Table Of Contents
Configuring the Cisco Info Server and Proxy Server
Starting and Stopping a Cisco Info Server
Starting a Cisco Info Server Automatically
Starting a Cisco Info Server Manually
Stopping a Cisco Info Server Manually
Using the SQL Interactive Interface to Stop the Info Server
Specifying Cisco Info Server Command Line Options
Specifying Cisco Info Server Properties
Running the Cisco Info Server in Secure Mode
Client Tool Updates Using IDUC
Specifying the IDUC Update Interval
Connecting to the Proxy Server
Specifying Proxy Server Command Line Options
Specifying Proxy Server Properties
Running the Proxy Server in Secure Mode
Configuring the Cisco Info Server and Proxy Server
This chapter describes how to start and stop the Cisco Info Server and proxy server, and how to configure the Cisco Info Server and proxy server using properties and command line options.
This chapter contains the following sections:
•
Starting and Stopping a Cisco Info Server
•
•
•
•
•
•
•
For information about installing Cisco Info Center and configuring Cisco Info Center deployments, see the Cisco Info Center Installation and Configuration Guide, 3.6.
Starting and Stopping a Cisco Info Server
This section describes how to start and stop a Cisco Info Server. You must have a Cisco Info Server running before you can use the components of Cisco Info Center. You can start and stop a Cisco Info Server:
•
•
Starting a Cisco Info Server Automatically
When you install Cisco Info Center, you are prompted to configure automatic startup upon system boot. If you configure automatic startup, then the Cisco Info Center components start automatically when the host is booted up.
Starting a Cisco Info Server Manually
If the Cisco Info Center was configured for manual startup (automatic startup was not configured), use the following command to start the Cisco Info Center components:
/etc/init.d/nco start
After it is started, the Cisco Info Server automatically restarts if it fails.
Note
You can also start and stop the Cisco Info Server from a remote machine. The name you specify in the -name option is compared to the process agent names configured in the Server Editor. The host machine and port are identified and the command is sent to the correct process agent.
For detailed instructions about using Process Control, see "Process Control."
The command to use to start the Cisco Info Server manually is:
$OMNIHOME/bin/nco_objserv [-name <servername>]
where <servername> is the Cisco Info Server name. If you do not specify the -name command line option, nco_objserv attempts to start the NCOMS Cisco Info Server. For additional command line options, see Specifying Cisco Info Server Command Line Options.
Note
On start up, the Cisco Info Server attempts to open the $OMNIHOME/etc/<servername>.props properties file and the $OMNIHOME/etc/<servername>.sql SQL initialization file, where <servername> is the Cisco Info Server name.
For information about the properties file, see Specifying Cisco Info Server Properties. For information about the SQL file, see Specifying the SQL File.
Stopping a Cisco Info Server Manually
You can stop a Cisco Info Server manually in two ways:
•
•
Using the nco stop Command
To stop the Cisco Info Center and all installed components, enter the following command:
/etc/init.d/nco stop
Using the SQL Interactive Interface to Stop the Info Server
To stop a manually started Cisco Info Server, use the SQL interactive interface.
Step 1
$OMNIHOME/bin/nco_sql [-server <servername>] [-user <username>]
where <servername> is the name of a local or remote Cisco Info Server and <username> is a valid user name. If you do not specify a user name, the default is the user running the command.
Step 2
Step 3
1> shutdown;
2> go
Note
For other nco_sql command line options and more information about how to use the SQL interactive interface, see Direct Access Using the SQL Interactive Interface (nco_sql).
The shutdown command is described SQL Commands.
If a Cisco Info Server is started under Process Control, the process agent restarts it automatically after a manual shutdown. In this case, you must shut down the Cisco Info Server using Process Control.
Specifying Cisco Info Server Command Line Options
Command line options for the Cisco Info Server use the following format:
nco_objserv [-option [<parameter>]...]
where -option is the command line option and <parameter> is the option parameter. Not every option has a parameter.
Command line options can be added to nco_objserv commands in the process agent configuration file. See "Process Control," for additional information.
Table 1-1 lists the Cisco Info Server command line options.
Table 1-1 Cisco Info Server Command Line Options
-autotick <integer>
Sets the interval at which the internal clock ticks, which controls the sampling in automation triggers. The default value is 1 second.
Do not use this command line option unless you are advised to by Technical Support.
-connections <integer>
Sets the maximum number of available connections for Desktop clients, Cisco Info Mediators, and gateways. The minimum value is 30, and the default value is 64. Up to two connections may be used by the system.
-console
This is the default when you start the Cisco Info Server from the command window. You cannot specify this option when starting the Cisco Info Server from the Services window.
-dattofuzzy
Recovers database tables from logical storage.dat files and writes the tables as region storage .tab files, then shuts down.
For information about logical and region storage, see Checkpointing - Logical and Region Storage.
-debug <integer>
Enables debug messages to be written to the log file. The numeric specifies the amount of debug information required; available levels are 0 (no messages), 1, 2, and 3 (most verbose). The default is 0.
This option is only useful for detecting problems with the Cisco Info Server. Do not use this command line option unless you are advised to by Technical Support.
-DELETES <string>
Sets the log file in which to record all delete commands issued in the Cisco Info Server.
-DELETES_LEVEL <integer>
Determines the level of detail sent to the log file after an alert is deleted. Possible levels of log output are:
<0 = no log output.
0 = Client type (application ID, for example, ctisql for nco_sql) and SQL executed. This is the default.
1 = Time, user ID, client type, and SQL executed.
2+ = Time, user ID, client type, SQL executed, and the contents of each deleted alert.
This property only functions when the Cisco Info Server has been started with the -DELETES command line option.
-DELETES_SIZE <integer>
Sets the maximum size of the log file. When the log file deletelogname.log reaches the specified size, it is renamed deletelogname_old.log and a new log is started. The default log file size is 1024 Kbytes.
The results of a single delete command are never split between log files. Therefore, log files may be larger than the specified size.
This property only functions when the Cisco Info Server has been started with the -DELETES command line option.
-DNS <string>
Sets a hostname for clients to use to locate the Cisco Info Server. On systems where DNS is used, the name returned by a host machine internally may not be the name by which it is referred to on the network.
For example, a machine named sfo may actually be identified on the network as sfo.bigcorp.org. In this case, to connect to a Cisco Info Server running on sfo, enter -DNS sfo.bigcorp.org on the command line.
-fuzzy
Enables region storage. For information about logical and region storage, see Checkpointing - Logical and Region Storage.
-fuzzytodat
Recovers database tables from region storage .tab files and writes the tables as logical storage .dat files, then shuts down.
For information about logical and region storage, see Checkpointing - Logical and Region Storage.
-granularity <integer>
Controls the update interval, in seconds, of IDUC broadcasts to Desktops and gateways. Reducing this value increases the update rate to the clients.
The default interval is 60 seconds.
For more information, see Client Tool Updates Using IDUC.
-hashsize <integer>
Sets the internal hash table size for database tables. The default is 5013 bytes.
The hash table size should not be increased unless the alerts.status table contains more than 10,000 events. An increased hash table size will improve performance for updates and deletes that are performed using the VIA option for direct access to the row in the table (including deduplication).
The hash size should be set to a prime number for optimal performance. You must be using logical storage to change in the hash table size.
-help
Displays the supported command line options and exits.
-interval <integer>
Sets the number of seconds between Cisco Info Server checkpoints. The default interval is 300 seconds, which means every 5 minutes the Cisco Info Server writes out the database tables and clears the transaction record files.
Reducing this value increases the I/O load on the Cisco Info Server and its host system. Setting this to 0 disables checkpointing and is not recommended for production use.
-logfile <integer>
Sets the name of the file to which the Cisco Info Server writes messages, including errors. By default, the file is $OMNIHOME/log/servername.log.
-logsize <integer>
Sets the maximum log file size in Kbytes. The default log file size is 1024 Kbytes.
Once the servername.log file reaches the maximum size specified, the Cisco Info Server renames servername.log to servername.log_old and starts a new servername.log file. When the new servername.log file reaches the maximum size, it overwrites servername.log_old and the process starts again.
-name <integer>
Sets the Cisco Info Server name, which must be unique. This is the name configured in the Server Editor. The default is NCOMS.
-pa <string>
Set the Process Control agent name. When an external action is run from an automation, the Cisco Info Server can start an external process. To start the process, the Cisco Info Server contacts a Process Control agent. The default name for the Process Control agent is NCO_PA.
-port <integer>
Sets the port for the IDUC communication connection. This is the port on which the Cisco Info Server sends updates to each client Desktop Event List, objective view map, and gateway. If not specified, the IDUC port is selected by the Cisco Info Server at random from the unused port numbers available.
You can also specify the port in the services file of the host machine.
For more information, see Client Tool Updates Using IDUC.
-propsfile <string>
Sets the Cisco Info Server properties file name. The default name is <servername>.props, where the <servername> is defined by the -name option.
-queuesize <integer>
Sets the size of the queue between the Cisco Info Server and the process agent. The default queue size is 1024 bytes.
This queue is used if the process agent is down or is taking a long time to start processes. In the rare event the queue becomes full, the Cisco Info Server will fail with a fatal error such as:
INFOSERVER: Fatal Connect Error: 16016/15/0: No free messages.
You can only increase this value from the default. Do not use this command line option unless you are advised to by Technical Support.
-secure
Sets the security mode of the Cisco Info Server. If this is set, the Cisco Info Server authenticates connection requests with a user name and password.
For more information about using secure mode, see Running the Cisco Info Server in Secure Mode.
-stacksize <integer>
Indicates the number of bytes to allocate to the stack for each thread. The Cisco Info Server is a multi-threaded application; each thread maintains its own stack. The default is 64 Kbytes.
You can only increase the value from the default. Do not use this command line option unless you are advised to by Technical Support.
-stats <integer>
Sets the timing interval for gathering statistics. To enable statistics gathering, remove the comment symbols (--) around the master.stats table in the servername.sql file. The default interval is 900 seconds.
-stderr
Redirects messages from the log file to stderr. This is normally defined as the terminal window in which the Cisco Info Server was started.
-timer <string>
Sets a timing mechanism for the automation system.
Setting timer to internal sets the Cisco Info Server to use an internal thread to generate timing signals. This can be abbreviated to -timer i. This is the default setting.
Setting timer to external sets the Cisco Info Server to launch an external process (nco_timer), which generates timing signals and restarts itself every 12 hours for reliability. This can be abbreviated to -timer e.
Setting timer to none disables timing signals and requires nco_timer to be run manually. This can be abbreviated to -timer n.
Do not use this command line option unless you are advised to by Technical Support.
-uniquelog
Forces the log file to be uniquely named by appending the process id of the Cisco Info Server to the default log file name. For example, if the INFOSERVER Cisco Info Server is running as process 1234, the log file is called servername.1234.log. This option allows the Cisco Info Server to create a unique log file for each run.
When the -logfile command line option is set, this has no effect.
-version
Displays version information about the Cisco Info Server and exits.
Specifying Cisco Info Server Properties
The Cisco Info Server properties file is read when a Cisco Info Server starts. If you do not specify a properties file when starting a Cisco Info Server, the $OMNIHOME/etc/<servername>.props default file is used, where <servername> is the name of the Cisco Info Server.
Use the -propsfile command line option to specify the full path and file name of an alternate properties file.
You can edit the Cisco Info Server properties when the Cisco Info Server is running using the Properties tab of the Configuration Manager, as described in Cisco Info Server Properties. You can edit the Cisco Info Server properties when the Cisco Info Server is not running, as described in Properties Editor.
Table 1-2 lists and describes the Cisco Info Server properties.
Table 1-2 Cisco Info Server Properties
AlertSecurityModel <integer>
If the AlertSecurityModel property is set to 1, normal users can also work with alerts assigned to a user in the same group. The default is 0.
AllowConnections TRUE | FALSE
This property determines whether non-root users can connect to the Cisco Info Server. If FALSE, no new connections to the Cisco Info Server are allowed. The default is TRUE.
AllowISQL TRUE | FALSE
This property determines whether connections to the Cisco Info Server using the SQL interactive interface are allowed. If FALSE, no user can connect using the isql or nco_sql commands. The default is TRUE.
If TRUE, this property can be enabled for each user from the Users tab of the Configuration Manager.
AllowISQLWrite TRUE | FALSE
This property determines whether updates to Cisco Info Server data are allowed using the SQL interactive interface. If FALSE, no user can modify Cisco Info Server data. The default is TRUE.
If TRUE, this property can be enabled for each user from the Users tab of the Configuration Manager.
AllowTimedRefresh TRUE | FALSE
This property determines whether the user can enable timed refresh in the Refresh tab of the Event List Preferences window. If TRUE, the Event List preferences can be set to allow alert information to be updated at a specified interval rather than waiting for notification of updates from the Cisco Info Server. The default is FALSE.
If FALSE, the timed refresh check box is grayed out in the Refresh tab of the Event List Preferences window and timed refresh is disabled.
AuditAutomation TRUE | FALSE
This property determines whether changes to triggers or actions generate SystemWatch alerts, which notify operators that changes have taken place and can be logged for future reference. If TRUE, SystemWatch alerts are generated when automation changes occur. The default is FALSE; automation changes occur without generating alerts.
Automations are described in "Automation.".
AuditConfig TRUE | FALSE
This property determines whether changes made in the Configuration Manager generate SystemWatch alerts, which notify operators that changes have taken place and can be logged for future reference. If TRUE, SystemWatch alerts are generated when configuration changes occur.
The default is FALSE; configuration changes occur without generating alerts.
The Configuration Manager is described in "Using the Configuration Manager.".
AuditNames TRUE | FALSE
This property determines whether changes made in the Users tab of the Configuration Manager generate SystemWatch alerts, which notify operators that changes have taken place and can then be logged for future reference. If TRUE, SystemWatch alerts are generated when user configuration changes occur. The default is FALSE; user configuration changes occur without generating alerts.
The Configuration Manager is described in "Using the Configuration Manager.".
AutoTick <integer>
This property determines the interval at which the internal clock ticks, which controls the sampling in automation triggers. The default value is 1 second.
This property can be overridden with the -autotick command line option.
Do not change the value of this property unless you are advised to by Technical Support.
BackupInfo Server TRUE | FALSE
This property provides failback capability with Desktop clients, Cisco Info Mediators, and the Cisco Info Server gateway. The default is FALSE; the Desktop clients, Cisco Info Mediators, and gateways are assumed to be connected to a primary Cisco Info Server.
When TRUE, the Desktop clients, Cisco Info Mediators, and gateways are made aware they are connected to the backup Cisco Info Server in a failover pair. If this is the case, the Desktop clients, Cisco Info Mediators, and gateways will automatically check for the recovery of the primary Cisco Info Server in the failover pair and switch back (fail back) when it has recovered.
CopySingleCell <integer>
This property determines whether choosing
Edit > Copy to Clipboard on the Event List copies all information in the selected event row or only the selected cell. If set to 1, only the selected cell is copied. The default is 0; the entire row is copied.DeackOnReawaken TRUE | FALSE
This property extends the functionality of the ReawakenClosed property. If you set both ReawakenClosed and DeackOnReawaken to TRUE, each time an alert is reawakened, the Acknowledged field is cleared, making the alert deacknowledged. The default is FALSE.
DebugActions TRUE | FALSE
This property determines whether actions in automations should be logged. If TRUE, the execution of actions is logged in the Cisco Info Server log. The default is FALSE; the actions are executed without logging.
DebugLevel <integer>
This property controls the level of messages generated by the Cisco Info Server. Available levels are 0 (no messages), 1, 2, and 3 (most verbose). The default is 0.
This property can be overridden with the -debug command line option.
This property is only useful for detecting problems with the Cisco Info Server. Do not change the value of this property unless you are advised to by Technical Support.
DebugTriggers TRUE | FALSE
This property determines whether triggers in automations should be logged. If TRUE, the execution of triggers is logged in the Cisco Info Server log. The default is FALSE; triggers are executed without logging.
DeleteLogLevel <integer>
This property determines the level of detail sent to the log file after an alert is deleted. Possible values are:
<0 = No log output.
0 = Client type (application ID, for example, ctisql for nco_sql) and SQL executed. This is the default.
1 = Time, user ID, client type, and SQL executed.
2+ = Time, user ID, client type, SQL executed, and the contents of each deleted alert.
This property only functions when the Cisco Info Server has been started with the -DELETES command line option and can be overridden with the -deletes_level command line option.
DeleteLogSize <integer>
This property sets the maximum size of the log file. When the log file deletelogname.log reaches the specified size, it is renamed deletelogname_old.log and a new log is started. The default log file size is 1024 Kbytes.
The results of a single delete command are never split between log files. Therefore, log files may be larger than the specified size.
This property only functions when the Cisco Info Server has been started with the -DELETES command line option and can be overridden with the -deletes_size command line option.
Granularity <integer>
This property controls the update interval, in seconds, of IDUC broadcasts to Desktops and gateways. Reducing this value increases the update rate to the clients. The default interval is 60 seconds.
This property can be overridden with the -granularity command line option.
For more information, see Client Tool Updates Using IDUC.
GWDeduplication<integer>
This property controls the behavior when there is an attempt by a gateway or Impact to reinsert an existing event in the Cisco Info Server. Possible values are:
0 = The Tally field is incremented by one. This is the default.
1 = The new event replaces old event.
2 = The new event is ignored.
LogInterval <integer>
This property determines the number of seconds between Cisco Info Server checkpoints. The default interval is 300 seconds, which means every 5 minutes the Cisco Info Server writes out the database tables and clears the transaction record files.
Reducing this value increases the I/O load on the Cisco Info Server and its host system. Setting it to 0 disables checkpointing and is not recommended for production use.
This property can be overridden with the -interval command line option.
MaxLogFileSize <integer>
This property sets the maximum log file size in Kbytes. The default log file size is 1024 Kbytes.
Once the servername.log file reaches the maximum size specified, the Cisco Info Server renames servername.log to servername.log_old and starts a new servername.log file. When the new servername.log file reaches the maximum size, it overwrites servername.log_old and the process starts again.
MonitorConnections TRUE | FALSE
This property determines whether a ConnectionWatch message is generated when a process connects to the Cisco Info Server. The default is TRUE.
PaUsername <string>
Specifies the user name for connecting to a Process Control agent to run external effects in automations. A value must be specified when the Process Control agent is running in secure mode. The default is ''.
PaPassword <string>
Specifies the password for the user specified in the PaUsername command line option. The default is ''.
Profile TRUE | FALSE
This property controls Cisco Info Server profiling. If TRUE, the amount of time it takes for clients to execute SQL is logged in the Cisco Info Server log. The default is FALSE.
ReawakenClosed TRUE | FALSE
This property controls whether new alerts reawaken duplicate alerts that are closed in the Cisco Info Server. If TRUE, the following additional updates can be made:
- If the alert is cleared (the Severity field is 0), the
field is updated with the severity of the incoming alert.
- If the Severity field is updated and the DeackOnReawaken property is set to TRUE, the Acknowledged field is cleared, making the alert deacknowledged.
The default is FALSE; when a new alert arrives which matches an existing alert in the Cisco Info Server, the Tally field is incremented by one and the LastOccurrence time is updated with the value from the new alert.
RegionStorage TRUE | FALSE
This property enables region storage. The default is FALSE, meaning logical storage is enabled.
For information about logical and region storage, see Checkpointing - Logical and Region Storage.
RestrictProxySQL TRUE | FALSE
When TRUE, this property specifies that when a connection is made from a proxy server, the range of Cisco Info Server SQL commands that can be executed is restricted to the following commands:
•
•
•
•
•
•
If FALSE, connections from a proxy server can execute any Cisco Info Server SQL commands.
Restriction UpdateCheck TRUE | FALSE
This property controls whether users with a restriction filter can update events that would cause the event to drop out of the their view. If FALSE, users can change events that would cause the event to drop out of the their view. The default is TRUE.
ServerMajorRel <integer>
Specifies the Cisco Info Server major release number.
This property is read-only and is for use by upgrade scripts and other utilities.
ServerMinorRel <integer>
Specifies the Cisco Info Server minor release number.
This property is read-only and is for use by upgrade scripts and other utilities.
ServerOS <string>
Specifies the type of operating system on which the Cisco Info Server is running.
This property is read-only and is for use by upgrade scripts and other utilities.
ServerPatchRel <integer>
Specifies the Cisco Info Server patch revision number.
This property is read-only and is for use by upgrade scripts and other utilities.
ServerRevision <integer>
Specifies the Cisco Info Server revision level.
This property is read-only and is for use by upgrade scripts and other utilities.
StatsInterval <integer>
Sets the time interval for gathering statistics.
To enable statistics gathering, remove the comment symbols (--) around the master.stats table in the servername.sql file. The default interval is 900 seconds.
UpdateAlertKey TRUE | FALSE
This property controls updates of the AlertKey field in an alert when deduplication occurs. If TRUE, when an alert is deduplicated, the AlertKey field from the new alert is copied into the existing alert before the new alert data is discarded. The default is FALSE.
This functionality is normally enabled using the deduplication control in the Cisco Info Server .sql file, as described in Forcing Updates on Deduplication.
UpdateSummary TRUE | FALSE
This property controls updates of the Summary field in an alert when deduplication occurs. If TRUE, when an alert is deduplicated, the Summary field from the new alert is copied into the existing alert before the alert data is discarded. The default is FALSE.
UpTime <integer>
Specifies the time when the server came up.
This property is read-only and is for use by upgrade scripts and other utilities.
Running the Cisco Info Server in Secure Mode
You can run the Cisco Info Server in secure mode. When you specify the -secure command line option, the Cisco Info Server authenticates the Cisco Info Mediator, gateway, and proxy server connection requests by requiring a user name and an encrypted password. When a connection request is sent, the Cisco Info Server issues an authentication message. The Cisco Info Mediator, gateway, or proxy server must respond with the correct user name and password.
If you do not specify the -secure option, no security checks are performed on the connection request.
When connecting to a secure Cisco Info Server, each Cisco Info Mediator and proxy server that makes a connection must have the AuthUserName and AuthPassword properties specified in its properties file. Each gateway must have the AUTH_USER and AUTH_PASSWORD commands in the gateway configuration file. If the user name and password combination is incorrect, the Cisco Info Server issues an error message and rejects the connection.
You can choose any valid user name for the AuthUserName property or AUTH_USER gateway command. To generate the encrypted password, use the $OMNIHOME/bin/nco_crypt <string> command, where <string> is the unencrypted password.
The command takes the unencrypted password and displays the encrypted password to be entered for the AuthPassword property or AUTH_PASSWORD gateway command.
For more information on running Cisco Info Mediators in secure mode, see Secure Mode. For more information on running gateways in secure mode, see Secure Mode. For more information on running proxy servers in secure mode, see Running the Proxy Server in Secure Mode.
Error Logging
The Cisco Info Server logs error messages and other informational messages to the $OMNIHOME/log/<servername>.log log file, depending on the setting of the DebugLevel property or the -debug command line option, where <servername> is the name of the Cisco Info Server. Use the -logfile command line option to specify the full path and file name of an alternate log file.
You can specify the -uniquelog command line option instead of the -logfile command line option to create a separate file each time the Cisco Info Server is run. The Cisco Info Server adds the process ID (PID) to the log file name.
Client Tool Updates Using IDUC
A large quantity of data passes between the Cisco Info Server and its Desktop client each time an Event List is updated. To prevent the Cisco Info Server from becoming overloaded with requests for Event List updates, the Cisco Info Server sends a prompt to the Desktop client each time an update is needed. The Desktop then requests the updated data from the Cisco Info Server.
This prompt is sent to the Desktop through a communication link that uses an Insert, Delete, Update, or Control (IDUC) communication protocol. The prompt instructs the Desktop to refresh all of the Event List displays. The IDUC protocol updates objective views and gateways in the same way.
The Desktop client connects to the Cisco Info Server using the port defined by the interfaces file to establish the IDUC communication link. The Desktop receives the socket number of the IDUC connection on which it will receive the Cisco Info Server prompts for the updates.
Specifying the IDUC Update Interval
The update interval is controlled by the Cisco Info Server Granularity property or -granularity the command line option, which is set to 60 seconds by default. The default value is optimal for most systems. Reducing it improves the response time of the Client tools, however, it greatly increases network traffic and Cisco Info Server load.
Specifying the IDUC Port
By default, when a Cisco Info Server starts, an available port number is chosen for the IDUC connection. You can also specify the IDUC port to use. You must specify the IDUC port when accessing a Cisco Info Server protected by a firewall.
You can define these ports by updating the /etc/services file.
The services file has an entry for each Cisco Info Server in the following format:
nco_<servername> <nnnn>/tcp
In this entry, <servername> is the name of the Cisco Info Server and <nnnn> is the port number.
The following are example entries for Cisco Info Servers named NCOMS and DENCO:
nco_NCOMS 7070/tcp
nco_DENCO 7071/tcpThe port can be set to any unused number outside the range from 1 to 1024, which are generally reserved as system numbers.
When the /etc/services file is managed by Network Information Service (NIS), you must make the entry in the NIS services file and then copy the updated configuration to all machines.
You can also use the -port option on the Cisco Info Server command line to specify IDUC ports.
Starting the Proxy Server
For introductory information about the proxy server, see the Cisco Info Center Installation and Configuration Guide, 3.6.
Use the $OMNIHOME/bin/nco_proxyserv [-name <proxy_name>] [-server <servername>] command to start the proxy server, where <proxy_name> is the name of the proxy server and <servername> is the name of the Cisco Info Server.
If you do not specify the -name command line option, nco_proxyserv attempts to start the NCO_PROXY proxy server. If you do not specify the -server command line option, nco_proxyserv buffers connections for the NCOMS Cisco Info Server.
For additional command line options, see Specifying Proxy Server Command Line Options. For additional properties, see Specifying Proxy Server Properties.
Note
Connecting to the Proxy Server
To connect Cisco Info Mediators to the proxy server, supply the proxy server name in the Server property in the Cisco Info Mediator properties file or use the -server command line option. All alerts are then sent to the proxy server.
Specifying Proxy Server Command Line Options
Command line options for the proxy server use the following format:
nco_proxyserv [-option [<parameter>]...]
In this command, -option is the command line option and <parameter> is the option parameter. Not every option has a parameter. Table 1-3 lists proxy server command line options.
Table 1-3 Proxy Server Command Line Options
-help
Displays the supported command line options and exits.
-logfile <string>
Sets the name of the file to which the proxy server writes messages, including errors. By default, the file is $OMNIHOME/log/<servername>.log.
-max <integer>
Sets the maximum number of available connections for Cisco Info Mediators. The minimum (and default) value is 30, and the maximum value is 250.
-name <string>
Sets the proxy server name. This name is configured in the Server Editor. The default is NCO_PROXY.
-propsfile <string>
Sets the proxy server properties file name. The default name is <servername>.props, where the <servername> is defined by the -name option.
-ratio <integer>
Sets the ratio of incoming connections from Cisco Info Mediators to outgoing connections to a Cisco Info Server. The default value of 10 creates a 10:1 ratio of incoming to outgoing connections.
-secure
Set the security mode of the proxy server. If this is set, the proxy server authenticates connection requests with a username and password. If disabled (the default), any Cisco Info Mediator can connect to the proxy server.
For more information about using secure mode, see Running the Proxy Server in Secure Mode.
-server <string>
Sets the name of the Cisco Info Server to which the proxy server connects. The default is NCOMS.
-version
Displays version information about the proxy server and exits.
Specifying Proxy Server Properties
If you do not specify a properties file when starting a proxy server, the default $OMNIHOME/etc/<proxyname>.props file is used, where <proxyname> is the name of the proxy server.
Use the -propsfile command line option to specify the full path and file name of an alternate properties file. Table 1-4 lists proxy server properties.
Table 1-4 Proxy Server Properties
AuthPassword <string>
The password associated with the user name used to authenticate the proxy server when it connects to a Cisco Info Server running in secure mode. This password must be encrypted with the nco_crypt utility. The default is ''.
For more information about using secure mode, see Running the Proxy Server in Secure Mode.
AuthUserName <string>
A user name used to authenticate the proxy server when it connects to a Cisco Info Server running in secure mode. The default is root.
For more information about using secure mode, see Running the Proxy Server in Secure Mode.
ConnectionRatio <integer>
Sets the ratio of incoming connections from Cisco Info Mediators to outgoing connections to a Cisco Info Server. The default value of 10 creates a 10:1 ratio of incoming to outgoing connections.
MaxConnections <integer>
Sets the maximum number of available connections for Cisco Info Mediators. The minimum (and default) value is 30, and the maximum value is 250.
RemoteServer <string>
Sets the name of the Cisco Info Server to which the proxy server connects. The default is NCOMS.
SecureMode TRUE | FALSE
Set the security mode of the proxy server. If TRUE, the proxy server authenticates connection requests with a user name and password. The default is FALSE; any Cisco Info Mediator can connect to the proxy server.
For more information about using secure mode, see Running the Proxy Server in Secure Mode.
ServerName <string>
Sets the proxy server name. This name is configured in the Server Editor. The default is NCO_PROXY.
Running the Proxy Server in Secure Mode
You can run the proxy server in secure mode. When you specify the -secure command line option, the proxy server authenticates Cisco Info Mediator connection requests by requiring a user name and an encrypted password. When a connection request is sent, the proxy server issues an authentication message. The Cisco Info Mediator must respond with the correct user name and password.
If you do not specify the -secure option, no security checks are performed on the connection request.
When connecting to a secure proxy server, each Cisco Info Mediator must have the AuthUserName and AuthPassword properties specified in its properties file. If the user name and password are incorrect, the proxy server issues an error message.
You can choose any valid user name for the AuthUserName property. To generate the encrypted AuthPassword, use the $OMNIHOME/bin/nco_crypt <string> command, where <string> is the unencrypted password. The command takes the unencrypted password and displays the encrypted password to be entered for the AuthPassword property.
In addition, if the Cisco Info Server is running in secure mode, the proxy server must have the AuthUserName and AuthPassword properties in its property file to connect the Cisco Info Server. This AuthPassword is also generated using the nco_crypt command. If the user name and password are incorrect, the Cisco Info Server issues an error message.
