This document provides answers to questions on CEMF miscellaneous topics.
Q. Why am I unable to log in to a CEMF session after I install CEMF 3.0.4 Patch 2? (Products affected : CEMF 3.0.4 Patch 2 onwards )
A. Patch 2 introduces password encryption. Passwords for existing users (created before the patch was installed) are stored in plain-text format and are incompatible with the new encryption functionality.
You can employ either one of these two methods in order to resolve this problem:
The first is a manual process that requires the use of the Access Manager Application. The advantage of this method is that it preserves all existing user-created partitioning objects (Users, User Groups, and Access Specifications). This method is suitable for installations that have a small number of CEMF users (in addition to the Admin user).
The second requires less manual work, but deletes all user-created partitioning objects (Users, User Groups, and Access Specifications).
You must perform Step 1 for both methods. This is the only step that you must perform when an installation has no users other than the default Admin user.
Note: All steps should be run by the UNIX root user in a CEMF shell environment.
Reset Admin user password to default (Admin). This resets the password using an encrypted version. The Admin user can then log in to a CEMF Session (using the default password). Issue this command in order to accomplish this:<CEMFROOT>/bin/partitioningTool -r
Perform one of these procedures:
Method A: This step involves a manual reset of the passwords for all users. All existing partitioning objects will be preserved:
Start a CEMF Session, logging in as the Admin user.
Launch the Access Manager Application.
With Users displayed in the main Access Manager screen, select the first user.
Select the Edit->Change Password menu option.
In the resulting Change User Password dialog, enter a new password for the user (required to enter the password twice for confirmation).
Click Ok in order to close the dialog and commit the password change.
Repeat steps 3 to 6 for each user.
Warning: This method deletes all user-created partitioning objects (Users, User Groups, and Access Specifications). Only the Admin user and system-supplied Access Specifications will remain.
The administrator that performs this operation must be aware of the location of the CEMF databases and whether they are located in a RawFS partition.
Issue this command (non-RawFS) in order to remove the CEMF partitioning database:rm -f<CEMFROOT>/db/partitioning.db
For databases stored in a RawFS partition, issue this command:<OS_ROOTDIR>/bin/osrm<RawFS_Database_Path>/partitioning.db
where <RawFS_Database_Path> is the path of the RawFS directory where the database files are stored.
Issue this command in order to recreate the default partitioning objects (including the Admin user):<CEMFROOT>/bin/partitioningTool -a
Q. On CEMF 2.1.4, what do I need to do in order to move databases from one computer to another? (Products affected : CEMF 2.1.4)
A. You cannot move a 2.1.4 system between machines with the Event Manager installed if you want all information retained. The Event Manager has an IP address stored within the alarm databases that cannot be configured. If the alarm databases are removed, you can perform these steps.
Note: This has not been verified at Cisco and should not be tried at a deployed site.
- On the original system, change the IP address of the management node in mgmtContainment to the IP address of the target machine. This can be done using ObjectConfig.
- Issue the cemf stop command in the original system.
- Perform a backup of the full system.
- Remove these files:
- On the target system, make sure that the same versions of CEMF, Event Manager, and EMs are installed.
- On the target system, CEMF should not be running. Copy the dbs from the original system into the db directory of the target system.
- Start the target system.
- Issue the kill -SIGUSR1 command on mapdaemon process in order to rebuild the status propagation.
- Verify that EM functions, like action launching, are functioning correctly.
The Cisco Support Community is a forum for you to ask and answer questions, share suggestions, and collaborate with your peers.
Refer to Cisco Technical Tips Conventions for information on conventions used in this document.