Contents

• Set commands
• set account*
• set account enable
• set account name
• set accountlocking*
• set accountlocking
• set accountlocking count
• set accountlocking unlocktime
• set cert*
• set cert bulk consolidate
• set cert bulk export
• set cert bulk import
• set cert bulk sftp
• set cert delete
• set cert import
• set cert regen
• set cli*
• set cli pagination
• set cli session timeout
• set commandcount
• set csr gen
• set cuc jetty*
• set cuc jetty stderrlog
• set cuc jetty stdoutlog
• set cuc jetty requestlog
• set cuc trace
• set date
• set dscp*
• set dscp defaults
• set dscp
• set dscp marking
• set ipsec*
• set ipsec policy_group
• set ipsec policy_name
• set logging
• set network*
• set network cluster publisher
• set network dhcp eth0
• set network dns
• set network dns options
• set network domain
• set network failover
• set network gateway
• set network hostname
• set network ip eth0
• set network ipv6 dhcp
• set network ipv6 gateway
• set network ipv6 service
• set network ipv6 static_address
• set network max_ip_conntrack
• set network mtu
• set network nic eth0
• set network pmtud
• set network restore
• set network status eth0
• set password*
• set password age
• set password change-at-login
• set password complexity character
• set password complexity character difference
• set password complexity character max-repeat
• set password expiry maximum-age
• set password expiry minimum-age
• set password expiry user maximum-age
• set password expiry user minimum-age
• set password history
• set password inactivity
• set password user admin
• set password user security
• set replwatcher monitor
• set session maxlimit
• set smtp
• set strace*
• set strace enable
• set strace disable
• set timezone
• set trace*
• set trace disable
• set trace enable
• set web-security
• set webapp session timeout
• set workingdir

Set commands

---

set account*

set account enable

This command enables the OS user account that was disabled because of password inactivity.

set account enable user-id

Syntax Description

Parameters	Description
user-id	Specifies the user ID of the account that was disabled.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 0

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, Cisco Unity Connection

set account name

This command sets up a new account on the operating system.

set account name name

Syntax Description

Parameters	Description
name	Represents the username for the new account.

Command Modes

Administrator (admin:)

Usage Guidelines

After you enter the username, the system prompts you to enter the privilege level (0 or 1) and password for the new account. The privilege levels definitions are as follows:

Privilege level 0

Specifies an ordinary privilege level. Users with ordinary privileges can run CLI commands with privilege level 0 only.

Privilege level 1

Specifies an advanced privilege level. Users with advanced privileges can run CLI commands with privilege level 1 and below.

Note	The administrator account that the system creates when Unified CM installs has a privilege level of 4. The administrator can run all commands in the CLI.

Requirements

Command privilege level: 0

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, Cisco Unity Connection

set accountlocking*

set accountlocking

This command enables or disables account locking for the current administration accounts.

set accountlocking { enable | disable }

Syntax Description

Parameters	Description
enable	Enable account locking.
disable	Disable account locking.

Command Modes

Administrator (admin:)

Usage Guidelines

Note	After you run this command with enable, the system automatically enables account lockout notification after the system enables the audit logging function.

Requirements

Applies to: Unified CM, IM and Presence service on Unified CM, Cisco Unity Connection

set accountlocking count

This command sets the global consecutive failed sign-in attempt count that triggers locking a user account.

set accountlocking count attempts

Syntax Description

Parameters	Description
attempts	Represents the number of consecutive sign-in attempts before the system locks the account. Value Range: 2-5 Default value: 3

Command Modes

Administrator (admin:)

Usage Guidelines

To change the global value for consecutive failed sign-in attempts before the system locks a user account, execute this command.

Note	This command is only valid when account locking is enabled. If account locking is disabled, the system does not remember the account locking value and uses the default value, 3, after you enable account locking.

Requirements

Command privilege level: 1

Allowed during upgrade: Yes

Applies to: Unified CM, IM and Presence service on Unified CM, Cisco Unity Connection

set accountlocking unlocktime

This command configures the unlock time for the current Unified CM admin accounts

set accountlocking unlocktime seconds

Syntax Description

Parameters	Description
seconds	Specifies the unlock time in seconds. Valid values: greater than 300 seconds, but less than 3600 seconds (60 minutes).

Command Modes

Administrator (admin:)

Requirements

Applies to: Unified CM, IM and Presence service on Unified CM, Cisco Unity Connection

set cert*

set cert bulk consolidate

This command consolidates all the certificates that are available on the unit.

set cert bulk consolidate unit

Syntax Description

Parameters	Description
unit	Represents the unit name.

Command Modes

Administrator (admin:)

Usage Guidelines

You must specify the SFTP server information to use for cert bulk operations.

Requirements

Command privilege level: 1

Allowed during upgrade: Yes

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Related References

set cert bulk sftp

set cert bulk export

This command exports all the certificates that are available on the unit.

set cert bulk export unit

Syntax Description

Parameters	Description
export	Exports all the available certificates for this unit in this cluster to the preconfigured SFTP location.
unit	Represents the unit name.

Command Modes

Administrator (admin:)

Usage Guidelines

You must specify the SFTP server information to use for cert bulk operations.

Requirements

Command privilege level: 1

Allowed during upgrade: Yes

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set cert bulk export all
Successfully exported tomcat certificate(s) to sftp server.
Successfully exported tftp certificate(s) to sftp server.

Related References

set cert bulk sftp

set cert bulk import

This command imports the certificates that are in the SFTP location into the specified unit trust-store.

set cert bulk import unit

Syntax Description

Parameters	Description
unit	Represents the unit name.

Command Modes

Administrator (admin:)

Usage Guidelines

You must specify the SFTP server information to use for cert bulk operations.

Requirements

Command privilege level: 1

Allowed during upgrade: Yes

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set cert bulk import all
Successfully imported tomcat certificates.
Successfully imported tftp certificates.

Related References

set cert bulk sftp

set cert bulk sftp

This command prompts for the SFTP server information to use for bulk operations.

set cert bulk sftp

Command Modes

Administrator (admin:)

Usage Guidelines

You must specify the SFTP server information to use for cert bulk operations.

Requirements

Command privilege level: 1

Allowed during upgrade: Yes

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set cert delete

This command deletes a specific certificate file from the trust unit.

set cert delete unit name

Syntax Description

Parameters	Description
unit	Specifies the name of the trust category, as "own" or "trust".
name	Certificate file name.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: Yes

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set cert delete cucm siptest.pem

set cert import

This command imports the specified certificate for the specified certificate type.

set cert import type name [caCert]

Syntax Description

Parameters	Description
type	Specifies the certificate type as "own" or "trust".
name	Represents the unit name.
caCert	Represents the name of the CA certificate file name.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: Yes

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set cert import trust tomcat
Successfully imported certificate for tomcat.
Please restart services related to tomcat for the new certificate to
become active. 

set cert regen

This command regenerates the certificate for the specified unit.

set cert regen name

Syntax Description

Parameters	Description
name	Represents the unit name.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set cert regen tomcat
Successfully regenerated certificate for tomcat.

set cli*

set cli pagination

For the current CLI session, this command turns automatic pagination On or Off.

set cli pagination { on | off }

Syntax Description

Parameters	Description
on	Turns pagination on.
off	Turns pagination off.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

admin:set cli pagination off
Automatic pagination is turned off 

set cli session timeout

This command sets the time, in minutes, after which an active CLI session times out and disconnects.

set cli session timeout minutes

Syntax Description

Parameters	Description
minutes	Specifies the time, in minutes, that can elapse before an active CLI session times out and disconnects. Value range: 5-99999 minutes Default value: 30 minutes

Command Modes

Administrator (admin:)

Usage Guidelines

Be aware that the new session timeout value becomes effective immediately for a new CLI session; however, active sessions retain their original timeout value. Also the show cli session timeout command reflects the new value, even if the current session does not use that value.

Note	This setting gets preserved through a software upgrade and does not get reset to the default value.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set commandcount

This command changes the CLI command prompt, so it displays how many CLI commands have executed.

set commandcount { enable | disable }

Syntax Description

Parameters	Description
enable	Turns on command count.
disable	Turns off command count.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set csr gen

This command regenerates the certificate for the specified unit.

set csr gen name

Syntax Description

Parameters	Description
name	Specifies the unit on which the certificate is generated.

Command Modes

Administrator (admin:)

Requirements

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set csr gen tomcat
Successfully regenerated certificate for tomcat.
Please restart services related to tomcat for the new certificate to become active.

set cuc jetty*

set cuc jetty stderrlog

This command enables or disables the error log getting generated while any standard error occurs during communicating with the Jetty server. This error log gets generated and is available at the path /var/log/active/jetty/.

set cuc jetty stderrlog { enable | disable }

Syntax Description

Parameters	Description
enable	Enables the error log on the Jetty server. Be aware that enable is case sensitive.
disable	Disables the error log on the Jetty server. Be aware that disable is case sensitive.

Command Modes

Administrator (admin:)

Usage Guidelines

Caution

You must restart the Jetty services after enabling or disabling the error log on the Jetty server.

Requirements

Command privilege level: 0

Allowed during upgrade: No

Applies to: Cisco Unity Connection only.

Enable error log on Jetty server example

admin:set cuc jetty stderrlog enable

Command is executed successfully
To effect changes restart jetty server
Restart Jetty Server through Unity Connection Serviciabilty .
Go to Tools -> Service Management -> Restart Connection Jetty Service.
Check the logs that should not be generated after running above command.
Check the requestlog by sending one voice message through webinbox. 
Notifications should not come in logs

set cuc jetty stdoutlog

This command enables or disables the standard input and output log getting generated while communicating with Jetty server. This standard input and output log gets generated and is available at the path /var/log/active/jetty/.

set cuc jetty stdoutlog { enable | disable }

Syntax Description

Parameters	Description
enable	Enables the standard input and output log on the Jetty server. Be aware that enable is case sensitive.
disable	Disables the standard input and output log on the Jetty server. Be aware that disable is case sensitive.

Command Modes

Administrator (admin:)

Usage Guidelines

Caution

You must restart the Jetty services after enabling or disabling the standard input and output log on the Jetty server.

Requirements

Command privilege level: 0

Allowed during upgrade: No

Applies to: Cisco Unity Connection only.

Enable standard input and output log on Jetty server example

admin:set cuc jetty stdoutlog enable

Command is executed successfully
To effect changes restart jetty server
Restart Jetty Server through Unity Connection Serviciabilty .
Go to Tools -> Service Management -> Restart Connection Jetty Service.
Check the logs that should not be generated after running above command.
Check the requestlog by sending one voice message through webinbox. 
Notifications should not  come in logs

set cuc jetty requestlog

This command enables or disables the request log getting generated from the Jetty server while any request is raised for notifications. This request log gets generated and is available at the path /usr/local/jetty/logs/.

set cuc jetty requestlog { enable | disable }

Syntax Description

Parameters	Description
enable	Enables the request log on the Jetty server. Be aware that "enable" is case sensitive.
disable	Disables the request log on the Jetty server. Be aware that "disable" is case sensitive.

Command Modes

Administrator (admin:)

Usage Guidelines

Caution

You must restart the Jetty services after enabling or disabling the request log on the Jetty server.

Requirements

Command privilege level: 0

Allowed during upgrade: No

Applies to: Cisco Unity Connection only.

Enable request log on Jetty server example

admin:set cuc jetty requestlog enable

Command is executed successfully
To effect changes restart jetty server
Restart Jetty Server through Unity Connection Serviciabilty .
Go to Tools -> Service Management -> Restart Connection Jetty Service.
Check the logs that should not be generated after running above command.
Check the requestlog by sending one voice message through webinbox. 
Notifications should not come in logs

set cuc trace

This command enables or disables the specified traces and trace levels.

set cuc trace { enable | disable } trace_name level

Syntax Description

Parameters	Description
enable	Enables Connection traces.
disable	Disables Connection traces.
trace_name	Specifies the name of the trace to enable or disable. Be aware that trace names are case sensitive.
level	Specifies the level or levels of trace_name that you want to enable or disable. Each trace comprises up to 31 levels, numbered 0 to 30; each level provides a different type of information for the specified trace. When you enable or disable multiple levels, use a comma to separate levels and a hyphen to indicate a range of levels. Do not include spaces.

Command Modes

Administrator (admin:)

Usage Guidelines

To display a list of the traces and trace levels that are currently enabled, use the show cuc trace levels (Cisco Unity Connection Only) command.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Cisco Unity Connection only.

Enable VUI traces 1, 13, and 17 through 20 example

admin:set cuc trace enable VUI 1,13,17-20
VUI trace levels are now set to: 1,13,17-20

Disable VUI traces 17 through 20 while VUI trace levels 1 and 13 remain set example

admin:set cuc trace disable VUI 17-20
VUI trace levels are now set to: 1,13

Related References

show cuc trace levels

set date

This command changes the time and date on the server.

set date HH:mm:ss:MM/DD/YY

Syntax Description

Parameters	Description
HH:mm:ss	Represents the time format (24 hours format).
MM/DD/YY	Represents the date format. Note    Date format MM/DD/YYYY is also accepted.

Command Modes

Administrator (admin:)

Usage Guidelines

If the server is configured to synchronize with external NTP servers, this command requires the user to remove all of those NTP servers.

Requirements

Applies to: Unified CM and Cisco Unity Connection.

Set date and time to 2:10:33 pm April 13th 2012 example

admin:set date 14:10:33:04/13/12 

set dscp*

set dscp defaults

This command sets the factory default DSCP settings for all of the port tags.

set dscp defaults

Command Modes

Administrator (admin:)

Usage Guidelines

All non-default DSCP settings get removed after you run this command.

You can use the command show dscp defaults to see the factory default DSCP settings.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set dscp

This command enables or disables DSCP marking on outgoing TCP or UDP packets. You can enable or disable DSCP on a single port tag, or on all port tags at once.

set dscp { enable | disable } { all | port_tag }

Syntax Description

Parameters	Description
all	Disables all DSCP port tags.
port_tag	Represents a DSCP port tag, which is a string that is mapped to a TCP or UDP port to identify the application that uses the port. This value is for the portTag field displayed when you use the command show dscp defaults. The set of port tags is predefined.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set dscp marking

This command sets DSCP markings on port tags by using well-known DSCP classes and numeric values.

set dscp marking port_tag value

Syntax Description

Parameters	Description
port_tag	Represents a DSCP port tag, which is a string that is mapped to a TCP or UDP port to identify the application that uses the port. This value is for the portTag field displayed when you use the command show dscp defaults. The set of port tags is predefined.
value	A DSCP value. You can enter the name of a well-known DSCP class or a numeric value in decimal or hexadecimal format. Precede hexadecimal values with 0x or 0X.

Command Modes

Administrator (admin:)

Usage Guidelines

The valid class names as defined by DSCP are:

• Class Selector: values CS0, CS1, CS2, CS3, CS5, CS6, CS7 The class selector (CS) values correspond to IP Precedence values and are fully compatible with IP Precedence.
• Expedited Forwarding: value EF EF PHB is ideally suited for applications such as VoIP that require low bandwidth, guaranteed bandwidth, low delay, and low jitter.
• Best Effort: value BE Also called default PHB, this value essentially specifies that a packet be marked with 0x00, which gets the traditional best-effort service from the network router.
• Assured Forwarding: values AF11, AF12, AF13, AF21, AF22, AF23, AF41, AF42, AF43 There are four types of Assured Forwarding classes, each of which has three drop precedence values. These precedence values define the order in which a packet is dropped (if needed) due to network congestion. For example, packets in AF13 class are dropped before packets in the AF12 class.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set ipsec*

set ipsec policy_group

This command enables ipsec policies with the specified policy group name.

set ipsec policy_group { ALL | group }

Syntax Description

Parameters	Description
ALL	Enables all ipsec policy groups.
group	Specifies the name of a particular ipsec policy group to enable.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM and Cisco Unity Connection.

set ipsec policy_name

This command enables the specified ipsec policy.

set ipsec policy_name { ALL | policy_name }

Syntax Description

Parameters	Description
ALL	Enables all ipsec policies.
policy_name	Specifies the name of a particular ipsec policy to enable.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM and Cisco Unity Connection.

set logging

This command allows you to enable or disable CLI Admin logs.

set logging { enable | disable }

Syntax Description

Parameters	Description
enable	Turns on logging.
disable	Turns off logging.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 0

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set network*

set network cluster publisher

This command sets the network cluster publisher hostname and IP address.

set network cluster publisher { hostname | ip } name

Syntax Description

Parameters	Description
hostname	Specifies the hostname of the network cluster.
ip	Specifies the ip address of the network cluster.
name	Hostname or IP address to assign to the network cluster publisher.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 0

Allowed during upgrade: Yes

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set network dhcp eth0

This command enables or disables DHCP for Ethernet interface 0. You cannot configure Ethernet interface 1.

set network dhcp eth0 { enable | disable } { node_ip | net_mask | gateway_ip }

Syntax Description

Parameters	Description
eth0	Specifies Ethernet interface 0.
enable	This enables DHCP.
disable	This disables DHCP.
disable	This disables DHCP.
node_ip	Represents the static IP address for the server.
net_mask	Represents the subnet mask for the server.
gateway_ip	Represents the IP address of the default gateway.

Command Modes

Administrator (admin:)

Usage Guidelines

Caution

If you continue, this command causes the system to restart. Cisco also recommends that you restart all nodes whenever any IP address gets changed.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set network dns

This command sets the IP address for the primary or secondary DNS server.

set network dns { primary | secondary } addr

Syntax Description

Parameters	Description
primary
secondary
addr	Represents the IP address of the primary or secondary DNS server.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set network dns options

This command sets DNS options.

set network dns options [ timeout | seconds ] [ attempts | number ] [ rotate ]

Syntax Description

Parameters	Description
timeout	Sets the DNS timeout.
attempts	Sets the number of times to attempt a DNS request.
rotate	Causes the system to rotate among the configured DNS servers and distribute the load.
seconds	Specifies the DNS timeout period in seconds.
number	Specifies the number of attempts.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 0

Allowed during upgrade: Yes

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set network domain

This command sets the domain name for the system.

Note

Changing the domain name triggers an automatic regeneration of all Cisco Unified Communications Manager certificates, including any third party signed certificates that have been uploaded. After the server reboots automatically, phones running in secure (mixed) mode cannot connect to the server until after the CTL client updates the new CTL file to the phones.

set network domain [domain-name]

Syntax Description

Parameters	Description
domain_name	Represents the system domain that you want to assign.

Command Modes

Administrator (admin:)

Usage Guidelines

The system asks whether you want to continue to execute this command.

Caution

If you continue, this command causes a temporary loss of network connectivity.

If you use the set network domain domain-name command to change the domain name, you must manually regenerate all of your security certificates in Cisco Unified Operating System Administration. The list of certificates depends on your software release but may include cup.pem, cup-xmpp.pem, cup-xmpp-s2s.pem, tomcat, ipsec and so on. Note that you must restart the tomcat service after the tomcat cert is regenerated and you can only restart this service using the CLI. For more information about regenerating security certificates, see the Cisco Unified Communications Operating System Administration Guide (on Cisco.com).

After you regenerate your security certificates, you must reboot all the servers in the cluster. This will ensure that database replication keeps working correctly. After the servers have rebooted, confirm that there are no issues reported on the Cisco Unified Reporting report for Database Replication. After you reboot the server, we recommend that you manually delete old certificates that have become disassociated by the domain name change. For every ICSA peer that exists on the local node, you must either update the ICSA entry for the peer node with the new FQDN hostname, or delete that entry and add a new ICSA peer entry with the new FQDN hostname.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set network failover

This command enables and disables Network Fault Tolerance on the Media Convergence Server network interface card.

set network failover { ena | dis }

Syntax Description

Parameters	Description
ena	Enables Network Fault Tolerance.
dis	Disables Network Fault Tolerance.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set network gateway

This command enables you to configure the IP address of the network gateway.

set network gateway addr

Syntax Description

Parameters	Description
addr	Represents the IP address of the network gateway that you want to assign.

Command Modes

Administrator (admin:)

Usage Guidelines

The system asks whether you want to continue to execute this command.

Caution

If you continue, this command causes the system to restart.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set network hostname

This commands sets the network host name and then causes a restart of the system.

set network hostname hostname

Syntax Description

Parameters	Description
hostname	Represents the new network hostname of the system. Note    The host name must follow the rules for ARPANET host names. It must start with an alphabetic character, end with an alphanumeric character, and consist of alphanumeric characters and hyphens. The host name can have a maximum length of 63 characters.

Command Modes

Administrator (admin:)

Usage Guidelines

For information about renaming the host name of a Cisco Unity Connection server, see topics related to renaming Cisco Unity Connection servers in the Reconfiguration and Upgrade Guide for Cisco Unity Connection at http:/​/​www.cisco.com/​en/​US/​products/​ps6509/​prod_​installation_​guides_​list.html.

The system asks whether you want to continue to execute this command.

Caution

If you continue, this command causes the system to restart.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set network hostname myname
W A R N I N G
This will cause the system to restart - Do you want to continue ?
Enter "yes" to continue and restart or any other key to abort
yes
executing...
Broadcast message from root (Thu Jun 21 13:00:21 2012):
The system is going down for restart NOW!

set network ip eth0

This command sets the IP address for Ethernet interface 0. You cannot configure Ethernet interface 1.

set network ip eth0 addr mask gw

Syntax Description

Parameters	Description
eth0	Specifies Ethernet interface 0.
addr	Represents the IP address that you want to assign.
mask	Represents the IP mask that you want to assign.
gw	Represents the IP default gw that you want to assign.

Command Modes

Administrator (admin:)

Usage Guidelines

The system asks whether you want to continue to execute this command.

Caution

If you continue, this command causes the system to restart.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set network ipv6 dhcp

This command sets the DHCPv6 client on the server and enables IPv6 support. For changes to take effect, you must restart the server.

set network ipv6 dhcp { enable | disable } [reboot]

Syntax Description

Parameters	Description
dhcp	Sets the DHCPv6 client on the server. By default, the server does not restart after you enable the DHCPv6 client. For your changes to take effect, you must restart the server by either entering the reboot parameter or manually restarting the server.
enable	Enables IPv6 support.
disable	Disables IPv6 support.
reboot	(Optional) Causes the server to automatically restart after you enter the command.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM and Cisco Unity Connection.

Note	IPv6 is not supported in Cisco Business Edition 5000.

set network ipv6 gateway

This command sets the IPv6 gateway for the server. For changes to take effect, you must restart the server.

set network ipv6 gateway addr [reboot]

Syntax Description

Parameters	Description
gateway	Sets the IPv6 gateway for the server. By default, the server does not restart after you set the IPv6 gateway for the server. For your changes to take effect, you must restart the server by either entering the reboot parameter or manually restarting the server.
addr	The IPv6 gateway address.
reboot	(Optional) Causes the server to automatically restart after you enter the command.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM and Cisco Unity Connection.

Note	IPv6 is not supported in Cisco Business Edition 5000.

set network ipv6 service

This command enables or disables the IPv6 service on the server. For changes to take effect, you must restart the server.

set network ipv6 service { enable | disable } [reboot]

Syntax Description

Parameters	Description
service	Sets the IPv6 service on the server. By default, the server does not restart after you enable or disable the IPv6 service on the server. For your changes to take effect, you must restart the server by either entering the reboot parameter or manually restarting the server.
enable	Enables IPv6 service on the server.
disable	Disables IPv6 service on the server.
reboot	(Optional) Causes the server to automatically restart after you enter the command.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM and Cisco Unity Connection.

Note	IPv6 is not supported in Cisco Business Edition 5000.

set network ipv6 static_address

This command assigns the static IPv6 address to the server. For changes to take effect, you must restart the server.

Note	IPv6 is not supported in Cisco Business Edition 5000.

set network ipv6 static_address addr mask [reboot]

Syntax Description

Parameters	Description
static_address	Assigns a static IPv6 address to the server. By default, the server does not restart after you assign the static IPv6 address. For your changes to take effect, you must restart the server by either entering the reboot parameter or manually restarting the server.
addr	Specifies the static IPv6 address you assign to the server.
mask	Specifies the IPv6 network mask (0-128).
reboot	(Optional) Causes the server to automatically restart after you enter the command.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM and Cisco Unity Connection.

set network max_ip_conntrack

This command sets the ip_conntrack_max value.

set network max_ip_conntrack ip_conntrack_max value

Syntax Description

Parameters	Description
ip_conntrack_max value	Specifies the value for ip_conntrack_max. Note    The value of ip_conntrack_max cannot be less than 65536.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set network max_ip_conntrack 65536 

set network mtu

This command sets the maximum MTU value.

set network mtu mtu_max

Syntax Description

Parameters	Description
mtu_max	Specifies the maximum MTU value. The system default MTU value equals 1500. Caution    When packets on UDP port 8500 that have the DF bit set are exchanged between nodes, if there is any policy on the WAN router to clear the DF bit and fragment large packets, this may cause dbreplication issues.

Command Modes

Administrator (admin:)

Usage Guidelines

The system asks whether you want to continue to execute this command.

Caution

If you continue, the system loses network connectivity temporarily.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set network mtu 576      W A R N I N G
This will cause the system to temporarily lose network connectivity
     Do you want to continue ?
Enter "yes" to continue or any other key to abort
yes
executing...

set network nic eth0

This command sets the properties of the Ethernet Interface 0. You cannot configure Ethernet interface 1.

set network nic eth0 { auto | { en | dis } } { speed | { 10 | 100 } } { duplex half | { half | full } }

Syntax Description

Parameters	Description
eth0	Specifies Ethernet interface 0.
auto	Specifies whether auto negotiation gets enabled or disabled.
speed	Specifies whether the speed of the Ethernet connection: 10 or 100 Mb/s.
duplex	Specifies half-duplex or full-duplex.

Command Modes

Administrator (admin:)

Usage Guidelines

The system asks whether you want to continue to execute this command.

Note	You can enable only one active NIC at a time.

Caution

If you continue, this command causes a temporary loss of network connections while the NIC gets reset.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set network pmtud

This command enables and disables Path MTU Discovery.

set network pmtud { enable | disable }

Syntax Description

Parameters	Description
enable	Enables Path MTU Discovery.
disable	Disables Path MTU Discovery.

Command Modes

Administrator (admin:)

Usage Guidelines

The system asks whether you want to continue to execute this command.

Caution

If you continue, the system loses network connectivity temporarily.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set network pmtud enable      W A R N I N G
This will cause the system to temporarily lose network connectivity
     Do you want to continue ?
Enter "yes" to continue or any other key to abort
yes
executing...

set network restore

This command configures the specified Ethernet port to use a specified static IP address.

set network restore eth0 ip-address network-mask gateway

Syntax Description

Parameters	Description
eth0	Specifies Ethernet interface 0.
ip-address	Represents the IP address of the primary or secondary DNS server, or the network gateway that you want to assign. If you continue, this command causes a temporary loss of network connectivity. If you change the IP address for the primary DNS server, you must also restart the Cisco Tomcat service. For more information, see the utils service command. We also recommend that you restart all nodes whenever any IP address gets changed.
network-mask	Represents the subnet mask for the server.
gateway	Specifies the IP address of the default gateway.
ip-address	Represents the IP address of the primary or secondary DNS server, or the network gateway that you want to assign. If you continue, this command causes a temporary loss of network connectivity. If you change the IP address for the primary DNS server, you must also restart the Cisco Tomcat service. For more information, see the utils service command. We also recommend that you restart all nodes whenever any IP address gets changed.
ip-address	Represents the IP address of the primary or secondary DNS server, or the network gateway that you want to assign. If you continue, this command causes a temporary loss of network connectivity. If you change the IP address for the primary DNS server, you must also restart the Cisco Tomcat service. For more information, see the utils service command. We also recommend that you restart all nodes whenever any IP address gets changed.

Command Modes

Administrator (admin:)

Usage Guidelines

Caution

Only use this command option if you cannot restore network connectivity through any other set network commands. This command deletes all previous network settings for the specified network interface, including Network Fault Tolerance. After you run this command, you must restore your previous network configuration manually.

Caution

The server temporarily loses network connectivity after you run this command.

Requirements

Command privilege level: 0

Allowed during upgrade: Yes

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set network restore eth0   10.94.150.108   255.255.255.0   10.94.150.1

set network status eth0

This command sets the status of Ethernet 0 to up or down. You cannot configure Ethernet interface 1.

set network status eth0 { up | down }

Syntax Description

Parameters	Description
eth0	Specifies Ethernet interface 0.
up	Sets the status of Ethernet interface 0 to up.
down	Sets the status of Ethernet interface 0 to down.

Command Modes

Administrator (admin:)

Usage Guidelines

The system asks whether you want to continue to execute this command.

Caution

If you continue, the system loses network connectivity temporarily.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set password*

set password age

This command modifies the value for password age, in days, for Cisco Unified Communications Operating System accounts.

set password age { maximum | minimum } days

Syntax Description

Parameters	Description
maximum	Specifies the maximum age.
minimum	Specifies the minimum age.
days	Specifies the maximum password age and must be greater-than or equal-to 90 days.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set password change-at-login

Use this command to force new or existing users to change their password when they sign in to the system the next time.

set password change-at-login { disable | enable } userid

Syntax Description

Parameters	Description
disable	This does not force users to change their password.
enable	This forces users to change their password when they sign in to the system the next time.
userid	Specifies the affected user account.

Command Modes

Administrator (admin:)

Usage Guidelines

By default, this command is enabled for new users, so users have to change their password the first time they sign in to the system.

Requirements

Command privilege level: 4

Allowed during upgrade: No

Applies to: IM and Presence service on Unified CM only.

set password complexity character

Use this command to enable or disable password complexity rules for the type of characters in a password.

Note

After you enable password complexity, this command also enables password history if it has not already been enabled (for more information, see the set password history command). If you had not previously enabled password history, the password history number parameter value gets set to 10. If you previously enabled password history with a value of less than 10, the value gets reset to 10 after you execute this command. If you previously enabled password history with a value of 10 or greater, the value remains unchanged after you execute this command.

set password complexity character { disable | enable } num-char

Syntax Description

Parameters	Description
disable	This turns off password complexity for character types.
enable	This turns on password complexity for character types. Note    When you disable password complexity, you also turn off password character difference, password character max-repeat, and password history.
num-char	This specifies the number of characters required from each of the four character sets: lowercase, uppercase, numbers, and special characters. Value range: 0-8 Default value: 1

Command Modes

Administrator (admin:)

Usage Guidelines

When you enable password complexity, you must follow these guidelines when you assign a password:

• It must have at least the current setting, num-chars, of lower-case character.
• It must have at least the current setting, num-chars, of uppercase characters.
• It must have at least the current setting, num-chars, of digit characters.
• It must have at least the current setting, num-chars, of special characters.
• You cannot use adjacent characters on the keyboard; for example, qwerty.
• You cannot reuse any of the previous passwords that match the passwords retained by password history.
• By default, the admin user password can be changed only once in a 24-hour day.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set password complexity character difference

This command specifies the number of characters that the character sequence in a new password must differ from the character sequence in the old password.

set password complexity character difference num-char

Syntax Description

Parameters	Description
num-char	This specifies the number of characters that the character sequence in a new password must differ from the character sequence in the old password. Value range: 0-31

Command Modes

Administrator (admin:)

Usage Guidelines

Enter 0 to indicate no difference.

Note	The maximum password length is 31 characters.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set password complexity character max-repeat

This command specifies the number of times you can consecutively repeat a single character in a new password.

set password complexity character max-repeat max-repeat

Syntax Description

Parameters	Description
max-repeat	This specifies the number of times you can consecutively repeat a single character in a new password. Value range: 0 – 10 Default value: 0

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set password expiry maximum-age

This command enables or disables the password expiry maximum age settings for Cisco Unified Operating System Administrator accounts.

set password expiry maximum-age { enable | disable }

Syntax Description

Parameters	Description
enable	Turns on password expiry maximum age settings for Cisco Unified Operating System administrator accounts. The set password expiry enable command sets the value of maximum password age to 3650 days (10 yrs) for Cisco Unified Operating System Administrator accounts.
disable	Turns off password expiry maximum age settings for Cisco Unified Operating System administrator accounts. The set password expiry disable command results in Cisco Unified Operating System Administrator accounts never expiring.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set password expiry maximum-age disable
Operation Successful.

set password expiry minimum-age

This command enables or disables the password expiry minimum age settings for Cisco Unified Operating System Administrator accounts.

set password expiry minimum-age { enable | disable }

Syntax Description

Parameters	Description
enable	Turns on password expiry minimum age settings for Cisco Unified Operating System administrator accounts. The set password expiry enable command sets the value of minimum password age to one day (24 hrs) for Cisco Unified Operating System Administrator accounts.
disable	Turns off password expiry minimum age settings for Cisco Unified Operating System administrator accounts. This means that passwords for administrator accounts can be changed at any interval.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set password expiry minimum-age disable
Operation Successful.

set password expiry user maximum-age

This command disables the maximum age password expiry for a particular Cisco Unified Operating System Administrator account.

set password expiry user maximum-age { enable | disable } userid

Syntax Description

Parameters	Description
enable	Turns on the maximum age password expiry settings for a particular Cisco Unified Operating System administrator account. The set password expiry user enable command sets the value of maximum password age to 3650 days (10 yrs) for the Cisco Unified Operating System Administrator account.
disable	Turns off the maximum age password expiry settings for a particular Cisco Unified Operating System administrator account. The set password expiry user disable command results in that Cisco Unified Operating System Administrator account never expiring.
userid	Specifies a particular Cisco Unified Operating System Administrator account.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set password expiry user maximum-age enable
Operation Successful.

set password expiry user minimum-age

This command enables or disables the maximum age password expiry for a particular Cisco Unified Operating System Administrator account.

set password expiry user minimum-age { enable | disable } userid

Syntax Description

Parameters	Description
enable	Turns on the minimum age password expiry settings for a particular Cisco Unified Operating System administrator account.
disable	Turns off the minimum age password expiry settings for a particular Cisco Unified Operating System administrator account.
userid	Specifies a particular Cisco Unified Operating System Administrator account.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

admin:set password expiry user minimum-age disable
Operation Successful.

set password history

This command modifies the number of passwords that get maintained in the history for OS admin accounts. New passwords matching remembered passwords get rejected.

set password history number

Syntax Description

Parameters	Description
number	Specifies the mandatory number of passwords to maintain in history.

Command Modes

Administrator (admin:)

Usage Guidelines

• To disable, enter 0.
• Default specifies 10.
• Upper limit specifies 20.

Requirements

Command privilege level: 1

Allowed during upgrade: Yes

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set password inactivity

set password inactivity { enable | disable | period } days

Syntax Description

Parameters	Description
enable	Enable the password inactivity globally and update individual OS users according to the setting.
disable	Disable the password inactivity globally and update individual OS users according to the setting.
period	Configure the password inactivity period globally and update individual OS users according to the setting.
days	Specify the number of days of inactivity after a password has expired before the account gets disabled. Valid range is 1 - 99.

Command Modes

Administrator (admin:)

Usage Guidelines

• To enable password inactivity globally, execute the set password inactivity enable command. This command enables the password inactivity globally and updates individual OS users according to the setting.
• To disable password inactivity globally, execute the set password inactivity disable command. This command disables the password inactivity globally and updates individual OS users according to the setting. A user whose account is disabled must contact the system administrator to use the system again.
• To configure the password inactivity period execute the set password inactivity period days command. This command configures the password inactivity globally and updates individual OS users according to the setting.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set password user admin

This command allows you to change the administrator password.

set password user admin

Command Modes

Administrator (admin:)

Usage Guidelines

The systems prompts you for the old and new passwords.

Note	The password must contain at least six characters, and the system checks it for strength.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set password user security

This command allows you to change the security password.

set password user security

Command Modes

Administrator (admin:)

Usage Guidelines

The systems prompts you for the old and new passwords.

Note	The password must contain at least six characters, and the system checks it for strength.

Servers in a cluster use the security password to authenticate communication between servers. You must reset the cluster after you change the security password.

1. Change the security password on the publisher server (first node) and then reboot the server (node).
2. Change the security password on all the subsequent servers and nodes to the same password that you created on the first node and restart subsequent nodes, including application servers, to propagate the password change.

Note	Cisco recommends that you restart each server after the password is changed on that server.

Note	Failure to reboot the servers (nodes) causes system service problems and problems with the Cisco Unified Communications Manager Administration windows on the subscriber servers.

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set replwatcher monitor

This command enables or disables replication monitoring by the Cisco Replication Watcher service. The Cisco Replication Watcher service blocks other services from starting until database replication is setup and functioning normally.

set replwatcher monitor { enable | disable }

Syntax Description

Parameters	Description
enable	Turns on the replication monitoring service.
disable	Turns off the replication monitoring service.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: IM and Presence service on Unified CM only.

set session maxlimit

This command sets the upper limit for concurrent sessions.

set session maxlimit [value]

Syntax Description

Parameters	Description
maxlimit	This command sets the upper limit for concurrent sessions. Acceptable values are 1 - 100. If no upper limit is entered, the default value of 10 is assigned to sshd_config param.
value	Acceptable values are 1 - 100.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: Yes

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set smtp

This command sets the SMTP server hostname.

set smtp hostname

Syntax Description

Parameters	Description
hostname	Represents the SMTP server name.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 0

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set strace*

set strace enable

This command enables the service trace and sets the trace level.

set strace enable [all] tracevalue servicename

Syntax Description

Parameters	Description
all	Optional parameter to propagate the service trace settings change to all nodes.
tracevalue	Represents allowed trace values. Allowed trace values are [Info|Debug|Warn|Error|Fatal]
servicename	Represents the service for which the trace is enabled.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 0

Allowed during upgrade: No

Applies to: IM and Presence service on Unified CM

set strace disable

This command disables the service trace.

set strace disable [all] servicename

Syntax Description

Parameters	Description
all	Optional parameter to propagate the service trace settings change to all nodes.
servicename	Represents the service for which the trace is enabled.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 0

Allowed during upgrade: No

Applies to: IM and Presence service on Unified CM

set timezone

This command lets you change the system time zone.

set timezone zone

Syntax Description

Parameters	Description
zone	Specifies the new timezone. Enter the appropriate string or zone index id to uniquely identify the timezone. To view a list of valid time zones, use the CLI command: show timezone list.

Command Modes

Administrator (admin:)

Usage Guidelines

Enter characters to uniquely identify the new time zone. Be aware that the timezone name is case-sensitive.

Caution

You must restart the system after you change the timezone.

Requirements

Command privilege level: 0

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example setting time zone to Pacific time

admin:set timezone Pac 

set trace*

set trace disable

This command unsets trace activity for the specified task.

set trace disable tname

Syntax Description

Parameters	Description
disable	Unsets the task trace settings.
tname	Represents the task for which you want to disable traces.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set trace enable

This command sets trace activity for the specified task.

set trace enable { Arbitrary | Detailed | Entry_exit | Error | Significant | Special | State_Transition } tname

Syntax Description

Parameters	Description
Arbitrary	Sets task trace settings to the arbitrary level.
Detailed	Sets task trace settings to the detailed level.
Entry_exit	Sets task trace settings to the entry_exit level.
Error	Sets task trace settings to the error level.
Significant	Sets task trace settings to the significant level.
Special	Sets task trace settings to the special level.
State_transition	Sets task trace settings to the state transition level.
tname	Represents the task for which you want to disable traces.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set web-security

This command sets the web security certificate information for the operating system.

set web-security orgunit orgname locality state [country] [alternatehostname]

Syntax Description

Parameters	Description
orgunit	Represents the organizational unit (OU) name. You can use this command to enter multiple organizational units. To enter more than one organizational unit name, separate the entries with a comma. For entries that already contain a comma, enter a backslash before the comma that is included as part of the entry. To enter multiple values for organizational unit, enclose them in quotation marks, as shown in the example for this command.
orgname	Represents the organizational name.
locality	Represents the organization location.
state	Represents the organization state.
country	(Optional) Represents the organization country.
alternatehostname	(Optional) Specifies an alternate name for the host when you generate a web-server (Tomcat) certificate. When you set an alternate-host-name parameter with the set web-security command, self-signed certificates for tomcat contain the Subject Alternate Name extension with the alternate-host-name specified. CSR for Cisco Unified Communications Manager contains Subject Alternate Name Extension with the alternate host name included in the CSR.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 0

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

Example

This example shows the web-security command with multiple organizational unit names using comma separators. The certificate has three OU fields:

• OU=accounting
• OU=personnel, CA
• OU=personnel, MA

admin:set web-security “accounting,personnel\,CA,personnel\,MA” Cisco Milpitas
CA

set webapp session timeout

This command sets the time, in minutes, that can elapse before a web application, such as Cisco Unified Communications Manager Administration, times out and logs off the user.

For the new webapp session timeout setting to become effective, you must restart the Cisco Tomcat service. Until you restart the Cisco Tomcat service, the show webapp session timeout command reflects the new values, but system continues to use and reflect the old values. This command prompts you to restart the service.

Caution

Restarting the Cisco Tomcat service ends all active sessions and can affect system performance. Cisco recommends that you only execute this command during off-peak traffic hours.

Note	This setting gets preserved through a software upgrade and does not get reset to the default value.

set webapp session timeout minutes

Syntax Description

Parameters	Description
minutes	Specifies the time, in minutes, that can elapse before a web application times out and logs off the user. Value range: 5-99999 minutes Default value: 30 minutes

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 1

Allowed during upgrade: No

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.

set workingdir

This command sets the working directory for active, inactive, and installation logs.

set workingdir { activelog | inactivelog | tftp } directory

Syntax Description

Parameters	Description
activelog	Sets the working directory for active logs. Choose a valid sub-directory of activelog.
inactivelog	Set the working directory for inactive logs. Choose a valid sub-directory of inactivelog.
tftp	Sets the working directory for TFTP files.
directory	Represents the current working directory.

Command Modes

Administrator (admin:)

Requirements

Command privilege level: 0 for logs, 1 for TFTP

Allowed during upgrade: Yes

Applies to: Unified CM, IM and Presence service on Unified CM, and Cisco Unity Connection.