-
User Guide for CiscoWorks Common Services 3.1.1
-
Open Source License Acknowledgements
-
Preface
-
Chapter 1 Overview of Common Services
-
Chapter 2 Interacting With CiscoWorks Home Page
-
Chapter 3 Using Common Services Home
-
Chapter 4 Configuring the Server
-
Chapter 5 Managing Device and Credentials
-
Chapter 6 Administering Groups
-
Chapter 7 Using LMS Setup Center
-
Chapter 8 Using Device Center
-
Chapter 9 Working With Software Center
-
Chapter 10 Diagnosing Problems With CiscoWorks Server
-
Appendix A Understanding CiscoWorks Security
-
Appendix B Acronyms Used in Common Services Documentation
-
Index
-
Table Of Contents
Managing Device and Credentials
Using the Device and Credential Admin
Configuring Device Discovery Settings
Configuring Discovery Module Settings
Configuring Seed Device Settings
Configuring Discovery Filter Settings
Configuring Global Discovery Settings
Viewing Discovery Settings Summary
Viewing Device Discovery Settings
Viewing Device Discovery Details
Viewing Device Discovery Summary
Activities Performed From Device Discovery Details Windows
Importing Devices and Credentials
Sample CSV Files and XML Files
Exporting Devices and Credentials
Generating Device and Credential Admin Reports
Devices Not Configured In ACS Report
Selecting Devices for Device Management Tasks
Selecting Devices From All Tab
Selecting Devices From Search Results
Combination of Selection From All Tab and Search Results
Customizing Display Order of Device Groups
Administering Device and Credential Repository
Configuring User Defined Fields
Configuring Default Credentials
Using Discovery Features Through CLI
Starting Device Discovery Through CLI
Stopping Device Discovery Through CLI
Viewing Device Discovery Status Through CLI
Using DCR Features Through CLI
Viewing the Current DCR Mode Using CLI
Export to ACS Server Using CLI
Implications of ACS Login Module on DCR
Using DCR Features in a Master-Slave Setup
Using Device Discovery in Master-Slave Setup and ACS Mode
Managing Device and Credentials
The Device and Credential Repository (DCR) is a common repository of devices, their attributes, and credentials, meant to be used by various network management applications. The Device and Credential Admin provides an interface to administer DCR.
The following sections provide information on DCR features:
•
Using the Device and Credential Admin
•
•
•
•
•
•
Understanding DCR
DCR helps multiple applications share device lists and credentials using a client-server mechanism, with secured storage and communications. The applications can read or retrieve the information.
These applications can also update the information in DCR so that the updated information could be shared with other applications.
DCR provides:
•
•
•
•
•
DCR also:
•
•
•
•
•
•
This section contains the following:
Device Management Types
DCR supports the following four types of device management:
•
Devices such as Routers, Switches, Hubs, and other common devices are managed using this management type.
•
The CiscoWorks Auto Update Server is a web-based interface for upgrading device configuration files and software images on firewalls that use the auto update feature. You can use this interface to add, edit, and delete devices.
•
The Cisco clusters and their member devices are managed using this device management type.
•
The CNS managed devices refer to the devices managed by Cisco Networking Services.
Device Attributes
Device attributes are unique to each device and they identify a device. Device attributes are unique to each device and are used to identify device properties, such as device name and host name.
The following attributes are stored in the repository:
Individual applications interact with the repository to get the device list, device attributes, and device credentials.
Mandatory Attributes
The mandatory attributes are:
•
•
Apart from these attributes, there are few attributes that are mandatory for each management type of devices. They are:
•
•
•
The Display Name and the Host Name/Domain Name combination must be unique for each device in DCR. A device will be considered duplicate if:
•
•
•
•
Device Credentials
Device credentials are values that are used by applications to access and operate on devices. It is typically a SNMP community string or a user ID and password. A device credential accesses a managed device such as a switch or router.
Credentials are encrypted and stored in DCR. The maximum length of a credential after encryption is 128 characters and credentials must not exceed this limit.
This section contains the following:
•
Device Credentials in DCR
The following credentials can be associated with a device in DCR:
Secondary Credentials
DCR stores both the primary and secondary device credentials. Secondary credentials comprise a username, a password and a console-enabled password for the devices. You can use the secondary credentials as a fallback to access the devices if you cannot access them using primary credentials.
For example, assume you have configured devices in your network to be in TACACS mode and you have stored the TACACS credentials as the primary credentials. The local username and password are stored as secondary credentials to access devices. If the AAA server is not running, you cannot access the devices using primary TACACS credentials. Instead, you can use the secondary credentials as a fallback to access the devices in your network.
SNMP Credentials
The SNMP credentials are used to access the devices in the network.
DCR stores both:
•
•
The SNMPv3 protocol provides the security features such as message integrity, authentication, and encryption based on the security levels.
The following table lists the SNMP security levels and the SNMP credentials stored in DCR for each level:
SNMPv2
NoAuthNoPriv1
Uses a community string match for authentication
Not Supported
•
•
SNMPv3
NoAuthNoPriv
Uses a username match for authentication
Not Supported
•
AuthNoPriv
Provides authentication based on the authentication algorithms (MD5 or SHA)
Not Supported
•
•
•
AuthPriv
Provides authentication based on the authentication algorithms (MD5 or SHA)
Provides encryption based on the privacy algorithm such as DES, 3DES, AES128, AES192, and AES256
•
•
•
•
•
1 SNMPv2 supports only the NoAuthNoPriv security level.
During the configuration of SNMP credentials, if you:
•
•
•
Device Credentials of Other Management Types
DCR supports Cisco Cluster Management Suites, Auto Update Servers and the managed devices, CNS Configuration Engine and CNS Managed devices, using a mix of standard and additional attributes and credentials.
•
•
–
–
•
–
–
–
•
–
–
DCR Architecture
The sharing of device list and credentials among various network management products is achieved through a Client-Server mechanism. The clients are network management applications that use DCR. The server is called the DCR Server.
DCR works based on a Master-Slave model. DCR Server can also be in Standalone mode.
•
Refers to the master repository of device list and credential data. The Master hosts the authoritative, or a master-list of all devices and their credentials. All other DCRs in the same management domain that are running in Slave mode, normally shares this list.
There is only one Master repository for each management domain, and it contains the most up-to-date device list and credentials.
DCR Master Server communicates with its Slaves through the HTTPS port. If there is a firewall in between the CiscoWorks Servers of the same DCR management domain, you must:
–
–
Only then the peer certificates can be exchanged and the communication could happen between the DCR Master and Slave servers.
Changes to the repository data in DCR Master are properly propagated to Slaves although you block or close the HTTPS port of DCR Slave Server in firewall. However the DCR status of Slave server is displayed as Unreachable in DCR Master.
But you should never block the HTTPS port of DCR Master Server in firewall. Otherwise communication between the servers in the same management domain will not happen.
Note
•
Refers to a repository that is an exact replica of the Master.
DCR Slaves are slave instances of DCR in other servers and provide transparent access to applications installed in those servers.
Any change to the repository data occurs first in the Master, and those changes are propagated to multiple Slaves. There can be more than one Slave in a management domain.
The Slave:
–
–
–
Note
DCR running in Master or Slave mode always has an associated DCR Group ID that indicates the Server's management domain. This Group ID is generated when a DCR is set to Master mode, and communicated to all Slaves assigned to that Master.
•
In Standalone mode, DCR maintains an independent repository of device list and credential data. It does not participate in a management domain and its data is not shared with any other DCR. It does not communicate with or contain registration information about any other Master, Slave, or Standalone DCR.
The DCR mode is set to Standalone, by default, after a fresh installation of Common Services on the CiscoWorks Server.
Using the Device and Credential Admin
Device and Credential Admin helps you in:
•
•
Discovering Devices
Common Services Device Discovery allows to discover the devices from the network starting from the seed devices and updates the device information in DCR. Device Discovery data contains the information about the neighboring devices of seed devices you have specified.
Using the Device Discovery feature in Common Services, you can:
•
•
•
•
•
•
Read the following notes before you configure the settings and start the Device Discovery:
•
However to view the Device Discovery summary, anyone of the following roles should be assigned to you:
–
–
–
•
•
Scheduled jobs started before DCR Administration is down completes successfully but DCR is not updated with the new device credentials returned from discovery.
•
This section contains information on:
•
•
•
Configuring Device Discovery Settings
You should configure the following settings to start the Device Discovery:
Module Settings
Allows you to configure or edit the discovery modules to start Device Discovery.
See Configuring Discovery Module Settings for more information.
Seed Device Settings
Allows you to configure or edit module-specific and global seed devices which are used to initiate Device Discovery.
See Configuring Seed Device Settings for more information.
SNMP Settings
Allows you to configure or edit the SNMP credentials required to discover the devices from the network.
See Configuring SNMP Settings for more information.
Filter Settings
Allows you to include or exclude devices from discovery and modify the filter settings.
Configuring filter settings is optional.
See Configuring Discovery Filter Settings for more information.
Global Settings
Allows to configure or modify other discovery settings such as preferred DCR display name, management IP address and so on.
Configuring global settings is optional.
See Configuring Global Discovery Settings for more information.
The Discovery Settings Summary page helps you to configure all these settings and view the summary of the discovery settings.
This section explains the following:
•
•
•
•
•
Configuring Discovery Module Settings
Device Discovery feature in Common Services supports the following Device Discovery modules:
You can run Device Discovery for one or more of these Device Discovery modules. You can select the discovery modules from the Module Settings page.
Other than these discovery modules, Common Services by default supports System discovery module and running Device Discovery for System module.
The System module collects basic device information such as sysName, sysLocation, description, contact and type of services provided by MIB. It also tests transport availability. The System module queries the MIB2 Interface table and IP address table for a device in order to populate the IP address table of NGD.
To configure Device Discovery modules:
Step 1
The Device Discovery Settings page appears
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
•
Or
•
The Module Settings page appears.
Step 3
•
•
•
•
•
•
•
•
For example, if you want to discover the devices from a DSBU Cluster, you can select the Cluster Discovery module.
Note
Step 4
•
Or
•
The Finish button is disabled in this page. You can only click the Next button to configure the seed devices.
Configuring Seed Device Settings
Seed devices are the devices used to initiate network discovery. A seed device is the starting point from which Common Services Device Discovery discovers the network and its peer or neighbor devices.
You can specify:
•
•
–
–
See Options to Specify Seed Devices to understand about the options to specify seed devices.
Note
•
This section contains:
•
•
•
Options to Specify Seed Devices
You can specify the seed devices using any or all of the following options:
•
IP Address or hostname of all devices stored in DCR are added as seed devices. This is a global option and applies to all the discovery modules except the Ping Sweep On IP Range option selected from the Module Settings page.
Ensure that the DCR has atleast one device before you choose this option to specify seed devices.
•
You can enter the IP Addresses or hostname of seed devices in a file and store the input file in the client machine. In the Seed Device Settings page, you can select this input file to specify the list of seed devices for Device Discovery.
The input file should either be a text (.txt) or Comma Separated Value (.csv) file only.
The seed devices file can contain:
–
The input seed devices file for module specific seed devices settings should contain the following in each line:
Seed Device|Number
where Seed Device is the IP Address or hostname of the device and Number is the hop count or Subnet mask.
You can specify Subnet mask in the input seed devices file for the Ping Sweep On IP Range module and hop count for all discovery modules except Ping Sweep On IP Range.
For example, the seed devices file for discovery modules can contain the following seed devices:
10.77.210.220|210.77.210.225|310.77.209.205|310.77.200.213|2You should specify Subnet mask in the input seed devices file only for Ping Sweep On IP Range module.
For example, the seed devices file for Ping Sweep On IP Range module can contain the following seed devices:
10.77.210.220|255.255.255.010.77.210.225|255.255.255.010.77.209.205|255.255.255.010.77.200.213|255.255.255.0–
The input seed devices file for global seed devices settings should contain only one IP address in each line.
For example, the seed devices file can contain the following seed devices:
10.77.210.22010.77.210.22510.77.209.20510.77.200.213•
You can manually specify the IP Address or hostname of seed devices when you configure seed devices for Device Discovery. See Specifying Module Specific Seed Devices and Specifying Global Seed Devices for more information.
Specifying Module Specific Seed Devices
To configure the seed devices for Device Discovery modules:
Step 1
The Discovery Settings Summary page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
•
If you have not configured Seed devices earlier, this link will not be available. Instead, the status will be displayed as Not Configured.
Or
a.
The Module Settings page appears.
b.
You cannot click the Next button unless you have selected one or more discovery modules. See Configuring Discovery Module Settings for more information on selecting discovery modules.
The Seed Devices Settings page appears.
Step 3
The list of modules selected in the Module Settings page is displayed.
Step 4
The Seed Devices settings for the selected module appears at the right.
Step 5
If you do not know the path, you can click Browse and select a file from the list.
Step 6
This option is not available for the Ping Sweep On IP Range option.
Step 7
•
•
•
Step 8
a.
b.
c.
This field is available for all discovery modules except Ping Sweep On IP Range.
d.
The default value is 255.255.255.255. This field is available only for Ping Sweep On IP Range discovery module.
Note
You can also do the following:
•
•
Step 9
•
•
The Finish button is disabled when you add the seed device settings for the first time. If disabled, click the Next button to add the SNMP settings.
You can click the Finish button only when you edit the Seed Device settings.
•
•
Specifying Global Seed Devices
To configure the global seed devices for Device Discovery:
Step 1
The Discovery Settings Summary page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
•
If you have not configured Seed devices earlier, this link will not be available. Instead, the status will be displayed as Not Configured.
Or
a.
The Module Settings page appears.
b.
You cannot click the Next button unless you have selected one or more discovery modules. See Configuring Discovery Module Settings for more information on selecting discovery modules.
The Seed Devices Settings page appears.
Step 3
The Seed Devices settings common for all the selected modules appears at the right.
Step 4
If you do not know the path, you can click Browse and select a file from your machine.
Step 5
Step 6
a.
b.
You can also do the following:
•
•
Step 7
•
•
The Finish button is disabled when you add the seed device settings for the first time. Then, you should click the Next button to add the SNMP settings.
You can click the Finish button only when you edit the Seed Device settings.
•
•
Configuring SNMP Settings
You should configure SNMP credentials to run Device Discovery. See SNMP Credentials for more information on SNMP credentials.
You must configure atleast one set of SNMPv2 or SNMPv3 credentials.
Multiple community strings are supported in Common Services Device Discovery. For example, you can define more than one credential set for a same target with different community strings.
To configure SNMP settings:
Step 1
The Discovery Settings Summary page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
•
If you have not configured the SNMP settings earlier, this link will not be available. Instead, the status will be displayed as Not Configured.
Or
a.
The Module Settings page appears.
b.
You cannot click the Next button unless you have selected one or more discovery modules. See Configuring Discovery Module Settings for more information on selecting discovery modules.
The Seed Devices Settings page appears.
c.
You cannot click the Next button unless you have configured atleast one seed device. See Configuring Seed Device Settings for more information to configure seed device settings.
The SNMP Settings page appears.
Step 3
The supported SNMP versions are:
•
•
Depending upon the radio button you select, the user interface displays appropriate to the SNMP versions selected. See Device Credentials for information on supported SNMP versions and SNMP credentials.
Step 4
If you have configured the SNMP Settings earlier, select a row in the SNMP Settings page and click Edit to edit the SNMP settings.
A popup window appears with the following fields, if you have selected SNMPv2:
A popup window appears with the following fields, if you have selected SNMPv3:
See SNMP Credentials for more information on SNMPv3 credentials and security levels.
Step 5
Step 6
•
•
The Delete Confirmation dialog box appears. You should click OK to proceed.
You can also select multiple records and delete them.
Step 7
•
•
The Finish button is disabled when you configure the SNMP Settings for the first time. Then, you should click the Next button to configure discovery filter settings.
You can click the Finish button only when you edit the SNMP settings.
•
•
Configuring Discovery Filter Settings
Filters in Common Services Device Discovery allow to include or exclude devices from the network based on the following:
•
•
•
•
This section contains:
•
•
•
•
Important Notes
Read the following notes, before you configure discovery filters:
•
•
•
•
Patterns in IP Address Filter Rules
When you define a discovery inclusion or exclusion filters based on IP Address, you should follow these guidelines:
•
•
The octets in an IP Address filter can also contain the combination of wildcard characters and range of numbers. For example, you can specify 10. 77.[210-230].* or 10.77.*.[110-210] as the IP Address filter.
•
For example, if you specify 10.77.*.* and 10.77.210.* as two rules for IP Address inclusion filter, then all the devices matching 10.77.*.* is discovered. The rule 10.77.210.* will never be applied.
Regular Expressions in Filter Rules
Discovery filters based on DNS Domain, SysObjectID, and SysLocation supports regular expressions.
You can use:
•
•
•
•
•
Examples of Regular Expressions in Filter Rules
•
–
–
•
–
–
•
–
–
Specifying Discovery Filter Settings
To configure discovery filter settings:
Step 1
The Discovery Settings Summary page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
•
If you have not configured the Filter settings earlier, this link will not be available. Instead, the status will be displayed as Not Configured.
Or
a.
The Module Settings page appears.
b.
You cannot click the Next button unless you have selected one or more discovery modules. See Configuring Discovery Module Settings for more information on selecting discovery modules.
The Seed Devices Settings page appears.
c.
You cannot click the Next button unless you have configured atleast one seed device. See Configuring Seed Device Settings for more information to configure seed device settings.
The SNMP Settings page appears.
d.
You cannot click the Next button unless you have configured atleast one set of SNMP credentials. See Configuring SNMP Settings for more information to configure SNMP settings.
The Filter Settings page appears.
Step 3
The supported filters are:
•
•
•
•
Step 4
Step 5
Step 6
See Patterns in IP Address Filter Rules and Important Notes before you enter a value for the filter rule.
Step 7
To delete a rule, select the corresponding row and click Delete.
Step 8
•
•
•
•
Configuring Global Discovery Settings
Common Services Device Discovery supports the Jump Router Boundaries option by default. The Jump Router Boundaries option extends Device Discovery beyond the boundaries set by routers within the network.
Device discovery may take a little longer time if you do not selectively choose the boundaries by excluding specific IP addresses.
You can configure the other discovery settings in the Global Discovery Settings page.
To configure the global discovery settings:
Step 1
The Discovery Settings Summary page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
•
If you have not configured the Global settings earlier, this link will not be available. Instead, the status will be displayed as Not Configured.
Or
a.
The Module Settings page appears.
b.
You cannot click the Next button unless you have selected one or more discovery modules. See Configuring Discovery Module Settings for more information on selecting discovery modules.
The Seed Devices Settings page appears.
c.
You cannot click the Next button unless you have configured atleast one seed device. See Configuring Seed Device Settings for more information to configure seed device settings.
The SNMP Settings page appears.
d.
You cannot click the Next button unless you have configured atleast one set of SNMP credentials. See Configuring SNMP Settings for more information to configure SNMP settings.
The Filter Settings page appears.
e.
The Global Settings page appears.
Step 3
Preferred DCR Display Name
You can set the display name of the discovered devices in DCR as any one of the following:
•
•
•
Select the appropriate radio button in the Preferred DCR Display Name panel.
The hostname of the device is set as the preferred DCR display name by default.
When you select the preferred management IP Address as None:
•
•
Update DCR Display Name
Select this checkbox if you want to update the display name of the devices that already exist in DCR, in the next Device Discovery cycle.
For example, consider a device which is discovered by Common Services Device Discovery, exists in DCR with the display name as its hostname.
If you change the Preferred DCR Display Name as IP Address for the next Device Discovery, Common Services Device Discovery will update the display name of the device as its IP Address in DCR after the next Device Discovery.
The display name of devices are not overwritten in the future discovery cycles if you have not selected this option.
Preferred Management IP
Select one of the following options as preferred Management IP address of the device:
•
Select this option to manage a device in the address assigned to the loopback interface.
If there are multiple loopback IP addresses, the highest loopback address is used to manage the device.
•
Common Services Device Discovery uses Domain Name Services (DNS), if available, to perform device name lookups.
Select this option to do name resolution using the device name.
•
Select this option to contact the DNS Server to pick up the device hostname.
•
Select this option if you do not want to manage the devices with preferred management IP Address.
When you select this option, the devices are added in DCR with their IP Addresses.
The Resolve By Name option is the default option for this field.
Use Default Credentials
Select this checkbox, if you want to add the discovered devices with the default credentials in DCR.
See Configuring Default Credentials to know about the need for default credentials and the steps to configure default credentials.
Click Configure next to this field to open the Default Credentials page. You must configure the default credentials before running Device Discovery. Only then the devices discovered will be associated with the default credentials and updated in DCR.
The SNMP credentials set for Device Discovery will not be updated or overwritten by default SNMP credentials configured in the Default Credentials page.
If you are running Device Discovery from a Slave machine, the Configure link does not open the Default Credentials page. Instead, this link displays an error message.
Enter a valid e-mail ID in this field.
Multiple e-mail IDs are not allowed in this field.
The system uses the e-mail ID to notify you the following:
•
•
•
Warning
Step 4
•
•
•
•
Viewing Discovery Settings Summary
The Discovery Settings wizard displays a summary of following settings you have configured:
•
•
•
•
•
To view the summary of discovery settings:
Step 1
The Discovery Settings Summary page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
•
•
•
•
•
Step 4
The Discovery Settings Summary page appears with the summary of discovery settings.
Step 5
•
•
•
Viewing Device Discovery Settings
To view the summary of Device Discovery settings, go to the CiscoWorks home page and select Common Services > Device and Credentials > Device Discovery > Discovery Settings.
The Discovery Settings Summary page appears with the following fields:
:
Module Settings
Displays a Configure link that leads to Module Settings page.
See Configuring Discovery Module Settings for more information.
Seed Device Settings
Displays the status as Not Configured for the first time.
If you have configured Seed Device Settings earlier, this field displays a link by name Configure.
Clicking Configure leads to Seed Devices Settings page.
See Configuring Seed Device Settings for more information.
SNMP Settings
Displays the status as Not Configured for the first time.
If you have configured Seed Device Settings earlier, this field displays a link by name Configure.
Clicking Configure leads to SNMP Settings page.
See Configuring SNMP Settings for more information.
Filter Settings
Displays the status as Not Configured for the first time.
If you have configured Filter Settings earlier, this field displays a link by name Configure.
Clicking Configure leads to Filter Settings page.
See Configuring Discovery Filter Settings for more information.
Global Settings
Displays the status as Not Configured for the first time.
If you have configured Global Settings earlier, this field displays a link by name Configure.
Clicking Configure leads to Global Settings page.
See Configuring Global Discovery Settings for more information.
Module(s) Selected
Displays the discovery modules which you have selected in the Module Settings page, separated by commas.
Use DCR As Seed List
Displays:
•
•
Preferred Management IP
Displays the preferred management IP address name you have selected in the Global Settings page.
Preferred DCR Display Name
Displays the preferred DCR display name you have selected in the Global Settings page.
Update DCR Display Name
Displays:
•
•
Use DCR Default Credentials
Displays:
•
•
Displays the e-mail address you have configured in the Global Settings page.
See Configuring Global Discovery Settings for more information on E-mail option.
Configure (button)
Allows you to enter into Discovery Settings wizard and configure Device Discovery settings.
See Configuring Device Discovery Settings for more information.
Start Discovery (button)
The Device Discovery starts as an immediate job.
Once the Device Discovery is started and running, the Start Discovery button is changed to Stop Discovery.
See Starting Device Discovery for more information.
Starting Device Discovery
Before you start Device Discovery, ensure that you have configured all the required settings.
To start Device Discovery:
Step 1
•
The Device Discovery Summary page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Or
•
The Discovery Settings Summary page appears.
Step 2
Device Discovery starts as an immediate job.
You can also view the status of Device Discovery from CS Job Browser page. To go to Common Services Job Browser page, click Server > Admin > Job Browser from the Common Services application.
After Device Discovery has started running, the Start Discovery button is changed to Stop Discovery.
You can stop Device Discovery by clicking Stop Discovery. E-mail notification is sent to the e-mail address configured on stopping the Device Discovery job. You can also stop Device Discovery jobs from CS Job Browser page.
Stopping Device Discovery may take a while to terminate all the threads and CSDiscovery process. Hence the Stop Discovery button also takes a while to change to Start Discovery.
Scheduling Device Discovery
You can schedule one or more Device Discovery jobs in Common Services. The optimum Device Discovery schedule depends on the size of network and changes in the network.
Before you schedule a Device Discovery job, read the following:
•
•
•
From the Discovery Schedule page, you can:
•
•
•
•
Adding Device Discovery Schedule
To add a Device Discovery schedule:
Step 1
The Discovery Schedule page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
The Add Discovery Schedule popup window appears.
The Device Discovery schedules are dependent of Device Discovery Settings. You cannot click the Add button if you have not configured Device Discovery Settings.
The Add button is disabled on a fresh installation of Common Services in CiscoWorks Server.
Step 3
You should specify the time in 24-hour format.
Step 4
Step 5
You cannot edit the description entered in this field later.
Step 6
The discovery schedule is created and assigned with a job ID. Email notification is sent to the email address you have configured in the Discovery Settings wizard.
Editing Device Discovery Schedule
To edit a Device Discovery schedule:
Step 1
The Discovery Schedule page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
The Edit Discovery Schedule popup window appears.
Step 4
Step 5
Step 6
Deleting Device Discovery Schedule
To delete a Device Discovery schedule:
Step 1
The Discovery Schedule page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
The Delete Confirmation dialog box appears.
Step 4
The selected discovery schedule is deleted from the list of schedules.
Caution
Viewing the Status of Device Discovery Schedules
You can navigate to Common Services Job Browser page from the Discovery Schedule page to view the latest status of Device Discovery jobs.
To do so:
Step 1
The Discovery Schedule page appears.
Step 2
The Job Browser page displays the Device Discovery jobs.
Viewing Device Discovery Details
You can view the details of recently completed Device Discovery and the status of currently running discovery job in Common Services.
This section contains the following:
•
Viewing Device Discovery Summary
To view a summary of recently completed Device Discovery, go to the CiscoWorks home page and select Common Services > Device and Credentials > Device Discovery.
The Device Discovery Summary page appears with the following fields:
Discovery Status
Displays the current status of the discovery job. The status of the discovery could be any of the following:
•
–
–
–
•
At the start of Device Discovery, a URN is published to get the latest status of Device Discovery.
If there are any errors in publishing the URN or in receiving the latest Device Discovery summary, discovery status may not be updated.
•
•
•
–
–
Discovery Start Time
Displays the starting date and time of Device Discovery.
The date is displayed in Long Date format.
For example, the start time is displayed as
Thu Aug 09 04:35:34 IST 2007.Discovery End Time
Displays the completion date and time of Device Discovery.
The Device Discovery time may differ across the network depending on the size and the changes in the network.
Total Devices Discovered
Displays the total number of devices discovered by the recent Device Discovery job.
When you click the number displayed, the Total Devices Discovered window opens. See Total Devices Discovered for more information.
Reachable Devices
Displays the number of devices which are SNMP reachable.
When you click the number displayed, the All Reachable Devices window opens. See Reachable Devices for more information.
Unreachable Devices
Displays the number of devices which are not SNMP reachable.
When you click the number displayed, the All Unreachable Devices details opens. See Unreachable Devices for more information.
Devices Newly Added to DCR
Displays the number of devices that are newly added to DCR by Common Services Device Discovery.
When you click the number displayed, the Devices Added to DCR window opens. See Devices Added to DCR for more information.
Devices Updated to DCR
Displays the number of devices that are updated in DCR by Common Services Device Discovery.
When you click the number displayed, the Devices Updated to DCR Devices window opens. See Devices Updated to DCR for more information.
You can use the refresh icon provided in the Device Discovery Summary page to view the latest discovery status.
Total Devices Discovered
You can view the details of all devices that are discovered by Common Services Device Discovery.
See Activities Performed From Device Discovery Details Windows for other activities you can perform from the Total Devices Discovered details window.
To see the details of all the discovered devices:
Step 1
The Device Discovery Summary page appears.
Step 2
The Total Devices Discovered popup window opens with the following details:
Reachable Devices
You can view the details of all reachable devices that are discovered by Common Services Device Discovery.
See Activities Performed From Device Discovery Details Windows for other activities you can perform from the Reachable Devices details window.
To see the details of the reachable devices:
Step 1
The Device Discovery Summary page appears.
Step 2
The Reachable Devices popup window opens with the following details:
Unreachable Devices
You can view the details of all devices that are not reachable by Common Services Device Discovery.
See Activities Performed From Device Discovery Details Windows for other activities you can perform from the Unreachable Devices details window.
To see the details of the unreachable devices:
Step 1
The Device Discovery Summary page appears.
Step 2
The Unreachable Devices popup window opens with the following details:
Devices Added to DCR
You can view the details of devices that are added to DCR by Common Services discovery.
See Activities Performed From Device Discovery Details Windows for other activities you can perform from the Devices Added to DCR details window.
To see the details of devices that are newly added to DCR:
Step 1
The Device Discovery Summary page appears.
Step 2
The Devices Added to DCR popup window displays the following details:
Devices Updated to DCR
You can view the details of devices that are updated in DCR by Common Services discovery.
See Activities Performed From Device Discovery Details Windows for other activities you can perform from the Devices Added to DCR details window.
To see the details of devices that are updated in DCR:
Step 1
The Device Discovery Summary page appears.
Step 2
The Devices Updated to DCR popup window opens with the following details:
Activities Performed From Device Discovery Details Windows
You can perform the following activities from the Device Discovery details window:
•
•
•
•
•
To export the Device Discovery details window:
Step 1
The Exporting Report dialog box opens.
Step 2
Step 3
For example, if you want to export the first 10 rows and fourteenth row, you should enter 1-10,14 in the text field.
Step 4
Managing Devices
The Device Management option in Device and Credentials Administration helps you manage the list of devices and their credentials. Device Management helps you in:
•
•
You can use:
•
•
Note
Adding Devices
You can use this feature to add devices, device properties or attributes, and device credentials to the Device and Credential Admin.
You should have the required privileges to add devices to DCR. Your login determines whether you can use this option.
To add devices to the device list:
Step 1
The Device Management page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
The Device Management user interface helps you perform operations on Standard devices, Cluster Managed devices and Auto Update devices. Operations on Auto Update Servers can be performed only at the Auto Update Server Management user interface.
The Device Summary window displays the devices and groups in DCR Administration.
Step 2
The Device Properties page appears. The Device Information dialog box provides four device management types:
You can add more than one device at a time. However, you cannot add devices of different management types.
Standard Type
To add devices and credentials using Standard type:
Step 1
Step 2
To select the Domain Name and the DeviceType, click Select and choose from the list.
DCR uses a device record to represent a Cluster. A Cluster can be added in the Standard Management option by selecting the Device Type field as Cisco Cluster Management Suite.
DSBU Clusters added this way, can then be selected in Cluster Managed Type, for the field Cluster.
You can add a Cisco CNS Configuration Engine under the Standard Management type by selecting the Device Type field as Cisco CNS Configuration Engine. The Cisco CNS Configuration Engine added under the Standard type can be selected in the CNS Server field in the CNS Managed type.
After a Cisco CNS Configuration Engine or DSBU Cluster is successfully added, it will appear under
Network Management > Other Network Management Products > Cisco CNS Configuration Engine/Cisco Cluster Management Suite, in the Device Selector.Step 3
The device is added to the Added Device List in the window.
To remove the device from the Device List, select the device and click Remove from List.
Step 4
You will be able to select this check box only when you have configured the default credentials. See Configuring Default Credentials for more information.
If you have opted to use the default credentials, the primary credentials, secondary credentials,
Rx Boot Mode credentials, SNMP credentials, and HTTP credentials will be populated with the corresponding default values. You can click Finish to add the devices with default credentials or proceed further to make changes to the value of the credentials.Step 5
The Standard Credentials page appears.
Step 6
•
•
•
If you have opted to use the default credentials, these credentials will be populated with the default values from DCR. You can edit them and enter your own values.
If you do not want to proceed, click Finish.
Step 7
The SNMP Credentials page appears.
Step 8
•
•
You must select the SNMPv3 checkbox to enter the SNMPv3 Credentials. By default, these fields are disabled. When the SNMPv3 checkbox is selected, the default SNMPv3 mode is AuthPriv.
Re-enter the value of Authentication Password and Privacy Password in the Verify fields.
If you have opted to use the default credentials, these credentials will be populated with the default values from DCR. You can edit them and enter your own values.
If you do not want to proceed, click Finish.
Step 9
The HTTP Settings page appears.
Step 10
•
Re-enter the value of the password in Verify field.
•
Re-enter the value of the password in Verify field.
•
Select the HTTP or HTTPS option for current connection mode.
If you have opted to use the default credentials, these credentials will be populated with the default values from DCR. You can edit them and enter your own values.
If you do not want to proceed, click Finish.
Step 11
The User Defined Fields dialog box appears.
Step 12
By default, Device and Credential Admin provides the option to define four attribute fields for a device. These fields are used to store additional user-defined data for the device.
The attribute fields that appear here can be changed in the User Defined Fields page. Click Device and Credentials > Admin > User Defined Fields from the Common Services application to open the User Defined Fields page.
Step 13
A message appears that the devices are added successfully in DCR.
When all the devices are not added in DCR, the Device Status Summary appears. See Device Addition Status Summary for more information.
Step 14
The Device Summary page appears with the updated device group information.
Auto Update Type
You can use this feature to add, edit, and delete devices managed using Auto Update Server.
The Auto Update Server managed device has its own attributes and credentials just like normal devices in DCR. In addition, it will have the following attributes:
•
•
To add devices and credentials using Auto Update type:
Step 1
Step 2
To select Auto Update Server, Domain Name, and the Device Type click Select and select from the resulting popup windows. For Auto Update Server managed devices, Display Name and Device-Identity are enough for identity.
DCR uses a device record to represent an Auto Update Server. You can also add an Auto Update Server in the Auto Update Server Management page. Auto Update Server added in this way can then be selected for the Auto Update Server field in the Device Properties wizard.
Step 3
The device gets added to the Added Device List in the window.
To remove the device from the Device List, select the device and click Remove from List.
Step 4
You will be able to select this check box only when you have configured the default credentials. See Configuring Default Credentials for more information.
If you have opted to use the default credentials, the primary credentials, secondary credentials,
Rx Boot Mode credentials, SNMP credentials, and HTTP credentials will be populated with the corresponding default values. You can click Finish to add the devices with default credentials or proceed further to make changes to the value of the credentials.Step 5
The Standard Credentials page appears.
Step 6
•
•
•
If you have opted to use the default credentials, these credentials will be populated with the default values from DCR. You can edit them and enter your own values.
If you do not want to proceed, click Finish.
Step 7
The SNMP Credentials page appears.
Step 8
•
•
You must select the SNMPv3 checkbox to enter the SNMPv3 Credentials. By default, these fields are disabled. When the SNMPv3 checkbox is selected, the default SNMPv3 mode is AuthPriv.
Re-enter the value of Authentication Password and Privacy Password in the Verify fields.
If you have opted to use the default credentials, these credentials will be populated with the default values from DCR. You can edit them and enter your own values.
If you do not want to proceed, click Finish.
Step 9
The HTTP Settings page appears.
Step 10
•
Re-enter the value of the password in Verify field.
•
Re-enter the value of the password in Verify field.
•
Select the HTTP or HTTPS option for current connection mode.
If you have opted to use the default credentials, these credentials will be populated with the default values from DCR. You can edit them and enter your own values.
If you do not want to proceed, click Finish.
Step 11
The Auto Update Server Credential Template dialog box appears.
Step 12
Note
Step 13
The User Defined Fields dialog box appears.
Step 14
By default, Device and Credential Admin provides the option to define four attribute fields for a device. These fields are used to store additional user-defined data for the device.
The attribute fields that appear here can be changed in the User Defined Fields page. Click Device and Credentials > Admin > User Defined Fields from the Common Services application to open the User Defined Fields page.
Step 15
A message appears that the devices are added successfully in DCR.
When all the devices are not added in DCR, the Device Status Summary appears. See Device Addition Status Summary for more information.
Step 16
The Device Summary page appears with the updated device group information.
Cluster Managed Type
DCR supports Cisco Clusters and their member devices using a mix of standard and additional attributes and credentials.
To add devices and credentials using Cluster Managed type:
Step 1
Step 2
The Member Number field is mandatory. The Member Number is the number of the Cluster member. This number represents the order in which the device is added into the cluster.
Also, Cluster needs to be added before a Cluster Managed device.
For example, if a device X belongs to cluster Y, first add the Cluster Y, and then add the Cluster Managed device X.
Step 3
The device is added to the Added Device List in the window.
To remove a device from the Device List select the device and click Remove from List.
Step 4
You will be able to select this check box only when you have configured the default credentials. See Configuring Default Credentials for more information.
If you have opted to use the default credentials, the primary credentials, secondary credentials,
Rx Boot Mode credentials, SNMP credentials, and HTTP credentials will be populated with the corresponding default values.If you do not want to proceed further, click Finish.
Step 5
The User Defined Field dialog box appears.
Step 6
The attribute fields that appear here can be changed in the User Defined Fields page. Click Device and Credentials > Admin > User Defined Fields from the Common Services application to open the User Defined Fields page.
Step 7
A message appears that the devices are added successfully in DCR.
When all the devices are not added in DCR, the Device Status Summary appears. See Device Addition Status Summary for more information.
Step 8
The Device Summary page appears with the updated device group information.
CNS Managed Type
To add devices and credentials using CNS Managed type:
Step 1
Step 2
The display name you want for the device in reports or graphical displays in the corresponding fields.
You can also enter or select the domain name.
Step 3
You can add a Cisco CNS Configuration Engine in the Standard Management option by selecting the Device Type field as Cisco CNS Configuration Engine.
If you add a Cisco CNS Configuration Engine in this way, you can select these engines in the CNS Managed option, for the CNS Server field.
After a Cisco CNS Configuration Engine is successfully added, it appears under
Network Management > Other Network Management Products > Cisco CNS Configuration Engine, in the Device Selector.CNS Server and Display Name are mandatory.
Step 4
The device is added to the Added Device List in the page.
To remove a device from the Device List select the device and click Remove from List.
Step 5
You will be able to select this check box only when you have configured the default credentials. See Configuring Default Credentials for more information.
If you have opted to use the default credentials, the primary credentials, secondary credentials,
Rx Boot Mode credentials, SNMP credentials, and HTTP credentials will be populated with the corresponding default values. You can click Finish to add the devices with default credentials or proceed further to make changes to the value of the credentials.Step 6
The Standard Credentials page appears.
Step 7
•
•
•
If you have opted to use the default credentials, these credentials will be populated with the default values from DCR. You can edit them and enter your own values.
If you do not want to proceed further, click Finish.
Step 8
The SNMP Credentials page appears.
Step 9
•
•
You must select the SNMPv3 checkbox to enter the SNMPv3 Credentials. By default, these fields are disabled. When the SNMPv3 checkbox is selected, the default SNMPv3 mode is AuthPriv.
Re-enter the value of Authentication Password and Privacy Password in the Verify fields.
If you have opted to use the default credentials, these credentials will be populated with the default values from DCR. You can edit them and enter your own values.
If you do not want to proceed, click Finish.
Step 10
The HTTP Settings page appears.
Step 11
•
Re-enter the value of the password in Verify field.
•
Re-enter the value of the password in Verify field.
•
Select the HTTP or HTTPS option for current connection mode.
If you have opted to use the default credentials, these credentials will be populated with the default values from DCR. You can edit them and enter your own values.
If you do not want to proceed, click Finish.
Step 12
Step 13
By default, Device provides the option to define four attribute fields for a device. These fields are used to store additional user-defined data for the device.
The attribute fields that appear here can be changed in the User Defined Fields page. Click Device and Credentials > Admin > User Defined Fields from the Common Services application to open the User Defined Fields page.
Step 14
A message appears that the devices are added successfully in DCR.
When all the devices are not added in DCR, the Device Status Summary appears. See Device Addition Status Summary for more information.
Step 15
The Device Summary page appears with the updated device group information.
Device Addition Status Summary
There may be few devices that are not added in DCR. The Device Addition Status report appears when all the devices you have added in the user interface are not added in DCR.
The Device Addition Status report contains the following fields:
A link is provided for the number of devices displayed for all these fields.
The links for number of devices added, number of error devices, and number of duplicate devices displayed. The link launches the Add Device List Report with the device name and the status of device addition.
The link provided for the number of devices not configured in ACS displays the Devices Not Configured in ACS report.
Deleting Devices
You can delete device information from DCR using this feature.
You can select the devices from the Device Selector and delete either all of them or only the devices that are not managed by applications. When a device is deleted, it also gets deleted from all the applications that use DCR.
You should have the required privileges to delete devices from DCR. Your login determines whether you can use this option.
If you have configured in ACS mode, you should have the following privileges on ACS Server to delete the devices:
•
•
To delete devices:
Step 1
The Device Management page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
The Delete Devices Confirmation dialog box opens with the following details:
•
•
Step 3
•
Select this option when you want to delete the devices that are not managed by one or more applications. This option is enabled only when you have chosen to delete one or more devices from the device selector that are managed by applications.
•
Select this option when you want to delete all the selected devices from DCR including the devices managed by applications. However, the device information still remains in the application databases.
Step 4
All information about the selected devices are deleted from DCR. There may be few devices that are deleted from DCR. See Delete Status Report for more information.
A message appears stating that the devices are deleted successfully.
The devices deleted are also removed from the device selector. If you have selected larger number of devices to delete, the system may take few minutes to refresh the group information in the device selector.
Delete Status Report
In ACS mode, there may be few devices that are not deleted in DCR. You should verify whether you have the device level authorization to delete the devices on ACS Server.
When any of the devices selected is not deleted from DCR, the Device Deletion Status popup window appears with the following summary:
•
•
Editing Device Credentials
You can edit device information for a single device or for multiple devices using this feature. To edit device information:
Step 1
The Device Management page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
The Standard Credentials dialog box appears.
Step 3
•
•
•
•
If you edit the password values of any credentials, you should re-enter the password values in their corresponding Verify fields.
Any changes made here will apply to all devices selected in Step 2. This has one exception.
However, if in Step 2, you have selected devices belonging to different device management types, the changes made will apply only to devices of the appropriate type. That is, if a standard-device credential is changed, only the standard devices selected in Step 2 are affected.
If you have completed editing, and do not want to proceed, click Finish.
Step 4
The SNMP Credentials page appears.
Step 5
•
•
You must select the SNMPv3 checkbox to enter or edit the SNMPv3 Credentials. By default, these fields are disabled. When the SNMPv3 checkbox is selected, the default SNMPv3 mode is AuthPriv.
Re-enter the value of Authentication Password and Privacy Password in the Verify fields.
If you have completed editing, and do not want to proceed, click Finish.
Step 6
The HTTP Settings Page opens.
Step 7
•
•
•
Note
Re-enter the values in the Verify fields.
If you have completed editing, and do not want to proceed, click Finish.
Step 8
The User Defined Fields window appears. You can edit these fields and click Finish after you complete editing.
Auto Update Servers cannot be edited here. Even if they are selected in Step 2, they will not be affected. See Editing Auto Update Server for details on editing Auto Update Server information.
Management Type for a device is defined while you add the device to DCR. You cannot change the Management Type for the device through the edit flow. For example, you cannot change:
•
•
Editing Device Identity
You can edit Device Identity information for a single device in DCR. The Display Name and the Host Name/Domain Name combination must be unique for each device in DCR. When you edit a device, it will be considered as a duplicate if any one of the following occur:
•
•
•
•
To edit the Device Identity information:
Step 1
The Device Management page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
The Device Properties dialog box appears with the list of selected devices, and attributes of the first device in the list.
Step 4
The current attributes are automatically populated in the device information fields.
Step 5
You can edit the following information:
•
•
•
•
You can edit only one device at a time.
Step 6
Step 7
Importing Devices and Credentials
You can import device lists, device properties or attributes and device credentials to the DCR and populate DCR using this feature.
You can:
•
or
Import Using Device and Credential Admin Interface
To import devices using Device and Credential Admin Interface:
Step 1
The Device Management page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
The Import Devices popup window appears.
The options to import device information into DCR are:
•
•
•
If you import device information from a file, ensure that:
•
The mandatory attributes are: Display Name, and Management IP address or Host Name or Device Identity.
For DSBU member devices, DSBU member number and display name are enough for identity.
For AUS managed devices Display Name and Device-Identity are enough. For a CNS managed device, CNS Server is a mandatory attribute.
•
•
–
–
–
–
•
–
–
–
•
Importing From a File
To import from a file:
Step 1
Or
Browse the file system and select the file using the Browse tab.
Step 2
Only CSV2.0 and CSV3.0 file formats are supported.
Step 3
•
•
Step 4
a.
You can schedule importing the devices immediately or schedule the import for a later time. The scheduling can be periodic (daily, weekly, or monthly) or for a single instance (once).
b.
Step 5
a.
b.
Step 6
•
•
For example, if the default credential set has Standard and SNMP credentials and if your import source has only the Standard credentials, the device will be populated in DCR with the Standard credentials entered in your import source and SNMP credentials configured in the default credential set.
See Configuring Default Credentials for more information.
Step 7
Importing From Local NMS
To import from Local NMS:
Step 1
The supported values are HPOV and Netview.
See the following documents for information on supported Network Management Systems.
•
•
Step 2
The following table provides you the examples to enter the install location:
HP OpenView Network Node Manager
Solaris
/opt/OV
Windows
C:\Program Files\HP OpenView
NetView
Solaris
/usr/OV
Windows
C:\usr\OV
Step 3
Step 4
To do this:
a.
You can schedule importing the devices immediately or schedule the import for a later time. The scheduling can be periodic (daily, weekly, or monthly) or for a single instance (once).
b.
Step 5
a.
b.
Step 6
•
•
For example, if the default credential set has Standard and SNMP credentials and if your import source has only the Standard credentials, the device will be populated in DCR with the Standard credentials entered in your import source and SNMP credentials configured in the default credential set.
See Configuring Default Credentials for more information.
Step 7
Importing From Remote NMS
Before you import from the remote NMS, ensure that:
•
•
If you are importing from a remote NMS on host 2 to host 1 (CiscoWorks Server), you need to add the following entries in the .rhosts file of host2: host1.domain.com SYSTEM (on Windows); where SYSTEM is a built-in Local System account.
For example, if you are importing from a remote NMS on XYZ.cisco.com to ABC.cisco.com, you need to add ABC.cisco.com SYSTEM host1.domain.com casuser (on Solaris).
To import from a remote NMS:
Step 1
The supported values are HPOV and Netview.
See the following documents for information on supported Network Management Systems.
•
•
If you select ACS, enter:
•
•
•
•
Step 2
Note
Step 3
Make sure that you give the install location of the selected NMS type.
. For example, enter:
•
•
Step 4
Step 5
a.
You can schedule importing the devices immediately or schedule the import for a later time. The scheduling can be periodic (daily, weekly, or monthly) or for a single instance (once).
b.
Step 6
a.
b.
Step 7
•
•
For example, if the default credential set has Standard and SNMP credentials and if your import source has only the Standard credentials, the device will be populated in DCR with the Standard credentials entered in your import source and SNMP credentials configured in the default credential set.
See Configuring Default Credentials for more information.
Step 8
Import Status Report
The Import Status Report appears at the end of each immediate import operation. The report contains information on:
•
This field shows the number of devices that are newly imported during the bulk import operation.
•
This field shows the devices that are not imported.
The devices that have not been imported might fall under one of the following categories:
Sample CSV Files and XML Files
You can use CSV 2.0 or CSV 3.0 file or XML formats for import.
You can also perform a DCR Export operation to generate sample CSV or XML files. See Exporting Devices and Credentials for more information.
You should not delete any line from the CSV file generated by DCR export utility including the lines starting with ; (semi colon). However, you can add comments in the CSV file as new lines beginning with ; character.
If you use manually created CSV files for DCR import, we recommend that the CSV files should be in the same format of the files generated by DCR Export utility.
This section provides the following:
•
•
•
•
View Mapping CSV 2.0 to CSV 3.0 Fields to see the details on mapping.
Sample CSV 2.0 File
;; This file is generated by the export utility; If you edit this file, be sure you know what you are doing;Cisco Systems NM data import, source = export utility; Version = 2.0; Type = Csv;; Here are the columns of the table.; Columns 1 and 2 are required.; Columns 3 through 19 are optional.; Col# = 1: Name (including domain or simply an IP); Col# = 2: RO community string; Col# = 3: RW community string; Col# = 4: Serial Number; Col# = 5: User Field 1; Col# = 6: User Field 2; Col# = 7: User Field 3; Col# = 8: User Field 4; Col# = 9; Name = Telnet password; Col# = 10; Name = Enable password; Col# = 11; Name = Enable secret; Col# = 12; Name = Tacacs user; Col# = 13; Name = Tacacs password; Col# = 14; Name = Tacacs enable user; Col# = 15; Name = Tacacs enable password; Col# = 16; Name = Local user; Col# = 17; Name = Local password; Col# = 18; Name = Rcp user; Col# = 19; Name = Rcp password;; Here are the rows of data.;172.20.118.156,public,,FHH080600dg,,,,,,,,,,,,,,,172.20.118.150,public,,FHH0743W022,,,,,,,,,,,,,,,Sample CSV 3.0 File
; This file is generated by DCR Export utilityCisco Systems NM Data import, Source=DCR Export; Type=DCRCSV; Version=3.0;;Start of section 0 - Basic Credentials;;HEADER: management_ip_address,host_name,domain_name,device_identity,display_name,sysObjectID,dcr_d evice_type,mdf_type,snmp_v2_ro_comm_string,snmp_v2_rw_comm_string,snmp_v3_user_id,snmp_v3_ password,snmp_v3_engine_id,snmp_v3_auth_algorithm,snmp_v3_priv_password,snmp_v3_priv_algor ithm,rxboot_mode_username,rxboot_mode_password,primary_username,primary_password,primary_e nable_password,http_username,http_password,http_mode,http_port,https_port,cert_common_name ,secondary_username,secondary_password,secondary_enable_password,secondary_http_username,s econdary_http_password;10.77.203.55,,,,10.77.203.55,UNKNOWN,0,UNKNOWN,,,userap1,roZes1,,MD5,roZes11,AES128,,,,,,, ,,,,,,,,,10.77.203.142,,,,10.77.203.142,UNKNOWN,0,UNKNOWN,,,userap2,roZes2,,SHA-1,roZes22,3DES,,,,, ,,,,,,,,,,,10.77.209.74,,,,10.77.209.74,UNKNOWN,0,UNKNOWN,,,v3user,roZes123,,MD5,roZes123,DES,,,,,,,, ,,,,,,,,10.77.203.210,,,,10.77.203.210,UNKNOWN,0,UNKNOWN,,,v3user4,ROzES123,,SHA-1,ROzES123,AES256 ,,,,,,,,,,,,,,,,;End of CSV file
Note
Sample CSV 3.0 File for Auto Update Server Managed Devices
; This file is generated by DCR Export utilityCisco Systems NM Data import, Source=DCR Export; Type=DCRCSV; Version=3.0;Start of section 0 - Basic Credentials;;HEADER: management_ip_address,host_name,domain_name,device_identity,display_name,sysObjectID,dcr_d evice_type,mdf_type,snmp_v2_ro_comm_string,snmp_v2_rw_comm_string,snmp_v3_user_id,snmp_v3_ password,snmp_v3_engine_id,snmp_v3_auth_algorithm,snmp_v3_priv_password,snmp_v3_priv_algor ithm,rxboot_mode_username,rxboot_mode_password,primary_username,primary_password,primary_e nable_password,http_username,http_password,http_mode,http_port,https_port,cert_common_name ,secondary_username,secondary_password,secondary_enable_password,secondary_http_username,s econdary_http_password;10.77.203.55,,,,10.77.203.55,UNKNOWN,0,UNKNOWN,,,userap1,roZes1,,MD5,roZes11,AES128,,,,,,, ,,,,,,,,,10.77.203.142,,,,10.77.203.142,UNKNOWN,0,UNKNOWN,,,userap2,roZes2,,SHA-1,roZes22,3DES,,,,, ,,,,,,,,,,,10.77.209.74,,,,10.77.209.74,UNKNOWN,0,UNKNOWN,,,v3user,roZes123,,MD5,roZes123,DES,,,,,,,, ,,,,,,,,10.77.203.210,,,,10.77.203.210,UNKNOWN,0,UNKNOWN,,,v3user4,ROzES123,,SHA-1,ROzES123,AES256 ,,,,,,,,,,,,,,,,;;Start of section 1 - AUS proxy;;HEADER: management_ip_address,host_name,domain_name,device_identity,display_name,aus_username,aus_ password,aus_url;1.1.1.1,ons_host1,cisco.com,AUS_ID,ONS1,admin,admin,10.10.10.1,aus_server,cisco.com,,AUS_SERV1,admin,admin,autoupdate/AutoUpdateServlet;;Start of section 2 - AUS managed;;HEADER: management_ip_address,host_name,domain_name,device_identity,display_name,parent_aus_id;1.1.1.1,ons_host1,cisco.com,AUS_ID,ONS1,display_name=AUS_SERV1;End of CSV fileSample CSV 3.0 File for Cluster Managed Devices
; This file is generated by DCR Export utilityCisco Systems NM Data import, Source=DCR Export; Type=DCRCSV; Version=3.0;;Start of section 0 - Basic Credentials;;HEADER: management_ip_address,host_name,domain_name,device_identity,display_name,sysObjectID,dcr_d evice_type,mdf_type,snmp_v2_ro_comm_string,snmp_v2_rw_comm_string,snmp_v3_user_id,snmp_v3_ password,snmp_v3_engine_id,snmp_v3_auth_algorithm,snmp_v3_priv_password,snmp_v3_priv_algor ithm,rxboot_mode_username,rxboot_mode_password,primary_username,primary_password,primary_e nable_password,http_username,http_password,http_mode,http_port,https_port,cert_common_name ,secondary_username,secondary_password,secondary_enable_password,secondary_http_username,s econdary_http_password;10.77.203.55,,,,10.77.203.55,UNKNOWN,0,UNKNOWN,,,userap1,roZes1,,MD5,roZes11,AES128,,,,,,, ,,,,,,,,,10.77.203.142,,,,10.77.203.142,UNKNOWN,0,UNKNOWN,,,userap2,roZes2,,SHA-1,roZes22,3DES,,,,, ,,,,,,,,,,,10.77.209.74,,,,10.77.209.74,UNKNOWN,0,UNKNOWN,,,v3user,roZes123,,MD5,roZes123,DES,,,,,,,, ,,,,,,,,10.77.203.210,,,,10.77.203.210,UNKNOWN,0,UNKNOWN,,,v3user4,ROzES123,,SHA-1,ROzES123,AES256 ,,,,,,,,,,,,,,,,;;Start of section 3 - DSBU managed;;HEADER: management_ip_address,host_name,domain_name,device_identity,display_name,dsbu_member_number,parent_dsbu_id;1.1.1.1,ons_dev_1,cisco.com,,ONS1,1,display_name=cluster;End of CSV fileMapping CSV 2.0 to CSV 3.0 Fields
The following table provides a mapping between the fields in CSV 2.0 and CSV 3.0:
The order of preference used to set these values in CSV 3.0:
•
•
The local username and password are matched to secondary_username and secondary_password if primary_username and primary_password is already set with Tacacs credentials.
•
The Telnet password, Enable password, and Enable Secret are set to secondary credentials, if the primary_password and primary_enable_password are already set with Tacacs or Local credentials.
Sample XML File (Standard)
<?xml version="1.0"?><DEVICES><DEVICE><SET Name="Basic Credentials"><DEVATTRIB Name="management_ip_address">10.77.203.55</DEVATTRIB><DEVATTRIB Name="host_name">Switch6009</DEVATTRIB><DEVATTRIB Name="domain_name">cisco.com</DEVATTRIB><DEVATTRIB Name="display_name">10.77.203.55</DEVATTRIB><DEVATTRIB Name="sysObjectID">UNKNOWN</DEVATTRIB><DEVATTRIB Name="dcr_device_type">0</DEVATTRIB><DEVATTRIB Name="mdf_type">268438100</DEVATTRIB><DEVATTRIB Name="snmp_v2_ro_comm_string">public</DEVATTRIB><DEVATTRIB Name="snmp_v2_rw_comm_string">private</DEVATTRIB><DEVATTRIB Name="primary_username">lab</DEVATTRIB><DEVATTRIB Name="primary_password">lab</DEVATTRIB><DEVATTRIB Name="primary_enable_password">lab</DEVATTRIB><DEVATTRIB Name="secondary_username">lab</DEVATTRIB><DEVATTRIB Name="secondary_password">lab</DEVATTRIB><DEVATTRIB Name="secondary_enable_password">lab</DEVATTRIB><DEVATTRIB Name="snmp_v3_user_id">userap1</DEVATTRIB><DEVATTRIB Name="snmp_v3_password">roZes1</DEVATTRIB><DEVATTRIB Name="snmp_v3_auth_algorithm">MD5</DEVATTRIB><DEVATTRIB Name="snmp_v3_priv_password">roZes11</DEVATTRIB><DEVATTRIB Name="snmp_v3_priv_algorithm">AES128</DEVATTRIB></SET></DEVICE></DEVICES>
Note
Sample XML File for Auto Update Server Managed Devices
<?xml version="1.0"?><DEVICES><DEVICE><SET Name="Basic Credentials"><DEVATTRIB Name="management_ip_address">10.77.203.55</DEVATTRIB><DEVATTRIB Name="host_name">Switch6009</DEVATTRIB><DEVATTRIB Name="domain_name">cisco.com</DEVATTRIB><DEVATTRIB Name="display_name">10.77.203.55</DEVATTRIB><DEVATTRIB Name="sysObjectID">UNKNOWN</DEVATTRIB><DEVATTRIB Name="dcr_device_type">0</DEVATTRIB><DEVATTRIB Name="mdf_type">268438100</DEVATTRIB><DEVATTRIB Name="snmp_v2_ro_comm_string">public</DEVATTRIB><DEVATTRIB Name="snmp_v2_rw_comm_string">private</DEVATTRIB><DEVATTRIB Name="primary_username">lab</DEVATTRIB><DEVATTRIB Name="primary_password">lab</DEVATTRIB><DEVATTRIB Name="primary_enable_password">lab</DEVATTRIB><DEVATTRIB Name="secondary_username">lab</DEVATTRIB><DEVATTRIB Name="secondary_password">lab</DEVATTRIB><DEVATTRIB Name="secondary_enable_password">lab</DEVATTRIB><DEVATTRIB Name="snmp_v3_user_id">userap1</DEVATTRIB><DEVATTRIB Name="snmp_v3_password">roZes1</DEVATTRIB><DEVATTRIB Name="snmp_v3_auth_algorithm">MD5</DEVATTRIB><DEVATTRIB Name="snmp_v3_priv_password">roZes11</DEVATTRIB><DEVATTRIB Name="snmp_v3_priv_algorithm">AES128</DEVATTRIB></SET><SET Name="AUS proxy"><DEVATTRIB Name="aus_username">admin</DEVATTRIB><DEVATTRIB Name="aus_password">admin</DEVATTRIB></SET><SET Name="AUS managed"><DEVATTRIB Name="device_identity">AUS_ID</DEVATTRIB><DEVATTRIB Name="parent_aus_id">display_name=AUS_SERV1</DEVATTRIB></SET></DEVICE><DEVICE><SET Name="Basic Credentials"><DEVATTRIB Name="management_ip_address">10.10.10.1</DEVATTRIB><DEVATTRIB Name="host_name">aus_server</DEVATTRIB><DEVATTRIB Name="domain_name">cisco.com</DEVATTRIB><DEVATTRIB Name="display_name">AUS_SERV1</DEVATTRIB><DEVATTRIB Name="sysObjectID">UNKNOWN</DEVATTRIB><DEVATTRIB Name="dcr_device_type">3</DEVATTRIB><DEVATTRIB Name="mdf_type">UNKNOWN</DEVATTRIB></SET><SET Name="AUS proxy"><DEVATTRIB Name="aus_username">admin</DEVATTRIB><DEVATTRIB Name="aus_password">admin</DEVATTRIB><DEVATTRIB Name="aus_url">autoupdate/AutoUpdateServlet</DEVATTRIB></SET></DEVICE></DEVICES>Sample XML File for Cluster Managed Devices
<?xml version="1.0"?><DEVICES><DEVICE><SET Name="Basic Credentials"><DEVATTRIB Name="management_ip_address">1.1.1.1</DEVATTRIB><DEVATTRIB Name="host_name">ons_dev_1</DEVATTRIB><DEVATTRIB Name="domain_name">cisco.com</DEVATTRIB><DEVATTRIB Name="display_name">ONS1</DEVATTRIB><DEVATTRIB Name="sysObjectID">1.3.6.1.4.1.9.1.406</DEVATTRIB><DEVATTRIB Name="dcr_device_type">0</DEVATTRIB><DEVATTRIB Name="mdf_type">273612892</DEVATTRIB></SET><SET Name="DSBU managed"><DEVATTRIB Name="dsbu_member_number">1</DEVATTRIB><DEVATTRIB Name="parent_dsbu_id">display_name=cluster1</DEVATTRIB></SET></DEVICE><DEVICE><SET Name="Basic Credentials"><DEVATTRIB Name="management_ip_address">10.10.10.1</DEVATTRIB><DEVATTRIB Name="host_name">host1</DEVATTRIB><DEVATTRIB Name="domain_name">cisco.com</DEVATTRIB><DEVATTRIB Name="display_name">cluster1</DEVATTRIB><DEVATTRIB Name="sysObjectID">Unknown</DEVATTRIB><DEVATTRIB Name="dcr_device_type">1</DEVATTRIB><DEVATTRIB Name="mdf_type">278283831</DEVATTRIB></SET></DEVICE></DEVICES>Exporting Devices and Credentials
This feature helps you in exporting a list of device and their credentials into a file. The device list can be obtained from the Device Selector, or from a CSV file.
You can view the list of attributes that can be exported and edit the Export Format file to specify the credentials you need to export. See Listing the Attributes for viewing the list of attributes.
You can:
•
or
The device information is exported to files in CSV (only CSV 3.0) and XML formats only. See Sample CSV Files and XML Files for sample CSV and XML files generated by the export utility.
Specifying Device Credentials for Export
The device credentials that are exported are specified in the Export Format files Export_Format_CSV.xml and Export_Format_XML.xml located at the NMSROOT\objects\dcrimpexp\conf directory.
By default, all the device credentials other than UDFs are exported. You can edit the Export Format files to include the UDF names in the export device attributes list.
We recommend that you edit the Export format files only when you:
•
•
See Configuring User Defined Fields for more information on configuring UDFs.
Sample Export Format File
<?xml version="1.0" ?><EXPORT_FORMAT><GROUP Name="Basic Credentials"> management_ip_address,host_name,domain_name,device_identity,display_name,sysObjectID,dcr_d evice_type,mdf_type,snmp_v2_ro_comm_string,snmp_v2_rw_comm_string,snmp_v3_user_id,snmp_v3_ password,snmp_v3_engine_id,snmp_v3_auth_algorithm,snmp_v3_priv_password,snmp_v3_priv_algor ithm,rxboot_mode_username,rxboot_mode_password,primary_username,primary_password,primary_e nable_password,http_username,http_password,http_mode,http_port,https_port,cert_common_name ,secondary_username,secondary_password,secondary_enable_password,secondary_http_username,s econdary_http_password</GROUP><GROUP Name="AUS proxy"> management_ip_address,host_name,domain_name,device_identity,display_name,aus_username,aus_ password,aus_url,aus_port</GROUP><GROUP Name="AUS managed"> management_ip_address,host_name,domain_name,device_identity,display_name,parent_aus_id </GROUP><GROUP Name="DSBU managed"> management_ip_address,host_name,domain_name,device_identity,display_name,dsbu_member_numbe r,parent_dsbu_id</GROUP><GROUP Name="CNS managed"> management_ip_address,host_name,domain_name,device_identity,display_name,parent_cns_id,cns _config_id,cns_event_id,cns_image_id</GROUP></EXPORT_FORMAT>Adding User Defined Field Names to Export Format Files
You should add the UDF names in the Export Format file to export the additional information about devices stored in their user-defined fields.
Suppose if you want to export the device information stored in the user_defined_field_0, user_defined_field_1, user_defined_field_2 and user_defined_field_3 fields, you should edit the Export Format file and change the Basic Credentials group as follows:
<GROUP Name="Basic Credentials"> management_ip_address,host_name,domain_name,device_identity,display_name,sysObjectID,dcr_d evice_type,mdf_type,snmp_v2_ro_comm_string,snmp_v2_rw_comm_string,snmp_v3_user_id,snmp_v3_ password,snmp_v3_engine_id,snmp_v3_auth_algorithm,snmp_v3_user_id_authpriv,snmp_v3_passwor d_authpriv,snmp_v3_auth_algorithm_authpriv,snmp_v3_priv_password,snmp_v3_priv_algorithm,rx boot_mode_username,rxboot_mode_password,primary_username,primary_password,primary_enable_p assword,http_username,http_password,http_mode,http_port,https_port,cert_common_name,user_d efined_field_0,user_defined_field_1,user_defined_field_2,user_defined_field_3 </GROUP>If you rename the user_defined_field_3 to udf3 in the user interface, you should change the Basic Credentials section in the Export Format file as follows:
<GROUP Name="Basic Credentials"> management_ip_address,host_name,domain_name,device_identity,display_name,sysObjectID,dcr_d evice_type,mdf_type,snmp_v2_ro_comm_string,snmp_v2_rw_comm_string,snmp_v3_user_id,snmp_v3_ password,snmp_v3_engine_id,snmp_v3_auth_algorithm,snmp_v3_priv_password,snmp_v3_priv_algor ithm,rxboot_mode_username,rxboot_mode_password,primary_username,primary_password,primary_e nable_password,http_username,http_password,http_mode,http_port,https_port,cert_common_name ,user_defined_field_0,user_defined_field_1,user_defined_field_2,udf3</GROUP>Export Using Device and Credential Admin Interface
To export device credentials using Device and Credential Admin Interface:
Step 1
The Device Management page appears.
Step 2
The Device Export dialog box appears.
You can use either of the following device selection methods:
•
Select this option if you want to export devices from DCR to the file you specify in the Output File Information field. You can select the required devices from the Device Selector of the Device Export dialog box.
•
Select this option if you want to export devices from a CSV file that is already present in the server, to the file you specify in the Output File Information field.
You can use this option when the CSV file contains only partial device credentials, and you want to get the full list of credentials. The input CSV file checks for data in DCR, and exports the data to the output file.
•
Select this option if you want to export all devices from the selected groups, to the file you specify in the Output File Information field.
This device selection method is useful when you want to run a scheduled export job. All new devices added to the selected groups are also automatically exported during the future scheduled jobs.
If you choose to select from the Device Selector:
a.
b.
c.
If you choose to get the device list from a file:
a.
b.
c.
d.
If you choose to get the device list from groups:
a.
b.
c.
d.
Step 3
To do this:
a.
You can schedule export immediately or schedule the export for a later time. The scheduling can be periodic (daily, weekly, or monthly) or for a single instance (only).
b.
Step 4
Step 5
You can enter multiple e-mail addresses separated by comma.
Step 6
You must populate DCR with devices before you export credentials from DCR using Get Device List from File option.
Note
Excluding Devices
This feature allows you to specify a file that contains the list of devices that should not be added to DCR using Add or Import operations.
During the Add or Import operations, DCR ensures that the device being added or imported is not listed in the Exclude Device List.
You can also remove the list of devices that are excluded earlier using the Exclude operation.
The file containing the list of excluded devices should be in CSV format. See A Sample CSV Exclude File for a sample CSV file used for Exclude operation.
You can exclude devices by specifying any one or more of the following fields in the CSV file:
•
•
•
If you are using a CSV file generated by the DCR Export utility to exclude devices from Add or Import operations, make sure to remove the sections related to AUS Managed, Cluster Managed and CNS Managed devices from the CSV file.
To exclude devices from Add or Import operations:
Step 1
The Device Management page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
The Upload Exclude Devices File dialog box appears.
Step 3
The file that needs to be uploaded must be in CSV format.
Step 4
The system displays a message that the devices are excluded successfully.
A Sample CSV Exclude File
; This file is generated by DCR Export utilityCisco Systems NM Data import, Source=DCR Export; Type=DCRCSV; Version=3.0;;Start of section 0 - Basic Credentials;;HEADER: management_ip_address,host_name,domain_name,device_identity;,Dev1Hostname,,10.1.0.60,,,,,,AUSID1,Dev2Hostname,cisco.com,;;End of CSV fileViewing Devices List
You can view the devices in the Device List Report using this feature.
To view devices in the Device List Report:
Step 1
The Device Management page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
The Device List Report dialog box appears.
Step 3
Step 4
Managing Auto Update Servers
Auto Update Servers have the following credentials:
•
•
•
Note
Auto Update Server management feature helps you in:
Adding Auto Update Server
To add Auto Update Server:
Step 1
The Auto Update Server Management page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
The Auto Update Server dialog box appears.
Step 3
DCR uses a device record to represent a Auto Update Server.
An Auto Update Server added in the Auto Update Server Management UI can be selected for the field Auto Update Server when you add devices using the Auto Update management type.
Step 4
Editing Auto Update Server
To edit Auto Update Server:
Step 1
The Auto Update Server Management page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
The Auto Update Server dialog box appears.
Step 3
Step 4
Deleting Auto Update Server
To delete Auto Update Servers:
Step 1
The Auto Update Server Management page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
The Device Deletion Confirmation dialog box opens.
Step 4
Generating Device and Credential Admin Reports
You can use this feature to generate and view Device and Credential Admin reports. Common Services includes a Report Generator that provides detailed reports on device lists in DCR.
You should have the necessary privileges to generate DCR reports. Your login name determines whether you can use this option.
You can generate the DCR Reports only on a DCR Master or a DCR Standalone server. The DCR reports UI is not visible in a DCR Slave machine.
The following DCR reports are available:
•
To generate reports:
Step 1
The Report Generator page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
Step 4
The Report window appears with the summary of details.
You can perform the following activities from the Reports window:
•
•
•
•
•
To export the report:
Step 1
The Exporting Report dialog box opens.
Step 2
Step 3
For example, if you want to export the first 10 rows and fourteenth row, you should enter 1-10,14 in the text field.
Step 4
Device List Report
The DCR Device List Report displays the complete list of all devices.
•
•
To generate the Device List Report:
Step 1
The Report Generator page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
Step 4
•
•
If you do not select either of these options, the generated report displays only the Display Name and Device Type.
Step 5
The Report window appears with the following details:
Audit Report
The Audit Report displays the complete device list in DCR within a specified period of time.
In ACS mode, this report displays the list of devices that are configured or updated in the Cisco Secure ACS Server within a specified period of time.
To generate the Audit Report:
Step 1
The Report Generator page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
Step 4
Use the calendar icon displayed to enter a From Date and a To Date. The To Date should be later than the From Date.
Step 5
The Report window appears with the following details:
Excluded Devices Report
The Excluded Devices Report displays the list of devices that should not be added in DCR.
During the Add or Import operations, DCR ensures that the device being added or imported is not listed in the Excluded Device List.
To generate the Excluded Devices Report:
Step 1
The Report Generator page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
Step 4
The Report window appears with the following device information:
•
•
Imported Device List Report
The Imported Device List Report displays the information about the devices that are imported into DCR from any one of the following import sources:
•
•
•
See Importing Devices and Credentials for more information.
To generate the Imported Device List Report:
Step 1
The Report Generator page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
Step 4
The Report window appears with the following details.
Devices Not Configured In ACS Report
The report displays the list of devices in DCR that need to be configured in ACS. You can generate this report only when the AAA mode is set to ACS.
The list shown by this report might not be accurate in the following cases:
–
–
You must correct any ACS configuration mismatch before you generate this report.
You can use the Refresh button to update the device cache and synchronize with ACS server. You need not re-login into CiscoWorks Server to view the updated device information.
To generate the Devices Not Configured in ACS report:
Step 1
The Report Generator page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
Step 4
The Report window appears with the following details.
Configuring Device Selector
The improved Device Selector allows you to search the devices in DCR. It helps to locate the devices and perform the various device management tasks quickly. With this improved Device Selector, you need not remember the device type or application group hierarchy to locate the devices.
The devices are categorized under the Device Type based groups, User Defined groups, Subnet Based groups, Application Specific groups or under All Groups.
You can define the settings of the Device Selector pane to customize the display of devices and the order of display. You can customize the top level groups, sub-groups and the list of devices displayed under each group using the Group Customization option.
The Group Ordering option allows you to specify the order of display in which the groups are seen in the Device Selector pane. See Device Selector Settings for more information.
The Device Selector Settings are specific to each user. You can search for devices using a Simple search or an Advanced search. See Searching Devices for more information.
Tool tips are also provided for devices that contain long names so that you do not have to scroll horizontally to see the complete device name.
This section contains the following information:
•
Using Device Selector
The Device Selector is used to select devices to perform various device management tasks. This lists all devices in a group. The Display Name of the devices entered when you have added the devices in DCR is displayed as the device name in the Device Selector pane.
Note
The Device Selector contains the following components:
Search Input
Enter your search expression in this text field.
You can enter a single device name or multiple device names in this field. You can enter the following as search inputs for searching multiple devices:
•
•
The wildcard character ? matches single character in a device name and the wildcard character * matches multiple character in a device name.
•
See Performing Simple Search for more information.
Search
Use this icon to perform a Simple search of devices, after you have entered your search input. See Performing Simple Search for more information.
Advanced Search
Use this icon to perform an Advanced search of devices. See Performing Advanced Search for more information.
All
This tab lists all the top-level device groups and the device names under each group in a hierarchical format (tree view).
The top-level device groups include:
•
•
•
•
•
See Understanding Device Groups for more information on types of device groups.
Search Results
This tab displays all your Simple or Advanced search results and you can select all devices, clear all devices, or select a few devices from the list.
The Simple search results are based on the display name of the devices added to DCR. The Advanced search results are based on the grouping attributes of the application's grouping services server.
Selection
This tab lists all the devices that you have selected in the All or Search Results tab or through a combination of both. You can also use this tab to deselect the devices you have already selected.
You can perform more than one search and can accumulate your selection of devices.
The Device Selector displays the number of devices selected by you at the bottom. When you click the link provided, it launches the Selection Tab.
Tool tips are also provided for devices that contain long names so that you do not have to scroll horizontally to see the complete device name.
Selecting Devices for Device Management Tasks
You can select devices to perform various device management tasks such as editing device credentials and viewing device credentials, using any of these methods:
•
•
•
Selecting Devices From All Tab
The All tab lists all the top-level device groups and the device names under each group in a hierarchical format (tree view).
You can select the devices from the tree view. The Selection tab shows the flat list of selected devices from the All tab.
You should expand the nodes of the top-level device groups and sub groups to see the list of devices within a group and select the desired devices. You should not expand and leave the multiple group nodes open at a time. This may affect the performance of the device selector.
Selecting Devices From Search Results
You can perform a Simple Search or Advanced Search, and the search results are displayed under the Search Results tab. You can select the devices you want from the Search Results tab. The Selection tab and the All tab display the devices you have selected from the Search Results tab.
Note
Combination of Selection From All Tab and Search Results
You can select the devices from the All tab and add more devices to the Selection list from the Simple or Advanced search results in the Search Results tab. You can select the required devices from the Search Results tab.
The Selection tab displays the accumulated list from both All and Search Results tabs. You can enter another search criteria and select more devices. The selected devices are accumulated in the All tab from the Selection tab and vice versa.
Searching Devices
With the improved Device Selector, you can search the devices by performing a Simple search or an Advanced search. In both cases, you do not need to remember the name of the devices and the groups in which the devices are grouped.
Note
This section contains the following:
Performing Simple Search
You can enter your search criteria in the Search Input field and search for the devices using the Search icon. The search results are based on the display name of the devices added in DCR.
Note the following points when you perform a Simple search.
•
•
•
•
For example, when you enter device2?, *.cisco1,*device10* as search input, the system displays:
•
•
•
Performing Advanced Search
Use the Advanced Search icon to open the Advanced Search popup window and specify a set of rules for performing an Advanced search. The advanced search is based on the grouping attributes of the application's grouping server.
For example, when you launch an Advanced Search from Campus Manager Device Selector, the attributes of the Campus Manager grouping server appears.
You can create a rule in the Advanced Search dialog box by either:
or
You can verify whether the rule you have entered is correct using the Check Syntax button, and reset the rule you have created using the Clear button.
Using Expressions
You can use expressions to form a rule in the Advanced Search Dialog box. Each rule expression contains:
•
•
The device attributes listed in Variables list box are specific to Common Services only. The list of device attributes are different across CiscoWorks applications. The Advanced Search window in the Device Selector of CiscoWorks applications displays the respective device attributes as variables.
•
For the ManagementIpAddress variable, you can select the range operator other than the standard list of operators. The range operator enables you to search for devices of the specified range of IP Addresses. SeeUsing IP Address Range to Form a Search Rule for more information.
•
After you define the rule settings, click Add Expression to add the rule expression.
You can also enter multiple rule expressions using the logical operators. The logical operators include OR, EXCLUDE and AND.
Using IP Address Range to Form a Search Rule
The range operator enables you to search the devices of the specified range of IP Addresses. You can select the range operator only for the ManagementIpAddress variable.
You should enter the range of IP Addresses in the Value field, to create a search rule based on IP Address ranges.
When you enter the IP Address range in the text field, you should:
•
The minimum limit in the range is 0 and the maximum limit is 255.
•
•
For example, you can enter 10.10.10.[0-255] or 10.10.[0-255].[0-255] in the Value field.
You should not:
•
•
•
Example for forming a Search Rule Using Expressions
For example, if you want to search all the devices in the network whose display name contains TestDevice or their IP Addresses within the range 10.10.210.207 to 10.10.212.247, you must perform the following:
Step 1
The Define Advanced Search Rule dialog box appears.
Step 2
a.
b.
c.
Step 3
The rule is added into the Rule Text.
Step 4
a.
b.
c.
d.
Step 5
The rule is appended into the Rule Text.
Step 6
Using Rule Text Fields
You can use Rule Text Fields to directly enter a rule without building any expressions. Ensure the rule you create follows the syntax Object type.Variable Operator Value.
You can also enter multiple rule expressions using the logical operators.
For example, if you want to search all the devices in the network whose display name contains TestDevice or their SysObjectIDs start with 1.3.12.1.4, you must construct a rule as follows:
Device.DisplayName contains "TestDevice" OR Device.SystemObjectID startswith "1.3.12.1.4"
Note
Additional Notes
Read the following notes before you perform a advanced search:
•
•
•
•
Device Selector Settings
The devices are categorized under the Device Type groups, User Defined groups, Subnet groups, Application specific groups or under All groups.
You can define the settings of the Device Selector pane to customize the display of devices and the order of display. These configurations are specific to each user and you can save them.
The devices are displayed in the appropriate category based on your roles and privileges. All the devices will be listed to the administrator role.
This section has the following information:
•
Understanding Device Groups
The Device Selector pane displays the following top-level device groups:
All Devices
The All Devices Group displays all the devices in the application in the alphabetical order of their display names. The display names are defined when you have added the devices in DCR.
Device Type Groups
The Device Type Groups displays all devices in groups and subgroups based on their Device Category, Series and Model. By default, the device grouping is based on their Device Categories such as Routers, Switches and Hubs.
The Device Category Groups folder can contain devices in subgroups based on their Device Series. For example, the Device Category Group Router can contain devices (Routers) in subgroups Cisco 7000 Router Series and Cisco 12000 Router Series.
The Device Series subgroup can contain subgroups of devices based on their Model. For example, the subgroup Cisco 12000 Router Series can contain the devices Cisco 12012 Router and Cisco 12816 Router.
See Customization of Device Type Groups for information on customizing the display of devices under Device Type Groups.
Subnet Groups
You can see Subnet Groups, only when Campus Manager is installed. It contains device groups from the Campus Manager application.
In a Multi Server setup, when two or more servers are installed with the Campus Manager application, then the Subnet Groups from all the servers will be aggregated and displayed under the Subnet Groups folder in the Device Selector pane.
See Customization of Subnet Groups for information on customizing the display of devices under this group.
User Defined Groups
The User Defined Groups are created by users to administer the applications. The User Defined Groups are created in Groups Administration window based on defined group rules.
All User Defined Groups (shared groups) from all application group hierarchies are collated and shown as subgroups under this group. In a Multi Server Setup, the top level User Defined Groups will be named as User Defined Groups@Server Name.
When there are more than one User Defined Group with the same name, the Device Selector displays all of them. You have to use the Tooltip to find the source server where the User Defined Group is created.
Tip
See Customization of User Defined Groups for information on customizing the display of devices under this group.
Application Specific Groups
The Application Specific Groups list the groups based on device types or states specific to CiscoWorks applications. These application specific groups are not needed in other applications.
By default, the Application Specific Groups are displayed in the Device Selector pane of respective applications.
For example, RME Device Selector displays RME as the top level (application) group and sub device groups specific to device states in RME such as Normal Devices and Pre-deployed Devices.
In a Multi Server setup, the top level Application Specific Groups will be displayed as Application@Server Name.
For example, the Campus Manager and RME Application Groups will be displayed as Campus@Host1, Campus@Host2 in the Campus Manager Device Selector pane.
You can customize the Device Selector to display all the Application Groups from the local server or all peer servers in the Device Selector pane of all CiscoWorks applications, in a Multi-Server setup. The Application Specific Groups are displayed in the Device Selector pane of all applications, only when the particular application is installed.
For example, in a server setup with two servers Host1 and Host2, the Device Selector pane of all applications displays Campus@Host1, Campus@Host2, RME@Host1, RME@Host2, DFM@Host1 and DFM@Host2 groups.
Note
See Customization of Application Specific Groups for information on customizing the display of devices under this group.
Customizing Device Grouping
You can customize the device grouping and display the customized device groups in the Device Selector pane. See Understanding Device Groups for more information on Device Groups.
You can use the Group Customization option to customize the display of device groups.
This section contains:
•
•
•
•
Customization of Device Type Groups
You can display or hide the Device Type Groups folder in the Device Selector pane using the Group Customization option. You can customize the Device Type Based Groups folder to display:
•
•
•
By default, the Device Type Group folder displays the devices in sub groups based on their category only.
To display the devices in groups based on their Device Category:
Step 1
The Group Customization page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
To display the devices in groups and subgroups based on their Device Category and Series:
Step 1
The Group Customization page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
When you check the Show Series Groups check box, the Show Category Groups checkbox will also be checked automatically and will be disabled.
Step 3
To display the devices in groups and subgroups based on their Device Category, Series and Model:
Step 1
The Group Customization page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
When you check the Show Model Groups check box, the Show Category Groups and Show Series Groups checkboxes will also be checked automatically and will be disabled to you.
Step 3
To hide the display of Device Type Based Folders from the Device Selector Pane:
Step 1
The Group Customization page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
Customization of Subnet Groups
The Subnet Groups contains device groups from the Campus Manager application. By default, the Subnet Based Groups folder is not displayed in the Device Selector pane.
You can customize the Device Selector pane to display the Subnet Based Groups folder using the Group Customization option.
To display the devices under Subnet Based groups in the Device Selector Pane:
Step 1
The Group Customization page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
Customization of User Defined Groups
You can customize the User Defined Groups folder in the Device Selector pane to contain the following:
•
•
•
•
By default, you can view all the User Defined Groups (irrespective of any user) created in the local server in the Device Selector pane.
To display only the User Defined Groups created by you:
Step 1
The Group Customization page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
•
Or
•
In a Standalone Server Setup, the From drop down list box contains only Local CiscoWorks Server list item.
Step 4
To display all the User Defined Groups created by all users:
Step 1
The Group Customization page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
•
Or
•
In a Standalone Server Setup, the From drop down list box contains only Local CiscoWorks Server list item.
Step 4
Customization of Application Specific Groups
The Application Specific Groups folder in the Device Selector Pane contains the device groups specific to the application.
You can customize the Application Specific Groups folder in the Device Selector pane to contain the following:
•
•
For example, you can see RME@Master, RME@Slave1, and RME@Slave2 as the top level groups in the Device Selector pane.
•
For example, you can see Campus, DFM and RME if the applications are installed on a CiscoWorks Server.
•
For example, you can see RME@Master, Campus@Master, RME@Slave1, Campus@Slave1, RME@Slave2, and DFM@Slave2 as the top level groups in the Device Selector pane irrespective of the application workflow.
By default, you can view the application groups created in the local server only in the Device Selector pane of the respective applications.
To display only local application groups in the Device Selector Pane:
Step 1
The Group Customization page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
The Application Specific Groups Panel is enabled only when you have installed one or more applications in the LMS Bundle other than Common Services.
Step 3
•
or
•
In a Standalone Server Setup, the From drop down list box contains only This Local Server list item.
Step 4
To display all the Application Groups in the Device Selector Pane:
Step 1
The Group Customization page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
The Application Specific Groups Panel is enabled only when you have installed one or more applications in the LMS Bundle other than Common Services.
Step 3
•
or
•
In a Standalone Server Setup, the From drop down list box contains only This Local Server list item.
Step 4
Customizing Display Order of Device Groups
You can specify the order in which device groups appear in the Tree view on the Device Selector pane using the Group Ordering option.
The Group Ordering setup is specific to each user and the changes will be reflected in the Device Selector panes of all applications.
The default order of the groups displayed in the Device Selector pane is:
1.
2.
3.
4.
5.
You can change the order and save the configurations.
To change the order of the device groups:
Step 1
The Group Ordering page opens.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
Step 3
Step 4
Administering Device and Credential Repository
The DCR Administration feature allows you to do the following tasks:
•
•
To perform these tasks, select Device and Credentials > Admin from the CiscoWorks home page. The Admin page appears with the current DCR Administration settings.
You can change the Mode Settings or modify User Defined fields.
Changing DCR Mode
To change Mode Settings:
Step 1
The Admin page appears with the current DCR Administration settings.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
The Mode Settings window appears.
Step 3
The DCR Mode dialog box appears. You can select the required mode from this dialog box.
This section contains information on:
•
•
Master-Slave Configuration Prerequisites
Before you set up the Master and Slave, you have to perform certain tasks to ensure that secure communication takes place between the Master and Slave.
Tip
If machine M is to be the Master and S is to be the Slave:
Step 1
See Setting up Peer Server Account for details.
Step 2
See Setting up System Identity Account for details.
Step 3
See Creating Self Signed Certificates for details on creating Self-Signed Certificate and Setting up Peer Server Certificate for details on copying Peer Certificate.
Step 4
Changing the Mode to Standalone
Step 1
Step 2
The default DCR mode is Standalone.
Changing the Mode to Master
Before you change the mode to Master, ensure that Master-Slave Configuration Prerequisites are in place.
Step 1
Step 2
Changing the Mode to Slave
Before you change the mode to Slave, ensure that Master-Slave Configuration Prerequisites are in place. You need to perform the following tasks:
Step 1
Step 2
This hostname should exactly match the Hostname field in the Master's Self Signed Certificate.
Step 3
Step 4
If you select this check box, all the slaves of the Master (whose mode you currently changed to Slave) will be informed of the new master hostname. That is, they will become the slaves of the new Master.
Step 5
If the devices are already available in the new Master, they will be discarded.
Step 6
A warning message appears when the Master server has the earlier version of Common Services.
Step 7
To cancel the change of mode, click Cancel.
Changing the Hostname of a Master
Changing the hostname of a Master is equivalent to pointing Slaves to a new Master.
When you point a Slave/Standalone to a new Master, DCR checks whether the new Master has the same Domain ID as the current machine.
If Domain ID is the same, DCR displays an error message that Master cannot be configured since the new Master has the same Domain ID.
In this case, you need to convert the Slave to Standalone, and then register the machine with the new Master. When you re- register, the applications on Slave will clean up the device list.
When you change the host name of the current Master, you must change the Slave's mode to Standalone, and then re-register the machine as a Slave by providing the new Master hostname. However, when the machine is re-configured as Slave, the applications will clean up the device list.
For example, if you have a Master M and Slave S, and if you change the hostname of M, you should change the mode of S to standalone. Then, you have to configure S as the Slave of M. But when you re-configure S as Slave, the applications on S will clean up their device lists.
Therefore, you have to be aware that while changing the hostname of a Master, an application data is cleaned up on all Slaves.
Configuring User Defined Fields
The User Defined Fields (UDFs) are used to store the additional information about a device. DCR supports a maximum of ten UDFs.
By default, the user interface provides four UDFs:
•
•
•
•
You can add six more UDFs through the user interface. You can rename or delete all the UDFs including the four default UDFs provided by the user interface.
This section explains the following:
Adding User Defined Fields
To add a User Defined Field (UDF):
Step 1
The Admin page appears with the current settings.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
The User Defined Fields page appears.
Step 3
Step 4
Step 5
Renaming User Defined Fields
To rename a UDF:
Step 1
The Admin page appears with the current DCR Administration settings.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
The User Defined Fields dialog box appears.
Step 3
Step 4
The User Defined Field dialog box opens in a new window.
Step 5
Step 6
Deleting User Defined Fields
By default, you can define four attribute fields for a device. These fields are used to store additional user-defined data for the device. You can add up to ten UDFs.
To delete a UDF:
Step 1
The Admin page appears with the current DCR Administration settings.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
Step 2
The User Defined Fields dialog box appears.
Step 3
Configuring Default Credentials
Devices added or imported into DCR do not contain all credentials required by the network management applications to manage them. Sometimes this could lead to failure of application jobs.
The default credentials feature helps you to add or import devices into DCR with the default credentials and prevents the management applications from failing when the network management applications manage the devices added or imported in DCR.
This section contains information on:
•
•
Default Credential Set
Default credentials are stored in DCR and are not associated with any device. DCR maintains only one default credential set comprising of the following credentials:
•
•
•
•
•
•
•
Using Default Credentials
You can choose to use the default credentials when you:
•
When you manually add devices with a similar credential set in DCR, you have to enter the credentials repetitively for every device addition. Instead, you use the default credentials to populate DCR for the devices using same credential set.
•
Discovery populates only the SNMP read community string in DCR during device addition and leaves the other credentials as blank.
When other applications manage the newly added device, the management operations fail if they cannot retrieve the required credentials from DCR. To prevent the management operations failing, you can use the default credentials while adding devices through Discovery.
•
Importing devices from NMS or any other third party applications into DCR populates the SNMP read-only community string and the SNMP read/write community string.
When other applications manage the newly imported devices, the management operations fail if they could not retrieve the required credentials from DCR. To prevent the management operations failing, you can use the default credentials while importing devices from NMS or any other third party application.
Important Notes
You should read the following notes about the default credentials before you configure them and choose to use them in various flows:
•
•
You can configure the default credentials and add or import a set of devices in DCR with default credentials. Later, you can edit the value of the credentials and add another set of values with the edited default credentials.
•
•
For example, if you have configured the default credentials set with Standard credentials, SNMP credentials, and Auto Update Server Managed Device credentials and if you add a device of Standard management type in DCR, the Auto Update Server Managed Device credentials are also populated for that device.
•
Setting Up Default Credentials
To configure the default credentials:
Step 1
Step 2
The Default Credentials page appears.
Alternatively, you can navigate to this page from the LMS Portal home page if you have installed the LMS Portal application on CiscoWorks Server.
The Default Credentials list item is visible in the TOC only in DCR Master and DCR Standalone CiscoWorks Servers. You cannot see this list item in DCR Slave Server.
Step 3
•
•
•
•
