS Glossary provides descriptions of 5520 AMS-related terms and
acronyms.
The 5520 AMS and 5529 Enhanced Applications Alarm Search Tool provides
information about the 5529 Enhanced Application Alarms.
The 5520 AMS and 5529 Enhanced Applications Privacy Considerations provides
information on the product features that impact privacy and the measures taken to
protect such data.
Issue: 02 3JL-01001-BWAB-PCZZA 28
Preface Administrator Guide
29 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Preface
1 This step offers two options. You must perform one of the following:
Issue: 02 3JL-01001-BWAB-PCZZA 30
Preface Administrator Guide
1 This step has a series of substeps that you must perform to complete the step. You must
perform the following substeps:
31 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Preface
7 Click Search.
Result: Adobe Reader displays the search results. Click the + symbol to expand the entries
for each file.
Issue: 02 3JL-01001-BWAB-PCZZA 32
Preface Administrator Guide
33 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Getting started
Getting started
2 What’s new
3 Overviews
5 Managing licenses
Issue: 02 3JL-01001-BWAB-PCZZA 34
Getting started Administrator Guide
35 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide What’s new
2 What’s new
2.1 What’s new in Release 9.7.03
Managing LT licenses Added a section to add or remove LT licenses and to Section 5.5
view license usage for 10G_PON_enabled_LT license.
NE Communication Degraded alarms Added a parameter for minimum number of SNMP Table 52
requests per hour before raising a communication
degraded alarm
Global address filter Updated the section for ams_createfirstuser script to Section 31.18
include information about global address filter
Updated the default value and description for Use Tables 21 and 24
Global Address Filter and Address filter parameters
IP DSLAM Subscribers counter Added information about ‘IP DSLAM Data Subscribers’ Table 13
and ‘IP DSLAM Voice Subscribers’ counters
Clicking the background in the Graphical Added a parameter ‘Clicking the background in the Table 48
View Graphical View’ under GUI settings
(1 of 3)
Issue: 02 3JL-01001-BWAB-PCZZA 36
What’s new Administrator Guide
Resource Management Universal ID Added information about Resource Management Procedure 106
Universal ID which is created automatically by the 5520
AMS during the NE creation
Manual backup supports external server Added information about the additional support by Sections 31.5 and
ams_backup script for backing up files into a remote 21.2
server. Procedures 191
and 192
ams_log_manager script Added an option to enable or disable syslog mode and Section 31.51
added amssys.log details. Table 103
Added securing logs for configuring the 5520 AMS for Table 16
secure operation.
ams_updatefirewall script Removed --enableigmp and --disableigmp options from Section 31.53
the script and the information related to IGMP snooping
Subscriber attributes Added an attribute category for subscriber attributes. Section 15.3
Custom Fields Added functions for Subscriber Search Attribute Custom Table 19
Field view and Edit
Documentation changes
Backing up the 5520 AMS database Added a note about the server status and database Section 21.2
process status when the 5520 AMS backup is running
on the data server.
ams_cluster status script Updated the example for ams_cluster status and added Sub-sections
information about “ams_cluster status --detailed.” 31.7.4.1 and
31.7.6
PKCS12 keystore Updated the note to use PKCS12 keystore Section 7.2
Usage of NG-PON2 Updated usage of NGPON2 to NG-PON2 Table 13
Sub-section 5.1.2
and 5.1.4
Added information about creating the default admin user Section 9.1
after installing the 5520 AMS
SNMP password encryption Added two new parameters ‘Re-Type Read Community’ Table 54
and ‘Re-Type Write Community’ in the Create SNMP Section 31.45
Profile parameters table and updated the example
output of the getAgentlist script.
AMS log manager Added information about configuring the Fixed Duration Section 31.51
logs and the default value.
AMS export script Added the information that the ams_export script Section 31.11
overwrites any existing file.
(2 of 3)
37 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide What’s new
Added a section for backup and restore log files. Section 27.15
Moved the Syslogs chapter from 5520 AMS User Guide. Chapter 28
Moved the content related to viewing alarm logs from Section 28.6
5520 AMS User Guide.
Timeout parameter in SNMP Retries settings Modified the description of the parameter Timeout Tables 52 and 66
and Supervision settings Before 1st Retransmission.
SNMPv3 SHA2 Authorization Protocol Added a note about SNMPv3 SHA2 encryption. Procedure 136
User Settings and User Account parameters Updated the parameter names as in the AMS GUI for Tables 20 and 21
User Settings and User Account parameters.
Initial admin user account created by Removed the reference to ‘default’ admin user account Section 31.18
ams_createfirstuser script that is required to download the AMS client and updated
it as the ‘initial’ admin user account created by the script.
(3 of 3)
ams_updatefirewall script Added --enableigmp and --disableigmp options to the Section 31.53
script, and added information related to IGMP snooping
GoldenEMSSwConfig file Updated the procedure to include Golden SW Label Procedure 178
details.
Updated the section for ams_server version to include Sub-section
information related to GoldenEMSSwConfig file, and 31.2.6, 31.2.6.1
updated the examples. and 31.2.6.2
(1 of 2)
Issue: 02 3JL-01001-BWAB-PCZZA 38
What’s new Administrator Guide
Web links in the Tools menu Added information about customized web links in the Sections 23.1 and
Tools menu. 23.2
Increase number of PAPs supported Updated the number of PAPs from 50 to 1000. Section 10.2
Timestamp for Alarm template on AMS Added information about the start time of the toggling Section 20.14
alarm.
Radius or LDAP server Added information about Role attribute in the Radius or Tables 72, 73 and
LDAP authentication and authorization. Sub-section
20.34.5
Log4j configuration file name Updated the log4j configuration file name from Table 19 and
‘log4j.properties’ to ‘log4j2.properties’. Section 27.12.
SHA2 algorithms for SNMPv3 authentication Added information about the SHA2 algorithms for Table 53,
SNMPv3 authentication. Sub-section
20.34.2 and
Procedure173
ams_cluster status command Updated the output for “ams_cluster status” command Sub-sections
for Simplex and Cluster setups. 31.7.4.1
Job Manager tuning Added information on Job manager tuning. Table 75
ISAM Software Load Validation Updated User Role Software Mgmt- Edit. Table 19
Documentation changes
SSL Overview Updated SSL Overview. Added details of One-way Section 7.1
authentication between AMS Server and client.
Configuring Proxy Settings Added note that SOCKS proxy is not supported. Section 20.39
SSL behavior Updated information about SSL enabled in data server Section 7.2 and
also. Procedure 19
(2 of 2)
39 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide What’s new
New features/enhancements
Zero touch provisioning Updated the note on supported NEs for R6.0.01 Section 20.45
SSH public key of the NE Added a new section for configuring SSH public key of Section 20.4
the NE.
IPv6 Support Added IPv6 address format support for procedures and Sections 13.5,
sections related to NE communication. 18.4, 31.6, 31.21,
31.24, 31.28,
31.45, and 31.48.
Procedures 64, 70,
109, and 183.
Tables 33, 50, and
78.
Radius or LDAP Updated the login behavior for Radius or LDAP Table 72
authorization option.
ONT-View TR-069 configuration Added a new function, ONT-View TR-069 Configuration Table 19
Download of AMS client with authentication Included information about the AMS client download Tables 19 and 102
with valid user credentials.
Audit configuration files Added the Configuration File Changes Detection Period Table 70
setting in Administration settings.
Added a new section for auditing configuration files. Section 27.14
Unacknowledged alarms Added information about collecting details for Table 116
unacknowledged alarms.
Privacy Considerations Included the 5520 AMS and 5529 Enhanced Section 1.1
Applications Privacy Considerations document to the
related documentation section.
ams_cluster script Updated the ams_cluster start with the new sub-option Section 31.7
appservers.
nbi.log file updates Added information about the nbi.log file, including the Table 103
following new log file keywords: SourceIP and
X-Forwarded-For
Documentation changes
(1 of 2)
Issue: 02 3JL-01001-BWAB-PCZZA 40
What’s new Administrator Guide
getAgentlist script Updated information about output of the getAgentlist Section 31.45
script.
ams_geo_configure script Added a note about the automatic modification of Section 31.13
firewall settings when executing the script.
Create an anonymous FTP user Included example for command arguments with Procedure 185
absolute path to shared data directory.
Included command to restart system and start vsftpd
service on RHEL 7.x.
getAgentlist.sh and retrieve_nes.sh scripts Updated the script examples to include password as an Sections 13.4,
option for getAgentlist.sh and retrieve_nes.sh scripts. 13.5, 13.6, 31.45
and 31.48
NE List - NBI function Updated the procedures to include “NE List - NBI Procedures 66, 67,
function”. 68 and 69
ams_user_mgr script Updated the example of an input file entry for adding a Procedure 32
user when executing the ams_user_mgr script.
(2 of 2)
New features/enhancements
AMS license for XGS PON and NGPON2 Included information on the license for XGS PON and Sections 5.1.2 and
ONTs NGPON2 ONTs 5.1.4
Table 13
Support of 400 concurrent client user Updated the number of concurrent client user sessions Table 20
sessions and 4000 users in 5520 AMS supported. Sections 11.12
Included information on configuring maximum users in and 11.13
5520 AMS.
(1 of 3)
41 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide What’s new
NE Group Creation Updated the parameters of AMS settings to include NE Tables 83 and 33
Group Creation and input file parameters to include
Parent NE Group Name.
Backup check of multiple NEs Updated the section to include the backup check of Procedure 117,
multiple 7342 ISAM FTTU NEs. Sections 18.6 and
8.1.1
Comments in Administration tree Added a section on adding comments in Administration Section 20.1.1
Tree settings.
Radius accounting Added new parameters and a sub-section for Radius Table 70
accounting. Section 20.34.6
ams_show_ne_balancing script Updated information on the NE balancing and new Sections 13.7 and
options support for the script. 31.24
Added a note about custom group related options Table 70
support for the script only when the setting “Enable NE
Balancing Based On Custom Group” is selected.
Documentation changes
Promote to master not supported. Removed the procedure to change the master —
application server.
ams_switch_active_dataserver Updated the script to include the confirmation message Procedure 236
before proceeding with the data server switchover. Section 31.33
Radius or LDAP authorization Added information for Radius or LDAP authorization Table 72
when remote server denies request.
Restore to default option Added the support of Restore to default option for Section 27.12
log4j.properties file. Procedure 259
IP address Added a note for Main IP address parameter for the Table 33
ams_ne_mgr script.
CLI connectivity check Added a table note for “Number of Polling Cycles Table 66
Between CLI Connection Checks” setting.
ams_change_ip_subnet_server Updated the section to use “ams_server stop” to stop, Section 31.6
and “ams_server start” to start the servers in a cluster.
Data and Application server Updated the active/standby terms for data and Sections 4.1.2,
application server, and removed master/slave terms. 21.2, 21.4
Table 77
Password expiration configuration Updated the note in the procedure to mention that the Procedure 6
password expiration warning does not appear in the
5529 Enhanced Application GUIs.
(2 of 3)
Issue: 02 3JL-01001-BWAB-PCZZA 42
What’s new Administrator Guide
Time zone synchronization Added a note about time zone synchronization in a Sub-section 14.3.1
cluster.
Server in maintenance mode Updated ams_cluster script for ‘restart’ and ‘stop’ Sub-sections
options. 31.7.1 and 31.7.3
Installing a certificate signed by CA Added a note to mention that the commands provided Section 7.9
in the section is only for reference and the command
line must be adapted based the requirements.
ams_update_database_pwd script Added a note that ams_cluster restart script should not Section 31.58
be used when executing ams_update_database_pwd
and remove information execute ams_cluster status
script.
Updated the note about regenerating VM template
when changing the database password.
(3 of 3)
Notes
(1) To use this functionality, you must have Nokia Access Virtualizer Adaptor installed. Contact your Nokia technical representative for more
information.
New features/enhancements
Configure the 5520 AMS so that all defaults Updated the default value for SSL. Section 7.1
are secure
Updated the procedure to enable the HTTP Procedure 28
communication.
Updated the default URL of the NBI client as HTTPS. Table 27 and 34
Updated the default value for SNMP Version. Table 54
Toggling alarms Updated the section with new counter information in Section 20.14
case of toggling alarms.
Input file parameters for ams_user_mgr Added the missing parameters for add or modify user Table 24
script input file.
(1 of 3)
43 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide What’s new
NE backup consistency check Added a step to view the Consistency log from the AMS Procedure 117
client.
TFTP server settings Updated the procedure to configure TFTP server Procedure 143
settings.
Custom group for NE balancing Updated the site settings table to add parameters for Table 70
custom group for NE balancing.
Creating a Media Gateway Added information about creating a Media Gateway Sections 19.3 and
from the 5520 AMS Application server for 7367 ISAM 31.20
SX.
AMS function description Added a new function Network Layer2 - Aging. Table 19
User setting parameters Added a new parameter ‘Exit the GUI instead of Logout Table 20
on Inactivity logout timeout
System log files Added new system log files to the table. Table 102, 103
Wildfly version upgrade Upgraded the version of Wildfly to 9.0.2. Procedures 27,
251, and 253
pbit traffic counters Updated the description for the Network Default - Table 19
Troubleshoot function.
Password aging Updated the default value for password aging. Table 20
AMS GUI logs and log4j.properties Added information on editing the log4j.properties and Sections 27.12
viewing the GUI logs in AMS. and 27.13
NE-NE links Added input file parameters list for NE-NE links. Tables 38, 42, and
43
HTTPS certificate, configure of system logs, Added a section on replacing the default HTTPS Section 8.2
and enable or disable a log certificate.
Account parameters for LDAP/RADIUS Change in table of account parameters for Table 73
server LDAP/RADIUS server.
Documentation changes
(2 of 3)
Issue: 02 3JL-01001-BWAB-PCZZA 44
What’s new Administrator Guide
ams_updatefirewall --enableneprotocols Added a note on adding the service of TFTP. Section 31.53
Functions Updated the section for Edit and View functions. Section 9.1.4
LDAP authentication Added a new procedure for LDAP authentication based Procedure 20.34.2
on MD5 algorithm
Zero touch provisioning Removed the content related to zero touch provisioning Section 20.45
and moved to 5520 AMS User Guide.
Security log and user activity log Added notes about the security log file and user Table 107
activities log.
Customized keystore Removed a step from the procedure which had a Procedure 16
mention of the keystore location where the generated
keystore could be copied.
ams_configure_ssh_timeouts Updated the script description to add the root as well as Section 31.9
amssys login for this script.
Export file Updated the extension of the export file to tar.gz Section 31.15,
21.6
Procedure 206,
207 and 208
Removed figure Removed Figure Process for enabling a secure Section 7.7.2
connection from the 5520 AMS client the flowchart is
not appropriate.
Installing CA certification Added a procedure for installing a certificate signed by Section 7.9
CA.
ams_log_manager Updated the directory of the temporary collected trace Section 31.51
file.
vprocmon support of HTTP Added information on the vprocmon support of HTTP Section 8.1.1
communication.
SSH Key infrastructure to Scheduling Added a information about SSH Key infrastructure to Section 21.2.4
Backup Schedule Backup for SFTP to function. Table 87
External TL1 Gateway server Added a note related to deleting an External TL1 Procedure 83
Gateway server.
(3 of 3)
45 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide What’s new
New features/enhancements
Maximum number of password changes in a Added a row in Table and added a note reference Table 20
day regarding number of password changes in a day.
jboss wildfly Updated the navigation path in the procedures for jboss Procedures 21, 27,
wildfly. 251 and 253
Maintenance mode Added additional options for action in the table for Table 34
ams_ne_mgr script. —
Removed section for clearing maintenance mode.
User activity logs Added rows in Table for Syslog. Table 100
NE Alarm Processing Settings parameters Added new parameters in NE Alarm Processing Table 59
Settings parameters.
SFTP with key based authentication Added a sub-section for SFTP with key based Sub-section 20.5.1
authentication
Aggregated EMS alarm icon Added a note on the new aggregated EMS alarm icon Procedure 146
which appears in the status bar.
ANV Process Name Added the new parameter “ANV Process Name” and is Table 33
applicable only for Nokia Access Virtualizer Adaptor,
which is a licensed product. (1)
Database password Added a new script to change the database password. Section 31.58
(1 of 3)
Issue: 02 3JL-01001-BWAB-PCZZA 46
What’s new Administrator Guide
Added the description for the new argument for the Procedure 109
command ams_ne_cli
Input file parameter for G6-GPON link Added the new input file parameter for G6-GPON link Table 39
Automated data collection Updated the ams_log_manager.sh script with new Section 31.51 and
options. Added a script to collect jstack and jmap 31.57
information.
Zero touch provisioning Added a new section about zero touch provisioning. Section 20.45
Changing the log type Added a new section and procedure about changing the Section 27.10.1
log type. Procedure 253
Backup consistency check for ISAM NEs Added a new section and procedures about backup Section 18.6
consistency check for multiple ISAM NEs. Procedures 118,
119 and 120
Documentation changes
Supported NE types and version for Updated the table to add all the supported NE types and Table 34
ams_ne_mgr version for ams_ne_mgr
Corrected the procedure to backup the NE Updated the procedure to include details of backing up Procedure 110
NE which supports only one type of back up file.
Updated super user capability Replaced the existing information on exceeding Procedure 47
maximum login limits.
Added alarmSilentMode parameter Updated the table to add the alarmSilentMode Table 33
parameter and the description
FTP for SIP Introduced a section from The User Guide and updated Section 20.41
the procedure.
ams_ne_mgr script Removed the table “Supported NE types and version Procedure 105
for ams_ne_mgr" and Note.
File transfer protocol settings Updated the section and procedure for file transfer test. Section 20.5
Procedure 141
HDM NBI settings Added a note to indicate that this functionality is no Section 20.44
longer supported.
Log files Added information about the log files directory. Section 27.10
Sub-section
21.2.2,
Procedures 191,
192, and 193
(2 of 3)
47 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide What’s new
Template Group name Added information about template group name. Table 33
Anonymous FTP user Modified the procedure to create an anonymous FTP Procedure 185
user.
AMS server scripts Added a note to use only the recommended scripts. Section 31.1
TFTP server settings Updated the description for the parameter ‘Enable Table 56
TFTP server on the EMS’.
Allowed PAP Groups Added a note mentioning when creating a new user Procedure 29
“Allowed PAP Groups” field is mandatory.
Auditing and identifying security violations Added a section which describes the security action Section 27.10.3
and related log file information.
Select EMS Tracing Level attribute Added information about using the "-modifyNE" option Table 33
to modify multiple values of the
"selectedEmsTracingLevel" attribute.
Customized keystore Added information about using a customized keystore Section 7.2
in a cluster setup. Procedure 19
System logs Added note in two procedures about Cluster Settings. Procedures 255,
256
Historical actions Updated the note on the threshold to move and delete Section 20.21
actions from the historical view.
System user Added a note on ‘system’ user. Procedure 29
Basic Settings parameters Updated the table for basic settings parameters. Table 79
SSL / TLS protocol Added information about server and client protocols. Sections 7.7,
31.43 and 31.44
EMS performance monitoring Updated figures for the EMS performance monitoring Figures 2 and 3
view and Average number of backups submitted.
ams_cluster stop|restart Added information about ams_cluster where stop and Section 31.7
restart script stop the servers in the 5520 AMS cluster
in the maintenance mode.
SNMP retries parameter Updated the range value of the ‘Timeout Before 1st Table 52
Retransmission’ parameter.
(3 of 3)
Notes
(1) To use this functionality, you must have Nokia Access Virtualizer Adaptor installed. Contact your Nokia technical representative for more
information
Issue: 02 3JL-01001-BWAB-PCZZA 48
What’s new Administrator Guide
New features/enhancements
Propogate all changes immediately option The information about “Propogate all changes Tables 20 and 21
immediately” option is removed and the related
parameter details are updated.
Timezone registration Added a parameter under Supervision settings and Table 66 and
added an alarm timestamp in TL1. 5520 AMS and
5529 Enhanced
Applications
Alarms
Modifying a task Added a note on the new Job Details window which Procedure 217
appears while modifying a task.
Solaris support stopped from R9.4.90 Removed references to Solaris from the guide. Chapters 4, 7, 16,
20, and 21
Appendix 31
5520 AMS backup using SFTP Added an option for the ams_schedule_backup script. Table 87
5520 AMS moved to OpenJDK Added information related to time zone update in Red Section Updating
Hat Enterprise Linux system and Windows system. time zone data in
the 5520 AMS
Smart NE groups Added a note related to replication of custom groups. Procedure 209
Change of database from MYSQL to Updated instances of the term ‘MYSQL’ to “the generic Chapter 16, 20,
MariaDB term ‘Database’ in the text and figures. 21, 25, 21, and 31
Lock the admin user after maximum number Added a parameter “Include 'admin' User in Maximum Table 20
of failed login attempts Login Failures Check” under User settings.
Map and Link management license Removed the references to Map and Link management Chapter 17, 19,
licenses from the guide. and 20
Logging security actions on the database Added a log which records details about the Table 103
connections and disconnections to or from the
database.
Applying multiple Template Group Versions Modified the description of Template Group Name Table 33
at NE supervision parameter.
(1 of 3)
49 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide What’s new
Two-factor authentication Added a note on two-factor authentication with append Section 32.1
method.
ISAM-MDU link for NGPON2 ONT Added information about ISAM-MDU link creation for Table 41
NGPON2 ONT.
160k profile support Updated table for maximum number of templates or Table 69
template groups that can be displayed in the template
tree.
SSH session timeout Added a new section for ams_configure_ssh_timeouts Section 31.9
script.
Documentation changes
ams_ne_cli script failure with CLI Cut Added Caution Procedure 109
Through Secure
Limiting the number of exported historical Added Warning Section 21.6
alarms
Logging information Added ndd settings log in the traces and debug files. Table 103
Restricting server selection in the Login Added a note related to amsclient.ini file to restrict login Procedure 9
window server selection .
NE communication degraded alarm Added a table note on NE communication degraded Table 52
alarm.
Cluster management Added a caution about using SSL in a cluster. Section 25.1
User account parameters Added a table note about InactivityLogoutTimeout and Table 21
InactivityLockScreenTimeout parameters for LDAP
server.
5520 AMS server scripts Added a new script support for updating the log level Section 31.49
and enabling or disabling the custodian logging.
SSH configuration Added a caution note on the impact on AMS server Section Functions
behavior due to customization of SSH configuration.
User operations using the NBI Updated the information on user operations using the Section 11.2
NBI interface.
(2 of 3)
Issue: 02 3JL-01001-BWAB-PCZZA 50
What’s new Administrator Guide
SNMP Trap Parameters Removed Community and Security Level parameters Procedure 134
from SNMP Trap parameters.
Logging settings Added the procedure to set logging level and configure Procedure 255
logging settings. and 256
ams_remove_data.sh script Added the log file details for ams_remove_data.sh Section 31.23
script.
Restart supervision Removed the restart supervision step from the Procedure 149
procedure to Configure NE alarm processing settings.
Rebalance the NEs Removed the procedure to rebalance the NEs using the -
GUI.
Generate customized keystore Added a note related to the key length to generate Section 7.2
customized keystore.
Change password for amssftp or amsftp Moved the section for changing the password for Section 9.11
amssftp or amsftp from IMG.
AMS function descriptions Updated the user roles for constructor, operator and Table 19
viewer.
5520 AMS server scripts Added information for the following scripts. Sections 31.54,
• getLicenseCounter.sh 31.55, and 31.56
• convert_to_shorter_line.sh
• ams_reconfigure_host.sh
Max Concurrent Operations Updated the definition and parameter name. Table 83
DCN connectivity test Updated the DCN connectivity details for RHEL. Section 25.2
Table 70
jboss_service.log Added the new log details for start/stop logs. Section 31.2
ETL1 GW switchover Added a paragraph on ETL1 GW switchover details. Section 16.1
(3 of 3)
51 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide What’s new
New features/enhancements
Solaris presentation server Added the Solaris client related information Section 4.4,
Procedure 19, 21,
22, and 182
Alarms Added a new alarm for sudo configuration 5520 AMS and
5529 Enhanced
Applications
Alarms
G6-GPON link creation Added information about G6-GPON link creation. Section 19.1 and
Procedure 123
Logging information Added table on traces and debug files. Table 103
Updated the path and name of the .xml file for setting Procedure 251
the log levels. and 253
Added log file information for each of the 5520 AMS Appendix 31
server scripts.
Subscriber search attribute categories Renamed Unmapped Attributes to Not Collected for Chapter 15
SMA.
Documentation changes
AMS settings for NBI Removed the word job from heartbeat parameters. Table 83
Active sessions Added information related to OSS sessions being Section 11.2
displayed under active sessions.
AMS server script Added information on the force option to stop the ams Appendix 31.2
servers using the ams_server script
5530 NA-F settings Updated the default Port Number value in the 5530 Table 84
NA-F settings.
Issue: 02 3JL-01001-BWAB-PCZZA 52
What’s new Administrator Guide
New features/enhancements
Support for hidden user accounts Added a parameter to configure a user account as Tables 21 and 73
hidden.
Displaying operating system information of Added the parameters providing the operating system Tables 75 and 77
the 5520 AMS server in the GUI information in the 5520 AMS server.
Support for locking all users belonging to a Added procedures to lock or unlock all users belonging Procedures 37, 38,
specific role to a specific role. and 46
Alarm rules enhancements Added a procedure to check the consistency of alarm Procedure 275
rules.
Support for security functions per technology Added descriptions for new security functions per Table 19
technology.
Support for security function role Added a note for security function role for creating new Procedures 29
user account. and 45
Table 19, 21 and
24
HDM NBI settings Added a section on configuring HDM NBI settings. Section 20.44
Table 19
Red Hat Enterprise Linux client Added a procedure to reinstall the Red Hat Enterprise Procedure 22
Linux client to activate SSL changes.
Supervision settings Updated the procedure and table to add the supervision Procedures 135
setting and description for polling retransmission and 159
parameters of isolated NEs. Table 151
Application statistics file Added a procedure to convert application statistics file Procedure 278
to a CSV format.
ams_app_stats_converter Added a new script for converting application statistics Section 31.50
file to a CSV format.
(1 of 3)
53 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide What’s new
Configure supervision settings Modified the procedure and added a note that it applies Procedure 159
to only isolated NEs.
Link management settings Added the new parameter along with the description for Table 37
link management settings.
Documentation changes
Viewing user statistics Modified the user statistics parameter details. Section 9.8
EMS performance management Updated the EMS performance monitoring graph. Figure 2
Site settings Added the hostname label along with IP address and Table 70
Secondary IP address for site settings.
File transfer protocol settings Updated the file transfer protocol settings. Section 20.5
EMS alarms Added information on disk full alarms. EMS local alarms
Backing up and restoring NE software Deleted Locating backup files section and added the Section 18.4
information to Managing NE backup files topic with a
caution note.
User Activity Log Added a note about logging of old values in User Section 27.3
Activity Log.
Site name Added a table note to define the special characters that Table 123
are allowed in a site name.
Password Parameter Modified the table notes for the Password parameter. Table 20 and 21
Align and audit G6-GPON link Updated the procedures and added details of how to Procedure 125
align and audit the missing G6-GPON links. and 126
(2 of 3)
Issue: 02 3JL-01001-BWAB-PCZZA 54
What’s new Administrator Guide
AMS function description Removed the setting “User Activity Log-Admin” from the Table 19
table.
Exporting and importing data Added a note on Export/Import - Edit function. Section 21.6
Site settings Modified the setting IP Address or Hostname and its Table 70
description.
Restoring the AMS software Modified the procedure and added a note on restoring Procedure 206
the AMS software using the software backup script.
Managing SSL Updated the procedure to check the status of SSL and Procedures 20, 21,
reinstall Windows and Linux clients to activate SSL and 22
User Accounts Updated the descriptions for Roles and PAP Groups Table 24
parameters for the user input file.
TFTP client settings Added a procedure to configure TFTP client settings. Section 20.8
(3 of 3)
55 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Overviews
3 Overviews
3.1 Guide overview
To perform the procedures in this guide, you must be familiar with the 5520 AMS GUI
and be able to open and navigate between perspectives and views. Unless otherwise
stated, all procedures in this guide require you to log in to the 5520 AMS client as an
administrator, or to log in to the 5520 AMS server as amssys. See Section 4.1 for
details about logging in to the 5520 AMS client as an administrator.
Issue: 02 3JL-01001-BWAB-PCZZA 56
Overviews Administrator Guide
$AMS_EXTERNAL_LOCALDATA_HOME The directory where data is stored that is external to the 5520 AMS
software and that is local to one server. An example is
/var/opt/ams/local/common.
$AMS_LOCAL_DATA_DIR The directory where local data is stored. By default, this is /var/opt.
$AMS_LOCALDATA_HOME The subdirectory where data files that are separate from the database are
stored. An example is /var/opt/ams/local/ams-9.6.03-999000.
(1 of 2)
57 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Overviews
$AMS_SHARED_DATA_DIR The directory where shared data is stored. By default, this is /var/opt.
$AMS_SOFTWARE_HOME The directory where the 5520 AMS software is stored. An example is
/opt/ams/software/ams-9.6.03-999000.
$AMS_LOG_DIR The directory where 5520 AMS logs are stored. An example is
/var/opt/ams/local/ams-9.6.03-999000/traces/log
$AMS_CONF_DIR The directory where configuration files for the 5520 AMS are stored. An
example is /opt/ams/software/ams-9.6.03-999000/conf
$PLATFORM_SCRIPTS_DIR The directory where platform scripts for the 5520 AMS are stored. An
example is /opt/ams/software/ams-9.6.03-999000/lib/platform/bin
$AMS_DEBUG_DIR The directory where 5520 AMS traces and debug files are stored. An
example is /var/opt/ams/local/ams-9.6.03-248124/traces/debug
(2 of 2)
Before you can perform the procedures in this guide, the 5520 AMS software and
client must be installed and running, including all required plug-ins. For information
about installation, see the 5520 AMS Installation and Migration Guide. For detailed
hardware requirements and network specifications, see the 5520 AMS Solution
Planning Guide.
When you have performed the procedures in this guide, parameters specific to your
site will be configured and user accounts will be created. Users can then log in and
use the 5520 AMS to manage NEs.
See the 5520 AMS User Guide for information about user functions, including
monitoring and fault management tasks not requiring administrator privileges and
tasks that are common to all NEs.
For information specific to management of a particular NE, see the Operations and
Maintenance guide for the NE.
Issue: 02 3JL-01001-BWAB-PCZZA 58
Overviews Administrator Guide
1 Go to https://customer.nokia.com/support/s/.
2 Log in to the Nokia Support portal with the username and password for your account.
Result: The Nokia Emergency Contact page opens and displays the phone and e-mail
contact information for technical assistance for the selected country.
59 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Logging in to the 5520 AMS
Issue: 02 3JL-01001-BWAB-PCZZA 60
Logging in to the 5520 AMS Administrator Guide
• If you have logged in to the site before, choose the site name from the Server drop-down
list.
4 Click Finish.
61 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Logging in to the 5520 AMS
• If this is the first login, the 5520 AMS prompts you to change the administrator password.
• If the password expiration warning is configured for the user and the user tries to login
during password expiration warning period, then the 5520 AMS displays a password
expiration warning message with the information that the user's password will expire
within the configured number of days and prompts the user to change the password.
Note: This warning does not appear for remotely authenticated users or users logging in
to certain 5529 Enhanced Application GUIs.
The following message is displayed Your password will expire in <n> days. Would you
like to change your password now?
• Click Yes to change the password. The Change Password Information dialog appears
with the following confirmation message:
After changing your password, your session will expire and you will have to login again.
Do you want to proceed? Click Yes to change the password of the user.
After changing the password, go to step 6.
• Click No to proceed without changing the password.
Server temporarily unavailable The 5520 AMS server is starting up, or a switchover is in
progress to a new master application server.
(1 of 2)
Issue: 02 3JL-01001-BWAB-PCZZA 62
Logging in to the 5520 AMS Administrator Guide
Maximum licensed/configured The maximum concurrent sessions for the 5520 AMS server has
user sessions reached been reached either the maximum allowed by your license, or
the maximum concurrent settings configured in User Settings.
See Procedure 61 for information about configuring User
Settings.
(2 of 2)
1 Log in to the 5520 AMS application server as amssys. See Procedure 8 for more information.
date ↵
63 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Logging in to the 5520 AMS
1 Log in to the 5520 AMS server workstation as the amssys user by performing one of the
following:
• If you are logged in as a root user, switch to the amssys user by typing:
su - amssys ↵
amssys ↵
After enabling the server for login from trusted hosts, you may need to assist the
users to log in to the 5520 AMS. For more information about the tasks that a user
needs to perform to log in to the 5520 AMS from a trusted host, see the 5520 AMS
User Guide.
Issue: 02 3JL-01001-BWAB-PCZZA 64
Logging in to the 5520 AMS Administrator Guide
1 Navigate to the folder in which you installed the 5520 AMS client application.
Note — Starting the client application in the Red Hat Enterprise Linux
operating system using the amsclient script requires that the terminal
window be open while the client is running.
•
To start the 5520 AMS client with restricted server settings using the command prompt,
type:
where:
path is the path to the 5520 AMS installation directory; for example, C:\Program Files\ams
IP_address is the IP address of the 5520 AMS server
• For both Windows and Red Hat Enterprise Linux client, in the 5520 AMS installation
directory, edit the amsclient.ini file.
•
Add the following lines to the amsclient.ini file:
-serverip
IP_address
65 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Logging in to the 5520 AMS
-grayoutserveratlogin
Note 1 — Add these lines before the -vmargs line in the amsclient.ini file.
Note 2 — You need to add the IP_address on a new line in the amsclient.ini
file.
• Save and close the amsclient.ini file.
3 Start the 5520 AMS client. For more information about starting the 5520 AMS client, see the
5520 AMS User Guide.
Issue: 02 3JL-01001-BWAB-PCZZA 66
Logging in to the 5520 AMS Administrator Guide
67 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing licenses
5 Managing licenses
5.1 Licensing overview
Issue: 02 3JL-01001-BWAB-PCZZA 68
Managing licenses Administrator Guide
Parameter Type of license GPON License for subscribers on NEs with ONTs
4.7
Licensed Indicates whether NEs, true The NE or service pack is licensed, applies to unlimited
5529 Enhanced Applications or features only
service packs are licensed
Enabled The 5529 Enhanced Application is licensed
Notes
(1) The data and voice ports are counted in separate counters. These ports are counted for reporting the number of data and voice ports in the
‘IP DLSAM Subscribers’ license usage in the Object Details view. Hence the licensed number is reported as ‘-1’ for ‘IP DSLAM Data
Subscribers’ and ‘IP DSLAM Voice Subscribers’ counters.
A new host ID due to any change in the server hardware results in automatically
deleting any AMS licenses associated with the old host ID when the AMS server
starts. In a cluster configuration, the license keys are deleted only if they are not
associated with any host ID of servers.
If the host ID changes due to any change in the server hardware, you need to install
the license keys for the new host ID. See Procedure 10 for information about adding
a license key.
Before you proceed, make sure your user account is assigned a role that includes
the necessary functions to perform the procedures in this chapter. See Table 19 for
more information on 5520 AMS function descriptions.
69 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing licenses
Issue: 02 3JL-01001-BWAB-PCZZA 70
Managing licenses Administrator Guide
71 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing licenses
You can add a license for objects that are not already in your license list. If you add
a license key that includes an object for which you are already licensed, you will
receive an error message.
Note 1 — A .tar file can contain multiple .pdf or .txt license files,
which are uncompressed after uploading to the server. The
individual license files are then validated before installation.
Note 2 — A .txt file or .pdf file can contain multiple licenses.
• Copy the license key from the locally stored license file and paste it in the License Key
field. Optionally, enter the description of the license in the Description field.
• Browse and select the license file (in .txt, .pdf, or .tar file format) in the License File field.
The default option is .txt.
Result: The licenses are verified and installed. In case an error occurs, no license will be
installed. See Table 15 for the scenarios in which installation of licenses may fail.
5 Close and restart the 5520 AMS client for the newly installed licenses to take effect.
Issue: 02 3JL-01001-BWAB-PCZZA 72
Managing licenses Administrator Guide
2 Transfer the license files to be installed to a temporary directory in the 5520 AMS server.
Note
(1) When you use the --force option, the script forcefully installs all licenses from the license file(s). If the license exists, then the existing license
is replaced by the new license.
Result: The licenses are verified and installed. In case an error occurs, no license will be
installed. See Table 15 for the scenarios in which installation of licenses may fail.
If an error occurs while processing the license file Error processing license [txt/pdf/tar] file {file
name}
(1 of 2)
73 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing licenses
If no license is found or the license file is License file {file name} corrupted or doesn't
corrupted contain license keys
If a file format other than .pdf, .txt, or.tar is The uploaded license file format { file name } is
uploaded not supported
If the path and filename entered in the License The uploaded license file { file name } doesn't
File field is incorrect exist
If you install a duplicate license License Key(s) {keys that are already present in
the system} already exists
If you install a license the host ID of which does The hostid in the license does not match the
not match the host ID of the 5520 AMS server hostid of the server(s) {host id present in the
license key}
(2 of 2)
Result: The Object Details view displays the license key parameters. See Table 13 for
information about the license key parameters.
Issue: 02 3JL-01001-BWAB-PCZZA 74
Managing licenses Administrator Guide
Result: The Object Details view displays the license key details.
4 Navigate to the directory where you store your license key PDF files and open the file that
you need to use.
5 Copy the license key number from the PDF file and paste it in the License Key field.
This section describes procedures to view license usage and to add or remove LT
licenses which are applicable only for 10G_PON_enabled_LT license. You can add
or remove LT licenses only when the 10G_PON_enabled_LT license is installed in
the 5520 AMS.
75 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing licenses
Note — You can select multiple NEs for adding or removing the LT
licenses.
Result: The Add LT Licenses window or Delete LT Licenses window opens based on the
chosen option.
3 In the Add LT Licenses window, you can enter the number of licenses to be added and in the
Delete LT Licenses window, you can enter the number of licenses to be removed.
4 Click Finish.
Result: When the addition or deletion of LT license is complete, the 5520 AMS displays the
Target, Description, Status and Additional Information in the Action Details window.
2 Choose the license License Usage 10G_PON_enabled_LT from the Network Tree.
Result: The Object Details view displays the information about the LT license count and the
list of LTs that are enabled with the license.
Issue: 02 3JL-01001-BWAB-PCZZA 76
Managing licenses Administrator Guide
77 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Using the 5520 AMS securely
7 Managing SSL
8 Managing HTTPS
Issue: 02 3JL-01001-BWAB-PCZZA 78
Using the 5520 AMS securely Administrator Guide
79 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Using the 5520 AMS securely
Secure installation When securing your installation, see the 5520 AMS
Solution Planning Guide for information about ports and
services the 5520 AMS requires to operate correctly.
SSL between the application server and You can use SSL with the default keystore or a customized
the client keystore.
SSL communication between the application server and
the client is disabled by default. See Chapter 7 for
information about configuring SSL.
HTTPS between the application server A default HTTPs certificate is provided with the 5520 AMS,
and 5529 Enhanced Applications no configuration is required.
See Chapter 8 for information about replacing the default
certificate with one of your own.
5520 AMS user accounts Three UNIX user accounts are created on the application
server: amssys, amsftp and amssftp.
amssys is used by operators to connect to the server, you
need to change the password on the application server.
amsftp and amssftp are used by the NEs when transferring
files. If you choose to change the passwords for these
accounts, you need to change them on the application
server and in the 5520 AMS GUI. See the 5520 AMS
Installation and Migration Guide for more information.
See the 5520 AMS Installation and Migration Guide for
more information about user accounts.
SSL between the application server and The NEs do not use SFTP for file transfer by default.
the NEs You can choose the protocols used for file transfer
between the 5520 AMS and the NEs. See Procedure 140.
Secure communication for NEs that use See the Operations and Maintenance guide for the NE for
IPSec information about configuring IPSec.
(1 of 2)
Issue: 02 3JL-01001-BWAB-PCZZA 80
Using the 5520 AMS securely Administrator Guide
You can also track user activity with the User Activity Log.
See Section 27.3.
(2 of 2)
81 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing SSL
7 Managing SSL
7.1 SSL overview
Issue: 02 3JL-01001-BWAB-PCZZA 82
Managing SSL Administrator Guide
The 5520 AMS client gets the keystore key and password from the server when you
download the client. Therefore, if you update the keystore file on the server, you must
download a new client to communicate with the server.
The types of entries in the keystore file are:
• Key entries: Each entry includes sensitive cryptographic key information that is
stored in a protected format to prevent unauthorized access. The key stored in a
key entry is a private key that is accompanied by the certificate chain for the
corresponding public key. The keytool and jarsigner tools only handle private keys
and their associated certificate chains.
• Trusted certificate entries: Each entry contains one public key certificate that
belongs to another party. The entry is called a trusted certificate because the
keystore owner trusts that the public key in the certificate belongs to the identity
identified by the owner of the certificate. The owner of the certificate vouches for
this by signing the certificate.
To perform the procedures in this section, you need to log in to the 5520 AMS server
as amssys. See Procedure 8 to log in to a 5520 AMS server as amssys.
83 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing SSL
Result: The keystore file is generated in the current directory. Ensure that amssys has the
required permissions to the current directory.
2 Go to the directory where the keystore file is generated in the workstation window and type:
Result: The keystore type, keystore provider, and certificate fingerprint are displayed.
Issue: 02 3JL-01001-BWAB-PCZZA 84
Managing SSL Administrator Guide
Procedure 18 To enable SSL between the 5520 AMS server and 5520 AMS GUI client
Use this procedure to enable SSL communication between the 5520 AMS server and 5520 AMS
GUI client. Enabling SSL does not require you to download a new client.
ams_server stop ↵
i Use the following command if you want to enable SSL with the default keystore shipped
with AMS:
ams_enable_ssl.sh default ↵
ii Use the following command if you want to enable the last used SSL configuration:
ams_enable_ssl.sh ↵
ams_server start ↵
85 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing SSL
• You need the path to the keystore file on the 5520 AMS server and the keystore
password.
• Perform one of the following steps, as applicable:
• Generate a customized keystore. For information about generating a customized
keystore, see Procedure 16.
ams_server stop ↵
where:
path-to-keystore-file is the path to the keystore file on the 5520 AMS server.
keystore password is the customized keystore password.
For example:
ams_enable_ssl.sh /tmp/ams.keystore amsams.
ams_server start ↵
Issue: 02 3JL-01001-BWAB-PCZZA 86
Managing SSL Administrator Guide
ams_check_ssl.sh ↵
1 Enable the SSL between the 5520 AMS Server and the 5520 AMS GUI Client. For
information about enabling SSL, refer to 18
2 Install the Windows/Red Hat Enterprise client from the 5520 AMS server. For information
about installing the client, see the 5520 AMS Installation and Migration Guide.
87 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing SSL
3 In the Red Hat Enterprise Linux systems, verify that the keystore and amsclient.ini files are
overwritten by the new files.
Note — Perform the following only if the UNIX user is not assigned to
the amssys group.
For a shared client installation, log in to the 5520 AMS server as amssys
and modify the permissions on the keystore and amsclient.ini files by
typing
where
path is the path to the location where the client is installed.
Perform this procedure to switch from using the default keystore to using a customized keystore.
You need a generated customized keystore file. See Procedure 16 to generate a customized
keystore.
Issue: 02 3JL-01001-BWAB-PCZZA 88
Managing SSL Administrator Guide
ams_server stop ↵
ams_enable_ssl.sh default ↵
ams_server start ↵
To reinstall Windows or Red Hat Enterprise Linux client, see Procedure 21.
89 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing SSL
Procedure 24 To disable SSL between the 5520 AMS server and the 5520 AMS GUI
client
Perform this procedure to disable SSL communication between the 5520 AMS server and the
5520 AMS GUI client; using default or customized keystore. You do not need to download a new
client.
ams_server stop ↵
ams_disable_ssl.sh ↵
ams_server start ↵
Issue: 02 3JL-01001-BWAB-PCZZA 90
Managing SSL Administrator Guide
Ports Description
8443 By default, the secure connection is enabled for HTTPS on this port.
If you want to force the server using a certain SSL protocol, you can manually modify
enabled-protocols in HTTPS configuration. For example, if you want to use TLSv1.2 only
for HTTPS, you can modify as the following configuration:
<https-listener name="https" socket-binding="https" security-realm="AxSSSLRealm"
enabled-cipher-suites="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_EC
DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_
SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256
_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_
CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA" enabled-protocols="TLSv1.2"
max-post-size="0"/>
4447 This port is used to establish the remote connection from a client to the 5520 AMS
server.
5445 and 5455 These ports are used to manage the messaging in HornetQ.
-Djavax.net.ssl.keyStore=keystore
-Djavax.net.ssl.keyStorePassword=5520AMSPinCode
-Djavax.net.ssl.trustStorePassword=5520AMSPinCode
91 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing SSL
1 Create a folder and from the folder execute the following command:
set RANDFILE=rand
keytool -genkeypair -alias AMS -keyalg RSA -keysize 2048 -validity 7300
-sigalg SHA256withRSA -keystore AMSKeyStore -storepass 123456
Note — The first and last name should be a common name and the URL
which is used to access the server. There can be wildcards in the
Common Name (*.nokia.com or 192.168.92.*).
• For a client: The client machine resolves the hostnames based on the information
provided in the certificate.
• For a server (Optional):
• Update the domain name on the server using sysctl -w
kernel.domainname=www.nokia.com
• Update /etc/sysconfig/network HOSTNAME
• Restart service of the NetworkManager.
Issue: 02 3JL-01001-BWAB-PCZZA 92
Managing SSL Administrator Guide
Copy openssl.cnf file (from where the OpenSSL was installed) and place it in the current
folder where the keystore is generated.
openssl x509 -signkey cakey.pem -req -days 3650 -in careq.pem -out
caroot.cer -extensions v3_ca -sha256
ii Click Import.
iv In the File to Import page, browse and select the created CA file.
93 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing SSL
Note 1 — The alias used when importing the AMS certificate and when
generating the keystore must be the same.
Note 2 —
• For Releases 9.5.03 and above, if required, after importing the AMS
certificate, you can remove the CA certificate using the following
command:
keytool -delete -noprompt -alias TestCA -keystore
AMSKeyStore
• It is mandatory for Release 9.5.02 and older releases to remove the
CA certificate from the keystore.
10 Access the 5520 AMS server using port 8443 on the web browser.
Result: If the certificate is successfully imported, a green lock icon appears on the address
bar of the web browser.
Before you proceed, ensure you have installed Java JRE or JDK.
Perform the steps in Procedure 26 as amssys to install a self-signed certification on
a 5520 AMS server.
Note — The commands provided in Procedure 26 is only for
reference. You must adapt the command line to meet your
specific requirements.
1 Create a folder and from the folder execute the following command:
set RANDFILE=rand
Issue: 02 3JL-01001-BWAB-PCZZA 94
Managing SSL Administrator Guide
keytool -genkeypair -alias AMS -keyalg RSA -keysize 2048 -validity 7300
-sigalg SHA256withRSA -keystore AMSKeyStore -storepass 123456
Note — The first and last name should be a common name and the URL
which is used to access the server. There can be wildcards in the
Common Name (*.nokia.com or 192.168.92.*).
4 Send the generated CSR file to a public CA. When requested, provide the required
information to the CA.
5 Import the signed caroot.cer certificate to the AMS keystore. Execute the command:
6 Import the AMS certificate to the AMS keystore. Execute the command:
Note 1 — The alias used when importing the AMS certificate and when
generating the keystore must be the same.
Note 2 —
• For Releases 9.5.03 and above, if required, after importing the AMS
certificate, you can remove the CA certificate using the following
command:
keytool -delete -noprompt -alias TestCA -keystore
AMSKeyStore
• It is mandatory for Release 9.5.02 and older releases to remove the
CA certificate from the keystore.
ii Click Import.
95 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing SSL
8 Access the 5520 AMS server using port 8443 on the web browser.
Result: If the certificate is successfully imported, a green lock icon appears on the address
bar of the web browser.
Issue: 02 3JL-01001-BWAB-PCZZA 96
Managing SSL Administrator Guide
97 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing HTTPS
8 Managing HTTPS
8.1 HTTPS overview
You can also configure the value of the AMS_PROTOCOL as HTTP but not HTTPS.
Issue: 02 3JL-01001-BWAB-PCZZA 98
Managing HTTPS Administrator Guide
$AMS_LOCALDATA_HOME/server/wildfly/server/amssys/configuration
Before you proceed, you need to log in to the 5520 AMS server as amssys. See Procedure 8 to
log in to a 5520 AMS server as amssys.
$AMS_SOFTWARE_HOME/conf/
ii Execute the following command to open the configuration file for editing in a text editor:
vi ams.conf
AMS_PROTOCOL=HTTP
99 3JL-01001-BWAB-PCZZA Issue: 02
Administrator Guide Managing HTTPS
User management
9 User accounts
10 PAPs
11 User sessions
9 User accounts
9.1 User accounts overview
When a user does not have permission to execute an operation, the 5520 AMS:
• Dims or hides menu items that apply to the operation
• Makes parameters read-only
9.1.2 Users
You need a user account to log in to the 5520 AMS. The 5520 AMS provides one
default admin user account. The admin can create other users and roles as required.
Each new user must be assigned at least one role.
9.1.3 Roles
A role can include one or more functions and can be assigned to one or more users.
There are default roles provided in the 5520 AMS. You can also create roles.
A role can be specific or more comprehensive. For example, a software administrator
may only need to manage software backups, restores, and upgrades, while a system
administrator needs to have full system access. Any combination of functions can be
grouped into a role.
Role Description
Administrator Perform all functions, including the functions in the other default roles. This is the
default superuser role.
Constructor Perform functions that are required to construct and manage the NEs in a network,
including creating NEs, starting and stopping supervision, planning units, creating
templates, and managing NE software.
NBI System System functions for OSS users that access the 5520 AMS using an NBI.
The default roles cannot be modified or deleted. A user with the Administrator role
can create, delete, assign, or modify other users and roles.
See Procedure 44 to view the functions that are assigned to a user with the default
roles. For a complete list of all the functions and what they allow users to do, see
Table 19.
9.1.4 Functions
A function determines a set of operations that an operator can perform in the
5520 AMS. The operations that are allowed by the function are defined in the
software and cannot be changed by a user.
Functions can be added to roles, except the default roles. Roles can be assigned to
users to allow them to perform all the functions that are specified by the roles.
Many different functions are available in the 5520 AMS. Each function allows a user
to perform a specific type of operation. For example, Event - View is a function which
allows a user to view event settings in the Administration tree.
If you have the Edit function in a role, you cannot edit unless you have the View
function. For example, NE Edit function does not allow user to view NE details. In
order to create, manage, and delete NEs, you must have the View function.
• To create a role that allows to configure objects, you must add the following
functions to the role:
• Network Default – Edit
• Network – View
• NE - View
• To create a Troubleshoot role, you must add the following functions to the role:
• Network – Troubleshoot
• Network – View
• NE - View
You cannot create a function. However, you can create roles with various
combinations of functions. See Procedure 45 to create a role. See Procedure 44 to
view the functions that are assigned to a role. See Table 19 for a list of user functions
and what they allow users to do.
Note — The AMS NBI and NBI system default roles are used
exclusively by OSS users.
Constructor
AMS NBI
Operator
Viewer
5530 NA-F Settings - Edit Y Edit the 5530 NA-F settings in the
Administration tree (EMS
System→Site→5530 NA-F Settings).
5530 NA-F Settings - View Y View the 5530 NA-F settings in the
Administration tree (EMS
System→Site→5530 NA-F Settings).
(1 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Action Manager - Admin Y Manage and view jobs in the Action
Manager views, manage jobs created by
other users. (1)
Any user has access to the Action
Manager perspective, Action view, and
Historical Action view.
A user who has the Action Manager-
Admin function in their role can view and
modify the actions of all users.
A user who does not have the Action
Manager- Admin function in their role can:
• Modify only their actions (for example,
cancel, retry, and move to history).
• View the actions of all users.
Alarm - Manual Alarm Clear Y Clear an alarm manually from the AMS
Alarm Table. See the Alarms chapter in the
5520 AMS User Guide.
(2 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Alarm Settings - Edit Y Modify the following alarm settings in the
Administration tree:
• Configuration→Alarms→EMS Alarm
Severity Assignment→EMS Alarm
Severity Assignment
• Configuration→Alarms→Alarm
Settings
• Configuration→Alarms→NE Alarm
Processing Settings→NE Alarm Event
Log Filter
• Configuration→Alarms→ENV Alarm
Template→ENV Alarm Template
AMS NBI - Edit User Y Y Create or modify a user using the NBI.
AMS NBI - Notify Y Y Receive notifications.
AMS NBI Settings - Edit Y Configure the AMS NBI settings in the
Administration tree
(Configuration→NBI→EMS NBI Settings).
See Section 20.42.
AMS NBI Settings - View Y View the AMS NBI settings in the
Administration tree
(Configuration→NBI→EMS NBI Settings).
See Section 20.42.(6)
(3 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Cluster Settings - Edit Y Modify the following server settings in the
Administration tree:
• EMS System→Site
• EMS System→Site→DCN Settings
• EMS System→Site→Application &
Data Servers→Application Server
• EMS System→Site→Application &
Data Servers→Data Server
• EMS System→LDAP Server CA
Certificates→CA Certificate
Customized Web Links - Edit Y Y Add, modify, and delete customized web
links.
See Chapter 23.
(4 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Cut Through - Standard TL1 Y Y Y Use a standard TL1 interface to send
commands. (1)
(5 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
EMS Tracing Settings - Edit Y Configure the tracing of the EMS in the
Administration tree (Configuration→EMS
Tracing Settings).
See Section 20.24. (1)
EMS Tracing Settings - View Y View the tracing level of the EMS in the
Administration Tree (Configuration→EMS
Tracing Settings).
See Section 20.24.(6)
(6 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Find - Run Y Y Y Find objects with the Go to navigation bar
and the Find objects feature. (1)
GUI Client Download Page - Y Y Y Y Required to download the AMS client. This
View function is available in the default roles.
The GUI Client Download Page - View
function is available from 9.6.07.
When migrating from an AMS release
earlier to 9.6.07, this function is added to
all the existing roles available in the earlier
release.
GUI - Save to File on Client Y Y Y Y Use the Log File Selection menu in all the
Cut Through views.
Use the Save as, Save as CSV, Save as
XML in the Graphical View and Object
Details view.
Use the Export button in the PM views.
Use the Export menu in the Alarm
views. (1)
GUI - Save to File on Server Y Y Y Use the Copy Backup Files command from
the Backup Restore perspective.
See Chapter 18.
HDM NBI Settings - Edit Y Edit the HDM NBI Settings in the
Administration tree (EMS
System→Site→HDM NBI Settings).
HDM NBI Settings - View Y View the HDM NBI Settings in the
Administration tree (EMS
System→Site→HDM NBI Settings).(6)
(7 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Inventory Settings - Edit Y Modify the Inventory settings in the
Administration tree (Inventory→Basic
Settings).
See Section 20.38.
Log Files - View Y View the log files on the server from the
GUI.
See Chapter 27.
(8 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
NE - Edit Y Y Create, delete and modify (applicable on
attributes other than parent group) NEs
and NE Groups, start and stop supervision
of NEs, enable or disable alarm silent
mode for NEs. (1) (7)
To start and stop supervision of a single or
multiple NE groups, the security function
NE - Supervision at group level must be
assigned to the user role.
NE - Supervision at group Y Y Y Start and stop supervision of a single or
level multiple NE groups.
When the function is not enabled and a mix
of NEs and NE groups is selected, then the
start and stop supervision options will
continue to be unavailable until the NE
groups are deselected.
NE - Move Y Y Y Allows to change the parent group of an
NE or NE Group in the Object Details view
or by dragging and dropping the selected
objects in the tree. (7)
(9 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
NE Plug Settings - View Y View the NE Plug settings in the
Administration tree (Configuration→NE
Plug Specific Settings→<NE> <Release>
Settings). See Section 20.27.(6)
Network Alarm - Edit (5) Y Y Modify alarm severities, alarm filters, and
the ASAT. (1)
Network Default - Edit (5) Y Y Y Modify the attributes of objects that are
below the NE in the Network Tree and that
are not included in the other Network - Edit
functions. (1) (2)
Network E3/DS3 Port - Edit (5) Y Y Y Create and modify E3 and DS3 ports. (2)
Network Equipment - Edit (5) Y Y Plan and delete a rack, subrack, or slot. (1)
Network OAM - Edit (5) Y Y Modify the OAM IP address, trap definition,
SNMP, and SSH parameters.(3)
(10 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Network ONT - Edit (5) Y Y Y Create, delete, configure and clean up
ONTs. (2)
Network ONT Card - Edit (5) Y Y Y Create, delete, configure and clean up
ONT cards. (2)
Network ONT Port - Edit (5) Y Y Y Create, delete, configure and clean up
ONT ports. (2)
Network ONT Service - Edit (5) Y Y Y Create, delete, configure and clean up
ONT services. (2)
Network PON Port - Edit (5) Y Y Create, modify, delete, and clean up PON
ports. (2)
Network PON Port / ONT - Y Y Y Perform test operations, lock or unlock the
Troubleshoot (5) port, clear counters on PON subscriber
resources. (2)
A PON port is not considered as a
subscriber resource.
Network SHDSL Port - Edit (5) Y Y Y Create and modify SHDSL ports. (2)
Network Slot LT Other - Edit (5) Y Y Y Plan all types of LT units, and modify and
unplan other LT units and appliques. (2)
(11 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Network Slot LT SHDSL - Y Y Y Perform lock, unlock, and reset LT
Troubleshoot operations on SHDSL LT units.
Network Slot LT Voice - Edit Y Y Y Modify, and unplan Voice LT units.
Network Slot NT - Edit (5) Y Y Plan, modify, and unplan NT units and
force NT switchovers. (2)
Network Voice User Port - Y Y Y Create and modify Voice user ports. (2)
Edit (5)
Network Voice User Port - Y Y Y Perform test operations, lock or unlock the
Troubleshoot (5) port, clear counters on Voice subscriber
resources. (2)
Network XDSL Port - Edit (5) Y Y Y Create and modify ADSL and xDSL
ports. (2)
(12 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
PAP - View Y Y Y Y View PAPs and PAP groups in the
Administration tree.
• User Management→Partition Access
Profiles→PAP
• User Management→PAP
Groups→PAP Group
(13 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
SNMP Settings - Edit Y Modify the following SNMP settings in the
Administration tree:
• Configuration→SNMP→Connections
• Configuration→SNMP→NE Detection
Setting
• Configuration→SNMP→Trap Setting
• Configuration→SNMP→Retries
(14 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Subscriber Search Attribute Y Change the attributes categories for the
Categories, Custom Fields - subscriber search.
Edit See Chapter 15.
Subscriber Search Attribute Y Y Y Change the custom field attributes.
Categories, Custom Fields - See Chapter 15.
Attribute Edit
(15 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Time Zone Settings - Edit Y Configure the time zones used in the
Administration Tree (Configuration→Time
Zone Settings).
See Section 20.25.
Time Zone Settings - View Y View the time zones used in the
Administration Tree (Configuration→Time
Zone Settings).
See Section 20.25.(6)
User Activity Log - View Y View the user activity log corresponding to
the user’s own activity only.
See Chapter 27.
User Activity Log Settings - Y Configure the user activity log settings in
Edit the Administration tree
(Configuration→User Activity Log
Settings).
See Section 20.26.
User Activity Log Settings - Y View the user activity log settings in the
View Administration tree (Configuration→User
Activity Log Settings).
See Section 20.26.(6)
User Activity Log - View All Y Y Y View the user activity log of all users.
See Chapter 27.
User Management - Allow All Y Enables to create or modify users with all
Privileges roles and PAP groups.
(16 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Web Console – Debugger Y Edit the file log4j2.properties.
View the AMS GUI logs.
See Sections 27.12 and 27.13
(17 of 17)
Notes
(1) See the 5520 AMS User Guide.
(2) See the Operations and Maintenance guide for the NE.
(3) Modify the default SSH parameters only as described in the AMS documentation. If not, the customizations may
impact AMS server behavior.
(4) If you perform operations that require the Network - Troubleshoot function, your user role must also have the
NE - View and Network - View functions.
(5) If you perform operations that require a Network object - Edit function, your user role must also have the NE -
View, Network - View, and Network - Troubleshoot functions.
(6) If this function is not assigned to a user role, the settings object is not visible to the user in the Administration
tree.
(7) To allow a user to create an NE or NE Group, both security functions NE - Edit and NE - Move must be assigned
to the user role.
(8) To allow a user to lock or unlock another user, the security function User Management - View must be assigned
to the user role.
Parameter Description
General
Superuser Role Even if the total number of users allowed by the license is
reached, the AMS allows one additional user with the Superuser
Role to login. For instance, such a user can unblock the situation
by disconnecting inactive user sessions and thereby, letting
other users to login to the AMS.
Max. Number of Concurrent GUI The maximum number of concurrent GUI user sessions
User Sessions allowed.
Max. Number of Users displayed The maximum limit on the users displayed in the Administration
in Administration Tree Tree.
(1 of 3)
Parameter Description
Manage Users Based on PAP Select this check box to configure the 5520 AMS to restrict the
users based on PAP.
If the check box is checked, then only the users that contain one
or more PAPs of the current user appears in the Administration
Tree and the Table view.
By default, the check box remains unchecked.
For more information, see Section 10.1.
Global Max. Number of A global setting that specifies the maximum number of
Concurrent Session concurrent sessions allowed for users who have not applied a
user-level preference.
If a user has specified a user-level preference in the 'Maximum
Number of Concurrent Sessions' field in the User account
settings, then this global setting will not apply to the user.
Global Login Message A message that is displayed to users after they log in to the
5520 AMS client. The message can be 0 to 1000 characters.
Global Address Filter Specifies a global setting of IP addresses and subnet masks of
client workstations that are allowed to access the server.
If a user has specified a user-level preference in the 'Address
Filter' field in the User account settings, then this global setting
will not apply to the user.
When the Global Address Filter is modified, the session that do
not match the specified IP address mentioned in the filter is
disconnected.
Global Inactivity Lock Screen Specifies the duration of time that elapses with no GUI activity in
Timeout a user session before the 5520 AMS GUI screen is locked for
the specified user. For more information, see Section 11.7.
Global Inactivity Logout Timeout Specifies the duration of time that elapses with no GUI activity in
a user session before the user is logged out.
Also, the inactive user session is logged off when the number of
logged in sessions exceed the specified threshold limit.
For more information, see Section 11.5.
Exit the GUI instead of Logout on Specifies the exit time of the GUI, based on the Global Inactivity
Inactivity Logout Timeout Logout Timeout.
If the check box is checked, then the GUI will exit when the
Global inactivity Logout Timeout expires.
By default, the check box remains unchecked.
Global Timeout for Dormant Specifies the duration of time that elapses when a user has not
Account Lock logged in for a specific amount of time and the dormant account
gets locked. For more information, see Section 11.8.
Global Timeout for Dormant Specifies the duration of time that elapses when a user has not
Account Deletion logged in for a specific amount of time and the dormant account
gets deleted. For more information, see Section 11.9.
User Name
At Least One Numeric Character A minimum of one numeric character is required in usernames.
(2 of 3)
Parameter Description
Password
Must Differ From User Name (1) The password must be different from the username.
Refuse if Present in Dictionary (1) Select this check box to check the password entered by the user
against the password dictionary. If the password appears in the
dictionary, then the password is refused.
Loaded Dictionary File Displays the path of the last password dictionary uploaded.
Min. Time Before Password The minimum number of days that must elapse before a user
Reuse can reuse a password.
Enforce Password History Prohibits the user from re-using one of the last ten passwords.
Password Aging (2) When the value set in the Maximum Password Age parameter
expires, the 5520 AMS forces the user to change the password
on the next login.
This parameter is overridden for individual users when you
enable the Bypass Password Aging Check parameter. See
Table 21.
By default, this check box is selected.
Maximum Password Age The maximum number of days that the user can use the
password.
Password Expiration Warning (2) Selecting this box allows the configuration of a password
expiration warning to be displayed at user login for a configured
number of days prior to the password expiration date till the user
changes the password.
Password Expiration Warning Specifies the number of days prior to the password expiration
Period date from when the password expiration warning will be
displayed to the user at the time of login. The user has the option
to change the password when this warning is displayed.
Max. Number of Password Specifies the number of times password can be changed in a
Changes per Day (2) calendar day. The range is from 1 to 12. By default, this value is
set to 1.
(3 of 3)
Note
(1) When an administrator creates a user account, password complexity rules are not checked. These rules are
checked only when you change your password using the Change Password option. Nokia recommends that
you always enable the Change Password on Next Login (2) parameter in combination with this option.
(2) If the number of the times the password has been changed in a day exceeds the configured value, a warning
message “Max. number of password change attempts reached” is displayed in the change Password window
and the password can only be changed the next day.
Common tab
Change Password on Next Login (2) Select the check box Prompts the user to change the
password the next time the user logs
in.
Bypass Password Aging Check Select the check box The password does not expire,
overriding the password aging value
set in the user settings. See Table 20.
Roles Click Add to select See Roles for more information about
user roles roles.
If the current user has a role that
includes the security function "User
Management - Edit" but not the
function "User Management - Allow
All Privileges", then only the roles
containing the security functions of
the current user are available for
selection.
When the user role is modified, the
logged in user is logged off.
Allowed PAP Groups Click Add to select See Chapter 10 for more information
PAP groups for the about PAP groups.
user If the current user has a role that
includes the security function "User
management - Edit" but not the
function "User management - Allow
All Privileges", only the PAP groups
containing the PAPs of the current
user are available for selection.
When the list of PAP groups is
modified, the logged in user is logged
off.
(1 of 5)
Locked Select the check box Prevents the user from logging in to
the account.
When this parameter is modified the
logged in user is logged off.
Advanced tab
Use Global Login Message Select the check box Use the global login message
configured in the user settings. See
Table 20.
Use Global Address Filter Select the check box Select this check box to set the
(Selected by default) address filter for this user account as
per the setting defined in the 'Global
Address Filter' parameter.
This setting can be applied to users
created from a remote authorization
server, when the remote server does
not provide this setting.
When the Global Address Filter is
modified, the session that does not
match the specified IP address
mentioned in the filter is
disconnected.
Address Filter Use the format IP addresses and subnet masks of
IP_address/subnet_ client workstations that are allowed to
mask, with each access the server.
entry separated by a When the Address filter is modified,
comma. the session that does not match the
By default, the value specified IP address mentioned in the
of this parameter is filter is disconnected.
empty. In such
cases, the user
cannot login to the
server. When the
value is set to
0.0.0.0/0, full access
is given to the user.
(2 of 5)
Last Successful Authorization Internal Database Specifies the Authorization source for
Source LDAP the user.
RADIUS The value ‘-’ is for manually created
users who are not logged in.
Client OS
-
Use Internal Database Select this check box When LDAP or RADIUS
(selected by default) authentication is configured, select
this parameter to override that
configured authentication and use
local authentication (authentication
using the internal database) for the
user.
When LDAP or RADIUS
authentication is used, it is
recommended to select this
parameter as well for users that have
the administrator role so that they can
still log in to the 5520 AMS system
when the LDAP or RADIUS server is
down.
Even though NBI users can be
remotely authenticated, it is
recommended to select this option for
such users to avoid contacting the
remote authentication/authorization
server at each login.
See Section 20.33 for information
about enabling LDAP and RADIUS
authentication.
Inactivity
Inactivity Logout Timeout (3) Global (As in User The type of inactivity logout timeout
Settings) for this user account.
User Defined The inactive user sessions are
No Inactivity Timeout logged off when the number of logged
in sessions exceed the specified
threshold limit.
(3 of 5)
Inactivity Lock Screen Timeout (3) Global (As in User The type of inactivity lock screen
Settings) timeout for this user account.
User Defined
No Inactivity Timeout
Dormant Account Lock Policy No Lock Timeout The type of lock timeout for this
Global dormant account.
User Defined
Dormant Account Lock Timeout - The length of time after which the
user is locked when the user account
is dormant. Configurable only when
the Dormant Account Lock Policy
parameter is set to User Defined.
Dormant Account Deletion Policy No Delete Timeout The type of deletion timeout for this
Global dormant account.
User Defined This parameter also applies to user
accounts created automatically
through a remote authorization
server.
Dormant Account Deletion Timeout - The length of time after which the
user is deleted when the user
account is dormant. Configurable
only when the Dormant Account
Deletion Policy parameter is set to
User Defined.
Miscellaneous
(4 of 5)
Statistics
(5 of 5)
Notes
(1) When an administrator creates a user account, password complexity rules are not checked. These rules are
checked only when you change your password using the Change Password option. Nokia recommends that
you always enable the Change Password on Next Login (2) parameter in combination with this option. When the
password is changed, if there are any logged in users, they will be logged off immediately.
(2) This parameter does not apply if remote authentication is enabled.
(3) In LDAP server, the supported options for Nokia-AMS-InactivityLogoutTimeout and
Nokia-AMS-InactivityLockScreenTimeout parameters is GLOBAL, NONE, and USER.
Note — The password that you assign to the 5520 AMS user is
stored in the 5520 AMS database. This 5520 AMS user
password does not override the password that is specified in
the RADIUS server.
When you create a user, you associate roles and PAP groups with the user to
configure the access privileges and the NEs for which the user has access.
See Section 9.14 and Chapter 10 for the procedures to configure roles and PAP
groups.
By default, the 5520 AMS server uses internal database authentication. To enable
RADIUS or LDAP authentication, you must install a RADIUS or LDAP server and
configure the authentication settings for the site. For information about enabling,
disabling, and configuring RADIUS and LDAP authentication, see Section 20.33.
When remote authorization is enabled at the site, you can also create a user account
from the 5520 AMS GUI for each user that will be authorized from the remote
authorization server. In this case, even if remote authorization server is down, 5520
AMS GUI enables the user to log in after authorization by the 5520 AMS database.
• Create a user account to be always authorized and authenticated against the local
AMS database by selecting the Use Internal Database check box (default option).
For example, use this configuration for NBI users or local AMS administrators.
• Create a user account to be authorized and authenticated against the remote
LDAP or RADIUS server by deselecting the Use Internal Database check box. In
case of failure, the user can be authorized and authenticated against the local
AMS database, in a fallback scenario. The following parameters configured in the
user account created in the 5520 AMS GUI are not supported in this case:
• Password Aging
• Password Expiration Warning
• Change Password on Next Login
Note 1 — For security reasons, Nokia recommends that you do not use
generic usernames such as admin, helpdesk, support etc.
Note — If you have not created a role, click Create in the Select Roles
window to create a role. See Section 9.14 for the procedures to create a
role.
5 Assign a password for the user account, if required. The creation of a user with an empty
password fails, when the user is configured to log in using the 5520 AMS database as
authorization source.
ii Choose one or more roles from the list and click OK to return to the Create User window.
Note — If the current user creating a new user account has a role that
includes the security function "User management - Edit" but not the
function "User management - Allow All Privileges", then only the roles
containing the security functions present in the roles of the current user
are available for selection.
ii Choose one or more PAP groups from the list, and click OK to return to the Create User
window.
Note — When creating a new user adding the user to a PAP group is
mandatory. If not, an error is displayed.
If you have not created a PAP group, click Create in the Select Allowed
PAP Groups window to create a group. See Section 10.4 for the
procedures to create a PAP group.
The PAPGroup profile is the default profile and can be applied to the user to provide
access to all of the NEs that are configured on the 5520 AMS.
Note — If the current user creating the new user account has a role that
includes the security function "User management - Edit" but not the
function "User management - Allow All Privileges", only the PAP groups
containing the PAPs of the current user are available for selection.
8 Click Finish to add the user to the users list and close the Create User window.
Table 22 5520 AMS server scripts executed by users in the amssys group
2 To add a new user account to the amssys group, perform one of the following steps:
where:
homedirectory is the home directory of the new user account you want to add.
useraccount is the new user account you want to add to the amssys primary group.
where:
homedirectory is the home directory of the new user account you want to add.
useraccount is the new user account you want to add to the amssys secondary group.
Note — To execute the 5520 AMS server scripts listed in Table 22, log
in to the 5520 AMS application server as amssys or as a user in the
amssys group.
9.3.1 Copying the existing input files for the 5520 AMS
server scripts
The 5520 AMS server scripts, listed in Table 22, are executed by reading input files
containing the script parameters. Non-amssys users do not have access to the
default location, containing the input files, of the amssys user.
You can copy the existing input files for the 5520 AMS server scripts, listed in
Table 22, from the default location of the amssys user to the home directory of the
new user account in the amssys group.
Note 1 — If you copy the existing input files for the 5520 AMS
server scripts, listed in Table 22, and log in to the 5520 AMS
application server as a user in the amssys group, you can edit
the copied input files and execute the 5520 AMS server scripts.
For more information on editing the input files for the 5520 AMS
server scripts listed in Table 22, refer to the individual sections.
Note 2 — If you do not copy the existing input files for the
5520 AMS server scripts, listed in Table 22, and log in to the
5520 AMS application server as a user in the amssys group,
you must create the input files before executing the 5520 AMS
server scripts. For more information on creating the input files
for the 5520 AMS server scripts listed in Table 22, refer to the
individual sections.
Procedure 31 To copy the existing input files for the 5520 AMS server scripts
• If you added a new user account to the amssys primary group, copy the existing input file
for the 5520 AMS server script from the default location of the amssys user to the home
directory of the new user account in the amssys primary group. Type:
cp inputfile_amssys inputfile_amssys_pri_grp ↵
where:
inputfile_amssys is the full path to the input file for the 5520 AMS server script provided for the amssys
user. For example: $AMS_LOCALDATA_HOME/oss/conf/ams_user_mgr.csv
inputfile_amssys_pri_grp is the full path to the input file for the 5520 AMS server script in the home
directory of the new user account in the amssys primary group. For example:
/var/opt/ams/users/amsfielduser/ams_user_mgr.csv
• If you added a new user account to the amssys secondary group, copy the existing input
file for the 5520 AMS server script from the default location of the amssys user to the
home directory of the new user account in the amssys secondary group. Type:
cp inputfile_amssys inputfile_amssys_sec_grp ↵
where:
inputfile_amssys is the full path to the input file for the 5520 AMS server script provided for the amssys
user. For example: $AMS_LOCALDATA_HOME/oss/conf/ams_user_mgr.csv
inputfile_amssys_sec_grp is the full path to the input file for the 5520 AMS server script in the home
directory of the new user account in the amssys secondary group. For example:
/var/opt/ams/users/amsfielduser/ams_user_mgr.csv
Additional options are required when you run the script. See Procedure 34 for more
information. The options are mutually exclusive. The sub-options A, D, and R for the
-m option are also mutually exclusive, for example, if you need to add one value and
replace another, you need to run the script twice.
Table 23 User configuration options for the ams_user_mgr script
Option Description
-a Add users
-d Delete users
-m A Modify users. The A specifies that the values in the input file will be added to the
existing parameters in the user’s account, for example, a specified role will be
added to the user’s list of roles.
-m D Modify users. The D specifies that the values in the input file will be deleted from
the existing parameters in the user’s account, for example, a specified role will
be removed from the user’s list of roles.
-m R Modify users. The R specifies that the values in the input file will replace the
existing parameters in the user’s account, for example, a specified list of roles
will become the user’s list of roles. This is the default modification.
-s Suspend users
-r Resume users
-e Expire user passwords. The Must Change Password on Next Login parameter
will be changed to True.
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
• If you logged in as amssys, open the following sample input file in a text editor:
$AMS_LOCALDATA_HOME/oss/conf/ams_user_mgr.csv
• If you logged in as a user in the amssys group, open the copied input file in a text editor.
For information on copying the existing input file, see Procedure 31.
• Create a new input file in an editor.
3 Configure the parameters as comma-separated values with one line for each user.
Table 24 describes the parameters for the add user and modify user options.
Table 25 describes the parameters for the delete user, suspend user, resume user, list user,
and expire password options.
user1,123456,AMS NBI,allPAPs,test
user,true,,false,0.0.0.0/0,false,1,Global(As in User
Settings),,false,false,false,false,true,,,
PAP groups Yes for add user The list of PAP groups to assign to the user. Use colons (:) to separate
No for modify user multiple PAP groups.
If the current user has a role that includes the security function “User
management - Edit” but not the function “User management - Allow All
Privileges”, then the PAP Groups containing only the PAPs of the current
user or a user with lower-level PAPs must be provided as input for
successful creation or modification.
(1 of 3)
Login message No The login message to use if Use global login message is false.
Address filter No Filter logins from specified IP addresses. To enter multiple IP addresses,
separate them using a comma (,). For example,
192.168.1.2/24,192.190.1.1/24.
By default, the value of this parameter is empty. In such cases, the user
cannot login to the server. When the value is set to 0.0.0.0/0, full access
is given to the user.
Max concurrent No The maximum number of concurrent sessions for the user. The range is
sessions from 1 to 1000. The default is 1.
Timeout No Number of minutes before a user is logged out if Inactivity Timeout is set
to User Defined. The range is from 5 to 525 600.
Locked No True or false. The default is false.
The parameter indicates whether the user login is disabled.
Command timeout No The timeout in seconds, if Use global command timeout is set to false.
Allowed TL1 No The TL1 commands the user is allowed to run using certain
Commands 5529 Enhanced Applications. The default is ““.
Use colons (:) to separate multiple commands,
for example,
RTRV-HDR:RTRV-EQPT:RTRV-ONT.
(2 of 3)
Inactivity Lock No The type of inactivity lock screen timeout for this user account.
Screen Timeout
Lock Screen No The length of time after which the 5520 AMS GUI screen is locked when
Timeout Yes, if there is no user activity on the GUI.
inactivityLockScreenTim Configurable only when the Inactivity Lock Screen Timeout parameter is
eout = User Defined set to User Defined.
Dormant Account No The type of lock timeout for this dormant account.
Lock Policy
Dormant Account No The length of time after which the user is locked when the user account is
Lock Timeout Yes, if dormant.
dormantAccountLockPol Configurable only when the Dormant Account Lock Policy parameter is set
icy = User Defined to User Defined.
Dormant Account No The type of deletion timeout for this dormant account.
Deletion Policy This parameter also applies to user accounts created automatically
through a remote authorization server.
Dormant Account No The length of time after which the user is deleted when the user account
Deletion Timeout Yes, if is dormant.
dormantAccountDeletion Configurable only when the Dormant Account Deletion Policy parameter
Policy = User Defined is set to User Defined.
Hidden Account No This is a licensed feature and is disabled by default. Please contact your
Nokia representative for further information.
Enabling this check box prevents detection of any configuration changes
made by this user. The user account is hidden from other users, as
operations of the user are not logged in the user activity log or security log,
and the user session is not listed as an active session when the user is
logged in. It is recommended to assign the “Viewer” role to this user to
prevent execution of configuration changes. This check box is not
selected, by default. This parameter will take effect at the next login. When
any changes are made to this parameter, the logged in user session
is disconnected.
Custom Fields No The custom fields attributes which are added by users.
(3 of 3)
Table 25 Delete user, suspend user, resume user, list user and expire password input file pa-
rameters
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
createUsernamePassword ↵
3 Type the username and press ↵. You are prompted to enter a password.
Result: The script takes the username and password, encrypts the password, and saves both
to a file called ams.password in the $AMS_SHAREDDATA_HOME/config directory of the
active data server. When you perform Procedure 34, you do not need to enter the -username
or -password options when you run the ams_link_mgr, ams_hub_sub_link_mgr,
ams_user_mgr, or ams_ne_mgr scripts.
Note — When you run this script with the ‘-efile’ option, the file is created
under $AMS_SHAREDDATA_HOME/config of the active data server
with the name of the file provided for the -efile option.
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
where:
[options] is the options you need to enter, as shown in Table 27.
input_file is the full path to the input file you configured in Procedure 32.
Note — If you do not specify an input file, the script will read the
example input file at
$AMS_LOCALDATA_HOME/oss/conf/ams_user_mgr.csv.
Option Description
(1 of 2)
Option Description
-a Add users
-d Delete users
-m A Modify users. The A specifies that the values in the input file will be added to the
existing parameters in the user’s account, for example, a specified role will be
added to the user’s list of roles.
-m D Modify users. The D specifies that the values in the input file will be deleted from
the existing parameters in the user’s account, for example, a specified role will
be removed from the user’s list of roles.
-m R Modify users. The R specifies that the values in the input file will replace the
existing parameters in the user’s account, for example, a specified list of roles
will become the user’s list of roles. This is the default modification.
-s Suspend users
-r Resume users
-e Expire users’ passwords. The Must Change Password on Next Login parameter
will be changed to True.
-pfile file Specify the name of the properties file, which is used by the script for
configuration. The file must be in the shared directory of the data server,
$AMS_SHAREDDATA_HOME/config. The default properties file is
ams_mgr.conf. The configuration changes to the properties file must be done on
the active data server.
-efile file Specify the name of the password file created in Procedure 33, which is used by
the script to get username and password. The file must be in the shared directory
of the data server, $AMS_SHAREDDATA_HOME/config. The default password
file is ams.password.
-logdir directory Specify a directory to save the log to. The default directory is
$AMS_LOCALDATA_HOME/log.
-username The username of a 5520 AMS client user with the AMS NBI - Edit - User function.
username(1)
or -u username
-keystore key The full path to the keystore file. By default, the 5520 AMS retrieves the path
from the properties file.
-keypass The password for the keystore file. By default, the 5520 AMS retrieves the
password password from the properties file.
-nbihost URL The URL of the NBI client the 5520 AMS needs to connect to.
The default URL is https://server:8443, where server is the host name or IP
address of the 5520 AMS server.
If you are using HTTP, enter http://server:8080/.
(2 of 2)
Notes
(1) This option is not necessary if you have performed Procedure 33.
(2) If the password contains special characters you need to follow shell quoting rules. Normally this can be done
by enclosing the password in single quotes.
If the password includes single quotes you can use one of the following:
Example password: $pec'ch*rs"
Single Quotes: -password '$pec'\''ch*rs"'
Double Quotes: -password "\$pec'ch*rs\""
Backslash Quotes: -password \$pec\'ch\*rs\"
(3) If the password is not entered for a username, but the input file is specified, the corresponding user is not
created. No error message is displayed. If an incorrect password is entered, an error message “FAILURE:
Authentication failed for user” is displayed.
3 The script executes, displaying success messages for each user created. A log file is created
called ams_user_mgr.log.
Note — If you want to lock the admin user, you need to make
sure that there is at least one user with an Administrator role.
Result: A list of users appears in the Administration Tree and the Table view. The
Administration Tree displays Locked beside the names of users that are locked.
• To lock multiple users, select the users that you need to lock and proceed to step 3.
• To lock a single user, select the user that you need to lock and proceed to step 4.
Result: A list of users appears in the Administration Tree and the Table view. The
Administration Tree displays Locked beside the names of users that are locked.
• To unlock multiple users, select the users that you need to unlock and proceed to step 3.
• To unlock a single user, select the user that you need to unlock and proceed to step 4.
Note 1 — If all users belonging to a specific role are already locked, the
menu option to lock all users is disabled.
Note — If all users belonging to a specific role are unlocked, the menu
option to unlock all users is disabled.
2 Choose a user.
Result: The Object Details view opens for the selected user.
Result: The Object Details view displays the user setting parameters.
3 Configure the User Name and Password parameters in the Object Details view. See User
settings for more information about security setting parameters.
4 Click the Apply icon ( ) to save the new password and username rules.
Result: The Object Details view opens for the selected user.
3 Change the password in the Password and Re-Type Password fields in the Object Details
view.
5 Repeat steps 2 to 4 for each user for which you need to change the password.
Caution — Passwords for the amsftp and amssftp users cannot include
the @ or : symbols.
passwd username
where:
username is the name of the user whose password you need to change.
Note — Red Hat Enterprise Linux allows three attempts to re-enter the
new password. After three unsuccessful attempts, you will need to enter
the passwd command again.
3 Type the full directory path and filename of the password dictionary file in the Dictionary File
Location field.
Note — If the size of the password dictionary file is large, it takes longer
to upload. For example, a 10 MB file takes 30 minutes to upload.
Note 1 — The Object Details view under the User Settings displays the
path for password dictionary in the Loaded Dictionary File field which is a
read-only field.
The passwords in the dictionary file are not case sensitive, therefore only
a word match of the password is checked.
Note 3 — Any line that starts with a hash (#) symbol in the password
dictionary file will be considered as a comment line.
2 To view all of the functions in the 5520 AMS, choose Role (Administrator).
Result: The functions are displayed on the Configuration tab in the Object Details view.
3 To view the assigned functions contained in another role, choose the role in the
Administration Tree.
Result: The allowed functions for that role are displayed on the Configuration tab in the
Object Details view.
3 Enter a name for the user role in the Roles field and click Next.
6 Click Add next to the Allowed Functions field to add functions to the role.
7 Choose one or more functions from the list and click OK to return to the Create Role window.
Note — If the current user has a role that includes the security function
"User management - Edit" but not "User management - Allow All
Privileges", only the security functions of the current user are available for
selection.
8 Click Finish to add the user role to the roles list and close the Create Role window.
You can assign the user role when you create a user, as described in Section 9.2, or assign
the user role to existing users, as described in Section 9.15.
Result: The role details are displayed in the Object Details view.
Result: The Select Users window appears and lists the available users.
4 Choose the users you need to associate with the role, and click OK.
Result: The chosen users are associated with the role and appear in the Users field. The
‘locked’ or ‘unlocked’ status of the user is displayed in brackets next to each username in the
Users field.
The All Users Locked field indicates if all users are locked, no users are locked, or some
users are locked. The possible values are ‘Yes’, ‘No’, or ‘Partially’.
Note 1 — You can create a user using the Select Users window. Click
Create.
Note 2 — You can delete a user using the Select Users window. Choose
the user that you need to delete and click Delete.
Note — The user with superuser role can have only one additional login
session to the 5520 AMS beyond either the concurrent login limits that
are configured by the administrator or session limits allowed by your
license.
10 PAPs
10.1 PAPs overview
<PG2>, ... contain at least one PAP that is not in the role of the current user’ where
‘<PG1>, <PG2>, ...’ is a comma separated list of the PAP Groups that are causing
the problem.
• If the user that is to be deleted contains at least one PAP that is not in the current
user’s profile, then the user is not deleted and an error ‘The user cannot be
deleted as it is assigned to at least one PAP that is not in the role of the current
user’ is displayed.
Before you proceed, make sure your user account is assigned a role that includes
the necessary functions to perform the procedures in this chapter. See Table 19 for
more information on 5520 AMS function descriptions.
Result: The Create PAP window opens and prompts you to provide the details for the new
PAP.
Result: The PAP is displayed under Partition Access Profiles in the Administration Tree.
6 Associate the PAP with a new or existing NE. Perform one of the following steps:
1 In the Network Tree, choose the NE or group that you need to modify.
Result: The object details are displayed in the Object Details view.
Result: The Select Partition Access Profile window opens and lists the available PAPs.
4 Click OK.
Result: The PAP now associated with the object appears in the Partition Access Profile field.
3 At the prompt, enter a name for the PAP group in the Name field and click Next.
4 At the prompt, enter a description for the PAP group in the Description field.
Result: The Select PAPs window opens and lists the available PAPs.
The selected PAP is associated with the PAP group and appears in the PAPs field.
Note 1 — You can create a PAP using the Select PAPs window. Click
Create.
Note 2 — You can delete a PAP using the Select PAPs window. Choose
the PAP that you need to delete and click Delete.
7 Click Finish to save the PAP group and close the window.
Result: The PAP group appears under PAP groups in the Administration Tree.
Result: The PAP group details are displayed in the Object Details view.
Result: The Select Users window appears and lists the available user accounts.
iii Choose the user accounts you need to associate with the PAP group, and click OK.
Result: The chosen user accounts are associated with the PAP group and appear in the
Users field.
Note 1 — You can create a user account using the Select Users window.
Click Create.
Note 2 — You can delete a user account using the Select Users window.
Choose the user account that you need to delete and click Delete.
iv Click the Apply icon ( ) to save the changes.
11 User sessions
11.1 User session overview
The session type is GUI or OSS. A GUI session type indicates that a user is logged
in using the 5520 AMS GUI. An OSS session type indicates that a user is logged in
using an OSS interface. A user can be logged in using the 5520 AMS GUI and an
OSS interface, in which case two user sessions are listed, each displaying the
corresponding session type.
When a user executes operations through an NBI interface then, as part of the active
session, NBI interface does not display the OSS session.
When you login to a TL1 session using the 5520 AMS GUI, the session type is
displayed as TL1 in Object Details view.
Result: The list of active user sessions is displayed in the following format: Session
(username, IP address, session type).
2 Choose a user session from the session list in the Administration Tree or Table view.
Result: The Object Details view displays information about the user session.
Result: The Delete confirmation window appears with the following message: Are you sure
you want to delete the selected objects?
2 Choose a user.
3 In the Object Details view, click the Advanced tab and configure the Inactivity Logout Timeout
parameter. Perform one of the following steps:
• To disable timeout restrictions for the user, set the Inactivity Logout Timeout parameter
to No Inactivity Timeout.
• To configure a user-specific timeout, set the Inactivity Logout Timeout parameter to User
Defined, and enter a value in the Logout Timeout field. The range is from 5 to 525600 min.
• To apply the global timeout configuration to the user, set the Inactivity Logout Timeout
parameter to Global (As in User Settings).
2 In the Object Details view, enter a value for the Global Inactivity Logout Timeout parameter.
The range is from 5 to 525600 min. The default is 480 min (8 h).
2 Choose a user.
3 In the Object Details view, click the Advanced tab and configure the Inactivity Lock Screen
Timeout parameter. Perform one of the following steps:
• To disable timeout restrictions for the user, set the Inactivity Lock Screen Timeout
parameter to No Inactivity Timeout.
• To configure a user-specific timeout, set the Inactivity Lock Screen Timeout parameter to
User Defined, and enter a value in the Lock Screen Timeout field. The range is from 3 to
525600 min.
• To apply the global timeout configuration to the user, set the Inactivity Lock Screen
Timeout parameter to Global (As in User Settings).
2 In the Object Details view, enter a value for the Global Inactivity Lock Screen Timeout
parameter. The range is from 3 to 525600 min. The default is 10 min.
2 In the Object Details view, enter a value for the Global Timeout for Dormant Account Lock
parameter. The default value is 10000 days. The range is from 1 to 10000 days.
2 In the Object Details view, enter a value for the Global Timeout for Dormant Account Deletion
parameter. The default value is 10000 days. The range is from 1 to 10000 days.
2 Choose a user.
3 In the Object Details view, click the Advanced tab and configure the Dormant Account Lock
Timeout Policy parameter. Perform one of the following steps:
• To disable timeout restrictions for the user, set the Dormant Account Lock Timeout Policy
parameter to No Lock Timeout.
• To configure a user-specific timeout value, set the Dormant Account Lock Timeout Policy
parameter to User Defined. The default value is 10000 days and the range is from 1 to
10000 days.
• To apply the global timeout configuration for the user, set the Dormant Account Lock
Timeout Policy parameter to Global (As in User Settings).
2 Choose a user.
3 In the Object Details view, click the Advanced tab and configure the Dormant Account
Deletion Timeout Policy parameter. Perform one of the following:
• To disable timeout restrictions for the user, set the Dormant Account Deletion Timeout
Policy parameter to No Delete Timeout.
• To configure a user-specific timeout value, set the Dormant Account Deletion Timeout
Policy parameter to User Defined. The default value set is 10000 days. The range is from
1 to 10000 days.
• To apply the global timeout configuration for the user, set the Dormant Account Deletion
Timeout Policy parameter to Global (As in User Settings).
2 Configure the maximum number of concurrent GUI user sessions. The range is from 1 to 400.
However when the number of users populated in 5520 AMS exceed the value set in
the maximum number of users displayed in Administration Tree, the user list is
replaced with a Search User icon
With the search option, you can get the desired user details quickly than scrolling a
long list of users in the AMS GUI; see Procedure 63.
2 Configure the maximum number of users displayed in Administration Tree under the System
Settings in the General tab. The range is from 1 to 2000.
• New search (remove existing results): To display only the desired user
• Add the results to the existing ones: To display the required user including the existing
users. This is the default option.
After selecting the option, to search for a user, select the check box for one or more of the
following attributes, and then enter a search criteria to get the required search result.
• Name
• Full User Name
• Email Address
• Description
To display alarms on the user object, you can select the option “In addition, also show objects
with alarms”.
NE tasks
12 NE tasks overview
12 NE tasks overview
12.1 Overview of this volume
13.5 NE list
13.7 NE balancing
Before you proceed, you need to log in to the 5520 AMS server as amssys. See
Procedure 8 to log in to a 5520 AMS server as amssys.
ams_retrieve_ip_by_nename.sh NEname ↵
where:
NEname is the name of the NE.
The script returns the IP address of the NE. The IPv4 and IPv6 address formats are
supported.
To run the scripts, you must enter -u username -p password. The username and
password must be associated with the user role that has the NE List - NBI function.
See 9.1.4 for information about functions.
Note 1 — If the password contains the special characters,
escape the special meaning of the characters by preceding
each special character with the backslash character (\). For
example, if the password is !@#ams$%^user&*, enter
\!\@\#ams\$\%\^user\&\*.
Note 2 — The script will generate a list of NEs in the user’s
allowed PAP groups only. To generate a complete list, the
Allowed PAP groups parameter for the user must include all
PAP groups.
13.5 NE list
The NE list script generates a list of NEs and also provides support to filter the list of
Agents based on NE type.
The NE list script returns a flat list of NEs with information in the following format:
NE Name NE IP AddressSNMP Port NumberSNMP Read CommunitySNMP Write
Community
The IPv4 and IPv6 address formats are supported.
An example of using the script is:
retrieve_nes.sh -f dumpFilename -u username -p [password] [-s filter 1 [-s
filter 2 ]..] ↵
where:
filename is the name of the file to which to dump the output.
username is the username for a user role that has the NE List - NBI function.
password is the password for a user role that has the NE List - NBI function.
Caution — The password you enter in the crontab file is in plain text and
is not secured. Therefore, it is not recommended to perform this
procedure due to security issues.
Perform this procedure to set up a cron job to periodically generate the NE list.
crontab -e ↵
4 Add a line to specify how often you need to run the script; for example, the following line will
run the script at 3:15 a.m. every day of the week:
where:
amssys_home_account is the home account of amssys. For example, /var/opt/ams/users/amssys/bin/. This
directory depends on the values provided during the 5520 AMS installation.
filename is the name of the file to which to dump the output.
username is the username for a user role that has the NE List - NBI function.
password is the password for a user role that has the NE List - NBI function.
To perform the procedures in this section, you need to be able to log in to the
5520 AMS server as amssys. See Procedure 8 to log in to a 5520 AMS server as
amssys.
where:
username is the username for a user role that has the NE List - NBI function.
password is the password for a user role that has the NE List - NBI function.
Caution — The password you enter in the crontab file is in plain text and
is not secured. Therefore, it is not recommended to perform this
procedure due to security issues.
Perform this procedure to set up a cron job to periodically generate an agent list.
crontab -e ↵
4 Add a line specifying how often you need to run the script; for example, the following will run
the script at 3:15 a.m. every day of the week:
where:
amssys_home_account is the home account of amssys. For example, /var/opt/ams/users/amssys/bin/. This
directory depends on the values provided during the 5520 AMS installation.
username is the username for a user role that has the NE List - NBI function.
password is the password for a user role that has the NE List - NBI function.
filepath is the path to the file to which to dump the output.
13.7 NE balancing
The NE balancing script performs a query in the database and displays the list of NEs
with the NE type and release and associated application server for each. If an NE is
not associated with an application server, the associated application server appears
as blank.
Before you proceed, you need to be able to log in to the 5520 AMS server as amssys.
See Procedure 8 to log in to a 5520 AMS server as amssys.
To check the status of rebalance of NE or NEs, use the ams_show_ne_balancing.sh
script. For details on the ams_show_ne_balancing script, refer to the section 31.24.
Table 28 NAT between the 5520 AMS server and the NEs
5520 AMS servers have public IP No gateway device is required. This configuration is not
addresses Do not configure DCN supported.
settings.
5520 AMS servers have private A gateway device is required If the 5520 AMS servers and
IP addresses to route traffic from the NEs to the NEs are in the same
the 5520 AMS server. subnet:
Configure DCN settings. No gateway device is required.
Do not configure DCN
settings.
The AMS Translated IP Addresses table is displayed, with a column for each provisioned
application server.
3 Click Add.
When the 5520 AMS server is started up for the first time, the default IP address and
subnet of the Do Not Overwrite SNTP in NE option are 0.0.0.0 and 0.0.0.0. These
settings apply to all agents that are in a site object containing this setting. You can
change these settings for the SNTP server type, and you can also apply the
0.0.0.0/0.0.0.0 setting to any other SNTP server type. However, only one SNTP
server type per site can have this IP address and subnet at the same time. If you
have one SNTP server type with these settings and need to configure a different
SNTP server type with them, you must change the settings for the first SNTP server.
Configuring the SNTP protocol in a NE is part of the initial commissioning of the NE.
Reconfiguration may occur later for a set of NEs to fine-tune the protocol or when
SNTP servers are moved from one IP address to another. To apply SNTP
reconfiguration to NEs, you must stop and restart supervision on the NEs.
If you are using a local SNTP server in a 5520 AMS cluster, you typically run one
SNTP server process on each 5520 AMS server. The 5520 AMS automatically
assigns the correct IP address to the server.
When the Settings Type is set to Disable SNTP in NE use AMS Local SNTP Server,
the default subnet address is blank. When the Settings Type is set to
Do Not Overwrite SNTP in NE, the default is 0.0.0.0. When the subnet address is
0.0.0.0, the server settings will be applied to the entire network, regardless of any
other match.
Result: The Create SNTP Server window opens, and displays the SNTP server parameters.
4 To apply the SNTP settings to the NEs, you must stop and restart supervision of the NEs.
For information about stopping and starting supervision, see the Operations and
Maintenance guide for the NE.
4 Select the correct time zone from the Time Zone drop-down menu.
5 Click OK.
See Section 20.25 for information about configuring time zone settings in the Administration
perspective. See the 5520 AMS User Guide for information about setting the time zone on an NE
as part of NE creation.
Before you proceed, time zone settings must be configured. See Section 20.25.
2 Choose a time zone from the drop-down list for the Time Zone parameter.
This regular expression requires numbers to be entered in the format x-xxx-xxxx, for
example, 1-123-1234.
For a phone number complying with the North American Numbering Plan,
NPA-NXX-xxxx, the regular expression is:
[2-9]{1}[0-8]{1}[0-9]{1}[-][2-9]{1}[0-9]{2}[-][0-9]{4}
If the user enters subscriber information that does not comply with the required
format, the 5520 AMS generates an error message. The format must be corrected
before the configuration can be saved.
Note 1 — If a regular expression is entered or changed after
subscriber information is configured and the configured
information does not match the regular expression, the
5520 AMS GUI will generate an error message in the Object
Details view. If you need to make any changes to the object
details, the format must be corrected before the configuration
can be saved.
Note 2 — You cannot configure a regular expression for a serial
number. Serial numbers are not arbitrary strings, and are
imposed by the equipment.
The 5520 AMS uses the following reserved keywords for the Customer ID
parameter:
• Available
• Reserved
• Faulty
• -Passive-
Reserved keywords do not generate error messages. You do not need to include the
reserved keywords in your regular expression.
3 In the Category/Attribute Name panel, expand the attribute name and choose the attribute
type you need to configure.
Parameter Description
6 Click OK.
Note — You can revert the changes before clicking the Apply icon ( ).
See Procedure 79
Note —
• The definition of the attribute format will be effective at the next login.
There is also an Not Collected for SMA category that contains all of the subscriber
attributes not associated with a category. The Customer ID attribute is shown under
Not Collected for SMA category depending on the NE type.
Note 1 —
Result: The new subscriber search attribute category appears in the Category/Attribute
Name column.
Note — You can revert the changes before clicking the Apply icon ( ).
See Procedure 79
3 Select a category from the Category/Attribute Name column, and click the Edit Category icon
( ).
Parameter Description
Unicity Check Enables or disables the unicity check for the category.
Note —
5 Click OK.
Note — You can revert the changes before clicking the Apply icon ( ).
See Procedure 79
3 Expand the category that contains the attribute you want to move.
4 Choose the attribute you need to move and perform one of the following steps:
• Drag the attribute from the current category to the target subscriber search attribute
category.
• Use the Move Attributes icon.
• Click the Move Attributes icon ( ).
Result: The Move Attributes window opens.
• Select the target category name and click OK.
Result: The attribute moves from the current category to the target subscriber search
attribute category.
• Right-click on the attribute and select Move to, then choose a target category name.
Note — You can revert the changes before clicking the Apply icon ( ).
See Procedure 79
4 Click OK.
Result: The deleted attribute or attributes from the deleted category are moved to the Not
Collected for SMA category.
Note — You can revert the changes before clicking the Apply icon ( ).
See Procedure 79
Result: The last change made in Subscriber Search Attribute Categories view is reverted.
Note — You cannot revert the changes after clicking the Apply icon
( ).
Task See
On Red Hat Enterprise Linux systems, configure an Ethernet bonding Red Hat® Enterprise Linux®
interface on each application server and create an Ethernet bonding documentation
group.
(1 of 2)
Task See
Install the External TL1 Gateway on each application server. 5520 AMS External TL1
Gateway Installation Guide
Run the External TL1 Gateway integration script on each application Procedure 80
server.
Configure the External TL1 Gateway settings in the Site object. Section 20.33
Select the Connection to External TL1 GW, Sync NE List, and Use
Single External LT1 GW Server check boxes.
Create the External TL1 Gateway server in the 5520 AMS GUI. Procedure 82
(2 of 2)
Procedure 80 To configure the External TL1 Gateway using the External TL1
Gateway integration script
Perform this procedure to set up the External TL1 Gateway for use in a cluster.
• On Red Hat Enterprise Linux systems, an Ethernet bonding interface must be configured
on each application server. The Ethernet bonding interfaces must be configured as an
Ethernet bonding group.
• You need the virtual IP address for the cluster, if you need to use one.
• The External TL1 Gateway must be installed.
ams_exttl1_integration.sh configure ↵
Detecting setup.
3 The script prompts you for the directory where the External TL1 Gateway is installed:
Press ↵ if the External TL1 Gateway is installed in the /opt/nokia directory, or enter the path
to the directory and press ↵.
4 The script prompts you to confirm whether you will be using a virtual IP address:
5 If you answered yes to the prompt in step 4, the script prompts you for the virtual IP address:
Enter the name of one of the network interfaces in the Ethernet bonding group and press ↵.
The script completes the configuration and displays the following message:
Writing configuration
Ready
The integration of the 5520 AMS and the External TL1 Gateway is configured.
Procedure 81 To unconfigure the External TL1 Gateway using the External TL1
Gateway integration script
Perform this procedure to prepare the External TL1 Gateway for uninstallation. For information
about uninstalling and migrating the External TL1 Gateway, see the 5520 AMS External TL1
Gateway Installation Guide.
ams_exttl1_integration.sh unconfigure ↵
The script confirms that the 5520 AMS is installed in a cluster and that a configured
integration is present:
Detecting setup.
If they are running, the 5520 AMS and the 5520 TL1GW will be stopped
before unconfiguring.
Press ↵ to continue.
The script displays status messages showing the processes being stopped:
->Stopping 5520TL1GW
o Disabling 5520TL1GW
o Stopping 5520TL1GW
->Stopping 5520AMS
Stopping JBoss
Stopped Jboss
Stopping database
Stopped database
Ready
The integration of the External TL1 Gateway is unconfigured. You can proceed with migration
or uninstallation.
You can associate an NE to an External TL1 Gateway when you create it, or change
the association at any time. For information about creating an NE, see the 5520 AMS
User Guide.
Caution — To avoid potential synchronization issues, verify
that the NE name does not include the following characters:
comma (,), semicolon (;), and colon (:).
The Use Single External TL1 Gateway Server check box in the Site settings is
selected by default. If you use two or more External TL1 Gateway servers, you must
deselect the check box. See Section 20.33 for more information. An error is
generated if the check box is selected and you attempt to create a second External
TL1 Gateway server.
Table 32 lists the access privileges that are required for the main menu.
Table 32 Access privileges
(1 of 2)
(2 of 2)
3 Enter a name for the External TL1 Gateway in the Gateway Name field and click Next.
2 Choose File→Export.
3 In the Export window, select the following check boxes under the Application Filter:
• Cluster Settings
• External TL1 Gateway
4 Click Finish.
Result: The Export progress window shows the export progress bar.
2 Right-click the External TL1 Gateway server with which you need to associate NEs and
choose Associate NEs. All NEs that had not been associated with an External TL1 Gateway
server are associated with the server.
Note 1 — If you are logged in to the External TL1 Gateway when you
associate NEs, your session will be disconnected and you will need to log
in again.
Note 2 — TL1 Gateway can only manage an NE with an IP, where the
first and last octet are non-zero. For example, 172.21.132.0 or
0.21.132.33 are considered as invalid IP address of an NE.
3 In the External TL1 GW Server field, click Browse and navigate to the server you need to
assign the NE to.
To view the list of NEs associated with a gateway, log in to the External TL1 Gateway. See
Procedure 91.
Note — TL1 Gateway can only manage an NE with an IP where the first
and the last octet are non-zero. For example, 172.21.132.0 or
0.21.231.33 are considered as invalid IP address of an NE.
Result: The 5520 AMS disassociates all NEs from the gateway.
Note 2 — If you are logged in to the External TL1 Gateway when you
disassociate NEs, your session will be disconnected and you will need to
log in again.
5 Log in to the TL1 GW Manager as ADMIN, TNM, or OSS as described in Procedure 91.
Procedure 89 To start a new External TL1 Gateway user session from the NE
Result: The External TL1 Gateway view opens a user session for the NE.
1 Verify that the External TL1 Gateway is connected to the 5520 AMS. See Procedure 88 to
establish an external TL1 gateway connection.
2 Log in to the External TL1 Gateway Manager using the Admin connection type.
3 In the External TL1 GW Manager view, click the View Menu icon ( ), and choose Configure
External TL1 Gateway.
Result: The Gateway Configuration window opens with the OSS Interface tab selected by
default.
4 Click the OSS Interface, NE Interface, or General tab, and configure the parameters as
required.
• ADMIN,
• TNM
• OSS
4 Enter the username that corresponds to the connection type. The name is the username that
you entered when you configured the gateway.
5 Enter the password that corresponds to the connection type. The password is the password
that you entered when you configured the gateway.
6 For the TNM connection type, choose the channel type: Alarm, Provisioning, or Alarm
Provisioning.
7 Click Finish. When you successfully log in to the External TL1 Gateway, the available NEs
are listed in the TL1 GW Manager view.
If you are logged in to the External TL1 Gateway as a non-administrator, you can use this
view to:
• Provision NEs using TL1 commands. To send a TL1 command, enter or choose the
command in the Command field, and click Send.
• Configure how alarms, requests, and responses are displayed:
• To save TL1 data, click the Save icon ( ).
• To clear TL1 data, click the Eraser icon ( ).
• To disable the display of the data, select the Disable Alarms check box.
1 Log in to the External TL1 Gateway Manager using the Admin connection type.
2 In the TL1 GW Manager view, click the View Menu icon ( ), and choose Change Password.
7 Click OK to save the changes. You are automatically logged out of the External TL1 Gateway
Manager view.
10 Enter the new password in the Admin Password and Re-Type Admin Password fields.
Note — The password must match the one you entered in the External
TL1 Gateway Manager view.
1 Log in to the External TL1 Gateway Manager with the OSS or TNM connection type.
See Section 16.5 for information about Logging in to an External TL1 Gateway.
2 In the TL1 GW Manager view, click the View Menu icon ( ) in the top right corner.
5 Click Open.
Result: The template loads and the operation runs in the background.
1 Log in to the External TL1 Gateway Manager as a TNM user. See Procedure 91.
2 Choose one of the following methods to enter a TL1 command in the Command drop-down
list:
3 Click Send.
Result: The command is sent to the gateway. The response to the command sent is
displayed in the Request/Response panel of the External TL1 GW Manager.
• Click the Save icon ( ) next to the Request/Response panel to save the log of requests
sent to the External TL1 Gateway and responses received from it, which is displayed in
the Request/Response panel, to a .txt file locally.
• Click the Clear icon ( ) to clear the requests and responses from the
Request/Response panel.
• The External TL1 Gateway must be connected on the 5520 AMS. See Procedure 90 to
configure or modify an External TL1 Gateway.
• A command template must be loaded on the External TL1 Gateway. See Procedure 93
to load command templates on the External TL1 Gateway.
1 Log in to the External TL1 Gateway Manager with the OSS or TNM connection type.
See Section 16.5.
2 To start the batch execution action, click the Batch Execution Action icon ( ) in the TL1 GW
Manager view.
3 Navigate to the script file that you need to run. This file is stored where the 5520 AMS client
runs. See the 5520 AMS External TL1 Gateway User Guide for more information.
Result: The batch execution action starts and runs in the background.
• The External TL1 Gateway must be connected on the 5520 AMS. See Procedure 90.
• A batch execution action on the External TL1 Gateway must be started. See
Procedure 96.
1 Log in to the External TL1 Gateway Manager, using the OSS or TNM connection type.
See Section 16.5.
2 To stop a batch execution action that is running in the background, click the red Stop Batch
Execution icon ( ).
You need to create a TNM user for the IP address of each of the following:
• The 5520 AMS server. In a cluster environment, you need a user for each application
server.
1 Log in to the External TL1 Gateway Manager using the Admin connection type. See
Section 16.5.
Note — This procedure assumes that a TNM user profile has not been
configured on the External TL1 Gateway. Therefore, you must log in to
the External TL1 Gateway using the Admin connection type. You can only
log in to the External TL1 Gateway using the TNM connection type when
a TNM user profile is configured.
2 In the TL1 GW Manager view, click the View Menu icon ( ), and choose TNM User Profiles.
Result: The TNM User Profile window opens and displays any existing TNM user profiles.
3 Click Add.
7 Enter the IP address for the TNM user profile. This is the IP address from which a TNM user
can connect to the External TL1 Gateway.
8 Click Finish.
1 Log in to the External TL1 Gateway Manager using the Admin connection type. See
Procedure 91 to log in to the External TL1 Gateway Manager.
2 In the External TL1 GW Manager view, click the View Menu icon ( ), and choose TNM User
Profiles.
Result: The TNM user Profiles window opens and displays any existing TNM user profiles.
2 In the TL1 GW Manager view, click the View Menu icon ( ) in the top right corner and
choose TNM User Profiles.
Result: The TNM User Profile window opens and displays any existing TNM user profiles.
3 Choose the Set of TNM profiles you need to remove and click Remove.
Result: The TNM profiles for the 5520 AMS server and the External TL1 Gateway are
removed from the TNM User Profile window.
4 Click Finish.
Before you proceed the External TL1 Gateway must be connected on the 5520 AMS.
See Procedure 90.
1 Log in to the External TL1 Gateway Manager using the Admin connection type. See
Section 16.5.
2 In the TL1 GW Manager view, click the View Menu icon ( ) in the top right corner and
choose Terminate TNM Sessions.
Result: The Terminate TNM User Session window opens and displays a list of TNM user
sessions that are currently running. This window will be empty if no user sessions are
running.
4 Click Start.
Result: The Terminate TNM User Session window displays information about user sessions
that are currently running. The window is updated for every configured interval specified in
step 3.
5 To stop the display of information in the Terminate TNM User Session window at any time,
click Stop.
6 To terminate a TNM user session, choose the session that you need to terminate in the
Terminate TNM User Session window, and click Terminate.
1 Log in to the External TL1 Gateway Manager using the Admin connection type. See
Section 16.5.
2 In the TL1 GW Manager view, click the View Menu icon ( ), and choose External TL1
Gateway Statistics.
4 Click Start.
Result: The Gateway Statistics window displays information about the External TL1
Gateway. The window is updated for every configured interval specified in step 3.
5 To stop the display of information in the Gateway Statistics window at any time, click Stop.
Procedure 103 To view External TL1 Gateway release and license information
2 In the External TL1 GW Manager view, click the View Menu icon ( ), and choose About
TL1 Gateway.
Result: The About TL1 Gateway window opens and displays release and license information
about the External TL1 Gateway.
1 Log in to the External TL1 GW Manager as a TNM user, using the TNM user credentials. See
Procedure 91.
Result: The alarm logs are displayed in the Alarms panel in the External TL1 GW Manager
view.
• Click the Save icon ( ) to save the alarm log as a .txt file locally.
• Click the Clear icon ( ) to clear the alarm logs from the Alarm panel.
• Select the Disable Alarms check box to stop displaying alarms from the NE.
If you are placing the NE in a group, the group must be created. See the 5520 AMS
User Guide.
Depending on the configuration of the 5520 AMS, the name you assign to an NE may
have to match the NE System ID. See Procedure 159.
If it is necessary, you must obtain the System ID of the NE before creating the NE in
the 5520 AMS GUI. For the procedure to obtain the NE System ID using CLI and TL1
commands, see the NE hardware documentation.
SNMP profiles must be created. See Procedure 137 to create an SNMP profile.
If the NE is behind a NAT server, DCN settings must be configured before you can
supervise the NE. See Procedure 70 to configure DCN settings.
If you need to set up time zone management, time zone settings must be configured.
See Procedure 163 to configure time zone settings.
If you will be applying a TL1 Gateway ID, the External TL1 Gateway must be created
and the Use Single External TL1 GW Server check box in the Site object must not
be checked. See Chapter 16.
If you will be applying templates, template groups, or PAPs, they must be created.
See the 5520 AMS User Guide for information about templates.
You must be able to log in to the 5520 AMS server as amssys or as a user in the
amssys group. For information on adding a new user account to the amssys group,
see Section 9.3.
You need the username and password of a 5520 AMS user with the AMS NBI - Edit
function, for example, a user with the Administrator role. You can enter the username
and password when you run the script, or you can use the password encryption tool.
See Procedure 33 to run the password encryption script.
Procedure 105 To create an input file for the ams_ne_mgr script with option
-createNE
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
• If you logged in as amssys, open the following sample input file in a text editor:
$AMS_LOCALDATA_HOME/oss/conf/ams_ne_mgr.csv
• If you logged in as a user in the amssys group, open the copied input file in a text editor.
For information on copying the existing input file, see Procedure 31.
• Create a new input file in an editor.
3 Configure the parameters as comma-separated values with one line for each NE.
Group Name Yes The group you need to create the NE in.
NE Name Yes The name of the NE. The name cannot contain special
characters ($, #, ^, &, *). (1) (2)
NE Type Yes The type of the NE, for example, 7342 ISAM FTTU.
Main IP Address No(3) The IP address of the NE. IPv4 and IPv6 address
formats are supported.
Secondary IP Address No If Single IP Address is set to false, the IP address of the
second agent, for example, the SHub. IPv4 and IPv6
address formats are supported.
Main SNMP Profile Name No(3) The SNMP profile for the NE
Secondary SNMP Profile Yes, for The SNMP profile for the second agent, for example, for
Name NEs with the SHub
two agents
ENV Alarm Template No The name of the environmental alarm template to assign
Name to the NE
Template Group Name No The multiple template group versions for deployment to
assign to the NE.
Formats for creating NE with template group:
• Template Group Name:Version Number : This
format can be used only for one template group.
For example, TGV2ISAM:1
• /name=template Group Name/version=version
number : This format can be used for one or more
template groups and can be passed using a '|'
delimiter to this parameter.
For example,
/name=TGVISAM/version=1|/name=TGV1ISAM/ve
rsion=2
(1 of 3)
CLI User Name No The username to use for CLI cut-throughs to the NE
TL1 Port No The port number you need to assign for TL1
communication. (6)
Download and Activate No Specifies the NE must be supervised after the software
SW at Start Supervision (7) download and activation.
You must first enter the target SW release in the Target
SW Release parameter to enter a value this parameter.
(2 of 3)
Execute Script at Start No Specifies whether the script needs to be executed during
Supervision (7) supervision.
You must first enter a target script in the Target Script or
Archive parameter to enter a value for this parameter.
(3 of 3)
Notes
(1) NE names are case insensitive. For example, you cannot create an NE with the name Node55 and another NE
with the name NODE55.
(2) The NE name should not include the following characters: comma (,), semicolon (;), and colon (:).
(3) Yes, if the NE is managed using SNMP. For an UNMANAGED NE, the IP address is not required.
(4) NE custom fields should be added at the end of a line of the input file passed to the ams_ne_mgr script. Each
line contains information about a single NE to create.
(5) The parameters, MapInfo_longitude and MapInfo_latitude are available only when a geographic map license is
installed on the 5520 AMS.
(6) The parameter, tl1port attribute is deprecated and is ignored.
(7) This parameter is applicable only to NE type which supports zero touch provisioning features. For more
information, see the 5520 AMS Administrator Guide.
(8) The parameters “ANV Process Name” and “Configuration Template” are applicable only for NE creation when
using Nokia Access Virtualizer Adaptor which is a licensed product. For more information about Nokia Access
Virtualizer Adaptor, contact your Nokia account representative.
Access
Network,RK11S1,7342 ISAM FTTU,4.7,true,124.120.111.211,SNMP1,SNMP2,,,,i
sadmin,password@,SUPERUSER,password,,,
Network,test,defaultPAP,7342 ISAM
FTTU,4.7,false,2.2.9.6,2.2.3.2,public,NETMAN
,,,,,,,,,,,,,15,15,cf=/test=test
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
where:
[options] is the options you need to enter, as shown in Table 34.
input_file is the full path to the input file you configured in Procedure 105.
Note — If you do not specify an input file, the script will read the
example input file at
$AMS_LOCALDATA_HOME/oss/conf/ams_ne_mgr.csv.
Option Description
-pfile file Specify the name of the properties file, which is used by the script for
configuration. The file must be in the shared directory of the data server,
$AMS_SHAREDDATA_HOME/config. The default properties file is
ams_mgr.conf. The configuration changes to the properties file must be
done on the active data server.
-efile file Specify the name of the password file created in Procedure 33, which is
used by the script to get username and password. The file must be in the
shared directory of the data server,
$AMS_SHAREDDATA_HOME/config. The default password file is
ams.password.
-logdir directory Specify a directory to save the log to. The default directory is
local_data_dir/ams/local/release/log.
(1 of 2)
Option Description
-action action Action to take. The options are:
• createNE
• startSupervision
• createNEAndStartSupervision
• enableMaintenanceMode
• disableMaintenanceMode.
• modifyNE
-username The username of a 5520 AMS client user with the AMS NBI - Edit function.
username(1)
-keystore key The full path to the keystore file. By default, the 5520 AMS retrieves the
path from the properties file.
-keypass password The password for the keystore file. By default, the 5520 AMS retrieves the
password from the properties file.
-nbihost URL The URL of the NBI client the 5520 AMS needs to connect to.
The default URL is https://server:8443, where server is the host name or
IP address of the 5520 AMS server.
If you are using HTTP, enter http://server:8080/.
(2 of 2)
Notes
(1) This option is not necessary if you have performed Procedure 33.
(2) If the password contains special characters you need to follow shell quoting rules. Normally this can be done
by enclosing the password in single quotes.
If the password includes single quotes, you can use one of the following:
Example password: $pec'ch*rs"
Single Quotes: -password '$pec'\''ch*rs"'
Double Quotes: -password "\$pec'ch*rs\""
Backslash Quotes: -password \$pec\'ch\*rs\"
3 The script executes, displaying success messages for each NE created. A log file is created
called ams_ne_mgr.log.
Procedure 107 To create an input file for ams_ne_mgr script with option -modifyNE
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
• If you are logged in as amssys, open the following sample input file in a text editor:
$AMS_LOCALDATA_HOME/oss/conf/ams_ne_mgr-modify.csv
• If you logged in as a user in the amssys group, open the copied input file in a text editor.
3 Configure the parameters as comma-separated values with one line for each user.
ISAM90,aliasName=myISAM,deployAfterNextStartSupervision=true,groupName=
Network/myGroup
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
• If you are logged in as amssys then open the default input file in the text editor:
AMS_LOCALDATA_HOME>/oss/conf/ams_splitter_mgr.csv
• If you logged in as a user in the amssys group, open the copied input file in a text editor.
For information on copying the existing input file, see Procedure 31.
• Create a new input file in an editor.
3 Configure the parameters as comma-separated values with one splitter per line. Table 35
describes the input file parameters.
iSAM17:/rack=1/shelf=1/slot=LT1/port=1/splitter=1,0.086111111
login:username
password:password
prompt:prompt
!CLI Commands
!comment
command
command
...
Parameter Description
• When you are configuring more than one NE, a text file must be created that lists the IP
addresses of the NEs.
ams_ne_cli -protocol ↵
Where the argument -protocol is optional can be any of the following options:
telnet Using telnet protocol to connect to the NEs.
ssh Using ssh protocol to connect to the NEs
telnetfirst The first instance uses telnet protocol to connect to the NEs. In case the
connection fails, the system tries to setup an SSH connection.
sshfirst The first instance uses ssh to connect to the NEs. In case the connection fails, the
system connects using telnet. This is the default option.
ams_ne_cli-help ↵
where:
neAddr is the IP address of an NE. IPv4 and IPv6 address formats are supported.
NeIpList is a text file that lists the IP addresses of the NEs.
inputCommandFile is the text file containing the CLI commands.
outputCommandFile is the text file that will contain responses to the CLI commands.
timeout is the timeout, in seconds (default is 10), and is optional.
18.1 Overview
The 5520 AMS allows you to back up or restore the selected NE database. By
default, the 5520 AMS retains only five database backup files, deleting the oldest file
when a sixth backup file is created. You can configure the number of retained files.
See Chapter 21 for the procedures to configure the number of backup files that are
stored on the 5520 AMS. You can also configure individual backup files to be
retained indefinitely.
The Backup view displays the available NEs that you can back up and restore. You
can perform a backup and restore operation at the Access Network level or from the
individual NE.
Optionally, you can apply preconfigured schedules to perform backup operations.
See Chapter 21 for detailed information on backing up the 5520 AMS database and
the procedures to set up scheduled backup activities.
Before you proceed, make sure your user account is assigned a role that includes
the necessary functions to perform the procedures in this chapter. See Table 19 for
more information on 5520 AMS function descriptions.
Note — The 5520 AMS supports the back up of multiple NEs at the
same time.
2 To open the Backup & Restore view, perform one of the following steps:
• Right-click the NE in the Network Tree and choose Backup & Restore→Backup.
Result: The Backup NE window opens with the NE selected. Go to step 6.
ii Use the filters in the Filters panel and click Build List.
Result: The NEs appear in the list on the right side of the window.
Note — In the Name field, you can enter part of the name or use the
asterisk (*) as a wildcard. Enter one string at a time.
The NE Selection window closes and the selected NEs or groups appear in the Selected
NEs panel of the Backup NE window. To remove any of the selected NEs or NE groups,
choose the NE or group in the Selected NEs panel, and click Remove.
6 If you are performing the backup operation for migration of an NE which supports two types
of backup files, select the Including OAM Channel Information (For Migration Purpose Only)
check box, to back up files including the OAM channel information
However, if the NE supports only one type of backup file, then irrespective of whether
Including OAM Channel Information check box is selected or unselected, back up is taken
depending on what the NE supports.
7 If you want to retain the backup file when the 5520 AMS deletes backup files, select Never
delete these backup files unless the NE is deleted check box.
8 Configure the number of automatic retries of the backup operation, in case the action fails, in
the Number of Retries field. The default value for this parameter is 0, and the allowed range
is from 0 to 10.
9 Configure the duration (in minutes) for which the Action Manager needs to wait to
automatically retry a failed action in the Delay Between Action Retries field. This parameter
is applicable only if retries are configured for the backup operation in the Number of Retries
field. The default value of this parameter is 10 minutes, and the allowed range is from 0 to
1000 minutes.
11 In the Schedule field, click Browse to choose the time to perform the backup operation.
• Choose Schedule now to run the backup operation immediately. Click OK.
• Choose the name of a schedule to run the backup operation at a specified time. Click OK.
14 Click Yes to confirm that you need to start the backup process.
Result: A window opens and provides details about the progress of the backup operation.
Click OK.
A Backup window opens, indicating the progress of the backup operation. The status in the
Action view panel shows the percentage of completion and the number of errors. When the
backup operation is completed or failed, an Action Details window opens showing the Target,
Description, Status and Additional Information.
The new backup file is listed in the Backup File Management window, replacing the older
backup file. If OAM information is included, the value in the OAM column is set to Yes.
• Select the NE in the network tree and choose Backup & Restore→Restore. Result: The
Restore NE window opens with the NE selected. Go to step 7.
When the NE has an IACM and SHub agent, right-click the IACM agent.
5 In the Filters panel, choose the required NE filter options and click Build List.
Result: The NE agents that match the search criteria are displayed in the Agent Selection
window.
6 Choose the NE agent in the Agent Selection window for which you need to perform the
restore and click OK.
7 Choose the individual backup file you need to restore. If there is a version mismatch, an error
message is displayed.
8 If you do not need to validate the file version you are restoring, select Forced Restore.
Result: A confirmation window opens and displays the message indicating that the restore is
a service-affecting operation.
10 Click Yes to confirm that you need to perform the restore operation.
A Restore window opens, indicating the progress of the restore. The status in the Action view
panel shows the percentage of completion and the number of errors. When the restore is
completed or failed, an Action Details window opens showing the Target, Description, Status
and Additional Information.
Note — You can view actions that started during a specific duration by
selecting both “Started Before” and “Started After” action filters.
Result: The status of the actions appears in the Action view panel.
Note — You can also view the Backup Restore Status and the Last
successful Backup status of an NE from the Network perspective in the
NE Object Details→General Tab→Additional Data.
Auto Refresh should be enabled for dynamic updates, if not you have to
refresh the NE object details for any latest status updates.
where:
• IP address is the IP address of the NE. IPv4 and IPv6 address formats are
supported.
• agent name is the name of the agent in the 5520 AMS, for example, IACM.
• software is software load running on the NE at the time the backup was taken.
• oam is the y if the backup file contains the OAM data, otherwise it is n.
• auto removal is y if the backup file should be auto removed otherwise it is n.
• yyyy-mm-dd-hh-mm-ss is the date and time the backup was taken.
You can retrieve the IP address of an NE from the Object Details view or using a
script on the 5520 AMS server. See Section 13.2
Caution — Nokia recommends that you must not delete or
move the NE backup files using UNIX commands on the AMS
data server. Ensure to use the 5520 AMS GUI to manage the
NE backup files as explained in this section.
Result: The Backup Restore perspective opens. The NE backup files are displayed.
2 In the Backup File Management panel, click the Filter icon ( ) to open the Backup Filter
window.
3 In the Backup Filter window, click Add to open the NE Selection window.
ii Use the filters in the Filters panel and click Build List.
Result: The NEs appear in the list on the right side of the window.
Note — In the Name field, you can enter part of the name or use the
asterisk (*) as a wildcard. Enter one string at a time.
Alternatively, you can click the Select NE Groups and choose a group.
The NE Selection window closes and the selected NEs or groups appear in the NE filter
panel of the Backup Filter window. To remove any of the selected NEs or NE groups,
choose the NE or group in the NE panel, and click Remove.
6 To save your filter, enter a name in the All Filters field and click Save.
7 Click OK.
Result: The backup files are displayed in the Backup File Management panel.
Note — The Auto Removal column indicates which backup files are
retained when the 5520 AMS deletes backup files. When the Auto
Removal value is No, the 5520 AMS retains the file indefinitely. See
Procedure 155 for information about how to configure the maximum
number of backup files for each NE that the 5520 AMS must retain.
1 View the NE backup files. See Procedure 113 to view and filter NE backup files.
2 Choose Copy Backup files from the Backup Restore Tasks view.
3 Select the option for the action you need to perform. Choose one of the following:
Click Next.
4 In the From and To areas, click Browse to specify an NE, file, or location. To specify a file on
the 5520 AMS client, select the Client option, and then click Browse.
Procedure 115 To align the 5520 AMS database with stored NE backups
Perform this procedure to remove backup records from the database that do not have
corresponding NE backup files on the 5520 AMS server. You can also remove backup files that
do not have corresponding backup records in the database.
1 View NE backup files. See Procedure 113 to view and filter NE backup files.
2 In the Backup File Management panel, click the Align EMS database with stored NE Backups
icon ( ).
3 (Optional) Select the Also remove the unreferenced NE backup files from the disk check box.
4 Click OK.
Result: The Sync Backup window opens while the 5520 AMS scans the backup database.
The Action Details window opens when the alignment is complete and displays the job status.
1 View the NE backup files. See Procedure 113 to view and filter NE backup files.
2 Choose the files you need to delete from the table, and click the Delete icon ( ).
Note — You can delete one or more backup files at the same time.
Note — If a backup check server object is defined in the 5520 AMS and
a manual backup check is triggered using a Check Backup Consistency
wizard for all ISAM and 7342 ISAM FTTU NEs, then the backup check
happens on the remote server.
Note 2 — In the case of the 7342 ISAM FTTU NEs, the Check Database
and Check PON Bandwidth and T-Cont check boxes are selected by
default. Select the Repair Database check box, if required.
If a backup check server object is defined in the 5520 AMS, then the
following check boxes are disabled:
• Check Database
• Repair Database
• Check PON Bandwidth and T-Cont
3 View the logs or the traces by clicking Show Log or Show Traces.
You can view the consistency log from the AMS client:
• Navigating to EMS Administration → EMS System → Site → Application & Data Servers
→ Data Server.
• Right-click the Data Server and choose Actions → Show Log File.
The View Server File dialog opens.
• Click the ( ) icon to view all the log files. Consistency log is one of them.
$AMS_EXTERNAL_SHAREDDATA_HOME/ne/backup/consistencyLog/
135/249/41/20/27_admin_135.249.41.20_IACM_OSWPAA55.439_yy_2
017-03-03-12-31-44.gz_03Mar2017-12-33-10/logfile.log , trc.log
wget http://ams-app-server:8080/vprocmon/vprocmon.bin ↵
wget https://ams-app-server:8443/vprocmon/vprocmon.bin ↵
wget --no-check-certificate
https://ams-app-server:8443/vprocmon/vprocmon.bin ↵
3 When the vprocmon.bin file is downloaded, modify the permissions on the file. In the external
server, type:
./vprocmon.bin ↵
5 The installer prompts you for the location of the SSH tools:
6 The installer prompts you for the location of the installation directory:
7 The installer prompts you for the location of the configuration files:
8 The installer prompts you for the location to save the data files:
In which top directory do you want to save the data files [ /var/opt
(default) ]?
9 The installer prompts you to enter one or more IP addresses on which the AMS server can
be reached:
Provide one or more IP address(es) on which the AMS server can be reached
(comma separated list):
Enter the password for 'amssys' user (no space allowed) [ amssys
(default) ]:
Result: The vprocmon.bin file is installed in the external server and the vprocmon service is
started automatically.
Before you proceed, ensure that the vprocmon.bin file is installed in the external server. See
Procedure 118.
1 In the Administration Tree, choose EMS Administration→ EMS System→ Site→ Backup
Check Servers.
2 Right-click Backup Check Servers and choose Create→ Backup Check Server.
5 Click Finish.
Result: The backup check is performed and the results are displayed in the remote server,
as per the NE IP address.
Perform the following procedure to synchronize the NE tools to the backup check server. To
synchronize the NE tools, you need to have the Backup Check Server - Edit function.
1 In the Administration Tree, choose EMS Administration→ EMS System→ Site→ Backup
Check Servers.
2 Right-click the backup check server for which you need to synchronize the NE tools and
choose Actions→ Synchronize NE Tools.
Result: The 5520 AMS attempts to synchronize the NE tools for the selected backup check
server.
When the sync is complete, the Action Details view displays the results of the sync if the sync
was successful or not, and if not successful it displays possible reasons for failure.
Procedure 121 To initiate an NE backup or restore when the 5520 AMS is used as a
craft terminal
2 In the FTP Server Configuration pane, choose the file transfer protocol from the Protocol
Type drop-down menu.
• Actions→Initiate Backup
• Actions→Initiate Restore
Result: The backup or restore is started. The command returns immediately and does not
wait for the operation to complete. It does not report success or failure.
19.3 Creating a Media Gateway from the 5520 AMS application server
Result: The link management settings are displayed in the Object Details view.
Setting Description
G6-GPON Links
VoIP Client Address Allocation Mode Specifies whether the 5520 AMS automatically
generates an IP address for the ANM-GbE port
on the G6.
The options are:
• Fixed Map
• No Fixed Map
Limit Max. Number of ONTs per PON at 32 By default this check box remains unchecked.
When this check box is selected, only one IP
address along with the broadcast IP address can
be configured on the selected ANM-GbE port for
this association.
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
• If you logged in as amssys, open the following sample input file in a text editor:
$AMS_LOCALDATA_HOME/oss/conf/ams_link_mgr.csv ↵
• If you logged in as a user in the amssys group, open the copied input file in a text editor.
For information on copying the existing input file, see Procedure 31.
• Create a new input file in an editor.
3 Configure the parameters as comma-separated values with one line for each link. If the
parameter value includes a comma, precede it with a backslash (\).
The parameter details for different link creation are available in Table
aEndTP Yes Name of the A end termination point of the link, in the
following format:
<NeName>:/rack=<Rack>/shelf=<Shelf>/slot=<Slot>/port=<
Port>
zEndTP Yes Name of the Z end termination point of the link, in the
following format:
<NeName>:/rack=<Rack>/shelf=<Shelf>/slot=<Slot>/port=<
Port>
portIpAddress(1) Yes The IP address of the G6 ANM Gbe port used in the link.
ipNetmask(1) Yes The netmask for the G6 ANM Gbe Port IP address.
defaultPriority Yes The default priority on the G6 Port IP address of the link. The
parameter must be an integer value. The range is 0 to 7.
(1 of 2)
(2 of 2)
Note
(1) IP addresses of portIpAddress, ipNetmask, bcastIpAddress, secondaryPortIpAddress,
secondaryBcastIpAddress, tertiaryPortIpAddress, tertiaryBcastIpAddress, quaternaryPortIpAddress and
quaternaryBcastIpAddress are auto-calculated when the VoIP Client Address Allocation Mode is “Fixed Map.”
An example of an input file entry for a 7342 ISAM FTTU and G6 link is:
GPON46_95_200:/rack=1/shelf=1/slot=NTA/port=1,g6_sim_118:/rack=1/shelf=
1/slot=1/port=1,CD_UNI,G6_GPON,1,,1,g6-gpon link
description,,,ENABLED,DISABLED,1,1,ENABLED,DISABLED,DISABLED-FORCED,ENA
BLED,1,,,,,,,Locked
An example of an input file entry for a 7360 ISAM and G6 link is:
ISAM222:/rack=1/shelf=1/slot=NTA/port=3,G6123:/rack=1/shelf=1/slot=1/po
rt=2,CD_UNI,G6_GPON,500,,1,g6-gpon
linkdescription,,,ENABLED,DISABLED,1,1,ENABLED,DISABLED,DISABLED-FORCED
,DISABLED,1,,,,,,,Locked
aEndTP Yes Name of the A end termination point of the link, in the following
format:
<NeName>:/rack=<Rack>/shelf=<Shelf>/slot=<Slot>/port=<Port>
zEndTP Yes Name of the Z end termination point of the link, in the following
format:
<NeName>:/rack=<Rack>/shelf=<Shelf>/slot=<Slot>/port=<Port>
ISAM-EAST:/rack=1/shelf=1/slot=NTA/port=20,ISAM-WEST:/rack=1/shelf=1/sl
ot=NTA/port=40,,ISAM_HUB_SUBTENDING,,ISAM-LINK1,MONTREAL
aEndTP Yes Name of the A end termination point of the link, in the following
format:
<NeName>:/rack=<Rack>/shelf=<Shelf>/slot=<Slot>/port=<Port>
zEndTP Yes Name of the Z end termination point of the link, in the following
format:
For a GPON ONT:
<NeName>:/rack=<Rack>/shelf=<Shelf>/slot=<Slot>/port=<Port>/
remote_unit=<Remote Unit>
Example: ISAM43:/rack=1/shelf=1/slot=LT2/port=1/remote_unit=1
For an NGPON2 ONT:
<NeName>:CG<cgId>.SCG<scgId>.ONT<ontId>
Example: ISAM_FX:CG1.SCG1.ONT1
(1 of 2)
(2 of 2)
#aEndTP,zEndTP,direction,type,description
#ISAM43_9:/rack=1/shelf=1/slot=NTA/port=3,ISAM43:/rack=1/shelf=1/slot=L
T2/port=1/remote_unit=1,CD_UNI,ISAM-MDU,isam-mdu description
ISAM_MX:/rack=1/shelf=1/slot=NTA/port=1,ISAM_FX:CG1.SCG1.ONT1,CD_BI,ISA
M-MDU,test description
zEndTP Yes Name of the Z end termination point of the link can be an Agent or
a Network Port in the following formats:
Agent: <NeName>:/type=Agent/<AgentName>
Network Port:
<NeName>:/rack=<Rack>/shelf=<Shelf>/slot=<Slot>/port=<Port>
#aEndTP,zEndTP,direction,type,description
#ISAM1:/rack=1/shelf=1/slot=NTA/port=1,ISAM2:/rack=1/shelf=1/slot=NTA/p
ort=1,CD_BI,NE-NE,test description
#NE1:/type=Agent/IHUB,NE2:/type=Agent/SHUB,CD_BI,NE-NE,test description
#NE1:/type=Agent/IACM,NE2:/rack=1/shelf=1/slot=NTA/port=1,CD_BI,NE-NE,t
est description
#NodeName:/rack=1/shelf=1/slot=NTA/port=1,NodeName:/rack=1/shelf=1/slot
=NTA/port=1,CD_BI,NE-NE,test description
#UNMANAGEDNE:/type=Agent/IACM,UNMANAGEDNE:/type=Agent/IHUB,CD_BI,NE-NE,
test description
#UNMANAGEDNE:/type=Agent/IACM,NodeName:/rack=1/shelf=1/slot=NTA/port=1,
CD_BI,NE-NE,test description
#NodeName:/rack=1/shelf=1/slot=NTA/port=1,UNMANAGEDNE:/type=Agent/IHUB,
CD_BI,NE-NE,test description
#NodeName:/rack=1/shelf=1/slot=NTA/port=1,NodeName:/rack=1/shelf=1/slot
=NTA/port=2,NE-NE
#UNMANAGEDNE:/type=Agent/IACM,UNMANAGEDNE:/type=Agent/IHUB,NE-NE
#UNMANAGEDNE:/type=Agent/IACM,NodeName:/rack=1/shelf=1/slot=NTA/port=2,
NE-NE
#NodeName:/rack=1/shelf=1/slot=NTA/port=1,UNMANAGEDNE:/type=Agent/IACM,
NE-NE
5 Run the password encryption script. See Procedure 33 to run the password encryption script.
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
where:
[options] is the options you need to enter, as shown in Table 43.
input_file is the full path to the input file you configured in Procedure 123.
Note — If you do not specify an input file, the script will read the
example input file at
$AMS_LOCALDATA_HOME/oss/conf/ams_link_mgr.csv.
Option Description
-pfile file Specify the name of the properties file, which is used by the script for
configuration. The file must be in the shared directory of the data server,
$AMS_SHAREDDATA_HOME/config. The default properties file is
ams_mgr.conf. The configuration changes to the properties file must be done on
the active data server.
-efile file Specify the name of the password file created in Procedure 33, which is used by
the script to get username and password. The file must be in the shared directory
of the data server, $AMS_SHAREDDATA_HOME/config. The default password
file is ams.password.
-logdir directory Specify a directory to save the log to. The default directory is
local_data_dir/ams/local/log, where local_data_dir is the directory where local
data is stored. By default, this is /var/opt.
-mdNm domain The management domain name used in the FDN of northbound objects. The
default is AMS.
-username The username of a 5520 AMS client user with the AMS NBI - Edit - User function.
username (1)
or -u username
(1 of 2)
Option Description
-keystore key The full path to the keystore file. By default, the 5520 AMS retrieves the path from
the properties file.
-keypass The password for the keystore file. By default, the 5520 AMS retrieves the
password password from the properties file.
-nbihost URL The URL of the NBI client the 5520 AMS needs to connect to.
-c Create links
-d Delete links
(2 of 2)
Notes
(1) This option is not necessary if you have performed Procedure 33.
(2) If the password contains special characters you need to follow shell quoting rules. Normally this can be done
by enclosing the password in single quotes.
If the password includes single quotes you can use one of the following:
Example password: $pec'ch*rs"
Single Quotes: -password '$pec'\''ch*rs"'
Double Quotes: -password "\$pec'ch*rs\""
Backslash Quotes: -password \$pec\'ch\*rs\"
The script executes, displaying success messages for each user created. A log file is created
called ams_link_mgr.log.
Before you proceed, the following G6-GPON links should be configured as follows. For more
information on G6-GPON links, see Procedure 122.
1 Log in to the 5520 AMS application server as amssys or amssys secondary group users.
cd lib/applicationserver/bin↵
where:
--force adds additional GBE Port IP address on the G6 and the 5520 AMS database and bypass the NE
version check.
Use --force option to align the ANM GBE port IP addresses for the 7342 ISAM FTTU releases. If the
--force option is not used, then the ANM GBE port IP addresses aligns only with 7342 ISAM FTTU R4.9.
<outputdir> specifies the path of the output log file where the error or the information messages will be
logged.
Note 1 — Starting with 7342 ISAM FTTU R4.9 or later, the script adds
additional GBE Port IP address to G6 and the 5520 AMS database for the
Ethernet port links, by default. If the force option is specified then the
script will add the GBE port IP address on G6 port and the 5520 AMS
database for the all links, irrespective of the added Ethernet Port from the
node version.
Note 2 — If you do not specify an output directory, the script will read the
example output directory at $AMS_LOCALDATA_HOME/log.
Result: The script executes, displaying success messages for the created GBE Port IP address.
A log file is created called gbeport_align_output.txt. If errors are generated during IP address
creation, then an error log called gbeport_align_error.txt is created at the specified output
directory.
Before you proceed, the following G6-GPON links should be configured as follows. For more
information on G6-GPON links, see Procedure 122.
1 Log in to the 5520 AMS application server as amssys or amssys secondary group users.
cd lib/applicationserver/bin↵
where:
--force validates the supported GBE Port IP address for the retrieved links.
Use --force option to validate the ANM GBE port IP addresses for the 7342 ISAM FTTU releases. If the
--force option is not used, then the ANM GBE port IP addresses are validated for 7342 ISAM FTTU R4.9
only.
<outputdir> specifies the path of the output log file where the error or the information messages will be
logged.
Note 1 — Starting with 7342 ISAM FTTU R4.9 or later, the script
validates the additional GBE Port IP address for the retrieved links for the
Ethernet Port links, by default. If the force option is specified, then the
script will audit the GBE port IP address for the all links, irrespective of the
added Ethernet Port from the node version.
Note 2 — If you do not specify an output directory, the script will read the
example output directory at $AMS_LOCALDATA_HOME/log.
Result: The script executes, displaying success messages for GBE Port IP address created. A log
file is created called gbeport_audit_output.txt.
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
• If you logged in as amssys, open the following sample input file in a text editor:
$AMS_LOCALDATA_HOME/oss/conf/ams_mediagw_mgr script ↵
• If you logged in as a user in the amssys group, open the copied input file in a text editor.
For information on copying the existing input file, see Procedure 31
• Create a new input file in an editor.
3 Configure the parameters as comma-separated values with one line for each link. If the
parameter value includes a comma, precede it with a backslash (\).
The parameter details for Media Gateway creation are available in Table 44.
(1 of 5)
vlanId Yes The VLAN ID; interger
minDataJitterBuffer The Minimum Data Jitter Buffer Delay; integer 0.. 200
Default value is 50.
initDataJitterBuffer The Initial Data Jitter Buffer Delay; integer 0..200
Default value is 50.
(2 of 5)
(3 of 5)
releaseDelay No The Release Delay before releasing all sessions (ms); integer 0..
900000
Default value is 600000.
delayBeforeReduced No The Delay Before Reduced Battery State (ms); integer 0..120000
BatteryState Default value is 70000.
waitingReleaseDelay No The Graceful Waiting Release Delay (ms); integer 0..3600000
Default value is 0.
(4 of 5)
(5 of 5)
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
where,
input_file is the full path to the input file you configured in Procedure 127.
Note — If you do not specify an input file, the script will read the
example input file at
$AMS_LOCALDATA_HOME/oss/conf/ams_mediagw_mgr script.
Option Description
-username \user The username used to access the 5520 AMS with 'AMS NBI-Edit" function
in its role.
3 The Media Gateway interface is created in the Network tree. A log file named
ams_mediagw_mgr.log is created.
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
• If you logged in as amssys, open the following sample input file in a text editor:
$AMS_LOCALDATA_HOME/oss/conf/ams_hub_sub_link_mgr.csv ↵
• If you logged in as a user in the amssys group, open the copied input file in a text editor.
For information on copying the existing input file, see Procedure 31.
• Create a new input file in an editor.
3 Configure the parameters as comma-separated values with one line for each hub NE. If the
parameter value includes a comma, precede it with a backslash (\).
Table 46 describes the parameters for each line of the input file.
Parameter Description
Link Type The link type: ISAM_HUB_SUBTENDED.
Sub 1 end point The subtended end point of the first link in the topology.
Hub x end point The hub end point for any additional links from the hub NE, where x is 2
or higher.
Enter this parameter for each additional link from the hub NE.
Sub x end point The subtended end point for hub end point x, where x is 2 or higher.
(1 of 2)
Parameter Description
Sub x physical location The physical location of the subtended NE for end point x.
(2 of 2)
5 Run the password encryption script. See Procedure 33 to run the password encryption script.
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
where:
[options] is the options you need to enter, as shown in Table 47.
input_file is the full path to the input file you configured in Procedure 129.
Note — If you do not specify an input file, the script will read the
example input file at $AMS_LOCALDATA_HOME/oss/conf/
ams_hub_sub_link_mgr.csv.
Option Description
-pfile file Specify the name of the properties file, which is used by the script for
configuration. The file must be in the shared directory of the data server,
$AMS_SHAREDDATA_HOME/config. The default properties file is
ams_mgr.conf. The configuration changes to the properties file must be done on
the active data server.
-efile file Specify the name of the password file created in Procedure 33, which is used by
the script to get username and password. The file must be in the shared directory
of the data server, $AMS_SHAREDDATA_HOME/config. The default password
file is ams.password.
-mdNm domain The management domain name used in the FDN of northbound objects. The
default is AMS.
-logdir directory Specify a directory to save the log to. The default directory is
local_data_dir/ams/local/log, where local_data_dir is the directory where local
data is stored. By default, this is /var/opt.
-username The username of a 5520 AMS client user with the AMS NBI - Edit - User function.
username(1)
or -u username
-keystore key The full path to the keystore file. By default, the 5520 AMS retrieves the path
from the properties file.
-keypass The password for the keystore file. By default, the 5520 AMS retrieves the
password password from the properties file.
-nbihost URL The URL of the NBI client the 5520 AMS needs to connect to.
Notes
(1) This option is not necessary if you have performed Procedure 33.
(2) If the password contains special characters you need to follow shell quoting rules. Normally this can be done
by enclosing the password in single quotes.
If the password includes single quotes you can use one of the following:
Example password: $pec'ch*rs"
Single Quotes: -password '$pec'\''ch*rs"'
Double Quotes: -password "\$pec'ch*rs\""
Backslash Quotes: -password \$pec\'ch\*rs\"
The script executes, displaying success messages for each user created. A log file is created
called ams_hub_sub_link_mgr.log.
20.28 Managing NE-based TL1 users from the 5520 AMS GUI
20.39 Configuring proxy settings in the 5520 AMS clients to access the
Internet
Additional settings are configurable with certain 5529 Enhanced Applications. For
more information, see the documentation for the application.
Before you proceed, make sure your user account is assigned a role that includes
the necessary functions to perform the procedures in this chapter. See Table 19 for
more information on 5520 AMS function descriptions.
2 In the Object Details view, configure the parameters as described in Table 48.
Auto Refresh
Auto Refresh Interval The amount of time, in seconds, between each automatic refresh of the GUI, when
the user has Auto Refresh enabled
Auto Refresh Count The number of times that the GUI refreshes when the user has Auto Refresh enabled
Display Options
Display Primary Service State Displays the primary service state as a combination of the administrative
(locked/unlocked) and operational (up/down) states of an NE object in the Object
Details view and Table Views for an NE.
The three possible primary service states are:
Unlocked and up:
• IS-NR (In service and normal) - The object is fully operational and will perform as
provisioned.
Double-click On An Alarm Specifies whether the 5520 AMS shows the alarm details or navigates to the object
when you double-click on an alarm mnemonic icon.
Display Timestamp As Specifies the timestamp format for the 5520 AMS. The values are:
• Absolute Time Stamp
• Human Readable (e.g. “5 minutes ago”)
Clicking the background in the Specifies whether a particular object or the parent object is selected in the Graphical
Graphical View View by clicking the background. The values are:
• Select the parent object: The parent object is selected when you click the
background in the Graphical View.
• Do nothing (the selection does not change): The selected object does not change
when you click the background in the Graphical View.
Save Dialog
Use Restricted Save Dialog Restricts users to exporting files only to the location specified in the Default Path for
Locally Saved Files parameter.
Default Path for Locally Saved Files Specifies the location to which files are saved or exported by default.
Prepend Username for Locally When a user saves or exports a file, their username is prefixed to the filename.
Saved Files
(1 of 2)
NE
NE Release Notation Displays either the Release or the Feature Group of an NE (if applicable to the type
of NE). The NE release notation setting:
• Affects the display of NE release information in the NE object details.
• Does not affect the display of NE release information in the NE System and Agent
object details.
For 7302 ISAM/7330 ISAM FTTN R4.1 or later and 7330 ISAM FTTN FGN4.1 or later,
the NE release notation setting has no effect. For R4.1 or later NE plug-ins, the
5520 AMS GUI displays “R”, regardless of the NE release notation setting. For
FGN4.1 or later NE plug-ins, the 5520 AMS GUI displays “FGN”, regardless of the NE
release notation setting.
NE Name Wraps After In the Graphical View, the number of characters that are displayed in the NE name.
If the NE name is too long to be displayed on one line, the remaining characters are
displayed on a second line.
Force NE Name to Upper Case Forces NE names to be all in uppercase. You can enter the NE name in lowercase
when creating an NE, but if this parameter is enabled, the NE name will be re-named
all in uppercase when the NE is created.
Force NE Group Name to Upper Forces NE group names to be all in uppercase. You can enter the NE group name in
Case lowercase when creating the NE group, but if this parameter is enabled, the NE group
name will be re-named all in uppercase when the NE group is created.
Geographical map
Web Map Server URL (optional) Display the maps in the Map view when offline server is configured.
Default Map Provider Displays the map view as per the selected map provider. By default, Open Street
Maps is selected. The available options are:
• Open Street Maps
• Web Map Server
(2 of 2)
Settings Description
Configuration
Blocking Timeout to Get a The amount of time, in ms, an operation can wait for the NE SNMP
SNMP Connection interface before timing out.
Result: The NE Detection Settings are displayed in the Object Details view.
Settings Description
General
IP Address Ranges The IP address ranges the 5520 AMS should search to detect NEs.
Enter up to 10 ranges, separated by commas.
IPV4 and IPV6 address formats are supported for this parameter
The format is IP address-#, where # is the number of addresses in
the range. For example, for IPv4, 120.0.0.0-10 would search 10 IP
addresses, starting with 120.0.0.0. Similarly, for IPv6, 2003::1-10
would search 10 IP addresses, starting with 2003:0:0:0:0:0:0:1.
Delay Before an Unreachable The maximum duration (in seconds, minutes, hours or days) that a
NE is Removed From the detected NE can remain in the detected NE list after becoming
Detected NE List unreachable. The format is a number followed by s, m, h, or d, for
example, 1 h.
NE Creation
Auto Create Select this check box to automatically create detected NEs in the
5520 AMS.
Group Creation Strategy Choose Use the System NE Location to create the NE in a group
based on its system location parameter.
Choose Specify a Default Group to set a group name.
Default Group If you chose Use Settings Value for the Group Creation Strategy
parameter, enter a group name.
NE Supervision
Auto Supervise Select this check box to automatically supervise NEs after detection
and creation.
Parameter Description
Trap Handling Threads The maximum number of traps that the server can process
at the same time. Nokia does not recommend changing this
parameter.
SNMP Trap
Registration for Link Up/Down Traps Select this check box to enable the operational state
changes on physical ports.
Note- By default, only the network ports can send
notifications. If the settings are changed using the CLI or
the TL1, it is possible that operational state changes would
be reported on modems or ONTs which would lead to
flooding of messages towards the 5520 AMS. If this is the
case, deselect this check box
Parameter Description
Timeout Before 1st Retransmission The length of time, in milliseconds, that the 5520 AMS
waits to receive a reply to an SNMP request before
retransmitting the request. The range is from 1000 to
42 000.
If the Timeout Before 1st Retransmission is X (sec) and
Maximum Number of Retransmission is (n), then the
timeout (T1) is calculated as follows:
T1= (2(n-n)X + … + 2(n-2)X + 2(n-1)X + 2(n)X)
The Timeout Before 1st Retransmission parameter is
multiplied by 2 for each additional retransmission. For
example, if the
Timeout Before 1st Retransmission parameter is set to
8000 ms and the
Maximum Number of Retransmissions parameter is set
to 2, the first retransmission will be sent after 8000 ms if no
reply is received. The second retransmission will be sent
after 16 000 ms (2 × 8000) if again no reply is received.
After 32 000 ms (2 × [2 × 8000]), if there is still no answer,
the retry will timeout. At 56 000 ms
(8000 + 16 000 + 32 000), the 5520 AMS will conclude that
the NE is not responding and report an SNMP Timeout
error.
Maximum Number of Retransmissions The maximum number of times that an SNMP request can
be retransmitted. A retransmission is sent only when a
response to an SNMP request is not received.
Degraded Communication Thresholds
Maximum Average Roundtrip Delay(1) The maximum average time, in milliseconds, between an
SNMP request transmission and the corresponding reply.
When the maximum average roundtrip delay is reached,
the 5520 AMS generates an alarm.
(1 of 2)
Parameter Description
Minimum Number of Requests per The minimum number of SNMP requests to be considered
Hour before raising a Communication Degraded alarm.
The alarm can be cleared even when the minimum number
of requests is not reached.
The default value is 12 SNMP requests.
(2 of 2)
Note
(1) The communication degraded state for the two parameters, Maximum Retransmission Ratio and Maximum
Average Roundtrip Delay is checked every hour by the server, for all the NEs. So the Communication Degraded
alarms will always be raised and cleared at the same time within an hour.
Parameter Description
SNMP v3 User
Security Level A drop-down menu that lists the available supported security levels:
• Without Authentication and Without Privacy—Indicates that
messages between the agent and the manager are unauthenticated
and unencrypted
• With Authentication but Without Privacy—Indicates that messages
between the agent and the manager are authenticated by
unencrypted
• With Authentication and With Privacy—Indicates that messages
between the agent and the manager are both authenticated and
encrypted
Authorization Protocol A drop-down menu that lists the available supported protocols (MD5,
SHA1, SHA2-256(1), SHA2-512)(1)
Authorization Password(2) Used to specify the plain or encrypted password if the MD5, SHA1,
SHA2-256, or SHA2-512 protocol is selected (3)
Encryption Protocol A drop-down menu that lists the available supported privacy protocols
(DES, AES-128, AES-192, AES-256)
Encryption Password(2) Used to specify the privacy password for the encryption protocol (3)
Notes
(1) Due to the PBMT limitation on the NE migration tool, AMS does not support NE migration for those NEs which
are managed with SNMPv3 SHA2 encryption in RHEL 6 alone.
(2) You must create passwords that are at least eight characters long, even if the NE allows a shorter password.
(3) Passwords are encrypted in the 5520 AMS database.
4 Click Finish.
Parameter Description
Identification
SNMP
Version Choose the SNMP version for the profile. The 5520 AMS supports
versions v1, v2 and v3. The default value is set to v3.
SNMP v1/v2
Read Community Indicates the SNMP community name for the agent. This field accepts a
unique character string. Record the names you enter here because you
must use the same names to configure these parameters on the NE.
Write Community Indicates the SNMP community name for the agent. This field accepts a
unique character string. Record the names you enter here because you
must use the same names to configure these parameters on the NE.
SNMP v3
Context Name Indicates the agent in the NE. If Context Name Assignment is set to
Automatic, this field is dimmed.
(1 of 2)
Parameter Description
Password Indicates the SFTP client password.
(2 of 2)
4 Click Finish.
You can configure the SSH public key using the ‘Strict Host Key checking’ feature.
See procedure 138 to disable or enable the feature.
The Strict Host Key Checking feature is used to avoid man-in-the-middle attack. If
such an attack occurs, a standard OS or SSH error will be logged that the 5520 AMS
will return when using secure CLI, secure TL1, SSH scripts, LRM or software
management.
The 5520 AMS checks whether the NEs managed through SNMPv3 have an SSH
public key. If a SSH public key is not available in the NE, then the 5520 AMS will
instruct the NE to generate a new key, else the 5520 AMS will retrieve the key and
use it to populate the SSH known_hosts file.
When a new value for the SSH public key of the NE is generated, it is stored in the
database, and the 5520 AMS updates the known_hosts file of amssys user with the
new public key value in all the application servers.
When the feature is enabled, the entries in the known_hosts file are refreshed
everyday automatically in all the application servers. You can force the re-generation
of the known_hosts file, see Procedure 139.
For the frequency of the SSH public key generation checks, refer to Table 66.
You can manually generate the SSH public key. For more information, see the
Operations and Maintenance Guide for the NE.
Result: The Object Details view opens and the ‘Strict Host Key Checking’ is selected by
default.
2 Select or deselect the ‘Strict Host Key Checking’, as required and click the Apply icon ( )
to save the changes.
Procedure 139 To refresh SSH server public keys in the SSH known_hosts file for all
NEs
Perform the following procedure to refresh the SSH server public keys in the SSH known_hosts
file for all NEs.
2 Right-click SSH Settings and choose Actions → Refresh SSH Server Public Keys in the SSH
known_hosts File for all NEs.
Result: The Refresh SSH Server Public Keys confirmation window opens.
Result: A window opens and provides details about the progress of the refresh action.
When the refresh action is completed, the Action Details window opens showing the Target,
Description, Status and Additional Information.
• Configure default user passwords. In the 5520 AMS Installation and Migration
Guide, see the following procedures:
• To change the password of a default user on the 5520 AMS application server
• To change the password of a default user on the 5520 AMS GUI
• Configure file transfer protocol settings. See Procedure 140 to configure file
transfer protocol settings.
Result: The Object Details view opens. In the AMS Protocol Selection Strategy, the Use the
protocol configured in the NE strategy is selected by default and none of the protocols (SFTP,
FTP, TFTP) are selected by default.
Note — Before you enable the SFTP protocol, make sure that the SFTP
credentials are configured correctly.
• You must set the password to access the 5520 AMS SFTP file server
from the server and the GUI. In the Administration Tree, choose
Configuration→EMS/NE Protocols→File Server Credentials→SFTP
User. See also the procedure to change the password of a default
user on the server in the 5520 AMS Installation and Migration Guide.
The password is used for downloading OSWP software, backing up
and restoring, and downloading CDE profiles.
• You can set the username and password for the NE SFTP file server
in the SNMP profile used by the NE. The username and password are
used for downloading ONT software and viewing syslog files.
2 Select or unselect the check boxes for the file transfer protocols you do or do not want the
5520 AMS to use.
3 From the Strategy drop-down menu, choose Force the AMS protocol selection.
Result: In the AMS Protocol Selection, SFTP, FTP and TFTP protocols are selected by
default.
1 Navigate to the application server on which you want to perform a file transfer test by
choosing EMS Administration→EMS System→Site→Application & Data Servers in the
Administration Tree.
Result: Communication with the server must be established and ongoing, which is indicated
by the Up server status.
2 Right-click the Application server for which this test needs to be performed and choose
Actions→Test File Transfer.
Result: The 5520 AMS attempts to transfer files using each protocol selected in the File
Transfer Protocol Selection object details.
3 When the test is completed, the Action Details view displays the results of the test if the test
was successful or not, possible reasons for failure etc.
The strategy to use the protocols that are enabled by the NE verifies only that the
TL1/CLI credentials are correct. The strategy to use a fixed protocol selection verifies
that the TL1/CLI credentials are correct and that the protocol configuration in the NE
is also correct. For example, the test will fail if a selected protocol is not enabled in
the NE.
For information about how to perform a reachability test on an NE, see the 5520 AMS
User Guide.
Result: The Object Details view opens with the Use the protocol configured in the NE strategy
selected by default and none of the protocols (SSH, Telnet, UDP) selected by default.
2 If you want to change the strategy, from the Strategy drop-down menu, choose Force the
AMS protocol selection.
Result: In the AMS Protocol Selection, all the protocols (SSH, Telnet, UDP) are selected by
default.
3 Select the check boxes for the TL1/CLI protocols you want the 5520 AMS to use.
Result: The TFTP Server Settings are displayed in the Object Details view.
Settings Description
Configuration
Enable TFTP Server on the Select this check box to enable the TFTP server on the 5520 AMS.
EMS (Used for NE Backup, ...) The check box is not selected by default.
Disk Properties
Minimum Free Disk Space in The minimum free disk space (in kilobytes) required for TFTP write
KB to continue. TFTP write verifies that at least this much space is
always available on the server.
Socket Time Out The maximum duration (in s) The maximum duration (in s) that
that the Read socket waits for the server waits for the client to
an acknowledgement from the send a data packet.
client.
Number of Retries The maximum number of times The maximum number of times
that the server resends a data that the server resends
packet to the client. The server acknowledgement packets for a
must resend a data packet specific data packet received
when the acknowledgment from the client. The server has to
number received from the client resend an acknowledgment
does not match the block packet when the block number of
number of the data packet last the data packets last received
sent. does not match the number
expected by the server.
Number of Last Ack Retries - Configure this parameter for the
server to wait for retry attempts
from the client after sending the
last acknowledgement packet.
The duration (in s) the server will
wait is given by the Number of
Last Ack Retries multiplied by the
Socket Time Out parameter.
Result: The TFTP Client Settings is displayed in the Object Details view.
2 In the Configuration settings, enter the maximum number of times for which a file transfer can
be attempted.
When this limit is exceeded, the 5520 AMS enters a protection mode and forces the
user to limit the search for alarms by only allowing the retrieval of historical alarms
from a smaller set of NEs.
The navigation to the Historical Alarm view can be enabled when selecting an NE
group by changing the value of the Protect Alarm View if Number of NEs in Historical
Alarm Filter Exceeds parameter.
The database size can be monitored over time by opening the EMS Performance
Monitoring view and choosing Alarms→ Historical Alarm DB Size. You can also view
TCA alarm for historical alarm database size exceeding configured limit (for example,
if the configured limit is 1GB and then the TCA alarm is raised if historical alarm
database size exceeds 1GB) from Historical Alarm DB Size option.
1 See the ‘Service Unstable’ alarm details to find out the list of unstable services.
• To stop the server (if multiple services are unstable), execute the following command:
ams_server stop
Result: The service does not appear in the list of unstable services after it is stopped
manually.
• To restart the server (if multiple services are unstable), execute the following command:
ams_server start
Result: The service is removed from the unstable services list in the alarm. If the problem is
still not fixed, the alarm is raised again.
Result: The EMS Alarm Severity Assignment table appears in the Table View.
2 Select the alarm in the table. The alarm information is displayed in the Object Details view.
The Category, Domain, Object, Probable Cause, and Specific Problem parameters are not
configurable. However, you can configure the parameters as described in Table 57:
Parameter Configuration
Discarded Choose to discard the alarm by selecting the check box, or to not discard the
alarm by clearing the check box.
When the check box is selected, the Discarded parameter is set to true, and
the alarm is not reported. Also, any corresponding alarms are cleared from the
current alarm table.
When the check box is cleared, the Discarded parameter is set to false, and
the alarm is reported.
Note — The custom fields added to the alarm types can be viewed and
used to filter the alarms in the Alarm View and the Historical Alarm View.
Note 1 — The new severity assignments are effective only for alarms
raised after the changes have been saved.
Note 2 — The status bar of the 5520 AMS GUI displays the aggregated
EMS alarms icon of the site next to the site icon, which shows the
aggregated alarm summary.
Result: The Alarm Settings parameters appear in the Object Details view.
Parameter Description
Global GUI Settings
Alarm View Refresh Interval A time period, in seconds, before the Alarm view is
refreshed.
Compute and Display the TL1 AID Check the TL1 AID checkbox to compute the TL1
AID. The TL1 AID is displayed only for the following:
• TL1 AID column in the Alarm View
• Field selection drop down in the Alarm View
• Alarm Filter drop down
• Object Details view for the Alarm Object
You must log out of the client and log in again for a
change to this parameter to take effect.
Alarm View Coloring Scheme Option to display the entire row or only the Severity
column in the color of the alarm severity in the alarm
views. Select one of the following options from the
drop-down list:
• Alarm Severity Colors the Entire Row to display
the entire row in the color of the alarm severity
• Alarm Severity Colors the Severity Column Only
to display the Severity column in the color of the
alarm severity
(1 of 5)
Parameter Description
When in Overload, Disable View When The alarm view is not displayed so as to protect the
Selected Number of NEs Exceeds alarm view response time if the following two
conditions occur:
• The number of NEs in the Historical Alarm Filter
exceeds the configured value
• The size of the historical alarms database
exceeds the configured value of the Protect
Alarm View if Historical Alarms Database Size
Exceeds parameter
Current to Historical
Delay Before a Cleared Alarm is Moved A time period before a cleared alarm is moved from
From Current to Historical List the Alarm view to the Historical Alarm view.
The cleanup task is run every hour, which means that
the alarm will be moved to Historical Alarm at most
one hour after the configured delay time has passed.
For example, if the delay is set to 5 minutes, the alarm
will be moved effectively after an hour.
Minutes and seconds are ignored.
Historical Alarm Queue Size Size of the queue used to buffer historical alarms
before moving them to the Historical Alarm database.
Purging Historical
Delay Before an Alarm is Deleted from A time period before alarms are deleted from the
Historical List Historical Alarm view.
To configure this parameter, see Procedure 148.
Archiving Historical
(2 of 5)
Parameter Description
Archiving Strategy The archiving strategy is so that the alarms can be
saved to disk for offline analysis instead of being
deleted. If FTP or SFTP file transfer is not selected,
alarms are archived in the shared directory, one file
per day under:
$AMS_EXTERNAL_SHAREDDATA_HOME/alarmar
chiving/alarms-archive_<YYYY>_<MM>_<DD><alp
haChar>.csv, where:
<YYYY>, <MM> and <DD> represents the date (year,
month, and day) at which the alarms were cleared
and <alphaChar> is empty or contains the next
alphabetic character.
If compression is enabled, the file name will be
alarms-archive_<YYYY>_<MM>_<DD>_<HH><alph
aChar>.csv.gz.
If an alarm archive file with the same name already
exists, then the filenames will have a sequential
alphabetic character appended to the name, for
example, alarms-archive_2012_08_20_20a.csv.gz
and alarms-archive_2012_08_20_20b.csv.gz. This
may happen if there are repeated application server
switchovers within the same day causing several
similarly named alarm archive files to be present.
If FTP or SFTP file transfer is selected, the alarm
archive file is transferred to the configured remote
FTP or SFTP location. If the copy or file transfer of the
alarm archive fails, an alarm is raised. Use Procedure
240 to manually purge and archive the alarm log.
Delay Before an Alarm is Deleted from the A time period before alarms are deleted from the
Alarm Archive shared directory where they are archived.
The parameter is enabled when the Archiving
Strategy parameter is set to When Alarms are Moved
from Current to Historical or When Alarms are Purged
from Historical.
Compress Alarm Archive When the parameter is enabled, the alarm archive
files are compressed in the shared directory or
configured FTP/SFTP location daily to minimize disk
space usage.
The parameter is enabled when the Archiving
Strategy parameter is set to When Alarms are Moved
from Current to Historical or When Alarms are Purged
from Historical.
File Transfer
(3 of 5)
Parameter Description
Remote Host Valid IP address of the remote FTP or SFTP host.
This parameter is disabled if Protocol is set to No file
transfer (Keep files in ‘shared/common’).
Threshold (Lower severities will not be The severity threshold to reduce the number of
collected from the NE) alarms reported to the 5520 AMS. Alarms of a
severity lower than the threshold are not collected
from the NE.
Raise Alarm if Total Number of Current The 5520 AMS raises a local alarm when the number
Alarms Exceeds of alarms in the current alarm table exceeds the
configured value. The 5520 AMS clears the local
alarm when the number of alarms falls under the
configured value.
Historical Alarms Database Size The 5520 AMS raises a local alarm when the number
of alarms in the historical alarm database exceeds the
configured value. The 5520 AMS clears the local
alarm when the number of alarms falls under the
configured value.
Do Not Export on Server if Historical Alarms The 5520 AMS does not export alarms on the server
Database Size Exceeds if the size of the historical alarm database exceeds
the configured value. The default value is 200 MB.
This parameter controls the export of alarms during
an AMS migration either using the export script or
through the menu File → Export from the client.
Configuring the historical alarm database to a value
higher than 200 MB will result in increasing the
migration time. Nokia recommends not to exceed 200
MB for the historical alarm database size.
The Export wizard or script do not report an error
when alarms are suppressed due to this setting.
The parameter Maximum Number of Historical
Alarms Exported on Server is replaced by the new
parameter Do Not Export on Server if Historical
Alarms Database Size Exceeds from R9.2.10.
(4 of 5)
Parameter Description
Discard Alarm Event if Rate Exceeds The 5520 AMS removes alarm events from the NE
Alarm Event Log Filter queue when the alarm rate, in
events/s, exceeds the configured value. The
additional events will not be logged.
Delay Before an Alarm is Deleted from the A time period before alarm event logs are deleted
Alarm Event Log from the shared directory where they are archived.
Compress Alarm Event Logs When the parameter is enabled, the alarm event log
archive files are compressed in the shared directory
or configured FTP/SFTP location daily to minimize
disk space usage.
File Transfer
Miscellaneous
Bulk Alarm Block Size The maximum number of alarms retrieved from the
database in one go. For example, when cleaning up
historical alarms, moving cleared current alarms to
historical.
(5 of 5)
Procedure 148 To configure the delay before an alarm is deleted from the Historical
Alarm view
Nokia recommends that you configure the parameter only when you
install the 5520 AMS.
For information on the data migrated from earlier 5520 AMS releases,
see the 5520 AMS Installation and Migration Guide.
The configured delay is a minimum (or guaranteed) delay. Additional granularity in the timestamps
of the historical alarms has been introduced. For example, when the delay is set to 30 days,
historical alarms are cleared in batches of two days. In this case, the oldest alarms that are kept
in the historical database at any time are between 30 and 31 days old. The longer the delay is, the
longer the granularity is. For a configured delay of 20 days or less, the granularity is 1 day.
2 Right-click the Alarm Settings object and choose Actions→Modify Delay Before an Alarm is
Deleted from Historical List.
Result: The Modify Delay Before an Alarm is Deleted from Historical List window opens.
4 Click Finish.
Result: The change takes effect within the hour that follows.
Result: The NE Alarm Processing Settings table appears in the Table View.
The Category, Domain, Object, TL1 Alarm Condition, Probable Cause, and Specific Problem
parameters are not configurable. However, you can configure the parameters as described
in Table 59:
Parameter Configuration
Reporting Strategy Choose one of the following reporting strategy options from the drop-down
menu.
• Report alarm
• Dump to file
• Dump to file & report alarm
Toggling Alarm Choose to suppress the toggling alarm by selecting the check box, or to not
Suppression suppress the toggling alarm by clearing the check box.
By default, the Toggling Alarm Suppression checkbox is not selected.
Move to History Choose one of the following options from the drop-down menu.
• Always: The alarms are always moved to historical alarm table.
• Based on Alarm Age: The alarms are suppressed from historical alarm
table based on the defined alarm age.
Move to History Min. Enter the minimum age of alarms. Below this age, the alarms will be
Alarm Age suppressed from historical alarm table.
This parameter is enabled only when the Move to History parameter is set to
Based on Alarm Age.
The default value is set to 5 seconds.
Note —
• The custom fields added to the alarm types can be viewed and used
to filter the alarms in the Alarm View and the Historical Alarm View.
• Define the NE Alarm Processing Settings for other NE alarms, as
required.
Note — If FTP or SFTP file transfer is not selected, the 5520 AMS starts
dumping alarm information to a log file, and stores one file per hour to the
following directory in the data server:
$AMS_EXTERNAL_SHAREDDATA_HOME/alarmfiltering/
If FTP or SFTP file transfer is selected, the alarm event log file is
transferred to the configured remote FTP or SFTP location. If the copy or
file transfer of the alarm event log archive fails, an alarm is raised. Use
Procedure 240 to manually purge and archive the alarm event log.
The alarm event log file follows the following naming convention:
/alarms-filtered_<YYYY>_<MM>_<DD>_<HH><alphaChar>.csv
where:
<YYYY> is the year
<MM> is the month
<DD> is the date
<HH> is the hour
If an alarm event log file with the same name already exists, then the
filenames will have a sequential alphabetic character appended to the
name, for example, alarms-filtered_2012_08_20_20a.csv.gz and
alarms-filtered_2012_08_20_20b.csv.gz. This may happen if there are
repeated application server switchovers within the same day causing
several similarly named alarm event log files to be present.
The alarm event log file contains the following information for each alarm:
Alarm Domain, Alarm Category, Source Friendly Name, Event Type,
Event Time Stamp, Alarm Severity, Probable Cause, Probable Cause
Mnemonic, Specific Problem, Additional Info, Service Affecting Type,
Groups.
2 Choose the NE Alarm Event Log Filter for which you want to configure toggling alarm
suppression.
A selected check box indicates that toggling suppression for the alarm is enabled (True). If
the check box is not selected, the toggling suppression is disabled (False). The True and
False values, and toggling threshold value, display in the Table View.
4 Configure the Toggling Threshold parameter as required to configure the toggling threshold
setting for the alarm.
6 Log out of the client and log in again for the changes to take effect.
Note — If you enable and then disable alarm toggling suppression in the
same GUI session and attempt to filter alarms on a specific problem
without performing step 6, you may experience problems with the
filtering. The workaround in this case is to re-enable the alarm toggling
suppression in the same GUI session and set the alarm’s toggling
threshold to a very high value.
Parameter Description
4 Click Finish.
Result: The ENV Alarm Template table appears in the Object Details view, and displays
information in the following columns: Domain, Mnemonic, and Probable Cause. You can
customize the alarm definitions in the Probable Cause column.
i Click a table cell in the Probable Cause column. The cell becomes a text box, and you
can edit the definition.
ii Enter a meaningful definition for the environmental alarm to reflect the specific alarm
use.
Table 61 PM settings
Setting Description
Properties
Max. Monitors Per User The maximum number of monitoring tasks that a user can
create.
Max. Active Monitors Per User The maximum number of active monitoring tasks for a user.
Default Polling Interval The duration (in seconds) that elapses between polls.
Default For Time Duration The duration (in seconds) of the PM task collection. Data is
collected for the specified amount of time.
Max. Monitored Records The maximum number of records to monitor per PM task.
Page Size (Data View) The maximum number of pages to display PM records in the
Data view.
Page Size (Global Monitoring view) The maximum number of pages to display PM tasks in the
Global Monitoring view.
Note — If a user has changed the CLI prompt then the prompt
must end with “$<space>“or “#<space>“.
Setting Description
General
Cut Through Timeout The length of time, in minutes, before an inactive cut through
will time out.
Auto populate Credentials Select the check box so that the TL1 and CLI cut-through
username and password configured in the NE object details
are populated automatically in the Cut Through window.
Result: The NE Backup settings are displayed in the Object Details view.
Setting Description
Backup Auto-Removal
Maximum Number of Backup Files Specifies the maximum number of the most recently backed
(per NE) up files for each NE that the 5520 AMS must retain
indefinitely. The default value is 5.
Result: The Splitter settings are displayed in the Object Details view.
Setting Description
General
Result: The Action Manager settings are displayed in the Object Details view.
Setting Description
Completed to Historical
Delay Before a Completed Action is The duration (in seconds, minutes, hours or days) before a
Moved to the Historical List completed action in the Action view is moved to the Historical
Action view. The format must be # s, m, h or d. For example, 10 d.
Removal from Historical
Delay Before an Action is Deleted The duration (in seconds, minutes, hours or days) before a
from Historical List completed action in the Historical Action view is deleted. The
format must be # s, m, h or d. For example, 10 d.
3 If you enabled or disabled the Display ONT POTS Port Phone Number parameter, restart the
5520 AMS client.
Result: The supervision settings are displayed in the Object Details view.
Setting Description
Polling
Polling Period The duration (in s) that elapses between polls of the NEs to confirm
their reachability.The default is 300s.
In case of unreachable or isolated NEs or agents, the polling timeout
is 12 seconds.(1)
Timeout Before 1st The duration (in s) that the 5520 AMS will wait to conclude that the
Retransmission NE is not responding.
If the Timeout Before 1st Retransmission is Y (sec) and Maximum
Number of Retransmission is (m), then the timeout (T2) is calculated
as follows:
T2= (2(m-m)Y + … + 2(m-2)Y + 2(m-1)Y + 2(m)Y)
The Timeout Before 1st Retransmission parameter is multiplied by
2 for each additional retransmission. For example, if the
Timeout Before 1st Retransmission parameter is set to 4 s and the
Maximum Number of Retransmissions parameter is set to 2, the
first retransmission will be sent after 4 s if no reply is received. The
second retransmission will be sent after 8 s (2 × 4) if again no reply
is received. After 16 s (2 × [2 × 4]), if there is still no answer, the
retry will timeout. At 28 s (4 + 8 + 16), the 5520 AMS will conclude
that the NE is isolated after all retries have failed.(1)
This parameter is also configured in the SNMP retries settings.
The value of Timeout T2 (mentioned in the above formula) should
be less than the value of Timeout T1 which is mentioned in the Table
52: SNMP retries parameters.
Supervision
Align NE System ID with NE Select this check box to configure the 5520 AMS to automatically
Name at Start Supervision change the NE’s System ID to match the NE name. (2)
If the System ID and the NE Name do not match, an NE user label
mismatch alarm is reported when supervision is started. For more
information about alarms, see Chapter 26.
(1 of 2)
Setting Description
Start Supervision at NE Select this check box to configure the 5520 AMS to automatically
Creation begin supervising a NE when one is created.
On Unreachable NE, Start Configures the behavior of the 5520 AMS when supervision starts
Supervision on an NE but the NE is unreachable. There are two options:
• Keeps Trying (State becomes “Supervising”): the 5520 AMS
places the NE in a Supervising state and attempts to connect to
the NE repeatedly. When the NE becomes available, the state
is changed to Supervised.
• Fails (State becomes “Declared”): the 5520 AMS returns the NE
to the Declared state.
Registration Checks
Number of Polling Cycles The number of polling cycles between two registration checks. In a
Between Registration Checks registration check, detailed connectivity checks are performed on
trap registration, trap bitmask and SNTP. These settings need to be
correct in order for AMS to receive correct notification of the NE
changes. AMS tries to resolve any issues with these settings. The
range is from 2 to 1000. The default is 48.
For example, when the value '48' is set for this parameter, these
additional checks are performed every 48 polling cycles. So, if the
polling period is set to 300 seconds (5 min), the registration check
will be performed every 4 hours (every 48 polling cycles).
If the Trap Bitmask is overwritten by the operator in the 5520 AMS
GUI, then its value is set to default during registration check.
Number of Polling Cycles The number of polling cycles between two CLI connection checks.
Between CLI Connection In a CLI connection check, detailed connectivity check is performed
Checks on the NE. The range is from 6 to 1000000. The default is 288.(3)
For example, when the value '288’ is set for this parameter, the
connectivity check is performed every 288 polling cycles. So, if the
polling period is set to 300 seconds (5 min), the CLI connectivity
check will be performed every 24 hours (every 288 polling cycles).
Number of Polling Cycles The number of polling cycles between two SSH server public key
Between SSH Server Public checks. The range is 0 to 2147483647. The default is 6.
Key Checks
(2 of 2)
Notes
(1) The parameter is only applicable to isolated NEs. For non-isolated NEs, the retransmission settings under
SNMP settings are applicable. For more information, see Procedure 135.
(2) If the NE is not a 7302 ISAM or 7330 ISAM FTTN or 7360 ISAM FX, System IDs cannot be longer than 20
characters. If the NE is a 7302 ISAM or 7330 ISAM FTTN or 7356 ISAM FX, System IDs cannot be longer than
64 characters. If the NE name is more than the specified character limit for the NE type, the System ID will not
be changed.
(3) When the value is set to 1000000, the CLI connectivity check is not performed on the NE, not even during server
restart or start supervision.
Tmin = T × 2(N)
N = 0→R
where:
300 4 1 12 312
300 4 2 28 328
300 4 3 60 360
300 15 1 45 345
Result: The EMS tracing settings are displayed in the Object Details view.
See the 5520 AMS User Guide for information about using the Multiple Edit function to
configure multiple NE objects at one time.
Procedure 162 To reset the tracing level to the default on all NEs
2 Right-click EMS Tracing Settings and choose Actions→Reset Tracing to Default on all NEs.
3 Click Finish.
Result: The EMS tracing level on all NEs is reset to the default value.
Time zone management must also be configured in the NE when the NE is created
in the GUI. The time zones you configure become available to the operator in the
Create NE window. See the 5520 AMS User Guide for information about creating an
NE.
Time zones are displayed in the following region-based format:
(UTC offset) Region/Example city (time zone abbreviation/DST rule)
More than one time zone may exist for the same region and UTC offset, depending
on DST rules. For example:
• (UTC-07:00) America/Denver (MST/MDT)
• (UTC-07:00) America/Phoenix (MST, no DST)
Because the US state of Arizona, where the city of Phoenix is located, does not use
DST two time zones are available. You need to choose the correct time zones for the
locations of your NEs. This will ensure accurate DST updates.
The time zone management function will update the UTC offset on the NE based on
the NE configuration settings when you manually resynchronize the alarms between
the NE and the 5520 AMS database. As a result, if you suspect a time zone
discrepancy is at the root of a problem that you are troubleshooting, then you can
manually resynchronize the NE and 5520 AMS database alarms to clear the problem
potentially. See the procedure to manually resynchronize alarms in the 5520 AMS
User Guide.
Nokia recommends that you synchronize the NEs using SNTP if you need to use
time zone management. See Chapter 14 for information about configuring SNTP.
You may need to update time zone data periodically. See Section “Updating time
zone data in the 5520 AMS” to update time zone data in the 5520 AMS.
Note — In the event that in the 5520 AMS GUI the NE System
object displays a time zone value for the NE that is not correct,
and the time zone for the NE is not set to be managed, Nokia
recommends that you modify the time zone in the Windows OS:
apply a different time zone in the Windows date and time
properties and then apply the correct time zone.
This workaround relates to a Java issue in Windows and only
needs to be performed once in the lifetime of the machine.
Table 68 describes how alarm time stamps are displayed if time zones are
configured and at least two NEs are located in different time zones.
Table 68 Alarm and event time display behavior with time zones config-
ured and NEs in different time zones
Note
(1) This column will only appear in the Alarm view if time zone settings are configured and at least two NEs are in
different time zones.
2 Select the Manage NE Time Zones check box to manage time zones. The following
parameters are enabled only if the Manage NE Time Zones check box is selected:
3 To configure the 5520 AMS GUI to display the NE local time for all time stamps in the Object
Details view of the NE, select NE Local Time from the Display NE Timestamps as drop-down
list.
4 Select GMT/UTC from the Display ‘Event/Cleared’ Time in Alarm Views as drop-down list to
display Event Time and Cleared Time in Alarm Views in GMT/UTC. By default, the Event
Time and Cleared Time parameters in the Alarm Views display the GUI Local Time.
5 Select one of the options from the Display ‘NE Event/Cleared Time’ Columns in Alarm Views
drop-down list:
• Only if there are at least 2 time zones selected (this is the default option)
• Always
6 In the NE Time Zones section, perform the following steps to select the time zone required
to manage an NE:
Note — If the time zone in the server is set as a region-based time zone,
for example, (UTC+01:00) Europe/Paris (CET/CEST), the time zone will
appear in the Selected list by default. If the time zone is configured in a
different format, for example, CET, there will be no default time zones in
the list.
8 Log out of the client and log in again for the changes to take effect.
2 Choose the NE plug-in type and release you need to configure settings for.
Result: The NE plug-in settings are displayed in the Object Details view.
3 Configure the settings. See the Operations and Maintenance guide for the NE for more
information.
These parameters are applicable to all NE TL1 users on a given NE. The same
parameters are available for each TL1 user on a given NE under the Infrastructure
object.
These parameters are available to configure when the Update the TL1 Credentials
in the NE when changing them in the NE Object Details parameter is selected. See
the Operations and Maintenance guide for the NE.
Then, select the Update the TL1 Credentials in the NE when changing them in the
NE Object Details parameter in the NE Plug Specific Settings in the Administration
Tree so that in future if an NE gets disconnected, its TL1 credentials can be
synchronized automatically when the NE becomes reachable again. See
Section 20.27 for more information.
2 Right-click the NE plug-in type and release you need to copy the settings for and choose
Actions→Copy From.
3 Select an NE plug-in type and release in the Available panel and click the right-arrow.
4 Click Finish.
Setting Description
Maximum Number of The maximum number of templates that can be added to a template
Templates per Template group version.
Group Version
Maximim Number of The maximum number of templates or template groups that can be
Templates/Template Groups displayed in the Template Tree. By default, this option is set to 4000.
Displayed in the Tree If the number of templates/template groups exceeds this limit, a
search button will be displayed in the Template Tree.
Align Service ID with VLAN ID Select this check box to align the service ID with the VLAN ID during
during Template Deployment VLAN template deployment. This check box is selected by default.
This default option benefits operators managing the NE from the CLI,
when the Service ID and VLAN ID are equal.
If this setting is enabled, then the L2 Service object is created in the
NE with the service ID equal to the VLAN ID that is defined in the
template definition (when the identifier is not provided during
deployment) or the VLAN ID that is provided as an argument (when
the identifier is provided during deployment).
If this setting is disabled, then the L2 Service object is created in the
NE with the service ID based on next available service ID number.
This was the behavior prior to R9.2.30.
2 In the Warning Threshold field, enter a value that is at least zero and less than 100.
2 In the Licence Collection Start Time panel, configure the parameters for the time you need
the license collection to start.
Result: The change will be effective after the next scheduled collection.
Setting Description
General
Type Indicates the type of the site, where the possible values are Simplex or Cluster. It is a
read-only parameter.
Status Indicates the status of the site, where the possible values are Healthy or Degraded. It is
a read-only parameter.
Enable NE Balancing Based On Select this check box to enable the NE balancing based on the custom group.
Custom Group The check box is not selected by default.
Standard NE rebalancing is based on the number of NEs and NE type/release. Enabling
this parameter will add a custom group to this criteria.
Note - The custom group related options supported for the ams_show_ne_balancing.sh
script are available only if this setting is selected. For more details on the supported
options, refer to the section 31.24.
Custom Group For NE Balancing The NEs are moved from most loaded Application server to the least loaded Application
server based on the number of NEs and NE type/release, and they can be combined
with the custom group.
The drop-down list display the custom groups that are created, along with the following
default custom groups:
• Sub Type
• Time Zone
This parameter is enabled only when the Enable NE Balancing Based On Custom
Group check box is selected.
Configuration File Changes The polling period for which the configuration files are audited by the 5520 AMS.
Detection Period The format of the value for this setting is <x> <y> where x is a number and <y> is the
duration that is, m (minutes), h (hours), or d (days).
By default, the value is 1 d. The acceptable values are 0, 1 d to 30 d, where 0 indicates
that this setting is disabled.
(1 of 4)
Setting Description
Authentication / Authorization The types of authentication and authorization used by the 5520 AMS server. The
Sources options are:
• Internal Database / Internal Database - Internal Database for Authentication and
Authorization.
• LDAP / Internal Database - LDAP for Authentication and Internal Database for
Authorization.
• RADIUS / Internal Database - RADIUS for Authentication and Internal Database for
Authorization.
• LDAP / LDAP - LDAP for Authentication and Authorization.
• RADIUS / RADIUS - RADIUS for Authentication and Authorization.
• Client OS / Internal Database- Client OS for Authentication and Internal Database
for Authorization.
For more information about Authentication and Authorization sources, see section
20.34.
For information about managing RADIUS and LDAP authentication, see 20.34.1 and
20.34.2.
IP Address or Hostname The IP address or hostname of the RADIUS server if you are using RADIUS
authentication.
Port The port number of the RADIUS server if you are using RADIUS authentication.
Secondary IP Address or Host The IP address or hostname of the secondary RADIUS server.
Name
Secondary Port The port number of the secondary RADIUS server if you are using RADIUS
authentication.
Password The password for the RADIUS server and client if you are using RADIUS authentication.
Re-Type Password
Number of Retries The number of times to retry the connection to the RADIUS server.
IP address or Host Name The IP address or hostname of the RADIUS server if you are using RADIUS accounting.
Port The port number of the RADIUS server if you are using RADIUS accounting.
Secondary IP Address or Host The IP address or hostname of the secondary RADIUS server.
Name
Secondary Port The port number of the secondary RADIUS server if you are using RADIUS
accounting.
Password The password for the RADIUS server and client if you are using RADIUS accounting.
Re-Type Password
Number of Retries The number of times to retry the connection to the RADIUS server.
LDAP Server
(2 of 4)
Setting Description
Protocol Unsecure LDAP or Secure LDAP
URL The URL of the LDAP server. For example, yourserver:port, where yourserver is the
DNS or IP address of the LDAP server and port is the network TCP port of the LDAP
server. The default TCP ports for LDAP servers are:
• Unsecure LDAP server: 389
• Secure LDAP server: 636
Secondary URL The URL of the second LDAP server for authentication. If the first server fails,
authentication will be directed to the second server.
Bind DN The user DN to authenticate the LDAP client to the server. For example, domain name
of sample.com, cn=Directory Manager,dc=sample,dc=com, where cn is the common
name and dc is the domain component.
Context DN The fixed DN of the context from which to start the user search. For example, dc=sample
dc=com, where dc is the domain component.
Password The password used to authenticate the LDAP client to the server for user and roles
queries.
Role DN The fixed DN of the context to search for user roles. For example, dc=sample dc=com,
where dc is the domain component.
Role Filter A search filter to locate the roles that are associated with the authenticated user. For
example, member={1}.
Role Name Attribute ID The name of the role attribute of the context that corresponds to the name of the role.
For example, cn.
Base Filter A search filter used to locate the context of the user to authenticate. For example,
uid={0}.
Role Attribute ID The name of the role attribute of the context that corresponds to the name of the role.
For example, dn.
Connection to External TL1GW A check box to establish a connection to External TL1 Gateway servers on the
5520 AMS. The check box is deselected by default.
For information about managing External TL1 Gateways, see Chapter 16.
Sync NE List A check box to specify that the 5520 AMS server should synchronize the NE List with
the TL1 Gateway servers.
Use Single External TL1 GW A check box to specify that only one TL1 Gateway server can be created for the site. If
Server the check box is not selected, multiple TL1 Gateways can be used. In this case, you
need to manually associate NEs to the TL1 Gateways.
DCN Servers An IP address that can be used to test connectivity to the DCN.
Separate the multiple IP addresses with commas.
List of Devices to be Tested List of DCN server IP addresses and hostnames that are tested to determine whether
the servers are reachable.
Separate the multiple IP addresses and hostnames with commas.
(3 of 4)
Setting Description
Test Performed Every The time period (in minutes) that elapses between each DCN connectivity test.
Max. Retries per Test The maximum number of times that the DCN connectivity test is retried within the
specified time period before the 5520 AMS declares that the DCN server is
unreachable.
(4 of 4)
Note
(1) Standard NE rebalancing is based on the number of NEs and NE type/release.
(2) The Role-Based Authorization setting contains parameters for authentication. The following parameters are mandatory depending on the
type of authentication and authorization selected.
• For LDAP authentication - Role DN, Role Filter and Base Filter
• For LDAP authorization - Role Name Attribute ID and Role Attribute ID
(3) The DCN Connectivity test in Red Hat Enterprise Linux is done by establishing a TCP connection port 7 (Echo) of the destination host.
Note — If you change the selection of the Use Single External TL1 GW
Server check box, you must log out of the 5520 AMS client and log in
again to see the effect of the change.
Authenticatio Description
n options
Internal In this mode of authentication, the password is provided when a user log in is
Database checked against the password value stored in the 5520 AMS database. Users can
change their password from the 5520 AMS GUI.
Password complexity rules and password expiration period are applicable.
RADIUS or In this mode of authentication, the password is provided when a user log in is
LDAP checked against the password value stored in the remote authentication server.
Such users cannot change their password from the 5520 AMS GUI.
Password complexity rules and password expiration period are not applicable.
(1 of 2)
(2 of 2)
• The RADIUS server must have access to 5520 AMS usernames and passwords. How the
RADIUS server stores and accesses the usernames and passwords depends on its
implementation. For example, certain RADIUS servers can use a flat text file, LDAP, or
SQL.
• Verify that the existing 5520 AMS usernames and passwords are configured in the
RADIUS server.
• When users are added to the 5520 AMS, update the RADIUS server with the
usernames and passwords.
2 Click the active site you need to enable RADIUS authentication for.
Result: The site settings are displayed in the Object Details view.
4 Create 5520 AMS users. See Section 9.2 for more information. Verify that all usernames and
passwords are also defined in the RADIUS server.
Note — The password that you assign to the 5520 AMS user is stored
in the 5520 AMS database. This 5520 AMS user password does not
override the password specified in the RADIUS server.
To resolve the problem with the RADIUS or LDAP server, you need to log in to the 5520 AMS and
check the configuration. For log in access, you need to revert to database authentication using the
switch authentication script.
1 Log in as amssys to the 5520 AMS server workstation where database is running.
ams_switch_authentication_local.sh ↵
Are you sure you need to switch to the local database authentication [no
(default) | yes ]?
yes ↵
6 Verify that the RADIUS or LDAP server configuration parameters are correct using the
5520 AMS GUI.
7 Verify the RADIUS or LDAP server configuration on the 5520 AMS server workstation.
2 Click a site to display the site settings in the Object Details view.
cd /usr/lib/jvm/java-1.8.0-openjdk.x86_64/jre/lib/security/
2 Open java.security file using VI editior and remove MD5 from the following lines
jdk.certpath.disabledAlgorithms
jdk.jar.disabledAlgorithms
jdk.tls.disabledAlgorithms
• An LDAP server must be installed and configured as described in the documentation for
your LDAP server.
• The LDAP server must have access to 5520 AMS usernames and passwords using a flat
file or LDAP.
• Verify that existing 5520 AMS usernames and passwords are configured in the
LDAP server.
• When users are added to the 5520 AMS, update the LDAP server with the
usernames and passwords.
2 Click the active site that you need to enable LDAP for.
Result: The site settings are displayed in the Object Details view.
4 Configure the LDAP Server parameters in the Object Details view, to match the way they are
configured on the LDAP server. For information about LDAP settings, see Table 70.
5 Create 5520 AMS users, see Section 9.2 creating user accounts from the 5520 AMS GUI.
Verify that all usernames and passwords are also defined on the LDAP server.
Note — The password that you assign to the 5520 AMS user is stored
in the 5520 AMS database. This 5520 AMS user password does not
override the password specified in the LDAP server.
Result: The site settings are displayed in the Object Details view.
3 To disable LDAP server authentication, set the Authentication Source parameter to Internal
Database.
3 Navigate to the directory where your certificate is stored and open the file that you need to
use.
4 Copy the certificate details and paste them into the Certificate field.
Note — The expiry date of the certificate appears in the Object Details
view for the certificate. When the certificate has expired, any login
attempts by LDAP users will fail.
In case of a Role attribute, no default value is used and the login fails when no valid
Role is returned.
Table 73 describes the parameters that apply to LDAP or RADIUS server when you
create or modify user accounts. ‘Discoverable values’ are the values which can be
retrieved from an LDAP or RADIUS database. When the values are not present in
the LDAP or RADIUS database, then the ‘Default values’ will be taken.
See Table 73 for information on user accounts for an LDAP or RADIUS server. See
Procedure 29 to create a user account.
Table 73 User account parameters for LDAP/RADIUS server
Common tab
Description (1) Yes Empty Nokia-AMS-Descrip String None
tion
Password No Empty - - -
Roles (1) (2) Yes Empty Nokia-AMS-Role (5) String Filters out roles
unknown in the
AMS.
Login fails if no
known Role remains
after filtering.
Allowed PAP Groups (1) (3) Yes allPAPs Nokia-AMS-Allowed String Filters out PAP
PapGroup Groups unknown in
the AMS.
Login fails if no
known PAP group
remains after
filtering.
Locked No Disabled - - -
Advanced tab
Address filter (4) Yes Empty Nokia-AMS-Filtered IPv4 Login fails if IPv4
IPAddress Address[prefix Address List is
length] invalid.
(1 of 2)
Inactivity
Inactivity Logout Timeout Yes Global Nokia-AMS-Inactivit GLOBAL, If the value is set out
yLogoutTimeout USER, NONE of range, then the
user login fails.
Inactivity Lock Screen Timeout Yes Global Nokia-AMS-Inactivit GLOBAL, If the value is set out
yLockScreenTimeo USER, NONE of range, then the
ut user login fails.
Lock Screen Timeout Yes Empty Nokia-AMS- Integer Login fails if value is
(Disabled) LockScreen [3..525600] not set in range
Timeout [3..525600]
Dormant Account
Miscellaneous
(2 of 2)
Notes
(1) RADIUS has a limitation of 247 characters.
If Roles or PAP Groups created exceeds the limitation of 247 characters, then such roles or PAP Groups will not be discovered in RADIUS.
For example, if multiple roles are created with 128 characters each, then only one role is discovered in RADIUS.
(2) For Roles, RADIUS supports multi-valued attributes. Attributes with multiple values are separated by a comma. For example,
Nokia-AMS-Role=”Constructor,License-Admin”.
(3) For Allowed PAP Groups, LDAP supports multi-valued attributes. The same attribute name can be repeated with different values in the
definition of a user.
For example, Nokia-AMS-AllowedPapGroup=”North”,Nokia-AMS-AllowedPapGroup=”South”.
For Allowed PAP Groups, RADIUS supports multi-valued attributes. Attributes with multiple values are separated by a comma. For example,
Nokia-AMS-AllowedPapGroup=”North,South”.
(4) For Address filter, LDAP supports multi-valued attributes. The same attribute name can be repeated with different values in the definition
of a user.
For example, Nokia-AMS-FilteredIPAddress = “192.168.99.0/24,Nokia-AMS-FilteredIPAddress =192.168.95.0/24”.
For Address filter, RADIUS supports multi-valued attributes. Attributes with multiple values are separated by a comma. For example,
Nokia-AMS-FilteredIPAddress = “192.168.99.0/24,192.168.95.0/24”.
(5) Nokia-AMS-Role is applicable only for RADIUS. Refer to Table 70 for LDAP: Role-Based Authorization.
When a user logs out from the 5520 AMS for any reason such as idle timeout, admin
reset and so on, an accounting request containing the attributes mentioned in the
successful user log in, along with the following attributes is sent to the configured
RADIUS accounting server:
• Acct-Session-Time
• Acct-Terminate-Cause
The value of account terminate cause (Acct-Terminate-Cause) is returned based on
the following mapping table:
Table 74 Mapping of Termination Causes
(1 of 2)
(2 of 2)
Notes
(1) This situation occurs when the 5520 AMS client is killed or disconnected and the session is not terminated
properly on the server.
The accounting request is sent to the accounting server. When the accounting
response is not received after the configured timeout, the 5520 AMS re-sends the
accounting request to the server. When the configured number of retries is
exhausted, an error is logged in the 5520 AMS security log, with the same category
or level as an authentication failure.
RADIUS accounting supports redundancy of sending accounting requests. When the
configured number of retries is exhausted, with a secondary accounting server
configured, the 5520 AMS sends the accounting request to the secondary server and
retries using the configured values for timeout and number of retries.
Note — When login or log out is performed as a result of
processing a SOAP/XML request from the 5520 AMS or 5529
Enhanced Applications, no accounting request is sent to the
RADIUS accounting server.
Result: The application server settings are displayed in the Object Details view.
2 Configure the settings as described in Table 75. See Table 76 for information about the
Software/Plug-in Version settings.
Setting Description
Server Status
Master Server Displays whether the application server is the master server. The
value is true or false.
Settings
Capacity to Handle NE SNMP Specifies the capacity of the application server to handle NE
Traps SNMP traps.
Total Number of Parallel Jobs Specifies the total number of parallel jobs that can be handled by
the application server. The value depends on the power of the
application server.
Number of Parallel Jobs The table displays the number of jobs that can be handled by the
application server for each job queue. For the 5520 AMS system,
the table indicates how to allocate the total number of parallel jobs
(value of Total Number of Parallel Jobs parameter) to each queue.
The numbers in the table are percentages or absolute numbers of
jobs. There is a minimum guaranteed number of jobs and a
maximum number of jobs allowed per queue. Contact your Nokia
representative if you intend to change any values in the table. For
the job tuning information table for setups with 8vCPUs or less,
see the 5520 AMS Solution Planning Guide.
Operating System Specifies the operating system information of the 5520 AMS
server, such as name of the OS, its architecture, and version.
Build Date and Time Specifies the build date and time.
Active Plug-ins Lists the active plug-ins, and their release number, version, and
build number.
2 Choose the Software/Plug-in Version pane to view the details. Information about the
5520 AMS core appears in the Version, configuration file name appears in the Golden SW
Label, Build Number, and Build Date and Time fields. Information about plug-ins appears in
the Active Plug-ins table.
Table 76 describes the items that appear in the Software/Plug-in Version pane.
(example)
Note
(1) The Aligned column indicates if the component is aligned with the GoldenEMSSwConfig file or not. If the
component is present in GoldenEMSSwConfig file, then ‘+’ is displayed. If it is a component that is not expected
or added manually, then ‘-’ is displayed.
Result: The data server settings are displayed in the Object Details view.
2 View the settings in the Object Details view. Table 77 describes the settings that are
displayed in the Object Details view.
Setting Description
Server Status
Preferred Server This check box is selected if the data server is the preferred data
server.
Master Server Displays the data server role. The check box is selected if the data
server is the active data server.
Operating System Specifies the operating system information of the 5520 AMS
server, such as name of the OS, its architecture, and version.
Result: The SNTP server settings are displayed in the Object Details view.
Setting Description
Identification
Settings Type The type of SNTP settings to use on the NE. Options are:
• Use AMS Local SNTP Server (use this to run SNTP
processes on all 5520 AMS servers)
• Disable SNTP in NE
• Do Not Overwrite SNTP in NE
• External SNTP Server x
SNTP Settings
Server IP Address The IP address of the SNTP server. For a local SNTP server, this
IP address is automatically assigned by the 5520 AMS. IPv4 and
IPv6 address formats are supported for this parameter.
Server Port The server port of the SNTP server. The port is used only when
the Settings Type is set to Use AMS Local SNTP Server or
External SNTP Server x.
Polling Rate The polling rate of the SNTP server. The polling rate applies only
when the Settings Type is set to Use AMS Local SNTP Server or
External SNTP Server x.
NE Assignment
Subnet Address The subnet realm for which the SNTP server will be used.
Subnet Mask The range of IP addresses for which the SNTP server will be
used.
Result: The inventory basic settings are displayed in the Object Details view.
2 Configure the inventory basic settings, as required. Table 79 describes the parameters
available on the Basic Settings page.
Background Collection
Automatic Network Collection This setting controls the background The default is Default Network
at collection of basic inventory data. A Collection.
default collection schedule is predefined
and associated with this setting, so that
an inventory data collection runs once a
day on the entire network. Click Browse
to create a new schedule, as required.
Click Go To to view the default schedule
details and to modify the schedule if
needed.
The parameter does not display in the
5520 AMS GUI when certain
5529 Enhanced Applications are
installed. See the documentation for the
application for more information.
Real-Time Update
Real-Time Update Enabled Select this check box to enable real-time Enabled or disabled.
updates. The default is Enabled.
Process Pending Changes The frequency of pending change The range is 10 s to 300 s.
Every processing by the 5520 AMS. For The default is 30 s.
example, if the default value is chosen,
the 5520 AMS processes pending
changes every 30 s.
Automatic Resynchronization Select this check box to enable automatic The default is Enabled (selected
of Out of Sync NEs resynchronization of out of sync NEs. check box).
If the check box is checked, the
5520 AMS will collect data for the out of
sync NEs every five minutes. The
collection will not appear in the Action
Manager.
Number of Failures Causing The maximum number of times the The range is 1 to 2147483647.
the Collection to Stop 5520 AMS will attempt to collect data for The default is 3.
out of sync NEs. If the number of retries is
exceeded, the automatic collection of out
of sync NEs is stopped.
Delay to Resume Stopped A time period (in seconds, minutes, hours The default is 1 d.
Collection or days) for the collection to resume on
out of sync NEs. The 5520 AMS decides
which collection should be resumed once
in every hour.
The format of the specified duration must
be # s, m, d, or h.
Overload Protection
Collection
Maximum Number of Objects The maximum number of objects for The range is 50 to 1000.
per Request which the 5520 AMS collects inventory The default is 100.
data from the network in a collection
request.
(1 of 2)
(2 of 2)
Investigate and resolve each inventory data collection failure. The 5520 AMS logs
the cause of the inventory data collection failure in the inventory.log file. You can find
this log file on the server, in the $AMS_LOG_DIR directory.
The most common causes of an inventory data collection failure are:
• The NE is not supervised by the 5520 AMS.
• The 5520 AMS does not support the NE plug-in software load.
• The 5520 AMS NE support plug-in is not installed.
Take the appropriate action to resolve an inventory data collection failure. After the
issue is resolved, perform a forced inventory data collection. See chapter 21 for
information about performing forced collections of inventory basic data.
Note — The 5520 AMS client login function does not support
SOCKS Proxy servers.
Procedure 182 To configure the proxy settings in the 5520 AMS Red Hat Enterprise
clients to access the Internet
1 Navigate to the directory where the 5520 AMS Red Hat Enterprise Linux client is installed.
-Dnetwork.proxy_host=proxy_address
-Dnetwork.proxy_port=port
where:
proxy_address is the proxy address to use.
port is the port to use.
Procedure 183 To configure the SIP file transfer protocols using the 5520 AMS GUI
2 In the Object Details view, choose the file transfer protocol from the File Transfer Protocol
drop-down menu.
Note —
• While transferring the XML files from the AMS server to the
FTP server that houses the SIP server, the protocol handling
script is invoked by the 5520 AMS, and calls the appropriate
script based on the SIP file transfer protocol selected (SFTP,
FTP or SCP).
Task See
R4.6.0 or later FTP Server User Name When you enter a username and password, the
values are displayed in the FTP user name and
FTP Server Password password parameters on the FTP tab of the
VoIP Service object.
When you do not enter a user name and
password, you must use anonymous access to
the FTP server. Nokia recommends that you do
not use the amsftp username and password as
the FTP server username and password.
All releases File Transfer Protocol Specify the file transfer protocol, (FTP, SCP or
SFTP) to be used for transferring the SIP files
between AMS and the external FTP server.
Note
(1) When the 5520 AMS is a standalone server, the FTP server can be configured on the 5520 AMS server. When
the 5520 AMS server is part of a cluster, configure an external FTP server.
Create an anonymous FTP user when the 5520 AMS server is configured as the FTP server for
SIP.
You need root privileges to create an anonymous FTP user on the 5520 AMS server.
2 Execute the following command to find out the absolute path of the
$AMS_SHAREDDATA_HOME directory:
For example:
AMS_SHAREDDATA_HOME=/var/opt/ams/shared/ams-9.7-385564
Make a note of this absolute path, as you need to provide this path, while executing the
command to create an anonymous FTP user as a root user.
su root
usermod -c “account” -d
<absolute_path_of_$AMS_SHAREDDATA_HOME_variable>/ne -g amssys -s
/bin/true ftp ↵
Where:
For example:
pwconv ↵
a Edit the /etc/vsftpd/vsftpd.conf file and ensure that the anonymous_enabled is set to
YES and add anon_world_readable_only=NO, and then save and close the file.
anonymous_enable=YES
anon_world_readable_only=NO
b After editing the vsftpd.conf file, restart the system and then start the vsftpd service and
configure it to start during boot.
chkconfig vsftpd on
7 Setup SELINUX file context so anonymous FTP can access the files. Perform one of the
following steps:
<absolute_path_of_$AMS_SHAREDDATA_HOME_variable>/ne(/.*)?<
tab>system_u:object_r:public_content_t:s0
For example:
/var/opt/ams/shared/ams-9.7-385564/ne(/.*)?<
tab>system_u:object_r:public_content_t:s0
“<absolute_path_of_$AMS_SHAREDDATA_HOME_variable>/ne(/.*)?”
For example:
/var/opt/ams/shared/ams-9.7-385564/ne(/.*)?
restorecon –vvFR
<absolute_path_of_$AMS_SHAREDDATA_HOME_variable>/ne
Where:
For example:
restorecon –vvFR
/var/opt/ams/shared/ams-9.7-385564/ne
9 Update SELINUX permissions to allow FTP to write to the file system if the server is used for
G6 backups using FTP:
setsebool -P allow_ftpd_anon_write=1
Note — This step is not required when G6 backups are set up to use
SFTP.
ftp AMS_IP_address ↵
where AMS_IP_address is the IP address of the 5520 AMS. IPv4 and IPv6 address formats are supported.
Note — RHEL does not install the ftp command by default. To add this
command you can run ‘yum install ftp’.
anonymous
ls ↵
Procedure 186 To configure the 5520 AMS to upload the SIP configuration file to an
external FTP server
Perform this procedure to configure an external FTP server to which the 5520 AMS uploads the
SIP configuration file.
2 For a root user, the $AMS_SHAREDDATA_HOME variable is not available to the shell.
Execute the following command to find out the absolute path of the
$AMS_SHAREDDATA_HOME directory:
The absolute path to the shared data directory is displayed. For example:
AMS_SHAREDDATA_HOME=/var/opt/ams/shared/ams-9.4.00-999000
Make a note of this absolute path, as you need to provide this path, while executing the
command to change directory to the shared data directory as a root user.
cd <absolute_path_of_$AMS_SHAREDDATA_HOME_variable>/ne/sip/bin ↵
Where:
cp copyXmlToExternalServer.pl.template copyXmlToExternalServer.pl ↵
6 Open the copyXmlToExternalServer.pl script for editing and change the FTPUSER,
FTPPASSWD, and REMOTEFTPROOT lines to the following:
FTPUSER=”anonymous”
FTPPASSWD=”anonymous”
REMOTEFTPROOT=”/”
Procedure 187 To configure AMS settings for NBI using 5520 AMS GUI
1 In the AMS Administration Tree, choose the EMS Administration → Configuration → NBI →
EMS NBI Settings.
2 In the Object Details view, choose and configure the AMS settings as required. Table 83
describes the parameters available on the AMS Settings.
Parameters Description
Operation Timeout Indicates the operation timeout (secs). The valid values range
from 60 to 3600. The default value is 180.
Heartbeat Interval Indicates the interval at which the Heartbeat event is generated.
The valid values range from 1 to 900.The default value is 60.
Keep Configuration Keeps the default roles, functions and properties in case the AMS
NBI is undeployed, else this parameter removes these values.
The valid values are true or false. The default value is true.
JMS Delivery Mode Indicates the delivery mode for JMS messages to specify whether
messages are lost or can be recovered if the JMS provider fails.
The valid values are NON_PERSISTENT and PERSISTENT. The
default value is NON_PERSISTENT.
Max Concurrent Operations Indicates the maximum number of concurrent operations. The
valid values range from 1 to 20. The default value is 3. It is
applicable to all AMS NBI operations, except the executeAction
parameter.
Max Concurrent ExecuteAction Operations Indicates the maximum number of concurrent operations for the
executed action. The valid values range from 1 to 50000. The
default value is 50.
NE Group Creation Indicates whether a new NE is created under the group name or
a new group is created with the name of the NE being created by
the createManagedElement operation.
The valid values are “Use Group Name Attribute Value” and “Use
NE Name When Group Name Attribute is Empty”. The default
value is “Use Group Name Attribute Value”.
When the value is set to “Use Group Name Attribute Value”, the
5520 AMS looks for the group with the name in groupName
attribute and creates the NE under this group. If no value is
provided in groupName, the NE is created under the Group
Network folder.
When the value is set to “Use NE Name When Group Name
Attribute is Empty”, there are two behaviors:
• When the user sends the operation without any value in the
groupName attribute, the 5520 AMS creates a new group
under the Group Network folder with the name of the
systemName value (which is the NE name being created). If
the group already exists, or the group exists but not directly
under the Group Network, then the 5520 AMS uses this
existing group and creates the NE under it.
• When the user sends the operation with a name in
parentNeGroupName, the 5520 AMS looks for the folder
name in which the NE with this name (value of
parentNeGroupName) exists, and creates a new NE in the
same folder. If the group already exists, then the 5520 AMS
uses this existing group and creates the NE under it.
1 In the Administration Tree, choose the EMS Administration → EMS System→ Site
(server_name) → 5530 NA-F Settings.
Parameters Description
General
Enable OTDR Status & Results Select this check box to enable OTDR. Ensure to enable this
check box after data migration to enable OTDR.
Port Number The TCP port number of the 5530 NA-F server. Default value is
80. The value 0 indicates that the port is not used.
NBI Username The default username to log in to the 5530 NA-F NBI.
NBI Password The default password to log in to the 5530 NA-F NBI.
Raise Alarm When Cannot Connect To 5530 Select this check box to raise alarms when the 5520 AMS cannot
NA-F Server connect to the 5530 NA-F server.
Interval Check The time interval to check if the 5530 NA-F connection is
established.
Refresh
OTDR View Refresh Interval A time period, in seconds, before OTDR view is refreshed.
For more information about management of ONT devices using the TR-69 protocol
in the 5520 AMS GUI, see the Operations and Maintenance Guide of the NE.
Before you proceed, the HDM Lite version must be installed and configured on the
5520 AMS server.
1 In the Administration Tree, choose the EMS Administration → EMS System→ Site
(server_name) → HDM NBI Settings.
Parameters Description
General
Enable TR-069 Management Select this check box to enable TR-069 management.
If this check box is not selected, the remaining parameters in this
view are disabled, and the TR-069 management parameters in
the ONT object are also disabled. All device configuration in the
HDM is removed.
Interval Check The 5520 AMS periodically polls the HDM Server to check if the
connection to the HDM server is established; and raises an alarm
when the request times out or is rejected due to incorrect
credentials. The default polling frequency is 15 minutes.
1 In the Administration Tree, choose the EMS Administration → Configuration → Zero Touch
Provisioning → Zero Touch Provisioning Settings.
Parameters Description
General
Enable Zero Touch Provisioning Select this check box to enable zero touch provisioning.
By default, the option is not selected.
SW Download Settings (1)
Replace passive SW if present Select this check box to replace the existing passive software.
By default, the parameter is selected.
Reduce existing SW on NE (Delete unwanted Select this check box to reduce existing software on an NE and to
SW files) delete the unwanted software files.
By default, the parameter is not selected.
Number of Retries Configure the number of retries for the software download for zero
touch provisioning enabled NEs.
The default value is 0.
Delay Between Action Retries Configure the duration (in minutes) for which the software
download needs to wait to automatically retry a failed action in the
Delay Between Action Retries field. This parameter is applicable
only if retries are configured for the software download operation
in the Number of Retries field.
The Delay Between Action Retries parameter is disabled when
the Number of Retries parameter value is set to 0.
The default value is 10 minutes.
Notes
(1) You need to enter CLI username and password if software upgrade is enabled.
Managing data
21 Managing data
21 Managing data
21.1 Managing data overview
The database backup script creates a compressed .tar or .gz file with a filename and
location that you specify when you run the script.
Note 1 — Do not back up the database to the /tmp directory or
the shared data directory. The default shared data directory is
/var/opt.
Note 2 — On a server running the Red Hat Enterprise Linux
operating system, do not back up the database to the /tmp
directory, the shared data directory or the LVM volume of the
database storage directory.
If the standby data server that is running the backup script fails before the backup
operation is complete, the script does not resume automatically when the server
restarts. You must manually run the backup script on the new standby data server,
or on the original standby data server after it resumes operation.
To perform the procedures in this section, you need to be able to log in to the
5520 AMS server as amssys. See Procedure 8 to log in to a 5520 AMS server as
amssys.
where:
destination URL is the location where the generated backup file will be stored. This can be a local file or
a location on a remote server. For backup file transfer to a remote server, both ftp and sftp protocols are
supported.
For example:
ams_backup.sh ftp://username:password@desHost/backupFile
ams_backup.sh /var/opt/ams/users/amssys/test123
Note — This option backs up the database, but not the common
directory, which contains the NE backup files.
• To force the backup of the active data server in a 5520 AMS cluster, type:
• To compress the backup file in the local system in the .gzip format, type:
The backup file will be saved as .tar.gz. If the file format is not specified, the backup will
be saved in .tar format in the local system. For external server, the file will be
automatically compressed and transferred in .tar.gz format.
Result: The 5520 AMS backup script starts. The following is a sample of the script output.
The database backup file is stored with the filename and location that you specified when you
ran the script in step 2. Backup log files (ams_backup.trace) are stored in a traces folder,
which is located in the $AMS_DEBUG_DIR directory.
1 Log in to the 5520 AMS data server in the active site as amssys.
2 To start the backup script on the standby data server in the active site, type:
where:
destination URL is the location where the generated backup file will be stored. This can be a local location or
a location in a remote server.
For example:
ams_backup.sh ftp://username:password@desHost/backupFile
ams_backup.sh /var/opt/ams/users/amssys/test123
Result: The 5520 AMS backup script starts. The following is a sample of the script output.
The database backup file is stored with the filename and location that you specified when you
ran the script in step 2. Backup log files (ams_backup.trace) are stored in a traces folder,
which is located in the $AMS_DEBUG_DIR directory.
ams_nebackup.sh backupfilename.tar
where:
backupfilename is the name of the backup file that is generated by the script.
For example:
ams_nebackup.sh /var/tmp/backup_today.tar
ams_nebackup.sh -c backupfilename.tar
Note — This option backs up the NE backup database, but not the
common directory, which contains the NE backup files.
Result: The 5520 AMS NE backup script starts. The following is a sample of the script output.
The database backup file is stored with the filename and location that you specified when you
ran the script in step 2. Backup log files (ams_backup.trace) are stored in a traces folder,
which is located in the $AMS_DEBUG_DIR directory.
In a cluster environment, you can run the ams_schedule_backup script on all data
servers, and set all data servers to run the backup schedule at the same time. The
schedule will run the backup on the slave data server if database and shared file
system replication are in sync. If database and shared file system replication are not
in sync, the backup will run on the active master server. In a geographically
redundant installation, the schedule will back up the standby data server in active
and standby sites.
Table 87 describes the options for the script. You can enter options on the command
line, or use a configuration file to provide options. The configuration file,
ams_schedule_backup.env, is provided with the 5520 AMS server software and
includes the default values.
-bd The full path to a The directory where backup files will be stored. The directory
directory on the must exist and be owned by amssys.(1)
server
-bt A time in the format The time the backup will be run. To enter multiple times, use
hh:mm double quotes, for example “02:00 04:00”.(1)
-bf A number The number of backup files to keep. One file will be kept per day
unless the files are saved to different directories.(1)
(1 of 2)
-bb YES or NO Remove all existing backup files in the backup directory.
-fe YES or NO Enable automatic FTP transfer of the backup file. The default is
NO.
Only one FTP server can be configured from the command line.
To set up multiple FTP servers, run the script in interactive
mode.(1)
-se YES or NO Enable automatic SFTP of the backup file. The default is NO.
Only one SFTP server can be configured from the command
line. To set up multiple SFTP servers, run the script in interactive
mode.(2)
-fa A hostname or IP The hostname or IP address to FTP or SFTP the backup file.(1)
address
-fu A username The username to access the remote FTP or SFTP server.(1)
-fd A directory name The name of the directory to store data in the remote server. The
FTP or SFTP user must be the owner of the destination directory
and must have write permission to the directory.(1)
-fm An e-mail address The e-mail address to send the status of the FTP or SFTP
transfer.
(2 of 2)
Note
(1) Example of script usage:
ams_schedule_backup -bn YES -bs YES -bd /builds -bt “16:26” -bf 1 -bb NO -bz
YES -se YES -fa 10.150.1.30 -fd /Your_Directory -fu testuser
Procedure 194 To modify the default options for the ams_schedule_backup script
vi amssys_home_account/bin/ams_schedule_backup.env ↵
where amssys_home_account is the home account of amssys. This directory depends on the values provided
during the 5520 AMS installation.
4 Save and close the file. The script will be run using the values you have entered unless a
different option is entered on the command line.
ams_schedule_backup ↵
ams_schedule_backup options ↵
where:
options is the options you need to over-ride.
For example, entering ams_schedule_backup -bt 02:00 -fe YES -fa 124.120.0.0 fu ftpuser
-fp ftppass -fm user@domain.com will create a cron job to backup the database at 2:00
AM and FTP the backup file to 124.120.0.0. The credentials for the FTP server are ftpuser
and ftppass. When the transfer is complete, an e-mail will be sent to user@domain.com.
ams_schedule_backup -int ↵
Procedure 196 To restore the 5520 AMS database on the same standalone server
ams_server stop ↵
ams_restore.sh backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh /var/tmp/backup_today.tar
ams_server start ↵
Procedure 197 To restore the 5520 AMS database on the same cluster
1 Log in to the active 5520 AMS data server in the cluster as amssys.
ams_cluster stop ↵
ams_restore.sh backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh /var/tmp/backup_today.tar
4 Once the 5520 AMS database restore is successful, start the servers in the cluster by typing:
ams_cluster start ↵
Procedure 198 To restore the 5520 AMS database on the same geo-redundant
cluster
1 Log in to any of the 5520 AMS servers in the standby site as amssys.
ams_cluster stop ↵
3 Log in to the active 5520 AMS data server in the active site as amssys.
ams_cluster stop ↵
5 Start database restore on the active data server in the active site by typing:
ams_restore.sh backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh /var/tmp/backup_today.tar
6 Once the AMS database restore is successful, start the servers in the active site cluster by
typing:
ams_cluster start ↵
ams_cluster start ↵
Procedure 199 To restore the 5520 AMS database on the same geo-redundant
simplex
ams_server stop ↵
ams_server stop ↵
ams_restore.sh backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh /var/tmp/backup_today.tar
6 Once AMS database restore is successful, start the server in the active site by typing:
ams_server start ↵
ams_server start ↵
ams_nerestore.sh backupfilename.tar ↵
ams_nerestore.sh -b backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
• The 5520 AMS software must be installed on the new server with a new IP
address and site name. All other settings must be the same as on the old server
(including 5520 AMS version, machine role, directories, and plug-ins).
• You must stop all 5520 AMS application and data servers before restoring data.
See appendix 31.2 for information about using the ams_server script to stop a
server. When you are using the 5520 AMS in a cluster, stop the application and
data servers by using the ams_cluster script to stop the servers in a cluster.
See 31.7 for more information.
Perform one of the following procedures to restore the 5520 AMS database on a
different server:
• On a new standalone server (see Procedure 201)
• On a new cluster (see Procedure 202)
• On a new geo-redundant cluster (see Procedure 203)
• On a new geo-redundant simplex (see Procedure 204)
Procedure 201 To restore the 5520 AMS database on a new standalone server
ams_server stop ↵
ams_restore.sh -n backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh -n /var/tmp/backup_today.tar
ams_server start ↵
Note — You must obtain and apply new licenses that contain the host
ID of the current server.
1 Log in to the active 5520 AMS data server in the cluster as amssys.
ams_cluster stop ↵
ams_restore.sh -n backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh -n /var/tmp/backup_today.tar
4 Once the AMS database restore is successful, start the servers in the cluster by typing:.
ams_cluster start ↵
Note — You must obtain and apply new licenses that contain the host
ID of the current server.
Procedure 203 To restore the 5520 AMS database on a new geo-redundant cluster
1 Log in to any of the 5520 AMS servers in the standby site as amssys.
ams_cluster stop ↵
3 Log in to the preferred 5520 AMS data server in the active site as amssys.
ams_cluster stop ↵
5 Start database restore on the active data server in the active site by typing:
ams_restore.sh -n backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh -n /var/tmp/backup_today.tar
6 Once AMS database restore is successful, start the servers in the active site cluster by
typing:
ams_cluster start ↵
ams_cluster start ↵
8 Apply licenses to the servers in the active and standby sites. See chapter 5.
Note — You must obtain and apply new licenses that contain the host
ID of the current server.
Procedure 204 To restore the 5520 AMS database on a new geo-redundant simplex
ams_server stop ↵
ams_server stop ↵
ams_restore.sh -n backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh -n /var/tmp/backup_today.tar
6 Once AMS database restore is successful, start the server in the active site by typing:
ams_server start ↵
ams_server start ↵
8 Apply licenses to the servers in the active and standby sites. See Chapter 5.
Note — You must obtain and apply new licenses that contain the host
ID of the current server.
If the application server that is running the software backup script fails before the
software backup operation is complete, the script does not resume automatically
when the server restarts. You must manually run the software backup script on the
new application server, or on the original application server after it resumes
operation.
ams_sw_backup.sh backup_name ↵
where backup_name is a name for the backup, which is used as a prefix for the backup file produced by the
script.
3 The script executes, creating a backup file in the directory where you executed the script. The
backup file is named in the following format:
backup_name.hostname.bin ↵
where:
backup_name is the name for the backup that you defined in step 2.
hostname is the host name of the system on which you performed the backup.
Note — The 5520 AMS software can also be restored using the
software backup script.
2 Copy the .bin backup file you created in Procedure 205 to the shared data directory.
3 Start the software restore by typing the name of the .bin backup file and pressing ↵. The
5520 AMS begins to install.
4 See the procedures in Section 21.3 if you need to restore the 5520 AMS database as well.
For information about migrating data from earlier releases or from another EMS, see
the 5520 AMS Installation and Migration Guide.
1 Log in to the 5520 AMS client and close all active user sessions, other than the administrator
session. See Chapter 11.
2 Choose File→Export.
Result: The Export window opens, showing the directory on the 5520 AMS server to which
data will be exported.
3 In the Export window, select the check boxes for the application filters or click Select All to
select all filters.
Some applications can be filtered based on NE information. The Select NE Filter check box
is enabled when one of these applications is selected for export.
Note — When you export NEs from one server to another, make sure
you export all applications that contain NE specific data (these are the
applications mentioned above). For example, exporting NEs with splitters
requires to select the following two applications:
• 'Link Management' for the links between PON port, Splitters, and
ONTs.
• 'Subscriber Search Categories, Custom Fields & Objects" for the
Splitter objects and their attributes.
5 Select the filters in the Filters panel and click Build List.
Result: The NE Selection window closes and the selected NEs appear in the NE Filter panel
of the Export window.
7 Click Finish.
Result: An Export Result view displays the export file name and the successful, ignored, and
failed records from the export.
• To store the information in the Export Results window, click Copy to Clipboard.
Result: All entries created are copied to the clipboard. Paste the results into a text editor
and save the file.
• To view the log summary for each application, click View log file.
• To close the window, click OK.
Procedure 208 To selectively export records using the 5520 AMS GUI
User Name
Description
Roles
Allowed PAP Groups
PAP Name
Description
Template type
Template version
1 Log in to the 5520 AMS client and close all active user sessions, other than the administrator
session. See Chapter 11.
2 Choose File→Export.
Result: The Export window opens, showing the directory on the 5520 AMS server to which
data will be exported.
3 In the Export window, select the check box for the application which you need to selectively
export.
Result: The Filter option is enabled when ‘User Management’ or ‘Templates and Jobs’
application is selected.
4 Click Filter.
• Select all objects - This is the default option selected, if this option is selected, selective
filtering is not applied. Click Finish. The Filter option is set to No in the Export window. All
records are exported. Proceed to step 12.
• Select a subset of objects - If you select this option, you can select records to be exported
by applying filter criteria.This option enables the ‘Selected Records’ frame in the Enable
Filter window. Proceed to step 6.
6 Click Add to build a list based on a criteria and select records for export.
i Select the type of record to be filtered in the Record Type drop-down list (for example,
Any).
Note — If the Record Type ‘Any’ is selected then all the records will be
retrieved. The operator has to select the user and their roles or PAPs
together.
• Match all of the following - to match all of the defined filter criteria.
• Match any of the following- to match any of the defined filter criteria.
iii From the first drop-down menu, select an attribute (for example, Name).
iv From the second drop-down menu, select an operator (for example, Contains).
v In the field, enter a string for the filter (for example, Admin).
vi To add more filter phrases to your filter, click the ‘+’ and repeat steps iii to v.
Click ‘-’ to remove the filter phrases. See Table 88 for types of application records and
types of filter attributes for filtering.
Result: The records that match the filter criteria are displayed in the Filtered Records
panel.
8 Select the records that you want to export or click Select All to select all filtered records for
export.
9 Click Apply.
Result: The selected records from the ‘Filtered records’ panel in the Filter window are moved
to the Selected Records panel in the ‘Enable Filter’ window.
Result: The ‘Select Records to Export’ window is closed.The selected filtered records are
reflected in the ‘Enable Filter’ window.
Warning — If you select the Select all objects option when there are
filtered records in the Selected Records panel, a message is displayed:
Are you sure you want to clear the filter?
If you click OK, the filtered records are cleared from the Selected Records
panel.
Select the Select all objects option only if you want to clear the filtered
records.
Some applications can be filtered based on NE information. The Select NE Filter check box
is enabled when one of these applications is selected for export.
Note — When you export NEs from one server to another, make sure
you export all applications that contain NE specific data (these are the
applications mentioned above). For example, exporting NEs with splitters
requires to select the following two applications:
• 'Link Management' for the links between PON port, Splitters, and
ONTs.
• 'Subscriber Search Categories, Custom Fields & Objects’ for the
Splitter objects and their attributes.
13 Select the filters in the Filters panel and click Build List.
Result: The NE Selection window closes and the selected NEs appear in the NE Filter panel
of the Export window.
Result: An Export Result view displays the export file name and the successful, ignored, and
failed records from the export.
• To store the information in the Export Results window, click Copy to Clipboard.
Result: All entries created are copied to the clipboard. Paste the results into a text editor
and save the file.
• To view the log summary for each application, click View log file.
• To close the window, click OK.
• The data you are importing must first be exported to a 5520 AMS server.
• You may have to copy the export .tar.gz file to the server to which you need to import if
the export file is available on a different machine.
The path to the export file is:
$AMS_EXTERNAL_SHAREDDATA_HOME/export/ams/export.tar.gz
Note 2 — When you are importing software management and jobs, first
place the software package in the following location in the server where
you are importing the data:
• $AMS_EXTERNAL_SHAREDDATA_HOME/ne/software, in case of
NE software packages
• $AMS_EXTERNAL_SHAREDDATA_HOME/ont/software, in case of
ONT software packages
i Click Browse.
Result: The Files in shared data directory window opens, showing the export directory
in the shared data directory on the server.
Result: The Import window displays the path and file you have chosen.
iv Click Next.
Result: The second Import window opens. The Import File Info panel shows the
information included in the import file. The Application Filter panel shows the
applications from which you can import data.
3 In the Application Filter panel, select the applications from which you need to import data.
You can click Select All if you need to include all applications in the import.
Enabling ‘Overwrite’ will modify existing objects when records with the
same name are imported. Use with care.
4 Click Finish.
Result: An Import Result window displays the results, including successful, ignored, failed,
and overwritten records, from the import process.
Result: An Import/Migration window opens, prompting you to restart the 5520 AMS client for
the changes to take effect.
The 5520 AMS saves the data using configurable field separators or delimiters. To
be able to process the saved data, you need to set the field separator in the
5520 AMS GUI to match the field separator configured on your workstation. In the
Windows environment, the value of the field separator depends on the configured
Regional and Language Options, and is related to how your system displays numeric
values. Look for the List separator parameter in the Regional and Language Options,
and ensure that the CSV Separator parameter in the 5520 AMS GUI is set to the
same value.
Use Procedure 210 to set the field separator in the 5520 AMS GUI.
Procedure 210 To configure the field separator in the 5520 AMS GUI
(1 of 2)
The userID does not have Administrator Add the applicable Administrator privileges to the
privileges. userID.
(2 of 2)
1 In the Network Tree, click an NE group or on one or more NEs to select them.
Result: Selecting this option performs a forced collection of data. The Basic Inventory
Collection window opens, and shows the operation progress.
Note — You can also view the operation progress in the Progress view.
To open the Progress view, choose Window→Show
View→Other→Platform→Progress, and click OK.
3 To get more details about the inventory data collection while the operation is running, do the
following:
i Click the Open Perspective icon ( ), and choose the Action Manager perspective to
open the Action table.
ii In the Action table, double-click the row that corresponds to your forced inventory data
collection.
where:
file_size is the size of the fragments, in bytes. You can enter a value in kb followed by k, or a value in Mb
followed by m (for example, using a value of 1024m creates fragments 1024 Mb in size).
backup_file is the backup file you created in step 1.
5 If required, erase the backup file or file fragments on the 5520 AMS data server.
2 Create a directory named AMS_RESTORE. Nokia recommends that you create the directory
outside of the 5520 AMS directory structure, and on a volume with available space that is
greater than twice the size of the backup file.
where backup_file is the name of the backup file you split in Procedure 212.
6 If required, restore the 5520 AMS using the backup file, as described in section 21.3 or
section 21.5.
22 Managing schedules
22.1 Schedules overview
1 In the Schedule view, in the List of schedules panel, click Add Schedule.
3 Configure the parameters in the Add Schedule window, as described in Table 90.
Parameter Description
State Active allows this schedule to be assigned to tasks or jobs in the 5520 AMS.
Start Displays a calendar and a clock to set the start date and time for the current schedule
Date/Time
End Displays a calendar and a clock to set the end date and time for the current schedule
Date/Time
4 Click Finish to create the simple schedule. The schedule is added to the List of Schedules in
the Schedule view, which is described in section 22.4.
1 In the Schedule view, in the List of schedules panel, click Add Schedule.
2 Configure the parameters in the Add Schedule window, as described in Table 91.
Parameter Description
State Active - allows this schedule to be assigned to tasks or jobs in the 5520 AMS.
Suspended - prevents this schedule assignment in the 5520 AMS.
Start Displays a calendar and a clock to set the start date and time for the current
Date/Time schedule.
End Date/Time Displays a calendar and a clock to set the end date and time for the current
schedule.
Days of week If you set the schedule to Weekly, select the check boxes for the days on which you
need to execute the schedule.
Day of Month If you set the schedule to Monthly, you can configure the schedule to run on the first
or last day of the month, every nth day of the month, or every x day of every x week.
Result: The schedule is added to the List of Schedules in the Schedule view, which is
described in Section 22.4.
The Show Schedules window only displays the schedules that are planned for the
selected NE, and the jobs associated with those schedules directly interact with the
selected NE. For example, an NE backup or NE software download. Examples of
jobs that do not interact with the NE, and so are not displayed in the Show Schedules
window, include exporting data from the 5520 AMS server and querying NE
attributes using certain 5529 Enhanced Applications.
1 In the Schedule view, choose a schedule from the List of schedules panel.
4 Click Finish.
1 In the Schedule view, choose a scheduled task from the List of Jobs panel.
Result: The Job Details window appears. The details of the operation are displayed in the
Details section.
3 To add an NE to the list of Selected NEs or Excluded NEs, perform the following:
iii Use the filters in the Filters panel and click Build List.
Result: The NEs appear in the list on the right side of the window.
Note — In the Name field, you can enter part of the name or use the
asterisk (*) as a wildcard. Enter one string at a time.
Result: The NE Selection window closes and the selected NEs or groups appear in the
specified panel of the Job Details window.
4 To remove any of the selected NEs or NE groups, choose the NE or group in the panel, and
click Remove.
5 Click Finish.
1 In the Schedule view, choose a scheduled task from the List of Jobs panel.
3 Click Yes.
1 In the Schedule view, choose a schedule from the List of schedules panel.
3 Click Yes.
Note — The 5520 AMS supports the backup of multiple NEs at the
same time.
ii Use the filters in the Filters panel and click Build List.
Result: The NEs appear in the list on the right side of the window.
Note — In the Name field, you can enter part of the name or use the
asterisk (*) as a wildcard. Enter one string at a time.
The NE Selection window closes and the selected NEs or groups appear in the Selected
NEs panel of the Backup NE window. To remove any of the selected NEs or NE groups,
choose the NE or group in the Selected NEs panel, and click Remove.
5 Perform the following if you need to exclude NEs. For example, if you selected an NE group
in step 4 and need to exclude NEs or groups that are within the selected group from the
backup.
iii Use the filters in the Filters panel and click Build List.
Result: The NEs appear in the list on the right side of the window.
Note — In the Name field, you can enter part of the name or use the
asterisk (*) as a wildcard. Enter one string at a time.
The NE Selection window closes and the selected NEs or groups appear in the
Excluded NEs panel of the Backup NE window. To remove any of the excluded NEs or
NE groups, choose the NE or group in the Excluded NEs panel, and click Remove.
Note — When you back up the NE, the 5520 AMS creates an NE
backup file in the $AMS_LOCALDATA_HOME/ne/backup directory.
Result: The Backup Restore view opens with the Backup tab selected by default and the NE
displayed in the Selected NEs panel.
Note — When you back up the NE, the 5520 AMS creates an NE
backup file in the $AMS_LOCALDATA_HOME/ne/backup directory.
To view web links on alarms or historical alarms, go to the Alarm perspective and
right-click on an alarm and choose Web Links→Customized web link name.
Before you proceed, ensure that your user account is assigned a role that includes
the necessary functions to perform the procedures in this section.
See Table 19 for more information.
Column Description
NE Type / Release Displays the NE type and release for the NE object to which
a customized web link is added. Also displays ‘Platform’ for
an object defined in the Administration Tree to which a
customized web link is added.
Object Displays the object selected for NE type and release or
platform to which a customized web link is added.
Displayed if.. Displays the selected attribute condition for the object.
You can use the icons in the toolbar of the Customized Web Links view to compress
the table and add , modify , delete , or duplicate links.
The keywords are evaluated when the URL is validated, depending on the context.
The 5520 AMS replaces the keywords enclosed in the angle brackets (< >) by their
actual values. For example, if you selected the AMS Site Name parameter, the <site>
string is added to the specified URL. When the URL is validated, the string is
replaced by the name of the 5520 AMS site. If you select the application server IP
address, the <appServer> string is added to the specified URL. When the URL is
validated, the string is replaced by the application server IP address to which the
5520 AMS client is connected. If you select the object full friendly name option, the
<MO_name> string is added to the specified URL. When the URL is validated, the
string is replaced by the full friendly name of the NE object. This object is the object
that is currently displayed in the Object details view.
Parameter Description
NE Type / Release The type of NE and the release for which you need to create
the link.
To add a web link for an alarm or historical alarm, or to add
a web link in the Tools menu, choose the Platform object.
(1 of 2)
Parameter Description
Object The type of objects that are available for the selected NE
type and release.
To add a web link for an alarm or historical alarm, choose the
Alarm or Historical Alarm object.
To add a web link in the Tools menu, choose the Tools menu
object.
Display the link only if Link is always displayed on the object if the check box is not
selected. Select the check box to configure the Attribute and
Contains parameters. This check box is not selected by
default.
Alias The name of the link as it will appear in the Object Details
view or in the Tools menu.
Link The URL of the link. There are two URL types: website and
e-mail.
(2 of 2)
4 Insert dynamic data for the URL by performing the following steps:
Note — The dynamic data string is generated in the URL where the
cursor is positioned. If the cursor is not present in the URL field, then it is
appended to the URL.
• Attribute Value — Defines attribute value keywords for the URL (default).
• Object Full Friendly Name — Defines object full friendly name keywords for the URL.
• Comment Value — Defines comment value keywords for the URL.
• Current User Name — Defines current user name value keywords for the URL.
• AMS Site Name — Defines the 5520 AMS site name as the keyword for the URL.
• Application Server IP Address — Defines the application server IP address keyword
for the URL.
Parameter Description
Attribute Value
Attribute Identifies the attribute of the selected object from which the
value will be taken.
Replace the space character by Indicates which operator has to be used to modify the value
of the selected attribute.
Modify Attribute Value Indicates how much has to be added or subtracted for the
attribute value.
Comment Value
WEBLINK Key Identifies the key of a comment on the selected object from
which the value will be taken.
The key must be added as a comment to the object in the
Network Tree using the format: WEBLINK(Key)=value. For
example; if the comment “WEBLINK(ip_addr)=172.31.1.1”
is present on an object, then using the key “ip_addr” will
result in 172.31.1.1 being evaluated in the URL.
Application Server IP Address Indicates the application server IP address to which the
5520 AMS client is connected.
The Application Server IP Address inserts the tag
<appServer> in the Link field. When the link is evaluated to
build the final URL, any occurrence of the tag <appServer>
is replaced by the IP address of the application server to
which the GUI is connected.
iv Click Finish.
5 Click Finish.
Result: The web link is displayed in the Customized Web Links view table.
5 To insert dynamic data for the URL, perform the following steps:
Note — The dynamic data string is generated in the URL where the
cursor is positioned. If the cursor is not present in the URL field, then it is
appended to the URL.
• Attribute Value — Defines attribute value keywords for the URL (default).
• Comment Value — Defines comment value keywords for the URL.
• Current User Name — Defines current user name value keywords for the URL.
• AMS Site Name — Defines the 5520 AMS site name as the keyword for the URL.
iv Click Finish.
6 Click Finish.
Result: The modified web link is displayed in the Customized Web Links view table.
2 Select one or more links from the Customized Web Links view table.
Result: The selected links are deleted from the Customized Web Links view table.
2 Select one or more links from the Customized Web Links view table.
4 Select the NE type and release to which you want to copy the links. You can select multiple
NE types and releases.
5 Click Finish.
Result: The links are copied to the new NE type and release and displayed in the Customized
Web Links view table.
• In the Create window or Actions window for the object type for which you are configuring
a default template, click Save As for Operator Defaults.
• In the Object Details view for the selected object, click the View Menu icon ( ), and
choose Operator Defaults→Save As.
Result: The Save New Operator Defaults window opens.
Note — To make this template the one selected by default, select the
Preferred check box. Only one template can be the preferred default.
3 Click Finish.
Result: The new operator default template is now available to use when creating the same
object type.
3 To display the operator defaults for a specific template, choose the template and click the
Show Details icon ( ).
3 Choose the operator default template that you need to copy, and click the Duplicate icon.
4 Choose the NE to which you need to copy the operator default template.
5 Click Finish.
• In the Create window or Actions window for the object type for which you are modifying
an operator default template:
• Choose the operator defaults template name from the drop-down menu and click
Operator Defaults Save As.
Result: The Save New Operator Defaults window opens.
• Choose the operator defaults template name from the drop-down menu.
Note — When you opened the Save New Operator Defaults window from
the Create window or Actions window, you can create an operator default
template by typing a new name for the template.
2 Select or de-select the Force This Operator Defaults or Preferred Operator Defaults
parameters and click Finish.
3 Click OK.
3 Choose the operator default template that you need to delete, and click the Delete icon ( ).
Are you sure you want to delete the selected operator defaults?
4 Click Yes.
(1 of 3)
(2 of 3)
(3 of 3)
01 Albania 64 Lebanon
02 Algeria 65 Lesotho
05 Anguilla 68 Liechtenstein
09 Australia 6C Malaysia
0A Austria 6D Malawi
0B Bahamas 6E Maldives
0C Bahrain 6F Mali
0D Bangladesh 70 Malta
0E Barbados 71 Mauritania
0F Belgium 72 Mauritius
10 Belize 73 Mexico
12 Bermudas 75 Mongolia
13 Bhutan (Kingdom of) 76 Montserrat
14 Bolivia 77 Morocco
15 Botswana 78 Mozambique
16 Brazil 79 Nauru
(1 of 4)
1D Burundi 80 Niger
1E Byelorussia 81 Nigeria
1F Cameroon 82 Norway
20 Canada 83 Oman
25 Chile 88 Peru
26 China 89 Philippines
28 Comoros 8B Portugal
2C Cuba 8F Rwanda
2D Cyprus 90 Saint Kitts and Nevis
36 Egypt 99 Senegal
37 El Salvador 9A Seychelles
(2 of 4)
39 Ethiopia 9C Singapore
3D France A0 Spain
40 Gabon A3 Suriname
41 Gambia A4 Swaziland
42 Germany A5 Sweden
43 Angola A6 Switzerland
44 Ghana A7 Syria
45 Gibraltar A8 Tanzania
46 Greece A9 Thailand
47 Grenada AA Togo
48 Guam AB Tonga
4A Guernsey AD Tunisia
4B Guinea AE Turkey
4D Guayana B0 Tuvalu
4E Haiti B1 Uganda
4F Honduras B2 Ukraine
54 Indonesia B7 Uruguay
56 Iraq B9 Vanuatu
58 Israel BB Venezuela
59 Italy BC Vietnam
(3 of 4)
5E Jordan C1 Yugoslavia
5F Kenya C2 Zaire
60 Kiribati C3 Zambia
62 Kuwait — —
(4 of 4)
2 Click Add.
Code See Section 24.1 for a list of Specifies the code for the
codes selected ITU-T country or
ANSI/ETSI vendor
Value See Section 24.1 for a list of Specifies the name of the
codes selected ITU-T country or
ANSI/ETSI vendor
Type ANSI & ETSI Vendor Specific Specifies the code type
Code
ITU-T Country Code
ITU-T Vendor Code
ITU-T Vendor Specific Code
3 Click Delete.
Cluster management
25 Cluster management
25 Cluster management
25.1 Cluster management overview
• Licensing: You need a license for each application server in the cluster. See
chapter 5 for more information about licenses.
• SSL: If you are using SSL in a cluster, SSL must be enabled on every server in
the cluster and the keystore key and password must be the same. See Chapter 7
for more information about SSL.
• SNTP: You need to run one SNTP server process on each application server. See
chapter 14 for more information about SNTP.
• Using External TL1 Gateways: You need to configure a virtual IP address for the
cluster and one TNM user for each application server. See Chapter 16 for more
information about external TL1 gateways.
• Backing up the 5520 AMS database: Nokia recommends that you schedule
backups as a cron job in a cluster environment. See Section 21.2 for more
information about backing up the database.
You can use the ams_cluster script to monitor, stop and start a cluster. See
Section 31.7.
In a cluster setup with three or more application servers, when the Master application
server loses communication with the cluster, the NEs will be rebalanced among the
other application server(s) within the cluster, and not on the isolated application
server.
Every five minutes, the 5520 AMS checks if the NEs are balanced correctly across
the cluster. If not, it will rebalance them.
You can add an argument to the ams_server stop script to stop a server without
rebalancing the load.
Processes that only need to run on one server, known as singleton processes, are
run on the first application server to start. This is the master application server. If the
master application server is not running, client sessions are disconnected. If other
application servers are not running, client sessions are maintained.
In a cluster environment, if one of the machines faces NIC failure the 5520 AMS GUI
cannot load the Object Details view till the reachable application server in the cluster
detects that there is no connectivity with the other server.
If an operation is performed after an application server has failed but before activity
switches to a redundant application server, the operation fails and client sessions are
disconnected. If the operation is performed on an NE that is associated with the
application server, an error message is displayed.
Note — A local cluster or 1+1 hardware configuration with a
shared SAN disk provides both high availability (distributing the
load amongst active application servers) and local redundancy
(database servers running in active and standby mode). In this
type of configuration, if you stop the active machine, all
processes and functionality are stopped on the active machine
and a switchover to the standby machine is initiated.
Before you proceed, you need to be able to log in to the 5520 AMS server as amssys. See
Procedure 8 to log in to a 5520 AMS server as amssys.
3 When you are ready to start the server, no argument is needed. Type:
ams_server start ↵
• You encounter a problem with the application server managing the NEs.
• You want to manually balance the load by offloading an application server and distributing
the load over the remaining application servers.
• You encounter a problem with the DCN connection for the application server and do not
want to completely shut down the application server.
1 In the Administration Tree, choose EMS Administration → EMS System → Site → Application
& Data Servers.
2 Right-click the Application Server object from which you want to move the NEs to the
remaining application servers and choose Actions → Evacuate NE.
Result: A window opens and provides details about the progress of the evacuate action.
When evacuate action is completed, the Action Details view opens and displays the results
for the NEs that are evacuated.
Note 2 — Executing this option does not move back the same NEs that
are evacuated.
1 In the Administration Tree, choose EMS Administration → EMS System → Site → Application
& Data Servers.
2 Right-click the Application Server object from which you want to move the NEs to the
remaining application servers and choose Actions → Unevacuate NE.
3 To configure the Server Weight parameter, enter the relative capacity to manage the NEs.
4 Click Finish.
Result: A window opens and provides details about the progress of the unevacuate action.
When the unevacuate action is completed, the Action Details view opens and displays the
results for the NEs that are unevacuated.
The Switchover Log view in the 5520 AMS GUI provides information about data
server switchover events. The Switchover Log includes the following information
about each switchover:
• Start date and time
• Reason for switchover
• Completion date and time
• Result (success or failure)
• For failed switchovers, details about the reason for the failure
See the 5520 AMS User Guide for information about opening a view.
ams_switch_active_dataserver ↵
• The script prompts you to confirm whether you want to continue the data server
switchover:
ams_switch_active_dataserver -f ↵
Result: All active client sessions are disconnected with the message “Connection lost due to
database down” when the database becomes unavailable.
Note —
2 Identify a virtual machine as a reference machine from which you want to clone the template.
Select and right-click the reference virtual machine. Choose Template → Clone to Template.
• Enter the Template Name and select the Template Inventory Location. Click Next.
• Select the computer resource. Click Next.
• Select Storage. This must be a shared storage which is accessible from all the servers in
the cluster. Click Next.
• Click Finish.
2 Select and right-click the created template in Procedure 237. Select Deploy Virtual machine
from this Template.
3 Provide the Edit settings details for the new virtual machine.
Select a name and Enter the new server name and select a location to store VM data. Click Next.
folder
Select a compute Select a host or a resource pool to run a virtual machine. Click Next.
resource
Select storage Select storage to save the VM files. This must be a shared storage which is
accessible from all the servers in the cluster. Click Next.
Select clone Select Customize the operating system check box. Click Next.
options
5 Click Finish.
Result: The new application server is created and appears on the local host tree in the
VMware vSphere Web Client.
6 Select and right-click the new application server from the local host tree. Choose All vCenter
Actions → Power → Power On.
7 On the Summary tab, click Launch Console to open the new application server.
Specify Properties Enter the name for customization spec. Click Next.
Set Computer Select Enter a name option, type the machine name, and then enter the domain
Name name. Click Next.
Time Zone Select the details to set the time. Click Next.
Configure Network Select Manually select custom settings option. Click the Edit icon.
Result: The Edit Network window opens.
• Select the Use the following IP settings option.
• Enter the IP Address, Subnet Mask, and the Default Gateway.
• Click OK to close the Edit Network window.
Click Next.
Enter DNS Domain Enter the IP address for Primary DNS and add the DNS search path in the DNS
Settings and domain settings details. Click Next.
Ready to complete Click Finish on the New VM Guest Customization Spec window.
Logs
27 Managing logs
28 Syslogs
27 Managing logs
27.1 Managing logs and audits overview
Result: The user activity log settings are displayed in the Object Details view.
Setting Description
Purging
Delay Before a User Activity The duration (in days) that elapses before a User Activity Log is
Log is Removed from removed from the database. The format is # d (for example, 7 d).
Database
Archiving
(1 of 2)
Archiving Strategy The archiving strategy is so that the user activity logs can be saved
to disk for offline analysis instead of being deleted. If FTP or SFTP
file transfer is not selected, user activity logs are archived in the
shared directory, one file per day under:
$AMS_EXTERNAL_SHAREDDATA_HOME/ualarchiving/ual-archi
ve_<YYYY>_<MM>_<DD><alphaChar>.csv, where:
<YYYY>, <MM> and <DD> represents the date (year, month, and
day) at which the user activity logs were created and <alphaChar>
is empty or contains the next alphabetic character.
If compression is enabled, the file name will be
ual-archive_<YYYY>_<MM>_<DD>_<HH><alphaChar>.csv.gz.
If a user activity log archive file with the same name already exists,
then the filenames will have a sequential alphabetic character
appended to the name, for example,
ual-archive_2012_08_20_20a.csv.gz and
ual-archive_2012_08_20_20b.csv.gz. This may happen if there are
repeated application server switchovers within the same day
causing several similarly named user activity log archive files to be
present.
If FTP or SFTP file transfer is selected, the user activity log archive
file is transferred to the configured remote FTP or SFTP location. If
the copy or file transfer of the user activity log archive fails, an alarm
is raised. Use Procedure 240 to manually purge and archive the
user activity logs.
The allowed values are:
• Never
• When Records are Added to the Database
• When Records are Removed from the Database
Delay Before a Record is A time period before user activity logs are deleted from the shared
Deleted from the Archive directory where they are archived.
The parameter is enabled when the Archiving Strategy parameter is
set to When Records are Added to the Database or When Records
are Removed From the Database.
This parameter is disabled if the Archiving Strategy is set to Never.
The default value is 7 d.
Setting Description
Compress Archive When the parameter is enabled, the user activity log archive files in
the shared directory are compressed daily to minimize disk space
usage.
The parameter is enabled when the Archiving Strategy parameter is
set to When Records are Added to the Database or When Records
are Removed From the Database.
This parameter is disabled if the Archiving Strategy is set to Never.
By default, this check box is selected, if the Archiving Strategy is not
set to Never.
File Transfer
Directory The directory for file transfer in the remote FTP or SFTP host.
This parameter is disabled if Protocol is set to No file transfer (Keep
files in ‘shared/common’).
Syslog
Send User Activity Log When the parameter is enabled, the user activity log records are
Records to Syslog sent to syslog server so that a single user activity log record is not
lost.
The check box is deselected by default.
Application Name The name of the application that is logging into syslog server.
This field is disabled when Send User Activity Log Records to
Syslog parameter is not selected.
Default value is 5520AMS_UAL.
(2 of 2)
Procedure 240 To purge and archive alarm or user activity log files
If the copy of alarm or user activity logs to the $AMS_EXTERNAL_SHAREDDATA_HOME
directory fails due to some reason, or if the transfer of alarm or user activity logs to the remote
SFTP or FTP location fails due to password expiry or incorrect username, or other reasons, a
‘Alarm Archive Copy Failure’ or ‘User Activity Log Archive Copy Failure’ alarm is raised. Check the
file transfer settings in the Alarm Settings or User Activity Log settings in the Administration tree.
Check the intra-cluster links. Once the problem is corrected, you can manually purge and archive
the alarm or user activity logs using the following procedure. The alarm is cleared after the copy
or transfer of the archive is successful.
2 Right-click Alarm Settings or User Activity Log Settings and choose Actions→Force Purge &
Archive.
Result: The Force Purge & Archive dialog opens, with the confirmation message: Are you
sure you want to force a purge and archive of the data now?
3 Click Yes.
Result: The alarm or user activity logs are purged and archived.
When you choose a task in the user activity log, the arguments and result of the task
are displayed in the Object Details panel.
To facilitate audits of the changes made to objects using the 5520 AMS GUI, NBI or
server scripts, the Arguments of the User Activity Log records both the old and new
values of the changed attributes only.
Note 1 — Logging of old values is only provided for
modifications performed from the Object Details view in the
Network and Administration Tree. Logging of old values is not
supported for the modifications triggered from the following
operations:
• Multiple edits
• Actions or application specific menus
• Object deletion
• Application specific views such as editing a schedule or a
template
The Result field includes the text of any error messages that were displayed for a
failed task. The Applications field displays the type of user activity performed by the
task. Table 101 applications in the user activity log view describes the applications
that appear in the user activity log.
NE type and release Creation, modification, and deletion for NEs of the specified type
(for example, GPON.4.4.10) and release
4 Click OK.
5 Create and apply a filter, if required. See Section 27.4 for more information about filtering
user activity logs.
ii Choose the Login activity for the session for which you need the IP address.
Result: The IP address appears in the Arguments field in the Object Details panel.
4 To create a simple filter, select the check box beside the attribute you need to filter and
configure the options.
For the Users, Applications, Operations and Date attributes, you can select multiple items
from the lists that are provided. For the NE Name, Object Name, Session, and Arguments
attributes, you must provide a string for the filter (for example, a session ID for the Session
attribute).
ii Select the Match all of the following or the Match any of the following, depending on your
requirements.
iii From the first drop-down menu, select an attribute (for example, User).
iv From the second drop-down menu, select an operator phrase (for example, Contains).
v In the field, enter a string for the filter phrase (for example, Admin).
vi To add more filter phrases to your filter, click the + and repeat steps iii to v.
6 Click OK.
7 Go to step 9.
8 Click the Filter icon ( ) and select the name of the saved filter you need to apply.
Private filters are only available to the user that created them. Public filters are available
to all users.
4 Click OK.
1 Filter the set of user activity logs that you need to save. See Procedure 241 to view user
activity logs.
3 Choose a location to save the file, and enter a name for the file.
4 Click Save.
Result: The log is saved to the file as a set of values separated by delimiters. The default field
delimiter is a comma. See Procedure 210 and the 5520 AMS User Guide for more
information.
2 Select the user account for which you want to view statistics.
3 Click the Statistics tab in the Object Details view to display the login statistics for the selected
user.
• MObject
• SNMP
Before you proceed, ensure that you have enabled the tracing levels. See
Procedure 161 for more information. Logs can be viewed only for enabled detailed
tracing levels.
Note — The tracing logs aggregate data from all the application
servers. The text at the top of the log files indicates if the
application server is reachable or not.
2 Select any one of the log types in the EMS Tracing field.
3 Click Finish.
4 Select the log file and perform one of the following steps:
Procedure 247 To configure 5520 AMS GUI preferences for saving files
3 To be asked where to save files each time, select the Always ask me where to save files
option. When you open a file from the GUI or click Save on Client, a Save As window opens.
4 To set a directory to save files to when opening them from the GUI, perform the following
steps:
ii Click Browse and navigate to the directory where you want to save the files. Click OK.
When you open a file from the GUI or click Save on Client, the file will be saved to the
directory you choose and opened.
Result: The View Server File window opens and displays the available system logs.
3 Choose the log you need to view and click one of the following:
• Open
• Save on Client
Result: The file is saved or opened according to the GUI preferences you set in
Procedure 247.
Result: The View Server File window opens and displays the available system logs.
Result: The Tailing file: <log _name>.log window opens. The text area of the window displays
up to 100 lines of the content of the log. For example, if a log file consists of 1000 lines at the
time the tail request is sent to the server, only the last 100 lines of the log are displayed in
the Tailing file: <log _name>.log window. When a new response is received, the display rolls
over to the latest update.
Note 1 — Tailing more than 1 log file simultaneously could affect system
performance. It is recommended that no more than 5 log files be opened
simultaneously for tailing.
Note 3 — Tail requests are sent to the server at regular intervals. Even
when there are no new updates to the tailed log file, the client will send
requests for new content as long as the tail window is open for the log file.
In the case of errors, requests for tailing information will be retried 5 times,
after which the tail requests are stopped and the message "Error in tailing
file" is displayed in the tail window.
Before you proceed, you need to be able to log in to the 5520 AMS server as amssys.
See Procedure 8 to log in to a 5520 AMS server as amssys.
cd bin ↵
./ams_reset_logs.sh ↵
By default, the log files are stored in the $AMS_LOG_DIR directory and the traces
and debug files are stored in the $AMS_DEBUG_DIR directory.
Table 102 System log files
Configurable logs
Non-configurable logs
(1 of 2)
(2 of 2)
Notes
(1) An EMS alarm “One or more applications/plug-ins not running” will be raised by the application server if not all
applications, plug-ins, or services are running properly on any AMS server. Depending on the nature of the error
and AMS services startup success, raising the alarm may fail if alarm services do not start properly. In such
cases, the operator must check the system logs for errors (server.log and processmonitor.log).
(2) The AMS_TRACELOG_MAX_NUMBER_FILE and AMS_TRACELOG_MAX_FILE_SIZE are the variables
defined in procMon.conf file.
(1 of 4)
(2 of 4)
(3 of 4)
(4 of 4)
Notes
(1) An EMS alarm “One or more applications/plug-ins not running” will be raised by the application server if not all
applications, plug-ins, or services are running properly on any AMS server. Depending on the nature of the error
and AMS services startup success, raising the alarm may fail if alarm services do not start properly. In such
cases, the operator must check the system logs for errors (server.log and processmonitor.log).
(2) The AMS_TRACELOG_MAX_NUMBER_FILE and AMS_TRACELOG_MAX_FILE_SIZE are the variables
defined in procMon.conf file.
Data is added to each system log until the file reaches a user-configured size limit.
When the file reaches the size limit, the 5520 AMS renames the file by appending the
index number 1 to the filename (for example, system.log.1), and increments the
index numbers of all other archives for the same log. The 5520 AMS then creates a
new, empty system log file with the original filename to record further information.
New archives are continually created as each system log reaches its size limit, but
only a limited number of the most recent archives are retained. You can configure the
number of files to retain separately for each type of log file. When the number of
archives for a system log reaches this limit, the 5520 AMS deletes the oldest archive
whenever it creates a new archive of the same type.
To perform the procedures in this section, you need to be able to log in to the
5520 AMS server as amssys. See Procedure 8 to log in to a 5520 AMS server as
amssys.
Note 1 — This procedure does not apply to setting the tracing level for
an NE. See Section 20.24 for information about configuring EMS tracing
settings using the 5520 AMS GUI.
cd $AMS_LOCALDATA_HOME/server/wildfly/server/amssys/configuration/
ii Execute the following command to open the file for editing in a text editor:
vi standalone-full-ha.xml
3 Search the standalone-full-ha.xml file for the section about the system log file you need to
configure. Each system log file has an entry resembling the following:
where filename is the name of the system log file you are configuring, such as alarm.log. See Table 102 for a
list of system log filenames.
i To configure the maximum file size for the log file, find the first instance of the following
line below the line you found in step 3:
where value is the current maximum file size for the log file. See Table 102 for the default values for each
type of log file.
ii Configure the maximum number of archive copies retained for the log file. Find the first
instance of the following line below the line you found in step 3:
where value is the current maximum number of archive files to retain. See Table 102 for the default
values for each type of log file.
Change the value to the new maximum number of archive files to retain.
Note — You need to restart the server for the configuration changes to
take effect. The 5520 AMS starts using the new values within a few
minutes after you save the standalone-full-ha.xml file.
cd $AMS_SOFTWARE_HOME/conf/
ii Execute the following command to open the file for editing in a text editor:
vi ams.conf
3 Edit the parameters described in Table 104. The possible values to be configured are
described in Table 105.
Parameter Description
(1 of 2)
Parameter Description
AMS_SCRIPTS_TRACELEVEL This parameter is used to change script log level
and some examples are:
• ams_updatefirewall
• ams_geo_configure
• ams_backup/ ams_restore
(2 of 2)
MAJOR 2
INFO 3
DEBUG 4
METHOD 5
Note — You do not need to restart the server for the configuration
changes to take effect. The 5520 AMS starts using the new values within
a few minutes after you save the ams.conf file.
Note 1 — This procedure does not apply to setting the tracing level for
an NE. See Section 20.24 for information about configuring EMS tracing
settings using the 5520 AMS GUI. To enable SNMP tracing for an NE,
see Procedure 161.
cd $AMS_LOCALDATA_HOME/server/wildfly/server/amssys/configuration/
ii Execute the following command to open the file for editing in a text editor:
vi standalone-full-ha.xml
<handlers>
<handler name="LOGTYPE_FILE"/>
</handlers>
</logger>
where:
LOGTYPE is the type of log you need to configure: SECURITY, LICENSE, or ALARM.
TRACE LEVEL is one of the following: DEBUG, ERROR, INFO, or WARN.
LOGTYPE_FILE is one of the following: SQL_FILE, SECURITY_FILE.
For example:
<level name="INFO"/>
<handlers>
<handler name="SECURITY_FILE"/>
</handlers>
</logger>
4 In the line <priority value=“TRACE LEVEL”/>, replace TRACE LEVEL with one of the
following:
i Reset the tracing to the highest level by changing the priority value to FATAL.
iii When the tracing level has changed, remove the category name, priority value, and
appender-ref ref lines for the category.
Note — You need to restart the server for the configuration changes to
take effect. The 5520 AMS starts using the new values within a few
minutes after you save the standalone-full-ha.xml file.
See Section 31.51 to change the log type using the script interactively.
cd $AMS_EXTERNAL_SHAREDDATA_HOME/config/
ii Execute the following command to open the file for editing in a text editor:
vi logSettings.txt
3 Configure a single or multiple system log files for which you want to change the log type.
filename,type,max,compress
where:
For example:
ALARM_FILE,size,5000000,n
Success 0
Note — You need to restart the server for the log configuration changes
to take effect across all the servers.
Note — To set the logging level, the user should have the function
Cluster Settings- Edit enabled.
• ALL
• DEBUG
• ERROR
• FATAL
• INFO
• OFF
• TRACE
• WARN
5 Click Finish.
Note — To configure the logging settings, the user should have the
function Cluster Settings- Edit enabled.
• Continue logging
• Suspend logging
4 Click Finish.
Notes
(1) The security.log file is a separate file that exists in the system.
(2) The user activities are logged in the AMS database and does not exist as a separate file. You can view the User
Activity log from the 5520 AMS GUI. For instructions, see Procedure 241.
2 Select Object Details from the menu and configure the following settings in the Event Settings
form that opens:
i In Global GUI Settings, set the Event View Refresh Interval field to the required number
of seconds. The default value is 15 seconds.
ii In Event Table Size Threshold settings, set the Raise Alarm if Database Size Exceeds
field to the required size (ranging from 1 MB to 1000 MB). The default value is 1000 MB.
iii In Event Display Configuration, configure the time period (ranging from 1 to 24 hours)
for which the events need to be displayed in the event summary view in the Display
Events in the Event Summary Page in the Last field. The default value is 12 hours.
Configure the event row navigation by selecting one of the two options, Object Details
or NE Object Tree from the drop down list in the Double Click on Event Row Navigates
to field.
• Archiving Strategy: You can choose the required option to define when you want the
records to be added to the database.
• Delay Before an Event is Deleted from Archive: You can configure the time delay
before an event is deleted from the archives. Range is from 7 to 120 days. Default
value is 30 days. This holds true only if the archives are not yet transferred.
• File Transfer Protocol: You can define the protocol to be used for transfer of the
archived files to the database.
Note — You cannot edit the Purging parameter value. If this parameter
value is modified all the events are removed from the database. You can
modify this parameter value only from the Actions menu.
The log4j2.properties file is a configuration file that is used for debugging the AMS
GUI issues. You can customize not only the output destination but also the output
format.
The file log4j2.properties is available in the Presentation server at
<AMS GUI installdir>\plugins\com.alcatel.axs.gui.platform_<version>\lib\
log4j2.properties.
where,
<AMS GUI installdir> refers to the name of the 5520 AMS installation directory. For
example, the installdir is C:\AMS9.7_Client\ams
Result: The contents of the file log4j2.properties is displayed in the Configure Logs window.
Result: The contents of the file log4j2.properties is displayed in the Configure Logs window.
2 Click Restore to default. The default values are set immediately and Configure Logs window
is closed automatically. To apply the changes made in the file, you need to restart the 5520
AMS GUI.
Note — To view the GUI logs from the AMS GUI, you should
have the function Web Console - Debugger enabled.
You can view the following AMS GUI log files without logging on to a Presentation
server to debug GUI-related issues:
• output.log
• output.log.* (where * is a number)
• guiAlarmLog.log
• .log
• .bak_*.log (where * is a number)
Result: The Show Logs window opens. All the log files present in the location
<workspace>\.metadata are listed in the Show Logs window.
2 Select a log file from the drop-down list. To reload or get the updated list of the log files, click
Refresh.
2 Right-click the server object and choose Actions→Audit Configuration File Changes.
Result: The Audit Result for the selected server is displayed in the Results window. There
are two tabs in the window - Details 1 and Details 2.
In the Details 1 tab, the configuration file changes for ams.conf, amsgeomonitor.conf,
procMon.conf, and my.cnf are listed. The information that are displayed are:
• File name
• Parameter name of the file
• Default value of the parameter
• Last user accepted value of the parameter
• Current value of the parameter
The audit result for each file and parameter is either: Missing, Misaligned, or Aligned and the
results are indicated by icons. For more information on icons, see the 5520 AMS User Guide
3 You can click an entry in the Details 1 tab and do any of the following:
• Click Accept Current Value - This accepts the configuration file change and updates the
last accepted user value with the current value. The 5520 AMS system clears the alarm,
if it is reported for this parameter.
On clicking Accept Current Value, the audit result for the parameter is refreshed where
the Aligned and Misaligned icons for the parameter are displayed based on the
comparison between the parameter’s Current Value and Last User Accepted Value.
• Click Restore Default Value - The last accepted user value is updated to the default value.
You are prompted for a confirmation on server restart for the changes to take effect. Copy
the default value to the corresponding configuration file in the AMS server. The 5520 AMS
system clears the alarm, if it is reported for this parameter.
• Click Restore Last User Accepted Value - You are prompted for confirmation on a server
restart for the changes to take effect. Copy the last user accepted value to the
corresponding configuration file in the AMS server. The 5520 AMS system clears the
alarm, if it is reported for this parameter.
4 To copy the audit results, click Copy All. The results are copied to your machine.
28 Syslogs
28.1 Overview
28.1 Overview
Syslog provides a logging facility to capture and log or broadcast system secure
access and configuration changes made using TL1, CLI, and authorization actions.
You can also use the 5520 AMS to view and configure syslog parameters such as
log rotation, server type, facility, and message severity.
You can disable the remote connection flag of the syslog daemon to forward the User
Activity Log records, write large number of iptables related data to the syslog files.
For more information, see the Syslog Configuration and Redirecting IP tables logging
sections in the 5520 AMS Server Configuration Technical Guidelines.
Table 108 describes the supported syslog message types.
See the CLI Commands guide for your NE for more information about CLI syntax,
and the Commands and Messages guide for your NE for more information about TL1
syntax.
Table 108 Syslog messages
CLI configuration changes Logs CLI configuration changes made by users. See the
5520 AMS User Guide for information about CLI
configuration.
TL1 configuration changes Logs TL1 configuration changes made by users. See the
5520 AMS User Guide for information about TL1
configuration.
(1 of 2)
(2 of 2)
Authenticated users can also make configuration changes using TL1 and CLI.
Before you proceed, make sure your user account is assigned the necessary
functions to perform the procedures in this chapter. See Table 19 for more
information.
28.1.1 Architecture
Syslog is a subsystem designed to handle system security logging. Other
subsystems that have messages to be logged into the system log depend on the
syslog subsystem.
The syslog subsystem uses the syslog protocol, which is a transport mechanism for
sending event messages across an IP network. The receiving server is known as an
“event message collector.” System events may be sent at the start or end of a
process, or to transmit the current status of some condition or process in the
operating system or application.
If SFTP is used as the file transfer protocol, the correct login credentials must be
provided. You can set the username and password for the NE SFTP file server in the
SNMP profile used by the NE. See section 20.5 for more information.
When the 5520 AMS server acts the SFTP server, the credential for amssftp can be
provided from the external SFTP server.
The 5520 AMS behaves as an SFTP /TFTP server when files are opened at the NE’s
such as ISAM, ISAM FTTU etc. The 5520 AMS behaves as an SFTP/TFTP client
when performing operations such as NBI, backup, syslog and so on.
Result: The Object Details view opens and displays the syslog system parameters. See
Table 109.
Parameters Description
General
Maximum Message Size Displays the maximum syslog message size in bytes
Storage Capacity
Free Displays available disk space for syslogs in bytes
Result: The Create Syslog Server window opens and prompts you to configure the
parameters for the new syslog server.
3 In the Server Number field, use the default or enter a server index value for the new server.
The value must be an integer from 1 to 64, inclusive.
4 Click Next.
Result: The second Create Syslog Server window opens and prompts you to configure the
parameters for syslog server. Table 110 describes the parameters for a syslog server.
Parameter Description
Name Specifies the name of the syslog server
Type Specifies the type of syslog server. See Table 111 for more
information about server types.
File name When the Type parameter is set to File, this parameter specifies
the local filename used by the syslog server.
5 Configure the parameters. Table 111 describes the syslog server type options.
Options Description
File Specifies that syslog messages are logged to local files
UDP Specifies that syslog messages are sent to the IP address and
UDP port number of the syslog server
All CLI Specifies that syslog messages are sent to all CLI-type servers
All TL1 Specifies that syslog messages are sent to all TL1-type servers
All Users Specifies that syslog messages are sent to all users
6 If the State panel is visible, choose Enabled or Disabled from the Logging drop-down menu.
• Click Finish to create the syslog server and close the Create Syslog Server window.
Result: The new syslog server is displayed in the Network Tree as Syslog Server name,
where name represents the syslog server number and name.
Result: The Create Syslog Message window opens and prompts you to configure the
parameters for the new message.
Note — The system appends the syslog number to the message type
string.
4 Click Next.
Result: The second Create Syslog Message window opens and prompts you to configure
the parameters for the new message.
5 Choose a syslog facility. In the Facility drop-down menu, choose an option for the method to
send messages to the remote server.
6 Assign available severity filtering options to the message. In the Severity panel, choose an
option for the message severity filtering.
Use the left-arrow and right-arrow to add and remove the options from the Available and
Selected windows. Options in the Selected column will be applied and options in the
Available column are not applied.
Result: The new syslog message is displayed in the Network Tree by message type.
Result: The Object Details view displays the syslog server parameters.
3 Configure the Upload Rotated Files to the Server parameter. The options are:
• Yes: When the log file is rotated with an associated secondary log file, the primary log file
is uploaded to the remote server. When you choose this option, you need to configure the
Upload Path parameter.
• No: When the log file is rotated, the contents are moved to the secondary log file. The
contents of the secondary log file will be overwritten with the next rotation.
2 Choose the syslog server for which you need to rotate the file.
Task See
Create a syslog server with the Type parameter set to Procedure 263
File
Add a syslog server message to the server with the Procedure 264
Message Type parameter set to Authentication Actions
(Optional) Configure the syslog server to upload the file Procedure 265
to the remote server when the file is rotated
2 Right-click the server you need to view the log for and choose Actions→View File. Click
Finish to confirm the action.
Result: The Result page window opens and displays the contents of the security log file.
Note — If the NE does not have a security log message file, the Result
page window will display xFTP Authentication failed, where xFTP is the
file transfer mode.
Result: A table of logged alarms opens in the Object Details view, as described in Table 113.
General
(1 of 2)
Log Time date and time Displays the date and time the alarm
change was logged
(2 of 2)
Note
(1) Alarm number 0 indicates no alarms (within the alarm type) are active.
When an alarm is raised, each active alarm rule defined in the rule set is evaluated
one after the other as per the order of the rules, before the alarms are forwarded to
the master application server. The action defined in the rule is executed only on the
alarms that match the alarm criteria and have a PAP ID equal to 0 or are included in
the PAP Groups of the user who created the rule.
The number of alarm rules defined cannot exceed 50. The number of active alarm
rules cannot exceed 20.
Before you proceed, make sure your user account is assigned a role that includes
the necessary functions to perform the procedures in this chapter. See Table 19 for
more information.
Result: The Alarm Rules view opens. The table displays the following information on the
configured alarm rules.
Parameter Description
PAP Groups Specifies a comma-separated list of the PAP Groups of the user who
created the rule. The rule will only be applied to the alarms that have
a PAP included in these PAP Groups.
Avg Time (ms) Indicates the time taken to evaluate this rule and to execute the action.
An average is computed on the last 24 hours.
Hits/day (Total) Indicates the number of times this rule has been evaluated in the last
24 hours, irrespective of whether the filter criteria defined in the rule
matched or not.
Hits/day (Match) Indicates the number of times this rule has been successfully
evaluated in the last 24 hours, that is, the number of times the filter
criteria defined in the rule matched.
Last Failure Date Indicates the timestampc of the last failure. If no failure occurs, a dash
is displayed (-). An example of a failure can be script queue full or
script not found. If a failure occurs, it must be logged in the server.log
(ERROR level), including the ID of the alarm that could not be
processed.
Note
(1) You can define both alarm and source criteria.
Rule Name Enter a unique name for the Any string from 1 to 255 characters.
alarm rule. Default value: empty
Alarm Criteria Define the criteria (attributes, • Match all of the following - The alarm rule will be
operator, value) for alarm rule processed if it matches all of the defined alarm
processing. You can define criteria.
multiple criteria. • Match any of the following - The alarm rule will be
Click + to add an alarm processed if it matches any of the defined alarm
criterion. criteria.
Click - to delete an alarm
criterion.
(1 of 2)
NE Family (1) Select the NE family for which Depending on the NE plug-ins installed, some of the
the rule is defined. possible options are:
• Platform (refers to objects that do not belong to an NE
plug-in)
• ISAM/FTTB/FTTN
• GPON
• G6
Object Type Select an object of the NE All objects of the NE family and release that can report an
family and release for which alarm.
the rule is defined.
(2 of 2)
Note
(1) The default value of the NE Release parameter is set to All, when you select a value in the NE Family parameter.
(2) When a specific problem is selected as criteria, the toggle suppression enabled alarms are displayed with [==TOGGLING==] <Alarm>
parameter, this parameter is used only for the Alarm filters. To add or modify an alarm rule, choose the real <Alarm> parameter.
3 Click Next.
4 Depending on the action selected in the Action drop-down list, perform the relevant steps
specified in the following table:
Discard the alarm A summary of the options selected is displayed. If the alarm matches the alarm criteria specified
Go to step 5. in the defined rule, the alarm is discarded.
Modify the alarm • In the Alarm Parameters section, choose If the alarm matches the alarm criteria specified
parameters the alarm parameter that needs to be in the defined rule, the specified alarm
modified, and the value to which it needs to parameters are modified to the defined value in
be modified. the alarm rule. The modified alarm is forwarded
• Click + to add another alarm parameter to to the next rule in the rule set.
modify. You cannot modify the (un)Acknowledged by,
• Click Next. (un)Acknowledged via IP Address, Assigned
• A summary of the options selected is by, and Assigned via IP Address parameters.
displayed. Go to step 5. When modifying:
• The "Acknowledged" field, then the
"(un)Acknowledged by" parameter will be
set to "" and the "(un)Acknowledged via IP
Address" will be set to "127.0.0.1".
Append extra • Enter the text to be appended to the If the alarm matches the alarm criteria specified
information to the Additional Info/Text field of the alarm in the in the defined rule, the Additional Info/Text field
Additional Info/Text Free Text field. of the alarm is appended with the text defined in
Multi-line string is allowed in this field. the Text field of the alarm rule. The modified
alarm is forwarded to the next rule.
• Select an attribute of the object that
reported the alarm. If an object is not
defined in the Source Criteria of the first
page of the wizard, then you can define it
here, else the values defined in the first
page are used.
• Click Next.
• A summary of the options selected is
displayed. Go to step 5.
(1 of 2)
Call a script • Enter the full path of the script including the If the alarm matches the alarm criteria specified
script name in the Script (Full Path) field. in the defined rule:
The recommended script path is • If the ‘Discard the alarm’ action is selected
$AMS_EXTERNAL_LOCALDATA_HOME, in the After the Script drop-down list, the
which, by default, is alarm will be discarded after the script runs.
/var/opt/ams/local/common. • If the ‘Forward the alarm to the next rule’
The path of the script entered in the field action is selected in the After the Script
must start with ‘/’. It must not end with ‘/’. drop-down list, the alarm will be forwarded
Environment variables cannot be entered. to the next rule in the rule set after the script
The script must exist in all application runs.
servers of a cluster.
• Select the action to be executed after the
script runs, namely:
• Discard the alarm
• Forward the alarm to the next rule
• In the Available column of the Script
Arguments section, choose the alarm
attributes that can be passed as script
arguments and move them to the Selected
column.
• Select an attribute of the object that
reported the alarm. If an object is not
defined in the Source Criteria of the first
page of the wizard, then you can define it
here, else the values defined in the first
page are used.
• Click Next.
• A summary of the options selected is
displayed. Go to step 5.
(2 of 2)
5 Click Finish.
Note 1 — The alarm rule comes into effect only for new alarm events.
Existing alarms must be cleared manually, if required.
Note 2 — When 50 alarm rules already exist, if you add another rule, an
error ‘Maximum number of rules reached’ is displayed. Click Cancel.
Note 3 — When 20 active alarm rules already exist, if the status of the
new rule is set to Active, an error ‘Maximum number of active rules
reached’ is reported. Modify the status of the alarm rule to Inactive, and
click Finish to save the rule.
1 In the Alarm Rules view, choose the alarm rule that you want to modify.
4 Click Next.
6 Click Finish.
Note 1 — The changes to the alarm rule comes into effect only for new
alarm events. Existing alarms must be cleared manually, if required.
Note 2 — When 20 active alarm rules already exist, if you modify the
status of an inactive rule to Active, an error ‘Maximum number of active
rules reached’ is reported. Modify the status of the alarm rule to Inactive,
and click Finish to save the rule.
1 In the Alarm Rules view, choose the alarm rules that you want to delete.
Are you sure you want to delete the selected alarm rules?
1 In the Alarm Rules view, choose the alarm rule for which you want to change the order.
• Click the Move Up icon ( ) to move the alarm rule up by one position in the rule set.
• Click the Move Down icon ( ) to move the alarm rule down by one position in the rule
set.
• Click the Move to Top icon ( ) to move the alarm rule to the top-most position in the
rule set.
• Click the Move to Bottom icon ( ) to move the alarm rule to the bottom-most position
in the rule set.
Note — The maximum number of active alarm rules cannot exceed 20.
1 In the Alarm Rules view, choose the alarm rules which you want to activate or deactivate.
3 Choose one of the following options from the Status drop-down list:
4 Click Finish.
Result: The status of the alarm rule is changed as per the selection.
When 20 active alarm rules already exist, if you add another rule with Active status, an error
‘Maximum number of active rules reached’ is reported. Click Cancel.
Note — The changed status of the alarm rule comes into effect only for
new alarm events. Existing alarms must be cleared manually, if required.
1 In the Alarm Rules view, click the Check All Rules icon ( ).
Result: The Check All Rules window opens. For each rule, the wizard checks:
• If the selected object in the rule exists in all selected NE plug-ins. If it does not exist, it
reports that the selected object does not exist in the NE plug-in.
• If the selected attribute in the rule exists in all selected NE plug-ins. If it does not exist, it
reports that the selected attribute of the object does not exist in the NE plug-in.
• Only for the source attribute in the "Source Criteria", if the type of the attribute in the rule
is the same in all the selected NE plug-ins. If it is not, it reports that the selected attribute
of the object is of a different type in the rule and the NE plug-in.
• Only for the source attribute in the "Source Criteria", if the units of the attribute in the rule
are the same in all the selected NE plug-ins. If they are not, it reports that the selected
attribute of the object is expressed in different units in the rule and the NE plug-in.
• Only for the source attribute in the "Source Criteria", if the selected attribute value in the
rule exists in all the NE plug-ins. If it does not, it reports that the selected attribute of the
object is expressed in a different value in the rule and the NE plug-in.
• If the internal name of the selected object in the rule is the same in all the selected NE
plug-ins. If it is not, it reports that the object has a different internal name in the NE plug-in.
• If the internal name of the selected attribute in the rule is the same in all the selected NE
plug-ins. If it is not, it reports that the attribute of the object has a different internal name
in the NE plug-in.
If no issues are detected in the alarm rules, the following message is displayed: No problem
detected.
Each metric is collected in every 20 seconds. The 5520 AMS stores 60 samples of
the data separately for each measurement period. This means that the measurement
interval is always 1/60 of the measurement period.
Since the metric is sampled every 20 seconds, the first measurement period is 60 x
20 seconds = 1200 seconds or 20 minutes. The next measurement period is
obtained by aggregating three samples into one. This means that the measurement
period is 3 x 20 minutes = 60 minutes or 1 hour, and the measurement interval is 1
hour/ 60 = 1 minute. The same reasoning applies to the higher measurement period.
To aggregate samples, the 5520 AMS takes the average.
Where:
1 is the Measurement interval per second/Time
2 is the Server
3 is the Description
4 is the TCA
5 is the Counter
6 is the Measurement interval
7 is the Summary of average, total, and maximum of counter interval
8 is the Graph interval
9 is the Graph
Modifier Description
Gauge charts (like the number of sessions) are probably easier to understand.
However, it can be still confusing to interpret fractional values such as having 3.5
users. This is due to the rounding of values when resampled to large intervals.
For example, if there are 10 users at 10h09'20", 10 users at 10h09'40", and 0 users
at 10h10'00", then if you average the data over a minute, you have (10+10+0)/3 =
6.66 users on an average over that minute.
Procedure 276 To display EMS performance monitoring data and configure TCA
2 From the left panel, choose the performance monitoring counter you need to display data for.
3 If you are using a cluster, choose the IP address of the application server from the Servers
drop-down menu.
5 To add a TCA entry, click the TCA tab, and click Add.
Parameter Description
Data Set Configure the unit for the monitoring duration in minutes,
hours, or days. For example, 20m, 1h, 6h, 24h, 7d.
7 To delete a TCA entry, select the TCA to be deleted, and click Delete in the TCA window.
8 Click Finish.
• To export only the graph you are currently viewing, click the Export Current Graph icon
( )
Note — The graphs you export will be same for the application server
and measurement chosen for the graph.
2 From the Browse for Folder window, choose the location you need to export the graphs to.
Click OK.
Result: The graphs are exported in .jpg format to the folder you chose. The title of each file
is the name of the counter set you chose in the EMS Performance Monitoring view.
$AMS_SCRIPTS_DIR/ams_app_stats_converter.sh [–-outputdir
<output_directory>] [--filename <absolute path and filename of the
application statistics file> ]↵
Where:
-<output_directory> is the output directory specified by the operator where the .csv file needs to be generated.
By default, the output file generated by the script is stored under $AMS_LOCAL DATA_HOME/log. The
generated output file will contain the information from the applicationstatistics file in .csv format. This
parameter is optional.
-<absolute path and filename of the application statistics file> is the absolute path and filename of the
applicationStatistics file. If no path is specified, the script will check for the input file at
$AMS_LOCALDATA_HOME/log. If no input file is specified, then all applicationstatistics files in the
$AMS_LOCAL DATA_HOME/log directory are converted. This parameter is optional.
Where:
• filename is the output file in the .csv format. For example,
<applicationStatistics_YYYY_MM_DD>.csv
• <output_directory> is the output directory where the .csv file is generated.
Appendix
31 5520 AMS server scripts
31.2 ams_server
31.3 ams_activate
31.4 ams_audit_agent_alarm
31.5 ams_backup
31.6 ams_change_ip_subnet_server
31.7 ams_cluster
31.8 ams_copy_datafiles
31.9 ams_configure_ssh_timeouts
31.10 ams_db_defragment
31.11 ams_export
31.12 ams_exttl1gw_integration
31.13 ams_geo_configure
31.14 ams_hub_sub_link_mgr
31.15 ams_import
31.16 ams_install
31.17 ams_install_license
31.18 ams_createfirstuser
31.19 ams_link_mgr
31.20 ams_mediagw_mgr
31.21 ams_ne_cli
31.22 ams_nebackup
31.23 ams_nerestore
31.24 ams_show_ne_balancing
31.25 ams_remove_data
31.26 ams_ne_mgr
31.27 ams_restore
31.28 ams_retrieve_ip_by_nename
31.29 ams_retrieve_pap_ne_from_db
31.30 ams_schedule_backup
31.31 ams_splitter_mgr
31.32 ams_sw_backup
31.33 ams_switch_active_dataserver
31.34 ams_switch_authentication_local
31.35 ams_tracing
31.36 ams_uninstall
31.37 ams_update_limit
31.38 ams_user_mgr
31.39 ams_check_ssl
31.40 convert5526AMSTo5523AWS
31.41 createUsernamePassword
31.42 DEMO_IT_infrastructure_integration
31.43 ams_disable_ssl
31.44 ams_enable_ssl
31.45 getAgentlist
31.46 innotop
31.47 ams_reset_logs
31.48 retrieve_nes
31.49 ams_simplex_to_cluster
31.50 switchover_hook
31.51 ams_log_manager
31.52 ams_apps_stats_converter
31.53 ams_updatefirewall
31.54 getLicenseCounter
31.55 convert_to_shorter_line
31.56 ams_reconfigure_host
31.57 ams_support
31.58 ams_update_database_pwd
31.59 ams_renew_isam_ssh_info
31.60 ams_set_snmp_trap_port
31.2 ams_server
The ams_server script is used to start and stop the 5520 AMS software, displays
information about the software that is installed, and displays the status of running
processes.
The following two log files records all messages during the ams_server script
execution:
• ams_ems_service.log records all messages for restart, status, resetgeo and
version logs.
• jboss_service.log records all messages for start and stop logs.
To run the script, log in to the server as amssys and type:
ams_server [option] command servicename ↵
where:
• option is --server = <IP address of a specific server in the cluster or geo-redundant
site>. This option enables you to run the script on a specific server in a cluster or
geo-redundant site from another server in the cluster or remote site by specifying
the IP address of the server.
The following subsections describe the commands and their service names for the
script.
31.2.1 start
The start command starts the 5520 AMS server.
Table 119 describes the service names for the start commands and the output of the
command.
Table 119 Start - service names and output
31.2.2 stop
The stop command stops the 5520 AMS server.
Table 120 describes the service names for the stop command and the output of the
command.
Table 120 Stop - service names and output
Stopping JBoss
Stopped JBoss
Stopping Database
Stopped Database
Stopping Database
Stopped Database
(1 of 2)
(2 of 2)
31.2.3 restart
The restart command stops and starts the 5520 AMS server.
Table 121 describes the service names for the restart command and the output of
the command.
Table 121 Restart - service names and output
Stopping JBoss
Stopped JBoss
Stopping Database
Stopped Database
(1 of 2)
Starting Database...
Starting jboss...
(2 of 2)
31.2.4 status
The status command displays the statuses of the processes that are running on the
server. The running processes depend on the role of the server.
Table 122 describes the service names for the status command and the output of the
command.
where:
• number_of_loops specifies the number of times the script
loops.
• period_in_seconds specifies the length of the period
between repetitions, in seconds.
For example:
ams_server status all -l 10 -p 60
Table 123 shows the parameters that appear on the output of the ams_server and
ams_cluster status commands, and the possible statuses. Table 124 lists the
processes that appear on the output of the ams_server and ams_cluster status
commands, and the possible statuses.
Table 123 ams_server and ams_cluster status parameter descriptions
Server status Both Indicates the individual overall status of each server. The status
parameter has the following possible values:
• Healthy: the environmental test scripts on the server are reporting
healthy, and all processes or services on the server are running.
• Degraded: at least one environmental test script on the server
reports a non-critical error, or at least one process or service on the
server is reporting a problem.
• Failed: at least one environmental test script on the server reports a
critical error, or at least one process or service on the server is in
Alarmed state.
Environment ams_server The status has three possible values depending on the status of one or
more health scripts running on the 5520 AMS system:
• Healthy: if all health scripts are reporting healthy.
• Degraded: if any of the health scripts is not reporting healthy, and
none of the health scripts is reporting critical.
• Failed: if any of the health scripts is reporting critical. The 5520 AMS
system will automatically stop all processes on the involved server.
Processes ams_server Indicates the processes status based on the status of JBoss, Database
and services. The status has three possible values:
• Healthy: if JBoss, Database and all services are running.
• Degraded: if JBoss or Database or services are not running.
• Failed: if JBoss or Database is in the alarmed state.
(1 of 3)
Status ams_cluster Cluster status is a combined status of Server status and Site status. (1)
The status parameter has the following possible values:
• Healthy: the cluster is operating as expected. The environmental
test scripts on the server are reporting healthy, and all processes or
services on the server are running.
• Degraded: the 5520 AMS is operating, but problems exist.
At least one server is running as the master database, one JBoss
process is running as the master and one server has the EMS
services running. But there are some deployment failures because
of which some applications, plug-ins, or services are not running
properly in a server or servers in a cluster.
At least one environmental test script on the server reports a
non-critical error, or at least one process or service on the server is
reporting a problem.
• Unavailable: the 5520 AMS is not operating.
• Starting: at least one server in the cluster is starting up.
• Failed: the cluster is unavailable, and reports a critical error, due to
one of the following reasons:
• EMS services is not running on the active site.
• All data servers are reporting failed.
• All application servers on the active site are reporting failed.
At least one environmental test script on the server reports a critical
error, or at least one process or service on the server is in the
Alarmed state.
Members ams_cluster The host names of the servers at the site. The parameters for each
server appear in columns under the host name.
Reachable ams_cluster Indicates whether the server can be pinged at the cluster IP address:
• Yes: the cluster IP address is reachable
• No: the cluster IP address is not reachable
Geo status Both Indicates the geographical redundancy mode, and has the following
possible values:
• Manual: when automatic switchover is not enabled.
• Automatic: when automatic switchover is enabled.
• Not configured: when the geographical redundancy is not
configured.
• —: not applicable
(2 of 3)
Geo monitor Both Indicates the status of the amsgeomonitor process. This status is
applicable only when automatic swtichover is enabled. The parameter
has the following possible values:
• Active: when amsgeomonitor is running on the active data server in
the active site.
• Not active: when amsgeomonitor is not running.
• Switchover: when geomonitor switchover is in progress.
• —: not applicable
Site Role ams_cluster Indicates the role of the site. The site role parameter has three possible
values:
• Active: the server is an active data server
• Standby: the server is a standby data server
• —: Not applicable. This value appears for application servers.
Uptime ams_cluster Indicates the amount of time since the server was started.
(3 of 3)
Notes
(1) Changes to the cluster status are for notification only. This status may change at different intervals as it receives updates from the cluster.
(2) The site name can include only alphabets, digits, _ and -. No other special characters are allowed.
Running(1)
Disabled(2)
WaitingStartup(3)
Alarmed(4)
Stopping(5)
(applies only to ams_cluster)
-(6)
?(7)
Running (Master)(8)
Running (Master) (Failures)(9)
Running (Failures)(10)
Running (Slave)(11)
Starting(12)
(applies only to ams_server)
Migrating: <Step details>(13)
Success(14)
Failure(15)
Inprogress(16)
Running (online)(17)
Disabled (maintenance)
ams_server,
Notes
(1) Running: The process or service is up and running.
(2) Disabled: The process or service is not enabled or not running.
(3) WaitingStartup: The process or service is enabled but cannot start due to one of the following reasons: a) The environmental health of the
server is having a problem. b) The processes or services on which the process is dependent on, are not in the running state.
(4) Alarmed: The process or service has been restarted too frequently.
(5) Stopping: The process needs to be stopped due to dependency problems or environmental problems.
(6) -: Not applicable.
(7) ?: Unknown. This value appears when the server is unreachable.
(8) Running (Master): For the ‘AMS server’ process, this status means that the AMS server process is up and running and the processes that
only run on one application server are running. For the Data server process, this status means that the server is the active data server.
(9) Running (Master) (Failures): At least one application, plug-in, or service is not running properly in the master application server.
(10) Running (Failures): At least one application, plug-in, or service is not running properly in the application server.
(11) Running (Slave): The standby data server is receiving database updates from the active data server and is ready to start if the active data
server fails.
(12) Starting: The process or service is in the process of starting.
(13) Migrating <step details>: The migration is in progress. <Step details> comprises Step current_step_num of total_steps -
current_step_description where: current_step_num is the current migration step number, total_steps is the total number of migration steps,
and current_step_description is the description of the current migration step. This status is applicable only to the migration from the 5520
AMS, Release 9.2.10 or later to the 5520 AMS, Release 9.2.30 or later. This status is displayed only when the command is run on the
following servers: a simplex server, the master application + active data server in a cluster.
(14) Success: The shared data file system has been successfully copied from the active server to the standby server in the replication interval.
(15) Failure: The shared data file system was not successfully copied from the active server to the standby server in the replication interval.
(16) Inprogress: The shared data file system is being copied from the active server to the standby server in the replication interval.
(17) Running (online): The service is enabled and running.
The list of components shows the 5520 AMS server software and the active software
plug-ins.
=====================================================
-----------------------------------------------------------
additional components
Note: This server is part of a cluster setup, the output that follows applies
to this machine only.
Setup: Cluster
=====================================================
-----------------------------------------------------------
additional components
where:
• date is in the format Month Day, for example, May 3.
• time is in the format hh:mm:ss yyyy.
Note: This server is part of a cluster setup, the output that follows applies
to this machine only.
Setup: Cluster
=====================================================
-----------------------------------------------------------
additional components
where:
• date is in the format Month Day, for example, May 3.
• time is in the format hh:mm:ss yyyy.
Note: This server is part of a cluster setup, the output that follows applies
to this machine only.
Setup: Cluster
=====================================================
where:
• date is in the format Month Day, for example, May 3.
• time is in the format hh:mm:ss yyyy.
Note: This server is part of a cluster setup, the output that follows applies
to this machine only.
Setup: Cluster
=====================================================
-----------------------------------------------------------
where:
• date is in the format Month Day, for example, May 3.
• time is in the format hh:mm:ss yyyy.
31.2.5 resetgeo
The resetgeo command overrules the ping-pong protection. For information about
resetgeo, see the 5520 AMS Installation and Migration Guide.
31.2.6 version
The version option displays the versions of the 5520 AMS software and the active
plug-ins.
Table 125 describes the service names for the Version command and the output of
the command.
Table 125 Version - service names and output
Notes
(1) The label parameter is used for identifying the GoldenEMSSwConfig file. The label must not exceed 25
characters and must only contain alphanumeric characters. This parameter is optional.
(2) GoldenEMSSwConfig file must be in the same directory level with binary file, if you need to use “ams_install.sh
--golden” command.
Note — In the Data server, you can only view the details of the
software components such as core, patches, and emergency
fixes.
GoldenEMSSwConfig : MYGoldenEMSSwConfigLabel
---------------------------------------------------------------
app-ansitl1-trunk-232526
app-apc-trunk-232526
app-dcscript-9.3.10.0_9.3.10-232526
app-idm-9.3.10.0_9.3.10-232526
plugin-core-g6-12.3-1.0_9.3.10-232526
plugin-core-gpon-4.8-1.0_9.3.10-232526
plugin-ansitl1-gpon-4.8-1.0_9.3.10_9.3.10-232526
plugin-apc-gpon-4.8-1.0_9.3.10_9.3.10-232526
plugin-spfe-g6-12.3-1.0_9.3.10_9.3.10-232526
ams-9.3.10.1EF1-232565
An example of the output of the version save command without providing a file name,
and with a label is as follows:
MYGoldenEMSSwConfigLabel
ams-9.6.07-382828
app-ansitl1-1.0_9.6.07-382828
app-anv-151.0_9.6.07-382828
app-apc-1.0_9.6.07-382828
app-dcscript-1.0_9.6.07-382828
6 errors found
31.3 ams_activate
The ams_activate script is used to activate the software which ensures that the
plug-in installation environment is ready and that it will be safe to start the server.
Installing the 5520 AMS puts the software files in the correct location ready for use.
However, until you activate a server, the server is in a passive, standby mode. You
can activate the servers as part of the installation by using the --activate options, or
you can activate the servers as a separate step.
A log file named install.log records all messages during the ams_activate script
execution.
To run the script, log in as root and type:
install_dir/ams/software/release/bin/ams_activate.sh ↵
where:
• install_dir is the software directory you chose during installation. By default, this
is /opt.
• release is the release of the 5520 AMS software. An example is
ams-9.3.0-999000.
Activation finished
31.4 ams_audit_agent_alarm
The ams_audit_agent_alarm script is used to reset the counters on an agent. No
options are required.
A log file named twiddle.log records the details about resetting the counters on an
agent.
To run the script, log in to the application server as amssys and type:
ams_audit_agent_alarm Internal_alarm_ID ↵
where Internal_alarm_ID is the ID of the internal alarm for which you want to reset
the counter.
The script output is:
Auditing alarm on Agent Internal_alarm_ID
31.5 ams_backup
The ams_backup script is used to create a backup of 5520 AMS data. For more
information about performing a backup, see Section 21.2.
Nokia recommends that this script be run on the standby data server in a cluster
installation.
A log file named ams_backup.log records the details about 5520 AMS backup
activity.
To run the script, log in to a data server or a combination of data and application
servers as amssys and type:
ams_backup.sh options destination URL↵
and destination URL can be a local file or a remote resource, where ftp and sftp
protocols are supported. The supported formats for the destination URL are:
• [file:/]/path/filename (local file)
• ftp://username[:password]@hostname/path/filename (ftp server with username
and password)
• sftp://username[:password]@hostname/path/filename (sftp server with username
and password)
• sftp://hostname/path/filename (sftp server with keybased authentication)
The following is an example of the output:
Tue May 14 13:48:19 2019 **** Starting AMS Backup ****
Details in /var/opt/ams/local/ams-9.7.03-408954/log/ams_backup.log
31.6 ams_change_ip_subnet_server
When there is a need to reconfigure a cluster with a separate NIC for routing the
cluster traffic or changing the network configurations of the client, cluster, or NE, you
can use the ams_change_ip_subnet_server script. For more information, see the
5520 AMS Installation and Migration Guide.
The ams_change_ip_subnet_server script is used to modify the subnets of a 5520
AMS system.
Before executing the ams_change_ip_subnet_server script, all the 5520 AMS
servers in a cluster must be stopped. Using “ams_cluster stop” command causes NE
rebalancing issues after server startup. Therefore, for the script to function correctly,
each server must be stopped by executing “ams_server stop” command.
Note — The ams_change_ip_subnet_server script is not
applicable for geographically redundant configurations as it
uses ams_geo_configure script to modify a configuration. For
more information, see Section 31.13.
Provide the network details for client, cluster, and NE when responding to the
questions in the command line. The IP addresses for NE network can be IPv4 or
IPv6.
Some examples of the question format that is used to gather the network details.
• For a client network:
Enter the network interface(s) for GUI clients communication:
Note: Multiple interfaces can be entered using a comma separated list eth1,
eth2
eth2
• For a NE network:
**** Enter the network interface(s) used for NE communication:
Note: Multiple interfaces can be entered using a comma separated list eth1,
eth2
After the script is executed, restart each server in the cluster using the ams_server
start script. The new application and data servers will be up and operational.
Note — If the networking information of the client NIC is
modified, you must manually enter a new IP address in the
login window.
31.7 ams_cluster
The ams_cluster script is used for configuring a set of networked servers to work
co-operatively as a cluster, providing both load balancing and redundancy in case of
the failure of the application or data server.
The ams_cluster script starts and stops the servers in a 5520 AMS cluster, displays
information about the software that is installed, displays the status of running
processes, and performs a switchover for a geographically redundant installation.
A log file named ams_ems_service.log records details about ams_cluster script.
To run the script, log in to the server as amssys and type:
ams_cluster option ↵
To execute the start, restart, stop, and status options on a specific server in the
cluster, see 31.2.
The following subsections describe the options for the script.
31.7.1 restart
Using this option, all servers that are part of a cluster are restarted in the
maintenance mode. No NE rebalancing is performed during restart.
31.7.2 start
This option starts all the servers in the 5520 AMS cluster.
Table 126 describes the sub-options for the start option.
Sub-option Description
31.7.3 stop
Using this option, all servers in the 5520 AMS cluster are stopped in the maintenance
mode. No NE rebalancing is performed during stop.
31.7.4 status
This option displays the statuses of the cluster and the processes that are running
on each server.
where:
• number_of_loops specifies the number of times the script
loops.
• period_in_seconds specifies the length of the period
between repetitions, in seconds.
For example:
ams_cluster status -l 10 -p 60
Table 123 shows the parameters that may appear on the cluster list and the possible
statuses.
Type: Cluster
Status: Healthy
====================================================================
sys-262-03 A+a H R RM - R R
sys-262-04 A H R R - R R
sys-262-05 A H R R - R R
sys-262-01 D H - - SL R R
sys-262-02 D H - - M R R
31.7.5 status sw
This option displays a list of components showing the 5520 AMS server software and
the active software plug-ins.
If the servers in the cluster are installed with GoldenEMSSwConfig file, then it
displays the configuration file name, for example, MYGoldenEMSSwConfigLabel. If
the configuration file is not present, then it displays WrongEMSSwConfigLabel.
Type: Cluster
Status: Healthy
====================================================================
Database Status : -
Service : Running
Database Status : -
Service : Running
Database Status : -
Service : Running
31.7.7 switch
This option performs a switchover in a geographically redundant installation. The
script logs in to each data server and executes the ams_geo_configure -switch
command as needed.
Table 127 describes the sub-options for the switch option.
Sub-option Description
active Performs a switchover and makes the site you are logged
in to the active site.
standby Performs a switchover and makes the site you are logged
in to the standby site.
31.8 ams_copy_datafiles
The ams_copy_datafiles script is used to copy the persistency data from the earlier
5520 AMS release to the current 5520 AMS release:
• From a backup file (in an out-of-place migration scenario), or
• From the last active release or a previous release (in an in-place migration
scenario).
This script supports migration of data from Release 9.2.10 Patch 03 or later to
Release 9.2.30 or later. For 5520 AMS releases earlier than 9.2.10 Patch 03, this
script is not supported for migration. The script can be executed in the interactive or
non-interactive mode. For more information on the usage of the script in the
interactive mode, see the 5520 AMS Installation and Migration Guide.
A log file named ams_copy_datafiles.log records the details about the datafiles.
By default, data is copied from the last active release, if the --from-release option
is not specified.
• To copy the data from a previous release which is not the last active release, type:
ams_copy_datafiles --force --from-release <previous-release> ↵
• To overwrite existing persistency data with data from the last active release, type:
ams_copy_datafiles --force --overwrite ↵
Existing data is overwritten with the data files of the last active release.
• To overwrite existing persistency data with data from a previous release on the
server, type:
ams_copy_datafiles --force --overwrite --from-release <previous-release>
↵
Existing data is overwritten with the data files of the specified previous release.
Existing data is overwritten with the data files of the specified backup file.
Extracting AMS_SHAREDDATA_HOME to
/var/opt/ams/shared/ams-trunk-195815...........OK
Extracting AMS_SHAREDDATA_NEBACKUP_DIR to
/var/opt/ams/shared/common.......................OK
Extracting emlplatform to
/var/opt/ams/database/ams-trunk-195815/emlplatform....OK
Extracting ibdatadir to
/var/opt/ams/database/ams-trunk-195815/ibdatadir......OK
Upgrading database...
Upgrading database.........................................OK
31.9 ams_configure_ssh_timeouts
The ams_configure_ssh_timeouts script is used to enable/disable/check SSH
session timeouts. The 5520 AMS server opens multiple parallel SSH connections
with NEs during a backup operation.
A log file named ams_configure_ssh_timeouts.log is created.
Before running the script, stop the 5520 AMS server. To run the script, log in as root
or amssys and type:
ams_configure_ssh_timeouts.sh command timeout ↵
where:
• command is one of the following:
• enable—Enables SSH session timeout. This command also sets the SSH session
timeout to the value of timeout. Timeout option is mandatory for the enable command
only.
This command sets the parameter AMS_SSH_SERVER_TIMEOUT in ams.conf file.
The AMS_SSH_CLIENT_TIMEOUT is set as 30 seconds less than
AMS_SSH_SERVER_TIMEOUT.
• disable—disables the SSH session timeout.
This command sets the parameters AMS_SSH_SERVER_TIMEOUT and
AMS_SSH_CLIENT_TIMEOUT to 0.
• check—displays the current SSH timeout settings.
This command verifies if the timeout is enabled and all the parameters are set
correctly.
• timeout is maximum allowed time for a session to be idle. This option is mandatory
for the enable command only and ranges from 1-15 minutes.
SSH timeout is enabled. You must reconnect the SSH sessions for changes to
take effect.
31.10 ams_db_defragment
The ams_db_defragment script is used to free up disk space by defragmenting the
active data server. You can use the analyse option periodically to check for
fragmentation. For instance, you can execute the analyse option every week or once
in a month to understand the fragmentation on the disk. Then, use the execute option
to rearrange the data on the active data server and create disk space. Also, you can
use the execute option when the historical alarms table size exceeds the threshold
level and a TCA alarm is generated.
Ensure the following conditions are met before executing the script:
• 5520 AMS must not be running when execute option is used; whereas you can
execute the analyse option with 5520 AMS running.
• The execute option must be executed on an active data server only in a
maintenance window. After defragmentation 5520 AMS initiates a full sync cycle
from the active data server to all standby data servers. If the defragmentation is
executed on a standby data server, the defragmented data files are overwritten
when the 5520 AMS starts up again.
Note — After the execution of the script the active data server
must be brought up before the standby servers.
Table_Rows: -----
Data_Free (Bytes):------
% Fragmentation: ----
Table_Rows: ----
Data_Free (Bytes):----
Index_Length (Bytes):----
% Fragmentation: ----
.............
Type of Setup Database Size Time took for Overall Down Average
Defragmentation time(that is server Fragmentation %
stop,execute,
server start)
(1 of 2)
Type of Setup Database Size Time took for Overall Down Average
Defragmentation time(that is server Fragmentation %
stop,execute,
server start)
(2 of 2)
2 Run the ams_db_defragment script with execute option on previous active data server.
3 Start the previous active data server using ams_server start command.
4 Start the other servers enforcing full sync with the active data server.
3 Start the previous active data server in the active site cluster.
4 Start the other data servers in the active site cluster to enforce full sync with active data
server of the active site.
5 Start the standby site cluster to enforce full sync with the active site cluster.
31.11 ams_export
The ams_export script is used to create an export file of selected data that can be
imported by a 5520 AMS server.
A log file named importexport.log or importexportcli.log records details about export
activity.
To run the script, log in to the application server as amssys and type:
ams_export.sh ↵
The exported data file is created on the active data server. It is located in
$AMS_EXTERNAL_SHAREDDATA_HOME/export/ams, and has the filename
export.tar.
The script overwrites any existing export.tar file on the active data server.
31.12 ams_exttl1gw_integration
The ams_exttl1gw_integration script is used to integrate an External TL1 Gateway
with a 5520 AMS cluster. See Section 16.2.
No log file is generated for this script.
To run the script, log in as root and type:
ams_exttl1gw_integration.sh option ↵
31.12.1 configure
The configure option saves the virtual IP addresses and network interfaces to be
used for OSS communication.
The following is an example of the output:
Detecting setup.
Do you want to use a single virtual IP address for OSS communication [ yes
(default) | no ] ?
172.22.176.6
bge3
Writing configuration
Ready
31.12.2 unconfigure
The configure option removes a configured integration.
The following is an example of the output:
Detecting setup.
If they are running, the 5520 AMS and the 5520 TL1GW will be stopped before
unconfiguring.
->Stopping 5520TL1GW
o Disabling 5520TL1GW
o Stopping 5520TL1GW
->Stopping 5520AMS
Stopping JBoss
Stopped Jboss
Stopping Database
Stopped Database
Ready
31.12.3 start-active
The start-active option starts both the 5520 AMS and the External TL1 Gateway in
active mode. This option should only be used in a geographically redundant
installation. In a single site installation, you can use the ams_server start script.
The following is an example of the output:
Detecting setup.
->Starting 5520TL1GW
o Enabling 5520TL1GW
o starting 5520AMS
The AMS server is starting up, it may take several minutes before it is ful
ly operational.
Ready
31.12.4 start-standby
The start-standby option starts both the 5520 AMS and the External TL1 Gateway in
standby mode. This option should only be used in a geographically redundant
installation. In a single site installation, you can use the ams_server stop script.
The following is an example of the output:
Detecting setup.
->Stopping 5520TL1GW
o Disabling 5520TL1GW
o Stopping 5520TL1GW
o starting 5520AMS
The AMS server is starting up, it may take several minutes before it is ful
ly operational.
Ready
31.12.5 stop
The stop option stops both the 5520 AMS and the External TL1 Gateway.
The following is an example of the output:
Detecting setup.
->Stopping 5520TL1GW
o Disabling 5520TL1GW
o Stopping 5520TL1GW
->Stopping 5520AMS
Stopping JBoss
Stopped Jboss
Stopping Database
Stopped Database
Ready
31.13 ams_geo_configure
The ams_geo_configure script is used to configure, modify and disable geographic
redundancy. You can perform a manual switchover using ams_geo_configure or
ams_cluster. For more information, see the 5520 AMS Installation and Migration
Guide.
31.14 ams_hub_sub_link_mgr
The ams_hub_sub_link_mgr script is used when the 5520 AMS has a link
management license. See Chapter 5 for more information about licenses.
The ams_hub_sub_link_mgr script creates a cluster of hub-subtended
7302 ISAM/7330 ISAM FTTN/ 7356 ISAM FTTB/7360 ISAM FX NEs from the
5520 AMS application server. See Section 19.4 for more information.
A log file named ams_hub_sub_link_mgr.log is created.
31.15 ams_import
The ams_import script is used to import the data from an export file of selected data
on the 5520 AMS server.
A log file named importexport.log or importexportcli.log records the details about
import activity.
If the file you need to import data from was created from the client, change the file
name to export.tar. Perform the following steps:
To change to the export directory, type:
cd $AMS_EXTERNAL_SHAREDDATA_HOME/export/ams ↵
Before you proceed, the export file export.tar should be in the shared data directory.
To change the name of the file you need to use, type:
mv exportdate-time.tar.gz export.tar.gz ↵
where
date is the date the file was created in the format ddmmyyyy
time is the time the export was performed in the format hh-mm-ss
To run the script, log in to the application server as amssys and type:
ams_import.sh -filename <path or filename> -overwrite ↵
Where:
• -filename option is provided when the user needs to specify an export file that is
not the default export file (export.tar.gz).
Note — If -filename is not entered, default export file available
at the location,
/var/opt/ams/shared/common/export/ams/export.tar.gz will be
used during import.
• <path of the file> is the full directory path and filename to be imported. If only the
name of the export file is specified with the -filename option, the script will look for
the export file in the default path, /var/opt/ams/shared/common/export/ams/.
• -overwrite option enables the overwrite mode to overwrite duplicate records.
Note — The -overwrite option is only available for User
Management records.
For example,
ams_import.sh -filename
/var/opt/ams/shared/common/export/export01Aug2012-18-24-53.tar.gz
-overwrite ↵
Result: All duplicate records for the user management applications are overwritten.
The following is an example of the output:
Importing /var/opt/ams/shared/common/export/ams/export.tar.gz ...
31.16 ams_install
The ams_install script is used to install, activate, deactivate and uninstall plug-ins for
5520 AMS and the 5529 Enhanced Applications. For more information, see the
5520 AMS Installation and Migration Guide.
When you execute the ams_install script with --golden option, you can install the
required components, deactivate the components that are no longer required, and
activate the required components. As a result, the components mentioned in the
GoldenEMSSwConfig file are activated. Before executing this script, ensure that the
5520 AMS is not running.
When you execute the ams_install script with --cluster option, you can install,
deactivate, and activate the components. By executing the script with [ --golden
<GoldenEMSSwConfig file> ] [--cluster] option on a local host, the install, deactivate,
and activate actions are executed on all servers in the 5520 AMS cluster. Before the
actual execution starts, the following prompt is displayed indicating the list of hosts
that will be altered, and a confirmation message appears.
ams_install will alter the software configuration on following hosts:
This option is not applicable for geo-redundant cluster. Before executing the script
with --golden option, ensure that all the servers are shown in the output of the
ams_cluster status command, for which you have to start the cluster after installing
the 5520 AMS and ensure all the application and database servers has formed the
cluster properly.
A log file named install.log records details about installation, deactivation, and
uninstallation of 5520 AMS and the 5529 Enhanced Applications.
31.17 ams_install_license
The ams_install_license.sh script is used to install licenses for 5520 AMS, the
5529 Enhanced Applications, and NE-specific plug-ins. For more information, see
Procedure 11.
A log file named license.log records details about installing licenses for 5520 AMS.
31.18 ams_createfirstuser
Applies to —
If the above conditions are met, an initial AMS administrator account is created with
default password as 'admin' and the access to the 5520 AMS server is given to the
users for the specified IP addresses. Else, the script will exit and you will receive an
error message. In that case, contact your Nokia technical support for assistance.
The initial admin user account and password are required to download the 5520 AMS
GUI client for the first time. After you download and login to the AMS client, you must
change the initial administrator password for the client.
A log file named security.log records the details about first user creation.
To run the script, log in as root or amssys and type:
ams_createfirstuser.sh [-h|--help] <username> <global address filter> ↵
where:
-h: displays help information.
<username> is the name of the operator account to be created.
<global address filter> is the allowed addresses from which the GUI can connect to
the server in CIDR notation. The value 0.0.0.0/0 allows all connections.
The following is an example of the output:
ams_createfirstuser.sh user 0.0.0.0/0
Creating user...
31.19 ams_link_mgr
The ams_link_mgr script is used when the 5520 AMS has a link management
license. See Chapter 5 for more information about licenses.
The ams_link_mgr script creates links from the 5520 AMS application server. See
Section 19.2 for more information.
The ams_link_mgr script also helps in the deletion of links such as, Splitter, G6-
GPON, Hub-SUBTENDED, ISAM- MDU.
A log file named license.log records details about link management license.
31.20 ams_mediagw_mgr
The ams_mediagw_mgr script creates the 7367 ISAM SX Media Gateway from the
5520 AMS Application server. See Section 19.3 for more information.
A log file named ams_mediagw_mgr.log records the error messages.
31.21 ams_ne_cli
The ams_ne_cli script is used to pass a series of CLI commands to one or more NEs.
For more information, see Section 17.5.
A log file named cutthrough.log records details about CLI commands passed on to
NEs.
To run the script, log in as amssys and type:
ams_ne_cli NEList inputCommandFile outputCommandfile timeout ↵
where:
• NEList is the IP address of the NE, in decimal format, or a file containing a list of
IP addresses. IPV4 and IPv6 IP addresses are supported.
• inputCommandFile is the name of the file where commands will be stored.
• outputCommandfile is the name of the file where responses will be stored.
• timeout is an optional value, entered in seconds. The default is 10.
To connect to an NE or multiple NEs using SSH or telnet type:
ams_ne_cli -protocol ↵
Where the argument -protocol is optional can be any of the following options:
• telnet : Using telnet protocol to connect to the NEs
• ssh : Using ssh protocol to connect to the NEs
• telnetfirst : The first instance uses telnet protocol to connect to the NEs. In case
the connection fails, the system tries to setup an SSH connection.
• sshfirst : The first instance uses ssh to connect to the NEs. In case the connection
fails, the system connects using telnet. This is the default option.
password:password to log in
prompt:prompt from which CLI commands are executed after giving login name
and password.>
!CLI Commands
CLI commands
Comments in the input file should start with an exclamation point (!).
password:ANS#150
prompt:#
!CLI Commands
logout
Connected to 172.22.176.77.
login: isadmin
password:
Welcome to ISAM
===================================================================
manager table
===================================================================
---------------------+-------------------+-------------------------
-------------------------------------------------------------------
manager count : 2
===================================================================
31.22 ams_nebackup
The ams_nebackup script is used to perform a backup of the NE database and NE
data.
You can perform a backup of NE data or of the NE backup database only.
A log file named ams_nebackup.log records the details about NE backup activity.
To run the script, log in as amssys and type:
ams_nebackup.sh options backupfile ↵
where:
• options can be any of the following, if needed:
• -h prints help information
• -c copies only the NE backup database
• backupfile is the path to the backup file that is generated by the script, for
example, /var/tmp/ams_backup_monday.tar.
DB locked.
DB unlocked.
31.23 ams_nerestore
The ams_nerestore script is used to perform a restore of the NE database and NE
data. You can perform a restore of NE data or of the NE backup database only.
A log file named ams_nerestore.log records the details about NE restore activity.
To run the script, log in as amssys and type:
ams_nerestore.sh options backupfile ↵
where:
• options can be any of the following, if needed:
• -h prints help information
• -b restores only the NE backup database
• backupfile is the path to the backup file to restore the data from, for example,
/var/tmp/ams_backup_monday.tar.
31.24 ams_show_ne_balancing
The ams_show_ne_balancing script is used to execute a query in the database and
display the NE name, NE Type/Release, and IP address of an application server that
is registered with the NE for communication.
No log file is generated for this script.
To know the options the ams_show_ne_balancing.sh script supports, log in as
amssys and type:
ams_show_ne_balancing.sh --help ↵
NE Product NE Type
7363 ISAM MX MX
• --netypereleasecount, displays the NE type and release count for each application
server.
The following options are supported only when the Enable NE Balancing Based On
Custom Group check box is selected in the Administration Tree (EMS
Administration→EMS System→Site). For more details on the setting, refer to Table
70.
• --netypereleasecountbycgc displays the NE type and release count for each
application server corresponding to a custom group criterium.
• --necountbycg displays the NE type and release count for each application server
The following are examples of the output for some of the supported options for
ams_show_ne_balancing.sh script with custom group name
“timeZoneNotManaged”.
--necountbycg
+-------------------------------------------+
| 10.1.1.239 |
+-------------------------------------------+
+----------------+------------------+-------+
|FTTN.5.3 |1 |1 |
|FTTN-I.5.1 |6 |6 |
|iSAM.5.3 |8 |8 |
|GENT.5.1.60 |6 |6 |
+----------------+------------------+-------+
+----------------+------------------+-------+
+-------------------------------------------+
| 10.1.1.238 |
+-------------------------------------------+
+----------------+-------------------+------+
|FTTN.5.3 |2 |2 |
|FTTN-I.5.1 |6 |6 |
|iSAM.5.3 |8 |8 |
|GENT.5.1.60 |7 |7 |
+---------------+-------------------+-------+
+---------------+-------------------+-------+
+-------------------------------------------+
| Unsupervised |
+-------------------------------------------+
+----------------+-------------------+------+
|FTTN.5.3 |0 |0 |
|MX.5.3 |2 |2 |
|MX.5.1 |0 |0 |
|iSAM.5.3 |0 |0 |
|GENT.5.1.60 |0 |0 |
|iSAM-I.5.3 |0 |0 |
+----------------+-------------------+------+
+----------------+-------------------+------+
--netypereleasecountbycg
+----------------+----------+----------+------------+------+
+----------------+-----------+-----------+-------------+------+
|FTTN.5.3 |1 |2 |0 |3 |
|iSAM.5.3 |8 |8 |0 |16 |
|GENT.5.1.60 |6 |7 |0 |13 |
+----------------+-----------+-----------+-------------+------+
+----------------+-----------+-----------+-------------+------+
--nebycg
+----------------+----------------+-------------------+
+----------------+----------------+-------------------+
--netypereleasecountbycgc
+----------------+-----------+-----------+-------------+------+
+----------------+-----------+-----------+-------------+------+
|FTTN.5.3 |1 |2 |0 |3 |
|iSAM.5.3 |8 |8 |0 |16 |
|GENT.5.1.60 |6 |7 |0 |13 |
+----------------+-----------+-----------+-------------+------+
+----------------+-----------+-----------+-------------+------+
--netypereleasecount
+----------------+-----------+-----------+-----------+-------------+-------
------+------+
|NE
Type/Release |10.1.1.218 |10.1.1.217 |10.1.1.239 |10.1.1.238 |Unsuper
vised |TOTAL |
+----------------+-----------+-----------+-----------+-------------+-------
------+------+
|GPON.4.10 |1 |0 |0 |0 |0
|1 |
|FTTN.5.3 |1 |1 |0 |1 |2
|5 |
|FX-I.5.3 |1 |0 |0 |0 |0
|1 |
|FTTN-I.5.1 |4 |5 |1 |2 |3
|43 |
|iSAM-I.5.1 |1 |1 |0 |1 |2
|5 |
|iSAM-I.5.3 |5 |5 |1 |2 |0
|3 |
+----------------+-----------+-----------+-----------+-----------+---------
+----------+
+----------------+-----------+-----------+-----------+-----------+---------
+----------+
31.25 ams_remove_data
The ams_remove_data script is used to recover data from a corrupted database. The
script completely reinitializes the database.
A log file named ams_remove_data.log is created.
Before running the script, stop the 5520 AMS server. To run the script, log in as
amssys and type:
ams_remove_data.sh ↵
AMS DB, Shared Data and Local Data has been purged
After running this script, start the 5520 AMS server. The server starts similar to
first-time server startup, and configures the DB.
31.26 ams_ne_mgr
The ams_ne_mgr script is used to read the contents of an input file to create NEs in
the 5520 AMS. The script also helps in modifying the NE attributes which are
supported by the 5520 AMS NBI.
31.27 ams_restore
The ams_restore script is used to restore backed-up 5520 AMS data. For more
information about performing a restore, see Section 21.3.
A log file named ams_restore.log records the details about 5520 AMS restore
activity.
Note — If the backup file is in .gz format, you need to
uncompress the file before executing the ams_restore script.
To run the script, log in to a data server or a combination of data and application
servers as amssys and type:
ams_restore.sh options backup_filename ↵
where:
• backup_filename is the backup file from which you need to restore the data.
• options is any of the following:
• -h: displays help information
• -n: excludes licenses
The following is an example of the output:
Tue Sep 14 15:16:33 2010 **** Starting AMS Restore ****
Examining ams_bu.20100914...
Restoring MYSQL_INNODB_LOGS
Restoring MYSQL_DB_DIR
Restoring MYSQL_DB_DIR_APC
Restoring MYSQL_INNODB_DATA
Restoring AMS_SHAREDDATA_HOME
Restoring AMS_SHAREDDATA_NEBACKUP_DIR
Details in /var/opt/ams/local/ams-trunk-101265/log/ams_restore.log
31.28 ams_retrieve_ip_by_nename
The ams_retrieve-ip_by_nename script is used to retrieve the IP address of an NE
from the NE name. The IP addresses can be IPv4 or IPv6. For more information, see
Section 13.2.
No log file is generated for this script.
To run the script, log in as amssys and type:
ams_retrieve_ip_by_nename.sh NEname ↵
where:
NEname is the name of the NE.
The following is an example of the output:
ipAddress = 172.22.176.77
31.29 ams_retrieve_pap_ne_from_db
The ams_retrieve_pap_ne_from_db is used to retrieve the list of NEs and their PAPs
from the database.
No log file is generated for this script.
To run the script, log in as amssys and type:
ams_retrieve_pap_ne_from_db.sh -o output ↵
where output is the path and name of the file where the output of the script will be
saved. For example, /tmp/output_ne_pap. The amssys user must have write
permission for the output folder.
The following is an example of the output file:
FullFriendlyName NE PAP
31.30 ams_schedule_backup
The ams_schedule_backup script is used to schedule backups of the 5520 AMS
database server and can be used to FTP or SFTP the backup to a remote server.
The script creates a cron job and a configuration file for backing up the 5520 AMS.
For more information, see Scheduling backups.
A log file named run_ams_backup.xxxx.log records the details about 5520 AMS
schedule backup activity.
Note 1 — The 5520 AMS depends on SSH key infrastructure to
configure SFTP as transfer method.
Note 2 — In a server where scheduled backup is configured, if
you change the time zone in the operating system, you must
restart the crontab service so that the scheduled backup can
run exactly with the time that is set in the server. Else, backup
will fail. The following commands are used to restart crontab
service:
• In Red Hat Enterprise Linux 6.7 x86_64 and higher system,
use the below command:
service crond restart
• In Red Hat Enterprise Linux 7.1 x86_64 and higher system,
use the below command:
systemctl restart crond
================================================
5)Update files
6)Exit
Put a space between times if entering more than 1. Default = 21:00: 13:00
BACKUP SETTINGS
================================================
Backup directory:/builds
Backup Options:
================================================
5)Update files
6)Exit
SFTP SERVER #1
Is this correct?[yes|no]yes
In order to use sftp as transfer method the correct SSH key infrastructure
should be configured otherwise transfer will not be possible
================================================
5)Update files
6)Exit
(S)FTP SETTINGS
================================================
Enable FTP: NO
SFTP SERVER #1
USERNAME: root
DIRECTORY: /builds
================================================
5)Update files
6)Exit
31.31 ams_splitter_mgr
The ams_splitter_mgr script is used to create and manage splitter objects under a
PON port in 7360 ISAM FX or 7342 ISAM FTTU.
The script is available in the <AMS_LOCAL_DIR>/bin/ directory. To run the script,
log in as amssys and type:
ams_splitter_mgr \[option] \ [inputfile]
where:
Option Description
-username \[user] The 5520 user name to use to access the 5520 AMS. This user
must have the function 'AMS NBI-Edit" in its role
-keystore \[key] Full path to the keystore file. Default = get value from the
properties file
-keypass \[pass] Password for the keystore file. Default = get value from the
properties file
Option Description
-nbihost \[url] The URL of the NBI client the 5520 AMS needs to connect to
-c To create a splitter
-d To delete a splitter
31.32 ams_sw_backup
The ams_sw_backup script is used to perform a backup of the 5520 AMS software.
A log file named ams_sw_backup.log records the details about backup of the
5520 AMS software.
To run the script, log in as amssys and type:
ams_sw_backup.sh backup-file ↵
where backup-file is the path to the file that will be created by the script. The suffix
‘_<hostname>.bin’ will be appended to the filename.
The following is an example of the output:
==== Starting AMS Software Backup ====
Copy /var/opt/ams/local/ams-9.7-385523/.ams-9.7-385523-redhat-x86_64.bin
Details in /var/opt/ams/local/ams-9.7-385523/traces/log/ams_sw_backup.log
31.33 ams_switch_active_dataserver
The ams_switch_active_dataserver script is used to change the active data server in
a cluster to the standby data server. For more information, see Forcing a data server
switchover
A log file named processmonitor.log or processmonitor.trace records details about
the switchover from active data server to standby data server.
To run the script, log in to the active data server as amssys and type:
ams_switch_active_dataserver option ↵
31.34 ams_switch_authentication_local
The ams_switch_authentication_local script is used to change the 5520 AMS user
authentication from RADIUS or LDAP to the database. You can run this script to
allow you to log in when there is a problem with RADIUS or LDAP authentication. For
more information, see RADIUS authentication.
No log file is generated for this script.
To run the script, log in as amssys and type:
ams_switch_authentication_local ↵
31.35 ams_tracing
The ams_tracing script is used to perform the following actions:
• Configure the EMS tracing level on unknown NEs and non-NE objects.
• Configure the EMS tracing level for an NE.
• Reset the tracing level to the default on all NEs.
• Set any log level in standalone-full-ha.xml for log category.
31.36 ams_uninstall
The ams_uninstall script is used to uninstall the 5520 AMS. For more information,
see the procedure to uninstall the 5520 AMS server in the 5520 AMS Installation and
Migration Guide.
A log file named install.log records details about uninstalling the 5520 AMS.
31.37 ams_update_limit
During multiple client installation on a Red Hat Enterprise Linux operating system as
an amssys, an error can result due to insufficient memory. To prevent this, the
ams_update_limit.conf.sh script is run manually and as a non-root user. The script
adds the following to the /etc/security/limit.conf file:
amssys soft nproc 650000
amssys hard nproc 650000
amssys soft nofile 650000
amssys hard nofile 650000
31.38 ams_user_mgr
The ams_user_mgr script is used to read the contents of an input file to manage
users in the 5520 AMS. For information about this script, see Section 9.4.
A log file named ams_user_mgr.log records details about reading the contents of an
input file to manage users in the 5520 AMS.
31.39 ams_check_ssl
The ams_check_ssl script is used to check the status of the JBoss process and SSL.
No log file is generated for this script.
To run the script, log in as amssys and type:
ams_check_ssl.sh ↵
SSL is disabled.
31.40 convert5526AMSTo5523AWS
The convert5526AMSTo5523AWS script is used during migration from 5526 AMS to
5520 AMS. For more information, see the 5520 AMS Installation and Migration
Guide.
No log file is generated for this script.
31.41 createUsernamePassword
The createUsernamePassword script is used to encrypt the password for a
5520 AMS user and saves the encrypted password to a file. The file can be read by
the ams_user_mgr, ams_ne_mgr, ams_link_mgr, and ams_hub_sub_link_mgr
scripts. If you run the createUsernamePassword script, you do not need to include a
username and password in the input file for the scripts. For more information, see
Procedure 33.
You must be able to log in to the 5520 AMS application server as amssys or as a user
in the amssys group. For information on adding a new user account to the amssys
group, see Section 9.3.
No log file is generated for this script.
To run the script, log in as amssys or as a user in the amssys group and type:
createUsernamePassword ↵
Enter Password:
SUCCESS
31.42 DEMO_IT_infrastructure_integration
The DEMO_IT_infrastructure_integration script is used to configure the IP address
of the data servers and SSH key of the active and standby site of a geographically
redundant installation.
The script monitors the health state of the active site and performs a switchover to
the standby site if the active site is down. For more information, see the chapter
about installing the 5520 AMS at multiple sites in the 5520 AMS Installation and
Migration Guide.
A log file named control_switch_site.log records the details about configuring the IP
address of the data servers.
31.43 ams_disable_ssl
The ams_disable_ssl script is used to disable secure communication over SSL or
TLS, which is the default protocol. For more information, see Section 7.6.
SSL has been disabled. Please restart the server for the change to take
effect.
31.44 ams_enable_ssl
The ams_enable_ssl script is used to enable secure communication over SSL or
TLS, which is the default protocol. You can use SSL or TLS with a default or
customized keystore. For more information, see section 7.3.
where:
• path-to-keystore-file is the path to the keystore file on the server
• keystore password is the customized keystore password
You do not need to specify a keystore file or password if you need to use the default
keystore.
The following is an example of the output:
Checking if JBoss is running
Enable SSL...
Cleanup...
Process complete!
31.45 getAgentlist
The getAgentlist script is used to generate a list of the agents that are supervised by
the 5520 AMS. The agent IP addresses can be IPv4 or IPv6. For more information,
see Section 13.4.
No log file is generated for this script.
where username and password are the username and password of a 5520 AMS user
with the NE List - NBI function. The 5520 AMS user can be an Internal Database or
RADIUS or LDAP user.
Note 1 — If the password contains special characters, escape
the special meaning of the characters by preceding each
special character with the backslash character (\). For example,
if the password is !@#ams$%^user&*, enter
\!\@\#ams\$\%\^user\&\*.
Note 2 — If you are using a cron job to generate an agent list,
execute the getAgentlist script located in the home account of
amssys. For example, /var/opt/ams/users/amssys/bin/. This
directory depends on the values provided during the 5520 AMS
installation.
The output of the script is stored in the file $TEMP_DUMPFILE. The location of the
file is /tmp/netlist-dump_result
The following is an example of the output:
7342-GPON 7342-GPON IACM IACM GPON.4.10 10.1.1.55 V3 161 null null nt With
Authentication and With Privacy gpon123 SHA ******** DES ********
timeZoneNotManaged
7342-GPON 7342-GPON SHUB SHUB GPON-SHUB.4.10 10.1.1.55 V3 161 null null shub
With Authentication and With Privacy gpon123 SHA ******** DES ********
timeZoneNotManaged
7342-GPON 7342-GPON IACM IACM GPON.4.10 10.1.1.32 V2 161 public public null
null null null null null null timeZoneNotManaged
7360-ISAM 7360-ISAM IACM IACM iSAM.6.0 10.1.1.19 V2 161 public public null
null null null null null null timeZoneNotManaged
7360-ISAM 7360-ISAM IHUB IHUB IHUB.6.0 10.1.1.19 V2 161 ihub ihub null null
null null null null null timeZoneNotManaged
7342-GPON 7342-GPON IACM IACM GPON.4.10 10.1.1.117 V2 161 public public null
null null null null null null timeZoneNotManaged
7367-ISAM 7367-ISAM IACM IACM iSAM.6.0 10.1.1.243 V2 161 public public null
null null null null null null timeZoneNotManaged
G6 G6 G6 G6 G6.12.3 10.1.1.98 V2 161 public private null null null null null
null null timeZoneNotManaged
31.46 innotop
The innotop script is used as third-party text-based database and InnoDB monitoring
tool.
No log file is generated for this script.
To run the script, log in as amssys and type:
innotop ↵
31.47 ams_reset_logs
The ams_reset_logs script is used to clear the contents of 5520 AMS log files. For
more information, see Section 27.9.
No log file is generated for this script.
To run the script, log in as amssys and type:
ams_reset_logs.sh ↵
31.48 retrieve_nes
The retrieve_nes script is used to generate a list of the NEs that are supervised by
the 5520 AMS. NEs with IPv4 or IPv6 IP addresses are retrieved. For more
information, see Section 13.4.
No log file is generated for this script.
To run the script, log in as amssys and type:
• To enter a password now, type:
retrieve_nes.sh -f dumpFilename -u username -p [password] [-s filter 1 [-s
filter 2 ]..] ↵
where:
• dumpFilename is the path to the file to which to send the output.
• username and password are the username and password of a 5520 AMS user
with the NE List - NBI function. The 5520 AMS user can be an Internal Database
or RADIUS or LDAP user.
• filter1 and filter2 are the NE models to be filtered. Filters are optional.
To retrieve all NEs of a specified type and release, enter -s NE
type.release.number, for example, iSAM.3.4. To retrieve all NEs of a specified
type, enter -s NE type, for example, iSAM.
7330-ISAM,10.1.1.23,161,ihub,ihub
7360-ISAM,10.1.1.50,161,public,public
7360-ISAM,10.1.1.50,161,ihub,ihub
7363-ISAM,10.1.1.86,161,public,public
7342-GPON,10.1.1.117,161,public,public
7342-GPON-SHUB,10.1.1.117,161,NETMAN,NETMAN
7367-ISAM,10.1.1.235,161,public,public
G6,10.1.1.168,161,public,private
31.49 ams_simplex_to_cluster
The ams_simplex_to_cluster script is used to convert a simplex server to a
single-server cluster. For more information, see the cluster installation chapter in the
5520 AMS Installation and Migration Guide.
No log file is generated for this script.
31.50 switchover_hook
The 5520 AMS runs the switchover_hook script before performing an automated
switchover of a data server. Unmodified, this script returns a value of True. You can
alter this script so that the script performs actions or checks for conditions before
permitting the switchover. If the script returns a value of True, the switchover occurs
normally. If the script returns any other value, the switchover does not occur.
No log file is generated for this script.
The switchover_hook script is in the following location:
$AMS_SOFTWARE_HOME/lib/dataserver/bin/
31.51 ams_log_manager
The ams_log_manager script is used to modify the log level, log type, collect log or
debug files and reset the log or debug files, and enable or disable syslog mode, and
change syslog facility on all the 5520 AMS servers.
A log file named ams_log_manager.log and ams_log_manager.trace records all the
details during the ams_log_manager script execution.
where:
--resetlogs: clears log/debug files
--collect: collect log/debug files
--category: specifies which set of log and debug files to collect, multiple
are allowed
--target: selects on which servers to execute the selected action, comma
separated list of cluster IP addresses
--destination: location where to store the result file (mandatory parameter
along with --collect)
--setlevel: set loglevel
q) Quit
1) ALL
2) DEBUG
3) ERROR
4) INFO
5) TRACE
6) WARN
q) Quit
Progress:
q) Quit
Choice: 2
Are you sure you want to change all log files to Fixed Duration [ no (default)
| yes ] ? y
Result
Note — You need to restart the server for the log configuration
changes to take effect across all the servers.
• Destination URL is the location to store the final output file. The supported
protocol type is FTP, SFTP, HTTP, and a file. You need to use the username and
password set for file server to transfer the output file. For example:
ftp://test:test@<ip_address>, http://user1:123456@<ip_address>/upload/, or
sftp://amssftp:amssftp@<ip_address>/var/opt/ams/users/amssftp/
Note — You can login to the SFTP servers without entering a
password when the two servers are in sync. In order to upload
the collected logs without the password, you need to sync both
DSA and RSA keys in case of Red Hat Enterprise Linux version
6.7 and lower in the RHEL6 stream and Red Hat Enterprise
Linux version 7.2 and lower in the RHEL7 stream, and sync
only the RSA key for other versions of Red Hat Enterprise Linux
during the 5520 AMS installation.
For more details on configuring the DSA and RSA keys, see the
Red Hat Enterprise Linux documentation.
Checking precondition...
Enter the category [ comma separated list of log, debug, os, all (default)
]: all
Progress:
Package - SUCCESS
Upload - SUCCESS
Retained
Note — You can retain the temporary collected trace file. The
trace file is available in $AMS_LOCALDATA_HOME/traces
directory.
Enter the category [ comma separated list of log, debug, all (default) ]: all
Progress:
Progress:
Your change has been recorded successfully. Please restart the server/cluster
to make them effective
Progress:
Progress:
Your change has been recorded successfully. Please restart the server/cluster
to make them effective
31.52 ams_apps_stats_converter
The ams_app_stats_converter.sh script can be used to convert a specified
applicationStatistics file or all applicationStatistics files in a specified path to .csv file
format, for plotting graphs offline, that is, outside the 5520 AMS GUI. This is
important when graphs cannot be plotted using the EMS Performance Monitoring
tool due to performance issues within the AMS server itself. For more information see
Section 30.1.
No log file is generated for this script.
To run the script, log in to the amssys or root and type:
$AMS_SCRIPTS_DIR/ams_app_stats_converter.sh [–-outputdir
<output_directory>] [--filename <absolute path and filename of the
application statistics file> ]↵
Where:
• <output_directory> is the output directory specified by the operator where the .csv
file needs to be generated.
• <absolute path and filename of the application statistics file> is the absolute path
and filename of the applicationStatistics file.
31.53 ams_updatefirewall
The ams_updatefirewall script is used to add, show, or remove port(s) used by 5520
AMS and 5529 Enhanced Applications.
A log file named update_firewall.log is generated when the script is executed and is
stored at $AMS_DEBUG_DIR.
Following ports are to be opened at the firewall to allow correct AMS behavior
----------+------------------------------------+----------+---------
----------+------------------------------------+----------+---------
Do you want to add these ports to the firewall [ no (default) | yes ]? yes
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
31.54 getLicenseCounter
The script getLicenseCounter script is used to provide the data from the license
database and you can retrieve AMS setup details such as IP of database server, and
database password.
A log file named LicenseCounter.log lists the data from license database and it is
stored at $AMS_DEBUG_DIR.
To run the script, log in as amssys, and type:
getLicenseCounter.shoption ↵
Details in
/var/opt/ams/local/ams-9.5.00-291864/traces/log/LicenseCounter.log
+----------------------------------------------+
+--------------------------------------+-------+
+--------------------------------------+-------+
| 2.5gbps.enabled.lt | 1 |
| G.vector mode | 0 |
| green.dsl.l2mode | 0 |
| igmp | 10 |
| impulse.noise.sensor | 0 |
| ip.forwarding | 0 |
| nt.load.sharing | 3 |
| sra.vdsl2 | 0 |
| upbo.policing | 0 |
| vectoring.crosstalk | 0 |
| vectoring.legacy.fext.cancellation | 0 |
+--------------------------------------+-------+
31.55 convert_to_shorter_line
The script convert_to_shorter_line is used to convert the log files to new files with
shorter line length.
No log file is generated for this script.
To run the script, log in as amssys and type:
convert_to_shorter_line.ploption ↵
31.56 ams_reconfigure_host
The script ams_reconfigure_host is used to reconfigure the host server. You can
change some settings in 5520 AMS to VMware before running AMS properly. This
process is known as reconfigure IP.
The script checks that if the it is executed on a VMware.
No log file is generated for this script.
To run the script, log in as amssys and type:
ams_reconfigure_host.sh ↵
Enter the host name that uniquely identifies the server (no space allowed):
redhat-95-145
31.57 ams_support
The ams_support script is used to run commands of a specific domain on all or
specific servers in the cluster.
A log file named ams_support.log stored in $AMS_LOG_DIR and ams_support.trace
stored in $AMS_DEBUG_DIR records all the details during this script execution.
The jstack and jdump output is stored in $AMS_DEBUG_DIR with latest timestamp
information. For example:
/var/opt/ams/local/ams-9.6.00-331216/traces/log/ams_support.log
Note — The system may not respond temporarily while
collecting jstack and jmap on a heavily loaded system. You
need to restart the server for the changes to take effect.
where:
-h: prints help information
--domain: mandatory parameter which can have the following parameter
• app: this domain allows you to execute actions on the application server
• security: allows to execute commands which belong to security domain
--command: a command to execute a specific task
• jstack: collect jstack information on application servers
• jmap: collect jmap information on application servers
• resetadminpwd: reset password for admin user in case of no active admin
sessions
• killadminsessions: kill current sessions of admin user in case of number of active
sessions is greater than maxConcurrentSessions
--target: selects on which servers to execute the selected action, multiple
choices are allowed
• cluster ips: runs the command on specific machine only
• sitename: run the command on specific site only
• all: run the command on both sites
--destination: location where to store the result file
Checking precondition...
WARNING
Progress:
Done
Success
Success
The following is an example of the output to reset the admin user password:
ams_support.sh --domain=security --command=resetadminpwd
Done
Success
31.58 ams_update_database_pwd
The ams_update_database_pwd script is used to change the database password in
simplex, cluster and geo-redundant systems.
A log file named ams_ems_service.log records all the details during the script
execution.
The script prompts to modify the database password for root, admin user, and
replication user (users among the servers in a cluster) accounts.
Ensure the following criteria is met while changing the password:
• new password must not be the same as the current password
• new password must not exceed more than 32 characters and must not contain
spaces
OK
Enter the current database password for root user (no space allowed):
Enter the new database password for root user (no space allowed):
Enter the current database password for amsadminusr user (no space allowed):
Enter the new database password for amsadminusr user (no space allowed):
Enter the current database password for amsreplusr user (no space allowed):
Enter the new database password for amsreplusr user (no space allowed):
***WARNING***
Next step will stop the running AMS system and thus the AMS and all its
related services will not be available.
Is it OK to stop the AMS and update new database password now [ yes | no
(default) ]? yes
host-<ip_address>:
Stopping database
Stopped database
Stopping JBoss
Stopped JBoss
Processing on <server_ip_address>
=======================
Starting database..[ OK ]
host-<ip_address>:
The server is starting up, it may take several minutes before it is fully
operational.
31.59 ams_renew_isam_ssh_info
After migration to ISAM R5.7, the ISAM NEs generates a new SSH key pair and
hence denies any SSH connection when the same host connects with old public key.
The 5520 AMS always accepts the public key by the ISAM NE and it is successful
for the first time but the connection fails when the key pair of the NE is changed. To
avoid connectivity problems, it is recommended to generate the new SSH key on the
ISAM NE, then execute the ams_renew_isam_ssh_info script and perform the ISAM
NE migration to R5.7.
The 5520 AMS will loose SSH connectivity with the NE if the
ams_renew_isam_ssh_info script is not executed before migrating the ISAM NE to
R5.7.
You need to regenerate the SSH keys on the NE using the CLI or through the 5520
AMS GUI before executing the ams_renew_isam_ssh_info script and the PBMT
package, so that the 5520 AMS will have full connectivity during the migration
process.
where:
-h: prints help information
--input: Read the content of filename which should contain one NE IPv4 address
per line
NE ip: IPv4 address of an NE for which the SSH cache should be renewed.
Multiple addresses can be provided
Cleaned output message indicates that the SSH cache is removed from the 5520
AMS server.
Rediscovered output message indicates that a new key is generated for the IP
address which is provided in the input.
Error output message indicates that it encountered a problem while removing the
SSH cache. The script continues to execute with the following error codes displayed
in the output.
• 0: All success
• 1: Input file not found
• 2: Parse failure of the input file
• 3: Renewal for at least one NE failed
• 4: Wrong user
31.60 ams_set_snmp_trap_port
The ams_set_snmp_trap_port script is used to set the UDP port number used by the
5520 AMS for listening to the SNMP traps coming from the NE. You must execute
the script on an application server and it is supported on cluster system.
You need to execute the ams_set_snmp_trap_port script to change the default
SNMP trap port number which is 9001 to custom trap port number.
A log file named update_firewall.log stored in $AMS_DEBUG_DIR or
update_firewall.trace stored in $AMS_DEBUG_DIR records all the details during this
script execution.
Before you proceed, the 5520 AMS and the database must be up and running.
To run the script, log in as amssys and type:
ams_set_snmp_trap_port.sh [-h|--help] [--default|<portnumber>] [--show]
where:
-h: displays help information
--default: Sets the portnumber to be used to AMS default which is 9001
--show: Show the current configured value.
<portnumber> Value between 0 and 32000
Restart the 5520 AMS server after modifying the port number so that the new port
number is applied on all the application servers. If the 5520 AMS is not restarted, the
new port number is applied only on one application server where the script is
executed.
The ams_set_snmp_trap_port script updates the SNMP port number in the database
and the firewall port on the server where you executed the script. After restarting the
5520 AMS in a cluster setup, the ams_updatefirewall script is executed on all the
application servers and the script reads the new SNMP port number from the master
database.
Note 1 — The ams_set_snmp_trap_port.sh script does not
check for any possible port conflicts.
Note 2 — The 5520 AMS does not allow you to enable SNMP
port number 0 or 32000 port in the server. You can enable only
the SNMP port number between 0 and 32000 which is 1 to
31999.
ams_set_snmp_trap_port.sh 9019
AMS system needs to restart to take the new value into account.
For -default option, the port value is set to the default port value which is 9001
ams_set_snmp_trap_port.sh --default
AMS system needs to restart to take the new value into account.
The following table describes the error messages that are displayed in the output
when you execute the ams_set_snmp_trap_port script.
Table 130 Error messages for ams_set_snmp_trap_port script
AMS is not running When you run the script while AMS is not up and
running.
Invalid port number provided When you enter the trap port number as a string
type or if the trap port number is not in the range 0
to 32000.
Failed to update firewall When you run the script while database is not up
settings. Please correct and running.
manually
The secondary server will be contacted only after the maximum number of retries is
reached for the primary RADIUS server. See Table 131 for information on RADIUS
authentication scenarios.
The client sends request message to Authentication is not A major alarm ‘The
the primary RADIUS server. If the successful due to both the RADIUS Server not
primary server does not respond, the RADIUS servers are not responding’ is raised.
client retries based on the value reachable.
configured for parameter “Number of
Retries”.
If there is no response then AMS
sends the request message to the
secondary RADIUS server.
If there is no response from the
secondary server also then the
access to AMS is denied.
The client sends a request message Authentication is not A major alarm ‘The
to the primary RADIUS server with successful due to incorrect RADIUS Server not
incorrect password. password. responding’ is raised.
The RADIUS server returns an
Access-Reject response message.
3 Organize the file system. Go to the home folder and create src, bin, and planet by typing:
cd ~ ↵
4 Download the map data and copy to the planet directory. Perform one of the following steps:
cd ~/bin ↵
svn export
http://svn.openstreetmap.org/applications/utils/export/osm2pgsql/ ↵
cd osm2pgsql ↵
./autogen.sh ↵
./configure ↵
make ↵
checkpoint_segments = 20
autovacuum = off
• To edit kernel parameter shmmax to increase maximum size of shared memory, type the
following commands:
sudo -u postgres -i ↵
exit ↵
...
CREATE FUNCTION
COMMIT
• Substitute your username with "username" in two places in the following line:
The username should be the username that will render maps with maplink. The output of
the command will be:
ALTER TABLE
ALTER TABLE
• Set the Spatial Reference Identifier (SRID) on the new database by typing the following
command:
INSERT 0 1
8 Load planet into the database with osm2pgsql and import, by typing the following commands:
cd ~/bin/osm2pgsql ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost1.42-dev_1.42.0-3ubunt
u1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-system1.42.0_1.42.0-3
ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-filesystem1.42.0_1.42
.0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-filesystem1.42.0_1.42
.0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-regex1.42.0_1.42.0-3u
buntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-regex1.42-dev_1.42.0-
3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-iostreams1.42.0_1.42.
0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-iostreams1.42-dev_1.4
2.0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-thread1.42.0_1.42.0-3
ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-date-time1.42.0_1.42.
0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-serialization1.42.0_1
.42.0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-serialization1.42-dev
_1.42.0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-date-time1.42-dev_1.4
2.0-3ubuntu1_i386.deb ↵
ssudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-thread1.42-dev_1.42.0
-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-program-options1.42.0
_1.42.0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-program-options1.42-d
ev_1.42.0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-python1.42.0_1.42.0-3
ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-python1.42-dev_1.42.0
-3ubuntu1_i386.deb ↵
python scons/scons.py ↵
sudo ldconfig ↵
libboost-python1.42-dev... ↵
• Confirm that the Mapnik library is installed. The output of the command will be:
python
>>>
10 Install Mapnik tools. To check out the source of mapnik rendering, type the following
command:
cd ~/bin ↵
svn co http://svn.openstreetmap.org/applications/rendering/mapnik
mapnik_rendering ↵
Mapnik uses prepared files to generate coastlines and ocean for small scale maps. This is
faster than reading the entire database to render zoom levels from zero to nine.
cd ~/bin/mapnik ↵
mkdir world_boundaries ↵
wget http://tile.openstreetmap.org/world_boundaries-spherical.tgz ↵
wget http://tile.openstreetmap.org/processed_p.tar.bz2 ↵
wget http://tile.openstreetmap.org/shoreline_300.tar.bz2 ↵
wget
http://www.naturalearthdata.com/http//www.naturalearthdata.com/download
/10m/cultural/10m-populated-places.zip ↵
wget
http://www.naturalearthdata.com/http//www.naturalearthdata.com/download
/110m/cultural/110m-admin-0-boundary-lines.zip ↵
12 Render the map to test the result by typing the following command:
cd ~/bin/mapnik_rendering ↵
./generate_image.py ↵
Result: The database is loaded, the tools are installed, and England image is generated.
13 Install Apache server and generate map tile image by performing the following steps:
export MAPNIK_MAP_FILE=~/bin/mapnik_rendering/osm.xml ↵
export MAPNIK_TILE_DIR=/var/www/osm ↵
iii Go to ~/bin/mapnik_rendering.
- minZoom = 1 ↵
maxZoom = 16 ↵
Result: All the map tiles image are generated in /var/www/osm/<zoom level>/<x location>/<y
location>.png, once the generation is complete.
14 Log in to the 5520 AMS GUI and set the Web Map Server setting to the following URL:
url: http://<domain>/osm/${z}/${x}/${y}.png
Note — Reference:
http://wiki.openstreetmap.org/wiki/HowTo_mod_tile
Index
Numerics ams_ne_cli, 576
ams_ne_mgr, 587
5520 AMS ams_nerestore, 579
configure to upload SIP configuration file to ams_remove_data, 586
external FTP server, 367 ams_reset_logs, 600
ams_restore, 587
A ams_retrieve_ip_by_nename, 588
ams_retrieve_pap_ne_from_db, 588
activate SSL changes
ams_schedule_backup, 589
reinstall solaris client, 87
ams_server, 527
add
ams_show_ne_balancing, 579
CA certificate for LDAP, 346
ams_simplex_to_cluster, 602
CPE vendor ID and country code, 439
ams_switch_active_dataserver, 594
customized web link, 424
ams_switch_authentication_local, 594
license key from GUI, 72
ams_tracing, 595
license key from server, 73
ams_uninstall, 595
links using ams_link_mgr_script, 260
ams_user_mgr, 595
user account, 134
convert5526AMSTo5523AWS, 596
alarm
createUsernamePassword, 596
view logs, 499
DEMO_IT_infrastructure_integration, 597
alarms
getAgentlist, 598
configure EMS local alarms, 302
innotop, 600
filter, 301
retrieve_nes, 601
license, 71
switchover_hook, 602
ams server scripts
ams_hub_sub_link_mgr_script
ams_activate, 547
create cluster, 273
ams_audit_agent_alarm, 547
create input file, 272
ams_backup, 548
ams_link_mgr script
ams_check_ssl, 596
add links, 260
ams_cluster, 550
create input file, 254
ams_copy_datafiles, 557
ams_ne_mgr_script
ams_disable_ssl, 597
add NEs, 229
ams_enable_ssl, 598
create input file, 225
ams_export, 565
ams_user_mgr_script
ams_exttl1gw_integration, 567
create input file, 139
ams_geo_configure, 571
manage users, 143
ams_hub_sub_link_mgr, 571
annonymous FTP user
ams_import, 571
create, 364
ams_install, 573
application server
ams_install_license, 574
stop, 446
ams_link_mgr, 575
architecture
ams_nebackup, 578
syslog, 493
input files for server scripts, 136 customized web link, 428
NE plug-in settings, 333 external TL1 gateway server, 209
create operator defaults, 432
anonymous FTP user, 364 schedule, 417
cluster using ams_hub_sub_link_mgr_script, disable
273 LDAP, 346
complex schedule, 413 RADIUS authentication, 344
environmental alarm templates, 315 SSL, 89
external SNTP server, 190 SSL between server and client, 90
external TL1 gateway server, 208 duplicate
hub-subtended clusters, 271 customized web link, 429
input file for ams_hub_sub_link_mgr_script, operator default template, 431
272
input file for ams_link_mgr script, 254 E
links from application server, 254
operator default template, 430 enable
PAP, 157 LDAP, 345
PAP group, 160 RADIUS authentication, 342
simple schedule, 412 SSL, 84
SNMP profile, 290 enable SSL communication
SNMPv3 user, 289 between 5520 AMS server and GUI clients,
85
syslog server, 494
syslog server message, 496 customized keystore, 85
user accounts, 131 export
user roles, 152 External TL1GW, 209
create user account selectively using AMS GUI, 398
internal DB authentication, 131 export data
remote authorization, 131 using AMS GUI, 397
customize external TL1 Gateway
environmental alarm definitions, 316 release and license information, 221
customized keystore statistics, 221
generate, 83 external TL1 gateway
list, 84 add TNM user profile, 218
customized web link change user password, 214
add, 424 clear command templates, 216
delete, 428 configure, 212
duplicate, 429 configure using ETL1 script, 204
modify, 427 connection, 211
list TNM user profiles, 219
D load command templates, 215
login, 213
data server switchover remove TNM user profiles, 219
conditions, 449 send TL1 commands, 216
force, 450 start batch execution, 217
delete start new user session, 212
CPE vendor ID and country code, 440 stop batch execution, 217
SSL unlock
disable, 89 user, 146
enable, 84 unschedule
overview, 82 task, 416
stop update
application server, 446 license key, 75
subscriber search attributes time zone information in NE, 192
configure, 194 use
create, 197 application server, 445
delete, 200, , 201 data server, 449
edit, 198 user
manage, 196 lock, 145
move an attribute, 199 unlock, 146
overview, 194 user account
switch add, 134
from customized to default keystore, 89 parameters, 126
from default to customized keystore, 88 user accounts
syslog changes, 105
architecture, 493 manage, 137
overview, 492 overview, 104
syslog rotation settings user role
configure, 497 create, 152
syslog server user session
create, 494 close, 165
manage, 494 overview, 164
syslog server message
create, 496 V
syslog system parameters
view, 494 view
alarm logs, 499
T backup or restore status, 241
data server settings, 354
task license key, 74, , 76
unschedule, 416 list of schedules, 414
time zone operator default template, 430
change information for NE, 192 security log, 498
configure, 329 security log files, 498
modify, 191 syslog system parameters, 494
overview, 191 user functions, 152
To configure a TL1/CLI protocol selection user session information, 164
strategy for a reachability test, 296 user statistics, 148
version and plug-in details, 353
U
unevacuate
NEs using GUI, 448
Customer documentation
Customer Documentation Welcome Page
Technical Support
Product Support Portal
Documentation feedback
Customer Documentation Feedback
© 2020 Nokia.
3JL-01001-BWAB-PCZZA