Cisco Transport Manager GateWay/CORBA User's Guide and Programmer Manual, 7.0 - Appendix B: Server Administration and Configuration [Cisco Transport Manager]

Table Of Contents

Server Administration and Configuration

B.1  Creating an OSS Client Profile for CTM GateWay/CORBA

B.2  Deleting an OSS Client Profile for CTM GateWay/CORBA

B.3  Viewing Currently Logged In CTM GateWay/CORBA OSS Users

B.4  Logging Out Currently Logged In CTM GateWay/CORBA OSS Users

B.5  Using Encryption Between OSS Client and CTM Gateway/CORBA

B.6  Using Multiple Naming Servers

B.7  Naming Convention For Published CTM GateWay/CORBA Objects

B.8  Location of Naming Service IOR File

B.9  Useful Debugging Utilities for Resolving Naming Service-Related Issues

B.10  Configuring CTM GateWay/CORBA

B.11  Using the CLI to Start and Stop CTM GateWay/CORBA Services

B.12  Installation Program

B.13  CTM R6.0 to CTM R7.0 Migration

Server Administration and Configuration

This appendix includes information on the administration and configuration of CTM GateWay/CORBA. It provides the following information:

•Creating an OSS Client Profile for CTM GateWay/CORBA

•Deleting an OSS Client Profile for CTM GateWay/CORBA

•Viewing Currently Logged In CTM GateWay/CORBA OSS Users

•Logging Out Currently Logged In CTM GateWay/CORBA OSS Users

•Using Encryption Between OSS Client and CTM Gateway/CORBA

•Using Multiple Naming Servers

•Naming Convention For Published CTM GateWay/CORBA Objects

•Location of Naming Service IOR File

•Useful Debugging Utilities for Resolving Naming Service-Related Issues

•Configuring CTM GateWay/CORBA

•Using the CLI to Start and Stop CTM GateWay/CORBA Services

•Installation Program

•CTM R6.0 to CTM R7.0 Migration

B.1  Creating an OSS Client Profile for CTM GateWay/CORBA

GateWay/CORBA authenticates the OSS against a previously created user profile before allowing access to CTM. You can create up to sixteen OSS client profiles for CTM GateWay/CORBA sessions. Each OSS profile defines CTM GateWay/CORBA parameters, such as the OSS profile name, password, and IP address.

OSS client profiles are stored in the CTM GateWay/CORBA Users Table.

Step 1 Log into the CTM client with administrator privileges.

Step 2 In the Domain Explorer window, choose Administration > GW/CORBA Users.

Step 3 Either select Edit > Add, or click the Create a New User button.

Step 4 Enter the following OSS client information in the Add GW/CORBA User window:

•OSS Profile Name—The name of the OSS profile.

•Password—The password the OSS client uses to log into the CTM server. Confirm the password in the Confirm Password field.

Step 5 Click OK to confirm the information. Changes take effect immediately. The GW/CORBA Users Table gets a refresh event. If automatic refresh is turned on, the new OSS client profile appears as a new row in the table. If automatic refresh is turned off, click the Refresh button to see the new OSS client profile in the table.

Step 6 In the Control Panel window, choose Administration > GW/CORBA Users. The GW/CORBA Users wizard displays a profile for each OSS client that uses a CTM GateWay/CORBA service.

B.2  Deleting an OSS Client Profile for CTM GateWay/CORBA

Step 1 Log into the CTM client with administrator privileges.

Step 2 In the Domain Explorer window, choose Administration > GW/CORBA Users.

Step 3 The GW/CORBA Users Table displays the list of available OSS users.

Step 4 Select the OSS user to delete.

Step 5 Either select Edit > Delete, or click the Delete a User button to delete the OSS profile from the CTM database.

Step 6 Click OK to confirm the deletion. The OSS client profile name is deleted from the GW/CORBA Users Table.

Note If the OSS is connected to CTM when the profile is being deleted, CTM does not terminate the OSS session.

B.3  Viewing Currently Logged In CTM GateWay/CORBA OSS Users

Step 1 Log into the CTM client with administrator privileges.

Step 2 In the Domain Explorer window, choose Administration > GW/CORBA Users

Step 3 The GW/CORBA Users Table displays the list of available OSS users.

Step 4 Click the Show Logged in GW CORBA Users button.

Step 5 In the Active GW/CORBA Users Table, a list of currently logged-in users is displayed, including the OSS profile name, IP address to which the user is logged in, and the login time.

B.4  Logging Out Currently Logged In CTM GateWay/CORBA OSS Users

Step 1 Log into the CTM client with administrator privileges.

Step 2 In the Domain Explorer window, choose Administration > GW/CORBA Users

Step 3 The GW/CORBA Users Table displays the list of available OSS users.

Step 4 Click the Show Logged in GW CORBA Users button.

Step 5 In the Active GW/CORBA Users Table, a list of currently logged-in users is displayed, including the OSS profile name, IP address to which the user is logged in, and the login time.

Step 6 Select a user (a row from the table) that must be logged off.

Step 7 Click the Log Out GW CORBA User button.

Step 8 The user session is cleared from the Active GW/CORBA Users Table. You will notice the loss of session during the next ping cycle or when you try to perform an operation on another manager. Some examples of user operations are:

•If the user is connected and performs a query operation on the EMS. The OSS user starts to query the EMS by getting a fresh object reference from the manager through an emsSession query. Since the session has been cleared by the GateWay/CORBA service, the OSS user will receive an exception and hence notice the loss of session.

•CTM client forcefully logs out the user. The OSS user will not immediately notice the loss of session when the CTM client force a logout. To immediately log out the user, the GateWay/CORBA service needs to make a call to the NMS session interface, which forces the OSS client applications to modify their shutdown application. This is not a preferred method.

•The GateWay/CORBA service clears the session information of the user from its internal memory and database.

Note You will not know about this session loss until the next ping cycle (periodic ping is done by the connected OSS on the EMS session to verify that the session is active), or when you try to do an operation on another manager (for example, a managed element manager). You will receive an exception when you start querying a manager. A fresh object reference to the manager object is created as a result of the session that is cleared by the CTM GateWay/CORBA service.

Note To effect an immediate logout, GateWay/CORBA must issue a call on the NMS Session interface to force OSS client applications to change for graceful shutdown.

B.5  Using Encryption Between OSS Client and CTM Gateway/CORBA

CTM R7.0 uses improved encryption of usernames and passwords for network security.

You can set the CTM client Control Panel to send encrypted usernames and passwords to CTM GateWay/CORBA:

Step 1 Log into the CTM client with administrator privileges.

Step 2 In the Domain Explorer window, choose Administration > Control Panel.

Step 3 Click the GateWay/CORBA Service tab for the GateWay/CORBA Service property sheet.

Step 4 Click the Global tab and mark the check box for "Enable Encryption for Username and password".

Step 5 Click Save; then, click Yes in the confirmation dialog box. Changes take effect immediately.

If the OSS clients enable the encryption feature, they must provide implementation for RSA-based encryption by retrieving the RSA Public Key or the Public Key Pair from GateWay/CORBA and by using cryptographic libraries.

•To obtain the RSA Public Key from CTM, use the emsSessionFactory::EmsSessionFactory_I::getEmsPublicKey API. See the "3.4.2  emsSessionFactory::EmsSessionFactory_I::getEmsPublicKey" section on page 3-39 for details.

•To obtain the RSA Public Key Pair from CTM, use the emsSessionFactory::EmsSessionFactory_I::getEmsPublicKeyPair API. See the "3.4.3  emsSessionFactory::EmsSessionFactory_I::getEmsPublicKeyPair" section on page 3-40 for details.

CTM returns the string representation of the RSA Public Key or Public Key Pair, encoded in the Base64 encoding scheme. OSS clients should use Base64 decoders to decode the public key and get the byte[] of the public key from the decoded public key string. The byte[] corresponding to the public key represents the key in its primary encoded format (X.509 SubjectPublicKeyInfo). Using this byte[] and cryptographic libraries, the RSA Public Key can be created.

One example of the security provider is Bouncy Castle Provider.

Use the public key to encrypt the username and password. Before passing the encrypted username and password to CTM for login, OSS clients should encode the encrypted username and password by using Base64 encoders to obtain the string equivalent of the encrypted data.

Note Use cryptographic libraries implementing RSA Public Key encryption supporting the "PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2), PKCS1Padding" encoding scheme. CTM does not provide these cryptographic libraries.

B.6  Using Multiple Naming Servers

CTM registers with multiple naming servers. Add the following parameters to the CTM_server_installation_directory/cfg/corbagw.properties config file:
corbagw.namingservice.ServerList=ctmc4-u80,ctm7-u60 - (default value is empty)
corbagw.namingservice.RootIORLoc=/namingroot.ior - (default value)
The first parameter lists all hosts on which naming service is running. These hosts should be reachable from the CTM server host. In addition, the Hypertext Transfer Protocol (HTTP) server must be running on all naming service hosts. The naming service root Interoperable Object Reference (IOR) must be published in a file. The location and name of the file are defined by the second parameter.

In addition to these naming service hosts, CTM registers itself with the local naming service. This naming service is bundled with CTM.

B.7  Naming Convention For Published CTM GateWay/CORBA Objects

CTM GateWay/CORBA publishes two top-level objects: EMSSessionFactory and NotificationChannel. CTM creates these objects and registers them with the CORBA name server.

CTM GateWay/CORBA creates naming contexts under the root as shown in Figure B-1. The last context in the tree must have a different name. To change this value in the CTM client GUI:

Step 1 Log into the CTM client with the appropriate CTM user access profile.

Step 2 In the Domain Explorer window, click the CTM Domain node.

Step 3 In the Management Domain Properties sheet, click the Identification tab.

Step 4 In the EMS Domain section, look for EMS ID. The value of this field should be used as the "id" field for context, where "kind" equals "EMS." The default value is CTM. By using different names, you can install multiple instances of CTM and use a centralized naming server and repository.

Figure B-1 shows the naming scheme for CTM GateWay/CORBA objects.

Figure B-1 Naming Scheme for CTM GateWay/CORBA objects

B.8  Location of Naming Service IOR File

The naming service IOR is located at: /opt/CiscoTransportManagerServer/openfusion/domains/OpenFusion/localhost/NameService/NameSingleton/NameSingleton.ior.

B.9  Useful Debugging Utilities for Resolving Naming Service-Related Issues

The following are samples of CTM commands (bundled utility programs) for debugging name service connectivity issues:

Obtain the list of registered objects in the OpenFusion naming service:
setenv PATH /opt/CiscoTransportManagerServer/openfusion/bin:$PATH
setenv NS_IOR_LOCATION 
file:///opt/CiscoTransportManagerServer/openfusion/domains/OpenFusion/localhost/NameServic
e/NameSingleton/NameSingleton.ior
nsMgrTool -l 
Decode an IOR file:
setenv PATH /opt/CiscoTransportManagerServer/openfusion/bin:$PATH
dior -f <IOR file name>, or
dior -i <IOR string> 
Check if the Naming Service is running:
setenv PATH /opt/CiscoTransportManagerServer/openfusion/bin:$PATH
server -status NameService
Note nsMgrTool, dior and server utility tools are located in /opt/CiscoTransportManagerServer/openfusion/bin directory.

B.10  Configuring CTM GateWay/CORBA

The following CTM GateWay/CORBA properties can be configured from the CTM GateWay/CORBA control panel.

Step 1 From the Domain Explorer, select Administration > Control Panel.

Step 2 In the Control Panel, select GateWay/CORBA Service. Configure the following properties:

Note If CTM GateWay/CORBA is running, changes to the config file do not take effect dynamically. You must restart CTM GateWay/CORBA for the changes to take effect. The following properties can be changed to modify CTM GateWay/CORBA functionality:

•Enable Encryption for username and password:

This property defines whether the username and password that will be used for the CTM GateWay/CORBA client will be encrypted.

•Heartbeat for Notification Channel (min): 0

This property is the rate at which the notification service is checked. A zero entry means not to check the notification service.

•Enter the maximum number of simultaneous sessions: 4

This property is the number of CTM GateWay/CORBA sessions that can be active at the same time. Range is from 4 to 25.

•Enter the maximum events per consumer: 10000

CTM GateWay/CORBA uses this property to set the MaxEventsPerConsumer administrative QoS parameter of the notification channel. The notification server uses this property to bound the maximum number of events in a given channel that are allowed to queue at any given time. The default value is 0, where the notification server does not impose a limit on the maximum number of events that can be queued. If no limits are imposed on the queue, the notification server might run out of memory if a client behaves incorrectly. The server must keep all events in memory until they are consumed by all registered consumers.

Caution Any change to this value should be made with extreme caution. If you set the value too low, the NMS will not receive all notifications. If you set the value too high, the CTM notification server will run out of memory. The current value is set to handle alarm bursts of 10,000 events per minute.

•Enter the notification service name: NotificationService

This property defines the service name that the resolve_initial_reference function uses to get a reference to the notification service. The CTM GateWay/CORBA installation installs the notification service automatically. To use your own notification service, modify this parameter.

Tip You do not need to change this parameter if you plan to use the notification service that is bundled with CTM GateWay/CORBA.

•Enter the notification service naming context: services/NotifyChannelFactory

NamingContext defines the naming context of NotificationService. This property is used when resolve_initial_reference fails to resolve NotificationService. CTM GateWay/CORBA contacts the naming service to resolve the name context defined in this property. The value of this property must match the value published by your notification server.

Tip You do not need to change this parameter if you plan to use the notification service that is bundled with CTM GateWay/CORBA.

•Enter the notification service factory IOR filename: [file:/opt/CiscoTransportManagerServer/openfusion/domains/OpenFusion/localhost/NotificationService/NotificatonSingleton/NotificationService.ior]

The FactoryIORFile property defines the path to a text file that contains the IOR of NotificationService. This property is used only after resolve_initial_reference and naming service fail. CTM GateWay/CORBA opens the file as defined by the URL format in this property and attempts to retrieve the IOR from this file. This parameter lets you run your notification service on a different host to improve performance.

Tip You do not need to change this parameter if you plan to use the notification service that is bundled with CTM GateWay/CORBA.

•Enter the notification service listening port number: 0

This property is used to set the port that the notification service uses to listen for incoming requests. The port number is set in the IOR for the notification service. The use IOR and use IOR endpoint properties will be set properly. Default port number is zero, which signifies the port number to be allocated by the operating system.

•Enter the session port number: 0

This property configures the IIOP listening port. The CTM GateWay/CORBA service listens to CORBA requests on this port. If this property is not specified in the corbagw.properties file, the listener port number is allocated by the operating system.

•Enter the name service server list:

The ServerList property defines where the name servers are running. This property takes a comma-separated list of host names.

•Enter the name service root IOR:

The RootIORLoc property defines the path used to find the naming service IOR on each host defined in ServerList. The complete path is constructed as http://<item_of_ServerList><RootIORLoc>

•Error level: Minor

This defines the error level of messages to log.

This GateWay/CORBA property can be configured by modifying a configuration file. This file is located at <CTM Server Installation Dir>/cfg/corbagw.properties.

•corbagw.CTP.getLayeredParameters=false

This property by default is not enabled. If the NMS requires CTP-related transmission parameters to be included as part of an object reporting TerminationPoint_T structure, then this property must be set to true. However, the ManagedElementMgr_I.getTP interface is independent of this property setting.

B.11  Using the CLI to Start and Stop CTM GateWay/CORBA Services

CTM can manage GateWay/CORBA service from the command line:

•To start a GateWay/CORBA service, run /opt/CiscoTransportManagerServer/bin/gwcorba-start script from the command line.

•To stop a GateWay/CORBA service, run /opt/CiscoTransportManagerServer/bin/gwcorba-stop script from the command line.

Only CTM users with administrative privilege can run these scripts. If CTM GateWay/CORBA service is already running and you attempt to gw-start, the script exits displaying the message "GWCORBA already running." If GateWay/CORBA service is stopped and you attempt to gw-stop, the script exits displaying the message "GWCORBA not running".

You must have a CTM username and password with SysAdmin or SuperUser profile to start or stop the scripts.

B.12  Installation Program

The CTM installation program installs the CTM GateWay/CORBA component, which includes OpenFusion 4.2 Notification Service from Prism Technologies, Inc. IDL files are installed under the /opt/CiscoTransportManagerServer/idl directory. See Cisco Transport Manager Release 7.0 Installation Guide for more information.

B.13  CTM R6.0 to CTM R7.0 Migration

No migration is needed from CTM 6.0 to CTM R7.0 for the Gateway/CORBA.

	Cisco Transport Manager GateWay/CORBA User's Guide and Programmer Manual, 7.0
	Appendix B: Server Administration and Configuration
Cisco Transport Manager GateWay/CORBA User's Guide and Programmer Manual, 7.0 Preface Chapter 1: Overview of CTM GateWay/CORBA Chapter 2: NE- and CTM-Specific Details Chapter 3: Using CTM GateWay/CORBA Interfaces Appendix A: Notifications, Fault Management, and Probable Cause Mapping Appendix B: Server Administration and Configuration Appendix C: OSS Client Development and Use Cases Appendix D: ONS 15501, ONS 15530, and ONS 15540 Equipment List	Download this chapter Appendix B: Server Administration and Configuration Download the complete book Cisco Transport Manager GateWay/CORBA Release 7.0 User Guide and Programmer's Manual (pdf file) (PDF - 6 MB) Table Of Contents Server Administration and Configuration B.1 Creating an OSS Client Profile for CTM GateWay/CORBA B.2 Deleting an OSS Client Profile for CTM GateWay/CORBA B.3 Viewing Currently Logged In CTM GateWay/CORBA OSS Users B.4 Logging Out Currently Logged In CTM GateWay/CORBA OSS Users B.5 Using Encryption Between OSS Client and CTM Gateway/CORBA B.6 Using Multiple Naming Servers B.7 Naming Convention For Published CTM GateWay/CORBA Objects B.8 Location of Naming Service IOR File B.9 Useful Debugging Utilities for Resolving Naming Service-Related Issues B.10 Configuring CTM GateWay/CORBA B.11 Using the CLI to Start and Stop CTM GateWay/CORBA Services B.12 Installation Program B.13 CTM R6.0 to CTM R7.0 Migration Server Administration and Configuration This appendix includes information on the administration and configuration of CTM GateWay/CORBA. It provides the following information: •Creating an OSS Client Profile for CTM GateWay/CORBA •Deleting an OSS Client Profile for CTM GateWay/CORBA •Viewing Currently Logged In CTM GateWay/CORBA OSS Users •Logging Out Currently Logged In CTM GateWay/CORBA OSS Users •Using Encryption Between OSS Client and CTM Gateway/CORBA •Using Multiple Naming Servers •Naming Convention For Published CTM GateWay/CORBA Objects •Location of Naming Service IOR File •Useful Debugging Utilities for Resolving Naming Service-Related Issues •Configuring CTM GateWay/CORBA •Using the CLI to Start and Stop CTM GateWay/CORBA Services •Installation Program •CTM R6.0 to CTM R7.0 Migration B.1 Creating an OSS Client Profile for CTM GateWay/CORBA GateWay/CORBA authenticates the OSS against a previously created user profile before allowing access to CTM. You can create up to sixteen OSS client profiles for CTM GateWay/CORBA sessions. Each OSS profile defines CTM GateWay/CORBA parameters, such as the OSS profile name, password, and IP address. OSS client profiles are stored in the CTM GateWay/CORBA Users Table. Step 1 Log into the CTM client with administrator privileges. Step 2 In the Domain Explorer window, choose Administration > GW/CORBA Users. Step 3 Either select Edit > Add, or click the Create a New User button. Step 4 Enter the following OSS client information in the Add GW/CORBA User window: •OSS Profile Name—The name of the OSS profile. •Password—The password the OSS client uses to log into the CTM server. Confirm the password in the Confirm Password field. Step 5 Click OK to confirm the information. Changes take effect immediately. The GW/CORBA Users Table gets a refresh event. If automatic refresh is turned on, the new OSS client profile appears as a new row in the table. If automatic refresh is turned off, click the Refresh button to see the new OSS client profile in the table. Step 6 In the Control Panel window, choose Administration > GW/CORBA Users. The GW/CORBA Users wizard displays a profile for each OSS client that uses a CTM GateWay/CORBA service. B.2 Deleting an OSS Client Profile for CTM GateWay/CORBA Step 1 Log into the CTM client with administrator privileges. Step 2 In the Domain Explorer window, choose Administration > GW/CORBA Users. Step 3 The GW/CORBA Users Table displays the list of available OSS users. Step 4 Select the OSS user to delete. Step 5 Either select Edit > Delete, or click the Delete a User button to delete the OSS profile from the CTM database. Step 6 Click OK to confirm the deletion. The OSS client profile name is deleted from the GW/CORBA Users Table. Note If the OSS is connected to CTM when the profile is being deleted, CTM does not terminate the OSS session. B.3 Viewing Currently Logged In CTM GateWay/CORBA OSS Users Step 1 Log into the CTM client with administrator privileges. Step 2 In the Domain Explorer window, choose Administration > GW/CORBA Users Step 3 The GW/CORBA Users Table displays the list of available OSS users. Step 4 Click the Show Logged in GW CORBA Users button. Step 5 In the Active GW/CORBA Users Table, a list of currently logged-in users is displayed, including the OSS profile name, IP address to which the user is logged in, and the login time. B.4 Logging Out Currently Logged In CTM GateWay/CORBA OSS Users Step 1 Log into the CTM client with administrator privileges. Step 2 In the Domain Explorer window, choose Administration > GW/CORBA Users Step 3 The GW/CORBA Users Table displays the list of available OSS users. Step 4 Click the Show Logged in GW CORBA Users button. Step 5 In the Active GW/CORBA Users Table, a list of currently logged-in users is displayed, including the OSS profile name, IP address to which the user is logged in, and the login time. Step 6 Select a user (a row from the table) that must be logged off. Step 7 Click the Log Out GW CORBA User button. Step 8 The user session is cleared from the Active GW/CORBA Users Table. You will notice the loss of session during the next ping cycle or when you try to perform an operation on another manager. Some examples of user operations are: •If the user is connected and performs a query operation on the EMS. The OSS user starts to query the EMS by getting a fresh object reference from the manager through an emsSession query. Since the session has been cleared by the GateWay/CORBA service, the OSS user will receive an exception and hence notice the loss of session. •CTM client forcefully logs out the user. The OSS user will not immediately notice the loss of session when the CTM client force a logout. To immediately log out the user, the GateWay/CORBA service needs to make a call to the NMS session interface, which forces the OSS client applications to modify their shutdown application. This is not a preferred method. •The GateWay/CORBA service clears the session information of the user from its internal memory and database. Note You will not know about this session loss until the next ping cycle (periodic ping is done by the connected OSS on the EMS session to verify that the session is active), or when you try to do an operation on another manager (for example, a managed element manager). You will receive an exception when you start querying a manager. A fresh object reference to the manager object is created as a result of the session that is cleared by the CTM GateWay/CORBA service. Note To effect an immediate logout, GateWay/CORBA must issue a call on the NMS Session interface to force OSS client applications to change for graceful shutdown. B.5 Using Encryption Between OSS Client and CTM Gateway/CORBA CTM R7.0 uses improved encryption of usernames and passwords for network security. You can set the CTM client Control Panel to send encrypted usernames and passwords to CTM GateWay/CORBA: Step 1 Log into the CTM client with administrator privileges. Step 2 In the Domain Explorer window, choose Administration > Control Panel. Step 3 Click the GateWay/CORBA Service tab for the GateWay/CORBA Service property sheet. Step 4 Click the Global tab and mark the check box for "Enable Encryption for Username and password". Step 5 Click Save; then, click Yes in the confirmation dialog box. Changes take effect immediately. If the OSS clients enable the encryption feature, they must provide implementation for RSA-based encryption by retrieving the RSA Public Key or the Public Key Pair from GateWay/CORBA and by using cryptographic libraries. •To obtain the RSA Public Key from CTM, use the emsSessionFactory::EmsSessionFactory_I::getEmsPublicKey API. See the "3.4.2 emsSessionFactory::EmsSessionFactory_I::getEmsPublicKey" section on page 3-39 for details. •To obtain the RSA Public Key Pair from CTM, use the emsSessionFactory::EmsSessionFactory_I::getEmsPublicKeyPair API. See the "3.4.3 emsSessionFactory::EmsSessionFactory_I::getEmsPublicKeyPair" section on page 3-40 for details. CTM returns the string representation of the RSA Public Key or Public Key Pair, encoded in the Base64 encoding scheme. OSS clients should use Base64 decoders to decode the public key and get the byte[] of the public key from the decoded public key string. The byte[] corresponding to the public key represents the key in its primary encoded format (X.509 SubjectPublicKeyInfo). Using this byte[] and cryptographic libraries, the RSA Public Key can be created. One example of the security provider is Bouncy Castle Provider. Use the public key to encrypt the username and password. Before passing the encrypted username and password to CTM for login, OSS clients should encode the encrypted username and password by using Base64 encoders to obtain the string equivalent of the encrypted data. Note Use cryptographic libraries implementing RSA Public Key encryption supporting the "PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2), PKCS1Padding" encoding scheme. CTM does not provide these cryptographic libraries. B.6 Using Multiple Naming Servers CTM registers with multiple naming servers. Add the following parameters to the CTM_server_installation_directory/cfg/corbagw.properties config file: corbagw.namingservice.ServerList=ctmc4-u80,ctm7-u60 - (default value is empty) corbagw.namingservice.RootIORLoc=/namingroot.ior - (default value) The first parameter lists all hosts on which naming service is running. These hosts should be reachable from the CTM server host. In addition, the Hypertext Transfer Protocol (HTTP) server must be running on all naming service hosts. The naming service root Interoperable Object Reference (IOR) must be published in a file. The location and name of the file are defined by the second parameter. In addition to these naming service hosts, CTM registers itself with the local naming service. This naming service is bundled with CTM. B.7 Naming Convention For Published CTM GateWay/CORBA Objects CTM GateWay/CORBA publishes two top-level objects: EMSSessionFactory and NotificationChannel. CTM creates these objects and registers them with the CORBA name server. CTM GateWay/CORBA creates naming contexts under the root as shown in Figure B-1. The last context in the tree must have a different name. To change this value in the CTM client GUI: Step 1 Log into the CTM client with the appropriate CTM user access profile. Step 2 In the Domain Explorer window, click the CTM Domain node. Step 3 In the Management Domain Properties sheet, click the Identification tab. Step 4 In the EMS Domain section, look for EMS ID. The value of this field should be used as the "id" field for context, where "kind" equals "EMS." The default value is CTM. By using different names, you can install multiple instances of CTM and use a centralized naming server and repository. Figure B-1 shows the naming scheme for CTM GateWay/CORBA objects. Figure B-1 Naming Scheme for CTM GateWay/CORBA objects B.8 Location of Naming Service IOR File The naming service IOR is located at: /opt/CiscoTransportManagerServer/openfusion/domains/OpenFusion/localhost/NameService/NameSingleton/NameSingleton.ior. B.9 Useful Debugging Utilities for Resolving Naming Service-Related Issues The following are samples of CTM commands (bundled utility programs) for debugging name service connectivity issues: Obtain the list of registered objects in the OpenFusion naming service: setenv PATH /opt/CiscoTransportManagerServer/openfusion/bin:$PATH setenv NS_IOR_LOCATION file:///opt/CiscoTransportManagerServer/openfusion/domains/OpenFusion/localhost/NameServic e/NameSingleton/NameSingleton.ior nsMgrTool -l Decode an IOR file: setenv PATH /opt/CiscoTransportManagerServer/openfusion/bin:$PATH dior -f <IOR file name>, or dior -i <IOR string> Check if the Naming Service is running: setenv PATH /opt/CiscoTransportManagerServer/openfusion/bin:$PATH server -status NameService Note nsMgrTool, dior and server utility tools are located in /opt/CiscoTransportManagerServer/openfusion/bin directory. B.10 Configuring CTM GateWay/CORBA The following CTM GateWay/CORBA properties can be configured from the CTM GateWay/CORBA control panel. Step 1 From the Domain Explorer, select Administration > Control Panel. Step 2 In the Control Panel, select GateWay/CORBA Service. Configure the following properties: Note If CTM GateWay/CORBA is running, changes to the config file do not take effect dynamically. You must restart CTM GateWay/CORBA for the changes to take effect. The following properties can be changed to modify CTM GateWay/CORBA functionality: •Enable Encryption for username and password: This property defines whether the username and password that will be used for the CTM GateWay/CORBA client will be encrypted. •Heartbeat for Notification Channel (min): 0 This property is the rate at which the notification service is checked. A zero entry means not to check the notification service. •Enter the maximum number of simultaneous sessions: 4 This property is the number of CTM GateWay/CORBA sessions that can be active at the same time. Range is from 4 to 25. •Enter the maximum events per consumer: 10000 CTM GateWay/CORBA uses this property to set the MaxEventsPerConsumer administrative QoS parameter of the notification channel. The notification server uses this property to bound the maximum number of events in a given channel that are allowed to queue at any given time. The default value is 0, where the notification server does not impose a limit on the maximum number of events that can be queued. If no limits are imposed on the queue, the notification server might run out of memory if a client behaves incorrectly. The server must keep all events in memory until they are consumed by all registered consumers. Caution Any change to this value should be made with extreme caution. If you set the value too low, the NMS will not receive all notifications. If you set the value too high, the CTM notification server will run out of memory. The current value is set to handle alarm bursts of 10,000 events per minute. •Enter the notification service name: NotificationService This property defines the service name that the resolve_initial_reference function uses to get a reference to the notification service. The CTM GateWay/CORBA installation installs the notification service automatically. To use your own notification service, modify this parameter. Tip You do not need to change this parameter if you plan to use the notification service that is bundled with CTM GateWay/CORBA. •Enter the notification service naming context: services/NotifyChannelFactory NamingContext defines the naming context of NotificationService. This property is used when resolve_initial_reference fails to resolve NotificationService. CTM GateWay/CORBA contacts the naming service to resolve the name context defined in this property. The value of this property must match the value published by your notification server. Tip You do not need to change this parameter if you plan to use the notification service that is bundled with CTM GateWay/CORBA. •Enter the notification service factory IOR filename: [file:/opt/CiscoTransportManagerServer/openfusion/domains/OpenFusion/localhost/NotificationService/NotificatonSingleton/NotificationService.ior] The FactoryIORFile property defines the path to a text file that contains the IOR of NotificationService. This property is used only after resolve_initial_reference and naming service fail. CTM GateWay/CORBA opens the file as defined by the URL format in this property and attempts to retrieve the IOR from this file. This parameter lets you run your notification service on a different host to improve performance. Tip You do not need to change this parameter if you plan to use the notification service that is bundled with CTM GateWay/CORBA. •Enter the notification service listening port number: 0 This property is used to set the port that the notification service uses to listen for incoming requests. The port number is set in the IOR for the notification service. The use IOR and use IOR endpoint properties will be set properly. Default port number is zero, which signifies the port number to be allocated by the operating system. •Enter the session port number: 0 This property configures the IIOP listening port. The CTM GateWay/CORBA service listens to CORBA requests on this port. If this property is not specified in the corbagw.properties file, the listener port number is allocated by the operating system. •Enter the name service server list: The ServerList property defines where the name servers are running. This property takes a comma-separated list of host names. •Enter the name service root IOR: The RootIORLoc property defines the path used to find the naming service IOR on each host defined in ServerList. The complete path is constructed as http://<item_of_ServerList><RootIORLoc> •Error level: Minor This defines the error level of messages to log. This GateWay/CORBA property can be configured by modifying a configuration file. This file is located at <CTM Server Installation Dir>/cfg/corbagw.properties. •corbagw.CTP.getLayeredParameters=false This property by default is not enabled. If the NMS requires CTP-related transmission parameters to be included as part of an object reporting TerminationPoint_T structure, then this property must be set to true. However, the ManagedElementMgr_I.getTP interface is independent of this property setting. B.11 Using the CLI to Start and Stop CTM GateWay/CORBA Services CTM can manage GateWay/CORBA service from the command line: •To start a GateWay/CORBA service, run /opt/CiscoTransportManagerServer/bin/gwcorba-start script from the command line. •To stop a GateWay/CORBA service, run /opt/CiscoTransportManagerServer/bin/gwcorba-stop script from the command line. Only CTM users with administrative privilege can run these scripts. If CTM GateWay/CORBA service is already running and you attempt to gw-start, the script exits displaying the message "GWCORBA already running." If GateWay/CORBA service is stopped and you attempt to gw-stop, the script exits displaying the message "GWCORBA not running". You must have a CTM username and password with SysAdmin or SuperUser profile to start or stop the scripts. B.12 Installation Program The CTM installation program installs the CTM GateWay/CORBA component, which includes OpenFusion 4.2 Notification Service from Prism Technologies, Inc. IDL files are installed under the /opt/CiscoTransportManagerServer/idl directory. See Cisco Transport Manager Release 7.0 Installation Guide for more information. B.13 CTM R6.0 to CTM R7.0 Migration No migration is needed from CTM 6.0 to CTM R7.0 for the Gateway/CORBA.
	© 1992-2009 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.