In other words, instead of having to type "contoso\mikem", the user could just input "mikem" as their username.
Is there a way to make it so that when users login to SolarWinds NCM, they don't have to pre-pend the "domain\" part of the username field? Can I hard-code it somewhere globally?
↧
↧
Cisco ASA IPS Configuration Download
Hello,
I created a basic command template for the Cisco ASA IPS that we are using. I use this to download the configuration. I am able to download the configuration using a job that I created in Solarwinds NCM. However, when the "show configuration" command is entered at IPS' CLI, it takes sometime before the IPS show the configuration. While waiting for the configuration printout @ CLI, the IPS shows the message @ CLI "Generating Configuration" which is just a single line. If I manually login at CLI and issue "show configuration" the "Generating Configuration" is only a single line. However, when the job is used to download the configuration, there are multiple lines containing "Generating Configuration" before the actual start of the configuration. Is there a way for me to get rid of these before the configuration is saved into the NCM archive? Your thoughts will be greatly appreciated.
↧
HP (formerly 3Com) v1910 / v2928 PoE Switches
We have literally thousands of these same switches at one of our customers. We have to be able to use NCM to backup, change control, restore configurations to all of these switches.
One thing to point out is that the method the original poster (Jeff), and this here Jeff are using is somewhat unsupported by HP (formerly 3com). When we login via Telnet, and type that command "_cmdline-mod on" then answer "Y" and enter the secret password - that is the only way we can access the advanced level command line. It is somewhat Menu driven, but not really, because you can also type out commands. This is a strange bird to say the least, but one that *MUST* be solved and supported by Solarwinds at any cost. I am ready to open a case and work closely with any Engineer to get this resolved, but it must be resolved.
I get right to that "Please input password:" prompt, then it enters the correct number of *'s, but always reports incorrect password, then the rest of the script fails to run. I have tried the Template Builder Assistance and the Solarwinds Config Generator...and neither offer enough granularity in creating templates or configuration change scripts to be successful.
This is how it should work:
Username: admin
Password:
<PROMPT> _cmdline-mode on
All commands can be displayed and executed. Continue? [Y/N] Y
Please input password: ******
Warning: Now you enter an all-command mode for developer's testing, some commands may affect operation by wrong use, please carefully use it with our engineer's direction.
<PROMPT>
This is the reality when executing via script in NCM:
Username: admin
Password:
<PROMPT> _cmdline-mode on
All commands can be displayed and executed. Continue? [Y/N] Y
Please input password: ******
incorrect password
<PROMPT>
Here is the ConfigMgmt-Commands File I am working with -- Note some of this is added after using the Template Builder Assistant:
<Configuration-Management Device="3com-2928" SystemOID="1.3.6.1.4.1.43.1.8.75">
<Commands>
<Command Name="ALLOCATEPTY" Value="True" />
<Command Name="CUSTOMUSERNAMEPROMPT" Value="Username:" />
<Command Name="MENUBASED" Value="True" />
<Command Name="EnterConfigMode" Value="_cmdline-mode on${CRLF}" />
<Command Name="VirtualEnablePrompt" Value="Y${CRLF}" REGEX="All commands can be displayed and executed. Continue? [Y/N]" DELAY="5" />
<Command Name="VirtualEnablePrompt" Value="123456${CRLF}" REGEX="Please input password:" DELAY="5" />
<Command Name="DOWNLOADCONFIGINDIRECT" Value="backup startup-configuration to ${StorageAddress} ${Node Name}.cfg ${CRLF}" />
</Commands>
</Configuration-Management>
Here is the Execute Script I am working with -- Generated with Solarwinds Config Generator 1.0:
'ADVANCED:FILTER RESULTS:False
'ADVANCED:FILTER PATTERN:Serial
'ADVANCED:SHOW COMMANDS:True
_cmdline-mode on
Y
123456
backup startup-configuration to 157.241.7.206 ${Node Name}.cfg
I hope someone has either done this or Solarwinds Tech Support see's this and can help me get to the next step.
Thanks,
Jeff Singleton
Motorola Solutions Inc.
↧
NCM Credentials
Are NCM credentials a pain or am I missing something?
Login Credentials are easy enough to setup.
Device credentials can only be changed at the console? Like most folks, we use TACACS for most of our equipment and those accounts are independent of the Windows accounts. For security reasons, most of our users are not allowed direct NCM console access. At the same time, I don't want the NCM admins knowing the TACACS username and passwords for the unprivileged users. Anybody suggest a work around?
NCM Integration to NPM. On the Orion NPM Web pages, why do users require "view customization rights' to add NCM credentials? Maybe I did something wrong? Otherwise, I really can't afford to have every user who needs access to their configs to have the "view customization rights". (Yes, they have access to the NCM Web Console, but it sort of defeats the purpose of NCM/NPM integration.)
Any thoughts?
↧
Cannot download running config - timeout problems
Since the upgrade to NCM 7.2.2, every day I am getting Cisco switch backup jobs with this error:
ERROR: Cannot download Running config : Unable to Log into Router : Timeout. Device IP:xxx.xxx.xxx.xxx
The switch is almost always different. The job will fail during one run and succeed in all the others in a 24-hour period. I can run the backup manually without issue. Is anyone else having this problem?
↧
↧
Help with regular expressions and config change reports
I could use some help with creating a regular expression that the config change report ignores during it's comparison. Basically, I have Cirrus comparing the most recent config downloaded with the latest baseline. The problem is that the running configuration of my cisco devices has the crypto key listed in the config, and in the startup, the crypto key doesn't exist. I would like to exclude this section from even being compared, but my regular expression knowledge is severely lacking. I'm guessing there is a way for me to exclude the following:
crypto ca certificate chain TP-self-signed-1667691779
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31363637 36393137 3739301E 170D3036 30383036 31303234
35365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36363736
39313737 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B4CA F3563FC5 43010A48 B075619E A7DE4790 AF982EF5 5402B501 207DB313
67C78E80 CCD4CBA7 D2214222 055D8CBF A676A6A3 64C0B6C2 2247D76C C4C60202
EFCA453E 5848D707 16D2940D C7384BBE 6BA52028 5F1CD47F C66CFD7B EF51188D
8AF9B9E9 D4DFB645 1D36E2B0 1D2B6BDE CF00F2FB 149AA487 7CF2FD66 74A4D032
CDFB0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14797F79 CD395C9D 9BBBF477 BE2CB863 2BD9D2B3 DA301D06
03551D0E 04160414 797F79CD 395C9D9B BBF477BE 2CB8632B D9D2B3DA 300D0609
2A864886 F70D0101 04050003 8181007B 9EB45922 73A18372 A31736D2 DA9089FD
760DE6D1 0B50007E 05BA8328 D8A48A76 5B68D3EE 69BA29BD 89D63CE8 6BEF5ECE
05DC7804 FAE7DA90 716CB0C5 40BBCB21 8BFDE99D AF3E4D35 796BFA05 FF5F3000
78368944 B9BA15C8 F017126D 7AF337D0 88F38689 57F73A18 7509491A F3060E3A
D0F1BCE8 4C110ECF 9A016242 7758E3
quit
Is there a way to exclude everything to "quit" and what would it look like? Any help would be appreciated.
↧
Cannot start SolarWinds TFTP Server ActiveX component can't create object
Have done a few Google searches on this and searched Thwack to no avail. My system admin just updated NCM to 7.2 and asked us to test it. Well when I try to download a config I get the error message in the title. Anyone have any suggestions of what to do?
↧
NCM templates/scripts for reading output of CLI commands
Friends,
I manage a two tiered service desk. I want to remove all CLI access (albeit Read only) for all my tier1 support techs. I would like them to execute any diagnostic scripts (eg show / ping / trace ) etc via NCM scripts.
While I have found enough information on Thwack on executing CLI change commands, I havent been able to figure out how to read back the output of the CLI command.
Appreciate if someone can guide me in the right direction here.
P.S : All my devices are Cisco IOS
Thanks
Prayank
↧
Cisco ASA IPS Configuration Download
Hello,
I created a basic command template for the Cisco ASA IPS that we are using. I use this to download the configuration. I am able to download the configuration using a job that I created in Solarwinds NCM. However, when the "show configuration" command is entered at IPS' CLI, it takes sometime before the IPS show the configuration. While waiting for the configuration printout @ CLI, the IPS shows the message @ CLI "Generating Configuration" which is just a single line. If I manually login at CLI and issue "show configuration" the "Generating Configuration" is only a single line. However, when the job is used to download the configuration, there are multiple lines containing "Generating Configuration" before the actual start of the configuration. Is there a way for me to get rid of these before the configuration is saved into the NCM archive? Your thoughts will be greatly appreciated.
↧
↧
NCM Policy Compliance Cache
Ok - so, I am getting into working with Policies this morning. When I work from the NCM console, in the Policy Editor tool, I can run a report pretty much "ad-hoc". But - when I go to the Orion NCM web interface, I will sometimes see that a report hasnt been run yet, or needs to be refreshed, etc.
Is there a way to update a SINGLE report/Policy without having to run ALL the reports?
There are alot of reports/policies installed that we dont use, and it seems to be a great waste of time and resources to constantly update reports that are not needed.
Yes, I know I could "Delete" the ones we dont use today, but since I am just starting to look at these, I dont want to get rid of anything that could be used.
↧
ncm 7.2 beta 2 issue
Folks - after running the new beta 2 for a few days, i attempted to get to the website this morning, and keep getting the dreaded "Unexpected Website Error"..
If I click on "Settings", I can use the site, but just attempting to get to the main page generates the error. I do have the automatic login options enabled.
↧
ncm 7.2.0 to 7.2.2 fails. no longer able to access NPM page or any orion apps
it the beginning i had NCM and NPM on the same server. Support told me to separate them for performance
i did and it works
now with NPM 10.7 and NCM 7.2, they told me to place them on the same server
i had NCM 7.2 with NPM 10.7 running with my new licenses.
i was then asked to upgrade to 7.2.2 of NCM for bug fixed and better performance.
I wish i had not done so
i am now dead in the water
once poor testing from SW staff
I got this error at the end of the NCM install
again poor error messages. where are these messages that i am suppose to look at?
why did it fail?
and then after this i lost access to all NPM/ORION services. The GUI comes up, but i only get this screen
I stooped and started all services, no success
I re-booted the server, no success
I re-installed NCM, no success
I re-configure NCM , no success
I re-installed NPM, no success
I re-configure NPM , no success
i will use this posting for my ticket as the ticket system does not accept attachments
↧
Trying to download configs for Brocade 7800 switches using SCP on NCM 6.0
I was able to discover and inventory but when I attempt to download the config I get the following error "Connectivity issues discarding config file." I have configured SCP settings in NCM and can manually backup the config using "configupload" command to NCM with the same credentials. Am unsure if NCM has the appropriate config templates for Brocade or if I need to download / create. Any suggestions would be greatly appreciated.
↧
↧
Cannot start SolarWinds TFTP Server ActiveX component can't create object
Have done a few Google searches on this and searched Thwack to no avail. My system admin just updated NCM to 7.2 and asked us to test it. Well when I try to download a config I get the error message in the title. Anyone have any suggestions of what to do?
↧
NCM Credentials
Are NCM credentials a pain or am I missing something?
Login Credentials are easy enough to setup.
Device credentials can only be changed at the console? Like most folks, we use TACACS for most of our equipment and those accounts are independent of the Windows accounts. For security reasons, most of our users are not allowed direct NCM console access. At the same time, I don't want the NCM admins knowing the TACACS username and passwords for the unprivileged users. Anybody suggest a work around?
NCM Integration to NPM. On the Orion NPM Web pages, why do users require "view customization rights' to add NCM credentials? Maybe I did something wrong? Otherwise, I really can't afford to have every user who needs access to their configs to have the "view customization rights". (Yes, they have access to the NCM Web Console, but it sort of defeats the purpose of NCM/NPM integration.)
Any thoughts?
↧
Juniper SA / MAG SSL VPN config backup - is there a way with NCM
Does anyone know of a way to grab the configs from a Juniper SA or MAG series SSL VPN? There seem to be ways to do it but I don't think NCM supports them. Does anyone have it working and if not please add this a a feature request! Thanks!
John
↧
NCM Regular expression to ignore "state up" or "state down" for node in the BigIP config
I have tried the following with little success
^[ \t\r\n\v\f]state[ \t\r\n\v\f]*
^[ \t\r\n\v\f]state[ \t\r\n\v\f]*down
^[ \t\r\n\v\f]state[ \t\r\n\v\f]*up
^! state
^! state*
↧
↧
Cannot download running config - timeout problems
Since the upgrade to NCM 7.2.2, every day I am getting Cisco switch backup jobs with this error:
ERROR: Cannot download Running config : Unable to Log into Router : Timeout. Device IP:xxx.xxx.xxx.xxx
The switch is almost always different. The job will fail during one run and succeed in all the others in a 24-hour period. I can run the backup manually without issue. Is anyone else having this problem?
↧
Using Config Change Script to Identify Switch Interface Mode
Hello Everyone,
I recently found out about the Config Change Scripts, and it is magnificent. I started using the (out-of-the-box) ones and tweaking them. Then started to write some for my own and testing them on the LAB setup that we have. However, I hit a wall when I could not identify a Cisco switch port if it is in Access mode or in Trunk mode.
The scenario I have is that there are many switches and I need to enable (bpduguard) and (root guard) on the switches' access ports. But in order to that, I have to identify the switch mode (Acces / Trunk) and I could not figure it out from NCM Admin guide.
If anyone has tried it or know about this, it would be great to help.
I use NCM 7.0.2
BTW, here is a script I wrote in order to create a dummy VLAN and assign all of the unused ports to it, plus some standard SSH security configuration. Please, be gentle as this is my first time trying to write those scripts. And any enhancements are more that welcomed.
/*
.CHANGE_TEMPLATE_DESCRIPTION
This change template configures dummy VLAN and assign unused switch ports (notconnect) to it . This was verified on Cisco 3750 switches.
.CHANGE_TEMPLATE_TAGS
Cisco, IOS, VLAN Membership , unused ports
.PLATFORM_DESCRIPTION
Cisco IOS
.PARAMETER_LABEL @ContextNode
NCM Node
.PARAMETER_DESCRIPTION @ContextNode
The node the template will operate on. (Cisco Switch)
.PARAMETER_LABEL @DummyVLAN
Dummy VLAN ID to add and assign
.PARAMETER_DESCRIPTION @DummyVLAN
Dummy VLAN ID you would like to add and assign.
*/
script ConfigureDummyVLANCiscoIOS (
NCM.Nodes @ContextNode,
int @DummyVLAN )
{
int @flag
@flag = 0
CLI
{
configure terminal
vlan @DummyVLAN
name Blackhole
exit
}
foreach(@itf in @ContextNode.Interfaces)
{
if (@itf.OperStatus == 'Up')
{
@flag=1
}
if (@itf.InterfaceDescription contains 'vlan')
{
@flag=1
}
if (@itf.InterfaceType != 6)
{
@flag=1
}
if (@flag==0)
{
CLI
{
interface @itf.InterfaceDescription
switchport vlan @DummyVLAN
exit
}
}
@flag=0
}
}
↧
Cisco SNMP trap for Realtime Change Detection
I am working on getting RTCD working. I have my cisco devices configured to send SNMP traps:
snmp-server enable traps config
However, a trap is sent when a user enters config mode, not if they actually change anything or when they exit config mode. This is useless since none of the changes are downloaded. Is it possible to use SNMP to send a trap when the config is changed? It seems syslog will log an entry when it's changed, but I'd rather rely on SNMP.
↧
More Pages to Explore .....
