Professional Documents
Culture Documents
Administrator Guide
3JL-01001-BZAB-PCZZA
Issue: 03
June 2021
Table of contents
1 Preface...........................................................................................28
1.1 Documentation ..........................................................................................28
1.2 Conventions used in this guide..................................................................28
1.2.1 Important information.................................................................................29
1.2.2 Navigation steps ........................................................................................30
1.2.3 Procedures with options or substeps.........................................................30
1.3 Multiple PDF file search.............................................................................31
1.4 Contact information ...................................................................................32
Getting started
2 What’s new ....................................................................................36
2.1 What’s new in Release 9.7.07 ...................................................................36
2.2 What’s new in Release 9.7.03 ...................................................................38
2.3 What’s new in Release 9.7 ........................................................................40
2.4 What’s new in Release 9.6.07 ...................................................................41
3 Overviews......................................................................................44
3.1 Guide overview..........................................................................................44
3.2 Administrative functions overview .............................................................44
3.2.1 Core software management ......................................................................44
3.2.2 Configuration management .......................................................................45
3.2.3 User management .....................................................................................45
3.2.4 Fault management.....................................................................................45
3.2.5 Environment variables ...............................................................................45
3.3 5529 Enhanced Applications .....................................................................46
3.4 Technical support ......................................................................................47
4 Logging in to the 5520 AMS.........................................................48
4.1 Logging in to the 5520 AMS client as an administrator .............................48
4.1.1 Logging in as an administrator ..................................................................48
4.1.2 If a login fails..............................................................................................50
4.1.3 Synchronizing server and client time.........................................................51
4.2 Logging in to the 5520 AMS server as an amssys user ............................52
4.3 Configuring user login from trusted hosts..................................................52
4.4 Restricting server selection in the Login window.......................................53
5 Managing licenses........................................................................56
5.1 Licensing overview ....................................................................................56
5.1.1 Licensing in a cluster .................................................................................58
5.1.2 Subscriber licenses ...................................................................................58
5.1.3 Operator licenses ......................................................................................58
5.1.4 License alarms ..........................................................................................59
5.2 Adding license keys...................................................................................59
5.2.1 License installation error scenarios ...........................................................61
5.3 Viewing license keys .................................................................................62
5.4 Updating license keys................................................................................62
5.5 Managing LT licenses................................................................................63
Index ......................................................................................................634
List of figures
20 Managing administration settings ............................................270
Figure 1 Acceptable alarm event rates and overload protection mechanisms
implemented by the 5520 AMS ...............................................................293
30 EMS performance monitoring ...................................................512
Figure 2 Components of the EMS Performance Monitoring graph........................513
Figure 3 Average number of backups submitted ...................................................515
List of tables
1 Preface...........................................................................................28
Table 1 Documentation conventions ......................................................................29
2 What’s new ....................................................................................36
Table 2 What’s new in Release 9.7.07 ...................................................................36
Table 3 What’s new in Release 9.7.03 ...................................................................38
Table 4 What’s new in Release 9.7 ........................................................................40
Table 5 What’s new in Release 9.6.07 ..................................................................42
3 Overviews......................................................................................44
Table 6 Environment variables ...............................................................................45
4 Logging in to the 5520 AMS.........................................................48
Table 7 Error messages at login failure..................................................................50
5 Managing licenses........................................................................56
Table 8 5520 AMS license information...................................................................57
Table 9 License installation from the 5520 AMS server .........................................61
Table 10 License installation error scenarios ...........................................................61
6 Using the 5520 AMS securely......................................................68
Table 11 Options for configuring the 5520 AMS for secure operation......................68
7 Managing SSL ...............................................................................70
Table 12 Secure ports for SSL configuration............................................................79
9 User accounts ...............................................................................92
Table 13 Default roles ..............................................................................................94
Table 14 5520 AMS function descriptions ................................................................95
Table 15 User settings parameters ........................................................................111
Table 16 User account parameters ........................................................................114
Table 17 5520 AMS server scripts executed by users in the amssys group ..........123
Table 18 User configuration options for the ams_user_mgr script .........................126
Table 19 Add or modify user input file parameters.................................................127
Table 20 Delete user, suspend user, resume user, list user and expire
password input file parameters................................................................129
Table 21 Reset password input file parameters .....................................................130
Table 22 Options for the ams_user_mgr script ......................................................131
13 Managing NE communication and information .......................166
Table 23 NAT between the 5520 AMS server and the NEs ...................................174
15 Managing subscriber search attributes....................................182
Table 24 Define format for a subscriber attribute parameters ................................184
Table 25 Edit a subscriber search attribute category parameters ..........................187
16 Managing External TL1 Gateways.............................................190
Table 26 Set up the External TL1 Gateway for use in a cluster .............................192
Table 27 Access privileges.....................................................................................195
List of procedures
1 Preface...........................................................................................28
Procedure 1 Example of NE navigation convention.......................................................30
Procedure 2 Example of options in a procedure ............................................................30
Procedure 3 Example of substeps in a procedure .........................................................31
Procedure 4 To search multiple PDF files for a term .....................................................31
3 Overviews......................................................................................44
Procedure 5 To find contact information for technical assistance..................................47
4 Logging in to the 5520 AMS.........................................................48
Procedure 6 To log in to the 5520 AMS client as an administrator ................................49
Procedure 7 To synchronize server and client time .......................................................51
Procedure 8 To log in to a 5520 AMS server as amssys ..............................................52
Procedure 9 To restrict login server selection in Windows or Red Hat Enterprise
Linux ..........................................................................................................53
5 Managing licenses........................................................................56
Procedure 10 To add a license key from the 5520 AMS GUI ..........................................60
Procedure 11 To add a license key from the 5520 AMS server.......................................61
Procedure 12 To view license keys..................................................................................62
Procedure 13 To update a license key.............................................................................63
Procedure 14 To add or remove LT licenses ...................................................................64
Procedure 15 To view license usage ...............................................................................64
Procedure 16 To view license features ............................................................................65
7 Managing SSL ...............................................................................70
Procedure 17 To generate a customized keystore ..........................................................72
Procedure 18 To list the customized keystore .................................................................72
Procedure 19 To enable SSL between the 5520 AMS server and 5520 AMS GUI
client ..........................................................................................................73
Procedure 20 To enable SSL communication with a customized keystore .....................73
Procedure 21 To confirm the status of SSL .....................................................................75
Procedure 22 To reinstall the Windows or Red Hat Enterprise Linux client to
activate SSL changes................................................................................75
Procedure 23 To switch from the default to a customized keystore.................................76
Procedure 24 To switch from a customized to the default keystore.................................77
Procedure 25 To disable SSL between the 5520 AMS server and the 5520 AMS
GUI client...................................................................................................78
Procedure 26 To install a self-signed certification............................................................80
Procedure 27 To generate a certificate signed by CA .....................................................82
8 Managing HTTPS ..........................................................................86
Procedure 28 To replace the default HTTPS certificate...................................................87
Procedure 29 To enable the HTTP communication .........................................................87
9 User accounts ...............................................................................92
Procedure 30 To create a user account.........................................................................121
Procedure 31 To add a new user account to the amssys group....................................123
Procedure 32 To copy the existing input files for the 5520 AMS server scripts .............125
Procedure 33 To create an input file for the ams_user_mgr script ................................127
Procedure 34 To run the password encryption script.....................................................130
Procedure 35 To manage users using the ams_user_mgr script ..................................131
Procedure 36 To lock a user from the 5520 AMS GUI...................................................133
Procedure 37 To unlock a user ......................................................................................134
Procedure 38 To lock all users with a specific role ........................................................135
Procedure 39 To unlock all users with a specific role ....................................................135
Procedure 40 To grant one-time authorization...............................................................136
Procedure 41 To view user statistics .............................................................................137
Procedure 42 To define global password and username rules......................................137
Procedure 43 To change a user password in the 5520 AMS GUI .................................138
Procedure 44 To change the password of a default user on the 5520 AMS
application server ....................................................................................139
Procedure 45 To configure a password dictionary.........................................................139
Procedure 46 To view user functions.............................................................................140
Procedure 47 To create user roles.................................................................................141
Procedure 48 To assign a user to a user role in the 5520 AMS GUI .............................142
Procedure 49 To configure the superuser role...............................................................143
10 PAPs ............................................................................................144
Procedure 50 To create a PAP ......................................................................................146
Procedure 51 To change the PAP associated with an NE or NE group ........................148
Procedure 52 To create a PAP group ............................................................................149
11 User sessions .............................................................................152
Procedure 53 To view user session information ............................................................153
Procedure 54 To close an active user session ..............................................................153
Procedure 55 To configure the inactivity logout timeout ................................................154
Procedure 56 To configure the global inactivity logout timeout value ............................155
Procedure 57 To configure the inactivity lock screen timeout........................................155
Procedure 58 To configure the global inactivity lock screen timeout value....................156
Procedure 59 To configure the global timeout value to lock a dormant account ...........157
Procedure 60 To configure the global timeout value to delete a dormant account ........157
Procedure 61 To configure the dormant account lock timeout for a user ......................158
Procedure 62 To configure the dormant user deletion timeout ......................................158
Procedure 63 To configure the maximum concurrent user sessions .............................159
Procedure 64 To configure the maximum number of users displayed in
Administration Tree .................................................................................160
Procedure 65 To search for a user from the Administration Tree ..................................160
13 Managing NE communication and information .......................166
Procedure 66 To retrieve the IP address of an NE by the NE name .............................167
Procedure 67 To configure automatic supervision of newly created NEs......................167
Procedure 68 To generate an NE list.............................................................................170
Procedure 69 To generate an NE list using a cron job ..................................................170
Procedure 70 To generate an agent list.........................................................................172
Procedure 71 To generate an agent list using a cron job ..............................................172
Procedure 72 To configure DCN settings ......................................................................174
Procedure 110 To create an input file for ams_ne_mgr script with option -
modifyNE .................................................................................................219
Procedure 111 To create an input file for the ams_splitter_mgr .....................................220
Procedure 112 To configure NEs using the ams_ne_cli script ........................................222
18 Backing up and restoring NE software.....................................224
Procedure 113 To back up the NE...................................................................................225
Procedure 114 To restore an NE .....................................................................................227
Procedure 115 To view the backup or restore status.......................................................229
Procedure 116 To view and filter NE backup files ...........................................................231
Procedure 117 To copy NE backup files..........................................................................232
Procedure 118 To align the 5520 AMS database with stored NE backups .....................232
Procedure 119 To delete NE backup files........................................................................233
Procedure 120 To check NE backup consistency............................................................234
Procedure 121 To install vprocmon.bin file in an external server ....................................236
Procedure 122 To create multiple NEs backup consistency............................................237
Procedure 123 To synchronize the NE tools....................................................................238
Procedure 124 To initiate an NE backup or restore when the 5520 AMS is used as
a craft terminal.........................................................................................239
19 Managing links between NEs ....................................................242
Procedure 125 To configure link management settings...................................................242
Procedure 126 To create an input file for the ams_link_mgr script..................................244
Procedure 127 To add links using the ams_link_mgr script.............................................251
Procedure 128 Align the G6-GPON links in the 5520 AMS .............................................253
Procedure 129 Audit the provisioned link in the 5520 AMS .............................................254
Procedure 130 To create an input file for the ams_mediagw_mgr script.........................256
Procedure 131 To create a Media Gateway using ams_mediagw_mgr script.................262
Procedure 132 To create an input file for the ams_hub_sub_link_mgr script ..................264
Procedure 133 To create a cluster using the ams_hub_sub_link_mgr script ..................266
20 Managing administration settings ............................................270
Procedure 134 To modify GUI settings ............................................................................273
Procedure 135 To configure SNMP connections .............................................................276
Procedure 136 To configure NE detection settings..........................................................276
Procedure 137 To configure SNMP traps ........................................................................277
Procedure 138 To configure SNMP retries ......................................................................278
Procedure 139 To create an SNMPv3 user on the 5520 AMS ........................................281
Procedure 140 To create an SNMP profile ......................................................................282
Procedure 141 To configure SSH settings.......................................................................284
Procedure 142 To refresh SSH server public keys in the SSH known_hosts file for
all NEs .....................................................................................................284
Procedure 143 To configure file transfer protocol settings...............................................286
Procedure 144 To perform a file transfer test ..................................................................286
Procedure 145 To configure a TL1/CLI protocol selection strategy for a reachability
test...........................................................................................................288
Procedure 146 To configure TFTP server settings ..........................................................288
Procedure 147 To configure TFTP client settings............................................................290
Procedure 148 To clear the ‘Service Unstable’ alarm......................................................292
Procedure 149 To configure EMS local alarms................................................................294
Procedure 150 To configure alarm storage......................................................................296
Procedure 151 To configure the delay before an alarm is deleted from the
Historical Alarm view ...............................................................................301
Procedure 152 To configure NE Alarm Processing Settings ...........................................303
Procedure 153 To configure the suppression of toggling alarms.....................................308
Procedure 154 To create environmental alarm templates ...............................................309
Procedure 155 To customize environmental alarm definitions ........................................310
Procedure 156 To configure PM settings.........................................................................311
Procedure 157 To configure cut through settings ............................................................312
Procedure 158 To configure NE backup settings.............................................................313
Procedure 159 To configure an external server location for NE backup..........................314
Procedure 160 To configure splitter management settings..............................................316
Procedure 161 To configure Action Manager settings .....................................................317
Procedure 162 To configure subscriber search settings..................................................317
Procedure 163 To configure supervision settings ............................................................318
Procedure 164 To configure EMS tracing settings...........................................................322
Procedure 165 To configure the EMS Detailed Tracing for an NE ..................................323
Procedure 166 To reset the tracing level to the default on all NEs ..................................323
Procedure 167 To configure time zone settings...............................................................325
Procedure 168 To configure NE plug-in settings .............................................................326
Procedure 169 To copy NE plug-in settings.....................................................................329
Procedure 170 To configure template settings ................................................................330
Procedure 171 To configure the license alarm threshold.................................................331
Procedure 172 To configure the daily license collection start time ..................................331
Procedure 173 To configure site settings.........................................................................332
Procedure 174 To enable RADIUS authentication...........................................................338
Procedure 175 To revert to database authentication .......................................................338
Procedure 176 To disable RADIUS authentication ..........................................................340
Procedure 177 LDAP authentication based on MD5 algorithm........................................340
Procedure 178 To enable LDAP or LDAPS authentication..............................................341
Procedure 179 To disable LDAP authentication ..............................................................342
Procedure 180 To add a CA certificate for LDAPS ..........................................................342
Procedure 181 To configure application server settings ..................................................347
Procedure 182 To view 5520 AMS version and plug-in details........................................349
Procedure 183 To view data server settings....................................................................350
Procedure 184 To configure SNTP settings.....................................................................351
Procedure 185 To configure inventory basic settings ......................................................353
Procedure 186 To configure the proxy settings in the 5520 AMS Red Hat
Enterprise clients to access the Internet..................................................356
Procedure 187 To configure the SIP file transfer protocols using the 5520 AMS
GUI ..........................................................................................................357
Procedure 188 To configure an FTP server for SIP.........................................................359
Procedure 189 To create an anonymous FTP user .........................................................360
Procedure 190 To configure the 5520 AMS to upload the SIP configuration file to an
external FTP server .................................................................................363
Procedure 191 To configure AMS settings for NBI using 5520 AMS GUI .......................364
Procedure 192 To configure 5530 NA-F settings.............................................................366
Procedure 193 To configure HDM NBI settings ...............................................................368
Procedure 194 To configure zero touch provisioning settings .........................................369
21 Managing data.............................................................................374
Procedure 195 To back up the 5520 AMS database .......................................................377
Procedure 196 To back up the 5520 AMS database in a geo-redundant cluster ............378
Procedure 197 To back up the NE backup database ......................................................379
Procedure 198 To modify the default options for the ams_schedule_backup script........382
Procedure 199 To schedule backups of the 5520 AMS database ...................................382
Procedure 200 To restore the 5520 AMS database on the same standalone server ......384
Procedure 201 To restore the 5520 AMS database on the same cluster ........................384
Procedure 202 To restore the 5520 AMS database on the same geo-redundant
cluster ......................................................................................................385
Procedure 203 To restore the 5520 AMS database on the same geo-redundant
simplex ....................................................................................................386
Procedure 204 To restore the NE backup database........................................................387
Procedure 205 To restore the 5520 AMS database on a new standalone server ...........388
Procedure 206 To restore the 5520 AMS database on a new cluster .............................389
Procedure 207 To restore the 5520 AMS database on a new geo-redundant
cluster ......................................................................................................390
Procedure 208 To restore the 5520 AMS database on a new geo-redundant
simplex ....................................................................................................391
Procedure 209 To back up the 5520 AMS software ........................................................393
Procedure 210 To restore the 5520 AMS software..........................................................394
Procedure 211 To export data using the 5520 AMS GUI.................................................395
Procedure 212 To selectively export records using the 5520 AMS GUI ..........................396
Procedure 213 To import data using the 5520 AMS GUI.................................................401
Procedure 214 To configure the field separator in the 5520 AMS GUI............................403
Procedure 215 To perform a forced inventory data collection .........................................404
Procedure 216 To split a backup file................................................................................405
Procedure 217 To concatenate a split backup file ...........................................................405
22 Managing schedules ..................................................................408
Procedure 218 To create a simple schedule....................................................................410
Procedure 219 To create a complex schedule.................................................................411
Procedure 220 To modify a schedule ..............................................................................413
Procedure 221 To modify a task ......................................................................................413
Procedure 222 To unschedule a task ..............................................................................414
Procedure 223 To delete a schedule ...............................................................................415
Procedure 224 To schedule an NE database backup from the perspective bar..............416
Procedure 225 To schedule an NE database backup from the Network Tree.................417
23 Managing customized web links and operator defaults .........420
Procedure 226 To add a customized web link .................................................................422
Procedure 227 To modify a customized web link.............................................................425
Procedure 228 To delete a customized web link .............................................................426
Procedure 229 To duplicate a customized web link.........................................................427
Procedure 230 To create an operator default template ...................................................428
Procedure 231 To view operator default templates .........................................................428
Procedure 232 To duplicate operator default templates ..................................................429
Procedure 233 To modify operator default templates ......................................................430
Procedure 234 To delete operator defaults......................................................................430
1 Preface
The 5520 AMS provides fault, configuration, and performance management of the
underlying access networks, using a GUI and hierarchical tree navigation. The
5520 AMS also supports network productivity features such as equipment profile
management, NE backup and restore, and NE software management.
1.1 Documentation
The 5520 AMS Release Notice describes changes or enhancements made to the
software and its features, as well as information about delivery, compatibility, and
customer documentation.
The 5520 AMS Solution Planning Guide describes how to plan the purchase and
configuration of hardware and software to support the deployment of the 5520 AMS.
The 5520 AMS Server Configuration Technical Guidelines describes how to prepare
hardware for installation of the 5520 AMS, including information about installing the
server, setting up a cluster and configuring a network.
The 5520 AMS Installation and Migration Guide describes how to install, optimize,
and uninstall the 5520 AMS server, client, and plug-in components, as well as how
to migrate data to the 5520 AMS from other EMSs.
The 5520 AMS Administrator Guide describes administrative functions, including
management of server-client communication, users, NE communication, schedules,
links, and codes.
The 5520 AMS User Guide describes user functions, including monitoring, fault, and
alarm management and performing tasks that are common to the NEs.
The 5520 AMS Northbound Interface Guide describes functions supported by the
5520 AMS NBI.
The 5520 AMS Glossary provides descriptions of 5520 AMS-related terms and
acronyms.
The 5520 AMS and 5529 Enhanced Applications Alarm Search Tool provides
information about the 5529 Enhanced Application Alarms.
The 5520 AMS and 5529 Enhanced Applications Privacy Considerations provides
information on the product features that impact privacy and the measures taken to
protect such data.
1 This step offers two options. You must perform one of the following:
1 This step has a series of substeps that you must perform to complete the step. You must
perform the following substeps:
7 Click Search.
Result: Adobe Reader displays the search results. Click the + symbol to expand the entries
for each file.
Getting started
2 What’s new
3 Overviews
5 Managing licenses
2 What’s new
2.1 What’s new in Release 9.7.07
New features/enhancements
External TL1 gateway manager Added a procedure to copy a list of NEs in the external Procedure 106
TL1 gateway manager.
AMS settings for NBI Added a behavior description for NE group creation Table 81
parameter.
nbi.log file updates Added information about the 5520 AMS GUI requests Section 27.1
that are logged in the user activity log.
Added the following new log file keywords: URI, Number Table 101
of bytes sent to the client, Referrer, User-agent, Name
of the virtual server servicing the request, Contents of
any supplied cookies, Duration of the request, and
Result of the operation.
Report Alarm Only if Older Than parameter Added a new parameter ‘Report Alarm Only if Older Table 56
Than’ and added configuration description for the same.
Cut through settings Added information about the new parameter, “Global Table 59
CLI/TL1 Credentials.”
One-Time Authorization feature Added two new functions to grant authorization to Table 14
perform service-impacting operations.
(1 of 3)
Toggling alarms Updated information about the changes to the toggling Section 20.14
threshold when the toggling alarm aggregation period is Table 55 and
changed. Table 56
External server for NE backup Added a procedure to configure an external server for Section 18.1 and
NE backup. Procedure 159
IPv6 support Added information about IPv4 and IPv6 support. Sections 16.1,
18.6, 31.6 and
31.18
Tables 15, 16, 19,
68, 71 and 82
Procedures 82
and 122
Improved encryption standard used in 5520 Added a section for ams_recreate_aes_keys script Section 31.62
AMS information.
RHEL 8 support Added RHEL 8 version to the supported RHEL versions. Sections31.30
Procedure 189
Documentation changes
Archiving Strategy Added information about the alarm archive file. Procedure 150
Initial admin user account created by Removed the reference to ‘default’ admin user account Section 31.18
ams_createfirstuser script that is required to download the AMS client and updated
it as the ‘initial’ admin user account created by the script
ams_cluster status script Updated the example for ams_cluster status and added Sub-sections
information about “ams_cluster status --detailed” 31.7.6.1and
31.7.6
SSH communication with NE Updated that the SSH communication is applicable only Section 20.4
through SNMPv3.
Global setting for LDAP/RADIUS Server Added information about the Global settings being Sub-section
applied when the default value is not configured. 20.35.5
Backing up the 5520 AMS database Added a note about the server status and database Section 21.2
process status when the 5520 AMS backup is running
on the data server.
(2 of 3)
Backing up the 5520 AMS database in Modified the data server type in step 1 from “5520 AMS Procedure 196
geo-redundant cluster data server” to “Standby data server”.
SNMP trap settings Removed the “Port” parameter from SNMP trap Table 48
parameters.
Backup check server Added a note that in a geo-redundant setup, one backup Procedure 122
check server must exist per site.
Log files Updated the ‘Default maximum file size’ and ‘Default Tables 100 and
maximum number of archives’ values for the following 101
log files in ‘System log files’ and ‘Traces and debug files’
tables.
• security.log
• ams_ems_service.log
• nbi.log
vsftpd.conf file Updated the command details for editing vsftpd.conf file Procedure 189
on RHEL 6.10, RHEL 7.x and RHEL 8.x
Licensing for XGS PON and NG-PON2 Added information about the XGS PON and NG-PON2 Section 5.1.2
subscriber licenses.
SNMP Retries Parameter Added information about the parameter “Use the same Table 49
retry mechanism in case of “No Access” response to
SET requests”.
ams_sw_backup script Replaced required user access from ‘amssys’ to ‘root’. Procedure 209
Section 31.32
ams_log_manager Updated the output example of Modify Log Type (Fixed Section 31.51
Size/Fixed Duration).
amsapp and amsdb user accounts Added information about the amsapp and amsdb user Section 6.1
accounts.
(3 of 3)
New features/enhancements
NE Communication Degraded alarms Added a parameter for minimum number of SNMP Table 49
requests per hour before raising a communication
degraded alarm
(1 of 3)
Updated the default value and description for Use Tables 16 and 19
Global Address Filter and Address filter parameters
IP DSLAM Subscribers counter Added information about ‘IP DSLAM Data Subscribers’ Table 8
and ‘IP DSLAM Voice Subscribers’ counters
Clicking the background in the Graphical Added a parameter ‘Clicking the background in the Table 45
View Graphical View’ under GUI settings
Manage Users Based on PAP Added a parameter to configure the 5520 AMS to restrict Table 15
the users based on PAP
Resource Management Universal ID Added information about Resource Management Procedure 109
Universal ID which is created automatically by the 5520
AMS during the NE creation
Manual backup supports external server Added information about the additional support by Sections 31.5 and
ams_backup script for backing up files into a remote 21.2
server. Procedures 195
and 196
ams_log_manager script Added an option to enable or disable syslog mode and Section 31.51
added amssys.log details. Table 101
Added securing logs for configuring the 5520 AMS for Table 11
secure operation.
ams_updatefirewall script Removed --enableigmp and --disableigmp options from Section 31.53
the script and the information related to IGMP snooping
Subscriber attributes Added an attribute category for subscriber attributes. Section 15.3
Custom Fields Added functions for Subscriber Search Attribute Custom Table 14
Field view and Edit
Documentation changes
PKCS12 keystore Updated the note to use PKCS12 keystore Section 7.2
Added information about creating the default admin user Section 9.1
after installing the 5520 AMS
SNMP password encryption Added two new parameters ‘Re-Type Read Community’ Table 51
and ‘Re-Type Write Community’ in the Create SNMP Section 31.45
Profile parameters table and updated the example
output of the getAgentlist script.
AMS log manager Added information about configuring the Fixed Duration Section 31.51
logs and the default value.
AMS export script Added the information that the ams_export script Section 31.11
overwrites any existing file.
(2 of 3)
Added a section for backup and restore log files. Section 27.15
Moved the Syslogs chapter from 5520 AMS User Guide. Chapter 28
Moved the content related to viewing alarm logs from Section 28.6
5520 AMS User Guide.
Timeout parameter in SNMP Retries settings Modified the description of the parameter Timeout Tables 49 and 64
and Supervision settings Before 1st Retransmission.
SNMPv3 SHA2 Authorization Protocol Added a note about SNMPv3 SHA2 encryption. Procedure 139
User Settings and User Account parameters Updated the parameter names as in the AMS GUI for Tables 15 and 16
User Settings and User Account parameters.
(3 of 3)
New features/enhancements
ams_updatefirewall script Added --enableigmp and --disableigmp options to the Section 31.53
script, and added information related to IGMP snooping
GoldenEMSSwConfig file Updated the procedure to include Golden SW Label Procedure 182
details.
(1 of 2)
Web links in the Tools menu Added information about customized web links in the Sections 23.1 and
Tools menu. 23.2
Increase number of PAPs supported Updated the number of PAPs from 50 to 1000. Section 10.2
Timestamp for Alarm template on AMS Added information about the start time of the toggling Section 20.14
alarm.
Radius or LDAP server Added information about Role attribute in the Radius or Tables 70, 71 and
LDAP authentication and authorization. Sub-section
20.35.5
Log4j configuration file name Updated the log4j configuration file name from Table 14 and
‘log4j.properties’ to ‘log4j2.properties’. Section 27.12.
SHA2 algorithms for SNMPv3 authentication Added information about the SHA2 algorithms for Table 50,
SNMPv3 authentication. Sub-section
20.35.2 and
Procedure177
ams_cluster status command Updated the output for “ams_cluster status” command Sections 31.7.4.1
for Simplex and Cluster setups. and 31.7.6.1
Job Manager tuning Added information on Job manager tuning. Table 73
ISAM Software Load Validation Updated User Role Software Mgmt- Edit. Table 14
Documentation changes
SSL Overview Updated SSL Overview. Added details of One-way Section 7.1
authentication between AMS Server and client.
Configuring Proxy Settings Added note that SOCKS proxy is not supported. Section 20.40
SSL behavior Updated information about SSL enabled in data server Section 7.2 and
also. Procedure 20
(2 of 2)
New features/enhancements
Zero touch provisioning Updated the note on supported NEs for R6.0.01 Section 20.46
SSH public key of the NE Added a new section for configuring SSH public key of Section 20.4
the NE.
IPv6 Support Added IPv6 address format support for procedures and Sections 13.5,
sections related to NE communication. 18.4, 31.6, 31.21,
31.24, 31.28,
31.45, and 31.48.
Procedures 66, 72,
112, and 187.
Tables 28, 47, and
76.
Radius or LDAP Updated the login behavior for Radius or LDAP Table 70
authorization option.
ONT-View TR-069 configuration Added a new function, ONT-View TR-069 Configuration Table 14
Download of AMS client with authentication Included information about the AMS client download Tables 14 and 100
with valid user credentials.
Audit configuration files Added the Configuration File Changes Detection Period Table 68
setting in Administration settings.
Added a new section for auditing configuration files. Section 27.14
Unacknowledged alarms Added information about collecting details for Table 114
unacknowledged alarms.
Privacy Considerations Included the 5520 AMS and 5529 Enhanced Section 1.1
Applications Privacy Considerations document to the
related documentation section.
ams_cluster script Updated the ams_cluster start with the new sub-option Section 31.7
appservers.
nbi.log file updates Added information about the nbi.log file, including the Table 101
following new log file keywords: SourceIP and
X-Forwarded-For
Documentation changes
(1 of 2)
getAgentlist script Updated information about output of the getAgentlist Section 31.45
script.
ams_geo_configure script Added a note about the automatic modification of Section 31.13
firewall settings when executing the script.
Create an anonymous FTP user Included example for command arguments with Procedure 189
absolute path to shared data directory.
Included command to restart system and start vsftpd
service on RHEL 7.x.
getAgentlist.sh and retrieve_nes.sh scripts Updated the script examples to include password as an Sections 13.4,
option for getAgentlist.sh and retrieve_nes.sh scripts. 13.5, 13.6, 31.45
and 31.48
NE List - NBI function Updated the procedures to include “NE List - NBI Procedures 68, 69,
function”. 70 and 71
ams_user_mgr script Updated the example of an input file entry for adding a Procedure 33
user when executing the ams_user_mgr script.
(2 of 2)
3 Overviews
3.1 Guide overview
To perform the procedures in this guide, you must be familiar with the 5520 AMS GUI
and be able to open and navigate between perspectives and views. Unless otherwise
stated, all procedures in this guide require you to log in to the 5520 AMS client as an
administrator, or to log in to the 5520 AMS server as amssys. See Section 4.1 for
details about logging in to the 5520 AMS client as an administrator.
$AMS_EXTERNAL_LOCALDATA_HOME The directory where data is stored that is external to the 5520 AMS
software and that is local to one server. An example is
/var/opt/ams/local/common.
$AMS_LOCAL_DATA_DIR The directory where local data is stored. By default, this is /var/opt.
$AMS_LOCALDATA_HOME The subdirectory where data files that are separate from the database are
stored. An example is /var/opt/ams/local/ams-9.6.03-999000.
(1 of 2)
$AMS_SHARED_DATA_DIR The directory where shared data is stored. By default, this is /var/opt.
$AMS_SOFTWARE_HOME The directory where the 5520 AMS software is stored. An example is
/opt/ams/software/ams-9.6.03-999000.
$AMS_LOG_DIR The directory where 5520 AMS logs are stored. An example is
/var/opt/ams/local/ams-9.6.03-999000/traces/log
$AMS_CONF_DIR The directory where configuration files for the 5520 AMS are stored. An
example is /opt/ams/software/ams-9.6.03-999000/conf
$PLATFORM_SCRIPTS_DIR The directory where platform scripts for the 5520 AMS are stored. An
example is /opt/ams/software/ams-9.6.03-999000/lib/platform/bin
$AMS_DEBUG_DIR The directory where 5520 AMS traces and debug files are stored. An
example is /var/opt/ams/local/ams-9.6.03-248124/traces/debug
(2 of 2)
Before you can perform the procedures in this guide, the 5520 AMS software and
client must be installed and running, including all required plug-ins. For information
about installation, see the 5520 AMS Installation and Migration Guide. For detailed
hardware requirements and network specifications, see the 5520 AMS Solution
Planning Guide.
When you have performed the procedures in this guide, parameters specific to your
site will be configured and user accounts will be created. Users can then log in and
use the 5520 AMS to manage NEs.
See the 5520 AMS User Guide for information about user functions, including
monitoring and fault management tasks not requiring administrator privileges and
tasks that are common to all NEs.
For information specific to management of a particular NE, see the Operations and
Maintenance guide for the NE.
1 Go to https://customer.nokia.com/support/s/.
2 Log in to the Nokia Support portal with the username and password for your account.
Result: The Nokia Emergency Contact page opens and displays the phone and e-mail
contact information for technical assistance for the selected country.
• If you have logged in to the site before, choose the site name from the Server drop-down
list.
4 Click Finish.
• If this is the first login, the 5520 AMS prompts you to change the administrator password.
• If the password expiration warning is configured for the user and the user tries to login
during password expiration warning period, then the 5520 AMS displays a password
expiration warning message with the information that the user's password will expire
within the configured number of days and prompts the user to change the password.
Note: This warning does not appear for remotely authenticated users or users logging in
to certain 5529 Enhanced Application GUIs.
The following message is displayed Your password will expire in <n> days. Would you
like to change your password now?
• Click Yes to change the password. The Change Password Information dialog appears
with the following confirmation message:
After changing your password, your session will expire and you will have to login again.
Do you want to proceed? Click Yes to change the password of the user.
After changing the password, go to step 6.
• Click No to proceed without changing the password.
Server temporarily unavailable The 5520 AMS server is starting up, or a switchover is in
progress to a new master application server.
(1 of 2)
Maximum licensed/configured The maximum concurrent sessions for the 5520 AMS server has
user sessions reached been reached either the maximum allowed by your license, or
the maximum concurrent settings configured in User Settings.
See Procedure 63 for information about configuring User
Settings.
(2 of 2)
1 Log in to the 5520 AMS application server as amssys. See Procedure 8 for more information.
date ↵
1 Log in to the 5520 AMS server workstation as the amssys user by performing one of the
following:
• If you are logged in as a root user, switch to the amssys user by typing:
su - amssys ↵
amssys ↵
After enabling the server for login from trusted hosts, you may need to assist the
users to log in to the 5520 AMS. For more information about the tasks that a user
needs to perform to log in to the 5520 AMS from a trusted host, see the 5520 AMS
User Guide.
1 Navigate to the folder in which you installed the 5520 AMS client application.
Note — Starting the client application in the Red Hat Enterprise Linux
operating system using the amsclient script requires that the terminal
window be open while the client is running.
•
To start the 5520 AMS client with restricted server settings using the command prompt,
type:
where:
path is the path to the 5520 AMS installation directory; for example, C:\Program Files\ams
IP_address is the IP address of the 5520 AMS server
• For both Windows and Red Hat Enterprise Linux client, in the 5520 AMS installation
directory, edit the amsclient.ini file.
•
Add the following lines to the amsclient.ini file:
-serverip
IP_address
-grayoutserveratlogin
Note 1 — Add these lines before the -vmargs line in the amsclient.ini file.
Note 2 — You need to add the IP_address on a new line in the amsclient.ini
file.
• Save and close the amsclient.ini file.
3 Start the 5520 AMS client. For more information about starting the 5520 AMS client, see the
5520 AMS User Guide.
5 Managing licenses
5.1 Licensing overview
Parameter Type of license GPON License for subscribers on NEs with ONTs
4.7
Licensed Indicates whether NEs, true The NE or service pack is licensed, applies to unlimited
5529 Enhanced Applications or features only
service packs are licensed
Enabled The 5529 Enhanced Application is licensed
Notes
(1) The data and voice ports are counted in separate counters. These ports are counted for reporting the number of data and voice ports in the
‘IP DLSAM Subscribers’ license usage in the Object Details view. Hence the licensed number is reported as ‘-1’ for ‘IP DSLAM Data
Subscribers’ and ‘IP DSLAM Voice Subscribers’ counters.
A new host ID due to any change in the server hardware results in automatically
deleting any AMS licenses associated with the old host ID when the AMS server
starts. In a cluster configuration, the license keys are deleted only if they are not
associated with any host ID of servers.
If the host ID changes due to any change in the server hardware, you need to install
the license keys for the new host ID. See Procedure 10 for information about adding
a license key.
Before you proceed, make sure your user account is assigned a role that includes
the necessary functions to perform the procedures in this chapter. See Table 14 for
more information on 5520 AMS function descriptions.
You can add a license for objects that are not already in your license list. If you add
a license key that includes an object for which you are already licensed, you will
receive an error message.
Note 1 — A .tar file can contain multiple .pdf or .txt license files,
which are uncompressed after uploading to the server. The
individual license files are then validated before installation.
Note 2 — A .txt file or .pdf file can contain multiple licenses.
• Copy the license key from the locally stored license file and paste it in the License Key
field. Optionally, enter the description of the license in the Description field.
• Browse and select the license file (in .txt, .pdf, or .tar file format) in the License File field.
The default option is .txt.
Result: The licenses are verified and installed. In case an error occurs, no license will be
installed. See Table 10 for the scenarios in which installation of licenses may fail.
5 Close and restart the 5520 AMS client for the newly installed licenses to take effect.
2 Transfer the license files to be installed to a temporary directory in the 5520 AMS server.
Note
(1) When you use the --force option, the script forcefully installs all licenses from the license file(s). If the license exists, then the existing license
is replaced by the new license.
Result: The licenses are verified and installed. In case an error occurs, no license will be
installed. See Table 10 for the scenarios in which installation of licenses may fail.
If an error occurs while processing the license file Error processing license [txt/pdf/tar] file {file
name}
(1 of 2)
If no license is found or the license file is License file {file name} corrupted or doesn't
corrupted contain license keys
If a file format other than .pdf, .txt, or.tar is The uploaded license file format { file name } is
uploaded not supported
If the path and filename entered in the License The uploaded license file { file name } doesn't
File field is incorrect exist
If you install a duplicate license License Key(s) {keys that are already present in
the system} already exists
If you install a license the host ID of which does The hostid in the license does not match the
not match the host ID of the 5520 AMS server hostid of the server(s) {host id present in the
license key}
(2 of 2)
Result: The Object Details view displays the license key parameters. See Table 8 for
information about the license key parameters.
Result: The Object Details view displays the license key details.
4 Navigate to the directory where you store your license key PDF files and open the file that
you need to use.
5 Copy the license key number from the PDF file and paste it in the License Key field.
Applies to —
This section describes procedures to view license usage and to add or remove LT
licenses which are applicable for 10G_PON_enabled_LT and
25G_PON_upgraded_LT licenses. You can add or remove LT licenses when the
10G_PON_enabled_LT and 25G_PON_upgraded_LT licenses are installed in the
5520 AMS.
Note — You can select multiple NEs for adding or removing the LT
licenses.
Result: The Add LT Licenses window or Delete LT Licenses window opens based on the
chosen option.
3 In the Add LT Licenses window, you can enter the number of licenses to be added and in the
Delete LT Licenses window, you can enter the number of licenses to be removed.
4 Click Finish.
Result: When the addition or deletion of LT license is complete, the 5520 AMS displays the
Target, Description, Status and Additional Information in the Action Details window.
Result: The Object Details view displays the information about the LT license count and the
list of LTs that are enabled with the license.
Result: The Object Details view displays the information about the license counter.
Note — From ISAM R6.5.01 onwards, you can view license counter for
Anti-Theft Protection, where the counter indicates the number of NTs and
LTs that have Anti-Theft Protection enabled. You can view the status of
Anti-Theft Protection parameter by navigating to the NE and choosing
Infrastructure → OAM → ATP System Parameters. For more information,
see the Operations and Maintenance guide for the NE.
7 Managing SSL
8 Managing HTTPS
Secure installation When securing your installation, see the 5520 AMS Solution
Planning Guide for information about ports and services the
5520 AMS requires to operate correctly.
SSL between the application server and You can use SSL with the default keystore or a customized
the client keystore.
SSL communication between the application server and the
client is disabled by default. See Chapter 7 for information
about configuring SSL.
HTTPS between the application server A default HTTPs certificate is provided with the 5520 AMS, no
and 5529 Enhanced Applications configuration is required.
See Chapter 8 for information about replacing the default
certificate with one of your own.
5520 AMS user accounts The following are the UNIX user accounts that can be created
on different servers:
• Application server: amssys, amsftp, amssftp and amsapp
• Database server: amssys and amsdb
• Presentation server: amssys
• Simplex or Cluster setup: amssys, amsftp, amssftp,
amsdb and amsapp
(1 of 2)
Secure communication for NEs that use See the Operations and Maintenance guide for the NE for
IPSec information about configuring IPSec.
Security for 5520 AMS user sessions To increase the security of 5520 AMS user settings, you can
configure the following:
• User accounts (see Section 9.2).
• User roles (see Section 9.15).
• Session timeouts (see Section 11.4).
• Authentication using LDAPS (see Section 20.34).
You can also track user activity with the User Activity Log. See
Section 27.3.
(2 of 2)
7 Managing SSL
7.1 SSL overview
The 5520 AMS client gets the keystore key and password from the server when you
download the client. Therefore, if you update the keystore file on the server, you must
download a new client to communicate with the server.
The types of entries in the keystore file are:
• Key entries: Each entry includes sensitive cryptographic key information that is
stored in a protected format to prevent unauthorized access. The key stored in a
key entry is a private key that is accompanied by the certificate chain for the
corresponding public key. The keytool and jarsigner tools only handle private keys
and their associated certificate chains.
• Trusted certificate entries: Each entry contains one public key certificate that
belongs to another party. The entry is called a trusted certificate because the
keystore owner trusts that the public key in the certificate belongs to the identity
identified by the owner of the certificate. The owner of the certificate vouches for
this by signing the certificate.
To perform the procedures in this section, you need to log in to the 5520 AMS server
as amssys. See Procedure 8 to log in to a 5520 AMS server as amssys.
Result: The keystore file is generated in the current directory. Ensure that amssys has the
required permissions to the current directory.
2 Go to the directory where the keystore file is generated in the workstation window and type:
Result: The keystore type, keystore provider, and certificate fingerprint are displayed.
Procedure 19 To enable SSL between the 5520 AMS server and 5520 AMS GUI client
Use this procedure to enable SSL communication between the 5520 AMS server and 5520 AMS
GUI client. Enabling SSL does not require you to download a new client.
ams_server stop ↵
i Use the following command if you want to enable SSL with the default keystore shipped
with AMS:
ams_enable_ssl.sh default ↵
ii Use the following command if you want to enable the last used SSL configuration:
ams_enable_ssl.sh ↵
ams_server start ↵
• You need the path to the keystore file on the 5520 AMS server and the keystore
password.
• Perform one of the following steps, as applicable:
• Generate a customized keystore. For information about generating a customized
keystore, see Procedure 17.
ams_server stop ↵
where:
path-to-keystore-file is the path to the keystore file on the 5520 AMS server.
keystore password is the customized keystore password.
For example:
ams_enable_ssl.sh /tmp/ams.keystore amsams.
ams_server start ↵
ams_check_ssl.sh ↵
1 Enable the SSL between the 5520 AMS Server and the 5520 AMS GUI Client. For
information about enabling SSL, refer to 19
2 Install the Windows/Red Hat Enterprise client from the 5520 AMS server. For information
about installing the client, see the 5520 AMS Installation and Migration Guide.
3 In the Red Hat Enterprise Linux systems, verify that the keystore and amsclient.ini files are
overwritten by the new files.
Note — Perform the following only if the UNIX user is not assigned to
the amssys group.
For a shared client installation, log in to the 5520 AMS server as amssys
and modify the permissions on the keystore and amsclient.ini files by
typing
where
path is the path to the location where the client is installed.
Perform this procedure to switch from using the default keystore to using a customized keystore.
You need a generated customized keystore file. See Procedure 17 to generate a customized
keystore.
ams_server stop ↵
ams_enable_ssl.sh default ↵
ams_server start ↵
To reinstall Windows or Red Hat Enterprise Linux client, see Procedure 22.
Procedure 25 To disable SSL between the 5520 AMS server and the 5520 AMS GUI
client
Perform this procedure to disable SSL communication between the 5520 AMS server and the
5520 AMS GUI client; using default or customized keystore. You do not need to download a new
client.
ams_server stop ↵
ams_disable_ssl.sh ↵
ams_server start ↵
Ports Description
8443 By default, the secure connection is enabled for HTTPS on this port.
If you want to force the server using a certain SSL protocol, you can manually modify
enabled-protocols in HTTPS configuration. For example, if you want to use TLSv1.2 only
for HTTPS, you can modify as the following configuration:
<https-listener name="https" socket-binding="https" security-realm="AxSSSLRealm"
enabled-cipher-suites="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_EC
DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_
SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256
_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_
CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA" enabled-protocols="TLSv1.2"
max-post-size="0"/>
4447 This port is used to establish the remote connection from a client to the 5520 AMS
server.
5445 and 5455 These ports are used to manage the messaging in HornetQ.
-Djavax.net.ssl.keyStore=keystore
-Djavax.net.ssl.keyStorePassword=5520AMSPinCode
-Djavax.net.ssl.trustStorePassword=5520AMSPinCode
1 Create a folder and from the folder execute the following command:
set RANDFILE=rand
keytool -genkeypair -alias AMS -keyalg RSA -keysize 2048 -validity 7300
-sigalg SHA256withRSA -keystore AMSKeyStore -storepass 123456
Note — The first and last name should be a common name and the URL
which is used to access the server. There can be wildcards in the
Common Name (*.nokia.com or 192.168.92.*).
• For a client: The client machine resolves the hostnames based on the information
provided in the certificate.
• For a server (Optional):
• Update the domain name on the server using sysctl -w
kernel.domainname=www.nokia.com
• Update /etc/sysconfig/network HOSTNAME
• Restart service of the NetworkManager.
Copy openssl.cnf file (from where the OpenSSL was installed) and place it in the current
folder where the keystore is generated.
openssl x509 -signkey cakey.pem -req -days 3650 -in careq.pem -out
caroot.cer -extensions v3_ca -sha256
ii Click Import.
iv In the File to Import page, browse and select the created CA file.
Note 1 — The alias used when importing the AMS certificate and when
generating the keystore must be the same.
Note 2 —
• For Releases 9.5.03 and above, if required, after importing the AMS
certificate, you can remove the CA certificate using the following
command:
keytool -delete -noprompt -alias TestCA -keystore
AMSKeyStore
• It is mandatory for Release 9.5.02 and older releases to remove the
CA certificate from the keystore.
10 Access the 5520 AMS server using port 8443 on the web browser.
Result: If the certificate is successfully imported, a green lock icon appears on the address
bar of the web browser.
Before you proceed, ensure you have installed Java JRE or JDK.
Perform the steps in Procedure 27 as amssys to install a self-signed certification on
a 5520 AMS server.
Note — The commands provided in Procedure 27 is only for
reference. You must adapt the command line to meet your
specific requirements.
1 Create a folder and from the folder execute the following command:
set RANDFILE=rand
keytool -genkeypair -alias AMS -keyalg RSA -keysize 2048 -validity 7300
-sigalg SHA256withRSA -keystore AMSKeyStore -storepass 123456
Note — The first and last name should be a common name and the URL
which is used to access the server. There can be wildcards in the
Common Name (*.nokia.com or 192.168.92.*).
4 Send the generated CSR file to a public CA. When requested, provide the required
information to the CA.
5 Import the signed caroot.cer certificate to the AMS keystore. Execute the command:
6 Import the AMS certificate to the AMS keystore. Execute the command:
Note 1 — The alias used when importing the AMS certificate and when
generating the keystore must be the same.
Note 2 —
• For Releases 9.5.03 and above, if required, after importing the AMS
certificate, you can remove the CA certificate using the following
command:
keytool -delete -noprompt -alias TestCA -keystore
AMSKeyStore
• It is mandatory for Release 9.5.02 and older releases to remove the
CA certificate from the keystore.
ii Click Import.
8 Access the 5520 AMS server using port 8443 on the web browser.
Result: If the certificate is successfully imported, a green lock icon appears on the address
bar of the web browser.
8 Managing HTTPS
8.1 HTTPS overview
You can also configure the value of the AMS_PROTOCOL as HTTP but not HTTPS.
$AMS_LOCALDATA_HOME/server/wildfly/server/amssys/configuration
Before you proceed, you need to log in to the 5520 AMS server as amssys. See Procedure 8 to
log in to a 5520 AMS server as amssys.
$AMS_SOFTWARE_HOME/conf/
ii Execute the following command to open the configuration file for editing in a text editor:
vi ams.conf
AMS_PROTOCOL=HTTP
User management
9 User accounts
10 PAPs
11 User sessions
9 User accounts
9.1 User accounts overview
After installing the 5520 AMS, you must create the default admin user account using
the ams_createfirstuser script. For more information, see Appendix 31.
When a user does not have permission to execute an operation, the 5520 AMS:
• Dims or hides menu items that apply to the operation
• Makes parameters read-only
9.1.2 Users
You need a user account to log in to the 5520 AMS. The 5520 AMS provides one
default admin user account. The admin can create other users and roles as required.
Each new user must be assigned at least one role.
9.1.3 Roles
A role can include one or more functions and can be assigned to one or more users.
There are default roles provided in the 5520 AMS. You can also create roles.
A role can be specific or more comprehensive. For example, a software administrator
may only need to manage software backups, restores, and upgrades, while a system
administrator needs to have full system access. Any combination of functions can be
grouped into a role.
Note — If there is any change in the roles of a user, some
privileges come into effect immediately (for example, view or
edit users). For other privileges, the user needs to log out and
log in again (for example, any change in access to node
objects). It is recommended that the user logs out and logs in
whenever the role changes.
Role Description
Administrator Perform all functions, including the functions in the other default roles. This is the
default superuser role.
Constructor Perform functions that are required to construct and manage the NEs in a network,
including creating NEs, starting and stopping supervision, planning units, creating
templates, and managing NE software.
NBI System System functions for OSS users that access the 5520 AMS using an NBI.
The default roles cannot be modified or deleted. A user with the Administrator role
can create, delete, assign, or modify other users and roles.
See Procedure 46 to view the functions that are assigned to a user with the default
roles. For a complete list of all the functions and what they allow users to do, see
Table 14.
9.1.4 Functions
A function determines a set of operations that an operator can perform in the
5520 AMS. The operations that are allowed by the function are defined in the
software and cannot be changed by a user.
Functions can be added to roles, except the default roles. Roles can be assigned to
users to allow them to perform all the functions that are specified by the roles.
Many different functions are available in the 5520 AMS. Each function allows a user
to perform a specific type of operation. For example, Event - View is a function which
allows a user to view event settings in the Administration tree.
If you have the Edit function in a role, you cannot edit unless you have the View
function. For example, NE Edit function does not allow user to view NE details. In
order to create, manage, and delete NEs, you must have the View function.
• To create a role that allows to configure objects, you must add the following
functions to the role:
• Network Default – Edit
• Network – View
• NE - View
• To create a Troubleshoot role, you must add the following functions to the role:
• Network – Troubleshoot
• Network – View
• NE - View
You cannot create a function. However, you can create roles with various
combinations of functions. See Procedure 47 to create a role. See Procedure 46 to
view the functions that are assigned to a role. See Table 14 for a list of user functions
and what they allow users to do.
Note — The AMS NBI and NBI system default roles are used
exclusively by OSS users.
Constructor
AMS NBI
Operator
Viewer
5530 NA-F Settings - Edit Y Edit the 5530 NA-F settings in the
Administration tree (EMS
System→Site→5530 NA-F Settings).
5530 NA-F Settings - View Y View the 5530 NA-F settings in the
Administration tree (EMS
System→Site→5530 NA-F Settings).
(1 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Action Manager - Admin Y Manage and view jobs in the Action
Manager views, manage jobs created by
other users. (1)
Any user has access to the Action
Manager perspective, Action view, and
Historical Action view.
A user who has the Action Manager-
Admin function in their role can view and
modify the actions of all users.
A user who does not have the Action
Manager- Admin function in their role can:
• Modify only their actions (for example,
cancel, retry, and move to history).
• View the actions of all users.
Alarm - Manual Alarm Clear Y Clear an alarm manually from the AMS
Alarm Table. See the Alarms chapter in the
5520 AMS User Guide.
(2 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Alarm Settings - Edit Y Modify the following alarm settings in the
Administration tree:
• Configuration→Alarms→EMS Alarm
Severity Assignment→EMS Alarm
Severity Assignment
• Configuration→Alarms→Alarm
Settings
• Configuration→Alarms→NE Alarm
Processing Settings→NE Alarm Event
Log Filter
• Configuration→Alarms→ENV Alarm
Template→ENV Alarm Template
AMS NBI - Edit User Y Y Create or modify a user using the NBI.
AMS NBI - Notify Y Y Receive notifications.
AMS NBI Settings - Edit Y Configure the AMS NBI settings in the
Administration tree
(Configuration→NBI→EMS NBI Settings).
See Section 20.43.
AMS NBI Settings - View Y View the AMS NBI settings in the
Administration tree
(Configuration→NBI→EMS NBI Settings).
See Section 20.43.(6)
(3 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Cluster Settings - Edit Y Modify the following server settings in the
Administration tree:
• EMS System→Site
• EMS System→Site→DCN Settings
• EMS System→Site→Application &
Data Servers→Application Server
• EMS System→Site→Application &
Data Servers→Data Server
• EMS System→LDAP Server CA
Certificates→CA Certificate
Customized Web Links - Edit Y Y Add, modify, and delete customized web
links.
See Chapter 23.
(4 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Cut Through - Standard TL1 Y Y Y Use a standard TL1 interface to send
commands. (1)
(5 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
EMS Tracing Settings - Edit Y Configure the tracing of the EMS in the
Administration tree (Configuration→EMS
Tracing Settings).
See Section 20.25. (1)
EMS Tracing Settings - View Y View the tracing level of the EMS in the
Administration Tree (Configuration→EMS
Tracing Settings).
See Section 20.25.(6)
(6 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Find - Run Y Y Y Find objects with the Go to navigation bar
and the Find objects feature. (1)
GUI Client Download Page - Y Y Y Y Required to download the AMS client. This
View function is available in the default roles.
The GUI Client Download Page - View
function is available from 9.6.07.
When migrating from an AMS release
earlier to 9.6.07, this function is added to
all the existing roles available in the earlier
release.
GUI - Save to File on Client Y Y Y Y Use the Log File Selection menu in all the
Cut Through views.
Use the Save as, Save as CSV, Save as
XML in the Graphical View and Object
Details view.
Use the Export button in the PM views.
Use the Export menu in the Alarm
views. (1)
GUI - Save to File on Server Y Y Y Use the Copy Backup Files command from
the Backup Restore perspective.
See Chapter 18.
HDM NBI Settings - Edit Y Edit the HDM NBI Settings in the
Administration tree (EMS
System→Site→HDM NBI Settings).
HDM NBI Settings - View Y View the HDM NBI Settings in the
Administration tree (EMS
System→Site→HDM NBI Settings).(6)
(7 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Inventory Settings - Edit Y Modify the Inventory settings in the
Administration tree (Inventory→Basic
Settings).
See Section 20.39.
Log Files - View Y View the log files on the server from the
GUI.
See Chapter 27.
(8 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
NE - Edit Y Y Create, delete and modify (applicable on
attributes other than parent group) NEs
and NE Groups, start and stop supervision
of NEs, enable or disable alarm silent
mode for NEs. (1) (7)
To start and stop supervision of a single or
multiple NE groups, the security function
NE - Supervision at group level must be
assigned to the user role.
NE - Supervision at group Y Y Y Start and stop supervision of a single or
level multiple NE groups.
When the function is not enabled and a mix
of NEs and NE groups is selected, then the
start and stop supervision options will
continue to be unavailable until the NE
groups are deselected.
NE - Move Y Y Y Allows to change the parent group of an
NE or NE Group in the Object Details view
or by dragging and dropping the selected
objects in the tree. (7)
(9 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
NE Plug Settings - View Y View the NE Plug settings in the
Administration tree (Configuration→NE
Plug Specific Settings→<NE> <Release>
Settings). See Section 20.28.(6)
Network Alarm - Edit (5) Y Y Modify alarm severities, alarm filters, and
the ASAT. (1)
Network Default - Edit (5) Y Y Y Modify the attributes of objects that are
below the NE in the Network Tree and that
are not included in the other Network - Edit
functions. (1) (2)
Network E3/DS3 Port - Edit (5) Y Y Y Create and modify E3 and DS3 ports. (2)
Network Equipment - Edit (5) Y Y Plan and delete a rack, subrack, or slot. (1)
Network OAM - Edit (5) Y Y Modify the OAM IP address, trap definition,
SNMP, and SSH parameters.(3)
(10 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Network ONT - Edit (5) Y Y Y Create, delete, configure and clean up
ONTs. (2)
Network ONT Card - Edit (5) Y Y Y Create, delete, configure and clean up
ONT cards. (2)
Network ONT Port - Edit (5) Y Y Y Create, delete, configure and clean up
ONT ports. (2)
Network ONT Service - Edit (5) Y Y Y Create, delete, configure and clean up
ONT services. (2)
Network PON Port - Edit (5) Y Y Create, modify, delete, and clean up PON
ports. (2)
Network PON Port / ONT - Y Y Y Perform test operations, lock or unlock the
Troubleshoot (5) port, clear counters on PON subscriber
resources. (2)
A PON port is not considered as a
subscriber resource.
Network SHDSL Port - Edit (5) Y Y Y Create and modify SHDSL ports. (2)
Network Slot LT Other - Edit (5) Y Y Y Plan all types of LT units, and modify and
unplan other LT units and appliques. (2)
(11 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Network Slot LT SHDSL - Y Y Y Perform lock, unlock, and reset LT
Troubleshoot operations on SHDSL LT units.
Network Slot LT Voice - Edit Y Y Y Modify, and unplan Voice LT units.
Network Slot NT - Edit (5) Y Y Plan, modify, and unplan NT units and
force NT switchovers. (2)
Network Voice User Port - Y Y Y Create and modify Voice user ports. (2)
Edit (5)
Network Voice User Port - Y Y Y Perform test operations, lock or unlock the
Troubleshoot (5) port, clear counters on Voice subscriber
resources. (2)
Network XDSL Port - Edit (5) Y Y Y Create and modify ADSL and xDSL
ports. (2)
(12 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
PAP - View Y Y Y Y View PAPs and PAP groups in the
Administration tree.
• User Management→Partition Access
Profiles→PAP
• User Management→PAP
Groups→PAP Group
(13 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
SNMP Settings - Edit Y Modify the following SNMP settings in the
Administration tree:
• Configuration→SNMP→Connections
• Configuration→SNMP→NE Detection
Setting
• Configuration→SNMP→Trap Setting
• Configuration→SNMP→Retries
(14 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Subscriber Search Attribute Y Change the attributes categories for the
Categories, Custom Fields - subscriber search.
Edit See Chapter 15.
Subscriber Search Attribute Y Y Y Change the custom field attributes.
Categories, Custom Fields - See Chapter 15.
Attribute Edit
(15 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
Time Zone Settings - Edit Y Configure the time zones used in the
Administration Tree (Configuration→Time
Zone Settings).
See Section 20.26.
Time Zone Settings - View Y View the time zones used in the
Administration Tree (Configuration→Time
Zone Settings).
See Section 20.26.(6)
User Activity Log - View Y View the user activity log corresponding to
the user’s own activity only.
See Chapter 27.
User Activity Log Settings - Y Configure the user activity log settings in
Edit the Administration tree
(Configuration→User Activity Log
Settings).
See Section 20.27.
User Activity Log Settings - Y View the user activity log settings in the
View Administration tree (Configuration→User
Activity Log Settings).
See Section 20.27.(6)
User Activity Log - View All Y Y Y View the user activity log of all users.
See Chapter 27.
User Management - Allow All Y Enables to create or modify users with all
Privileges roles and PAP groups.
(16 of 17)
Administrator
Constructor
Operator
AMS NBI
Viewer
User Management Settings - Y Configure the user settings in the
Edit Administration tree (User
Management→User Settings).
See Chapters 9 (this chapter) and 11.
(17 of 17)
Notes
(1) See the 5520 AMS User Guide.
(2) See the Operations and Maintenance guide for the NE.
(3) Modify the default SSH parameters only as described in the AMS documentation. If not, the customizations may
impact AMS server behavior.
(4) If you perform operations that require the Network - Troubleshoot function, your user role must also have the
NE - View and Network - View functions.
(5) If you perform operations that require a Network object - Edit function, your user role must also have the NE -
View, Network - View, and Network - Troubleshoot functions.
(6) If this function is not assigned to a user role, the settings object is not visible to the user in the Administration
tree.
(7) To allow a user to create an NE or NE Group, both security functions NE - Edit and NE - Move must be assigned
to the user role.
(8) To allow a user to lock or unlock another user, the security function User Management - View must be assigned
to the user role.
Parameter Description
General
(1 of 4)
Parameter Description
Superuser Role Even if the total number of users allowed by the license is
reached, the AMS allows one additional user with the Superuser
Role to login. For instance, such a user can unblock the situation
by disconnecting inactive user sessions and thereby, letting
other users to login to the AMS.
Max. Number of Concurrent GUI The maximum number of concurrent GUI user sessions
User Sessions allowed.
Max. Number of Users displayed The maximum limit on the users displayed in the Administration
in Administration Tree Tree.
Manage Users Based on PAP Select this check box to configure the 5520 AMS to restrict the
users based on PAP.
If the check box is checked, then only the users that contain one
or more PAPs of the current user appears in the Administration
Tree and the Table view.
By default, the check box remains unchecked.
For more information, see Section 10.1.
Enable “One-Time Authorization” Select this check box to enable one-time authorization feature.
If the check box is checked, a user without “User Management -
One-Time Authorization - Always Granted” function needs a
“One-Time Authorization” granted to perform any of the
following service-impacting operations:
• Reset NE
• Lock or unlock Network Port
• Lock or unlock PON Port/Channel Pair
• Reset or switchover NT/LT card
• Lock or unlock NT/LT card
• Plan or unplan NT/LT card
Global Max. Number of A global setting that specifies the maximum number of
Concurrent Session concurrent sessions allowed for users who have not applied a
user-level preference.
If a user has specified a user-level preference in the 'Maximum
Number of Concurrent Sessions' field in the User account
settings, then this global setting will not apply to the user.
Global Login Message A message that is displayed to users after they log in to the
5520 AMS client. The message can be 0 to 1000 characters.
Global Address Filter Specifies a global setting of IP addresses and subnet masks of
client workstations that are allowed to access the server. Both
IPv4 and IPv6 address formats are supported.
If a user has specified a user-level preference in the 'Address
Filter' field in the User account settings, then this global setting
will not apply to the user.
When the Global Address Filter is modified, the session that do
not match the specified IP address mentioned in the filter is
disconnected.
Global Inactivity Lock Screen Specifies the duration of time that elapses with no GUI activity in
Timeout a user session before the 5520 AMS GUI screen is locked for
the specified user. For more information, see Section 11.7.
(2 of 4)
Parameter Description
Global Inactivity Logout Timeout Specifies the duration of time that elapses with no GUI activity in
a user session before the user is logged out.
Also, the inactive user session is logged off when the number of
logged in sessions exceed the specified threshold limit.
For more information, see Section 11.5.
Exit the GUI instead of Logout on Specifies the exit time of the GUI, based on the Global Inactivity
Inactivity Logout Timeout Logout Timeout.
If the check box is checked, then the GUI will exit when the
Global inactivity Logout Timeout expires.
By default, the check box remains unchecked.
Global Timeout for Dormant Specifies the duration of time that elapses when a user has not
Account Lock logged in for a specific amount of time and the dormant account
gets locked. For more information, see Section 11.8.
Global Timeout for Dormant Specifies the duration of time that elapses when a user has not
Account Deletion logged in for a specific amount of time and the dormant account
gets deleted. For more information, see Section 11.9.
User Name
At Least One Numeric Character A minimum of one numeric character is required in usernames.
Password
Must Differ From User Name (1) The password must be different from the username.
Loaded Dictionary File Displays the path of the last password dictionary uploaded.
Min. Time Before Password The minimum number of days that must elapse before a user
Reuse can reuse a password.
Enforce Password History Prohibits the user from re-using one of the last ten passwords.
Password Aging (2) When the value set in the Maximum Password Age parameter
expires, the 5520 AMS forces the user to change the password
on the next login.
This parameter is overridden for individual users when you
enable the Bypass Password Aging Check parameter. See
Table 16.
By default, this check box is selected.
(3 of 4)
Parameter Description
Maximum Password Age The maximum number of days that the user can use the
password.
Password Expiration Warning (2) Selecting this box allows the configuration of a password
expiration warning to be displayed at user login for a configured
number of days prior to the password expiration date till the user
changes the password.
Password Expiration Warning Specifies the number of days prior to the password expiration
Period date from when the password expiration warning will be
displayed to the user at the time of login. The user has the option
to change the password when this warning is displayed.
Max. Number of Password Specifies the number of times password can be changed in a
Changes per Day (2) calendar day. The range is from 1 to 12. By default, this value is
set to 1.
(4 of 4)
Note
(1) When an administrator creates a user account, password complexity rules are not checked. These rules are
checked only when you change your password using the Change Password option. Nokia recommends that
you always enable the Change Password on Next Login (2) parameter in combination with this option.
(2) If the number of the times the password has been changed in a day exceeds the configured value, a warning
message “Max. number of password change attempts reached” is displayed in the change Password window
and the password can only be changed the next day.
Change Password on Next Login (2) Select the check box Prompts the user to change the
password the next time the user logs
in.
(1 of 5)
Roles Click Add to select See Roles for more information about
user roles roles.
If the current user has a role that
includes the security function "User
Management - Edit" but not the
function "User Management - Allow
All Privileges", then only the roles
containing the security functions of
the current user are available for
selection.
When the user role is modified, the
logged in user is logged off.
Allowed PAP Groups Click Add to select See Chapter 10 for more information
PAP groups for the about PAP groups.
user If the current user has a role that
includes the security function "User
management - Edit" but not the
function "User management - Allow
All Privileges", only the PAP groups
containing the PAPs of the current
user are available for selection.
When the list of PAP groups is
modified, the logged in user is logged
off.
Use Global Max. Number of Select the check box Select this check box to set the
Concurrent Sessions maximum number of concurrent
sessions allowed for this user
account as per the setting defined in
the 'Global Max Number of
Concurrent Session' parameter.
This setting can be applied to users
created from a remote authorization
server, when the remote server does
not provide this setting.
Locked Select the check box Prevents the user from logging in to
the account.
When this parameter is modified the
logged in user is logged off.
Advanced tab
Use Global Login Message Select the check box Use the global login message
configured in the user settings. See
Table 15.
(2 of 5)
Last Successful Authorization Internal Database Specifies the Authorization source for
Source LDAP the user.
RADIUS The value ‘-’ is for manually created
users who are not logged in.
Client OS
-
(3 of 5)
Inactivity Logout Timeout (3) Global (As in User The type of inactivity logout timeout
Settings) for this user account.
User Defined The inactive user sessions are
No Inactivity Timeout logged off when the number of logged
in sessions exceed the specified
threshold limit.
Dormant Account
Dormant Account Lock Policy No Lock Timeout The type of lock timeout for this
Global dormant account.
User Defined
(4 of 5)
Dormant Account Deletion Policy No Delete Timeout The type of deletion timeout for this
Global dormant account.
User Defined This parameter also applies to user
accounts created automatically
through a remote authorization
server.
Dormant Account Deletion Timeout - The length of time after which the
user is deleted when the user
account is dormant. Configurable
only when the Dormant Account
Deletion Policy parameter is set to
User Defined.
Miscellaneous
Hidden Account (Operations are Select the check box Note - This is a licensed feature and
not logged) is disabled by default. Please contact
your Nokia representative for further
information.
Enabling this check box prevents
detection of any configuration
changes made by this user. The user
account is hidden from other users,
as operations of the user are not
logged in the user activity log or
security log, and the user session is
not listed as an active session when
the user is logged in. It is
recommended to assign the “Viewer”
role to this user to prevent execution
of configuration changes. This check
box is not selected, by default. This
parameter will take effect at the next
login.
When any changes are made to this
parameter, the logged in user session
is disconnected.
Statistics
(5 of 5)
Notes
(1) When an administrator creates a user account, password complexity rules are not checked. These rules are
checked only when you change your password using the Change Password option. Nokia recommends that
you always enable the Change Password on Next Login (2) parameter in combination with this option. When the
password is changed, if there are any logged in users, they will be logged off immediately.
(2) This parameter does not apply if remote authentication is enabled.
(3) In LDAP server, the supported options for Nokia-AMS-InactivityLogoutTimeout and
Nokia-AMS-InactivityLockScreenTimeout parameters is GLOBAL, NONE, and USER.
Note — The password that you assign to the 5520 AMS user is
stored in the 5520 AMS database. This 5520 AMS user
password does not override the password that is specified in
the RADIUS server.
When you create a user, you associate roles and PAP groups with the user to
configure the access privileges and the NEs for which the user has access.
See Section 9.15 and Chapter 10 for the procedures to configure roles and PAP
groups.
By default, the 5520 AMS server uses internal database authentication. To enable
RADIUS or LDAP authentication, you must install a RADIUS or LDAP server and
configure the authentication settings for the site. For information about enabling,
disabling, and configuring RADIUS and LDAP authentication, see Section 20.34.
When remote authorization is enabled at the site, you can also create a user account
from the 5520 AMS GUI for each user that will be authorized from the remote
authorization server. In this case, even if remote authorization server is down, 5520
AMS GUI enables the user to log in after authorization by the 5520 AMS database.
• Create a user account to be always authorized and authenticated against the local
AMS database by selecting the Use Internal Database check box (default option).
For example, use this configuration for NBI users or local AMS administrators.
• Create a user account to be authorized and authenticated against the remote
LDAP or RADIUS server by deselecting the Use Internal Database check box. In
case of failure, the user can be authorized and authenticated against the local
AMS database, in a fallback scenario. The following parameters configured in the
user account created in the 5520 AMS GUI are not supported in this case:
• Password Aging
• Password Expiration Warning
• Change Password on Next Login
Note 1 — For security reasons, Nokia recommends that you do not use
generic usernames such as admin, helpdesk, support etc.
Note — If you have not created a role, click Create in the Select Roles
window to create a role. See Section 9.15 for the procedures to create a
role.
5 Assign a password for the user account, if required. The creation of a user with an empty
password fails, when the user is configured to log in using the 5520 AMS database as
authorization source.
ii Choose one or more roles from the list and click OK to return to the Create User window.
Note — If the current user creating a new user account has a role that
includes the security function "User management - Edit" but not the
function "User management - Allow All Privileges", then only the roles
containing the security functions present in the roles of the current user
are available for selection.
ii Choose one or more PAP groups from the list, and click OK to return to the Create User
window.
Note — When creating a new user adding the user to a PAP group is
mandatory. If not, an error is displayed.
If you have not created a PAP group, click Create in the Select Allowed
PAP Groups window to create a group. See Section 10.4 for the
procedures to create a PAP group.
The PAPGroup profile is the default profile and can be applied to the user to provide
access to all of the NEs that are configured on the 5520 AMS.
Note — If the current user creating the new user account has a role that
includes the security function "User management - Edit" but not the
function "User management - Allow All Privileges", only the PAP groups
containing the PAPs of the current user are available for selection.
8 Click Finish to add the user to the users list and close the Create User window.
Table 17 5520 AMS server scripts executed by users in the amssys group
2 To add a new user account to the amssys group, perform one of the following steps:
where:
homedirectory is the home directory of the new user account you want to add.
useraccount is the new user account you want to add to the amssys primary group.
where:
homedirectory is the home directory of the new user account you want to add.
useraccount is the new user account you want to add to the amssys secondary group.
Note — To execute the 5520 AMS server scripts listed in Table 17, log
in to the 5520 AMS application server as amssys or as a user in the
amssys group.
9.3.1 Copying the existing input files for the 5520 AMS
server scripts
The 5520 AMS server scripts, listed in Table 17, are executed by reading input files
containing the script parameters. Non-amssys users do not have access to the
default location, containing the input files, of the amssys user.
You can copy the existing input files for the 5520 AMS server scripts, listed in
Table 17, from the default location of the amssys user to the home directory of the
new user account in the amssys group.
Note 1 — If you copy the existing input files for the 5520 AMS
server scripts, listed in Table 17, and log in to the 5520 AMS
application server as a user in the amssys group, you can edit
the copied input files and execute the 5520 AMS server scripts.
For more information on editing the input files for the 5520 AMS
server scripts listed in Table 17, refer to the individual sections.
Note 2 — If you do not copy the existing input files for the
5520 AMS server scripts, listed in Table 17, and log in to the
5520 AMS application server as a user in the amssys group,
you must create the input files before executing the 5520 AMS
server scripts. For more information on creating the input files
for the 5520 AMS server scripts listed in Table 17, refer to the
individual sections.
Procedure 32 To copy the existing input files for the 5520 AMS server scripts
• If you added a new user account to the amssys primary group, copy the existing input file
for the 5520 AMS server script from the default location of the amssys user to the home
directory of the new user account in the amssys primary group. Type:
cp inputfile_amssys inputfile_amssys_pri_grp ↵
where:
inputfile_amssys is the full path to the input file for the 5520 AMS server script provided for the amssys
user. For example: $AMS_LOCALDATA_HOME/oss/conf/ams_user_mgr.csv
inputfile_amssys_pri_grp is the full path to the input file for the 5520 AMS server script in the home
directory of the new user account in the amssys primary group. For example:
/var/opt/ams/users/amsfielduser/ams_user_mgr.csv
• If you added a new user account to the amssys secondary group, copy the existing input
file for the 5520 AMS server script from the default location of the amssys user to the
home directory of the new user account in the amssys secondary group. Type:
cp inputfile_amssys inputfile_amssys_sec_grp ↵
where:
inputfile_amssys is the full path to the input file for the 5520 AMS server script provided for the amssys
user. For example: $AMS_LOCALDATA_HOME/oss/conf/ams_user_mgr.csv
inputfile_amssys_sec_grp is the full path to the input file for the 5520 AMS server script in the home
directory of the new user account in the amssys secondary group. For example:
/var/opt/ams/users/amsfielduser/ams_user_mgr.csv
Additional options are required when you run the script. See Procedure 35 for more
information. The options are mutually exclusive. The sub-options A, D, and R for the
-m option are also mutually exclusive, for example, if you need to add one value and
replace another, you need to run the script twice.
Table 18 User configuration options for the ams_user_mgr script
Option Description
-a Add users
-d Delete users
-m A Modify users. The A specifies that the values in the input file will be added to the
existing parameters in the user’s account, for example, a specified role will be
added to the user’s list of roles.
-m D Modify users. The D specifies that the values in the input file will be deleted from
the existing parameters in the user’s account, for example, a specified role will
be removed from the user’s list of roles.
-m R Modify users. The R specifies that the values in the input file will replace the
existing parameters in the user’s account, for example, a specified list of roles
will become the user’s list of roles. This is the default modification.
-s Suspend users
-r Resume users
-e Expire user passwords. The Must Change Password on Next Login parameter
will be changed to True.
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
• If you logged in as amssys, open the following sample input file in a text editor:
$AMS_LOCALDATA_HOME/oss/conf/ams_user_mgr.csv
• If you logged in as a user in the amssys group, open the copied input file in a text editor.
For information on copying the existing input file, see Procedure 32.
• Create a new input file in an editor.
3 Configure the parameters as comma-separated values with one line for each user.
Table 19 describes the parameters for the add user and modify user options.
Table 20 describes the parameters for the delete user, suspend user, resume user, list user,
and expire password options.
user1,123456,AMS NBI,allPAPs,test
user,true,,false,0.0.0.0/0,false,1,Global(As in User
Settings),,false,false,false,false,true,,,
PAP groups Yes for add user The list of PAP groups to assign to the user. Use colons (:) to separate
No for modify user multiple PAP groups.
If the current user has a role that includes the security function “User
management - Edit” but not the function “User management - Allow All
Privileges”, then the PAP Groups containing only the PAPs of the current
user or a user with lower-level PAPs must be provided as input for
successful creation or modification.
(1 of 3)
Login message No The login message to use if Use global login message is false.
Address filter No Filter logins from specified IP addresses. To enter multiple IP addresses,
separate them using a comma (,). For example,
192.168.1.2/24,192.190.1.1/24.
By default, the value of this parameter is empty. In such cases, the user
cannot login to the server. When the value is set to 0.0.0.0/0, full access
is given to the user.
Both IPv4 and IPv6 address formats are supported.
Max concurrent No The maximum number of concurrent sessions for the user. The range is
sessions from 1 to 1000. The default is 1.
Timeout No Number of minutes before a user is logged out if Inactivity Timeout is set
to User Defined. The range is from 5 to 525 600.
Locked No True or false. The default is false.
The parameter indicates whether the user login is disabled.
Command timeout No The timeout in seconds, if Use global command timeout is set to false.
Allowed TL1 No The TL1 commands the user is allowed to run using certain
Commands 5529 Enhanced Applications. The default is ““.
Use colons (:) to separate multiple commands,
for example,
RTRV-HDR:RTRV-EQPT:RTRV-ONT.
(2 of 3)
Inactivity Lock No The type of inactivity lock screen timeout for this user account.
Screen Timeout
Lock Screen No The length of time after which the 5520 AMS GUI screen is locked when
Timeout Yes, if there is no user activity on the GUI.
inactivityLockScreenTim Configurable only when the Inactivity Lock Screen Timeout parameter is
eout = User Defined set to User Defined.
Dormant Account No The type of lock timeout for this dormant account.
Lock Policy
Dormant Account No The length of time after which the user is locked when the user account is
Lock Timeout Yes, if dormant.
dormantAccountLockPol Configurable only when the Dormant Account Lock Policy parameter is set
icy = User Defined to User Defined.
Dormant Account No The type of deletion timeout for this dormant account.
Deletion Policy This parameter also applies to user accounts created automatically
through a remote authorization server.
Dormant Account No The length of time after which the user is deleted when the user account
Deletion Timeout Yes, if is dormant.
dormantAccountDeletion Configurable only when the Dormant Account Deletion Policy parameter
Policy = User Defined is set to User Defined.
Hidden Account No This is a licensed feature and is disabled by default. Please contact your
Nokia representative for further information.
Enabling this check box prevents detection of any configuration changes
made by this user. The user account is hidden from other users, as
operations of the user are not logged in the user activity log or security log,
and the user session is not listed as an active session when the user is
logged in. It is recommended to assign the “Viewer” role to this user to
prevent execution of configuration changes. This check box is not
selected, by default. This parameter will take effect at the next login. When
any changes are made to this parameter, the logged in user session
is disconnected.
Custom Fields No The custom fields attributes which are added by users.
(3 of 3)
Table 20 Delete user, suspend user, resume user, list user and expire password input file pa-
rameters
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
createUsernamePassword ↵
3 Type the username and press ↵. You are prompted to enter a password.
Result: The script takes the username and password, encrypts the password, and saves both
to a file called ams.password in the $AMS_SHAREDDATA_HOME/config directory of the
active data server. When you perform Procedure 35, you do not need to enter the -username
or -password options when you run the ams_link_mgr, ams_hub_sub_link_mgr,
ams_user_mgr, or ams_ne_mgr scripts.
Note — When you run this script with the ‘-efile’ option, the file is created
under $AMS_SHAREDDATA_HOME/config of the active data server
with the name of the file provided for the -efile option.
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
where:
[options] is the options you need to enter, as shown in Table 22.
input_file is the full path to the input file you configured in Procedure 33.
Note — If you do not specify an input file, the script will read the
example input file at
$AMS_LOCALDATA_HOME/oss/conf/ams_user_mgr.csv.
Option Description
(1 of 2)
Option Description
-a Add users
-d Delete users
-m A Modify users. The A specifies that the values in the input file will be added to the
existing parameters in the user’s account, for example, a specified role will be
added to the user’s list of roles.
-m D Modify users. The D specifies that the values in the input file will be deleted from
the existing parameters in the user’s account, for example, a specified role will
be removed from the user’s list of roles.
-m R Modify users. The R specifies that the values in the input file will replace the
existing parameters in the user’s account, for example, a specified list of roles
will become the user’s list of roles. This is the default modification.
-s Suspend users
-r Resume users
-e Expire users’ passwords. The Must Change Password on Next Login parameter
will be changed to True.
-pfile file Specify the name of the properties file, which is used by the script for
configuration. The file must be in the shared directory of the data server,
$AMS_SHAREDDATA_HOME/config. The default properties file is
ams_mgr.conf. The configuration changes to the properties file must be done on
the active data server.
-efile file Specify the name of the password file created in Procedure 34, which is used by
the script to get username and password. The file must be in the shared directory
of the data server, $AMS_SHAREDDATA_HOME/config. The default password
file is ams.password.
-logdir directory Specify a directory to save the log to. The default directory is
$AMS_LOCALDATA_HOME/log.
-username The username of a 5520 AMS client user with the AMS NBI - Edit - User function.
username(1)
or -u username
-keystore key The full path to the keystore file. By default, the 5520 AMS retrieves the path
from the properties file.
-keypass The password for the keystore file. By default, the 5520 AMS retrieves the
password password from the properties file.
-nbihost URL The URL of the NBI client the 5520 AMS needs to connect to.
The default URL is https://server:8443, where server is the host name or IP
address of the 5520 AMS server.
If you are using HTTP, enter http://server:8080/.
(2 of 2)
Notes
(1) This option is not necessary if you have performed Procedure 34.
(2) If the password contains special characters you need to follow shell quoting rules. Normally this can be done
by enclosing the password in single quotes.
If the password includes single quotes you can use one of the following:
Example password: $pec'ch*rs"
Single Quotes: -password '$pec'\''ch*rs"'
Double Quotes: -password "\$pec'ch*rs\""
Backslash Quotes: -password \$pec\'ch\*rs\"
(3) If the password is not entered for a username, but the input file is specified, the corresponding user is not
created. No error message is displayed. If an incorrect password is entered, an error message “FAILURE:
Authentication failed for user” is displayed.
3 The script executes, displaying success messages for each user created. A log file is created
called ams_user_mgr.log.
Note — If you want to lock the admin user, you need to make
sure that there is at least one user with an Administrator role.
Result: A list of users appears in the Administration Tree and the Table view. The
Administration Tree displays Locked beside the names of users that are locked.
• To lock multiple users, select the users that you need to lock and proceed to step 3.
• To lock a single user, select the user that you need to lock and proceed to step 4.
Result: A list of users appears in the Administration Tree and the Table view. The
Administration Tree displays Locked beside the names of users that are locked.
• To unlock multiple users, select the users that you need to unlock and proceed to step 3.
• To unlock a single user, select the user that you need to unlock and proceed to step 4.
Note 1 — If all users belonging to a specific role are already locked, the
menu option to lock all users is disabled.
Note — If all users belonging to a specific role are unlocked, the menu
option to unlock all users is disabled.
3 Select one of the following operations from the Granted Operations list to grant one-time
authorization for the user to perform the service-impacting operation:
• Reset NE
• Lock/Unlock Network Port
• Lock/Unlock PON Port/Channel Pair
• Reset/Switchover NT/LT card
• Lock/Unlock NT/LT card
• Plan/Unplan NT/LT card
4 Click Finish.
2 Choose a user.
Result: The Object Details view opens for the selected user.
Result: The Object Details view displays the user setting parameters.
3 Configure the User Name and Password parameters in the Object Details view. See User
settings for more information about security setting parameters.
4 Click the Apply icon ( ) to save the new password and username rules.
Result: The Object Details view opens for the selected user.
3 Change the password in the Password and Re-Type Password fields in the Object Details
view.
5 Repeat steps 2 to 4 for each user for which you need to change the password.
Caution — Passwords for the amsftp and amssftp users cannot include
the @ or : symbols.
passwd username
where:
username is the name of the user whose password you need to change.
Note — Red Hat Enterprise Linux allows three attempts to re-enter the
new password. After three unsuccessful attempts, you will need to enter
the passwd command again.
3 Type the full directory path and filename of the password dictionary file in the Dictionary File
Location field.
Note — If the size of the password dictionary file is large, it takes longer
to upload. For example, a 10 MB file takes 30 minutes to upload.
Note 1 — The Object Details view under the User Settings displays the
path for password dictionary in the Loaded Dictionary File field which is a
read-only field.
The passwords in the dictionary file are not case sensitive, therefore only
a word match of the password is checked.
Note 3 — Any line that starts with a hash (#) symbol in the password
dictionary file will be considered as a comment line.
2 To view all of the functions in the 5520 AMS, choose Role (Administrator).
Result: The functions are displayed on the Configuration tab in the Object Details view.
3 To view the assigned functions contained in another role, choose the role in the
Administration Tree.
Result: The allowed functions for that role are displayed on the Configuration tab in the
Object Details view.
3 Enter a name for the user role in the Roles field and click Next.
6 Click Add next to the Allowed Functions field to add functions to the role.
7 Choose one or more functions from the list and click OK to return to the Create Role window.
Note — If the current user has a role that includes the security function
"User management - Edit" but not "User management - Allow All
Privileges", only the security functions of the current user are available for
selection.
8 Click Finish to add the user role to the roles list and close the Create Role window.
You can assign the user role when you create a user, as described in Section 9.2, or assign
the user role to existing users, as described in Section 9.16.
Result: The role details are displayed in the Object Details view.
Result: The Select Users window appears and lists the available users.
4 Choose the users you need to associate with the role, and click OK.
Result: The chosen users are associated with the role and appear in the Users field. The
‘locked’ or ‘unlocked’ status of the user is displayed in brackets next to each username in the
Users field.
The All Users Locked field indicates if all users are locked, no users are locked, or some
users are locked. The possible values are ‘Yes’, ‘No’, or ‘Partially’.
Note 1 — You can create a user using the Select Users window. Click
Create.
Note 2 — You can delete a user using the Select Users window. Choose
the user that you need to delete and click Delete.
Note — The user with superuser role can have only one additional login
session to the 5520 AMS beyond either the concurrent login limits that
are configured by the administrator or session limits allowed by your
license.
10 PAPs
10.1 PAPs overview
<PG2>, ... contain at least one PAP that is not in the role of the current user’ where
‘<PG1>, <PG2>, ...’ is a comma separated list of the PAP Groups that are causing
the problem.
• If the user that is to be deleted contains at least one PAP that is not in the current
user’s profile, then the user is not deleted and an error ‘The user cannot be
deleted as it is assigned to at least one PAP that is not in the role of the current
user’ is displayed.
Before you proceed, make sure your user account is assigned a role that includes
the necessary functions to perform the procedures in this chapter. See Table 14 for
more information on 5520 AMS function descriptions.
Result: The Create PAP window opens and prompts you to provide the details for the new
PAP.
Result: The PAP is displayed under Partition Access Profiles in the Administration Tree.
6 Associate the PAP with a new or existing NE. Perform one of the following steps:
1 In the Network Tree, choose the NE or group that you need to modify.
Result: The object details are displayed in the Object Details view.
Result: The Select Partition Access Profile window opens and lists the available PAPs.
4 Click OK.
Result: The PAP now associated with the object appears in the Partition Access Profile field.
3 At the prompt, enter a name for the PAP group in the Name field and click Next.
4 At the prompt, enter a description for the PAP group in the Description field.
Result: The Select PAPs window opens and lists the available PAPs.
The selected PAP is associated with the PAP group and appears in the PAPs field.
Note 1 — You can create a PAP using the Select PAPs window. Click
Create.
Note 2 — You can delete a PAP using the Select PAPs window. Choose
the PAP that you need to delete and click Delete.
7 Click Finish to save the PAP group and close the window.
Result: The PAP group appears under PAP groups in the Administration Tree.
Result: The PAP group details are displayed in the Object Details view.
Result: The Select Users window appears and lists the available user accounts.
iii Choose the user accounts you need to associate with the PAP group, and click OK.
Result: The chosen user accounts are associated with the PAP group and appear in the
Users field.
Note 1 — You can create a user account using the Select Users window.
Click Create.
Note 2 — You can delete a user account using the Select Users window.
Choose the user account that you need to delete and click Delete.
iv Click the Apply icon ( ) to save the changes.
11 User sessions
11.1 User session overview
The session type is GUI or OSS. A GUI session type indicates that a user is logged
in using the 5520 AMS GUI. An OSS session type indicates that a user is logged in
using an OSS interface. A user can be logged in using the 5520 AMS GUI and an
OSS interface, in which case two user sessions are listed, each displaying the
corresponding session type.
When a user executes operations through an NBI interface then, as part of the active
session, NBI interface does not display the OSS session.
When you login to a TL1 session using the 5520 AMS GUI, the session type is
displayed as TL1 in Object Details view.
Result: The list of active user sessions is displayed in the following format: Session
(username, IP address, session type).
2 Choose a user session from the session list in the Administration Tree or Table view.
Result: The Object Details view displays information about the user session.
Result: The Delete confirmation window appears with the following message: Are you sure
you want to delete the selected objects?
2 Choose a user.
3 In the Object Details view, click the Advanced tab and configure the Inactivity Logout Timeout
parameter. Perform one of the following steps:
• To disable timeout restrictions for the user, set the Inactivity Logout Timeout parameter
to No Inactivity Timeout.
• To configure a user-specific timeout, set the Inactivity Logout Timeout parameter to User
Defined, and enter a value in the Logout Timeout field. The range is from 5 to 525600 min.
• To apply the global timeout configuration to the user, set the Inactivity Logout Timeout
parameter to Global (As in User Settings).
2 In the Object Details view, enter a value for the Global Inactivity Logout Timeout parameter.
The range is from 5 to 525600 min. The default is 480 min (8 h).
2 Choose a user.
3 In the Object Details view, click the Advanced tab and configure the Inactivity Lock Screen
Timeout parameter. Perform one of the following steps:
• To disable timeout restrictions for the user, set the Inactivity Lock Screen Timeout
parameter to No Inactivity Timeout.
• To configure a user-specific timeout, set the Inactivity Lock Screen Timeout parameter to
User Defined, and enter a value in the Lock Screen Timeout field. The range is from 3 to
525600 min.
• To apply the global timeout configuration to the user, set the Inactivity Lock Screen
Timeout parameter to Global (As in User Settings).
2 In the Object Details view, enter a value for the Global Inactivity Lock Screen Timeout
parameter. The range is from 3 to 525600 min. The default is 10 min.
2 In the Object Details view, enter a value for the Global Timeout for Dormant Account Lock
parameter. The default value is 10000 days. The range is from 1 to 10000 days.
2 In the Object Details view, enter a value for the Global Timeout for Dormant Account Deletion
parameter. The default value is 10000 days. The range is from 1 to 10000 days.
2 Choose a user.
3 In the Object Details view, click the Advanced tab and configure the Dormant Account Lock
Timeout Policy parameter. Perform one of the following steps:
• To disable timeout restrictions for the user, set the Dormant Account Lock Timeout Policy
parameter to No Lock Timeout.
• To configure a user-specific timeout value, set the Dormant Account Lock Timeout Policy
parameter to User Defined. The default value is 10000 days and the range is from 1 to
10000 days.
• To apply the global timeout configuration for the user, set the Dormant Account Lock
Timeout Policy parameter to Global (As in User Settings).
2 Choose a user.
3 In the Object Details view, click the Advanced tab and configure the Dormant Account
Deletion Timeout Policy parameter. Perform one of the following:
• To disable timeout restrictions for the user, set the Dormant Account Deletion Timeout
Policy parameter to No Delete Timeout.
• To configure a user-specific timeout value, set the Dormant Account Deletion Timeout
Policy parameter to User Defined. The default value set is 10000 days. The range is from
1 to 10000 days.
• To apply the global timeout configuration for the user, set the Dormant Account Deletion
Timeout Policy parameter to Global (As in User Settings).
2 Configure the maximum number of concurrent GUI user sessions. The range is from 1 to 400.
However when the number of users populated in 5520 AMS exceed the value set in
the maximum number of users displayed in Administration Tree, the user list is
replaced with a Search User icon ( ).
With the search option, you can get the desired user details quickly than scrolling a
long list of users in the AMS GUI; see Procedure 65.
2 Configure the maximum number of users displayed in Administration Tree under the System
Settings in the General tab. The range is from 1 to 2000.
• New search (remove existing results): To display only the desired user
• Add the results to the existing ones: To display the required user including the existing
users. This is the default option.
After selecting the option, to search for a user, select the check box for one or more of the
following attributes, and then enter a search criteria to get the required search result.
• Name
• Full User Name
• Email Address
• Description
To display alarms on the user object, you can select the option “In addition, also show objects
with alarms”.
NE tasks
12 NE tasks overview
12 NE tasks overview
12.1 Overview of this volume
13.5 NE list
13.7 NE balancing
Before you proceed, you need to log in to the 5520 AMS server as amssys. See
Procedure 8 to log in to a 5520 AMS server as amssys.
ams_retrieve_ip_by_nename.sh NEname ↵
where:
NEname is the name of the NE.
The script returns the IP address of the NE. The IPv4 and IPv6 address formats are
supported.
To run the scripts, you must enter -u username -p password. The username and
password must be associated with the user role that has the NE List - NBI function.
See 9.1.4 for information about functions.
Note 1 — If the password contains the special characters,
escape the special meaning of the characters by preceding
each special character with the backslash character (\). For
example, if the password is !@#ams$%^user&*, enter
\!\@\#ams\$\%\^user\&\*.
Note 2 — The script will generate a list of NEs in the user’s
allowed PAP groups only. To generate a complete list, the
Allowed PAP groups parameter for the user must include all
PAP groups.
13.5 NE list
The NE list script generates a list of NEs and also provides support to filter the list of
Agents based on NE type.
The NE list script returns a flat list of NEs with information in the following format:
NE Name NE IP AddressSNMP Port NumberSNMP Read CommunitySNMP Write
Community
The IPv4 and IPv6 address formats are supported.
An example of using the script is:
retrieve_nes.sh -f dumpFilename -u username -p [password] [-s filter 1 [-s
filter 2 ]..] ↵
where:
filename is the name of the file to which to dump the output.
username is the username for a user role that has the NE List - NBI function.
password is the password for a user role that has the NE List - NBI function.
Caution — The password you enter in the crontab file is in plain text and
is not secured. Therefore, it is not recommended to perform this
procedure due to security issues.
Perform this procedure to set up a cron job to periodically generate the NE list.
crontab -e ↵
4 Add a line to specify how often you need to run the script; for example, the following line will
run the script at 3:15 a.m. every day of the week:
where:
amssys_home_account is the home account of amssys. For example, /var/opt/ams/users/amssys/bin/. This
directory depends on the values provided during the 5520 AMS installation.
filename is the name of the file to which to dump the output.
username is the username for a user role that has the NE List - NBI function.
password is the password for a user role that has the NE List - NBI function.
To perform the procedures in this section, you need to be able to log in to the
5520 AMS server as amssys. See Procedure 8 to log in to a 5520 AMS server as
amssys.
where:
username is the username for a user role that has the NE List - NBI function.
password is the password for a user role that has the NE List - NBI function.
Caution — The password you enter in the crontab file is in plain text and
is not secured. Therefore, it is not recommended to perform this
procedure due to security issues.
Perform this procedure to set up a cron job to periodically generate an agent list.
crontab -e ↵
4 Add a line specifying how often you need to run the script; for example, the following will run
the script at 3:15 a.m. every day of the week:
where:
amssys_home_account is the home account of amssys. For example, /var/opt/ams/users/amssys/bin/. This
directory depends on the values provided during the 5520 AMS installation.
username is the username for a user role that has the NE List - NBI function.
password is the password for a user role that has the NE List - NBI function.
filepath is the path to the file to which to dump the output.
13.7 NE balancing
The NE balancing script performs a query in the database and displays the list of NEs
with the NE type and release and associated application server for each. If an NE is
not associated with an application server, the associated application server appears
as blank.
Before you proceed, you need to be able to log in to the 5520 AMS server as amssys.
See Procedure 8 to log in to a 5520 AMS server as amssys.
To check the status of rebalance of NE or NEs, use the ams_show_ne_balancing.sh
script. For details on the ams_show_ne_balancing script, refer to the section 31.24.
Table 23 NAT between the 5520 AMS server and the NEs
5520 AMS servers have public IP No gateway device is required. This configuration is not
addresses Do not configure DCN supported.
settings.
5520 AMS servers have private A gateway device is required If the 5520 AMS servers and
IP addresses to route traffic from the NEs to the NEs are in the same
the 5520 AMS server. subnet:
Configure DCN settings. No gateway device is required.
Do not configure DCN
settings.
The AMS Translated IP Addresses table is displayed, with a column for each provisioned
application server.
3 Click Add.
When the 5520 AMS server is started up for the first time, the default IP address and
subnet of the Do Not Overwrite SNTP in NE option are 0.0.0.0 and 0.0.0.0. These
settings apply to all agents that are in a site object containing this setting. You can
change these settings for the SNTP server type, and you can also apply the
0.0.0.0/0.0.0.0 setting to any other SNTP server type. However, only one SNTP
server type per site can have this IP address and subnet at the same time. If you
have one SNTP server type with these settings and need to configure a different
SNTP server type with them, you must change the settings for the first SNTP server.
Configuring the SNTP protocol in a NE is part of the initial commissioning of the NE.
Reconfiguration may occur later for a set of NEs to fine-tune the protocol or when
SNTP servers are moved from one IP address to another. To apply SNTP
reconfiguration to NEs, you must stop and restart supervision on the NEs.
If you are using a local SNTP server in a 5520 AMS cluster, you typically run one
SNTP server process on each 5520 AMS server. The 5520 AMS automatically
assigns the correct IP address to the server.
When the Settings Type is set to Disable SNTP in NE use AMS Local SNTP Server,
the default subnet address is blank. When the Settings Type is set to
Do Not Overwrite SNTP in NE, the default is 0.0.0.0. When the subnet address is
0.0.0.0, the server settings will be applied to the entire network, regardless of any
other match.
Result: The Create SNTP Server window opens, and displays the SNTP server parameters.
4 To apply the SNTP settings to the NEs, you must stop and restart supervision of the NEs.
For information about stopping and starting supervision, see the Operations and
Maintenance guide for the NE.
4 Select the correct time zone from the Time Zone drop-down menu.
5 Click OK.
See Section 20.26 for information about configuring time zone settings in the Administration
perspective. See the 5520 AMS User Guide for information about setting the time zone on an NE
as part of NE creation.
Before you proceed, time zone settings must be configured. See Section 20.26.
2 Choose a time zone from the drop-down list for the Time Zone parameter.
This regular expression requires numbers to be entered in the format x-xxx-xxxx, for
example, 1-123-1234.
For a phone number complying with the North American Numbering Plan,
NPA-NXX-xxxx, the regular expression is:
[2-9]{1}[0-8]{1}[0-9]{1}[-][2-9]{1}[0-9]{2}[-][0-9]{4}
If the user enters subscriber information that does not comply with the required
format, the 5520 AMS generates an error message. The format must be corrected
before the configuration can be saved.
Note 1 — If a regular expression is entered or changed after
subscriber information is configured and the configured
information does not match the regular expression, the
5520 AMS GUI will generate an error message in the Object
Details view. If you need to make any changes to the object
details, the format must be corrected before the configuration
can be saved.
Note 2 — You cannot configure a regular expression for a serial
number. Serial numbers are not arbitrary strings, and are
imposed by the equipment.
The 5520 AMS uses the following reserved keywords for the Customer ID
parameter:
• Available
• Reserved
• Faulty
• -Passive-
Reserved keywords do not generate error messages. You do not need to include the
reserved keywords in your regular expression.
3 In the Category/Attribute Name panel, expand the attribute name and choose the attribute
type you need to configure.
Parameter Description
6 Click OK.
Note — You can revert the changes before clicking the Apply icon ( ).
See Procedure 81
Note —
• The definition of the attribute format will be effective at the next login.
There is also an Not Collected for SMA category that contains all of the subscriber
attributes not associated with a category. The Customer ID attribute is shown under
Not Collected for SMA category depending on the NE type.
Note 1 —
Result: The new subscriber search attribute category appears in the Category/Attribute
Name column.
Note — You can revert the changes before clicking the Apply icon ( ).
See Procedure 81
3 Select a category from the Category/Attribute Name column, and click the Edit Category icon
( ).
Parameter Description
Unicity Check Enables or disables the unicity check for the category.
Note —
5 Click OK.
Note — You can revert the changes before clicking the Apply icon ( ).
See Procedure 81
3 Expand the category that contains the attribute you want to move.
4 Choose the attribute you need to move and perform one of the following steps:
• Drag the attribute from the current category to the target subscriber search attribute
category.
• Use the Move Attributes icon.
• Click the Move Attributes icon ( ).
Result: The Move Attributes window opens.
• Select the target category name and click OK.
Result: The attribute moves from the current category to the target subscriber search
attribute category.
• Right-click on the attribute and select Move to, then choose a target category name.
Note — You can revert the changes before clicking the Apply icon ( ).
See Procedure 81
4 Click OK.
Result: The deleted attribute or attributes from the deleted category are moved to the Not
Collected for SMA category.
Note — You can revert the changes before clicking the Apply icon ( ).
See Procedure 81
Result: The last change made in Subscriber Search Attribute Categories view is reverted.
Note — You cannot revert the changes after clicking the Apply icon
( ).
Task See
On Red Hat Enterprise Linux systems, configure an Ethernet bonding Red Hat® Enterprise Linux®
interface on each application server and create an Ethernet bonding documentation
group.
Install the External TL1 Gateway on each application server. 5520 AMS External TL1
Gateway Installation Guide
Run the External TL1 Gateway integration script on each application Procedure 82
server.
Configure the External TL1 Gateway settings in the Site object. Section 20.34
Select the Connection to External TL1 GW, Sync NE List, and Use
Single External LT1 GW Server check boxes.
Create the External TL1 Gateway server in the 5520 AMS GUI. Procedure 84
Procedure 82 To configure the External TL1 Gateway using the External TL1
Gateway integration script
Perform this procedure to set up the External TL1 Gateway for use in a cluster.
• On Red Hat Enterprise Linux systems, an Ethernet bonding interface must be configured
on each application server. The Ethernet bonding interfaces must be configured as an
Ethernet bonding group.
• You need the virtual IP address for the cluster, if you need to use one. Only IPv4 address
format is supported.
• The External TL1 Gateway must be installed.
ams_exttl1_integration.sh configure ↵
Detecting setup.
3 The script prompts you for the directory where the External TL1 Gateway is installed:
Press ↵ if the External TL1 Gateway is installed in the /opt/nokia directory, or enter the path
to the directory and press ↵.
4 The script prompts you to confirm whether you will be using a virtual IP address:
5 If you answered yes to the prompt in step 4, the script prompts you for the virtual IP address:
Enter the name of one of the network interfaces in the Ethernet bonding group and press ↵.
The script completes the configuration and displays the following message:
Writing configuration
Ready
The integration of the 5520 AMS and the External TL1 Gateway is configured.
Procedure 83 To unconfigure the External TL1 Gateway using the External TL1
Gateway integration script
Perform this procedure to prepare the External TL1 Gateway for uninstallation. For information
about uninstalling and migrating the External TL1 Gateway, see the 5520 AMS External TL1
Gateway Installation Guide.
ams_exttl1_integration.sh unconfigure ↵
The script confirms that the 5520 AMS is installed in a cluster and that a configured
integration is present:
Detecting setup.
If they are running, the 5520 AMS and the 5520 TL1GW will be stopped
before unconfiguring.
Press ↵ to continue.
The script displays status messages showing the processes being stopped:
->Stopping 5520TL1GW
o Disabling 5520TL1GW
o Stopping 5520TL1GW
->Stopping 5520AMS
Stopping JBoss
Stopped Jboss
Stopping database
Stopped database
Ready
The integration of the External TL1 Gateway is unconfigured. You can proceed with migration
or uninstallation.
You can associate an NE to an External TL1 Gateway when you create it, or change
the association at any time. For information about creating an NE, see the 5520 AMS
User Guide.
Caution — To avoid potential synchronization issues, verify
that the NE name does not include the following characters:
comma (,), semicolon (;), and colon (:).
The Use Single External TL1 Gateway Server check box in the Site settings is
selected by default. If you use two or more External TL1 Gateway servers, you must
deselect the check box. See Section 20.34 for more information. An error is
generated if the check box is selected and you attempt to create a second External
TL1 Gateway server.
Table 27 lists the access privileges that are required for the main menu.
Table 27 Access privileges
(1 of 2)
(2 of 2)
3 Enter a name for the External TL1 Gateway in the Gateway Name field and click Next.
2 Choose File→Export.
3 In the Export window, select the following check boxes under the Application Filter:
• Cluster Settings
• External TL1 Gateway
4 Click Finish.
Result: The Export progress window shows the export progress bar.
2 Right-click the External TL1 Gateway server with which you need to associate NEs and
choose Associate NEs. All NEs that had not been associated with an External TL1 Gateway
server are associated with the server.
Note 1 — If you are logged in to the External TL1 Gateway when you
associate NEs, your session will be disconnected and you will need to log
in again.
Note 2 — TL1 Gateway can only manage an NE with an IP, where the
first and last octet are non-zero. For example, 172.21.132.0 or
0.21.132.33 are considered as invalid IP address of an NE.
3 In the External TL1 GW Server field, click Browse and navigate to the server you need to
assign the NE to.
To view the list of NEs associated with a gateway, log in to the External TL1 Gateway. See
Procedure 93.
Note — TL1 Gateway can only manage an NE with an IP where the first
and the last octet are non-zero. For example, 172.21.132.0 or
0.21.231.33 are considered as invalid IP address of an NE.
Result: The 5520 AMS disassociates all NEs from the gateway.
Note 2 — If you are logged in to the External TL1 Gateway when you
disassociate NEs, your session will be disconnected and you will need to
log in again.
5 Log in to the TL1 GW Manager as ADMIN, TNM, or OSS as described in Procedure 93.
Procedure 91 To start a new External TL1 Gateway user session from the NE
Result: The External TL1 Gateway view opens a user session for the NE.
1 Verify that the External TL1 Gateway is connected to the 5520 AMS. See Procedure 90 to
establish an external TL1 gateway connection.
2 Log in to the External TL1 Gateway Manager using the Admin connection type.
3 In the External TL1 GW Manager view, click the View Menu icon ( ), and choose Configure
External TL1 Gateway.
Result: The Gateway Configuration window opens with the OSS Interface tab selected by
default.
4 Click the OSS Interface, NE Interface, or General tab, and configure the parameters as
required.
• ADMIN,
• TNM
• OSS
4 Enter the username that corresponds to the connection type. The name is the username that
you entered when you configured the gateway.
5 Enter the password that corresponds to the connection type. The password is the password
that you entered when you configured the gateway.
6 For the TNM connection type, choose the channel type: Alarm, Provisioning, or Alarm
Provisioning.
7 Click Finish. When you successfully log in to the External TL1 Gateway, the available NEs
are listed in the TL1 GW Manager view.
If you are logged in to the External TL1 Gateway as a non-administrator, you can use this
view to:
• Provision NEs using TL1 commands. To send a TL1 command, enter or choose the
command in the Command field, and click Send.
• Configure how alarms, requests, and responses are displayed:
• To save TL1 data, click the Save icon ( ).
• To clear TL1 data, click the Eraser icon ( ).
• To disable the display of the data, select the Disable Alarms check box.
1 Log in to the External TL1 Gateway Manager using the Admin connection type.
2 In the TL1 GW Manager view, click the View Menu icon ( ), and choose Change Password.
7 Click OK to save the changes. You are automatically logged out of the External TL1 Gateway
Manager view.
10 Enter the new password in the Admin Password and Re-Type Admin Password fields.
Note — The password must match the one you entered in the External
TL1 Gateway Manager view.
1 Log in to the External TL1 Gateway Manager with the OSS or TNM connection type.
See Section 16.5 for information about Logging in to an External TL1 Gateway.
2 In the TL1 GW Manager view, click the View Menu icon ( ) in the top right corner.
5 Click Open.
Result: The template loads and the operation runs in the background.
1 Log in to the External TL1 Gateway Manager as a TNM user. See Procedure 93.
2 Choose one of the following methods to enter a TL1 command in the Command drop-down
list:
3 Click Send.
Result: The command is sent to the gateway. The response to the command sent is
displayed in the Request/Response panel of the External TL1 GW Manager.
• Click the Save icon ( ) next to the Request/Response panel to save the log of requests
sent to the External TL1 Gateway and responses received from it, which is displayed in
the Request/Response panel, to a .txt file locally.
• Click the Clear icon ( ) to clear the requests and responses from the
Request/Response panel.
• The External TL1 Gateway must be connected on the 5520 AMS. See Procedure 92 to
configure or modify an External TL1 Gateway.
• A command template must be loaded on the External TL1 Gateway. See Procedure 95
to load command templates on the External TL1 Gateway.
1 Log in to the External TL1 Gateway Manager with the OSS or TNM connection type.
See Section 16.5.
2 To start the batch execution action, click the Batch Execution Action icon ( ) in the TL1 GW
Manager view.
3 Navigate to the script file that you need to run. This file is stored where the 5520 AMS client
runs. See the 5520 AMS External TL1 Gateway User Guide for more information.
Result: The batch execution action starts and runs in the background.
• The External TL1 Gateway must be connected on the 5520 AMS. See Procedure 92.
• A batch execution action on the External TL1 Gateway must be started. See
Procedure 98.
1 Log in to the External TL1 Gateway Manager, using the OSS or TNM connection type.
See Section 16.5.
2 To stop a batch execution action that is running in the background, click the red Stop Batch
Execution icon ( ).
Procedure 100 To add a TNM user profile on the External TL1 Gateway
The External TL1 Gateway must be connected on the 5520 AMS. See Procedure 92 to configure
or modify an External TL1 Gateway.
You need to create a TNM user for the IP address of each of the following:
• The 5520 AMS server. In a cluster environment, you need a user for each application
server.
1 Log in to the External TL1 Gateway Manager using the Admin connection type. See
Section 16.5.
Note — This procedure assumes that a TNM user profile has not been
configured on the External TL1 Gateway. Therefore, you must log in to
the External TL1 Gateway using the Admin connection type. You can only
log in to the External TL1 Gateway using the TNM connection type when
a TNM user profile is configured.
2 In the TL1 GW Manager view, click the View Menu icon ( ), and choose TNM User Profiles.
Result: The TNM User Profile window opens and displays any existing TNM user profiles.
3 Click Add.
7 Enter the IP address for the TNM user profile. This is the IP address from which a TNM user
can connect to the External TL1 Gateway.
8 Click Finish.
1 Log in to the External TL1 Gateway Manager using the Admin connection type. See
Procedure 93 to log in to the External TL1 Gateway Manager.
2 In the External TL1 GW Manager view, click the View Menu icon ( ), and choose TNM User
Profiles.
Result: The TNM user Profiles window opens and displays any existing TNM user profiles.
2 In the TL1 GW Manager view, click the View Menu icon ( ) in the top right corner and
choose TNM User Profiles.
Result: The TNM User Profile window opens and displays any existing TNM user profiles.
3 Choose the Set of TNM profiles you need to remove and click Remove.
Result: The TNM profiles for the 5520 AMS server and the External TL1 Gateway are
removed from the TNM User Profile window.
4 Click Finish.
Before you proceed the External TL1 Gateway must be connected on the 5520 AMS.
See Procedure 92.
1 Log in to the External TL1 Gateway Manager using the Admin connection type. See
Section 16.5.
2 In the TL1 GW Manager view, click the View Menu icon ( ) in the top right corner and
choose Terminate TNM Sessions.
Result: The Terminate TNM User Session window opens and displays a list of TNM user
sessions that are currently running. This window will be empty if no user sessions are
running.
4 Click Start.
Result: The Terminate TNM User Session window displays information about user sessions
that are currently running. The window is updated for every configured interval specified in
step 3.
5 To stop the display of information in the Terminate TNM User Session window at any time,
click Stop.
6 To terminate a TNM user session, choose the session that you need to terminate in the
Terminate TNM User Session window, and click Terminate.
1 Log in to the External TL1 Gateway Manager using the Admin connection type. See
Section 16.5.
2 In the TL1 GW Manager view, click the View Menu icon ( ), and choose External TL1
Gateway Statistics.
4 Click Start.
Result: The Gateway Statistics window displays information about the External TL1
Gateway. The window is updated for every configured interval specified in step 3.
5 To stop the display of information in the Gateway Statistics window at any time, click Stop.
Procedure 105 To view External TL1 Gateway release and license information
2 In the External TL1 GW Manager view, click the View Menu icon ( ), and choose About
TL1 Gateway.
Result: The About TL1 Gateway window opens and displays release and license information
about the External TL1 Gateway.
Procedure 106 To copy a list of NEs in the external TL1 gateway manager
You can select and copy a list of NEs in the external TL1 gateway manager view and paste it to a
clipboard.
2 Right-click External TL1 GW Server and choose the External TL1 GW Manager
4 In the External TL1 GW Manager window, select the list of NEs and right-click to Copy the
selected records or Select All to select all the records.
1 Log in to the External TL1 GW Manager as a TNM user, using the TNM user credentials. See
Procedure 93.
Result: The alarm logs are displayed in the Alarms panel in the External TL1 GW Manager
view.
• Click the Save icon ( ) to save the alarm log as a .txt file locally.
• Click the Clear icon ( ) to clear the alarm logs from the Alarm panel.
• Select the Disable Alarms check box to stop displaying alarms from the NE.
If you are placing the NE in a group, the group must be created. See the 5520 AMS
User Guide.
Depending on the configuration of the 5520 AMS, the name you assign to an NE may
have to match the NE System ID. See Procedure 163.
If it is necessary, you must obtain the System ID of the NE before creating the NE in
the 5520 AMS GUI. For the procedure to obtain the NE System ID using CLI and TL1
commands, see the NE hardware documentation.
SNMP profiles must be created. See Procedure 140 to create an SNMP profile.
If the NE is behind a NAT server, DCN settings must be configured before you can
supervise the NE. See Procedure 72 to configure DCN settings.
If you need to set up time zone management, time zone settings must be configured.
See Procedure 167 to configure time zone settings.
If you will be applying a TL1 Gateway ID, the External TL1 Gateway must be created
and the Use Single External TL1 GW Server check box in the Site object must not
be checked. See Chapter 16.
If you will be applying templates, template groups, or PAPs, they must be created.
See the 5520 AMS User Guide for information about templates.
You must be able to log in to the 5520 AMS server as amssys or as a user in the
amssys group. For information on adding a new user account to the amssys group,
see Section 9.3.
You need the username and password of a 5520 AMS user with the AMS NBI - Edit
function, for example, a user with the Administrator role. You can enter the username
and password when you run the script, or you can use the password encryption tool.
See Procedure 34 to run the password encryption script.
Procedure 108 To create an input file for the ams_ne_mgr script with option
-createNE
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
• If you logged in as amssys, open the following sample input file in a text editor:
$AMS_LOCALDATA_HOME/oss/conf/ams_ne_mgr.csv
• If you logged in as a user in the amssys group, open the copied input file in a text editor.
For information on copying the existing input file, see Procedure 32.
• Create a new input file in an editor.
3 Configure the parameters as comma-separated values with one line for each NE.
Group Name Yes The group you need to create the NE in.
NE Name Yes The name of the NE. The name cannot contain special
characters ($, #, ^, &, *). (1) (2)
NE Type Yes The type of the NE, for example, 7342 ISAM FTTU.
Main IP Address No(3) The IP address of the NE. IPv4 and IPv6 address
formats are supported.
Secondary IP Address No If Single IP Address is set to false, the IP address of the
second agent, for example, the SHub. IPv4 and IPv6
address formats are supported.
Main SNMP Profile Name No(3) The SNMP profile for the NE
Secondary SNMP Profile Yes, for The SNMP profile for the second agent, for example, for
Name NEs with the SHub
two agents
ENV Alarm Template No The name of the environmental alarm template to assign
Name to the NE
Template Group Name No The multiple template group versions for deployment to
assign to the NE.
Formats for creating NE with template group:
• Template Group Name:Version Number : This
format can be used only for one template group.
For example, TGV2ISAM:1
• /name=template Group Name/version=version
number : This format can be used for one or more
template groups and can be passed using a '|'
delimiter to this parameter.
For example,
/name=TGVISAM/version=1|/name=TGV1ISAM/ve
rsion=2
(1 of 3)
CLI User Name No The username to use for CLI cut-throughs to the NE
TL1 Port No The port number you need to assign for TL1
communication. (6)
Download and Activate No Specifies the NE must be supervised after the software
SW at Start Supervision (7) download and activation.
You must first enter the target SW release in the Target
SW Release parameter to enter a value this parameter.
(2 of 3)
Execute Script at Start No Specifies whether the script needs to be executed during
Supervision (7) supervision.
You must first enter a target script in the Target Script or
Archive parameter to enter a value for this parameter.
(3 of 3)
Notes
(1) NE names are case insensitive. For example, you cannot create an NE with the name Node55 and another NE
with the name NODE55.
(2) The NE name should not include the following characters: comma (,), semicolon (;), and colon (:).
(3) Yes, if the NE is managed using SNMP. For an UNMANAGED NE, the IP address is not required.
(4) NE custom fields should be added at the end of a line of the input file passed to the ams_ne_mgr script. Each
line contains information about a single NE to create.
(5) The parameters, MapInfo_longitude and MapInfo_latitude are available only when a geographic map license is
installed on the 5520 AMS.
(6) The parameter, tl1port attribute is deprecated and is ignored.
(7) This parameter is applicable only to NE type which supports zero touch provisioning features. For more
information, see the 5520 AMS Administrator Guide.
(8) The parameters “ANV Process Name” and “Configuration Template” are applicable only for NE creation when
using Nokia Access Virtualizer Adaptor which is a licensed product. For more information about Nokia Access
Virtualizer Adaptor, contact your Nokia account representative.
Access
Network,RK11S1,7342 ISAM FTTU,4.7,true,124.120.111.211,SNMP1,SNMP2,,,,i
sadmin,password@,SUPERUSER,password,,,
Network,test,defaultPAP,7342 ISAM
FTTU,4.7,false,2.2.9.6,2.2.3.2,public,NETMAN
,,,,,,,,,,,,,15,15,cf=/test=test
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
where:
[options] is the options you need to enter, as shown in Table 29.
input_file is the full path to the input file you configured in Procedure 108.
Note — If you do not specify an input file, the script will read the
example input file at
$AMS_LOCALDATA_HOME/oss/conf/ams_ne_mgr.csv.
Option Description
-pfile file Specify the name of the properties file, which is used by the script for
configuration. The file must be in the shared directory of the data server,
$AMS_SHAREDDATA_HOME/config. The default properties file is
ams_mgr.conf. The configuration changes to the properties file must be
done on the active data server.
-efile file Specify the name of the password file created in Procedure 34, which is
used by the script to get username and password. The file must be in the
shared directory of the data server,
$AMS_SHAREDDATA_HOME/config. The default password file is
ams.password.
-logdir directory Specify a directory to save the log to. The default directory is
local_data_dir/ams/local/release/log.
(1 of 2)
Option Description
-action action Action to take. The options are:
• createNE
• startSupervision
• createNEAndStartSupervision
• enableMaintenanceMode
• disableMaintenanceMode.
• modifyNE
-username The username of a 5520 AMS client user with the AMS NBI - Edit function.
username(1)
-keystore key The full path to the keystore file. By default, the 5520 AMS retrieves the
path from the properties file.
-keypass password The password for the keystore file. By default, the 5520 AMS retrieves the
password from the properties file.
-nbihost URL The URL of the NBI client the 5520 AMS needs to connect to.
The default URL is https://server:8443, where server is the host name or
IP address of the 5520 AMS server.
If you are using HTTP, enter http://server:8080/.
(2 of 2)
Notes
(1) This option is not necessary if you have performed Procedure 34.
(2) If the password contains special characters you need to follow shell quoting rules. Normally this can be done
by enclosing the password in single quotes.
If the password includes single quotes, you can use one of the following:
Example password: $pec'ch*rs"
Single Quotes: -password '$pec'\''ch*rs"'
Double Quotes: -password "\$pec'ch*rs\""
Backslash Quotes: -password \$pec\'ch\*rs\"
3 The script executes, displaying success messages for each NE created. A log file is created
called ams_ne_mgr.log.
Procedure 110 To create an input file for ams_ne_mgr script with option -modifyNE
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
• If you are logged in as amssys, open the following sample input file in a text editor:
$AMS_LOCALDATA_HOME/oss/conf/ams_ne_mgr-modify.csv
• If you logged in as a user in the amssys group, open the copied input file in a text editor.
3 Configure the parameters as comma-separated values with one line for each user.
ISAM90,aliasName=myISAM,deployAfterNextStartSupervision=true,groupName=
Network/myGroup
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
• If you are logged in as amssys then open the default input file in the text editor:
AMS_LOCALDATA_HOME>/oss/conf/ams_splitter_mgr.csv
• If you logged in as a user in the amssys group, open the copied input file in a text editor.
For information on copying the existing input file, see Procedure 32.
• Create a new input file in an editor.
3 Configure the parameters as comma-separated values with one splitter per line. Table 30
describes the input file parameters.
iSAM17:/rack=1/shelf=1/slot=LT1/port=1/splitter=1,0.086111111
login:username
password:password
prompt:prompt
!CLI Commands
!comment
command
command
...
Parameter Description
• When you are configuring more than one NE, a text file must be created that lists the IP
addresses of the NEs.
ams_ne_cli -protocol ↵
Where the argument -protocol is optional can be any of the following options:
telnet Using telnet protocol to connect to the NEs.
ssh Using ssh protocol to connect to the NEs
telnetfirst The first instance uses telnet protocol to connect to the NEs. In case the
connection fails, the system tries to setup an SSH connection.
sshfirst The first instance uses ssh to connect to the NEs. In case the connection fails, the
system connects using telnet. This is the default option.
ams_ne_cli-help ↵
where:
neAddr is the IP address of an NE. IPv4 and IPv6 address formats are supported.
NeIpList is a text file that lists the IP addresses of the NEs.
inputCommandFile is the text file containing the CLI commands.
outputCommandFile is the text file that will contain responses to the CLI commands.
timeout is the timeout, in seconds (default is 10), and is optional.
18.1 Overview
The 5520 AMS allows you to back up or restore the selected NE database. By
default, the 5520 AMS retains only five database backup files, deleting the oldest file
when a sixth backup file is created. You can configure the number of retained files.
See Chapter 21 for the procedures to configure the number of backup files that are
stored on the 5520 AMS server. You can also configure individual backup files to be
retained indefinitely.
The Backup view displays the available NEs that you can back up and restore. You
can perform a backup and restore operation at the Access Network level or from the
individual NE.
You can also save NE backup files to an external server. See Procedure 159 for
more information to configure an external NE backup server.
Optionally, you can apply preconfigured schedules to perform backup operations.
See Chapter 21 for detailed information on backing up the 5520 AMS database and
the procedures to set up scheduled backup activities.
Before you proceed, make sure your user account is assigned a role that includes
the necessary functions to perform the procedures in this chapter. See Table 14 for
more information on 5520 AMS function descriptions.
Note — The 5520 AMS supports the back up of multiple NEs at the
same time.
2 To open the Backup & Restore view, perform one of the following steps:
• Right-click the NE in the Network Tree and choose Backup & Restore→Backup.
Result: The Backup NE window opens with the NE selected. Go to step 6.
ii Use the filters in the Filters panel and click Build List.
Result: The NEs appear in the list on the right side of the window.
Note — In the Name field, you can enter part of the name or use the
asterisk (*) as a wildcard. Enter one string at a time.
The NE Selection window closes and the selected NEs or groups appear in the Selected
NEs panel of the Backup NE window. To remove any of the selected NEs or NE groups,
choose the NE or group in the Selected NEs panel, and click Remove.
6 If you are performing the backup operation for migration of an NE which supports two types
of backup files, select the Including OAM Channel Information (For Migration Purpose Only)
check box, to back up files including the OAM channel information
However, if the NE supports only one type of backup file, then irrespective of whether
Including OAM Channel Information check box is selected or unselected, back up is taken
depending on what the NE supports.
7 If you want to retain the backup file when the 5520 AMS deletes backup files, select Never
delete these backup files unless the NE is deleted check box.
8 Configure the number of automatic retries of the backup operation, in case the action fails, in
the Number of Retries field. The default value for this parameter is 0, and the allowed range
is from 0 to 10.
9 Configure the duration (in minutes) for which the Action Manager needs to wait to
automatically retry a failed action in the Delay Between Action Retries field. This parameter
is applicable only if retries are configured for the backup operation in the Number of Retries
field. The default value of this parameter is 10 minutes, and the allowed range is from 0 to
1000 minutes.
11 In the Schedule field, click Browse to choose the time to perform the backup operation.
• Choose Schedule now to run the backup operation immediately. Click OK.
• Choose the name of a schedule to run the backup operation at a specified time. Click OK.
14 Click Yes to confirm that you need to start the backup process.
Result: A window opens and provides details about the progress of the backup operation.
Click OK.
A Backup window opens, indicating the progress of the backup operation. The status in the
Action view panel shows the percentage of completion and the number of errors. When the
backup operation is completed or failed, an Action Details window opens showing the Target,
Description, Status and Additional Information.
The new backup file is listed in the Backup File Management window, replacing the older
backup file. If OAM information is included, the value in the OAM column is set to Yes.
• Select the NE in the network tree and choose Backup & Restore→Restore. Result: The
Restore NE window opens with the NE selected. Go to step 7.
When the NE has an IACM and SHub agent, right-click the IACM agent.
5 In the Filters panel, choose the required NE filter options and click Build List.
Result: The NE agents that match the search criteria are displayed in the Agent Selection
window.
6 Choose the NE agent in the Agent Selection window for which you need to perform the
restore and click OK.
7 Choose the individual backup file you need to restore. If there is a version mismatch, an error
message is displayed.
8 If you do not need to validate the file version you are restoring, select Forced Restore.
Result: A confirmation window opens and displays the message indicating that the restore is
a service-affecting operation.
10 Click Yes to confirm that you need to perform the restore operation.
A Restore window opens, indicating the progress of the restore. The status in the Action view
panel shows the percentage of completion and the number of errors. When the restore is
completed or failed, an Action Details window opens showing the Target, Description, Status
and Additional Information.
Note — You can view actions that started during a specific duration by
selecting both “Started Before” and “Started After” action filters.
Result: The status of the actions appears in the Action view panel.
Note — You can also view the Backup Restore Status and the Last
successful Backup status of an NE from the Network perspective in the
NE Object Details→General Tab→Additional Data.
Auto Refresh should be enabled for dynamic updates, if not you have to
refresh the NE object details for any latest status updates.
where:
• IP address is the IP address of the NE. IPv4 and IPv6 address formats are
supported.
• agent name is the name of the agent in the 5520 AMS, for example, IACM.
• software is software load running on the NE at the time the backup was taken.
• oam is the y if the backup file contains the OAM data, otherwise it is n.
• auto removal is y if the backup file should be auto removed otherwise it is n.
• yyyy-mm-dd-hh-mm-ss is the date and time the backup was taken.
You can retrieve the IP address of an NE from the Object Details view or using a
script on the 5520 AMS server. See Section 13.2
Caution — Nokia recommends that you must not delete or
move the NE backup files using UNIX commands on the AMS
data server. Ensure to use the 5520 AMS GUI to manage the
NE backup files as explained in this section.
Result: The Backup Restore perspective opens. The NE backup files are displayed.
2 In the Backup File Management panel, click the Filter icon ( ) to open the Backup Filter
window.
3 In the Backup Filter window, click Add to open the NE Selection window.
ii Use the filters in the Filters panel and click Build List.
Result: The NEs appear in the list on the right side of the window.
Note — In the Name field, you can enter part of the name or use the
asterisk (*) as a wildcard. Enter one string at a time.
Alternatively, you can click the Select NE Groups and choose a group.
The NE Selection window closes and the selected NEs or groups appear in the NE filter
panel of the Backup Filter window. To remove any of the selected NEs or NE groups,
choose the NE or group in the NE panel, and click Remove.
6 To save your filter, enter a name in the All Filters field and click Save.
7 Click OK.
Result: The backup files are displayed in the Backup File Management panel.
Note — The Auto Removal column indicates which backup files are
retained when the 5520 AMS deletes backup files. When the Auto
Removal value is No, the 5520 AMS retains the file indefinitely. See
Procedure 158 for information about how to configure the maximum
number of backup files for each NE that the 5520 AMS must retain.
1 View the NE backup files. See Procedure 116 to view and filter NE backup files.
2 Choose Copy Backup files from the Backup Restore Tasks view.
3 Select the option for the action you need to perform. Choose one of the following:
Click Next.
4 In the From and To areas, click Browse to specify an NE, file, or location. To specify a file on
the 5520 AMS client, select the Client option, and then click Browse.
Procedure 118 To align the 5520 AMS database with stored NE backups
Perform this procedure to remove backup records from the database that do not have
corresponding NE backup files on the 5520 AMS server. You can also remove backup files that
do not have corresponding backup records in the database.
1 View NE backup files. See Procedure 116 to view and filter NE backup files.
2 In the Backup File Management panel, click the Align EMS database with stored NE Backups
icon ( ).
3 (Optional) Select the Also remove the unreferenced NE backup files from the disk check box.
4 Click OK.
Result: The Sync Backup window opens while the 5520 AMS scans the backup database.
The Action Details window opens when the alignment is complete and displays the job status.
1 View the NE backup files. See Procedure 116 to view and filter NE backup files.
2 Choose the files you need to delete from the table, and click the Delete icon ( ).
Note — You can delete one or more backup files at the same time.
Note — If a backup check server object is defined in the 5520 AMS and
a manual backup check is triggered using a Check Backup Consistency
wizard for all ISAM and 7342 ISAM FTTU NEs, then the backup check
happens on the remote server.
Note 2 — In the case of the 7342 ISAM FTTU NEs, the Check Database
and Check PON Bandwidth and T-Cont check boxes are selected by
default. Select the Repair Database check box, if required.
If a backup check server object is defined in the 5520 AMS, then the
following check boxes are disabled:
• Check Database
• Repair Database
• Check PON Bandwidth and T-Cont
3 View the logs or the traces by clicking Show Log or Show Traces.
You can view the consistency log from the AMS client:
• Navigating to EMS Administration → EMS System → Site → Application & Data Servers
→ Data Server.
• Right-click the Data Server and choose Actions → Show Log File.
The View Server File dialog opens.
• Click the ( ) icon to view all the log files. Consistency log is one of them.
$AMS_EXTERNAL_SHAREDDATA_HOME/ne/backup/consistencyLog/
135/249/41/20/27_admin_135.249.41.20_IACM_OSWPAA55.439_yy_2
017-03-03-12-31-44.gz_03Mar2017-12-33-10/logfile.log , trc.log
wget http://ams-app-server:8080/vprocmon/vprocmon.bin ↵
wget https://ams-app-server:8443/vprocmon/vprocmon.bin ↵
wget --no-check-certificate
https://ams-app-server:8443/vprocmon/vprocmon.bin ↵
3 When the vprocmon.bin file is downloaded, modify the permissions on the file. In the external
server, type:
./vprocmon.bin ↵
5 The installer prompts you for the location of the SSH tools:
6 The installer prompts you for the location of the installation directory:
7 The installer prompts you for the location of the configuration files:
8 The installer prompts you for the location to save the data files:
In which top directory do you want to save the data files [ /var/opt
(default) ]?
9 The installer prompts you to enter one or more IP addresses on which the AMS server can
be reached:
Provide one or more IP address(es) on which the AMS server can be reached
(comma separated list):
Enter the password for 'amssys' user (no space allowed) [ amssys
(default) ]:
Result: The vprocmon.bin file is installed in the external server and the vprocmon service is
started automatically.
Before you proceed, ensure that the vprocmon.bin file is installed in the external server. See
Procedure 121.
1 In the Administration Tree, choose EMS Administration→ EMS System→ Site→ Backup
Check Servers.
2 Right-click Backup Check Servers and choose Create→ Backup Check Server.
5 Click Finish.
Result: The backup check is performed and the results are displayed in the remote server,
as per the NE IP address.
Perform the following procedure to synchronize the NE tools to the backup check server. To
synchronize the NE tools, you need to have the Backup Check Server - Edit function.
1 In the Administration Tree, choose EMS Administration→ EMS System→ Site→ Backup
Check Servers.
2 Right-click the backup check server for which you need to synchronize the NE tools and
choose Actions→ Synchronize NE Tools.
Result: The 5520 AMS attempts to synchronize the NE tools for the selected backup check
server.
When the sync is complete, the Action Details view displays the results of the sync if the sync
was successful or not, and if not successful it displays possible reasons for failure.
Procedure 124 To initiate an NE backup or restore when the 5520 AMS is used as a
craft terminal
2 In the FTP Server Configuration pane, choose the file transfer protocol from the Protocol
Type drop-down menu.
• Actions→Initiate Backup
• Actions→Initiate Restore
Result: The backup or restore is started. The command returns immediately and does not
wait for the operation to complete. It does not report success or failure.
19.3 Creating a Media Gateway from the 5520 AMS application server
Result: The link management settings are displayed in the Object Details view.
Setting Description
G6-GPON Links
VoIP Client Address Allocation Mode Specifies whether the 5520 AMS automatically
generates an IP address for the ANM-GbE port
on the G6.
The options are:
• Fixed Map
• No Fixed Map
Limit Max. Number of ONTs per PON at 32 By default this check box remains unchecked.
When this check box is selected, only one IP
address along with the broadcast IP address can
be configured on the selected ANM-GbE port for
this association.
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
• If you logged in as amssys, open the following sample input file in a text editor:
$AMS_LOCALDATA_HOME/oss/conf/ams_link_mgr.csv ↵
• If you logged in as a user in the amssys group, open the copied input file in a text editor.
For information on copying the existing input file, see Procedure 32.
• Create a new input file in an editor.
3 Configure the parameters as comma-separated values with one line for each link. If the
parameter value includes a comma, precede it with a backslash (\).
The parameter details for different link creation are available in Table
aEndTP Yes Name of the A end termination point of the link, in the
following format:
<NeName>:/rack=<Rack>/shelf=<Shelf>/slot=<Slot>/port=<
Port>
zEndTP Yes Name of the Z end termination point of the link, in the
following format:
<NeName>:/rack=<Rack>/shelf=<Shelf>/slot=<Slot>/port=<
Port>
direction No Valid inputs are:
• CD_UNI: for unidirectional termination points
• CD_BI: for bidirectional termination points
type Yes The link type: G6_GPON.
portIpAddress(1) Yes The IP address of the G6 ANM Gbe port used in the link.
potsGroupIndex Yes The POTS group index of the link.
ipNetmask(1) Yes The netmask for the G6 ANM Gbe Port IP address.
defaultPriority Yes The default priority on the G6 Port IP address of the link. The
parameter must be an integer value. The range is 0 to 7.
(1 of 2)
(2 of 2)
Note
(1) IP addresses of portIpAddress, ipNetmask, bcastIpAddress, secondaryPortIpAddress,
secondaryBcastIpAddress, tertiaryPortIpAddress, tertiaryBcastIpAddress, quaternaryPortIpAddress and
quaternaryBcastIpAddress are auto-calculated when the VoIP Client Address Allocation Mode is “Fixed Map.”
An example of an input file entry for a 7342 ISAM FTTU and G6 link is:
GPON46_95_200:/rack=1/shelf=1/slot=NTA/port=1,g6_sim_118:/rack=1/shelf=
1/slot=1/port=1,CD_UNI,G6_GPON,1,,1,g6-gpon link
description,,,ENABLED,DISABLED,1,1,ENABLED,DISABLED,DISABLED-FORCED,ENA
BLED,1,,,,,,,Locked
An example of an input file entry for a 7360 ISAM and G6 link is:
ISAM222:/rack=1/shelf=1/slot=NTA/port=3,G6123:/rack=1/shelf=1/slot=1/po
rt=2,CD_UNI,G6_GPON,500,,1,g6-gpon
linkdescription,,,ENABLED,DISABLED,1,1,ENABLED,DISABLED,DISABLED-FORCED
,DISABLED,1,,,,,,,Locked
aEndTP Yes Name of the A end termination point of the link, in the following
format:
<NeName>:/rack=<Rack>/shelf=<Shelf>/slot=<Slot>/port=<Port>
zEndTP Yes Name of the Z end termination point of the link, in the following
format:
<NeName>:/rack=<Rack>/shelf=<Shelf>/slot=<Slot>/port=<Port>
ISAM-EAST:/rack=1/shelf=1/slot=NTA/port=20,ISAM-WEST:/rack=1/shelf=1/sl
ot=NTA/port=40,,ISAM_HUB_SUBTENDING,,ISAM-LINK1,MONTREAL
aEndTP Yes Name of the A end termination point of the link, in the following
format:
<NeName>:/rack=<Rack>/shelf=<Shelf>/slot=<Slot>/port=<Port>
zEndTP Yes Name of the Z end termination point of the link, in the following
format:
For a GPON ONT:
<NeName>:/rack=<Rack>/shelf=<Shelf>/slot=<Slot>/port=<Port>/
remote_unit=<Remote Unit>
Example: ISAM43:/rack=1/shelf=1/slot=LT2/port=1/remote_unit=1
For an NGPON2 ONT:
<NeName>:CG<cgId>.SCG<scgId>.ONT<ontId>
Example: ISAM_FX:CG1.SCG1.ONT1
(1 of 2)
(2 of 2)
#aEndTP,zEndTP,direction,type,description
#ISAM43_9:/rack=1/shelf=1/slot=NTA/port=3,ISAM43:/rack=1/shelf=1/slot=L
T2/port=1/remote_unit=1,CD_UNI,ISAM-MDU,isam-mdu description
ISAM_MX:/rack=1/shelf=1/slot=NTA/port=1,ISAM_FX:CG1.SCG1.ONT1,CD_BI,ISA
M-MDU,test description
zEndTP Yes Name of the Z end termination point of the link can be an Agent or
a Network Port in the following formats:
Agent: <NeName>:/type=Agent/<AgentName>
Network Port:
<NeName>:/rack=<Rack>/shelf=<Shelf>/slot=<Slot>/port=<Port>
#aEndTP,zEndTP,direction,type,description
#ISAM1:/rack=1/shelf=1/slot=NTA/port=1,ISAM2:/rack=1/shelf=1/slot=NTA/p
ort=1,CD_BI,NE-NE,test description
#NE1:/type=Agent/IHUB,NE2:/type=Agent/SHUB,CD_BI,NE-NE,test description
#NE1:/type=Agent/IACM,NE2:/rack=1/shelf=1/slot=NTA/port=1,CD_BI,NE-NE,t
est description
#NodeName:/rack=1/shelf=1/slot=NTA/port=1,NodeName:/rack=1/shelf=1/slot
=NTA/port=1,CD_BI,NE-NE,test description
#UNMANAGEDNE:/type=Agent/IACM,UNMANAGEDNE:/type=Agent/IHUB,CD_BI,NE-NE,
test description
#UNMANAGEDNE:/type=Agent/IACM,NodeName:/rack=1/shelf=1/slot=NTA/port=1,
CD_BI,NE-NE,test description
#NodeName:/rack=1/shelf=1/slot=NTA/port=1,UNMANAGEDNE:/type=Agent/IHUB,
CD_BI,NE-NE,test description
#NodeName:/rack=1/shelf=1/slot=NTA/port=1,NodeName:/rack=1/shelf=1/slot
=NTA/port=2,NE-NE
#UNMANAGEDNE:/type=Agent/IACM,UNMANAGEDNE:/type=Agent/IHUB,NE-NE
#UNMANAGEDNE:/type=Agent/IACM,NodeName:/rack=1/shelf=1/slot=NTA/port=2,
NE-NE
#NodeName:/rack=1/shelf=1/slot=NTA/port=1,UNMANAGEDNE:/type=Agent/IACM,
NE-NE
aEndTP Yes Name of the A end termination point of the link. For aEndTP format,
refer to Table 39.
(1 of 2)
(2 of 2)
Table 39 lists the supported splitter link values for aEndTP and zEndTP.
#aEndTP,zEndTP,type,splitterPort
#iSAM17:/rack=1/shelf=1/slot=LT2/port=3,iSAM17:/rack=1/shelf=1/slot=LT2
/port=3/SP=1,SPLITTER,4
5 Run the password encryption script. See Procedure 34 to run the password encryption script.
Note 2 — During the 5520 AMS migration to R9.7.07, you must run the
createUsernamePassword script to recreate the encrypted password in
the ams.password file.
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
where:
[options] is the options you need to enter, as shown in Table 40.
input_file is the full path to the input file you configured in Procedure 126.
Note — If you do not specify an input file, the script will read the
example input file at
$AMS_LOCALDATA_HOME/oss/conf/ams_link_mgr.csv.
Option Description
-pfile file Specify the name of the properties file, which is used by the script for
configuration. The file must be in the shared directory of the data server,
$AMS_SHAREDDATA_HOME/config. The default properties file is
ams_mgr.conf. The configuration changes to the properties file must be done on
the active data server.
(1 of 2)
Option Description
-efile file Specify the name of the password file created in Procedure 34, which is used by
the script to get username and password. The file must be in the shared directory
of the data server, $AMS_SHAREDDATA_HOME/config. The default password
file is ams.password.
-logdir directory Specify a directory to save the log to. The default directory is
local_data_dir/ams/local/log, where local_data_dir is the directory where local
data is stored. By default, this is /var/opt.
-mdNm domain The management domain name used in the FDN of northbound objects. The
default is AMS.
-username The username of a 5520 AMS client user with the AMS NBI - Edit - User function.
username (1)
or -u username
-keystore key The full path to the keystore file. By default, the 5520 AMS retrieves the path from
the properties file.
-keypass The password for the keystore file. By default, the 5520 AMS retrieves the
password password from the properties file.
-nbihost URL The URL of the NBI client the 5520 AMS needs to connect to.
-c Create links
-d Delete links
(2 of 2)
Notes
(1) This option is not necessary if you have performed Procedure 34.
(2) If the password contains special characters you need to follow shell quoting rules. Normally this can be done
by enclosing the password in single quotes.
If the password includes single quotes you can use one of the following:
Example password: $pec'ch*rs"
Single Quotes: -password '$pec'\''ch*rs"'
Double Quotes: -password "\$pec'ch*rs\""
Backslash Quotes: -password \$pec\'ch\*rs\"
The script executes, displaying success messages for each user created. A log file is created
called ams_link_mgr.log.
Before you proceed, the following G6-GPON links should be configured as follows. For more
information on G6-GPON links, see Procedure 125.
1 Log in to the 5520 AMS application server as amssys or amssys secondary group users.
cd lib/applicationserver/bin↵
where:
--force adds additional GBE Port IP address on the G6 and the 5520 AMS database and bypass the NE
version check.
Use --force option to align the ANM GBE port IP addresses for the 7342 ISAM FTTU releases. If the
--force option is not used, then the ANM GBE port IP addresses aligns only with 7342 ISAM FTTU R4.9.
<outputdir> specifies the path of the output log file where the error or the information messages will be
logged.
Note 1 — Starting with 7342 ISAM FTTU R4.9 or later, the script adds
additional GBE Port IP address to G6 and the 5520 AMS database for the
Ethernet port links, by default. If the force option is specified then the
script will add the GBE port IP address on G6 port and the 5520 AMS
database for the all links, irrespective of the added Ethernet Port from the
node version.
Note 2 — If you do not specify an output directory, the script will read the
example output directory at $AMS_LOCALDATA_HOME/log.
Result: The script executes, displaying success messages for the created GBE Port IP address.
A log file is created called gbeport_align_output.txt. If errors are generated during IP address
creation, then an error log called gbeport_align_error.txt is created at the specified output
directory.
Before you proceed, the following G6-GPON links should be configured as follows. For more
information on G6-GPON links, see Procedure 125.
1 Log in to the 5520 AMS application server as amssys or amssys secondary group users.
cd lib/applicationserver/bin↵
where:
--force validates the supported GBE Port IP address for the retrieved links.
Use --force option to validate the ANM GBE port IP addresses for the 7342 ISAM FTTU releases. If the
--force option is not used, then the ANM GBE port IP addresses are validated for 7342 ISAM FTTU R4.9
only.
<outputdir> specifies the path of the output log file where the error or the information messages will be
logged.
Note 1 — Starting with 7342 ISAM FTTU R4.9 or later, the script
validates the additional GBE Port IP address for the retrieved links for the
Ethernet Port links, by default. If the force option is specified, then the
script will audit the GBE port IP address for the all links, irrespective of the
added Ethernet Port from the node version.
Note 2 — If you do not specify an output directory, the script will read the
example output directory at $AMS_LOCALDATA_HOME/log.
Result: The script executes, displaying success messages for GBE Port IP address created. A log
file is created called gbeport_audit_output.txt.
Perform the procedures described in this section to create the input file and the 7367
ISAM SX Media Gateway.
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
• If you logged in as amssys, open the following sample input file in a text editor:
$AMS_LOCALDATA_HOME/oss/conf/ams_mediagw_mgr script ↵
• If you logged in as a user in the amssys group, open the copied input file in a text editor.
For information on copying the existing input file, see Procedure 32
• Create a new input file in an editor.
3 Configure the parameters as comma-separated values with one line for each link. If the
parameter value includes a comma, precede it with a backslash (\).
The parameter details for Media Gateway creation are available in Table 41.
(1 of 5)
processingType No The Processing Type; Enum
Possible values are:
• audio (default)
• rfc2833
• both
minDataJitterBuffer The Minimum Data Jitter Buffer Delay; integer 0.. 200
Default value is 50.
initDataJitterBuffer The Initial Data Jitter Buffer Delay; integer 0..200
Default value is 50.
(2 of 5)
(3 of 5)
releaseDelay No The Release Delay before releasing all sessions (ms); integer 0..
900000
Default value is 600000.
delayBeforeReduced No The Delay Before Reduced Battery State (ms); integer 0..120000
BatteryState Default value is 70000.
waitingReleaseDelay No The Graceful Waiting Release Delay (ms); integer 0..3600000
Default value is 0.
(4 of 5)
(5 of 5)
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
where,
input_file is the full path to the input file you configured in Procedure 130.
Note — If you do not specify an input file, the script will read the
example input file at
$AMS_LOCALDATA_HOME/oss/conf/ams_mediagw_mgr script.
Option Description
-username \user The username used to access the 5520 AMS with 'AMS NBI-Edit" function
in its role.
3 The Media Gateway interface is created in the Network tree. A log file named
ams_mediagw_mgr.log is created.
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
• If you logged in as amssys, open the following sample input file in a text editor:
$AMS_LOCALDATA_HOME/oss/conf/ams_hub_sub_link_mgr.csv ↵
• If you logged in as a user in the amssys group, open the copied input file in a text editor.
For information on copying the existing input file, see Procedure 32.
• Create a new input file in an editor.
3 Configure the parameters as comma-separated values with one line for each hub NE. If the
parameter value includes a comma, precede it with a backslash (\).
Table 43 describes the parameters for each line of the input file.
Parameter Description
Link Type The link type: ISAM_HUB_SUBTENDED.
Sub 1 end point The subtended end point of the first link in the topology.
(1 of 2)
Parameter Description
Sub 1 description Description of the link.
Hub x end point The hub end point for any additional links from the hub NE, where x is 2
or higher.
Enter this parameter for each additional link from the hub NE.
Sub x end point The subtended end point for hub end point x, where x is 2 or higher.
Sub x physical location The physical location of the subtended NE for end point x.
(2 of 2)
5 Run the password encryption script. See Procedure 34 to run the password encryption script.
1 Log in to the 5520 AMS application server as amssys or as a user in the amssys group.
where:
[options] is the options you need to enter, as shown in Table 44.
input_file is the full path to the input file you configured in Procedure 132.
Note — If you do not specify an input file, the script will read the
example input file at $AMS_LOCALDATA_HOME/oss/conf/
ams_hub_sub_link_mgr.csv.
Option Description
-efile file Specify the name of the password file created in Procedure 34, which is used by
the script to get username and password. The file must be in the shared directory
of the data server, $AMS_SHAREDDATA_HOME/config. The default password
file is ams.password.
-mdNm domain The management domain name used in the FDN of northbound objects. The
default is AMS.
-logdir directory Specify a directory to save the log to. The default directory is
local_data_dir/ams/local/log, where local_data_dir is the directory where local
data is stored. By default, this is /var/opt.
-username The username of a 5520 AMS client user with the AMS NBI - Edit - User function.
username(1)
or -u username
-keystore key The full path to the keystore file. By default, the 5520 AMS retrieves the path
from the properties file.
(1 of 2)
Option Description
-keypass The password for the keystore file. By default, the 5520 AMS retrieves the
password password from the properties file.
-nbihost URL The URL of the NBI client the 5520 AMS needs to connect to.
(2 of 2)
Notes
(1) This option is not necessary if you have performed Procedure 34.
(2) If the password contains special characters you need to follow shell quoting rules. Normally this can be done
by enclosing the password in single quotes.
If the password includes single quotes you can use one of the following:
Example password: $pec'ch*rs"
Single Quotes: -password '$pec'\''ch*rs"'
Double Quotes: -password "\$pec'ch*rs\""
Backslash Quotes: -password \$pec\'ch\*rs\"
The script executes, displaying success messages for each user created. A log file is created
called ams_hub_sub_link_mgr.log.
20.29 Managing NE-based TL1 users from the 5520 AMS GUI
20.40 Configuring proxy settings in the 5520 AMS clients to access the
Internet
Additional settings are configurable with certain 5529 Enhanced Applications. For
more information, see the documentation for the application.
Before you proceed, make sure your user account is assigned a role that includes
the necessary functions to perform the procedures in this chapter. See Table 14 for
more information on 5520 AMS function descriptions.
• Trap settings
• GUI settings
• EMS Alarm Severity Assignment
• Alarm settings
• NE alarm processing settings
• SIP settings
• NBI settings
• ANV settings
• Cut through settings
• TFTP server settings
• TFTP client settings
• User settings
• License settings
• HDM NBI settings
• 5530 NA-F settings
• DCN settings
• Basic settings
• Query settings
2 In the Object Details view, configure the parameters as described in Table 45.
Auto Refresh
Auto Refresh Interval The amount of time, in seconds, between each automatic refresh of the GUI, when
the user has Auto Refresh enabled
Auto Refresh Count The number of times that the GUI refreshes when the user has Auto Refresh enabled
Display Options
Display Primary Service State Displays the primary service state as a combination of the administrative
(locked/unlocked) and operational (up/down) states of an NE object in the Object
Details view and Table Views for an NE.
The three possible primary service states are:
Unlocked and up:
• IS-NR (In service and normal) - The object is fully operational and will perform as
provisioned.
Double-click On An Alarm Specifies whether the 5520 AMS shows the alarm details or navigates to the object
when you double-click on an alarm mnemonic icon.
Display Timestamp As Specifies the timestamp format for the 5520 AMS. The values are:
• Absolute Time Stamp
• Human Readable (e.g. “5 minutes ago”)
Clicking the background in the Specifies whether a particular object or the parent object is selected in the Graphical
Graphical View View by clicking the background. The values are:
• Select the parent object: The parent object is selected when you click the
background in the Graphical View.
• Do nothing (the selection does not change): The selected object does not change
when you click the background in the Graphical View.
Save Dialog
Use Restricted Save Dialog Restricts users to exporting files only to the location specified in the Default Path for
Locally Saved Files parameter.
Default Path for Locally Saved Files Specifies the location to which files are saved or exported by default.
Prepend Username for Locally When a user saves or exports a file, their username is prefixed to the filename.
Saved Files
(1 of 2)
NE
NE Release Notation Displays either the Release or the Feature Group of an NE (if applicable to the type
of NE). The NE release notation setting:
• Affects the display of NE release information in the NE object details.
• Does not affect the display of NE release information in the NE System and Agent
object details.
For 7302 ISAM/7330 ISAM FTTN R4.1 or later and 7330 ISAM FTTN FGN4.1 or later,
the NE release notation setting has no effect. For R4.1 or later NE plug-ins, the
5520 AMS GUI displays “R”, regardless of the NE release notation setting. For
FGN4.1 or later NE plug-ins, the 5520 AMS GUI displays “FGN”, regardless of the NE
release notation setting.
NE Name Wraps After In the Graphical View, the number of characters that are displayed in the NE name.
If the NE name is too long to be displayed on one line, the remaining characters are
displayed on a second line.
Force NE Name to Upper Case Forces NE names to be all in uppercase. You can enter the NE name in lowercase
when creating an NE, but if this parameter is enabled, the NE name will be re-named
all in uppercase when the NE is created.
Force NE Group Name to Upper Forces NE group names to be all in uppercase. You can enter the NE group name in
Case lowercase when creating the NE group, but if this parameter is enabled, the NE group
name will be re-named all in uppercase when the NE group is created.
Geographical map
Web Map Server URL (optional) Display the maps in the Map view when offline server is configured.
Default Map Provider Displays the map view as per the selected map provider. By default, Open Street
Maps is selected. The available options are:
• Open Street Maps
• Web Map Server
(2 of 2)
Settings Description
Configuration
Blocking Timeout to Get a The amount of time, in ms, an operation can wait for the NE SNMP
SNMP Connection interface before timing out.
Result: The NE Detection Settings are displayed in the Object Details view.
Settings Description
General
IP Address Ranges The IP address ranges the 5520 AMS should search to detect NEs.
Enter up to 10 ranges, separated by commas.
IPV4 and IPV6 address formats are supported for this parameter
The format is IP address-#, where # is the number of addresses in
the range. For example, for IPv4, 120.0.0.0-10 would search 10 IP
addresses, starting with 120.0.0.0. Similarly, for IPv6, 2003::1-10
would search 10 IP addresses, starting with 2003:0:0:0:0:0:0:1.
Delay Before an Unreachable The maximum duration (in seconds, minutes, hours or days) that a
NE is Removed From the detected NE can remain in the detected NE list after becoming
Detected NE List unreachable. The format is a number followed by s, m, h, or d, for
example, 1 h.
NE Creation
Auto Create Select this check box to automatically create detected NEs in the
5520 AMS.
Group Creation Strategy Choose Use the System NE Location to create the NE in a group
based on its system location parameter.
Choose Specify a Default Group to set a group name.
Default Group If you chose Use Settings Value for the Group Creation Strategy
parameter, enter a group name.
NE Supervision
Auto Supervise Select this check box to automatically supervise NEs after detection
and creation.
Parameter Description
Trap Handling Threads The maximum number of traps that the server can process
at the same time. Nokia does not recommend changing this
parameter.
SNMP Trap
Registration for Link Up/Down Traps Select this check box to enable the operational state
changes on physical ports.
Note- By default, only the network ports can send
notifications. If the settings are changed using the CLI or
the TL1, it is possible that operational state changes would
be reported on modems or ONTs which would lead to
flooding of messages towards the 5520 AMS. If this is the
case, deselect this check box
Parameter Description
Timeout Before 1st Retransmission The length of time, in milliseconds, that the 5520 AMS
waits to receive a reply to an SNMP request before
retransmitting the request. The range is from 1000 to
42 000.
If the Timeout Before 1st Retransmission is X (sec) and
Maximum Number of Retransmission is (n), then the
timeout (T1) is calculated as follows:
T1= (2(n-n)X + … + 2(n-2)X + 2(n-1)X + 2(n)X)
The Timeout Before 1st Retransmission parameter is
multiplied by 2 for each additional retransmission. For
example, if the
Timeout Before 1st Retransmission parameter is set to
8000 ms and the
Maximum Number of Retransmissions parameter is set
to 2, the first retransmission will be sent after 8000 ms if no
reply is received. The second retransmission will be sent
after 16 000 ms (2 × 8000) if again no reply is received.
After 32 000 ms (2 × [2 × 8000]), if there is still no answer,
the retry will timeout. At 56 000 ms
(8000 + 16 000 + 32 000), the 5520 AMS will conclude that
the NE is not responding and report an SNMP Timeout
error.
Maximum Number of Retransmissions The maximum number of times that an SNMP request can
be retransmitted. A retransmission is sent only when a
response to an SNMP request is not received.
Use the same retry mechanism in case Manage the retry mechanism for SET requests using this
of "No Access" response to SET option. The option is disabled by default.
requests
(1 of 2)
Parameter Description
Minimum Number of Requests per The minimum number of SNMP requests to be considered
Hour before raising a Communication Degraded alarm.
The alarm can be cleared even when the minimum number
of requests is not reached.
The default value is 12 SNMP requests.
(2 of 2)
Note
(1) The communication degraded state for the two parameters, Maximum Retransmission Ratio and Maximum
Average Roundtrip Delay is checked every hour by the server, for all the NEs. So the Communication Degraded
alarms will always be raised and cleared at the same time within an hour.
Parameter Description
SNMP v3 User
Security Level A drop-down menu that lists the available supported security levels:
• Without Authentication and Without Privacy—Indicates that
messages between the agent and the manager are unauthenticated
and unencrypted
• With Authentication but Without Privacy—Indicates that messages
between the agent and the manager are authenticated by
unencrypted
• With Authentication and With Privacy—Indicates that messages
between the agent and the manager are both authenticated and
encrypted
Authorization Protocol A drop-down menu that lists the available supported protocols (MD5,
SHA1, SHA2-256(1), SHA2-512)(1)
Authorization Password(2) Used to specify the plain or encrypted password if the MD5, SHA1,
SHA2-256, or SHA2-512 protocol is selected (3)
Encryption Protocol A drop-down menu that lists the available supported privacy protocols
(DES, AES-128, AES-192, AES-256)
Encryption Password(2) Used to specify the privacy password for the encryption protocol (3)
Notes
(1) Due to the PBMT limitation on the NE migration tool, AMS does not support NE migration for those NEs which
are managed with SNMPv3 SHA2 encryption in RHEL 6 alone.
(2) You must create passwords that are at least eight characters long, even if the NE allows a shorter password.
(3) Passwords are encrypted in the 5520 AMS database.
4 Click Finish.
Parameter Description
Identification
SNMP
Version Choose the SNMP version for the profile. The 5520 AMS supports
versions v1, v2 and v3. The default value is set to v3.
SNMP v1/v2
Read Community Indicates the SNMP community name for the agent. This field accepts a
unique character string. Record the names you enter here because you
must use the same names to configure these parameters on the NE.
Write Community Indicates the SNMP community name for the agent. This field accepts a
unique character string. Record the names you enter here because you
must use the same names to configure these parameters on the NE.
SNMP v3
Context Name Indicates the agent in the NE. If Context Name Assignment is set to
Automatic, this field is dimmed.
(1 of 2)
Parameter Description
Password Indicates the SFTP client password.
(2 of 2)
4 Click Finish.
You can configure the SSH public key using the ‘Strict Host Key checking’ feature.
See procedure 141 to disable or enable the feature.
The Strict Host Key Checking feature is used to avoid man-in-the-middle attack. If
such an attack occurs, a standard OS or SSH error will be logged that the 5520 AMS
will return when using secure CLI, secure TL1, SSH scripts, LRM or software
management.
The 5520 AMS checks whether the NEs managed through SNMPv3 have an SSH
public key. If a SSH public key is not available in the NE, then the 5520 AMS will
instruct the NE to generate a new key, else the 5520 AMS will retrieve the key and
use it to populate the SSH known_hosts file.
When a new value for the SSH public key of the NE is generated, it is stored in the
database, and the 5520 AMS updates the known_hosts file of amssys user with the
new public key value in all the application servers.
When the feature is enabled, the entries in the known_hosts file are refreshed
everyday automatically in all the application servers. You can force the re-generation
of the known_hosts file, see Procedure 142.
For the frequency of the SSH public key generation checks, refer to Table 64.
You can manually generate the SSH public key. For more information, see the
Operations and Maintenance Guide for the NE.
Result: The Object Details view opens and the ‘Strict Host Key Checking’ is selected by
default.
2 Select or deselect the ‘Strict Host Key Checking’, as required and click the Apply icon ( )
to save the changes.
Procedure 142 To refresh SSH server public keys in the SSH known_hosts file for all
NEs
Perform the following procedure to refresh the SSH server public keys in the SSH known_hosts
file for all NEs.
2 Right-click SSH Settings and choose Actions → Refresh SSH Server Public Keys in the SSH
known_hosts File for all NEs.
Result: The Refresh SSH Server Public Keys confirmation window opens.
Result: A window opens and provides details about the progress of the refresh action.
When the refresh action is completed, the Action Details window opens showing the Target,
Description, Status and Additional Information.
• Configure default user passwords. In the 5520 AMS Installation and Migration
Guide, see the following procedures:
• To change the password of a default user on the 5520 AMS application server
• To change the password of a default user on the 5520 AMS GUI
• Configure file transfer protocol settings. See Procedure 143 to configure file
transfer protocol settings.
Result: The Object Details view opens. In the AMS Protocol Selection Strategy, the Use the
protocol configured in the NE strategy is selected by default and none of the protocols (SFTP,
FTP, TFTP) are selected by default.
Note — Before you enable the SFTP protocol, make sure that the SFTP
credentials are configured correctly.
• You must set the password to access the 5520 AMS SFTP file server
from the server and the GUI. In the Administration Tree, choose
Configuration→EMS/NE Protocols→File Server Credentials→SFTP
User. See also the procedure to change the password of a default
user on the server in the 5520 AMS Installation and Migration Guide.
The password is used for downloading OSWP software, backing up
and restoring, and downloading CDE profiles.
• You can set the username and password for the NE SFTP file server
in the SNMP profile used by the NE. The username and password are
used for downloading ONT software and viewing syslog files.
2 Select or unselect the check boxes for the file transfer protocols you do or do not want the
5520 AMS to use.
3 From the Strategy drop-down menu, choose Force the AMS protocol selection.
Result: In the AMS Protocol Selection, SFTP, FTP and TFTP protocols are selected by
default.
1 Navigate to the application server on which you want to perform a file transfer test by
choosing EMS Administration→EMS System→Site→Application & Data Servers in the
Administration Tree.
Result: Communication with the server must be established and ongoing, which is indicated
by the Up server status.
2 Right-click the Application server for which this test needs to be performed and choose
Actions→Test File Transfer.
Result: The 5520 AMS attempts to transfer files using each protocol selected in the File
Transfer Protocol Selection object details.
3 When the test is completed, the Action Details view displays the results of the test if the test
was successful or not, possible reasons for failure etc.
The strategy to use the protocols that are enabled by the NE verifies only that the
TL1/CLI credentials are correct. The strategy to use a fixed protocol selection verifies
that the TL1/CLI credentials are correct and that the protocol configuration in the NE
is also correct. For example, the test will fail if a selected protocol is not enabled in
the NE.
For information about how to perform a reachability test on an NE, see the 5520 AMS
User Guide.
Result: The Object Details view opens with the Use the protocol configured in the NE strategy
selected by default and none of the protocols (SSH, Telnet, UDP) selected by default.
2 If you want to change the strategy, from the Strategy drop-down menu, choose Force the
AMS protocol selection.
Result: In the AMS Protocol Selection, all the protocols (SSH, Telnet, UDP) are selected by
default.
3 Select the check boxes for the TL1/CLI protocols you want the 5520 AMS to use.
Result: The TFTP Server Settings are displayed in the Object Details view.
Settings Description
Configuration
Enable TFTP Server on the Select this check box to enable the TFTP server on the 5520 AMS.
EMS (Used for NE Backup, ...) The check box is not selected by default.
Disk Properties
Minimum Free Disk Space in The minimum free disk space (in kilobytes) required for TFTP write
KB to continue. TFTP write verifies that at least this much space is
always available on the server.
Socket Time Out The maximum duration (in s) The maximum duration (in s) that
that the Read socket waits for the server waits for the client to
an acknowledgement from the send a data packet.
client.
Number of Retries The maximum number of times The maximum number of times
that the server resends a data that the server resends
packet to the client. The server acknowledgement packets for a
must resend a data packet specific data packet received
when the acknowledgment from the client. The server has to
number received from the client resend an acknowledgment
does not match the block packet when the block number of
number of the data packet last the data packets last received
sent. does not match the number
expected by the server.
Number of Last Ack Retries - Configure this parameter for the
server to wait for retry attempts
from the client after sending the
last acknowledgement packet.
The duration (in s) the server will
wait is given by the Number of
Last Ack Retries multiplied by the
Socket Time Out parameter.
Result: The TFTP Client Settings is displayed in the Object Details view.
2 In the Configuration settings, enter the maximum number of times for which a file transfer can
be attempted.
When this limit is exceeded, the 5520 AMS enters a protection mode and forces the
user to limit the search for alarms by only allowing the retrieval of historical alarms
from a smaller set of NEs.
The navigation to the Historical Alarm view can be enabled when selecting an NE
group by changing the value of the Protect Alarm View if Number of NEs in Historical
Alarm Filter Exceeds parameter.
The database size can be monitored over time by opening the EMS Performance
Monitoring view and choosing Alarms→ Historical Alarm DB Size. You can also view
TCA alarm for historical alarm database size exceeding configured limit (for example,
if the configured limit is 1GB and then the TCA alarm is raised if historical alarm
database size exceeds 1GB) from Historical Alarm DB Size option.
1 See the ‘Service Unstable’ alarm details to find out the list of unstable services.
• To stop the server (if multiple services are unstable), execute the following command:
ams_server stop
Result: The service does not appear in the list of unstable services after it is stopped
manually.
• To restart the server (if multiple services are unstable), execute the following command:
ams_server start
Result: The service is removed from the unstable services list in the alarm. If the problem is
still not fixed, the alarm is raised again.
Result: The EMS Alarm Severity Assignment table appears in the Table View.
2 Select the alarm in the table. The alarm information is displayed in the Object Details view.
The Category, Domain, Object, Probable Cause, and Specific Problem parameters are not
configurable. However, you can configure the parameters as described in Table 54:
Parameter Configuration
Discarded Choose to discard the alarm by selecting the check box, or to not discard the
alarm by clearing the check box.
When the check box is selected, the Discarded parameter is set to true, and
the alarm is not reported. Also, any corresponding alarms are cleared from the
current alarm table.
When the check box is cleared, the Discarded parameter is set to false, and
the alarm is reported.
Note — The custom fields added to the alarm types can be viewed and
used to filter the alarms in the Alarm View and the Historical Alarm View.
Note 1 — The new severity assignments are effective only for alarms
raised after the changes have been saved.
Note 2 — The status bar of the 5520 AMS GUI displays the aggregated
EMS alarms icon of the site next to the site icon, which shows the
aggregated alarm summary.
Result: The Alarm Settings parameters appear in the Object Details view.
Parameter Description
Global GUI Settings
Alarm View Refresh Interval A time period, in seconds, before the Alarm view is
refreshed.
Compute and Display the TL1 AID Check the TL1 AID checkbox to compute the TL1
AID. The TL1 AID is displayed only for the following:
• TL1 AID column in the Alarm View
• Field selection drop down in the Alarm View
• Alarm Filter drop down
• Object Details view for the Alarm Object
You must log out of the client and log in again for a
change to this parameter to take effect.
Alarm View Coloring Scheme Option to display the entire row or only the Severity
column in the color of the alarm severity in the alarm
views. Select one of the following options from the
drop-down list:
• Alarm Severity Colors the Entire Row to display
the entire row in the color of the alarm severity
• Alarm Severity Colors the Severity Column Only
to display the Severity column in the color of the
alarm severity
(1 of 6)
Parameter Description
When in Overload, Disable View When The alarm view is not displayed so as to protect the
Selected Number of NEs Exceeds alarm view response time if the following two
conditions occur:
• The number of NEs in the Historical Alarm Filter
exceeds the configured value
• The size of the historical alarms database
exceeds the configured value of the Protect
Alarm View if Historical Alarms Database Size
Exceeds parameter
Current to Historical
Delay Before a Cleared Alarm is Moved A time period before a cleared alarm is moved from
From Current to Historical List the Alarm view to the Historical Alarm view.
The cleanup task is run every hour, which means that
the alarm will be moved to Historical Alarm at most
one hour after the configured delay time has passed.
For example, if the delay is set to 5 minutes, the alarm
will be moved effectively after an hour.
Minutes and seconds are ignored.
Historical Alarm Queue Size Size of the queue used to buffer historical alarms
before moving them to the Historical Alarm database.
Purging Historical
Delay Before an Alarm is Deleted from A time period before alarms are deleted from the
Historical List Historical Alarm view.
To configure this parameter, see Procedure 151.
Archiving Historical
(2 of 6)
Parameter Description
Archiving Strategy The archiving strategy is so that the alarms can be
saved to disk for offline analysis instead of being
deleted. If FTP or SFTP file transfer is not selected,
alarms are archived in the shared directory, one file
per day under:
$AMS_EXTERNAL_SHAREDDATA_HOME/alarmar
chiving/alarms-archive_<YYYY>_<MM>_<DD><alp
haChar>.csv, where:
<YYYY>, <MM> and <DD> represents the date (year,
month, and day) at which the alarms were cleared
and <alphaChar> is empty or contains the next
alphabetic character.
If compression is enabled, the file name will be
alarms-archive_<YYYY>_<MM>_<DD>_<HH><alph
aChar>.csv.gz.
If an alarm archive file with the same name already
exists, then the filenames will have a sequential
alphabetic character appended to the name, for
example, alarms-archive_2012_08_20_20a.csv.gz
and alarms-archive_2012_08_20_20b.csv.gz. This
may happen if there are repeated application server
switchovers within the same day causing several
similarly named alarm archive files to be present.
If FTP or SFTP file transfer is selected, the alarm
archive file is transferred to the configured remote
FTP or SFTP location. If the copy or file transfer of the
alarm archive fails, an alarm is raised. Use Procedure
244 to manually purge and archive the alarm log.
The alarm archive file contains the following
information for each alarm:
Alarm Domain, Alarm Category, Source Friendly
Name, Alias Name, Raised Time Stamp, Cleared
Time Stamp, Alarm Severity, Probable Cause,
Probable Cause Mnemonic, Specific Problem, Repair
Actions, Additional Info, Service Affecting Type, Last
Acknowledged Time Stamp, Last Acknowledged
User Id, Last Acknowledged IP Address, Last
Changed User Id Time Stamp, Last Changed User Id,
Last Changed User Id IP Address, Groups, TL1 Aid,
TL1 Alarm Condition, NE Time Zone, NE Raised
Time Stamp, NE Cleared Time Stamp, CP Log Tool
Notif Id, NE Subtype/Release, Alarm ID, NE Alarm
Type.
Delay Before an Alarm is Deleted from the A time period before alarms are deleted from the
Alarm Archive shared directory where they are archived.
The parameter is enabled when the Archiving
Strategy parameter is set to When Alarms are Moved
from Current to Historical or When Alarms are Purged
from Historical.
Compress Alarm Archive When the parameter is enabled, the alarm archive
files are compressed in the shared directory or
configured FTP/SFTP location daily to minimize disk
space usage.
The parameter is enabled when the Archiving
Strategy parameter is set to When Alarms are Moved
from Current to Historical or When Alarms are Purged
from Historical.
(3 of 6)
Parameter Description
File Transfer
Threshold (Lower severities will not be The severity threshold to reduce the number of
collected from the NE) alarms reported to the 5520 AMS. Alarms of a
severity lower than the threshold are not collected
from the NE.
Raise Alarm if Total Number of Current The 5520 AMS raises a local alarm when the number
Alarms Exceeds of alarms in the current alarm table exceeds the
configured value. The 5520 AMS clears the local
alarm when the number of alarms falls under the
configured value.
Historical Alarms Database Size The 5520 AMS raises a local alarm when the number
of alarms in the historical alarm database exceeds the
configured value. The 5520 AMS clears the local
alarm when the number of alarms falls under the
configured value.
(4 of 6)
Parameter Description
Do Not Export on Server if Historical Alarms The 5520 AMS does not export alarms on the server
Database Size Exceeds if the size of the historical alarm database exceeds
the configured value. The default value is 200 MB.
This parameter controls the export of alarms during
an AMS migration either using the export script or
through the menu File → Export from the client.
Configuring the historical alarm database to a value
higher than 200 MB will result in increasing the
migration time. Nokia recommends not to exceed 200
MB for the historical alarm database size.
The Export wizard or script do not report an error
when alarms are suppressed due to this setting.
The parameter Maximum Number of Historical
Alarms Exported on Server is replaced by the new
parameter Do Not Export on Server if Historical
Alarms Database Size Exceeds from R9.2.10.
Discard Alarm Event if Rate Exceeds The 5520 AMS removes alarm events from the NE
Alarm Event Log Filter queue when the alarm rate, in
events/s, exceeds the configured value. The
additional events will not be logged.
Delay Before an Alarm is Deleted from the A time period before alarm event logs are deleted
Alarm Event Log from the shared directory where they are archived.
Compress Alarm Event Logs When the parameter is enabled, the alarm event log
archive files are compressed in the shared directory
or configured FTP/SFTP location daily to minimize
disk space usage.
File Transfer
(5 of 6)
Parameter Description
Password The password to log in to the remote FTP or SFTP
host.
Re-Type Password
This parameter is disabled if Protocol is set to No file
transfer (Keep files in ‘shared/common’).
Toggling Alarms
Miscellaneous
Bulk Alarm Block Size The maximum number of alarms retrieved from the
database in one go. For example, when cleaning up
historical alarms, moving cleared current alarms to
historical.
(6 of 6)
Procedure 151 To configure the delay before an alarm is deleted from the Historical
Alarm view
Nokia recommends that you configure the parameter only when you
install the 5520 AMS.
For information on the data migrated from earlier 5520 AMS releases,
see the 5520 AMS Installation and Migration Guide.
The configured delay is a minimum (or guaranteed) delay. Additional granularity in the timestamps
of the historical alarms has been introduced. For example, when the delay is set to 30 days,
historical alarms are cleared in batches of two days. In this case, the oldest alarms that are kept
in the historical database at any time are between 30 and 31 days old. The longer the delay is, the
longer the granularity is. For a configured delay of 20 days or less, the granularity is 1 day.
2 Right-click the Alarm Settings object and choose Actions→Modify Delay Before an Alarm is
Deleted from Historical List.
Result: The Modify Delay Before an Alarm is Deleted from Historical List window opens.
4 Click Finish.
Result: The change takes effect within the hour that follows.
Result: The NE Alarm Processing Settings table appears in the Table View.
The Category, Domain, Object, NE Type/Release, TL1 Alarm Condition, Probable Cause,
and Specific Problem parameters are not configurable. However, you can configure the
parameters as described in Table 56:
Parameter Configuration
Reporting Strategy Choose one of the following reporting strategy options from the drop-down
menu.
• Report Alarm
• Dump to File
• Dump to File & Report Alarm
This parameter does not work if an alarm rule is defined with action ‘Discard
the alarm’. Refer to Procedure 274 for information about adding an alarm rule.
Toggling Alarm Choose to suppress the toggling alarm by selecting the check box, or to not
Suppression suppress the toggling alarm by clearing the check box.
By default, the Toggling Alarm Suppression checkbox is not selected.
Ensure that the “Toggling Alarm Aggregation Period” parameter in the Alarm
Settings window is configured before enabling toggling alarm suppression.
Toggling Threshold If the Toggling Alarm Suppression check box is selected, enter the threshold
(alarms per hour) value of the number of toggling alarms suppressed per hour.
If you set “Toggling Alarm Aggregation period” to 30 minutes, the toggling
alarm threshold is 50% of the threshold value defined for a hour, and if the
period is set to 15 minutes, the toggling alarm threshold is 25% of the threshold
value defined for an hour.
Move to History Choose one of the following options from the drop-down menu.
• Always: The alarms are always moved to historical alarm table.
• Based on Alarm Age: The alarms are suppressed from historical alarm
table based on the defined alarm age.
Parameter Configuration
Move to History Min. Enter the minimum age of alarms. Below this age, the alarms will be
Alarm Age suppressed from historical alarm table.
This parameter is enabled only when the Move to History parameter is set to
Based on Alarm Age.
The default value is set to 5 seconds.
Note —
• The custom fields added to the alarm types can be viewed and used
to filter the alarms in the Alarm View and the Historical Alarm View.
• Define the NE Alarm Processing Settings for other NE alarms, as
required.
Note — If FTP or SFTP file transfer is not selected, the 5520 AMS starts
dumping alarm information to a log file, and stores one file per hour to the
following directory in the data server:
$AMS_EXTERNAL_SHAREDDATA_HOME/alarmfiltering/
If FTP or SFTP file transfer is selected, the alarm event log file is
transferred to the configured remote FTP or SFTP location. If the copy or
file transfer of the alarm event log archive fails, an alarm is raised. Use
Procedure 244 to manually purge and archive the alarm event log.
The alarm event log file follows the following naming convention:
/alarms-filtered_<YYYY>_<MM>_<DD>_<HH><alphaChar>.csv
where:
<YYYY> is the year
<MM> is the month
<DD> is the date
<HH> is the hour
If an alarm event log file with the same name already exists, then the
filenames will have a sequential alphabetic character appended to the
name, for example, alarms-filtered_2012_08_20_20a.csv.gz and
alarms-filtered_2012_08_20_20b.csv.gz. This may happen if there are
repeated application server switchovers within the same day causing
several similarly named alarm event log files to be present.
The alarm event log file contains the following information for each alarm:
Alarm Domain, Alarm Category, Source Friendly Name, Event Type,
Event Time Stamp, Alarm Severity, Probable Cause, Probable Cause
Mnemonic, Specific Problem, Additional Info, Service Affecting Type,
Groups.
The 5520 AMS provides you with a tool to detect and suppress toggling alarms
raised by an NE for each object instance and alarm type. A source alarm is an alarm
that is reported by the NE. A derived alarm is an alarm that is reported by the
5520 AMS when it detects a toggling source alarm. When the toggling source alarm
is detected, the 5520 AMS stops reporting the alarm and raises a derived alarm on
the object instance that is reporting the toggling source alarm.
You can configure whether a source alarm, if toggling, can be suppressed and set
the toggling threshold. The toggling threshold is the number of raised alarms for the
corresponding object instance an alarm type has reached in the current time window
(and which is greater than the number of alarms raised in the previous time window)
to have the source alarm suppressed and a derived alarm reported on the same
object and with the same severity. The time window is fixed at one hour. At every
measurement window, the <count> occurrences in the hour before <time> counter is
updated in the Additional Info/Text field where <count> is the number of times the
alarm occurred in that hourly measurement window for that NE, and <time> is the
time of the measurement expressed in UTC. For example, if the toggling threshold is
80 and the number of raised alarms for a particular alarm type exceeds 80 in one
hour, then the source alarm is suppressed and a derived alarm is raised. If within one
hour the number of raised alarms is less than 80, then the toggling alarm is cleared.
The value of the toggling threshold is only valid when the toggling suppression is
enabled.The event start time of a toggling alarm is the time at which the first instance
of the alarm occurred and not the time of the last alarm.
Derived alarms are raised on the same object as the source alarm, so they contribute
to the same object and aggregation alarm icons. They also contribute to the alarm
summary icons. Derived alarms are displayed in the current and historical alarm
views with the same characteristics, except that the specific problem for the alarm
indicates that it is derived from a toggling source alarm. The specific problem is
prefixed with the following string: [==TOGGLING==]. For example,
[==TOGGLING==] Rack Power Fuse Broken Alarm. The derived alarms are not
considered to be EMS alarms, so are not displayed in the EMS alarm severity
assignment profile. Stopping supervision of an agent clears all alarms raised on the
NE, including derived alarms. All derived alarms for which alarm toggling
suppression is disabled are cleared every hour.
Any issues that occur as a result of the transition period immediately following the
increase or decrease of the toggling threshold will be resolved after approximately
two hours.
When changing the toggling alarm periodicity, it may have the following effects:
• If you lower the aggregation period, non-toggling alarms are incorrectly disabled.
• If you increase the aggregation period, toggling alarms are incorrectly re-enabled.
This behavior is transient and it will switch back to normal after the next one or two
aggregation periods.
2 Choose the NE Alarm Event Log Filter for which you want to configure toggling alarm
suppression.
A selected check box indicates that toggling suppression for the alarm is enabled (True). If
the check box is not selected, the toggling suppression is disabled (False). The True and
False values, and toggling threshold value, display in the Table View.
4 Configure the Toggling Threshold parameter as required to configure the toggling threshold
setting for the alarm.
6 Log out of the client and log in again for the changes to take effect.
Note — If you enable and then disable alarm toggling suppression in the
same GUI session and attempt to filter alarms on a specific problem
without performing step 6, you may experience problems with the
filtering. The workaround in this case is to re-enable the alarm toggling
suppression in the same GUI session and set the alarm’s toggling
threshold to a very high value.
Parameter Description
4 Click Finish.
Result: The ENV Alarm Template table appears in the Object Details view, and displays
information in the following columns: Domain, Mnemonic, and Probable Cause. You can
customize the alarm definitions in the Probable Cause column.
i Click a table cell in the Probable Cause column. The cell becomes a text box, and you
can edit the definition.
ii Enter a meaningful definition for the environmental alarm to reflect the specific alarm
use.
Table 58 PM settings
Setting Description
Properties
Max. Monitors Per User The maximum number of monitoring tasks that a user can
create.
Max. Active Monitors Per User The maximum number of active monitoring tasks for a user.
Default Polling Interval The duration (in seconds) that elapses between polls.
Default For Time Duration The duration (in seconds) of the PM task collection. Data is
collected for the specified amount of time.
Max. Monitored Records The maximum number of records to monitor per PM task.
Page Size (Data View) The maximum number of pages to display PM records in the
Data view.
Page Size (Global Monitoring view) The maximum number of pages to display PM tasks in the
Global Monitoring view.
Note — If a user has changed the CLI prompt then the prompt
must end with “$<space>“or “#<space>“.
Setting Description
General
Cut Through Timeout The length of time, in minutes, before an inactive cut through
will time out.
Auto populate Credentials Select the check box so that the TL1 and CLI cut-through
username and password configured in the NE object details
are populated automatically in the Cut Through window.
Global CLI/TL1 Credentials Add or remove rows for an NE family and a user role defined
on the system. The below mentioned item names are the
column names where entries can be made:
• NE Family: Select the NE family depending on the NE
plug-ins installed on the system from the drop-down list.
• User Role(1): Select the role assigned to the user in the
AMS from the drop-down list.
• CLI User Name: The username to use for CLI cut-through
to the NE.
• CLI Password: The password to use for CLI cut-through
to the NE.
• TL1 User Name: The username to use for TL1
cut-through to the NE.
• TL1 Password: The password to use for TL1 cut-through
to the NE.
Notes
(1) The user role must have Cut Through - admin and Cut Through - basic functions to perform a CLI/TL1
cut-through.
Result: The NE Backup settings are displayed in the Object Details view.
Setting Description
Backup Auto-Removal
Maximum Number of Backup Files Specifies the maximum number of the most recently backed
(per NE) up files for each NE that the 5520 AMS must retain
indefinitely. The default value is 5.
Setting Description
NE backup destination
Store External Select this check box to configure the Server Details
parameters.
Server Details
Result: The Splitter settings are displayed in the Object Details view.
Setting Description
General
Result: The Action Manager settings are displayed in the Object Details view.
Setting Description
Completed to Historical
Delay Before a Completed Action is The duration (in seconds, minutes, hours or days) before a
Moved to the Historical List completed action in the Action view is moved to the Historical
Action view. The format must be # s, m, h or d. For example, 10 d.
Delay Before an Action is Deleted The duration (in seconds, minutes, hours or days) before a
from Historical List completed action in the Historical Action view is deleted. The
format must be # s, m, h or d. For example, 10 d.
3 If you enabled or disabled the Display ONT POTS Port Phone Number parameter, restart the
5520 AMS client.
Result: The supervision settings are displayed in the Object Details view.
Setting Description
Polling
Polling Period The duration (in s) that elapses between polls of the NEs to confirm
their reachability.The default is 300s.
In case of unreachable or isolated NEs or agents, the polling timeout
is 12 seconds.(1)
(1 of 3)
Setting Description
SNMP Retransmissions for Polling of Isolated NEs
Timeout Before 1st The duration (in s) that the 5520 AMS will wait to conclude that the
Retransmission NE is not responding.
If the Timeout Before 1st Retransmission is Y (sec) and Maximum
Number of Retransmission is (m), then the timeout (T2) is calculated
as follows:
T2= (2(m-m)Y + … + 2(m-2)Y + 2(m-1)Y + 2(m)Y)
The Timeout Before 1st Retransmission parameter is multiplied by
2 for each additional retransmission. For example, if the
Timeout Before 1st Retransmission parameter is set to 4 s and the
Maximum Number of Retransmissions parameter is set to 2, the
first retransmission will be sent after 4 s if no reply is received. The
second retransmission will be sent after 8 s (2 × 4) if again no reply
is received. After 16 s (2 × [2 × 4]), if there is still no answer, the
retry will timeout. At 28 s (4 + 8 + 16), the 5520 AMS will conclude
that the NE is isolated after all retries have failed.(1)
This parameter is also configured in the SNMP retries settings.
The value of Timeout T2 (mentioned in the above formula) should
be less than the value of Timeout T1 which is mentioned in the Table
49: SNMP retries parameters.
Supervision
Align NE System ID with NE Select this check box to configure the 5520 AMS to automatically
Name at Start Supervision change the NE’s System ID to match the NE name. (2)
If the System ID and the NE Name do not match, an NE user label
mismatch alarm is reported when supervision is started. For more
information about alarms, see Chapter 26.
Start Supervision at NE Select this check box to configure the 5520 AMS to automatically
Creation begin supervising a NE when one is created.
On Unreachable NE, Start Configures the behavior of the 5520 AMS when supervision starts
Supervision on an NE but the NE is unreachable. There are two options:
• Keeps Trying (State becomes “Supervising”): the 5520 AMS
places the NE in a Supervising state and attempts to connect to
the NE repeatedly. When the NE becomes available, the state
is changed to Supervised.
• Fails (State becomes “Declared”): the 5520 AMS returns the NE
to the Declared state.
Registration Checks
Number of Polling Cycles The number of polling cycles between two registration checks. In a
Between Registration Checks registration check, detailed connectivity checks are performed on
trap registration, trap bitmask and SNTP. These settings need to be
correct in order for AMS to receive correct notification of the NE
changes. AMS tries to resolve any issues with these settings. The
range is from 2 to 1000. The default is 48.
For example, when the value '48' is set for this parameter, these
additional checks are performed every 48 polling cycles. So, if the
polling period is set to 300 seconds (5 min), the registration check
will be performed every 4 hours (every 48 polling cycles).
If the Trap Bitmask is overwritten by the operator in the 5520 AMS
GUI, then its value is set to default during registration check.
(2 of 3)
Setting Description
Number of Polling Cycles The number of polling cycles between two CLI connection checks.
Between CLI Connection In a CLI connection check, detailed connectivity check is performed
Checks on the NE. The range is from 6 to 1000000. The default is 288.(3)
For example, when the value '288’ is set for this parameter, the
connectivity check is performed every 288 polling cycles. So, if the
polling period is set to 300 seconds (5 min), the CLI connectivity
check will be performed every 24 hours (every 288 polling cycles).
Number of Polling Cycles The number of polling cycles between two SSH server public key
Between SSH Server Public checks. The range is 0 to 2147483647. The default is 6.
Key Checks
(3 of 3)
Notes
(1) The parameter is only applicable to isolated NEs. For non-isolated NEs, the retransmission settings under
SNMP settings are applicable. For more information, see Procedure 138.
(2) If the NE is not a 7302 ISAM or 7330 ISAM FTTN or 7360 ISAM FX, System IDs cannot be longer than 20
characters. If the NE is a 7302 ISAM or 7330 ISAM FTTN or 7356 ISAM FX, System IDs cannot be longer than
64 characters. If the NE name is more than the specified character limit for the NE type, the System ID will not
be changed.
(3) When the value is set to 1000000, the CLI connectivity check is not performed on the NE, not even during server
restart or start supervision.
Tmin = T × 2(N)
N = 0→R
where:
300 4 1 12 312
300 4 2 28 328
300 4 3 60 360
300 15 1 45 345
Result: The EMS tracing settings are displayed in the Object Details view.
See the 5520 AMS User Guide for information about using the Multiple Edit function to
configure multiple NE objects at one time.
Procedure 166 To reset the tracing level to the default on all NEs
2 Right-click EMS Tracing Settings and choose Actions→Reset Tracing to Default on all NEs.
3 Click Finish.
Result: The EMS tracing level on all NEs is reset to the default value.
Time zone management must also be configured in the NE when the NE is created
in the GUI. The time zones you configure become available to the operator in the
Create NE window. See the 5520 AMS User Guide for information about creating an
NE.
Time zones are displayed in the following region-based format:
(UTC offset) Region/Example city (time zone abbreviation/DST rule)
More than one time zone may exist for the same region and UTC offset, depending
on DST rules. For example:
• (UTC-07:00) America/Denver (MST/MDT)
• (UTC-07:00) America/Phoenix (MST, no DST)
Because the US state of Arizona, where the city of Phoenix is located, does not use
DST two time zones are available. You need to choose the correct time zones for the
locations of your NEs. This will ensure accurate DST updates.
The time zone management function will update the UTC offset on the NE based on
the NE configuration settings when you manually resynchronize the alarms between
the NE and the 5520 AMS database. As a result, if you suspect a time zone
discrepancy is at the root of a problem that you are troubleshooting, then you can
manually resynchronize the NE and 5520 AMS database alarms to clear the problem
potentially. See the procedure to manually resynchronize alarms in the 5520 AMS
User Guide.
Nokia recommends that you synchronize the NEs using SNTP if you need to use
time zone management. See Chapter 14 for information about configuring SNTP.
You may need to update time zone data periodically. See Section “Updating time
zone data in the 5520 AMS” to update time zone data in the 5520 AMS.
Note — In the event that in the 5520 AMS GUI the NE System
object displays a time zone value for the NE that is not correct,
and the time zone for the NE is not set to be managed, Nokia
recommends that you modify the time zone in the Windows OS:
apply a different time zone in the Windows date and time
properties and then apply the correct time zone.
This workaround relates to a Java issue in Windows and only
needs to be performed once in the lifetime of the machine.
Table 66 describes how alarm time stamps are displayed if time zones are
configured and at least two NEs are located in different time zones.
Table 66 Alarm and event time display behavior with time zones config-
ured and NEs in different time zones
Note
(1) This column will only appear in the Alarm view if time zone settings are configured and at least two NEs are in
different time zones.
2 Select the Manage NE Time Zones check box to manage time zones. The following
parameters are enabled only if the Manage NE Time Zones check box is selected:
3 To configure the 5520 AMS GUI to display the NE local time for all time stamps in the Object
Details view of the NE, select NE Local Time from the Display NE Timestamps as drop-down
list.
4 Select GMT/UTC from the Display ‘Event/Cleared’ Time in Alarm Views as drop-down list to
display Event Time and Cleared Time in Alarm Views in GMT/UTC. By default, the Event
Time and Cleared Time parameters in the Alarm Views display the GUI Local Time.
5 Select one of the options from the Display ‘NE Event/Cleared Time’ Columns in Alarm Views
drop-down list:
• Only if there are at least 2 time zones selected (this is the default option)
• Always
6 In the NE Time Zones section, perform the following steps to select the time zone required
to manage an NE:
Note — If the time zone in the server is set as a region-based time zone,
for example, (UTC+01:00) Europe/Paris (CET/CEST), the time zone will
appear in the Selected list by default. If the time zone is configured in a
different format, for example, CET, there will be no default time zones in
the list.
8 Log out of the client and log in again for the changes to take effect.
2 Choose the NE plug-in type and release you need to configure settings for.
Result: The NE plug-in settings are displayed in the Object Details view.
3 Configure the settings. See the Operations and Maintenance guide for the NE for more
information.
These parameters are applicable to all NE TL1 users on a given NE. The same
parameters are available for each TL1 user on a given NE under the Infrastructure
object.
These parameters are available to configure when the Update the TL1 Credentials
in the NE when changing them in the NE Object Details parameter is selected. See
the Operations and Maintenance guide for the NE.
Then, select the Update the TL1 Credentials in the NE when changing them in the
NE Object Details parameter in the NE Plug Specific Settings in the Administration
Tree so that in future if an NE gets disconnected, its TL1 credentials can be
synchronized automatically when the NE becomes reachable again. See
Section 20.28 for more information.
2 Right-click the NE plug-in type and release you need to copy the settings for and choose
Actions→Copy From.
3 Select an NE plug-in type and release in the Available panel and click the right-arrow.
4 Click Finish.
Setting Description
Maximum Number of The maximum number of templates that can be added to a template
Templates per Template group version.
Group Version
Maximim Number of The maximum number of templates or template groups that can be
Templates/Template Groups displayed in the Template Tree. By default, this option is set to 4000.
Displayed in the Tree If the number of templates/template groups exceeds this limit, a
search button will be displayed in the Template Tree.
Align Service ID with VLAN ID Select this check box to align the service ID with the VLAN ID during
during Template Deployment VLAN template deployment. This check box is selected by default.
This default option benefits operators managing the NE from the CLI,
when the Service ID and VLAN ID are equal.
If this setting is enabled, then the L2 Service object is created in the
NE with the service ID equal to the VLAN ID that is defined in the
template definition (when the identifier is not provided during
deployment) or the VLAN ID that is provided as an argument (when
the identifier is provided during deployment).
If this setting is disabled, then the L2 Service object is created in the
NE with the service ID based on next available service ID number.
This was the behavior prior to R9.2.30.
2 In the Warning Threshold field, enter a value that is at least zero and less than 100.
2 In the Licence Collection Start Time panel, configure the parameters for the time you need
the license collection to start.
Result: The change will be effective after the next scheduled collection.
Setting Description
General
Type Indicates the type of the site, where the possible values are Simplex or Cluster. It is a
read-only parameter.
Status Indicates the status of the site, where the possible values are Healthy or Degraded. It is
a read-only parameter.
Enable NE Balancing Based On Select this check box to enable the NE balancing based on the custom group.
Custom Group The check box is not selected by default.
Standard NE rebalancing is based on the number of NEs and NE type/release. Enabling
this parameter will add a custom group to this criteria.
Note - The custom group related options supported for the ams_show_ne_balancing.sh
script are available only if this setting is selected. For more details on the supported
options, refer to the section 31.24.
Custom Group For NE Balancing The NEs are moved from most loaded Application server to the least loaded Application
server based on the number of NEs and NE type/release, and they can be combined
with the custom group.
The drop-down list display the custom groups that are created, along with the following
default custom groups:
• Sub Type
• Time Zone
This parameter is enabled only when the Enable NE Balancing Based On Custom
Group check box is selected.
Configuration File Changes The polling period for which the configuration files are audited by the 5520 AMS.
Detection Period The format of the value for this setting is <x> <y> where x is a number and <y> is the
duration that is, m (minutes), h (hours), or d (days).
By default, the value is 1 d. The acceptable values are 0, 1 d to 30 d, where 0 indicates
that this setting is disabled.
(1 of 4)
Setting Description
Authentication / Authorization The types of authentication and authorization used by the 5520 AMS server. The
Sources options are:
• Internal Database / Internal Database - Internal Database for Authentication and
Authorization.
• LDAP / Internal Database - LDAP for Authentication and Internal Database for
Authorization.
• RADIUS / Internal Database - RADIUS for Authentication and Internal Database for
Authorization.
• LDAP / LDAP - LDAP for Authentication and Authorization.
• RADIUS / RADIUS - RADIUS for Authentication and Authorization.
• Client OS / Internal Database- Client OS for Authentication and Internal Database
for Authorization.
For more information about Authentication and Authorization sources, see section
20.35.
For information about managing RADIUS and LDAP authentication, see 20.35.1 and
20.35.2.
IP Address or Hostname The IP address or hostname of the RADIUS server if you are using RADIUS
authentication. Only IPv4 IP address format is supported.
Port The port number of the RADIUS server if you are using RADIUS authentication.
Secondary IP Address or Host The IP address or hostname of the secondary RADIUS server. Only IPv4 IP address
Name format is supported.
Secondary Port The port number of the secondary RADIUS server if you are using RADIUS
authentication.
Password The password for the RADIUS server and client if you are using RADIUS authentication.
Re-Type Password
Number of Retries The number of times to retry the connection to the RADIUS server.
IP address or Host Name The IP address or hostname of the RADIUS server if you are using RADIUS accounting.
Only IPv4 IP address format is supported.
Port The port number of the RADIUS server if you are using RADIUS accounting.
Secondary IP Address or Host The IP address or hostname of the secondary RADIUS server. Only IPv4 IP address
Name format is supported.
Secondary Port The port number of the secondary RADIUS server if you are using RADIUS
accounting.
Password The password for the RADIUS server and client if you are using RADIUS accounting.
Re-Type Password
Timeout The timeout, in seconds, when contacting the RADIUS server.
Number of Retries The number of times to retry the connection to the RADIUS server.
(2 of 4)
Setting Description
LDAP Server
URL The URL of the LDAP server. For example, yourserver:port, where yourserver is the
DNS or IP address of the LDAP server and port is the network TCP port of the LDAP
server. The default TCP ports for LDAP servers are:
• Unsecure LDAP server: 389
• Secure LDAP server: 636
Secondary URL The URL of the second LDAP server for authentication. If the first server fails,
authentication will be directed to the second server.
Bind DN The user DN to authenticate the LDAP client to the server. For example, domain name
of sample.com, cn=Directory Manager,dc=sample,dc=com, where cn is the common
name and dc is the domain component.
Context DN The fixed DN of the context from which to start the user search. For example, dc=sample
dc=com, where dc is the domain component.
Password The password used to authenticate the LDAP client to the server for user and roles
queries.
Role DN The fixed DN of the context to search for user roles. For example, dc=sample dc=com,
where dc is the domain component.
Role Filter A search filter to locate the roles that are associated with the authenticated user. For
example, member={1}.
Role Name Attribute ID The name of the role attribute of the context that corresponds to the name of the role.
For example, cn.
Base Filter A search filter used to locate the context of the user to authenticate. For example,
uid={0}.
Role Attribute ID The name of the role attribute of the context that corresponds to the name of the role.
For example, dn.
External TL1GW Settings
Connection to External TL1GW A check box to establish a connection to External TL1 Gateway servers on the
5520 AMS. The check box is deselected by default.
For information about managing External TL1 Gateways, see Chapter 16.
Sync NE List A check box to specify that the 5520 AMS server should synchronize the NE List with
the TL1 Gateway servers.
Use Single External TL1 GW A check box to specify that only one TL1 Gateway server can be created for the site. If
Server the check box is not selected, multiple TL1 Gateways can be used. In this case, you
need to manually associate NEs to the TL1 Gateways.
DCN Servers An IP address that can be used to test connectivity to the DCN.
Separate the multiple IP addresses with commas.
(3 of 4)
Setting Description
List of Devices to be Tested List of DCN server IP addresses and hostnames that are tested to determine whether
the servers are reachable.
Separate the multiple IP addresses and hostnames with commas.
Test Performed Every The time period (in minutes) that elapses between each DCN connectivity test.
Max. Retries per Test The maximum number of times that the DCN connectivity test is retried within the
specified time period before the 5520 AMS declares that the DCN server is
unreachable.
(4 of 4)
Note
(1) Standard NE rebalancing is based on the number of NEs and NE type/release.
(2) The Role-Based Authorization setting contains parameters for authentication. The following parameters are mandatory depending on the
type of authentication and authorization selected.
• For LDAP authentication - Role DN, Role Filter and Base Filter
• For LDAP authorization - Role Name Attribute ID and Role Attribute ID
(3) The DCN Connectivity test in Red Hat Enterprise Linux is done by establishing a TCP connection port 7 (Echo) of the destination host.
Note — If you change the selection of the Use Single External TL1 GW
Server check box, you must log out of the 5520 AMS client and log in
again to see the effect of the change.
Authenticatio Description
n options
Internal In this mode of authentication, the password is provided when a user log in is
Database checked against the password value stored in the 5520 AMS database. Users can
change their password from the 5520 AMS GUI.
Password complexity rules and password expiration period are applicable.
RADIUS or In this mode of authentication, the password is provided when a user log in is
LDAP checked against the password value stored in the remote authentication server.
Such users cannot change their password from the 5520 AMS GUI.
Password complexity rules and password expiration period are not applicable.
(1 of 2)
(2 of 2)
• The RADIUS server must have access to 5520 AMS usernames and passwords. How the
RADIUS server stores and accesses the usernames and passwords depends on its
implementation. For example, certain RADIUS servers can use a flat text file, LDAP, or
SQL.
• Verify that the existing 5520 AMS usernames and passwords are configured in the
RADIUS server.
• When users are added to the 5520 AMS, update the RADIUS server with the
usernames and passwords.
2 Click the active site you need to enable RADIUS authentication for.
Result: The site settings are displayed in the Object Details view.
4 Create 5520 AMS users. See Section 9.2 for more information. Verify that all usernames and
passwords are also defined in the RADIUS server.
Note — The password that you assign to the 5520 AMS user is stored
in the 5520 AMS database. This 5520 AMS user password does not
override the password specified in the RADIUS server.
To resolve the problem with the RADIUS or LDAP server, you need to log in to the 5520 AMS and
check the configuration. For log in access, you need to revert to database authentication using the
switch authentication script.
1 Log in as amssys to the 5520 AMS server workstation where database is running.
ams_switch_authentication_local.sh ↵
Are you sure you need to switch to the local database authentication [no
(default) | yes ]?
yes ↵
6 Verify that the RADIUS or LDAP server configuration parameters are correct using the
5520 AMS GUI.
7 Verify the RADIUS or LDAP server configuration on the 5520 AMS server workstation.
2 Click a site to display the site settings in the Object Details view.
cd /usr/lib/jvm/java-1.8.0-openjdk.x86_64/jre/lib/security/
2 Open java.security file using VI editior and remove MD5 from the following lines
jdk.certpath.disabledAlgorithms
jdk.jar.disabledAlgorithms
jdk.tls.disabledAlgorithms
• An LDAP server must be installed and configured as described in the documentation for
your LDAP server.
• The LDAP server must have access to 5520 AMS usernames and passwords using a flat
file or LDAP.
• Verify that existing 5520 AMS usernames and passwords are configured in the
LDAP server.
• When users are added to the 5520 AMS, update the LDAP server with the
usernames and passwords.
2 Click the active site that you need to enable LDAP for.
Result: The site settings are displayed in the Object Details view.
4 Configure the LDAP Server parameters in the Object Details view, to match the way they are
configured on the LDAP server. For information about LDAP settings, see Table 68.
5 Create 5520 AMS users, see Section 9.2 creating user accounts from the 5520 AMS GUI.
Verify that all usernames and passwords are also defined on the LDAP server.
Note — The password that you assign to the 5520 AMS user is stored
in the 5520 AMS database. This 5520 AMS user password does not
override the password specified in the LDAP server.
Result: The site settings are displayed in the Object Details view.
3 To disable LDAP server authentication, set the Authentication Source parameter to Internal
Database.
3 Navigate to the directory where your certificate is stored and open the file that you need to
use.
4 Copy the certificate details and paste them into the Certificate field.
Note — The expiry date of the certificate appears in the Object Details
view for the certificate. When the certificate has expired, any login
attempts by LDAP users will fail.
In case of a Role attribute, no default value is used and the login fails when no valid
Role is returned.
Table 71 describes the parameters that apply to LDAP or RADIUS server when you
create or modify user accounts. ‘Discoverable values’ are the values which can be
retrieved from an LDAP or RADIUS database. When the values are not present in
the LDAP or RADIUS database, then the ‘Default values’ will be taken from the
configured Global Settings. For instance, if the Address Filter is not configured for the
LDAP/RADIUS server, then the Global Address Filter is applied to the user account.
For information about Global Address Filter, see Table 21.
See Table 71 for information on user accounts for an LDAP or RADIUS server. See
Procedure 30 to create a user account.
Table 71 User account parameters for LDAP/RADIUS server
Common tab
Password No Empty - - -
Roles (1) (2) Yes Empty Nokia-AMS-Role (5) String Filters out roles
unknown in the
AMS.
Login fails if no
known Role remains
after filtering.
Allowed PAP Groups (1) (3) Yes allPAPs Nokia-AMS-Allowed String Filters out PAP
PapGroup Groups unknown in
the AMS.
Login fails if no
known PAP group
remains after
filtering.
Locked No Disabled - - -
Advanced tab
(1 of 2)
Address filter (4) Yes Global Nokia-AMS-Filtered IPv4 / IPv6 Login fails if IPv4 or
IPAddress Address[prefix IPv6 Address List is
length] invalid.
Inactivity
Inactivity Logout Timeout Yes Global Nokia-AMS-Inactivit GLOBAL, If the value is set out
yLogoutTimeout USER, NONE of range, then the
user login fails.
Inactivity Lock Screen Timeout Yes Global Nokia-AMS-Inactivit GLOBAL, If the value is set out
yLockScreenTimeo USER, NONE of range, then the
ut user login fails.
Lock Screen Timeout Yes Empty Nokia-AMS- Integer Login fails if value is
(Disabled) LockScreen [3..525600] not set in range
Timeout [3..525600]
Dormant Account
(2 of 2)
Notes
(1) RADIUS has a limitation of 247 characters.
If Roles or PAP Groups created exceeds the limitation of 247 characters, then such roles or PAP Groups will not be discovered in RADIUS.
For example, if multiple roles are created with 128 characters each, then only one role is discovered in RADIUS.
(2) For Roles, RADIUS supports multi-valued attributes. Attributes with multiple values are separated by a comma. For example,
Nokia-AMS-Role=”Constructor,License-Admin”.
(3) For Allowed PAP Groups, LDAP supports multi-valued attributes. The same attribute name can be repeated with different values in the
definition of a user.
For example, Nokia-AMS-AllowedPapGroup=”North”,Nokia-AMS-AllowedPapGroup=”South”.
For Allowed PAP Groups, RADIUS supports multi-valued attributes. Attributes with multiple values are separated by a comma. For example,
Nokia-AMS-AllowedPapGroup=”North,South”.
(4) For Address filter, LDAP supports multi-valued attributes. The same attribute name can be repeated with different values in the definition
of a user.
For example, Nokia-AMS-FilteredIPAddress = “192.168.99.0/24,Nokia-AMS-FilteredIPAddress =192.168.95.0/24”.
For Address filter, RADIUS supports multi-valued attributes. Attributes with multiple values are separated by a comma. For example,
Nokia-AMS-FilteredIPAddress = “192.168.99.0/24,192.168.95.0/24”.
(5) Nokia-AMS-Role is applicable only for RADIUS. Refer to Table 68 for LDAP: Role-Based Authorization.
When a user logs out from the 5520 AMS for any reason such as idle timeout, admin
reset and so on, an accounting request containing the attributes mentioned in the
successful user log in, along with the following attributes is sent to the configured
RADIUS accounting server:
• Acct-Session-Time
• Acct-Terminate-Cause
The value of account terminate cause (Acct-Terminate-Cause) is returned based on
the following mapping table:
Table 72 Mapping of Termination Causes
(1 of 2)
(2 of 2)
Notes
(1) This situation occurs when the 5520 AMS client is killed or disconnected and the session is not terminated
properly on the server.
The accounting request is sent to the accounting server. When the accounting
response is not received after the configured timeout, the 5520 AMS re-sends the
accounting request to the server. When the configured number of retries is
exhausted, an error is logged in the 5520 AMS security log, with the same category
or level as an authentication failure.
RADIUS accounting supports redundancy of sending accounting requests. When the
configured number of retries is exhausted, with a secondary accounting server
configured, the 5520 AMS sends the accounting request to the secondary server and
retries using the configured values for timeout and number of retries.
Note — When login or log out is performed as a result of
processing a SOAP/XML request from the 5520 AMS or 5529
Enhanced Applications, no accounting request is sent to the
RADIUS accounting server.
Result: The application server settings are displayed in the Object Details view.
2 Configure the settings as described in Table 73. See Table 74 for information about the
Software/Plug-in Version settings.
Setting Description
Server Status
Master Server Displays whether the application server is the master server. The
value is true or false.
Settings
Capacity to Handle NE SNMP Specifies the capacity of the application server to handle NE
Traps SNMP traps.
Total Number of Parallel Jobs Specifies the total number of parallel jobs that can be handled by
the application server. The value depends on the power of the
application server.
Number of Parallel Jobs The table displays the number of jobs that can be handled by the
application server for each job queue. For the 5520 AMS system,
the table indicates how to allocate the total number of parallel jobs
(value of Total Number of Parallel Jobs parameter) to each queue.
The numbers in the table are percentages or absolute numbers of
jobs. There is a minimum guaranteed number of jobs and a
maximum number of jobs allowed per queue. Contact your Nokia
representative if you intend to change any values in the table. For
the job tuning information table for setups with 8vCPUs or less,
see the 5520 AMS Solution Planning Guide.
Operating System Specifies the operating system information of the 5520 AMS
server, such as name of the OS, its architecture, and version.
Build Date and Time Specifies the build date and time.
Active Plug-ins Lists the active plug-ins, and their release number, version, and
build number.
2 Choose the Software/Plug-in Version pane to view the details. Information about the
5520 AMS core appears in the Version, configuration file name appears in the Golden SW
Label, Build Number, and Build Date and Time fields. Information about plug-ins appears in
the Active Plug-ins table.
Table 74 describes the items that appear in the Software/Plug-in Version pane.
(example)
Note
(1) The Aligned column indicates if the component is aligned with the GoldenEMSSwConfig file or not. If the
component is present in GoldenEMSSwConfig file, then ‘+’ is displayed. If it is a component that is not expected
or added manually, then ‘-’ is displayed.
Result: The data server settings are displayed in the Object Details view.
2 View the settings in the Object Details view. Table 75 describes the settings that are
displayed in the Object Details view.
Setting Description
Server Status
Preferred Server This check box is selected if the data server is the preferred data
server.
Master Server Displays the data server role. The check box is selected if the data
server is the active data server.
Operating System Specifies the operating system information of the 5520 AMS
server, such as name of the OS, its architecture, and version.
Result: The SNTP server settings are displayed in the Object Details view.
Setting Description
Identification
Settings Type The type of SNTP settings to use on the NE. Options are:
• Use AMS Local SNTP Server (use this to run SNTP
processes on all 5520 AMS servers)
• Disable SNTP in NE
• Do Not Overwrite SNTP in NE
• External SNTP Server x
SNTP Settings
Server IP Address The IP address of the SNTP server. For a local SNTP server, this
IP address is automatically assigned by the 5520 AMS. IPv4 and
IPv6 address formats are supported for this parameter.
Server Port The server port of the SNTP server. The port is used only when
the Settings Type is set to Use AMS Local SNTP Server or
External SNTP Server x.
Polling Rate The polling rate of the SNTP server. The polling rate applies only
when the Settings Type is set to Use AMS Local SNTP Server or
External SNTP Server x.
NE Assignment
Subnet Address The subnet realm for which the SNTP server will be used.
Subnet Mask The range of IP addresses for which the SNTP server will be
used.
Result: The inventory basic settings are displayed in the Object Details view.
2 Configure the inventory basic settings, as required. Table 77 describes the parameters
available on the Basic Settings page.
Background Collection
Automatic Network Collection This setting controls the background The default is Default Network
at collection of basic inventory data. A Collection.
default collection schedule is predefined
and associated with this setting, so that
an inventory data collection runs once a
day on the entire network. Click Browse
to create a new schedule, as required.
Click Go To to view the default schedule
details and to modify the schedule if
needed.
The parameter does not display in the
5520 AMS GUI when certain
5529 Enhanced Applications are
installed. See the documentation for the
application for more information.
Real-Time Update
Real-Time Update Enabled Select this check box to enable real-time Enabled or disabled.
updates. The default is Enabled.
Process Pending Changes The frequency of pending change The range is 10 s to 300 s.
Every processing by the 5520 AMS. For The default is 30 s.
example, if the default value is chosen,
the 5520 AMS processes pending
changes every 30 s.
Automatic Resynchronization Select this check box to enable automatic The default is Enabled (selected
of Out of Sync NEs resynchronization of out of sync NEs. check box).
If the check box is checked, the
5520 AMS will collect data for the out of
sync NEs every five minutes. The
collection will not appear in the Action
Manager.
Number of Failures Causing The maximum number of times the The range is 1 to 2147483647.
the Collection to Stop 5520 AMS will attempt to collect data for The default is 3.
out of sync NEs. If the number of retries is
exceeded, the automatic collection of out
of sync NEs is stopped.
Delay to Resume Stopped A time period (in seconds, minutes, hours The default is 1 d.
Collection or days) for the collection to resume on
out of sync NEs. The 5520 AMS decides
which collection should be resumed once
in every hour.
The format of the specified duration must
be # s, m, d, or h.
Overload Protection
Collection
Maximum Number of Objects The maximum number of objects for The range is 50 to 1000.
per Request which the 5520 AMS collects inventory The default is 100.
data from the network in a collection
request.
(1 of 2)
(2 of 2)
Investigate and resolve each inventory data collection failure. The 5520 AMS logs
the cause of the inventory data collection failure in the inventory.log file. You can find
this log file on the server, in the $AMS_LOG_DIR directory.
The most common causes of an inventory data collection failure are:
• The NE is not supervised by the 5520 AMS.
• The 5520 AMS does not support the NE plug-in software load.
• The 5520 AMS NE support plug-in is not installed.
Take the appropriate action to resolve an inventory data collection failure. After the
issue is resolved, perform a forced inventory data collection. See chapter 21 for
information about performing forced collections of inventory basic data.
Note — The 5520 AMS client login function does not support
SOCKS Proxy servers.
Procedure 186 To configure the proxy settings in the 5520 AMS Red Hat Enterprise
clients to access the Internet
1 Navigate to the directory where the 5520 AMS Red Hat Enterprise Linux client is installed.
-Dnetwork.proxy_host=proxy_address
-Dnetwork.proxy_port=port
where:
proxy_address is the proxy address to use.
port is the port to use.
Procedure 187 To configure the SIP file transfer protocols using the 5520 AMS GUI
2 In the Object Details view, choose the file transfer protocol from the File Transfer Protocol
drop-down menu.
Note —
• While transferring the XML files from the AMS server to the
FTP server that houses the SIP server, the protocol handling
script is invoked by the 5520 AMS, and calls the appropriate
script based on the SIP file transfer protocol selected (SFTP,
FTP or SCP).
Task See
R4.6.0 or later FTP Server User Name When you enter a username and password, the
values are displayed in the FTP user name and
FTP Server Password password parameters on the FTP tab of the
VoIP Service object.
When you do not enter a user name and
password, you must use anonymous access to
the FTP server. Nokia recommends that you do
not use the amsftp username and password as
the FTP server username and password.
All releases File Transfer Protocol Specify the file transfer protocol, (FTP, SCP or
SFTP) to be used for transferring the SIP files
between AMS and the external FTP server.
Note
(1) When the 5520 AMS is a standalone server, the FTP server can be configured on the 5520 AMS server. When
the 5520 AMS server is part of a cluster, configure an external FTP server.
Create an anonymous FTP user when the 5520 AMS server is configured as the FTP server for
SIP.
You need root privileges to create an anonymous FTP user on the 5520 AMS server.
2 Execute the following command to find out the absolute path of the
$AMS_SHAREDDATA_HOME directory:
For example:
AMS_SHAREDDATA_HOME=/var/opt/ams/shared/ams-9.7-385564
Make a note of this absolute path, as you need to provide this path, while executing the
command to create an anonymous FTP user as a root user.
su root
usermod -c “account” -d
<absolute_path_of_$AMS_SHAREDDATA_HOME_variable>/ne -g amssys -s
/bin/true ftp ↵
Where:
For example:
pwconv ↵
a Edit the /etc/vsftpd/vsftpd.conf file and ensure that the anonymous_enabled is set to
YES and add anon_world_readable_only=NO, and then save and close the file.
anonymous_enable=YES
anon_world_readable_only=NO
b After editing the vsftpd.conf file, restart the system and then start the vsftpd service and
configure it to start during boot.
7 Setup SELINUX file context so anonymous FTP can access the files. Perform one of the
following steps:
<absolute_path_of_$AMS_SHAREDDATA_HOME_variable>/ne(/.*)?<
tab>system_u:object_r:public_content_t:s0
For example:
/var/opt/ams/shared/ams-9.7-385564/ne(/.*)?<
tab>system_u:object_r:public_content_t:s0
“<absolute_path_of_$AMS_SHAREDDATA_HOME_variable>/ne(/.*)?”
For example:
/var/opt/ams/shared/ams-9.7-385564/ne(/.*)?
restorecon –vvFR
<absolute_path_of_$AMS_SHAREDDATA_HOME_variable>/ne
Where:
For example:
restorecon –vvFR
/var/opt/ams/shared/ams-9.7-385564/ne
9 Update SELINUX permissions to allow FTP to write to the file system if the server is used for
G6 backups using FTP:
setsebool -P allow_ftpd_anon_write=1
Note — This step is not required when G6 backups are set up to use
SFTP.
ftp AMS_IP_address ↵
where AMS_IP_address is the IP address of the 5520 AMS. IPv4 and IPv6 address formats are supported.
Note — RHEL does not install the ftp command by default. To add this
command you can run ‘yum install ftp’.
anonymous
ls ↵
Procedure 190 To configure the 5520 AMS to upload the SIP configuration file to an
external FTP server
Perform this procedure to configure an external FTP server to which the 5520 AMS uploads the
SIP configuration file.
2 For a root user, the $AMS_SHAREDDATA_HOME variable is not available to the shell.
Execute the following command to find out the absolute path of the
$AMS_SHAREDDATA_HOME directory:
The absolute path to the shared data directory is displayed. For example:
AMS_SHAREDDATA_HOME=/var/opt/ams/shared/ams-9.4.00-999000
Make a note of this absolute path, as you need to provide this path, while executing the
command to change directory to the shared data directory as a root user.
cd <absolute_path_of_$AMS_SHAREDDATA_HOME_variable>/ne/sip/bin ↵
Where:
cp copyXmlToExternalServer.pl.template copyXmlToExternalServer.pl ↵
6 Open the copyXmlToExternalServer.pl script for editing and change the FTPUSER,
FTPPASSWD, and REMOTEFTPROOT lines to the following:
FTPUSER=”anonymous”
FTPPASSWD=”anonymous”
REMOTEFTPROOT=”/”
Procedure 191 To configure AMS settings for NBI using 5520 AMS GUI
1 In the AMS Administration Tree, choose the EMS Administration → Configuration → NBI →
EMS NBI Settings.
2 In the Object Details view, choose and configure the AMS settings as required. Table 81
describes the parameters available on the AMS Settings.
Parameters Description
Operation Timeout Indicates the operation timeout (secs). The valid values range
from 60 to 3600. The default value is 180.
Heartbeat Interval Indicates the interval at which the Heartbeat event is generated.
The valid values range from 1 to 900.The default value is 60.
Keep Configuration Keeps the default roles, functions and properties in case the AMS
NBI is undeployed, else this parameter removes these values.
The valid values are true or false. The default value is true.
JMS Delivery Mode Indicates the delivery mode for JMS messages to specify whether
messages are lost or can be recovered if the JMS provider fails.
The valid values are NON_PERSISTENT and PERSISTENT. The
default value is NON_PERSISTENT.
Max Concurrent Operations Indicates the maximum number of concurrent operations. The
valid values range from 1 to 20. The default value is 3. It is
applicable to all AMS NBI operations, except the executeAction
parameter.
Max Concurrent ExecuteAction Operations Indicates the maximum number of concurrent operations for the
executed action. The valid values range from 1 to 50000. The
default value is 50.
NE Group Creation Indicates whether a new NE is created under the group name or
a new group is created with the name of the NE being created by
the createManagedElement operation.
The valid values are “Use Group Name Attribute Value” and “Use
NE Name When Group Name Attribute is Empty”. The default
value is “Use Group Name Attribute Value”.
When the value is set to “Use Group Name Attribute Value”, the
5520 AMS looks for the group with the name in groupName
attribute and creates the NE under this group. If no value is
provided in groupName, the NE is created under the Group
Network folder.
When the value is set to “Use NE Name When Group Name
Attribute is Empty”, there are three behaviors:
• When the user sends the operation without any value in the
groupName attribute, the 5520 AMS creates a new group
under the Group Network folder with the name of the
systemName value (which is the NE name being created). If
the group already exists, or the group exists but not directly
under the Group Network, then the 5520 AMS uses this
existing group and creates the NE under it.
• When the user sends the operation with a name in
parentNeGroupName, the 5520 AMS looks for the folder
name in which the NE with this name (value of
parentNeGroupName) exists, and creates a new NE in the
same folder. If the group already exists, then the 5520 AMS
uses this existing group and creates the NE under it.
• When the user sends the operation with a name in
parentNeName which does not exist in the list of NEs, an
exception “The NE: <value of parentNeName> provided in
parentNeName does not exist is returned.
1 In the Administration Tree, choose the EMS Administration → EMS System→ Site
(server_name) → 5530 NA-F Settings.
Parameters Description
General
Enable OTDR Status & Results Select this check box to enable OTDR. Ensure to enable this
check box after data migration to enable OTDR.
IP Address The IP address of the 5530 NA-F server. Only IPv4 IP address
format is supported.
Port Number The TCP port number of the 5530 NA-F server. Default value is
80. The value 0 indicates that the port is not used.
NBI Username The default username to log in to the 5530 NA-F NBI.
NBI Password The default password to log in to the 5530 NA-F NBI.
Re-type NBI Password
Raise Alarm When Cannot Connect To 5530 Select this check box to raise alarms when the 5520 AMS cannot
NA-F Server connect to the 5530 NA-F server.
Interval Check The time interval to check if the 5530 NA-F connection is
established.
Refresh
OTDR View Refresh Interval A time period, in seconds, before OTDR view is refreshed.
For more information about management of ONT devices using the TR-69 protocol
in the 5520 AMS GUI, see the Operations and Maintenance Guide of the NE.
Before you proceed, the HDM Lite version must be installed and configured on the
5520 AMS server.
1 In the Administration Tree, choose the EMS Administration → EMS System→ Site
(server_name) → HDM NBI Settings.
Parameters Description
General
Enable TR-069 Management Select this check box to enable TR-069 management.
If this check box is not selected, the remaining parameters in this
view are disabled, and the TR-069 management parameters in
the ONT object are also disabled. All device configuration in the
HDM is removed.
Communication with HDM
Port Number The TCP port number of the HDM server. Default is 7005. 0
indicates that the port is not used.
Interval Check The 5520 AMS periodically polls the HDM Server to check if the
connection to the HDM server is established; and raises an alarm
when the request times out or is rejected due to incorrect
credentials. The default polling frequency is 15 minutes.
1 In the Administration Tree, choose the EMS Administration → Configuration → Zero Touch
Provisioning → Zero Touch Provisioning Settings.
Parameters Description
General
Enable Zero Touch Provisioning Select this check box to enable zero touch provisioning.
By default, the option is not selected.
Replace passive SW if present Select this check box to replace the existing passive software.
By default, the parameter is selected.
Reduce existing SW on NE (Delete unwanted Select this check box to reduce existing software on an NE and to
SW files) delete the unwanted software files.
By default, the parameter is not selected.
Number of Retries Configure the number of retries for the software download for zero
touch provisioning enabled NEs.
The default value is 0.
(1 of 2)
Parameters Description
Delay Between Action Retries Configure the duration (in minutes) for which the software
download needs to wait to automatically retry a failed action in the
Delay Between Action Retries field. This parameter is applicable
only if retries are configured for the software download operation
in the Number of Retries field.
The Delay Between Action Retries parameter is disabled when
the Number of Retries parameter value is set to 0.
The default value is 10 minutes.
(2 of 2)
Notes
(1) You need to enter CLI username and password if software upgrade is enabled.
Managing data
21 Managing data
21 Managing data
21.1 Managing data overview
The database backup script creates a compressed .tar or .gz file with a filename and
location that you specify when you run the script.
Note 1 — Do not back up the database to the /tmp directory or
the shared data directory. The default shared data directory is
/var/opt.
Note 2 — On a server running the Red Hat Enterprise Linux
operating system, do not back up the database to the /tmp
directory, the shared data directory or the LVM volume of the
database storage directory.
If the standby data server that is running the backup script fails before the backup
operation is complete, the script does not resume automatically when the server
restarts. You must manually run the backup script on the new standby data server,
or on the original standby data server after it resumes operation.
To perform the procedures in this section, you need to be able to log in to the
5520 AMS server as amssys. See Procedure 8 to log in to a 5520 AMS server as
amssys.
where:
destination URL is the location where the generated backup file will be stored. This can be a local file or
a location on a remote server. For backup file transfer to a remote server, both ftp and sftp protocols are
supported.
For example:
ams_backup.sh ftp://username:password@desHost/backupFile
ams_backup.sh /var/opt/ams/users/amssys/test123
Note — This option backs up the database, but not the common
directory, which contains the NE backup files.
• To force the backup of the active data server in a 5520 AMS cluster, type:
• To compress the backup file in the local system in the .gzip format, type:
The backup file will be saved as .tar.gz. If the file format is not specified, the backup will
be saved in .tar format in the local system. For external server, the file will be
automatically compressed and transferred in .tar.gz format.
Result: The 5520 AMS backup script starts. The following is a sample of the script output.
The database backup file is stored with the filename and location that you specified when you
ran the script in step 2. Backup log files (ams_backup.trace) are stored in a traces folder,
which is located in the $AMS_DEBUG_DIR directory.
1 Log in to the 5520 AMS standby data server in the active site as amssys.
2 To start the backup script on the standby data server in the active site, type:
where:
destination URL is the location where the generated backup file will be stored. This can be a local location or
a location in a remote server.
For example:
ams_backup.sh ftp://username:password@desHost/backupFile
ams_backup.sh /var/opt/ams/users/amssys/test123
Result: The 5520 AMS backup script starts. The following is a sample of the script output.
The database backup file is stored with the filename and location that you specified when you
ran the script in step 2. Backup log files (ams_backup.trace) are stored in a traces folder,
which is located in the $AMS_DEBUG_DIR directory.
ams_nebackup.sh backupfilename.tar
where:
backupfilename is the name of the backup file that is generated by the script.
For example:
ams_nebackup.sh /var/tmp/backup_today.tar
ams_nebackup.sh -c backupfilename.tar
Note — This option backs up the NE backup database, but not the
common directory, which contains the NE backup files.
Result: The 5520 AMS NE backup script starts. The following is a sample of the script output.
The database backup file is stored with the filename and location that you specified when you
ran the script in step 2. Backup log files (ams_backup.trace) are stored in a traces folder,
which is located in the $AMS_DEBUG_DIR directory.
In a cluster environment, you can run the ams_schedule_backup script on all data
servers, and set all data servers to run the backup schedule at the same time. The
schedule will run the backup on the slave data server if database and shared file
system replication are in sync. If database and shared file system replication are not
in sync, the backup will run on the active master server. In a geographically
redundant installation, the schedule will back up the standby data server in active
site.
Table 85 describes the options for the script. You can enter options on the command
line, or use a configuration file to provide options. The configuration file,
ams_schedule_backup.env, is provided with the 5520 AMS server software and
includes the default values.
-bd The full path to a The directory where backup files will be stored. The directory
directory on the must exist and be owned by amssys.(1)
server
-bt A time in the format The time the backup will be run. To enter multiple times, use
hh:mm double quotes, for example “02:00 04:00”.(1)
-bf A number The number of backup files to keep. One file will be kept per day
unless the files are saved to different directories.(1)
(1 of 2)
-bb YES or NO Remove all existing backup files in the backup directory.
-fe YES or NO Enable automatic FTP transfer of the backup file. The default is
NO.
Only one FTP server can be configured from the command line.
To set up multiple FTP servers, run the script in interactive
mode.(1)
-se YES or NO Enable automatic SFTP of the backup file. The default is NO.
Only one SFTP server can be configured from the command
line. To set up multiple SFTP servers, run the script in interactive
mode.(2)
-fa A hostname or IP The hostname or IP address to FTP or SFTP the backup file.(1)
address
-fu A username The username to access the remote FTP or SFTP server.(1)
-fd A directory name The name of the directory to store data in the remote server. The
FTP or SFTP user must be the owner of the destination directory
and must have write permission to the directory.(1)
-fm An e-mail address The e-mail address to send the status of the FTP or SFTP
transfer.
(2 of 2)
Note
(1) Example of script usage:
ams_schedule_backup -bn YES -bs YES -bd /builds -bt “16:26” -bf 1 -bb NO -bz
YES -se YES -fa 10.150.1.30 -fd /Your_Directory -fu testuser
Procedure 198 To modify the default options for the ams_schedule_backup script
vi amssys_home_account/bin/ams_schedule_backup.env ↵
where amssys_home_account is the home account of amssys. This directory depends on the values provided
during the 5520 AMS installation.
4 Save and close the file. The script will be run using the values you have entered unless a
different option is entered on the command line.
ams_schedule_backup ↵
ams_schedule_backup options ↵
where:
options is the options you need to over-ride.
For example, entering ams_schedule_backup -bt 02:00 -fe YES -fa 124.120.0.0 fu ftpuser
-fp ftppass -fm user@domain.com will create a cron job to backup the database at 2:00
AM and FTP the backup file to 124.120.0.0. The credentials for the FTP server are ftpuser
and ftppass. When the transfer is complete, an e-mail will be sent to user@domain.com.
ams_schedule_backup -int ↵
Procedure 200 To restore the 5520 AMS database on the same standalone server
ams_server stop ↵
ams_restore.sh backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh /var/tmp/backup_today.tar
ams_server start ↵
Procedure 201 To restore the 5520 AMS database on the same cluster
1 Log in to the active 5520 AMS data server in the cluster as amssys.
ams_cluster stop ↵
ams_restore.sh backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh /var/tmp/backup_today.tar
4 Once the 5520 AMS database restore is successful, start the servers in the cluster by typing:
ams_cluster start ↵
Procedure 202 To restore the 5520 AMS database on the same geo-redundant
cluster
1 Log in to any of the 5520 AMS servers in the standby site as amssys.
ams_cluster stop ↵
3 Log in to the active 5520 AMS data server in the active site as amssys.
ams_cluster stop ↵
5 Start database restore on the active data server in the active site by typing:
ams_restore.sh backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh /var/tmp/backup_today.tar
6 Once the AMS database restore is successful, start the servers in the active site cluster by
typing:
ams_cluster start ↵
ams_cluster start ↵
Procedure 203 To restore the 5520 AMS database on the same geo-redundant
simplex
ams_server stop ↵
ams_server stop ↵
ams_restore.sh backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh /var/tmp/backup_today.tar
6 Once AMS database restore is successful, start the server in the active site by typing:
ams_server start ↵
ams_server start ↵
ams_nerestore.sh backupfilename.tar ↵
ams_nerestore.sh -b backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
• The 5520 AMS software must be installed on the new server with a new IP
address and site name. All other settings must be the same as on the old server
(including 5520 AMS version, machine role, directories, and plug-ins).
• You must stop all 5520 AMS application and data servers before restoring data.
See appendix 31.2 for information about using the ams_server script to stop a
server. When you are using the 5520 AMS in a cluster, stop the application and
data servers by using the ams_cluster script to stop the servers in a cluster.
See 31.7 for more information.
Perform one of the following procedures to restore the 5520 AMS database on a
different server:
• On a new standalone server (see Procedure 205)
• On a new cluster (see Procedure 206)
• On a new geo-redundant cluster (see Procedure 207)
• On a new geo-redundant simplex (see Procedure 208)
Procedure 205 To restore the 5520 AMS database on a new standalone server
ams_server stop ↵
ams_restore.sh -n backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh -n /var/tmp/backup_today.tar
ams_server start ↵
Note — You must obtain and apply new licenses that contain the host
ID of the current server.
1 Log in to the active 5520 AMS data server in the cluster as amssys.
ams_cluster stop ↵
ams_restore.sh -n backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh -n /var/tmp/backup_today.tar
4 Once the AMS database restore is successful, start the servers in the cluster by typing:.
ams_cluster start ↵
Note — You must obtain and apply new licenses that contain the host
ID of the current server.
Procedure 207 To restore the 5520 AMS database on a new geo-redundant cluster
1 Log in to any of the 5520 AMS servers in the standby site as amssys.
ams_cluster stop ↵
3 Log in to the preferred 5520 AMS data server in the active site as amssys.
ams_cluster stop ↵
5 Start database restore on the active data server in the active site by typing:
ams_restore.sh -n backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh -n /var/tmp/backup_today.tar
6 Once AMS database restore is successful, start the servers in the active site cluster by
typing:
ams_cluster start ↵
ams_cluster start ↵
8 Apply licenses to the servers in the active and standby sites. See chapter 5.
Note — You must obtain and apply new licenses that contain the host
ID of the current server.
Procedure 208 To restore the 5520 AMS database on a new geo-redundant simplex
ams_server stop ↵
ams_server stop ↵
ams_restore.sh -n backupfilename.tar ↵
where:
backupfilename is the name of the backup file you need to restore from.
For example:
ams_restore.sh -n /var/tmp/backup_today.tar
6 Once AMS database restore is successful, start the server in the active site by typing:
ams_server start ↵
ams_server start ↵
8 Apply licenses to the servers in the active and standby sites. See Chapter 5.
Note — You must obtain and apply new licenses that contain the host
ID of the current server.
If the application server that is running the software backup script fails before the
software backup operation is complete, the script does not resume automatically
when the server restarts. You must manually run the software backup script on the
new application server, or on the original application server after it resumes
operation.
ams_sw_backup.sh backup_name ↵
where backup_name is a name for the backup, which is used as a prefix for the backup file produced by the
script.
3 The script executes, creating a backup file in the directory where you executed the script. The
backup file is named in the following format:
backup_name.hostname.bin ↵
where:
backup_name is the name for the backup that you defined in step 2.
hostname is the host name of the system on which you performed the backup.
Note — The 5520 AMS software can also be restored using the
software backup script.
2 Copy the .bin backup file you created in Procedure 209 to the shared data directory.
3 Start the software restore by typing the name of the .bin backup file and pressing ↵. The
5520 AMS begins to install.
4 See the procedures in Section 21.3 if you need to restore the 5520 AMS database as well.
For information about migrating data from earlier releases or from another EMS, see
the 5520 AMS Installation and Migration Guide.
1 Log in to the 5520 AMS client and close all active user sessions, other than the administrator
session. See Chapter 11.
2 Choose File→Export.
Result: The Export window opens, showing the directory on the 5520 AMS server to which
data will be exported.
3 In the Export window, select the check boxes for the application filters or click Select All to
select all filters.
Some applications can be filtered based on NE information. The Select NE Filter check box
is enabled when one of these applications is selected for export.
Note — When you export NEs from one server to another, make sure
you export all applications that contain NE specific data (these are the
applications mentioned above). For example, exporting NEs with splitters
requires to select the following two applications:
• 'Link Management' for the links between PON port, Splitters, and
ONTs.
• 'Subscriber Search Categories, Custom Fields & Objects" for the
Splitter objects and their attributes.
5 Select the filters in the Filters panel and click Build List.
Result: The NE Selection window closes and the selected NEs appear in the NE Filter panel
of the Export window.
7 Click Finish.
Result: An Export Result view displays the export file name and the successful, ignored, and
failed records from the export.
• To store the information in the Export Results window, click Copy to Clipboard.
Result: All entries created are copied to the clipboard. Paste the results into a text editor
and save the file.
• To view the log summary for each application, click View log file.
• To close the window, click OK.
Procedure 212 To selectively export records using the 5520 AMS GUI
User Name
Description
Roles
Allowed PAP Groups
PAP Name
Description
Template type
Template version
1 Log in to the 5520 AMS client and close all active user sessions, other than the administrator
session. See Chapter 11.
2 Choose File→Export.
Result: The Export window opens, showing the directory on the 5520 AMS server to which
data will be exported.
3 In the Export window, select the check box for the application which you need to selectively
export.
Result: The Filter option is enabled when ‘User Management’ or ‘Templates and Jobs’
application is selected.
4 Click Filter.
• Select all objects - This is the default option selected, if this option is selected, selective
filtering is not applied. Click Finish. The Filter option is set to No in the Export window. All
records are exported. Proceed to step 12.
• Select a subset of objects - If you select this option, you can select records to be exported
by applying filter criteria.This option enables the ‘Selected Records’ frame in the Enable
Filter window. Proceed to step 6.
6 Click Add to build a list based on a criteria and select records for export.
i Select the type of record to be filtered in the Record Type drop-down list (for example,
Any).
Note — If the Record Type ‘Any’ is selected then all the records will be
retrieved. The operator has to select the user and their roles or PAPs
together.
• Match all of the following - to match all of the defined filter criteria.
• Match any of the following- to match any of the defined filter criteria.
iii From the first drop-down menu, select an attribute (for example, Name).
iv From the second drop-down menu, select an operator (for example, Contains).
v In the field, enter a string for the filter (for example, Admin).
vi To add more filter phrases to your filter, click the ‘+’ and repeat steps iii to v.
Click ‘-’ to remove the filter phrases. See Table 86 for types of application records and
types of filter attributes for filtering.
Result: The records that match the filter criteria are displayed in the Filtered Records
panel.
8 Select the records that you want to export or click Select All to select all filtered records for
export.
9 Click Apply.
Result: The selected records from the ‘Filtered records’ panel in the Filter window are moved
to the Selected Records panel in the ‘Enable Filter’ window.
Result: The ‘Select Records to Export’ window is closed.The selected filtered records are
reflected in the ‘Enable Filter’ window.
Warning — If you select the Select all objects option when there are
filtered records in the Selected Records panel, a message is displayed:
Are you sure you want to clear the filter?
If you click OK, the filtered records are cleared from the Selected Records
panel.
Select the Select all objects option only if you want to clear the filtered
records.
Some applications can be filtered based on NE information. The Select NE Filter check box
is enabled when one of these applications is selected for export.
Note — When you export NEs from one server to another, make sure
you export all applications that contain NE specific data (these are the
applications mentioned above). For example, exporting NEs with splitters
requires to select the following two applications:
• 'Link Management' for the links between PON port, Splitters, and
ONTs.
• 'Subscriber Search Categories, Custom Fields & Objects’ for the
Splitter objects and their attributes.
13 Select the filters in the Filters panel and click Build List.
Result: The NE Selection window closes and the selected NEs appear in the NE Filter panel
of the Export window.
Result: An Export Result view displays the export file name and the successful, ignored, and
failed records from the export.
• To store the information in the Export Results window, click Copy to Clipboard.
Result: All entries created are copied to the clipboard. Paste the results into a text editor
and save the file.
• To view the log summary for each application, click View log file.
• To close the window, click OK.
• The data you are importing must first be exported to a 5520 AMS server.
• You may have to copy the export .tar.gz file to the server to which you need to import if
the export file is available on a different machine.
The path to the export file is:
$AMS_EXTERNAL_SHAREDDATA_HOME/export/ams/export.tar.gz
Note 2 — When you are importing software management and jobs, first
place the software package in the following location in the server where
you are importing the data:
• $AMS_EXTERNAL_SHAREDDATA_HOME/ne/software, in case of
NE software packages
• $AMS_EXTERNAL_SHAREDDATA_HOME/ont/software, in case of
ONT software packages
i Click Browse.
Result: The Files in shared data directory window opens, showing the export directory
in the shared data directory on the server.
Result: The Import window displays the path and file you have chosen.
iv Click Next.
Result: The second Import window opens. The Import File Info panel shows the
information included in the import file. The Application Filter panel shows the
applications from which you can import data.
3 In the Application Filter panel, select the applications from which you need to import data.
You can click Select All if you need to include all applications in the import.
Enabling ‘Overwrite’ will modify existing objects when records with the
same name are imported. Use with care.
4 Click Finish.
Result: An Import Result window displays the results, including successful, ignored, failed,
and overwritten records, from the import process.
Result: An Import/Migration window opens, prompting you to restart the 5520 AMS client for
the changes to take effect.
The 5520 AMS saves the data using configurable field separators or delimiters. To
be able to process the saved data, you need to set the field separator in the
5520 AMS GUI to match the field separator configured on your workstation. In the
Windows environment, the value of the field separator depends on the configured
Regional and Language Options, and is related to how your system displays numeric
values. Look for the List separator parameter in the Regional and Language Options,
and ensure that the CSV Separator parameter in the 5520 AMS GUI is set to the
same value.
Use Procedure 214 to set the field separator in the 5520 AMS GUI.
Procedure 214 To configure the field separator in the 5520 AMS GUI
(1 of 2)
The userID does not have Administrator Add the applicable Administrator privileges to the
privileges. userID.
(2 of 2)
1 In the Network Tree, click an NE group or on one or more NEs to select them.
Result: Selecting this option performs a forced collection of data. The Basic Inventory
Collection window opens, and shows the operation progress.
Note — You can also view the operation progress in the Progress view.
To open the Progress view, choose Window→Show
View→Other→Platform→Progress, and click OK.
3 To get more details about the inventory data collection while the operation is running, do the
following:
i Click the Open Perspective icon ( ), and choose the Action Manager perspective to
open the Action table.
ii In the Action table, double-click the row that corresponds to your forced inventory data
collection.
where:
file_size is the size of the fragments, in bytes. You can enter a value in kb followed by k, or a value in Mb
followed by m (for example, using a value of 1024m creates fragments 1024 Mb in size).
backup_file is the backup file you created in step 1.
5 If required, erase the backup file or file fragments on the 5520 AMS data server.
2 Create a directory named AMS_RESTORE. Nokia recommends that you create the directory
outside of the 5520 AMS directory structure, and on a volume with available space that is
greater than twice the size of the backup file.
where backup_file is the name of the backup file you split in Procedure 216.
6 If required, restore the 5520 AMS using the backup file, as described in section 21.3 or
section 21.5.
22 Managing schedules
22.1 Schedules overview
1 In the Schedule view, in the List of schedules panel, click Add Schedule.
3 Configure the parameters in the Add Schedule window, as described in Table 88.
Parameter Description
State Active allows this schedule to be assigned to tasks or jobs in the 5520 AMS.
Start Displays a calendar and a clock to set the start date and time for the current schedule
Date/Time
End Displays a calendar and a clock to set the end date and time for the current schedule
Date/Time
4 Click Finish to create the simple schedule. The schedule is added to the List of Schedules in
the Schedule view, which is described in section 22.4.
1 In the Schedule view, in the List of schedules panel, click Add Schedule.
2 Configure the parameters in the Add Schedule window, as described in Table 89.
Parameter Description
State Active - allows this schedule to be assigned to tasks or jobs in the 5520 AMS.
Suspended - prevents this schedule assignment in the 5520 AMS.
Start Displays a calendar and a clock to set the start date and time for the current
Date/Time schedule.
End Date/Time Displays a calendar and a clock to set the end date and time for the current
schedule.
Days of week If you set the schedule to Weekly, select the check boxes for the days on which you
need to execute the schedule.
Day of Month If you set the schedule to Monthly, you can configure the schedule to run on the first
or last day of the month, every nth day of the month, or every x day of every x week.
Result: The schedule is added to the List of Schedules in the Schedule view, which is
described in Section 22.4.
The Show Schedules window only displays the schedules that are planned for the
selected NE, and the jobs associated with those schedules directly interact with the
selected NE. For example, an NE backup or NE software download. Examples of
jobs that do not interact with the NE, and so are not displayed in the Show Schedules
window, include exporting data from the 5520 AMS server and querying NE
attributes using certain 5529 Enhanced Applications.
1 In the Schedule view, choose a schedule from the List of schedules panel.
4 Click Finish.
1 In the Schedule view, choose a scheduled task from the List of Jobs panel.
Result: The Job Details window appears. The details of the operation are displayed in the
Details section.
3 To add an NE to the list of Selected NEs or Excluded NEs, perform the following:
iii Use the filters in the Filters panel and click Build List.
Result: The NEs appear in the list on the right side of the window.
Note — In the Name field, you can enter part of the name or use the
asterisk (*) as a wildcard. Enter one string at a time.
Result: The NE Selection window closes and the selected NEs or groups appear in the
specified panel of the Job Details window.
4 To remove any of the selected NEs or NE groups, choose the NE or group in the panel, and
click Remove.
5 Click Finish.
1 In the Schedule view, choose a scheduled task from the List of Jobs panel.
3 Click Yes.
1 In the Schedule view, choose a schedule from the List of schedules panel.
3 Click Yes.
Note — The 5520 AMS supports the backup of multiple NEs at the
same time.
ii Use the filters in the Filters panel and click Build List.
Result: The NEs appear in the list on the right side of the window.
Note — In the Name field, you can enter part of the name or use the
asterisk (*) as a wildcard. Enter one string at a time.
The NE Selection window closes and the selected NEs or groups appear in the Selected
NEs panel of the Backup NE window. To remove any of the selected NEs or NE groups,
choose the NE or group in the Selected NEs panel, and click Remove.
5 Perform the following if you need to exclude NEs. For example, if you selected an NE group
in step 4 and need to exclude NEs or groups that are within the selected group from the
backup.
iii Use the filters in the Filters panel and click Build List.
Result: The NEs appear in the list on the right side of the window.
Note — In the Name field, you can enter part of the name or use the
asterisk (*) as a wildcard. Enter one string at a time.
The NE Selection window closes and the selected NEs or groups appear in the
Excluded NEs panel of the Backup NE window. To remove any of the excluded NEs or
NE groups, choose the NE or group in the Excluded NEs panel, and click Remove.
Note — When you back up the NE, the 5520 AMS creates an NE
backup file in the $AMS_LOCALDATA_HOME/ne/backup directory.
Result: The Backup Restore view opens with the Backup tab selected by default and the NE
displayed in the Selected NEs panel.
Note — When you back up the NE, the 5520 AMS creates an NE
backup file in the $AMS_LOCALDATA_HOME/ne/backup directory.
To view web links on alarms or historical alarms, go to the Alarm perspective and
right-click on an alarm and choose Web Links→Customized web link name.
Before you proceed, ensure that your user account is assigned a role that includes
the necessary functions to perform the procedures in this section.
See Table 14 for more information.
Column Description
NE Type / Release Displays the NE type and release for the NE object to which
a customized web link is added. Also displays ‘Platform’ for
an object defined in the Administration Tree to which a
customized web link is added.
Object Displays the object selected for NE type and release or
platform to which a customized web link is added.
Displayed if.. Displays the selected attribute condition for the object.
You can use the icons in the toolbar of the Customized Web Links view to compress
the table and add , modify , delete , or duplicate links.
The keywords are evaluated when the URL is validated, depending on the context.
The 5520 AMS replaces the keywords enclosed in the angle brackets (< >) by their
actual values. For example, if you selected the AMS Site Name parameter, the <site>
string is added to the specified URL. When the URL is validated, the string is
replaced by the name of the 5520 AMS site. If you select the application server IP
address, the <appServer> string is added to the specified URL. When the URL is
validated, the string is replaced by the application server IP address to which the
5520 AMS client is connected. If you select the object full friendly name option, the
<MO_name> string is added to the specified URL. When the URL is validated, the
string is replaced by the full friendly name of the NE object. This object is the object
that is currently displayed in the Object details view.
Parameter Description
NE Type / Release The type of NE and the release for which you need to create
the link.
To add a web link for an alarm or historical alarm, or to add
a web link in the Tools menu, choose the Platform object.
(1 of 2)
Parameter Description
Object The type of objects that are available for the selected NE
type and release.
To add a web link for an alarm or historical alarm, choose the
Alarm or Historical Alarm object.
To add a web link in the Tools menu, choose the Tools menu
object.
Display the link only if Link is always displayed on the object if the check box is not
selected. Select the check box to configure the Attribute and
Contains parameters. This check box is not selected by
default.
Alias The name of the link as it will appear in the Object Details
view or in the Tools menu.
Link The URL of the link. There are two URL types: website and
e-mail.
(2 of 2)
4 Insert dynamic data for the URL by performing the following steps:
Note — The dynamic data string is generated in the URL where the
cursor is positioned. If the cursor is not present in the URL field, then it is
appended to the URL.
• Attribute Value — Defines attribute value keywords for the URL (default).
• Object Full Friendly Name — Defines object full friendly name keywords for the URL.
• Comment Value — Defines comment value keywords for the URL.
• Current User Name — Defines current user name value keywords for the URL.
• AMS Site Name — Defines the 5520 AMS site name as the keyword for the URL.
• Application Server IP Address — Defines the application server IP address keyword
for the URL.
Parameter Description
Attribute Value
Attribute Identifies the attribute of the selected object from which the
value will be taken.
Replace the space character by Indicates which operator has to be used to modify the value
of the selected attribute.
Modify Attribute Value Indicates how much has to be added or subtracted for the
attribute value.
Comment Value
WEBLINK Key Identifies the key of a comment on the selected object from
which the value will be taken.
The key must be added as a comment to the object in the
Network Tree using the format: WEBLINK(Key)=value. For
example; if the comment “WEBLINK(ip_addr)=172.31.1.1”
is present on an object, then using the key “ip_addr” will
result in 172.31.1.1 being evaluated in the URL.
Application Server IP Address Indicates the application server IP address to which the
5520 AMS client is connected.
The Application Server IP Address inserts the tag
<appServer> in the Link field. When the link is evaluated to
build the final URL, any occurrence of the tag <appServer>
is replaced by the IP address of the application server to
which the GUI is connected.
iv Click Finish.
5 Click Finish.
Result: The web link is displayed in the Customized Web Links view table.
5 To insert dynamic data for the URL, perform the following steps:
Note — The dynamic data string is generated in the URL where the
cursor is positioned. If the cursor is not present in the URL field, then it is
appended to the URL.
• Attribute Value — Defines attribute value keywords for the URL (default).
• Comment Value — Defines comment value keywords for the URL.
• Current User Name — Defines current user name value keywords for the URL.
• AMS Site Name — Defines the 5520 AMS site name as the keyword for the URL.
iv Click Finish.
6 Click Finish.
Result: The modified web link is displayed in the Customized Web Links view table.
2 Select one or more links from the Customized Web Links view table.
Result: The selected links are deleted from the Customized Web Links view table.
2 Select one or more links from the Customized Web Links view table.
4 Select the NE type and release to which you want to copy the links. You can select multiple
NE types and releases.
5 Click Finish.
Result: The links are copied to the new NE type and release and displayed in the Customized
Web Links view table.
• In the Create window or Actions window for the object type for which you are configuring
a default template, click Save As for Operator Defaults.
• In the Object Details view for the selected object, click the View Menu icon ( ), and
choose Operator Defaults→Save As.
Result: The Save New Operator Defaults window opens.
Note — To make this template the one selected by default, select the
Preferred check box. Only one template can be the preferred default.
3 Click Finish.
Result: The new operator default template is now available to use when creating the same
object type.
3 To display the operator defaults for a specific template, choose the template and click the
Show Details icon ( ).
3 Choose the operator default template that you need to copy, and click the Duplicate icon.
4 Choose the NE to which you need to copy the operator default template.
5 Click Finish.
• In the Create window or Actions window for the object type for which you are modifying
an operator default template:
• Choose the operator defaults template name from the drop-down menu and click
Operator Defaults Save As.
Result: The Save New Operator Defaults window opens.
• Choose the operator defaults template name from the drop-down menu.
Note — When you opened the Save New Operator Defaults window from
the Create window or Actions window, you can create an operator default
template by typing a new name for the template.
2 Select or de-select the Force This Operator Defaults or Preferred Operator Defaults
parameters and click Finish.
3 Click OK.
3 Choose the operator default template that you need to delete, and click the Delete icon ( ).
Are you sure you want to delete the selected operator defaults?
4 Click Yes.
(1 of 3)
(2 of 3)
(3 of 3)
01 Albania 64 Lebanon
02 Algeria 65 Lesotho
05 Anguilla 68 Liechtenstein
09 Australia 6C Malaysia
0A Austria 6D Malawi
0B Bahamas 6E Maldives
0C Bahrain 6F Mali
0D Bangladesh 70 Malta
0E Barbados 71 Mauritania
0F Belgium 72 Mauritius
10 Belize 73 Mexico
12 Bermudas 75 Mongolia
13 Bhutan (Kingdom of) 76 Montserrat
14 Bolivia 77 Morocco
15 Botswana 78 Mozambique
16 Brazil 79 Nauru
(1 of 4)
1D Burundi 80 Niger
1E Byelorussia 81 Nigeria
1F Cameroon 82 Norway
20 Canada 83 Oman
25 Chile 88 Peru
26 China 89 Philippines
28 Comoros 8B Portugal
2C Cuba 8F Rwanda
2D Cyprus 90 Saint Kitts and Nevis
36 Egypt 99 Senegal
37 El Salvador 9A Seychelles
(2 of 4)
39 Ethiopia 9C Singapore
3D France A0 Spain
40 Gabon A3 Suriname
41 Gambia A4 Swaziland
42 Germany A5 Sweden
43 Angola A6 Switzerland
44 Ghana A7 Syria
45 Gibraltar A8 Tanzania
46 Greece A9 Thailand
47 Grenada AA Togo
48 Guam AB Tonga
4A Guernsey AD Tunisia
4B Guinea AE Turkey
4D Guayana B0 Tuvalu
4E Haiti B1 Uganda
4F Honduras B2 Ukraine
54 Indonesia B7 Uruguay
56 Iraq B9 Vanuatu
58 Israel BB Venezuela
59 Italy BC Vietnam
(3 of 4)
5E Jordan C1 Yugoslavia
5F Kenya C2 Zaire
60 Kiribati C3 Zambia
62 Kuwait — —
(4 of 4)
2 Click Add.
Code See Section 24.1 for a list of Specifies the code for the
codes selected ITU-T country or
ANSI/ETSI vendor
Value See Section 24.1 for a list of Specifies the name of the
codes selected ITU-T country or
ANSI/ETSI vendor
Type ANSI & ETSI Vendor Specific Specifies the code type
Code
ITU-T Country Code
ITU-T Vendor Code
ITU-T Vendor Specific Code
3 Click Delete.
Cluster management
25 Cluster management
25 Cluster management
25.1 Cluster management overview
• Licensing: You need a license for each application server in the cluster. See
chapter 5 for more information about licenses.
• SSL: If you are using SSL in a cluster, SSL must be enabled on every server in
the cluster and the keystore key and password must be the same. See Chapter 7
for more information about SSL.
• SNTP: You need to run one SNTP server process on each application server. See
chapter 14 for more information about SNTP.
• Using External TL1 Gateways: You need to configure a virtual IP address for the
cluster and one TNM user for each application server. See Chapter 16 for more
information about external TL1 gateways.
• Backing up the 5520 AMS database: Nokia recommends that you schedule
backups as a cron job in a cluster environment. See Section 21.2 for more
information about backing up the database.
You can use the ams_cluster script to monitor, stop and start a cluster. See
Section 31.7.
In a cluster setup with three or more application servers, when the Master application
server loses communication with the cluster, the NEs will be rebalanced among the
other application server(s) within the cluster, and not on the isolated application
server.
Every five minutes, the 5520 AMS checks if the NEs are balanced correctly across
the cluster. If not, it will rebalance them.
You can add an argument to the ams_server stop script to stop a server without
rebalancing the load.
Processes that only need to run on one server, known as singleton processes, are
run on the first application server to start. This is the master application server. If the
master application server is not running, client sessions are disconnected. If other
application servers are not running, client sessions are maintained.
In a cluster environment, if one of the machines faces NIC failure the 5520 AMS GUI
cannot load the Object Details view till the reachable application server in the cluster
detects that there is no connectivity with the other server.
If an operation is performed after an application server has failed but before activity
switches to a redundant application server, the operation fails and client sessions are
disconnected. If the operation is performed on an NE that is associated with the
application server, an error message is displayed.
Note — A local cluster or 1+1 hardware configuration with a
shared SAN disk provides both high availability (distributing the
load amongst active application servers) and local redundancy
(database servers running in active and standby mode). In this
type of configuration, if you stop the active machine, all
processes and functionality are stopped on the active machine
and a switchover to the standby machine is initiated.
Before you proceed, you need to be able to log in to the 5520 AMS server as amssys. See
Procedure 8 to log in to a 5520 AMS server as amssys.
3 When you are ready to start the server, no argument is needed. Type:
ams_server start ↵
• You encounter a problem with the application server managing the NEs.
• You want to manually balance the load by offloading an application server and distributing
the load over the remaining application servers.
• You encounter a problem with the DCN connection for the application server and do not
want to completely shut down the application server.
1 In the Administration Tree, choose EMS Administration → EMS System → Site → Application
& Data Servers.
2 Right-click the Application Server object from which you want to move the NEs to the
remaining application servers and choose Actions → Evacuate NE.
Result: A window opens and provides details about the progress of the evacuate action.
When evacuate action is completed, the Action Details view opens and displays the results
for the NEs that are evacuated.
Note 2 — Executing this option does not move back the same NEs that
are evacuated.
1 In the Administration Tree, choose EMS Administration → EMS System → Site → Application
& Data Servers.
2 Right-click the Application Server object from which you want to move the NEs to the
remaining application servers and choose Actions → Unevacuate NE.
3 To configure the Server Weight parameter, enter the relative capacity to manage the NEs.
4 Click Finish.
Result: A window opens and provides details about the progress of the unevacuate action.
When the unevacuate action is completed, the Action Details view opens and displays the
results for the NEs that are unevacuated.
The Switchover Log view in the 5520 AMS GUI provides information about data
server switchover events. The Switchover Log includes the following information
about each switchover:
• Start date and time
• Reason for switchover
• Completion date and time
• Result (success or failure)
• For failed switchovers, details about the reason for the failure
See the 5520 AMS User Guide for information about opening a view.
ams_switch_active_dataserver ↵
• The script prompts you to confirm whether you want to continue the data server
switchover:
ams_switch_active_dataserver -f ↵
Result: All active client sessions are disconnected with the message “Connection lost due to
database down” when the database becomes unavailable.
Note —
2 Identify a virtual machine as a reference machine from which you want to clone the template.
Select and right-click the reference virtual machine. Choose Template → Clone to Template.
• Enter the Template Name and select the Template Inventory Location. Click Next.
• Select the computer resource. Click Next.
• Select Storage. This must be a shared storage which is accessible from all the servers in
the cluster. Click Next.
• Click Finish.
2 Select and right-click the created template in Procedure 241. Select Deploy Virtual machine
from this Template.
3 Provide the Edit settings details for the new virtual machine.
Select a name and Enter the new server name and select a location to store VM data. Click Next.
folder
Select a compute Select a host or a resource pool to run a virtual machine. Click Next.
resource
Select storage Select storage to save the VM files. This must be a shared storage which is
accessible from all the servers in the cluster. Click Next.
Select clone Select Customize the operating system check box. Click Next.
options
5 Click Finish.
Result: The new application server is created and appears on the local host tree in the
VMware vSphere Web Client.
6 Select and right-click the new application server from the local host tree. Choose All vCenter
Actions → Power → Power On.
7 On the Summary tab, click Launch Console to open the new application server.
Specify Properties Enter the name for customization spec. Click Next.
Set Computer Select Enter a name option, type the machine name, and then enter the domain
Name name. Click Next.
Time Zone Select the details to set the time. Click Next.
Configure Network Select Manually select custom settings option. Click the Edit icon.
Result: The Edit Network window opens.
• Select the Use the following IP settings option.
• Enter the IP Address, Subnet Mask, and the Default Gateway.
• Click OK to close the Edit Network window.
Click Next.
Enter DNS Domain Enter the IP address for Primary DNS and add the DNS search path in the DNS
Settings and domain settings details. Click Next.
Ready to complete Click Finish on the New VM Guest Customization Spec window.
Logs
27 Managing logs
28 Syslogs
27 Managing logs
27.1 Managing logs and audits overview
Before you proceed, make sure your user account is assigned a role that includes
the necessary functions to perform the procedures in this chapter. See Table 14 for
more information.
Result: The user activity log settings are displayed in the Object Details view.
Setting Description
Purging
Delay Before a User Activity The duration (in days) that elapses before a User Activity Log is
Log is Removed from removed from the database. The format is # d (for example, 7 d).
Database
Archiving
(1 of 2)
Archiving Strategy The archiving strategy is so that the user activity logs can be saved
to disk for offline analysis instead of being deleted. If FTP or SFTP
file transfer is not selected, user activity logs are archived in the
shared directory, one file per day under:
$AMS_EXTERNAL_SHAREDDATA_HOME/ualarchiving/ual-archi
ve_<YYYY>_<MM>_<DD><alphaChar>.csv, where:
<YYYY>, <MM> and <DD> represents the date (year, month, and
day) at which the user activity logs were created and <alphaChar>
is empty or contains the next alphabetic character.
If compression is enabled, the file name will be
ual-archive_<YYYY>_<MM>_<DD>_<HH><alphaChar>.csv.gz.
If a user activity log archive file with the same name already exists,
then the filenames will have a sequential alphabetic character
appended to the name, for example,
ual-archive_2012_08_20_20a.csv.gz and
ual-archive_2012_08_20_20b.csv.gz. This may happen if there are
repeated application server switchovers within the same day
causing several similarly named user activity log archive files to be
present.
If FTP or SFTP file transfer is selected, the user activity log archive
file is transferred to the configured remote FTP or SFTP location. If
the copy or file transfer of the user activity log archive fails, an alarm
is raised. Use Procedure 244 to manually purge and archive the
user activity logs.
The allowed values are:
• Never
• When Records are Added to the Database
• When Records are Removed from the Database
Delay Before a Record is A time period before user activity logs are deleted from the shared
Deleted from the Archive directory where they are archived.
The parameter is enabled when the Archiving Strategy parameter is
set to When Records are Added to the Database or When Records
are Removed From the Database.
This parameter is disabled if the Archiving Strategy is set to Never.
The default value is 7 d.
Setting Description
Compress Archive When the parameter is enabled, the user activity log archive files in
the shared directory are compressed daily to minimize disk space
usage.
The parameter is enabled when the Archiving Strategy parameter is
set to When Records are Added to the Database or When Records
are Removed From the Database.
This parameter is disabled if the Archiving Strategy is set to Never.
By default, this check box is selected, if the Archiving Strategy is not
set to Never.
File Transfer
Directory The directory for file transfer in the remote FTP or SFTP host.
This parameter is disabled if Protocol is set to No file transfer (Keep
files in ‘shared/common’).
Syslog
Send User Activity Log When the parameter is enabled, the user activity log records are
Records to Syslog sent to syslog server so that a single user activity log record is not
lost.
The check box is deselected by default.
Application Name The name of the application that is logging into syslog server.
This field is disabled when Send User Activity Log Records to
Syslog parameter is not selected.
Default value is 5520AMS_UAL.
(2 of 2)
Procedure 244 To purge and archive alarm or user activity log files
If the copy of alarm or user activity logs to the $AMS_EXTERNAL_SHAREDDATA_HOME
directory fails due to some reason, or if the transfer of alarm or user activity logs to the remote
SFTP or FTP location fails due to password expiry or incorrect username, or other reasons, a
‘Alarm Archive Copy Failure’ or ‘User Activity Log Archive Copy Failure’ alarm is raised. Check the
file transfer settings in the Alarm Settings or User Activity Log settings in the Administration tree.
Check the intra-cluster links. Once the problem is corrected, you can manually purge and archive
the alarm or user activity logs using the following procedure. The alarm is cleared after the copy
or transfer of the archive is successful.
2 Right-click Alarm Settings or User Activity Log Settings and choose Actions→Force Purge &
Archive.
Result: The Force Purge & Archive dialog opens, with the confirmation message: Are you
sure you want to force a purge and archive of the data now?
3 Click Yes.
Result: The alarm or user activity logs are purged and archived.
When you choose a task in the user activity log, the arguments and result of the task
are displayed in the Object Details panel.
To facilitate audits of the changes made to objects using the 5520 AMS GUI, NBI or
server scripts, the Arguments of the User Activity Log records both the old and new
values of the changed attributes only.
Note 1 — Logging of old values is only provided for
modifications performed from the Object Details view in the
Network and Administration Tree. Logging of old values is not
supported for the modifications triggered from the following
operations:
• Multiple edits
• Actions or application specific menus
• Object deletion
• Application specific views such as editing a schedule or a
template
The Result field includes the text of any error messages that were displayed for a
failed task. The Applications field displays the type of user activity performed by the
task. Table 99 applications in the user activity log view describes the applications that
appear in the user activity log.
NE type and release Creation, modification, and deletion for NEs of the specified type
(for example, GPON.4.4.10) and release
4 Click OK.
5 Create and apply a filter, if required. See Section 27.4 for more information about filtering
user activity logs.
ii Choose the Login activity for the session for which you need the IP address.
Result: The IP address appears in the Arguments field in the Object Details panel.
4 To create a simple filter, select the check box beside the attribute you need to filter and
configure the options.
For the Users, Applications, Operations and Date attributes, you can select multiple items
from the lists that are provided. For the NE Name, Object Name, Session, and Arguments
attributes, you must provide a string for the filter (for example, a session ID for the Session
attribute).
ii Select the Match all of the following or the Match any of the following, depending on your
requirements.
iii From the first drop-down menu, select an attribute (for example, User).
iv From the second drop-down menu, select an operator phrase (for example, Contains).
v In the field, enter a string for the filter phrase (for example, Admin).
vi To add more filter phrases to your filter, click the + and repeat steps iii to v.
6 Click OK.
7 Go to step 9.
8 Click the Filter icon ( ) and select the name of the saved filter you need to apply.
Private filters are only available to the user that created them. Public filters are available
to all users.
4 Click OK.
1 Filter the set of user activity logs that you need to save. See Procedure 245 to view user
activity logs.
3 Choose a location to save the file, and enter a name for the file.
4 Click Save.
Result: The log is saved to the file as a set of values separated by delimiters. The default field
delimiter is a comma. See Procedure 214 and the 5520 AMS User Guide for more
information.
2 Select the user account for which you want to view statistics.
3 Click the Statistics tab in the Object Details view to display the login statistics for the selected
user.
• MObject
• SNMP
Before you proceed, ensure that you have enabled the tracing levels. See
Procedure 165 for more information. Logs can be viewed only for enabled detailed
tracing levels.
Note — The tracing logs aggregate data from all the application
servers. The text at the top of the log files indicates if the
application server is reachable or not.
2 Select any one of the log types in the EMS Tracing field.
3 Click Finish.
4 Select the log file and perform one of the following steps:
Procedure 251 To configure 5520 AMS GUI preferences for saving files
3 To be asked where to save files each time, select the Always ask me where to save files
option. When you open a file from the GUI or click Save on Client, a Save As window opens.
4 To set a directory to save files to when opening them from the GUI, perform the following
steps:
ii Click Browse and navigate to the directory where you want to save the files. Click OK.
When you open a file from the GUI or click Save on Client, the file will be saved to the
directory you choose and opened.
Result: The View Server File window opens and displays the available system logs.
3 Choose the log you need to view and click one of the following:
• Open
• Save on Client
Result: The file is saved or opened according to the GUI preferences you set in
Procedure 251.
Result: The View Server File window opens and displays the available system logs.
Result: The Tailing file: <log _name>.log window opens. The text area of the window displays
up to 100 lines of the content of the log. For example, if a log file consists of 1000 lines at the
time the tail request is sent to the server, only the last 100 lines of the log are displayed in
the Tailing file: <log _name>.log window. When a new response is received, the display rolls
over to the latest update.
Note 1 — Tailing more than 1 log file simultaneously could affect system
performance. It is recommended that no more than 5 log files be opened
simultaneously for tailing.
Note 3 — Tail requests are sent to the server at regular intervals. Even
when there are no new updates to the tailed log file, the client will send
requests for new content as long as the tail window is open for the log file.
In the case of errors, requests for tailing information will be retried 5 times,
after which the tail requests are stopped and the message "Error in tailing
file" is displayed in the tail window.
Before you proceed, you need to be able to log in to the 5520 AMS server as amssys.
See Procedure 8 to log in to a 5520 AMS server as amssys.
cd bin ↵
./ams_reset_logs.sh ↵
By default, the log files are stored in the $AMS_LOG_DIR directory and the traces
and debug files are stored in the $AMS_DEBUG_DIR directory.
Table 100 System log files
Configurable logs
Non-configurable logs
(1 of 2)
(2 of 2)
Notes
(1) An EMS alarm “One or more applications/plug-ins not running” will be raised by the application server if not all
applications, plug-ins, or services are running properly on any AMS server. Depending on the nature of the error
and AMS services startup success, raising the alarm may fail if alarm services do not start properly. In such
cases, the operator must check the system logs for errors (server.log and processmonitor.log).
(2) The AMS_TRACELOG_MAX_NUMBER_FILE and AMS_TRACELOG_MAX_FILE_SIZE are the variables
defined in procMon.conf file.
(1 of 4)
(2 of 4)
(3 of 4)
(4 of 4)
Notes
(1) An EMS alarm “One or more applications/plug-ins not running” will be raised by the application server if not all
applications, plug-ins, or services are running properly on any AMS server. Depending on the nature of the error
and AMS services startup success, raising the alarm may fail if alarm services do not start properly. In such
cases, the operator must check the system logs for errors (server.log and processmonitor.log).
(2) The AMS_TRACELOG_MAX_NUMBER_FILE and AMS_TRACELOG_MAX_FILE_SIZE are the variables
defined in procMon.conf file.
Data is added to each system log until the file reaches a user-configured size limit.
When the file reaches the size limit, the 5520 AMS renames the file by appending the
index number 1 to the filename (for example, system.log.1), and increments the
index numbers of all other archives for the same log. The 5520 AMS then creates a
new, empty system log file with the original filename to record further information.
New archives are continually created as each system log reaches its size limit, but
only a limited number of the most recent archives are retained. You can configure the
number of files to retain separately for each type of log file. When the number of
archives for a system log reaches this limit, the 5520 AMS deletes the oldest archive
whenever it creates a new archive of the same type.
To perform the procedures in this section, you need to be able to log in to the
5520 AMS server as amssys. See Procedure 8 to log in to a 5520 AMS server as
amssys.
Note 1 — This procedure does not apply to setting the tracing level for
an NE. See Section 20.25 for information about configuring EMS tracing
settings using the 5520 AMS GUI.
cd $AMS_LOCALDATA_HOME/server/wildfly/server/amssys/configuration/
ii Execute the following command to open the file for editing in a text editor:
vi standalone-full-ha.xml
3 Search the standalone-full-ha.xml file for the section about the system log file you need to
configure. Each system log file has an entry resembling the following:
where filename is the name of the system log file you are configuring, such as alarm.log. See Table 100 for a
list of system log filenames.
i To configure the maximum file size for the log file, find the first instance of the following
line below the line you found in step 3:
where value is the current maximum file size for the log file. See Table 100 for the default values for each
type of log file.
ii Configure the maximum number of archive copies retained for the log file. Find the first
instance of the following line below the line you found in step 3:
where value is the current maximum number of archive files to retain. See Table 100 for the default
values for each type of log file.
Change the value to the new maximum number of archive files to retain.
Note — You need to restart the server for the configuration changes to
take effect. The 5520 AMS starts using the new values within a few
minutes after you save the standalone-full-ha.xml file.
cd $AMS_SOFTWARE_HOME/conf/
ii Execute the following command to open the file for editing in a text editor:
vi ams.conf
3 Edit the parameters described in Table 102. The possible values to be configured are
described in Table 103.
Parameter Description
AMS_PROCESSMONITOR_TRACELEVEL This parameter is used to change the log levels for
processmonitor process
MAJOR 2
INFO 3
(1 of 2)
METHOD 5
(2 of 2)
Note — You do not need to restart the server for the configuration
changes to take effect. The 5520 AMS starts using the new values within
a few minutes after you save the ams.conf file.
Note 1 — This procedure does not apply to setting the tracing level for
an NE. See Section 20.25 for information about configuring EMS tracing
settings using the 5520 AMS GUI. To enable SNMP tracing for an NE,
see Procedure 165.
cd $AMS_LOCALDATA_HOME/server/wildfly/server/amssys/configuration/
ii Execute the following command to open the file for editing in a text editor:
vi standalone-full-ha.xml
<handlers>
<handler name="LOGTYPE_FILE"/>
</handlers>
</logger>
where:
LOGTYPE is the type of log you need to configure: SECURITY, LICENSE, or ALARM.
TRACE LEVEL is one of the following: DEBUG, ERROR, INFO, or WARN.
LOGTYPE_FILE is one of the following: SQL_FILE, SECURITY_FILE.
For example:
<level name="INFO"/>
<handlers>
<handler name="SECURITY_FILE"/>
</handlers>
</logger>
4 In the line <priority value=“TRACE LEVEL”/>, replace TRACE LEVEL with one of the
following:
i Reset the tracing to the highest level by changing the priority value to FATAL.
iii When the tracing level has changed, remove the category name, priority value, and
appender-ref ref lines for the category.
Note — You need to restart the server for the configuration changes to
take effect. The 5520 AMS starts using the new values within a few
minutes after you save the standalone-full-ha.xml file.
See Section 31.51 to change the log type using the script interactively.
cd $AMS_EXTERNAL_SHAREDDATA_HOME/config/
ii Execute the following command to open the file for editing in a text editor:
vi logSettings.txt
3 Configure a single or multiple system log files for which you want to change the log type.
filename,type,max,compress
where:
For example:
ALARM_FILE,size,5000000,n
Success 0
Other error 4
Note — You need to restart the server for the log configuration changes
to take effect across all the servers.
Note — To set the logging level, the user should have the function
Cluster Settings- Edit enabled.
• ALL
• DEBUG
• ERROR
• FATAL
• INFO
• OFF
• TRACE
• WARN
5 Click Finish.
Note — To configure the logging settings, the user should have the
function Cluster Settings- Edit enabled.
• Continue logging
• Suspend logging
4 Click Finish.
Notes
(1) The security.log file is a separate file that exists in the system.
(2) The user activities are logged in the AMS database and does not exist as a separate file. You can view the User
Activity log from the 5520 AMS GUI. For instructions, see Procedure 245.
2 Select Object Details from the menu and configure the following settings in the Event Settings
form that opens:
i In Global GUI Settings, set the Event View Refresh Interval field to the required number
of seconds. The default value is 15 seconds.
ii In Event Table Size Threshold settings, set the Raise Alarm if Database Size Exceeds
field to the required size (ranging from 1 MB to 1000 MB). The default value is 1000 MB.
iii In Event Display Configuration, configure the time period (ranging from 1 to 24 hours)
for which the events need to be displayed in the event summary view in the Display
Events in the Event Summary Page in the Last field. The default value is 12 hours.
Configure the event row navigation by selecting one of the two options, Object Details
or NE Object Tree from the drop down list in the Double Click on Event Row Navigates
to field.
• Archiving Strategy: You can choose the required option to define when you want the
records to be added to the database.
• Delay Before an Event is Deleted from Archive: You can configure the time delay
before an event is deleted from the archives. Range is from 7 to 120 days. Default
value is 30 days. This holds true only if the archives are not yet transferred.
• File Transfer Protocol: You can define the protocol to be used for transfer of the
archived files to the database.
Note — You cannot edit the Purging parameter value. If this parameter
value is modified all the events are removed from the database. You can
modify this parameter value only from the Actions menu.
The log4j2.properties file is a configuration file that is used for debugging the AMS
GUI issues. You can customize not only the output destination but also the output
format.
The file log4j2.properties is available in the Presentation server at
<AMS GUI installdir>\plugins\com.alcatel.axs.gui.platform_<version>\lib\
log4j2.properties.
where,
<AMS GUI installdir> refers to the name of the 5520 AMS installation directory. For
example, the installdir is C:\AMS9.7_Client\ams
Result: The contents of the file log4j2.properties is displayed in the Configure Logs window.
Result: The contents of the file log4j2.properties is displayed in the Configure Logs window.
2 Click Restore to default. The default values are set immediately and Configure Logs window
is closed automatically. To apply the changes made in the file, you need to restart the 5520
AMS GUI.
Note — To view the GUI logs from the AMS GUI, you should
have the function Web Console - Debugger enabled.
You can view the following AMS GUI log files without logging on to a Presentation
server to debug GUI-related issues:
• output.log
• output.log.* (where * is a number)
• guiAlarmLog.log
• .log
• .bak_*.log (where * is a number)
Result: The Show Logs window opens. All the log files present in the location
<workspace>\.metadata are listed in the Show Logs window.
2 Select a log file from the drop-down list. To reload or get the updated list of the log files, click
Refresh.
2 Right-click the server object and choose Actions→Audit Configuration File Changes.
Result: The Audit Result for the selected server is displayed in the Results window. There
are two tabs in the window - Details 1 and Details 2.
In the Details 1 tab, the configuration file changes for ams.conf, amsgeomonitor.conf,
procMon.conf, and my.cnf are listed. The information that are displayed are:
• File name
• Parameter name of the file
• Default value of the parameter
• Last user accepted value of the parameter
• Current value of the parameter
The audit result for each file and parameter is either: Missing, Misaligned, or Aligned and the
results are indicated by icons. For more information on icons, see the 5520 AMS User Guide
3 You can click an entry in the Details 1 tab and do any of the following:
• Click Accept Current Value - This accepts the configuration file change and updates the
last accepted user value with the current value. The 5520 AMS system clears the alarm,
if it is reported for this parameter.
On clicking Accept Current Value, the audit result for the parameter is refreshed where
the Aligned and Misaligned icons for the parameter are displayed based on the
comparison between the parameter’s Current Value and Last User Accepted Value.
• Click Restore Default Value - The last accepted user value is updated to the default value.
You are prompted for a confirmation on server restart for the changes to take effect. Copy
the default value to the corresponding configuration file in the AMS server. The 5520 AMS
system clears the alarm, if it is reported for this parameter.
• Click Restore Last User Accepted Value - You are prompted for confirmation on a server
restart for the changes to take effect. Copy the last user accepted value to the
corresponding configuration file in the AMS server. The 5520 AMS system clears the
alarm, if it is reported for this parameter.
4 To copy the audit results, click Copy All. The results are copied to your machine.
28 Syslogs
28.1 Overview
28.1 Overview
Syslog provides a logging facility to capture and log or broadcast system secure
access and configuration changes made using TL1, CLI, and authorization actions.
You can also use the 5520 AMS to view and configure syslog parameters such as
log rotation, server type, facility, and message severity.
You can disable the remote connection flag of the syslog daemon to forward the User
Activity Log records, write large number of iptables related data to the syslog files.
For more information, see the Syslog Configuration and Redirecting IP tables logging
sections in the 5520 AMS Server Configuration Technical Guidelines.
Table 106 describes the supported syslog message types.
See the CLI Commands guide for your NE for more information about CLI syntax,
and the Commands and Messages guide for your NE for more information about TL1
syntax.
Table 106 Syslog messages
CLI configuration changes Logs CLI configuration changes made by users. See the
5520 AMS User Guide for information about CLI
configuration.
TL1 configuration changes Logs TL1 configuration changes made by users. See the
5520 AMS User Guide for information about TL1
configuration.
(1 of 2)
(2 of 2)
Authenticated users can also make configuration changes using TL1 and CLI.
Before you proceed, make sure your user account is assigned the necessary
functions to perform the procedures in this chapter. See Table 14 for more
information.
28.1.1 Architecture
Syslog is a subsystem designed to handle system security logging. Other
subsystems that have messages to be logged into the system log depend on the
syslog subsystem.
The syslog subsystem uses the syslog protocol, which is a transport mechanism for
sending event messages across an IP network. The receiving server is known as an
“event message collector.” System events may be sent at the start or end of a
process, or to transmit the current status of some condition or process in the
operating system or application.
If SFTP is used as the file transfer protocol, the correct login credentials must be
provided. You can set the username and password for the NE SFTP file server in the
SNMP profile used by the NE. See section 20.5 for more information.
When the 5520 AMS server acts the SFTP server, the credential for amssftp can be
provided from the external SFTP server.
The 5520 AMS behaves as an SFTP /TFTP server when files are opened at the NE’s
such as ISAM, ISAM FTTU etc. The 5520 AMS behaves as an SFTP/TFTP client
when performing operations such as NBI, backup, syslog and so on.
Result: The Object Details view opens and displays the syslog system parameters. See
Table 107.
Parameters Description
General
Maximum Message Size Displays the maximum syslog message size in bytes
Storage Capacity
Free Displays available disk space for syslogs in bytes
Result: The Create Syslog Server window opens and prompts you to configure the
parameters for the new syslog server.
3 In the Server Number field, use the default or enter a server index value for the new server.
The value must be an integer from 1 to 64, inclusive.
4 Click Next.
Result: The second Create Syslog Server window opens and prompts you to configure the
parameters for syslog server. Table 108 describes the parameters for a syslog server.
Parameter Description
Name Specifies the name of the syslog server
Type Specifies the type of syslog server. See Table 109 for more
information about server types.
File name When the Type parameter is set to File, this parameter specifies
the local filename used by the syslog server.
5 Configure the parameters. Table 109 describes the syslog server type options.
Options Description
File Specifies that syslog messages are logged to local files
UDP Specifies that syslog messages are sent to the IP address and
UDP port number of the syslog server
All CLI Specifies that syslog messages are sent to all CLI-type servers
All TL1 Specifies that syslog messages are sent to all TL1-type servers
All Users Specifies that syslog messages are sent to all users
6 If the State panel is visible, choose Enabled or Disabled from the Logging drop-down menu.
• Click Finish to create the syslog server and close the Create Syslog Server window.
Result: The new syslog server is displayed in the Network Tree as Syslog Server name,
where name represents the syslog server number and name.
Result: The Create Syslog Message window opens and prompts you to configure the
parameters for the new message.
Note — The system appends the syslog number to the message type
string.
4 Click Next.
Result: The second Create Syslog Message window opens and prompts you to configure
the parameters for the new message.
5 Choose a syslog facility. In the Facility drop-down menu, choose an option for the method to
send messages to the remote server.
6 Assign available severity filtering options to the message. In the Severity panel, choose an
option for the message severity filtering.
Use the left-arrow and right-arrow to add and remove the options from the Available and
Selected windows. Options in the Selected column will be applied and options in the
Available column are not applied.
Result: The new syslog message is displayed in the Network Tree by message type.
Result: The Object Details view displays the syslog server parameters.
3 Configure the Upload Rotated Files to the Server parameter. The options are:
• Yes: When the log file is rotated with an associated secondary log file, the primary log file
is uploaded to the remote server. When you choose this option, you need to configure the
Upload Path parameter.
• No: When the log file is rotated, the contents are moved to the secondary log file. The
contents of the secondary log file will be overwritten with the next rotation.
2 Choose the syslog server for which you need to rotate the file.
Task See
Create a syslog server with the Type parameter set to Procedure 267
File
Add a syslog server message to the server with the Procedure 268
Message Type parameter set to Authentication Actions
(Optional) Configure the syslog server to upload the file Procedure 269
to the remote server when the file is rotated
2 Right-click the server you need to view the log for and choose Actions→View File. Click
Finish to confirm the action.
Result: The Result page window opens and displays the contents of the security log file.
Note — If the NE does not have a security log message file, the Result
page window will display xFTP Authentication failed, where xFTP is the
file transfer mode.
Result: A table of logged alarms opens in the Object Details view, as described in Table 111.
General
(1 of 2)
Log Time date and time Displays the date and time the alarm
change was logged
(2 of 2)
Note
(1) Alarm number 0 indicates no alarms (within the alarm type) are active.
When an alarm is raised, each active alarm rule defined in the rule set is evaluated
one after the other as per the order of the rules, before the alarms are forwarded to
the master application server. The action defined in the rule is executed only on the
alarms that match the alarm criteria and have a PAP ID equal to 0 or are included in
the PAP Groups of the user who created the rule.
The number of alarm rules defined cannot exceed 50. The number of active alarm
rules cannot exceed 20.
Before you proceed, make sure your user account is assigned a role that includes
the necessary functions to perform the procedures in this chapter. See Table 14 for
more information.
If you are invoking a script from an alarm rule, the script must be executable by an
‘amsapp’ user. If the script generates a file, ensure that the file is in a directory which
the ‘amsapp’ user can access.
Result: The Alarm Rules view opens. The table displays the following information on the
configured alarm rules.
Parameter Description
Avg Time (ms) Indicates the time taken to evaluate this rule and to execute the action.
An average is computed on the last 24 hours.
Hits/day (Total) Indicates the number of times this rule has been evaluated in the last
24 hours, irrespective of whether the filter criteria defined in the rule
matched or not.
Hits/day (Match) Indicates the number of times this rule has been successfully
evaluated in the last 24 hours, that is, the number of times the filter
criteria defined in the rule matched.
Last Failure Date Indicates the timestampc of the last failure. If no failure occurs, a dash
is displayed (-). An example of a failure can be script queue full or
script not found. If a failure occurs, it must be logged in the server.log
(ERROR level), including the ID of the alarm that could not be
processed.
Note
(1) You can define both alarm and source criteria.
Rule Name Enter a unique name for the Any string from 1 to 255 characters.
alarm rule. Default value: empty
Alarm Criteria Define the criteria (attributes, • Match all of the following - The alarm rule will be
operator, value) for alarm rule processed if it matches all of the defined alarm
processing. You can define criteria.
multiple criteria. • Match any of the following - The alarm rule will be
Click + to add an alarm processed if it matches any of the defined alarm
criterion. criteria.
Click - to delete an alarm
criterion.
(1 of 2)
NE Family (1) Select the NE family for which Depending on the NE plug-ins installed, some of the
the rule is defined. possible options are:
• Platform (refers to objects that do not belong to an NE
plug-in)
• ISAM/FTTB/FTTN
• GPON
• G6
Object Type Select an object of the NE All objects of the NE family and release that can report an
family and release for which alarm.
the rule is defined.
(2 of 2)
Note
(1) The default value of the NE Release parameter is set to All, when you select a value in the NE Family parameter.
(2) When a specific problem is selected as criteria, the toggle suppression enabled alarms are displayed with [==TOGGLING==] <Alarm>
parameter, this parameter is used only for the Alarm filters. To add or modify an alarm rule, choose the real <Alarm> parameter.
3 Click Next.
4 Depending on the action selected in the Action drop-down list, perform the relevant steps
specified in the following table:
Discard the alarm A summary of the options selected is displayed. If the alarm matches the alarm criteria specified
Go to step 5. in the defined rule, the alarm is discarded.
Modify the alarm • In the Alarm Parameters section, choose If the alarm matches the alarm criteria specified
parameters the alarm parameter that needs to be in the defined rule, the specified alarm
modified, and the value to which it needs to parameters are modified to the defined value in
be modified. the alarm rule. The modified alarm is forwarded
• Click + to add another alarm parameter to to the next rule in the rule set.
modify. You cannot modify the (un)Acknowledged by,
• Click Next. (un)Acknowledged via IP Address, Assigned
• A summary of the options selected is by, and Assigned via IP Address parameters.
displayed. Go to step 5. When modifying:
• The "Acknowledged" field, then the
"(un)Acknowledged by" parameter will be
set to "" and the "(un)Acknowledged via IP
Address" will be set to "127.0.0.1".
Append extra • Enter the text to be appended to the If the alarm matches the alarm criteria specified
information to the Additional Info/Text field of the alarm in the in the defined rule, the Additional Info/Text field
Additional Info/Text Free Text field. of the alarm is appended with the text defined in
Multi-line string is allowed in this field. the Text field of the alarm rule. The modified
alarm is forwarded to the next rule.
• Select an attribute of the object that
reported the alarm. If an object is not
defined in the Source Criteria of the first
page of the wizard, then you can define it
here, else the values defined in the first
page are used.
• Click Next.
• A summary of the options selected is
displayed. Go to step 5.
(1 of 2)
Call a script • Enter the full path of the script including the If the alarm matches the alarm criteria specified
script name in the Script (Full Path) field. in the defined rule:
The recommended script path is • If the ‘Discard the alarm’ action is selected
$AMS_EXTERNAL_LOCALDATA_HOME, in the After the Script drop-down list, the
which, by default, is alarm will be discarded after the script runs.
/var/opt/ams/local/common. • If the ‘Forward the alarm to the next rule’
The path of the script entered in the field action is selected in the After the Script
must start with ‘/’. It must not end with ‘/’. drop-down list, the alarm will be forwarded
Environment variables cannot be entered. to the next rule in the rule set after the script
The script must exist in all application runs.
servers of a cluster.
• Select the action to be executed after the
script runs, namely:
• Discard the alarm
• Forward the alarm to the next rule
• In the Available column of the Script
Arguments section, choose the alarm
attributes that can be passed as script
arguments and move them to the Selected
column.
• Select an attribute of the object that
reported the alarm. If an object is not
defined in the Source Criteria of the first
page of the wizard, then you can define it
here, else the values defined in the first
page are used.
• Click Next.
• A summary of the options selected is
displayed. Go to step 5.
(2 of 2)
5 Click Finish.
Note 1 — The alarm rule comes into effect only for new alarm events.
Existing alarms must be cleared manually, if required.
Note 2 — When 50 alarm rules already exist, if you add another rule, an
error ‘Maximum number of rules reached’ is displayed. Click Cancel.
Note 3 — When 20 active alarm rules already exist, if the status of the
new rule is set to Active, an error ‘Maximum number of active rules
reached’ is reported. Modify the status of the alarm rule to Inactive, and
click Finish to save the rule.
1 In the Alarm Rules view, choose the alarm rule that you want to modify.
4 Click Next.
6 Click Finish.
Note 1 — The changes to the alarm rule comes into effect only for new
alarm events. Existing alarms must be cleared manually, if required.
Note 2 — When 20 active alarm rules already exist, if you modify the
status of an inactive rule to Active, an error ‘Maximum number of active
rules reached’ is reported. Modify the status of the alarm rule to Inactive,
and click Finish to save the rule.
1 In the Alarm Rules view, choose the alarm rules that you want to delete.
Are you sure you want to delete the selected alarm rules?
1 In the Alarm Rules view, choose the alarm rule for which you want to change the order.
• Click the Move Up icon ( ) to move the alarm rule up by one position in the rule set.
• Click the Move Down icon ( ) to move the alarm rule down by one position in the rule
set.
• Click the Move to Top icon ( ) to move the alarm rule to the top-most position in the
rule set.
• Click the Move to Bottom icon ( ) to move the alarm rule to the bottom-most position
in the rule set.
Note — The maximum number of active alarm rules cannot exceed 20.
1 In the Alarm Rules view, choose the alarm rules which you want to activate or deactivate.
3 Choose one of the following options from the Status drop-down list:
4 Click Finish.
Result: The status of the alarm rule is changed as per the selection.
When 20 active alarm rules already exist, if you add another rule with Active status, an error
‘Maximum number of active rules reached’ is reported. Click Cancel.
Note — The changed status of the alarm rule comes into effect only for
new alarm events. Existing alarms must be cleared manually, if required.
1 In the Alarm Rules view, click the Check All Rules icon ( ).
Result: The Check All Rules window opens. For each rule, the wizard checks:
• If the selected object in the rule exists in all selected NE plug-ins. If it does not exist, it
reports that the selected object does not exist in the NE plug-in.
• If the selected attribute in the rule exists in all selected NE plug-ins. If it does not exist, it
reports that the selected attribute of the object does not exist in the NE plug-in.
• Only for the source attribute in the "Source Criteria", if the type of the attribute in the rule
is the same in all the selected NE plug-ins. If it is not, it reports that the selected attribute
of the object is of a different type in the rule and the NE plug-in.
• Only for the source attribute in the "Source Criteria", if the units of the attribute in the rule
are the same in all the selected NE plug-ins. If they are not, it reports that the selected
attribute of the object is expressed in different units in the rule and the NE plug-in.
• Only for the source attribute in the "Source Criteria", if the selected attribute value in the
rule exists in all the NE plug-ins. If it does not, it reports that the selected attribute of the
object is expressed in a different value in the rule and the NE plug-in.
• If the internal name of the selected object in the rule is the same in all the selected NE
plug-ins. If it is not, it reports that the object has a different internal name in the NE plug-in.
• If the internal name of the selected attribute in the rule is the same in all the selected NE
plug-ins. If it is not, it reports that the attribute of the object has a different internal name
in the NE plug-in.
If no issues are detected in the alarm rules, the following message is displayed: No problem
detected.
Each metric is collected in every 20 seconds. The 5520 AMS stores 60 samples of
the data separately for each measurement period. This means that the measurement
interval is always 1/60 of the measurement period.
Since the metric is sampled every 20 seconds, the first measurement period is 60 x
20 seconds = 1200 seconds or 20 minutes. The next measurement period is
obtained by aggregating three samples into one. This means that the measurement
period is 3 x 20 minutes = 60 minutes or 1 hour, and the measurement interval is 1
hour/ 60 = 1 minute. The same reasoning applies to the higher measurement period.
To aggregate samples, the 5520 AMS takes the average.
Where:
1 is the Measurement interval per second/Time
2 is the Server
3 is the Description
4 is the TCA
5 is the Counter
6 is the Measurement interval
7 is the Summary of average, total, and maximum of counter interval
8 is the Graph interval
9 is the Graph
Modifier Description
Gauge charts (like the number of sessions) are probably easier to understand.
However, it can be still confusing to interpret fractional values such as having 3.5
users. This is due to the rounding of values when resampled to large intervals.
For example, if there are 10 users at 10h09'20", 10 users at 10h09'40", and 0 users
at 10h10'00", then if you average the data over a minute, you have (10+10+0)/3 =
6.66 users on an average over that minute.
Procedure 280 To display EMS performance monitoring data and configure TCA
2 From the left panel, choose the performance monitoring counter you need to display data for.
3 If you are using a cluster, choose the IP address of the application server from the Servers
drop-down menu.
5 To add a TCA entry, click the TCA tab, and click Add.
Parameter Description
Data Set Configure the unit for the monitoring duration in minutes,
hours, or days. For example, 20m, 1h, 6h, 24h, 7d.
7 To delete a TCA entry, select the TCA to be deleted, and click Delete in the TCA window.
8 Click Finish.
• To export only the graph you are currently viewing, click the Export Current Graph icon
( )
Note — The graphs you export will be same for the application server
and measurement chosen for the graph.
2 From the Browse for Folder window, choose the location you need to export the graphs to.
Click OK.
Result: The graphs are exported in .jpg format to the folder you chose. The title of each file
is the name of the counter set you chose in the EMS Performance Monitoring view.
$AMS_SCRIPTS_DIR/ams_app_stats_converter.sh [–-outputdir
<output_directory>] [--filename <absolute path and filename of the
application statistics file> ]↵
Where:
-<output_directory> is the output directory specified by the operator where the .csv file needs to be generated.
By default, the output file generated by the script is stored under $AMS_LOCAL DATA_HOME/log. The
generated output file will contain the information from the applicationstatistics file in .csv format. This
parameter is optional.
-<absolute path and filename of the application statistics file> is the absolute path and filename of the
applicationStatistics file. If no path is specified, the script will check for the input file at
$AMS_LOCALDATA_HOME/log. If no input file is specified, then all applicationstatistics files in the
$AMS_LOCAL DATA_HOME/log directory are converted. This parameter is optional.
Where:
• filename is the output file in the .csv format. For example,
<applicationStatistics_YYYY_MM_DD>.csv
• <output_directory> is the output directory where the .csv file is generated.
Appendix
31 5520 AMS server scripts
31.2 ams_server
31.3 ams_activate
31.4 ams_audit_agent_alarm
31.5 ams_backup
31.6 ams_change_ip_subnet_server
31.7 ams_cluster
31.8 ams_copy_datafiles
31.9 ams_configure_ssh_timeouts
31.10 ams_db_defragment
31.11 ams_export
31.12 ams_exttl1gw_integration
31.13 ams_geo_configure
31.14 ams_hub_sub_link_mgr
31.15 ams_import
31.16 ams_install
31.17 ams_install_license
31.18 ams_createfirstuser
31.19 ams_link_mgr
31.20 ams_mediagw_mgr
31.21 ams_ne_cli
31.22 ams_nebackup
31.23 ams_nerestore
31.24 ams_show_ne_balancing
31.25 ams_remove_data
31.26 ams_ne_mgr
31.27 ams_restore
31.28 ams_retrieve_ip_by_nename
31.29 ams_retrieve_pap_ne_from_db
31.30 ams_schedule_backup
31.31 ams_splitter_mgr
31.32 ams_sw_backup
31.33 ams_switch_active_dataserver
31.34 ams_switch_authentication_local
31.35 ams_tracing
31.36 ams_uninstall
31.37 ams_update_limit
31.38 ams_user_mgr
31.39 ams_check_ssl
31.40 convert5526AMSTo5523AWS
31.41 createUsernamePassword
31.42 DEMO_IT_infrastructure_integration
31.43 ams_disable_ssl
31.44 ams_enable_ssl
31.45 getAgentlist
31.46 innotop
31.47 ams_reset_logs
31.48 retrieve_nes
31.49 ams_simplex_to_cluster
31.50 switchover_hook
31.51 ams_log_manager
31.52 ams_apps_stats_converter
31.53 ams_updatefirewall
31.54 getLicenseCounter
31.55 convert_to_shorter_line
31.56 ams_reconfigure_host
31.57 ams_support
31.58 ams_update_database_pwd
31.59 ams_renew_isam_ssh_info
31.60 ams_set_snmp_trap_port
31.61 ams_cleanup_sip_data_and_files
31.62 ams_recreate_aes_keys
31.2 ams_server
The ams_server script is used to start and stop the 5520 AMS software, displays
information about the software that is installed, and displays the status of running
processes.
The following two log files records all messages during the ams_server script
execution:
• ams_ems_service.log records all messages for restart, status, resetgeo and
version logs.
• jboss_service.log records all messages for start and stop logs.
To run the script, log in to the server as amssys and type:
ams_server [option] command servicename ↵
where:
• option is --server = <IP address of a specific server in the cluster or geo-redundant
site>. This option enables you to run the script on a specific server in a cluster or
geo-redundant site from another server in the cluster or remote site by specifying
the IP address of the server.
The following subsections describe the commands and their service names for the
script.
31.2.1 start
The start command starts the 5520 AMS server.
Table 117 describes the service names for the start commands and the output of the
command.
Table 117 Start - service names and output
31.2.2 stop
The stop command stops the 5520 AMS server.
Table 118 describes the service names for the stop command and the output of the
command.
Table 118 Stop - service names and output
Stopping JBoss
Stopped JBoss
Stopping Database
Stopped Database
Stopping Database
Stopped Database
(1 of 2)
(2 of 2)
31.2.3 restart
The restart command stops and starts the 5520 AMS server.
Table 119 describes the service names for the restart command and the output of
the command.
Table 119 Restart - service names and output
Stopping JBoss
Stopped JBoss
Stopping Database
Stopped Database
(1 of 2)
Starting Database...
Starting jboss...
(2 of 2)
31.2.4 status
The status command displays the statuses of the processes that are running on the
server. The running processes depend on the role of the server.
Table 120 describes the service names for the status command and the output of the
command.
where:
• number_of_loops specifies the number of times the script
loops.
• period_in_seconds specifies the length of the period
between repetitions, in seconds.
For example:
ams_server status all -l 10 -p 60
Table 121 shows the parameters that appear on the output of the ams_server and
ams_cluster status commands, and the possible statuses. Table 122 lists the
processes that appear on the output of the ams_server and ams_cluster status
commands, and the possible statuses.
Table 121 ams_server and ams_cluster status parameter descriptions
Server status Both Indicates the individual overall status of each server. The status
parameter has the following possible values:
• Healthy: the environmental test scripts on the server are reporting
healthy, and all processes or services on the server are running.
• Degraded: at least one environmental test script on the server
reports a non-critical error, or at least one process or service on the
server is reporting a problem.
• Failed: at least one environmental test script on the server reports a
critical error, or at least one process or service on the server is in
Alarmed state.
Environment ams_server The status has three possible values depending on the status of one or
more health scripts running on the 5520 AMS system:
• Healthy: if all health scripts are reporting healthy.
• Degraded: if any of the health scripts is not reporting healthy, and
none of the health scripts is reporting critical.
• Failed: if any of the health scripts is reporting critical. The 5520 AMS
system will automatically stop all processes on the involved server.
Processes ams_server Indicates the processes status based on the status of JBoss, Database
and services. The status has three possible values:
• Healthy: if JBoss, Database and all services are running.
• Degraded: if JBoss or Database or services are not running.
• Failed: if JBoss or Database is in the alarmed state.
(1 of 3)
Status ams_cluster Cluster status is a combined status of Server status and Site status. (1)
The status parameter has the following possible values:
• Healthy: the cluster is operating as expected. The environmental
test scripts on the server are reporting healthy, and all processes or
services on the server are running.
• Degraded: the 5520 AMS is operating, but problems exist.
At least one server is running as the master database, one JBoss
process is running as the master and one server has the EMS
services running. But there are some deployment failures because
of which some applications, plug-ins, or services are not running
properly in a server or servers in a cluster.
At least one environmental test script on the server reports a
non-critical error, or at least one process or service on the server is
reporting a problem.
• Unavailable: the 5520 AMS is not operating.
• Starting: at least one server in the cluster is starting up.
• Failed: the cluster is unavailable, and reports a critical error, due to
one of the following reasons:
• EMS services is not running on the active site.
• All data servers are reporting failed.
• All application servers on the active site are reporting failed.
At least one environmental test script on the server reports a critical
error, or at least one process or service on the server is in the
Alarmed state.
Members ams_cluster The host names of the servers at the site. The parameters for each
server appear in columns under the host name.
Reachable ams_cluster Indicates whether the server can be pinged at the cluster IP address:
• Yes: the cluster IP address is reachable
• No: the cluster IP address is not reachable
Geo status Both Indicates the geographical redundancy mode, and has the following
possible values:
• Manual: when automatic switchover is not enabled.
• Automatic: when automatic switchover is enabled.
• Not configured: when the geographical redundancy is not
configured.
• —: not applicable
(2 of 3)
Geo monitor Both Indicates the status of the amsgeomonitor process. This status is
applicable only when automatic swtichover is enabled. The parameter
has the following possible values:
• Active: when amsgeomonitor is running on the active data server in
the active site.
• Not active: when amsgeomonitor is not running.
• Switchover: when geomonitor switchover is in progress.
• —: not applicable
Site Role ams_cluster Indicates the role of the site. The site role parameter has three possible
values:
• Active: the server is an active data server
• Standby: the server is a standby data server
• —: Not applicable. This value appears for application servers.
Uptime ams_cluster Indicates the amount of time since the server was started.
(3 of 3)
Notes
(1) Changes to the cluster status are for notification only. This status may change at different intervals as it receives updates from the cluster.
(2) The site name can include only alphabets, digits, _ and -. No other special characters are allowed.
Running(1)
Disabled(2)
WaitingStartup(3)
Alarmed(4)
Stopping(5)
(applies only to ams_cluster)
-(6)
?(7)
Running (Master)(8)
Running (Master) (Failures)(9)
Running (Failures)(10)
Running (Slave)(11)
Starting(12)
(applies only to ams_server)
Migrating: <Step details>(13)
Success(14)
Failure(15)
Inprogress(16)
Running (online)(17)
Disabled (maintenance)
ams_server,
Notes
(1) Running: The process or service is up and running.
(2) Disabled: The process or service is not enabled or not running.
(3) WaitingStartup: The process or service is enabled but cannot start due to one of the following reasons: a) The environmental health of the
server is having a problem. b) The processes or services on which the process is dependent on, are not in the running state.
(4) Alarmed: The process or service has been restarted too frequently.
(5) Stopping: The process needs to be stopped due to dependency problems or environmental problems.
(6) -: Not applicable.
(7) ?: Unknown. This value appears when the server is unreachable.
(8) Running (Master): For the ‘AMS server’ process, this status means that the AMS server process is up and running and the processes that
only run on one application server are running. For the Data server process, this status means that the server is the active data server.
(9) Running (Master) (Failures): At least one application, plug-in, or service is not running properly in the master application server.
(10) Running (Failures): At least one application, plug-in, or service is not running properly in the application server.
(11) Running (Slave): The standby data server is receiving database updates from the active data server and is ready to start if the active data
server fails.
(12) Starting: The process or service is in the process of starting.
(13) Migrating <step details>: The migration is in progress. <Step details> comprises Step current_step_num of total_steps -
current_step_description where: current_step_num is the current migration step number, total_steps is the total number of migration steps,
and current_step_description is the description of the current migration step. This status is applicable only to the migration from the 5520
AMS, Release 9.2.10 or later to the 5520 AMS, Release 9.2.30 or later. This status is displayed only when the command is run on the
following servers: a simplex server, the master application + active data server in a cluster.
(14) Success: The shared data file system has been successfully copied from the active server to the standby server in the replication interval.
(15) Failure: The shared data file system was not successfully copied from the active server to the standby server in the replication interval.
(16) Inprogress: The shared data file system is being copied from the active server to the standby server in the replication interval.
(17) Running (online): The service is enabled and running.
The list of components shows the 5520 AMS server software and the active software
plug-ins.
=====================================================
-----------------------------------------------------------
additional components
Note: This server is part of a cluster setup, the output that follows applies
to this machine only.
Setup: Cluster
=====================================================
-----------------------------------------------------------
additional components
where:
• date is in the format Month Day, for example, May 3.
• time is in the format hh:mm:ss yyyy.
Note: This server is part of a cluster setup, the output that follows applies
to this machine only.
Setup: Cluster
=====================================================
-----------------------------------------------------------
additional components
where:
• date is in the format Month Day, for example, May 3.
• time is in the format hh:mm:ss yyyy.
Note: This server is part of a cluster setup, the output that follows applies
to this machine only.
Setup: Cluster
=====================================================
where:
• date is in the format Month Day, for example, May 3.
• time is in the format hh:mm:ss yyyy.
Note: This server is part of a cluster setup, the output that follows applies
to this machine only.
Setup: Cluster
=====================================================
-----------------------------------------------------------
where:
• date is in the format Month Day, for example, May 3.
• time is in the format hh:mm:ss yyyy.
31.2.5 resetgeo
The resetgeo command overrules the ping-pong protection. For information about
resetgeo, see the 5520 AMS Installation and Migration Guide.
31.2.6 version
The version option displays the versions of the 5520 AMS software and the active
plug-ins.
Table 123 describes the service names for the Version command and the output of
the command.
Table 123 Version - service names and output
Notes
(1) The label parameter is used for identifying the GoldenEMSSwConfig file. The label must not exceed 25
characters and must only contain alphanumeric characters. This parameter is optional.
(2) GoldenEMSSwConfig file must be in the same directory level with binary file, if you need to use “ams_install.sh
--golden” command.
Note — In the Data server, you can only view the details of the
software components such as core, patches, and emergency
fixes.
GoldenEMSSwConfig : MYGoldenEMSSwConfigLabel
---------------------------------------------------------------
app-ansitl1-trunk-232526
app-apc-trunk-232526
app-dcscript-9.3.10.0_9.3.10-232526
app-idm-9.3.10.0_9.3.10-232526
plugin-core-g6-12.3-1.0_9.3.10-232526
plugin-core-gpon-4.8-1.0_9.3.10-232526
plugin-ansitl1-gpon-4.8-1.0_9.3.10_9.3.10-232526
plugin-apc-gpon-4.8-1.0_9.3.10_9.3.10-232526
plugin-spfe-g6-12.3-1.0_9.3.10_9.3.10-232526
ams-9.3.10.1EF1-232565
An example of the output of the version save command without providing a file name,
and with a label is as follows:
MYGoldenEMSSwConfigLabel
ams-9.6.07-382828
app-ansitl1-1.0_9.6.07-382828
app-anv-151.0_9.6.07-382828
app-apc-1.0_9.6.07-382828
app-dcscript-1.0_9.6.07-382828
6 errors found
31.3 ams_activate
The ams_activate script is used to activate the software which ensures that the
plug-in installation environment is ready and that it will be safe to start the server.
Installing the 5520 AMS puts the software files in the correct location ready for use.
However, until you activate a server, the server is in a passive, standby mode. You
can activate the servers as part of the installation by using the --activate options, or
you can activate the servers as a separate step.
A log file named install.log records all messages during the ams_activate script
execution.
To run the script, log in as root and type:
install_dir/ams/software/release/bin/ams_activate.sh ↵
where:
• install_dir is the software directory you chose during installation. By default, this
is /opt.
• release is the release of the 5520 AMS software. An example is
ams-9.3.0-999000.
Activation finished
31.4 ams_audit_agent_alarm
The ams_audit_agent_alarm script is used to reset the counters on an agent. No
options are required.
A log file named twiddle.log records the details about resetting the counters on an
agent.
To run the script, log in to the application server as amssys and type:
ams_audit_agent_alarm Internal_alarm_ID ↵
where Internal_alarm_ID is the ID of the internal alarm for which you want to reset
the counter.
The script output is:
Auditing alarm on Agent Internal_alarm_ID
31.5 ams_backup
The ams_backup script is used to create a backup of 5520 AMS data. For more
information about performing a backup, see Section 21.2.
Nokia recommends that this script be run on the standby data server in a cluster
installation.
A log file named ams_backup.log records the details about 5520 AMS backup
activity.
To run the script, log in to a data server or a combination of data and application
servers as amssys and type:
ams_backup.sh options destination URL↵
and destination URL can be a local file or a remote resource, where ftp and sftp
protocols are supported. The supported formats for the destination URL are:
• [file:/]/path/filename (local file)
• ftp://username[:password]@hostname/path/filename (ftp server with username
and password)
• sftp://username[:password]@hostname/path/filename (sftp server with username
and password)
• sftp://hostname/path/filename (sftp server with keybased authentication)
The following is an example of the output:
Tue May 14 13:48:19 2019 **** Starting AMS Backup ****
Details in /var/opt/ams/local/ams-9.7.03-408954/log/ams_backup.log
31.6 ams_change_ip_subnet_server
When there is a need to reconfigure a cluster with a separate NIC for routing the
cluster traffic or changing the network configurations of the client, cluster, or NE, you
can use the ams_change_ip_subnet_server script. For more information, see the
5520 AMS Installation and Migration Guide.
The ams_change_ip_subnet_server script is used to modify the subnets of a 5520
AMS system.
Before executing the ams_change_ip_subnet_server script, all the 5520 AMS
servers in a cluster must be stopped. Using “ams_cluster stop” command causes NE
rebalancing issues after server startup. Therefore, for the script to function correctly,
each server must be stopped by executing “ams_server stop” command.
Note — The ams_change_ip_subnet_server script is not
applicable for geographically redundant configurations as it
uses ams_geo_configure script to modify a configuration. For
more information, see Section 31.13.
Provide the network details for client, cluster, and NE when responding to the
questions in the command line. The IP addresses for NE network can be IPv4 or
IPv6.
Some examples of the question format that is used to gather the network details.
• For a client network:
Enter the network interface(s) for GUI clients communication:
Note: Multiple interfaces can be entered using a comma separated list eth1,
eth2
eth2
• For a NE network:
**** Enter the network interface(s) used for NE communication:
Note: Multiple interfaces can be entered using a comma separated list eth1,
eth2
After the script is executed, restart each server in the cluster using the ams_server
start script. The new application and data servers will be up and operational.
Note — If the networking information of the client NIC is
modified, you must manually enter a new IP address in the
login window.
31.7 ams_cluster
The ams_cluster script is used for configuring a set of networked servers to work
co-operatively as a cluster, providing both load balancing and redundancy in case of
the failure of the application or data server.
The ams_cluster script starts and stops the servers in a 5520 AMS cluster, displays
information about the software that is installed, displays the status of running
processes, and performs a switchover for a geographically redundant installation.
A log file named ams_ems_service.log records details about ams_cluster script.
To run the script, log in to the server as amssys and type:
ams_cluster option ↵
To execute the start, restart, stop, and status options on a specific server in the
cluster, see 31.2.
The following subsections describe the options for the script.
31.7.1 restart
Using this option, all servers that are part of a cluster are restarted in the
maintenance mode. No NE rebalancing is performed during restart.
31.7.2 start
This option starts all the servers in the 5520 AMS cluster.
Table 124 describes the sub-options for the start option.
Sub-option Description
31.7.3 stop
Using this option, all servers in the 5520 AMS cluster are stopped in the maintenance
mode. No NE rebalancing is performed during stop.
31.7.4 status
This option displays the statuses of the cluster and the processes that are running
on each server.
where:
• number_of_loops specifies the number of times the script
loops.
• period_in_seconds specifies the length of the period
between repetitions, in seconds.
For example:
ams_cluster status -l 10 -p 60
Table 121 shows the parameters that may appear on the cluster list and the possible
statuses.
Type: Cluster
Status: Healthy
====================================================================
sys-262-03 A+a H R RM - R R
sys-262-04 A H R R - R R
sys-262-05 A H R R - R R
sys-262-01 D H - - SL R R
sys-262-02 D H - - M R R
31.7.5 status sw
This option displays a list of components showing the 5520 AMS server software and
the active software plug-ins.
If the servers in the cluster are installed with GoldenEMSSwConfig file, then it
displays the configuration file name, for example, MYGoldenEMSSwConfigLabel. If
the configuration file is not present, then it displays WrongEMSSwConfigLabel.
Type: Cluster
Status: Healthy
====================================================================
Database Status : -
Service : Running
Database Status : -
Service : Running
Database Status : -
Service : Running
31.7.7 switch
This option performs a switchover in a geographically redundant installation. The
script logs in to each data server and executes the ams_geo_configure -switch
command as needed.
Table 125 describes the sub-options for the switch option.
Sub-option Description
active Performs a switchover and makes the site you are logged
in to the active site.
standby Performs a switchover and makes the site you are logged
in to the standby site.
31.8 ams_copy_datafiles
The ams_copy_datafiles script is used to copy the persistency data from the earlier
5520 AMS release to the current 5520 AMS release:
• From a backup file (in an out-of-place migration scenario), or
• From the last active release or a previous release (in an in-place migration
scenario).
This script supports migration of data from Release 9.2.10 Patch 03 or later to
Release 9.2.30 or later. For 5520 AMS releases earlier than 9.2.10 Patch 03, this
script is not supported for migration. The script can be executed in the interactive or
non-interactive mode. For more information on the usage of the script in the
interactive mode, see the 5520 AMS Installation and Migration Guide.
A log file named ams_copy_datafiles.log records the details about the datafiles.
By default, data is copied from the last active release, if the --from-release option
is not specified.
• To copy the data from a previous release which is not the last active release, type:
ams_copy_datafiles --force --from-release <previous-release> ↵
• To overwrite existing persistency data with data from the last active release, type:
ams_copy_datafiles --force --overwrite ↵
Existing data is overwritten with the data files of the last active release.
• To overwrite existing persistency data with data from a previous release on the
server, type:
ams_copy_datafiles --force --overwrite --from-release <previous-release>
↵
Existing data is overwritten with the data files of the specified previous release.
Existing data is overwritten with the data files of the specified backup file.
Extracting AMS_SHAREDDATA_HOME to
/var/opt/ams/shared/ams-trunk-195815...........OK
Extracting AMS_SHAREDDATA_NEBACKUP_DIR to
/var/opt/ams/shared/common.......................OK
Extracting emlplatform to
/var/opt/ams/database/ams-trunk-195815/emlplatform....OK
Extracting ibdatadir to
/var/opt/ams/database/ams-trunk-195815/ibdatadir......OK
Upgrading database...
Upgrading database.........................................OK
31.9 ams_configure_ssh_timeouts
The ams_configure_ssh_timeouts script is used to enable/disable/check SSH
session timeouts. The 5520 AMS server opens multiple parallel SSH connections
with NEs during a backup operation.
A log file named ams_configure_ssh_timeouts.log is created.
Before running the script, stop the 5520 AMS server. To run the script, log in as root
or amssys and type:
ams_configure_ssh_timeouts.sh command timeout ↵
where:
• command is one of the following:
• enable—Enables SSH session timeout. This command also sets the SSH session
timeout to the value of timeout. Timeout option is mandatory for the enable command
only.
This command sets the parameter AMS_SSH_SERVER_TIMEOUT in ams.conf file.
The AMS_SSH_CLIENT_TIMEOUT is set as 30 seconds less than
AMS_SSH_SERVER_TIMEOUT.
• disable—disables the SSH session timeout.
This command sets the parameters AMS_SSH_SERVER_TIMEOUT and
AMS_SSH_CLIENT_TIMEOUT to 0.
• check—displays the current SSH timeout settings.
This command verifies if the timeout is enabled and all the parameters are set
correctly.
• timeout is maximum allowed time for a session to be idle. This option is mandatory
for the enable command only and ranges from 1-15 minutes.
SSH timeout is enabled. You must reconnect the SSH sessions for changes to
take effect.
31.10 ams_db_defragment
The ams_db_defragment script is used to free up disk space by defragmenting the
active data server. You can use the analyse option periodically to check for
fragmentation. For instance, you can execute the analyse option every week or once
in a month to understand the fragmentation on the disk. Then, use the execute option
to rearrange the data on the active data server and create disk space. Also, you can
use the execute option when the historical alarms table size exceeds the threshold
level and a TCA alarm is generated.
Ensure the following conditions are met before executing the script:
• 5520 AMS must not be running when execute option is used; whereas you can
execute the analyse option with 5520 AMS running.
• The execute option must be executed on an active data server only in a
maintenance window. After defragmentation 5520 AMS initiates a full sync cycle
from the active data server to all standby data servers. If the defragmentation is
executed on a standby data server, the defragmented data files are overwritten
when the 5520 AMS starts up again.
Note — After the execution of the script the active data server
must be brought up before the standby servers.
Table_Rows: -----
Data_Free (Bytes):------
% Fragmentation: ----
Table_Rows: ----
Data_Free (Bytes):----
Index_Length (Bytes):----
% Fragmentation: ----
.............
Type of Setup Database Size Time took for Overall Down Average
Defragmentation time(that is server Fragmentation %
stop,execute,
server start)
(1 of 2)
Type of Setup Database Size Time took for Overall Down Average
Defragmentation time(that is server Fragmentation %
stop,execute,
server start)
(2 of 2)
2 Run the ams_db_defragment script with execute option on previous active data server.
3 Start the previous active data server using ams_server start command.
4 Start the other servers enforcing full sync with the active data server.
3 Start the previous active data server in the active site cluster.
4 Start the other data servers in the active site cluster to enforce full sync with active data
server of the active site.
5 Start the standby site cluster to enforce full sync with the active site cluster.
31.11 ams_export
The ams_export script is used to create an export file of selected data that can be
imported by a 5520 AMS server.
A log file named importexport.log or importexportcli.log records details about export
activity.
To run the script, log in to the application server as amssys and type:
ams_export.sh ↵
The exported data file is created on the active data server. It is located in
$AMS_EXTERNAL_SHAREDDATA_HOME/export/ams, and has the filename
export.tar.
The script overwrites any existing export.tar file on the active data server.
31.12 ams_exttl1gw_integration
The ams_exttl1gw_integration script is used to integrate an External TL1 Gateway
with a 5520 AMS cluster. See Section 16.2.
No log file is generated for this script.
To run the script, log in as root and type:
ams_exttl1gw_integration.sh option ↵
31.12.1 configure
The configure option saves the virtual IP addresses and network interfaces to be
used for OSS communication.
The following is an example of the output:
Detecting setup.
Do you want to use a single virtual IP address for OSS communication [ yes
(default) | no ] ?
172.22.176.6
bge3
Writing configuration
Ready
31.12.2 unconfigure
The configure option removes a configured integration.
The following is an example of the output:
Detecting setup.
If they are running, the 5520 AMS and the 5520 TL1GW will be stopped before
unconfiguring.
->Stopping 5520TL1GW
o Disabling 5520TL1GW
o Stopping 5520TL1GW
->Stopping 5520AMS
Stopping JBoss
Stopped Jboss
Stopping Database
Stopped Database
Ready
31.12.3 start-active
The start-active option starts both the 5520 AMS and the External TL1 Gateway in
active mode. This option should only be used in a geographically redundant
installation. In a single site installation, you can use the ams_server start script.
The following is an example of the output:
Detecting setup.
->Starting 5520TL1GW
o Enabling 5520TL1GW
o starting 5520AMS
The AMS server is starting up, it may take several minutes before it is ful
ly operational.
Ready
31.12.4 start-standby
The start-standby option starts both the 5520 AMS and the External TL1 Gateway in
standby mode. This option should only be used in a geographically redundant
installation. In a single site installation, you can use the ams_server stop script.
The following is an example of the output:
Detecting setup.
->Stopping 5520TL1GW
o Disabling 5520TL1GW
o Stopping 5520TL1GW
o starting 5520AMS
The AMS server is starting up, it may take several minutes before it is ful
ly operational.
Ready
31.12.5 stop
The stop option stops both the 5520 AMS and the External TL1 Gateway.
The following is an example of the output:
Detecting setup.
->Stopping 5520TL1GW
o Disabling 5520TL1GW
o Stopping 5520TL1GW
->Stopping 5520AMS
Stopping JBoss
Stopped Jboss
Stopping Database
Stopped Database
Ready
31.13 ams_geo_configure
The ams_geo_configure script is used to configure, modify and disable geographic
redundancy. You can perform a manual switchover using ams_geo_configure or
ams_cluster. For more information, see the 5520 AMS Installation and Migration
Guide.
31.14 ams_hub_sub_link_mgr
The ams_hub_sub_link_mgr script is used when the 5520 AMS has a link
management license. See Chapter 5 for more information about licenses.
The ams_hub_sub_link_mgr script creates a cluster of hub-subtended
7302 ISAM/7330 ISAM FTTN/ 7356 ISAM FTTB/7360 ISAM FX NEs from the
5520 AMS application server. See Section 19.4 for more information.
Note — During the 5520 AMS migration you must run the
createUsernamePassword script to recreate the encrypted
password in the ams.password file. For information about
createUsernamePassword script, see Section 31.41.
31.15 ams_import
The ams_import script is used to import the data from an export file of selected data
on the 5520 AMS server.
A log file named importexport.log or importexportcli.log records the details about
import activity.
If the file you need to import data from was created from the client, change the file
name to export.tar. Perform the following steps:
To change to the export directory, type:
cd $AMS_EXTERNAL_SHAREDDATA_HOME/export/ams ↵
Before you proceed, the export file export.tar should be in the shared data directory.
To change the name of the file you need to use, type:
mv exportdate-time.tar.gz export.tar.gz ↵
where
date is the date the file was created in the format ddmmyyyy
time is the time the export was performed in the format hh-mm-ss
To run the script, log in to the application server as amssys and type:
ams_import.sh -filename <path or filename> -overwrite ↵
Where:
• -filename option is provided when the user needs to specify an export file that is
not the default export file (export.tar.gz).
Note — If -filename is not entered, default export file available
at the location,
/var/opt/ams/shared/common/export/ams/export.tar.gz will be
used during import.
• <path of the file> is the full directory path and filename to be imported. If only the
name of the export file is specified with the -filename option, the script will look for
the export file in the default path, /var/opt/ams/shared/common/export/ams/.
• -overwrite option enables the overwrite mode to overwrite duplicate records.
Note — The -overwrite option is only available for User
Management records.
For example,
ams_import.sh -filename
/var/opt/ams/shared/common/export/export01Aug2012-18-24-53.tar.gz
-overwrite ↵
Result: All duplicate records for the user management applications are overwritten.
The following is an example of the output:
Importing /var/opt/ams/shared/common/export/ams/export.tar.gz ...
31.16 ams_install
The ams_install script is used to install, activate, deactivate and uninstall plug-ins for
5520 AMS and the 5529 Enhanced Applications. For more information, see the
5520 AMS Installation and Migration Guide.
When you execute the ams_install script with --golden option, you can install the
required components, deactivate the components that are no longer required, and
activate the required components. As a result, the components mentioned in the
GoldenEMSSwConfig file are activated. Before executing this script, ensure that the
5520 AMS is not running.
When you execute the ams_install script with --cluster option, you can install,
deactivate, and activate the components. By executing the script with [ --golden
<GoldenEMSSwConfig file> ] [--cluster] option on a local host, the install, deactivate,
and activate actions are executed on all servers in the 5520 AMS cluster. Before the
actual execution starts, the following prompt is displayed indicating the list of hosts
that will be altered, and a confirmation message appears.
ams_install will alter the software configuration on following hosts:
This option is not applicable for geo-redundant cluster. Before executing the script
with --golden option, ensure that all the servers are shown in the output of the
ams_cluster status command, for which you have to start the cluster after installing
the 5520 AMS and ensure all the application and database servers has formed the
cluster properly.
A log file named install.log records details about installation, deactivation, and
uninstallation of 5520 AMS and the 5529 Enhanced Applications.
31.17 ams_install_license
The ams_install_license.sh script is used to install licenses for 5520 AMS, the
5529 Enhanced Applications, and NE-specific plug-ins. For more information, see
Procedure 11.
A log file named license.log records details about installing licenses for 5520 AMS.
31.18 ams_createfirstuser
Applies to —
If the above conditions are met, an initial AMS administrator account is created with
default password as 'admin' and the access to the 5520 AMS server is given to the
users for the specified IP addresses. Else, the script will exit and you will receive an
error message. Please contact your Nokia technical support for assistance.
The initial admin user account and password are required to download the 5520 AMS
GUI client for the first time. After you download and login to the AMS client, you must
change the default administrator password for the client.
A log file named security.log records the details about first user creation.
To run the script, log in as root or amssys and type:
ams_createfirstuser.sh [-h|--help] <username> <global address filter> ↵
where:
-h: displays help information.
<username> is the name of the operator account to be created.
<global address filter> is the allowed addresses from which the GUI can connect to
the server in CIDR notation. The value 0.0.0.0/0 allows all connections.
The following is an example of the output:
ams_createfirstuser.sh user 0.0.0.0/0
Creating user...
31.19 ams_link_mgr
The ams_link_mgr script is used when the 5520 AMS has a link management
license. See Chapter 5 for more information about licenses.
The ams_link_mgr script creates links from the 5520 AMS application server. See
Section 19.2 for more information.
The ams_link_mgr script also helps in the deletion of links such as, Splitter, G6-
GPON, Hub-SUBTENDED, ISAM- MDU.
A log file named license.log records details about link management license.
31.20 ams_mediagw_mgr
The ams_mediagw_mgr script creates the 7367 ISAM SX Media Gateway from the
5520 AMS Application server. See Section 19.3 for more information.
A log file named ams_mediagw_mgr.log records the error messages.
31.21 ams_ne_cli
The ams_ne_cli script is used to pass a series of CLI commands to one or more NEs.
For more information, see Section 17.5.
A log file named cutthrough.log records details about CLI commands passed on to
NEs.
To run the script, log in as amssys and type:
ams_ne_cli NEList inputCommandFile outputCommandfile timeout ↵
where:
• NEList is the IP address of the NE, in decimal format, or a file containing a list of
IP addresses. IPV4 and IPv6 IP addresses are supported.
• inputCommandFile is the name of the file where commands will be stored.
Where the argument -protocol is optional can be any of the following options:
• telnet : Using telnet protocol to connect to the NEs
• ssh : Using ssh protocol to connect to the NEs
• telnetfirst : The first instance uses telnet protocol to connect to the NEs. In case
the connection fails, the system tries to setup an SSH connection.
• sshfirst : The first instance uses ssh to connect to the NEs. In case the connection
fails, the system connects using telnet. This is the default option.
password:password to log in
prompt:prompt from which CLI commands are executed after giving login name
and password.>
!CLI Commands
CLI commands
Comments in the input file should start with an exclamation point (!).
password:ANS#150
prompt:#
!CLI Commands
logout
Connected to 172.22.176.77.
login: isadmin
password:
Welcome to ISAM
===================================================================
manager table
===================================================================
---------------------+-------------------+-------------------------
-------------------------------------------------------------------
manager count : 2
===================================================================
31.22 ams_nebackup
The ams_nebackup script is used to perform a backup of the NE database and NE
data.
You can perform a backup of NE data or of the NE backup database only.
A log file named ams_nebackup.log records the details about NE backup activity.
To run the script, log in as amssys and type:
ams_nebackup.sh options backupfile ↵
where:
• options can be any of the following, if needed:
• -h prints help information
• -c copies only the NE backup database
• backupfile is the path to the backup file that is generated by the script, for
example, /var/tmp/ams_backup_monday.tar.
DB locked.
DB unlocked.
31.23 ams_nerestore
The ams_nerestore script is used to perform a restore of the NE database and NE
data. You can perform a restore of NE data or of the NE backup database only.
A log file named ams_nerestore.log records the details about NE restore activity.
To run the script, log in as amssys and type:
ams_nerestore.sh options backupfile ↵
where:
• options can be any of the following, if needed:
• -h prints help information
• -b restores only the NE backup database
• backupfile is the path to the backup file to restore the data from, for example,
/var/tmp/ams_backup_monday.tar.
31.24 ams_show_ne_balancing
The ams_show_ne_balancing script is used to execute a query in the database and
display the NE name, NE Type/Release, and IP address of an application server that
is registered with the NE for communication.
No log file is generated for this script.
To know the options the ams_show_ne_balancing.sh script supports, log in as
amssys and type:
ams_show_ne_balancing.sh --help ↵
NE Product NE Type
7363 ISAM MX MX
• --netypereleasecount, displays the NE type and release count for each application
server.
The following options are supported only when the Enable NE Balancing Based On
Custom Group check box is selected in the Administration Tree (EMS
Administration→EMS System→Site). For more details on the setting, refer to Table
68.
• --netypereleasecountbycgc displays the NE type and release count for each
application server corresponding to a custom group criterium.
• --necountbycg displays the NE type and release count for each application server
corresponding to custom groups from custom group criterium.
The following are examples of the output for some of the supported options for
ams_show_ne_balancing.sh script with custom group name
“timeZoneNotManaged”.
--necountbycg
+-------------------------------------------+
| 10.1.1.239 |
+-------------------------------------------+
+----------------+------------------+-------+
|FTTN.5.3 |1 |1 |
|FTTN-I.5.1 |6 |6 |
|iSAM.5.3 |8 |8 |
|GENT.5.1.60 |6 |6 |
+----------------+------------------+-------+
+----------------+------------------+-------+
+-------------------------------------------+
| 10.1.1.238 |
+-------------------------------------------+
+----------------+-------------------+------+
|FTTN.5.3 |2 |2 |
|FTTN-I.5.1 |6 |6 |
|iSAM.5.3 |8 |8 |
|GENT.5.1.60 |7 |7 |
+---------------+-------------------+-------+
+---------------+-------------------+-------+
+-------------------------------------------+
| Unsupervised |
+-------------------------------------------+
+----------------+-------------------+------+
|FTTN.5.3 |0 |0 |
|MX.5.3 |2 |2 |
|MX.5.1 |0 |0 |
|iSAM.5.3 |0 |0 |
|GENT.5.1.60 |0 |0 |
|iSAM-I.5.3 |0 |0 |
+----------------+-------------------+------+
+----------------+-------------------+------+
--netypereleasecountbycg
+----------------+----------+----------+------------+------+
+----------------+-----------+-----------+-------------+------+
|FTTN.5.3 |1 |2 |0 |3 |
|iSAM.5.3 |8 |8 |0 |16 |
|GENT.5.1.60 |6 |7 |0 |13 |
+----------------+-----------+-----------+-------------+------+
+----------------+-----------+-----------+-------------+------+
--nebycg
+----------------+----------------+-------------------+
+----------------+----------------+-------------------+
--netypereleasecountbycgc
+----------------+-----------+-----------+-------------+------+
+----------------+-----------+-----------+-------------+------+
|FTTN.5.3 |1 |2 |0 |3 |
|iSAM.5.3 |8 |8 |0 |16 |
|GENT.5.1.60 |6 |7 |0 |13 |
+----------------+-----------+-----------+-------------+------+
+----------------+-----------+-----------+-------------+------+
--netypereleasecount
+----------------+-----------+-----------+-----------+-------------+-------
------+------+
|NE
Type/Release |10.1.1.218 |10.1.1.217 |10.1.1.239 |10.1.1.238 |Unsuper
vised |TOTAL |
+----------------+-----------+-----------+-----------+-------------+-------
------+------+
|GPON.4.10 |1 |0 |0 |0 |0
|1 |
|FTTN.5.3 |1 |1 |0 |1 |2
|5 |
|FX-I.5.3 |1 |0 |0 |0 |0
|1 |
|FTTN-I.5.1 |4 |5 |1 |2 |3
|43 |
|iSAM-I.5.1 |1 |1 |0 |1 |2
|5 |
|iSAM-I.5.3 |5 |5 |1 |2 |0
|3 |
+----------------+-----------+-----------+-----------+-----------+---------
+----------+
+----------------+-----------+-----------+-----------+-----------+---------
+----------+
31.25 ams_remove_data
The ams_remove_data script is used to recover data from a corrupted database. The
script completely reinitializes the database.
A log file named ams_remove_data.log is created.
Before running the script, stop the 5520 AMS server. To run the script, log in as
amssys and type:
ams_remove_data.sh ↵
AMS DB, Shared Data and Local Data has been purged
After running this script, start the 5520 AMS server. The server starts similar to
first-time server startup, and configures the DB.
31.26 ams_ne_mgr
The ams_ne_mgr script is used to read the contents of an input file to create NEs in
the 5520 AMS. The script also helps in modifying the NE attributes which are
supported by the 5520 AMS NBI.
Note 1 — The modification of IP Address and other attributes in
the same request is not supported.
Note 2 — During the 5520 AMS migration to R9.7.07, you must
run the createUsernamePassword script to recreate the
encrypted password in the ams.password file. For information
about createUsernamePassword script, see Section 31.41.
31.27 ams_restore
The ams_restore script is used to restore backed-up 5520 AMS data. For more
information about performing a restore, see Section 21.3.
A log file named ams_restore.log records the details about 5520 AMS restore
activity.
Note — If the backup file is in .gz format, you need to
uncompress the file before executing the ams_restore script.
To run the script, log in to a data server or a combination of data and application
servers as amssys and type:
ams_restore.sh options backup_filename ↵
where:
• backup_filename is the backup file from which you need to restore the data.
• options is any of the following:
• -h: displays help information
• -n: excludes licenses
The following is an example of the output:
Tue Sep 14 15:16:33 2010 **** Starting AMS Restore ****
Examining ams_bu.20100914...
Restoring MYSQL_INNODB_LOGS
Restoring MYSQL_DB_DIR
Restoring MYSQL_DB_DIR_APC
Restoring MYSQL_INNODB_DATA
Restoring AMS_SHAREDDATA_HOME
Restoring AMS_SHAREDDATA_NEBACKUP_DIR
Details in /var/opt/ams/local/ams-trunk-101265/log/ams_restore.log
31.28 ams_retrieve_ip_by_nename
The ams_retrieve-ip_by_nename script is used to retrieve the IP address of an NE
from the NE name. The IP addresses can be IPv4 or IPv6. For more information, see
Section 13.2.
No log file is generated for this script.
To run the script, log in as amssys and type:
ams_retrieve_ip_by_nename.sh NEname ↵
where:
NEname is the name of the NE.
The following is an example of the output:
ipAddress = 172.22.176.77
31.29 ams_retrieve_pap_ne_from_db
The ams_retrieve_pap_ne_from_db is used to retrieve the list of NEs and their PAPs
from the database.
No log file is generated for this script.
To run the script, log in as amssys and type:
ams_retrieve_pap_ne_from_db.sh -o output ↵
where output is the path and name of the file where the output of the script will be
saved. For example, /tmp/output_ne_pap. The amssys user must have write
permission for the output folder.
The following is an example of the output file:
FullFriendlyName NE PAP
31.30 ams_schedule_backup
The ams_schedule_backup script is used to schedule backups of the 5520 AMS
database server and can be used to FTP or SFTP the backup to a remote server.
The script creates a cron job and a configuration file for backing up the 5520 AMS.
For more information, see Scheduling backups.
A log file named run_ams_backup.xxxx.log records the details about 5520 AMS
schedule backup activity.
Note 1 — The 5520 AMS depends on SSH key infrastructure to
configure SFTP as transfer method.
Note 2 — In a server where scheduled backup is configured, if
you change the time zone in the operating system, you must
restart the crontab service so that the scheduled backup can
run exactly with the time that is set in the server. Else, backup
will fail. The following commands are used to restart crontab
service:
• In Red Hat Enterprise Linux 6.7 x86_64 and higher system,
use the below command:
service crond restart
• In Red Hat Enterprise Linux 7.1 x86_64 and higher system
or Red Hat Enterprise Linux 8.0, use the below command:
systemctl restart crond
================================================
5)Update files
6)Exit
Put a space between times if entering more than 1. Default = 21:00: 13:00
BACKUP SETTINGS
================================================
Backup directory:/builds
Backup Options:
================================================
5)Update files
6)Exit
SFTP SERVER #1
Is this correct?[yes|no]yes
In order to use sftp as transfer method the correct SSH key infrastructure
should be configured otherwise transfer will not be possible
================================================
5)Update files
6)Exit
(S)FTP SETTINGS
================================================
Enable FTP: NO
SFTP SERVER #1
USERNAME: root
DIRECTORY: /builds
================================================
5)Update files
6)Exit
31.31 ams_splitter_mgr
The ams_splitter_mgr script is used to create and manage splitter objects under a
PON port in 7360 ISAM FX or 7342 ISAM FTTU.
The script is available in the <AMS_LOCAL_DIR>/bin/ directory. To run the script,
log in as amssys and type:
ams_splitter_mgr \[option] \ [inputfile]
Option Description
-username \[user] The 5520 user name to use to access the 5520
AMS. This user must have the function 'AMS
NBI-Edit" in its role
(1 of 2)
Option Description
-password \[pass] The 5520 AMS user password
-keystore \[key] Full path to the keystore file. Default = get value
from the properties file
-keypass \[pass] Password for the keystore file. Default = get value
from the properties file
-nbihost \[url] The URL of the NBI client the 5520 AMS needs to
connect to
-c To create a splitter
-d To delete a splitter
(2 of 2)
31.32 ams_sw_backup
The ams_sw_backup script is used to perform a backup of the 5520 AMS software.
A log file named ams_sw_backup.log records the details about backup of the
5520 AMS software.
To run the script, log in as a root user and type:
ams_sw_backup.sh backup-file ↵
where backup-file is the path to the file that will be created by the script. The suffix
‘_<hostname>.bin’ will be appended to the filename.
The following is an example of the output:
==== Starting AMS Software Backup ====
Copy /var/opt/ams/local/ams-9.7-385523/.ams-9.7-385523-redhat-x86_64.bin
Details in /var/opt/ams/local/ams-9.7-385523/traces/log/ams_sw_backup.log
31.33 ams_switch_active_dataserver
The ams_switch_active_dataserver script is used to change the active data server in
a cluster to the standby data server. For more information, see Forcing a data server
switchover
A log file named processmonitor.log or processmonitor.trace records details about
the switchover from active data server to standby data server.
To run the script, log in to the active data server as amssys and type:
ams_switch_active_dataserver option ↵
31.34 ams_switch_authentication_local
The ams_switch_authentication_local script is used to change the 5520 AMS user
authentication from RADIUS or LDAP to the database. You can run this script to
allow you to log in when there is a problem with RADIUS or LDAP authentication. For
more information, see RADIUS authentication.
No log file is generated for this script.
To run the script, log in as amssys and type:
ams_switch_authentication_local ↵
Are you sure you want to switch to the local database authentication [no
(default) | yes]? y
31.35 ams_tracing
The ams_tracing script is used to perform the following actions:
• Configure the EMS tracing level on unknown NEs and non-NE objects.
• Configure the EMS tracing level for an NE.
• Reset the tracing level to the default on all NEs.
• Set any log level in standalone-full-ha.xml for log category.
31.36 ams_uninstall
The ams_uninstall script is used to uninstall the 5520 AMS. For more information,
see the procedure to uninstall the 5520 AMS server in the 5520 AMS Installation and
Migration Guide.
A log file named install.log records details about uninstalling the 5520 AMS.
31.37 ams_update_limit
During multiple client installation on a Red Hat Enterprise Linux operating system as
an amssys, an error can result due to insufficient memory. To prevent this, the
ams_update_limit.conf.sh script is run manually and as a non-root user. The script
adds the following to the /etc/security/limit.conf file:
amssys soft nproc 650000
amssys hard nproc 650000
amssys soft nofile 650000
amssys hard nofile 650000
31.38 ams_user_mgr
The ams_user_mgr script is used to read the contents of an input file to manage
users in the 5520 AMS. For information about this script, see Section 9.4.
Note — During the 5520 AMS migration to R9.7.07, you must
run the createUsernamePassword script to recreate the
encrypted password in the ams.password file. For information
about createUsernamePassword script, see Section 31.41.
A log file named ams_user_mgr.log records details about reading the contents of an
input file to manage users in the 5520 AMS.
31.39 ams_check_ssl
The ams_check_ssl script is used to check the status of the JBoss process and SSL.
No log file is generated for this script.
To run the script, log in as amssys and type:
ams_check_ssl.sh ↵
SSL is disabled.
31.40 convert5526AMSTo5523AWS
The convert5526AMSTo5523AWS script is used during migration from 5526 AMS to
5520 AMS. For more information, see the 5520 AMS Installation and Migration
Guide.
No log file is generated for this script.
31.41 createUsernamePassword
The createUsernamePassword script is used to encrypt the password for a
5520 AMS user and saves the encrypted password to a file. The file can be read by
the ams_user_mgr, ams_ne_mgr, ams_link_mgr, and ams_hub_sub_link_mgr
scripts. If you run the createUsernamePassword script, you do not need to include a
username and password in the input file for the scripts. For more information, see
Procedure 34.
You must be able to log in to the 5520 AMS application server as amssys or as a user
in the amssys group. For information on adding a new user account to the amssys
group, see Section 9.3.
No log file is generated for this script.
To run the script, log in as amssys or as a user in the amssys group and type:
createUsernamePassword ↵
Enter Password:
SUCCESS
31.42 DEMO_IT_infrastructure_integration
The DEMO_IT_infrastructure_integration script is used to configure the IP address
of the data servers and SSH key of the active and standby site of a geographically
redundant installation.
The script monitors the health state of the active site and performs a switchover to
the standby site if the active site is down. For more information, see the chapter
about installing the 5520 AMS at multiple sites in the 5520 AMS Installation and
Migration Guide.
A log file named control_switch_site.log records the details about configuring the IP
address of the data servers.
31.43 ams_disable_ssl
The ams_disable_ssl script is used to disable secure communication over SSL or
TLS, which is the default protocol. For more information, see Section 7.6.
SSL has been disabled. Please restart the server for the change to take
effect.
31.44 ams_enable_ssl
The ams_enable_ssl script is used to enable secure communication over SSL or
TLS, which is the default protocol. You can use SSL or TLS with a default or
customized keystore. For more information, see section 7.3.
where:
• path-to-keystore-file is the path to the keystore file on the server
• keystore password is the customized keystore password
You do not need to specify a keystore file or password if you need to use the default
keystore.
The following is an example of the output:
Checking if JBoss is running
Enable SSL...
Cleanup...
Process complete!
31.45 getAgentlist
The getAgentlist script is used to generate a list of the agents that are supervised by
the 5520 AMS. The agent IP addresses can be IPv4 or IPv6. For more information,
see Section 13.4.
No log file is generated for this script.
where username and password are the username and password of a 5520 AMS user
with the NE List - NBI function. The 5520 AMS user can be an Internal Database or
RADIUS or LDAP user.
Note 1 — If the password contains special characters, escape
the special meaning of the characters by preceding each
special character with the backslash character (\). For example,
if the password is !@#ams$%^user&*, enter
\!\@\#ams\$\%\^user\&\*.
Note 2 — If you are using a cron job to generate an agent list,
execute the getAgentlist script located in the home account of
amssys. For example, /var/opt/ams/users/amssys/bin/. This
directory depends on the values provided during the 5520 AMS
installation.
The output of the script is stored in the file $TEMP_DUMPFILE. The location of the
file is /tmp/netlist-dump_result
The following is an example of the output:
7342-GPON 7342-GPON IACM IACM GPON.4.10 10.1.1.55 V3 161 null null nt With
Authentication and With Privacy gpon123 SHA ******** DES ********
timeZoneNotManaged
7342-GPON 7342-GPON SHUB SHUB GPON-SHUB.4.10 10.1.1.55 V3 161 null null shub
With Authentication and With Privacy gpon123 SHA ******** DES ********
timeZoneNotManaged
7342-GPON 7342-GPON IACM IACM GPON.4.10 10.1.1.32 V2 161 public public null
null null null null null null timeZoneNotManaged
7360-ISAM 7360-ISAM IACM IACM iSAM.6.0 10.1.1.19 V2 161 public public null
null null null null null null timeZoneNotManaged
7360-ISAM 7360-ISAM IHUB IHUB IHUB.6.0 10.1.1.19 V2 161 ihub ihub null null
null null null null null timeZoneNotManaged
7342-GPON 7342-GPON IACM IACM GPON.4.10 10.1.1.117 V2 161 public public null
null null null null null null timeZoneNotManaged
7367-ISAM 7367-ISAM IACM IACM iSAM.6.0 10.1.1.243 V2 161 public public null
null null null null null null timeZoneNotManaged
G6 G6 G6 G6 G6.12.3 10.1.1.98 V2 161 public private null null null null null
null null timeZoneNotManaged
31.46 innotop
The innotop script is used as third-party text-based database and InnoDB monitoring
tool.
No log file is generated for this script.
To run the script, log in as amssys and type:
innotop ↵
31.47 ams_reset_logs
The ams_reset_logs script is used to clear the contents of 5520 AMS log files. For
more information, see Section 27.9.
No log file is generated for this script.
To run the script, log in as amssys and type:
ams_reset_logs.sh ↵
31.48 retrieve_nes
The retrieve_nes script is used to generate a list of the NEs that are supervised by
the 5520 AMS. NEs with IPv4 or IPv6 IP addresses are retrieved. For more
information, see Section 13.4.
No log file is generated for this script.
To run the script, log in as amssys and type:
• To enter a password now, type:
retrieve_nes.sh -f dumpFilename -u username -p [password] [-s filter 1 [-s
filter 2 ]..] ↵
where:
• dumpFilename is the path to the file to which to send the output.
• username and password are the username and password of a 5520 AMS user
with the NE List - NBI function. The 5520 AMS user can be an Internal Database
or RADIUS or LDAP user.
• filter1 and filter2 are the NE models to be filtered. Filters are optional.
To retrieve all NEs of a specified type and release, enter -s NE
type.release.number, for example, iSAM.3.4. To retrieve all NEs of a specified
type, enter -s NE type, for example, iSAM.
7330-ISAM,10.1.1.23,161,ihub,ihub
7360-ISAM,10.1.1.50,161,public,public
7360-ISAM,10.1.1.50,161,ihub,ihub
7363-ISAM,10.1.1.86,161,public,public
7342-GPON,10.1.1.117,161,public,public
7342-GPON-SHUB,10.1.1.117,161,NETMAN,NETMAN
7367-ISAM,10.1.1.235,161,public,public
G6,10.1.1.168,161,public,private
31.49 ams_simplex_to_cluster
The ams_simplex_to_cluster script is used to convert a simplex server to a
single-server cluster. For more information, see the cluster installation chapter in the
5520 AMS Installation and Migration Guide.
No log file is generated for this script.
31.50 switchover_hook
The 5520 AMS runs the switchover_hook script before performing an automated
switchover of a data server. Unmodified, this script returns a value of True. You can
alter this script so that the script performs actions or checks for conditions before
permitting the switchover. If the script returns a value of True, the switchover occurs
normally. If the script returns any other value, the switchover does not occur.
No log file is generated for this script.
The switchover_hook script is in the following location:
$AMS_SOFTWARE_HOME/lib/dataserver/bin/
31.51 ams_log_manager
The ams_log_manager script is used to modify the log level, log type, collect log or
debug files and reset the log or debug files, and enable or disable syslog mode, and
change syslog facility on all the 5520 AMS servers.
A log file named ams_log_manager.log and ams_log_manager.trace records all the
details during the ams_log_manager script execution.
where:
--resetlogs: clears log/debug files
--collect: collect log/debug files
--category: specifies which set of log and debug files to collect, multiple
are allowed
--target: selects on which servers to execute the selected action, comma
separated list of cluster IP addresses
--destination: location where to store the result file (mandatory parameter
along with --collect)
--setlevel: set loglevel
q) Quit
1) ALL
2) DEBUG
3) ERROR
4) INFO
5) TRACE
6) WARN
q) Quit
Progress:
q) Quit
Choice: 2
Are you sure you want to change all log files to Fixed Duration [ no (default)
| yes ] ? y
Result
Note — You need to restart the server for the log configuration
changes to take effect across all the servers.
• Destination URL is the location to store the final output file. The supported
protocol type is FTP, SFTP, HTTP, and a file. You need to use the username and
password set for file server to transfer the output file. For example:
ftp://test:test@<ip_address>, http://user1:123456@<ip_address>/upload/, or
sftp://amssftp:amssftp@<ip_address>/var/opt/ams/users/amssftp/
Note — You can login to the SFTP servers without entering a
password when the two servers are in sync. In order to upload
the collected logs without the password, you need to sync both
DSA and RSA keys in case of Red Hat Enterprise Linux version
6.7 and lower in the RHEL6 stream and Red Hat Enterprise
Linux version 7.2 and lower in the RHEL7 stream, and sync
only the RSA key for other versions of Red Hat Enterprise Linux
during the 5520 AMS installation.
For more details on configuring the DSA and RSA keys, see the
Red Hat Enterprise Linux documentation.
Checking precondition...
Enter the category [ comma separated list of log, debug, os, all (default)
]: all
Progress:
Package - SUCCESS
Upload - SUCCESS
Retained
Note — You can retain the temporary collected trace file. The
trace file is available in $AMS_LOCALDATA_HOME/traces
directory.
Enter the category [ comma separated list of log, debug, all (default) ]: all
Progress:
Progress:
Your change has been recorded successfully. Please restart the server/cluster
to make them effective
Progress:
Progress:
Your change has been recorded successfully. Please restart the server/cluster
to make them effective
31.52 ams_apps_stats_converter
The ams_app_stats_converter.sh script can be used to convert a specified
applicationStatistics file or all applicationStatistics files in a specified path to .csv file
format, for plotting graphs offline, that is, outside the 5520 AMS GUI. This is
important when graphs cannot be plotted using the EMS Performance Monitoring
tool due to performance issues within the AMS server itself. For more information see
Section 30.1.
No log file is generated for this script.
To run the script, log in to the amssys or root and type:
$AMS_SCRIPTS_DIR/ams_app_stats_converter.sh [–-outputdir
<output_directory>] [--filename <absolute path and filename of the
application statistics file> ]↵
Where:
• <output_directory> is the output directory specified by the operator where the .csv
file needs to be generated.
• <absolute path and filename of the application statistics file> is the absolute path
and filename of the applicationStatistics file.
31.53 ams_updatefirewall
The ams_updatefirewall script is used to add, show, or remove port(s) used by 5520
AMS and 5529 Enhanced Applications.
A log file named update_firewall.log is generated when the script is executed and is
stored at $AMS_DEBUG_DIR.
Following ports are to be opened at the firewall to allow correct AMS behavior
----------+------------------------------------+----------+---------
----------+------------------------------------+----------+---------
Do you want to add these ports to the firewall [ no (default) | yes ]? yes
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
31.54 getLicenseCounter
The script getLicenseCounter script is used to provide the data from the license
database and you can retrieve AMS setup details such as IP of database server, and
database password.
A log file named LicenseCounter.log lists the data from license database and it is
stored at $AMS_DEBUG_DIR.
To run the script, log in as amssys, and type:
getLicenseCounter.shoption ↵
Details in
/var/opt/ams/local/ams-9.5.00-291864/traces/log/LicenseCounter.log
+----------------------------------------------+
+--------------------------------------+-------+
+--------------------------------------+-------+
| 2.5gbps.enabled.lt | 1 |
| G.vector mode | 0 |
| green.dsl.l2mode | 0 |
| igmp | 10 |
| impulse.noise.sensor | 0 |
| ip.forwarding | 0 |
| nt.load.sharing | 3 |
| sra.vdsl2 | 0 |
| upbo.policing | 0 |
| vectoring.crosstalk | 0 |
| vectoring.legacy.fext.cancellation | 0 |
+--------------------------------------+-------+
31.55 convert_to_shorter_line
The script convert_to_shorter_line is used to convert the log files to new files with
shorter line length.
No log file is generated for this script.
To run the script, log in as amssys and type:
convert_to_shorter_line.ploption ↵
31.56 ams_reconfigure_host
The script ams_reconfigure_host is used to reconfigure the host server. You can
change some settings in 5520 AMS to VMware before running AMS properly. This
process is known as reconfigure IP.
The script checks that if the it is executed on a VMware.
No log file is generated for this script.
To run the script, log in as amssys and type:
ams_reconfigure_host.sh ↵
Enter the host name that uniquely identifies the server (no space allowed):
redhat-95-145
31.57 ams_support
The ams_support script is used to run commands of a specific domain on all or
specific servers in the cluster.
A log file named ams_support.log stored in $AMS_LOG_DIR and ams_support.trace
stored in $AMS_DEBUG_DIR records all the details during this script execution.
The jstack and jdump output is stored in $AMS_DEBUG_DIR with latest timestamp
information. For example:
/var/opt/ams/local/ams-9.6.00-331216/traces/log/ams_support.log
Note — The system may not respond temporarily while
collecting jstack and jmap on a heavily loaded system. You
need to restart the server for the changes to take effect.
where:
-h: prints help information
--domain: mandatory parameter which can have the following parameter
• app: this domain allows you to execute actions on the application server
• security: allows to execute commands which belong to security domain
--command: a command to execute a specific task
• jstack: collect jstack information on application servers
• jmap: collect jmap information on application servers
• resetadminpwd: reset password for admin user in case of no active admin
sessions
• killadminsessions: kill current sessions of admin user in case of number of active
sessions is greater than maxConcurrentSessions
--target: selects on which servers to execute the selected action, multiple
choices are allowed
• cluster ips: runs the command on specific machine only
• sitename: run the command on specific site only
• all: run the command on both sites
--destination: location where to store the result file
Checking precondition...
WARNING
Progress:
Done
Success
Success
The following is an example of the output to reset the admin user password:
ams_support.sh --domain=security --command=resetadminpwd
Done
Success
31.58 ams_update_database_pwd
The ams_update_database_pwd script is used to change the database password in
simplex, cluster and geo-redundant systems.
A log file named ams_ems_service.log records all the details during the script
execution.
The script prompts to modify the database password for root, admin user, and
replication user (users among the servers in a cluster) accounts.
Ensure the following criteria is met while changing the password:
• new password must not be the same as the current password
• new password must not exceed more than 32 characters and must not contain
spaces
OK
Enter the current database password for root user (no space allowed):
Enter the new database password for root user (no space allowed):
Enter the current database password for amsadminusr user (no space allowed):
Enter the new database password for amsadminusr user (no space allowed):
Enter the current database password for amsreplusr user (no space allowed):
Enter the new database password for amsreplusr user (no space allowed):
***WARNING***
Next step will stop the running AMS system and thus the AMS and all its
related services will not be available.
Is it OK to stop the AMS and update new database password now [ yes | no
(default) ]? yes
host-<ip_address>:
Stopping database
Stopped database
Stopping JBoss
Stopped JBoss
Processing on <server_ip_address>
=======================
Starting database..[ OK ]
host-<ip_address>:
The server is starting up, it may take several minutes before it is fully
operational.
31.59 ams_renew_isam_ssh_info
After migration to ISAM R5.7, the ISAM NEs generates a new SSH key pair and
hence denies any SSH connection when the same host connects with old public key.
The 5520 AMS always accepts the public key by the ISAM NE and it is successful
for the first time but the connection fails when the key pair of the NE is changed. To
avoid connectivity problems, it is recommended to generate the new SSH key on the
ISAM NE, then execute the ams_renew_isam_ssh_info script and perform the ISAM
NE migration to R5.7.
The 5520 AMS will lose SSH connectivity with the NE if the
ams_renew_isam_ssh_info script is not executed before migrating the ISAM NE to
R5.7.
You need to regenerate the SSH keys on the NE using the CLI or through the 5520
AMS GUI before executing the ams_renew_isam_ssh_info script and the PBMT
package, so that the 5520 AMS will have full connectivity during the migration
process.
where:
-h: prints help information
--input: Read the content of filename which should contain one NE IPv4 address
per line
NE ip: IPv4 address of an NE for which the SSH cache should be renewed.
Multiple addresses can be provided
Cleaned output message indicates that the SSH cache is removed from the 5520
AMS server.
Rediscovered output message indicates that a new key is generated for the IP
address which is provided in the input.
Error output message indicates that it encountered a problem while removing the
SSH cache. The script continues to execute with the following error codes displayed
in the output.
• 0: All success
• 1: Input file not found
• 2: Parse failure of the input file
• 3: Renewal for at least one NE failed
• 4: Wrong user
31.60 ams_set_snmp_trap_port
The ams_set_snmp_trap_port script is used to set the UDP port number used by the
5520 AMS for listening to the SNMP traps coming from the NE. You must execute
the script on an application server and it is supported on cluster system.
You need to execute the ams_set_snmp_trap_port script to change the default
SNMP trap port number which is 9001 to custom trap port number.
A log file named update_firewall.log stored in $AMS_DEBUG_DIR or
update_firewall.trace stored in $AMS_DEBUG_DIR records all the details during this
script execution.
Before you proceed, the 5520 AMS and the database must be up and running.
To run the script, log in as amssys and type:
ams_set_snmp_trap_port.sh [-h|--help] [--default|<portnumber>] [--show]
where:
-h: displays help information
--default: Sets the portnumber to be used to AMS default which is 9001
--show: Show the current configured value.
<portnumber> Value between 0 and 32000
Restart the 5520 AMS server after modifying the port number so that the new port
number is applied on all the application servers. If the 5520 AMS is not restarted, the
new port number is applied only on one application server where the script is
executed.
The ams_set_snmp_trap_port script updates the SNMP port number in the database
and the firewall port on the server where you executed the script. After restarting the
5520 AMS in a cluster setup, the ams_updatefirewall script is executed on all the
application servers and the script reads the new SNMP port number from the master
database.
Note 1 — The ams_set_snmp_trap_port.sh script does not
check for any possible port conflicts.
Note 2 — The 5520 AMS does not allow you to enable SNMP
port number 0 or 32000 port in the server. You can enable only
the SNMP port number between 0 and 32000 which is 1 to
31999.
ams_set_snmp_trap_port.sh 9019
AMS system needs to restart to take the new value into account.
For -default option, the port value is set to the default port value which is 9001
ams_set_snmp_trap_port.sh --default
AMS system needs to restart to take the new value into account.
The following table describes the error messages that are displayed in the output
when you execute the ams_set_snmp_trap_port script.
Table 129 Error messages for ams_set_snmp_trap_port script
AMS is not running When you run the script while AMS is not up and
running.
Invalid port number provided When you enter the trap port number as a string
type or if the trap port number is not in the range 0
to 32000.
Failed to update firewall When you run the script while database is not up
settings. Please correct and running.
manually
31.61 ams_cleanup_sip_data_and_files
The ams_cleanup_sip_data_and_files script is used to clean up SIP data for deleted
NEs.
The script removes SIP folders under the following directories for deleted NEs:
$AMS_SHAREDDATA_HOME/ne/sip/d
$AMS_LOCALDATA_HOME/ne/sip/d
Note — Before running this script, stop the 5520 AMS server.
Log in to the 5520 AMS server as amssys and start the server. In a cluster setup, the
script must be executed on each of the application servers.
To run the script, type:
ams_cleanup_sip_data_and_files.sh [-h | --help] [-d]
where:
-h: displays help information
-d: excludes cleaning up SIP files on the shared and the local directories
for the deleted NEs.
After executing the script, stop the 5520 AMS server, reset the lock wait timeout
duration to the original value, and then restart the 5520 AMS server.
31.62 ams_recreate_aes_keys
The ams_recreate_aes_keys script is used to generate and update the shared AES
keys used for password encryption.
where:
-h|--help : displays the help information
-dkey : describes the existing encryption key. Use to view the encrytion key
-ukey : updates the encryption key with the user given value
To generate and encrypt passwords with a new randomly generated AES key, run
the script without any options. The following confirmation message appears:
"Do you want to generate a new encryption key [ no (default) | yes ]?"
Notes
(1) In some cases, the password might not get updated in the SDC Configuration file. In such cases, the password
must be updated manually.
The secondary server will be contacted only after the maximum number of retries is
reached for the primary RADIUS server. See Table 131 for information on RADIUS
authentication scenarios.
The client sends request message to Authentication is not A major alarm ‘The
the primary RADIUS server. If the successful due to both the RADIUS Server not
primary server does not respond, the RADIUS servers are not responding’ is raised.
client retries based on the value reachable.
configured for parameter “Number of
Retries”.
If there is no response then AMS
sends the request message to the
secondary RADIUS server.
If there is no response from the
secondary server also then the
access to AMS is denied.
The client sends a request message Authentication is not A major alarm ‘The
to the primary RADIUS server with successful due to incorrect RADIUS Server not
incorrect password. password. responding’ is raised.
The RADIUS server returns an
Access-Reject response message.
3 Organize the file system. Go to the home folder and create src, bin, and planet by typing:
cd ~ ↵
4 Download the map data and copy to the planet directory. Perform one of the following steps:
cd ~/bin ↵
svn export
http://svn.openstreetmap.org/applications/utils/export/osm2pgsql/ ↵
cd osm2pgsql ↵
./autogen.sh ↵
./configure ↵
make ↵
checkpoint_segments = 20
autovacuum = off
• To edit kernel parameter shmmax to increase maximum size of shared memory, type the
following commands:
sudo -u postgres -i ↵
exit ↵
...
CREATE FUNCTION
COMMIT
• Substitute your username with "username" in two places in the following line:
The username should be the username that will render maps with maplink. The output of
the command will be:
ALTER TABLE
ALTER TABLE
• Set the Spatial Reference Identifier (SRID) on the new database by typing the following
command:
INSERT 0 1
8 Load planet into the database with osm2pgsql and import, by typing the following commands:
cd ~/bin/osm2pgsql ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost1.42-dev_1.42.0-3ubunt
u1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-system1.42.0_1.42.0-3
ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-filesystem1.42.0_1.42
.0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-filesystem1.42.0_1.42
.0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-regex1.42.0_1.42.0-3u
buntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-regex1.42-dev_1.42.0-
3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-iostreams1.42.0_1.42.
0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-iostreams1.42-dev_1.4
2.0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-thread1.42.0_1.42.0-3
ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-date-time1.42.0_1.42.
0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-serialization1.42.0_1
.42.0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-serialization1.42-dev
_1.42.0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-date-time1.42-dev_1.4
2.0-3ubuntu1_i386.deb ↵
ssudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-thread1.42-dev_1.42.0
-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-program-options1.42.0
_1.42.0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-program-options1.42-d
ev_1.42.0-3ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-python1.42.0_1.42.0-3
ubuntu1_i386.deb ↵
sudo dpkg -i
/home/tcthien/share/mapnik_dependency/libboost-python1.42-dev_1.42.0
-3ubuntu1_i386.deb ↵
python scons/scons.py ↵
sudo ldconfig ↵
libboost-python1.42-dev... ↵
• Confirm that the Mapnik library is installed. The output of the command will be:
python
>>>
10 Install Mapnik tools. To check out the source of mapnik rendering, type the following
command:
cd ~/bin ↵
svn co http://svn.openstreetmap.org/applications/rendering/mapnik
mapnik_rendering ↵
Mapnik uses prepared files to generate coastlines and ocean for small scale maps. This is
faster than reading the entire database to render zoom levels from zero to nine.
cd ~/bin/mapnik ↵
mkdir world_boundaries ↵
wget http://tile.openstreetmap.org/world_boundaries-spherical.tgz ↵
wget http://tile.openstreetmap.org/processed_p.tar.bz2 ↵
wget http://tile.openstreetmap.org/shoreline_300.tar.bz2 ↵
wget
http://www.naturalearthdata.com/http//www.naturalearthdata.com/download
/10m/cultural/10m-populated-places.zip ↵
wget
http://www.naturalearthdata.com/http//www.naturalearthdata.com/download
/110m/cultural/110m-admin-0-boundary-lines.zip ↵
12 Render the map to test the result by typing the following command:
cd ~/bin/mapnik_rendering ↵
./generate_image.py ↵
Result: The database is loaded, the tools are installed, and England image is generated.
13 Install Apache server and generate map tile image by performing the following steps:
export MAPNIK_MAP_FILE=~/bin/mapnik_rendering/osm.xml ↵
export MAPNIK_TILE_DIR=/var/www/osm ↵
iii Go to ~/bin/mapnik_rendering.
- minZoom = 1 ↵
maxZoom = 16 ↵
Result: All the map tiles image are generated in /var/www/osm/<zoom level>/<x location>/<y
location>.png, once the generation is complete.
14 Log in to the 5520 AMS GUI and set the Web Map Server setting to the following URL:
url: http://<domain>/osm/${z}/${x}/${y}.png
Note — Reference:
http://wiki.openstreetmap.org/wiki/HowTo_mod_tile
Index
Numerics ams_ne_cli, 574
ams_ne_mgr, 585
5520 AMS ams_nerestore, 577
configure to upload SIP configuration file to ams_remove_data, 584
external FTP server, 363 ams_reset_logs, 598
ams_restore, 585
A ams_retrieve_ip_by_nename, 586
ams_retrieve_pap_ne_from_db, 586
activate SSL changes
ams_schedule_backup, 587
reinstall solaris client, 75
ams_server, 525
add
ams_show_ne_balancing, 578
CA certificate for LDAP, 342
ams_simplex_to_cluster, 600
CPE vendor ID and country code, 437
ams_switch_active_dataserver, 592
customized web link, 422
ams_switch_authentication_local, 592
license key from GUI, 60
ams_tracing, 593
license key from server, 61
ams_uninstall, 593
links using ams_link_mgr_script, 251
ams_user_mgr, 594
user account, 122
convert5526AMSTo5523AWS, 594
alarm
createUsernamePassword, 594
view logs, 497
DEMO_IT_infrastructure_integration, 595
alarms
getAgentlist, 596
configure EMS local alarms, 294
innotop, 598
filter, 293
retrieve_nes, 599
license, 59
switchover_hook, 600
ams server scripts
ams_hub_sub_link_mgr_script
ams_activate, 545
create cluster, 266
ams_audit_agent_alarm, 545
create input file, 264
ams_backup, 546
ams_link_mgr script
ams_check_ssl, 594
add links, 251
ams_cluster, 548
create input file, 244
ams_copy_datafiles, 555
ams_ne_mgr_script
ams_disable_ssl, 595
add NEs, 217
ams_enable_ssl, 596
create input file, 213
ams_export, 563
ams_user_mgr_script
ams_exttl1gw_integration, 565
create input file, 127
ams_geo_configure, 569
manage users, 131
ams_hub_sub_link_mgr, 569
annonymous FTP user
ams_import, 569
create, 360
ams_install, 572
application server
ams_install_license, 572
stop, 444
ams_link_mgr, 574
architecture
ams_nebackup, 577
syslog, 491
input files for server scripts, 124 customized web link, 426
NE plug-in settings, 329 external TL1 gateway server, 197
create operator defaults, 430
anonymous FTP user, 360 schedule, 415
cluster using ams_hub_sub_link_mgr_script, disable
266 LDAP, 342
complex schedule, 411 RADIUS authentication, 340
environmental alarm templates, 309 SSL, 77
external SNTP server, 178 SSL between server and client, 78
external TL1 gateway server, 196 duplicate
hub-subtended clusters, 263 customized web link, 427
input file for ams_hub_sub_link_mgr_script, operator default template, 429
264
input file for ams_link_mgr script, 244 E
links from application server, 244
operator default template, 428 enable
PAP, 145 LDAP, 341
PAP group, 148 RADIUS authentication, 338
simple schedule, 410 SSL, 72
SNMP profile, 282 enable SSL communication
SNMPv3 user, 281 between 5520 AMS server and GUI clients,
73
syslog server, 492
syslog server message, 494 customized keystore, 73
user accounts, 119 export
user roles, 141 External TL1GW, 197
create user account selectively using AMS GUI, 396
internal DB authentication, 119 export data
remote authorization, 119 using AMS GUI, 395
customize external TL1 Gateway
environmental alarm definitions, 310 release and license information, 209, , 210
customized keystore statistics, 209
generate, 71 external TL1 gateway
list, 72 add TNM user profile, 206
customized web link change user password, 202
add, 422 clear command templates, 204
delete, 426 configure, 200
duplicate, 427 configure using ETL1 script, 192
modify, 425 connection, 199
list TNM user profiles, 207
D load command templates, 203
login, 201
data server switchover remove TNM user profiles, 207
conditions, 447 send TL1 commands, 204
force, 448 start batch execution, 205
delete start new user session, 200
CPE vendor ID and country code, 438 stop batch execution, 205
SSL unlock
disable, 77 user, 134
enable, 72 unschedule
overview, 70 task, 414
stop update
application server, 444 license key, 63
subscriber search attributes time zone information in NE, 180
configure, 182 use
create, 185 application server, 443
delete, 188, , 189 data server, 447
edit, 186 user
manage, 184 lock, 133
move an attribute, 187 unlock, 134
overview, 182 user account
switch add, 122
from customized to default keystore, 77 parameters, 114
from default to customized keystore, 76 user accounts
syslog changes, 93
architecture, 491 manage, 125
overview, 490 overview, 92
syslog rotation settings user role
configure, 495 create, 141
syslog server user session
create, 492 close, 153
manage, 492 overview, 152
syslog server message
create, 494 V
syslog system parameters
view, 492 view
alarm logs, 497
T backup or restore status, 229
data server settings, 350
task license key, 62, , 64, , 65
unschedule, 414 list of schedules, 412
time zone operator default template, 428
change information for NE, 180 security log, 496
configure, 325 security log files, 496
modify, 179 syslog system parameters, 492
overview, 179 user functions, 140
To configure a TL1/CLI protocol selection user session information, 152
strategy for a reachability test, 288 user statistics, 136
version and plug-in details, 349
U
unevacuate
NEs using GUI, 446
Customer documentation
Customer Documentation Welcome Page
Technical Support
Product Support Portal
Documentation feedback
Customer Documentation Feedback
© 2021 Nokia.
3JL-01001-BZAB-PCZZA