Professional Documents
Culture Documents
System Manager Administering User Profiles
System Manager Administering User Profiles
Course Outline
SMGRs place in the enterprise network
SMGRs permissions model Creating new SMGR administrators
Course Objectives
By the end of this lesson, you should
???
Administration
Configuration Licensing
Control
Unified Communications
multiple services
Application profile
Presence
CM Phone stations
Enterprise Administration
Training lab
Student01
135.122.80.71
135.122.80.55
Student02
135.122.80.72
135.122.80.57
Student03
135.122.80.73
135.122.80.157
Student04
135.122.80.74
135.122.80.177
Login https://ip/SMGR
admin Tr@1ning
13
assigned SMGR IP
Launch browser, login using the URL:
https://serverIP/
Initial password:
admin / Tr@1ning
14
pages
State preserved as
16
Tabbed Navigation
SMGR will automatically create tabs for pages visited
Tabs allow you to quickly navigate back and forth
17
18
Enterprise Administration
19
Enterprise Administration
Administrators can be assigned to groups
20
Roles group together different permissions Permissions provide access to SMGR resources (UI)
Resources allow you to perform tasks!
User
Roles / Permissions
UI Resource
21
SMGR Resources
System Manager is controlled by its web
console
By allocating permissions to admins, they
Resources
22
Roles
different permissions
Provides a convenient way
23
Roles
Role
X
Role
Y
Roles in practice
SMGR home page for
System Administrator
25
Roles in practice
End User
Makes sense?
Good time to create some users
27
28
Login name must be of the form user@domain.com Password for SMGR login
29
Authentication Type
Corporate
(If SMGR has been configured to speak to an LDAP backend)
Active Directory
LDAP
30
SMGR admins do
profiles are service oriented explored in Avaya Aura Session Manager training
Leave as-is
31
32
33
Provide:
Name Password (use P@ssw0rd)
Login details
Assign System Administrator role Test by logging in as your newly created user
34
SMGR Adoption
35
SMGR Adoption
CS 1000
MAS
36
(a communication user)
38
Enterprise Administration
Group A
Group B
39
Groups of Operations
Groups of Users
Groups of Roles
2011. All rights reserved. 40
I dont get automatically assigned the roles that are in the same group as me
other resources does NOT automatically grant permissions to access those resources!
I dont carry permission to access operations just because Im in the same group
2011. All rights reserved. 41
resources a role has control over, you can select a group as a resource
Provides role with permissions over all
I have permission to view / add / delete / edit users, and the resource that I have access to is Team 1
Role X
42
Creating a Group
43
Creating a Group
Navigate to group
management
Enter a name, and
44
Creating a Group
45
Creating a Group
Group membership can be selecting using a query
Users?
Operations?
46
Creating a Group
Build complex queries using multiple conditions
Complex Queries
47
Creating a Group
Group members can be specifically selected
Once the membership type has been committed, it cannot be edited later
48
Creating a group
When selecting resources for a group of type all:
click advanced search, then select the type to see
available resources
49
for logging
Create 2 new users (the logging team) and
Group A
51
resources
Aggregate many permissions under one name
52
Role Assignation
53
SMGR Role
Default roles
55
56
Defining a Role
A role can provide
57
Defining a Role
Once a resource type is chosen, you can
Users
Apply filters for easier searching
Operations
2011. All rights reserved. 58
Defining a Role
E.g., When adding permission to view, edit, or delete users:
The resource type will users
59
the attributes of a user profile that you wish to grant permissions for
60
have attributes
E.g. operations
61
console, it indicates how fine grained the level of access control can be
62
Key types
63
64
users
This admin team will oversee Human Resources
Extension: If you have time, also create a group for the HR team, and assign these newly created users
Group B
65
Deleting Users
Deleting Users required 2 confirmations!
#1
2011. All rights reserved. 66
Deleting Users
Deleting Users required 2 confirmations!
#2
2011. All rights reserved. 67
Enterprise Administration
Susan is getting married, and is changing her job I must update her details and roles
Group A
And Daniel is leaving the company Ill need Group B to delete his profile
68
69
Course Objectives
By the end of this lesson, you should
70
Course Outline
Backing up / restoring from backup
Discovering inventory in the Network Deploying product licenses
73
Course Objectives
Know how to:
Backup SMGR data Use SMGR to discover inventory in the Avaya network
74
Element definitions
Configuration Routing Policies, endpoint profiles
77
78
backup
Only specify the filename, not the path
79
80
81
At midnight
Starting tomorrow Ending after 1 month
82
SSH
83
Take a look!
84
85
operation
It will wipe existing configuration in favor of
86
87
88
Inventory Discovery
The IT network
90
BSM
Discoverable
91
???
92
SNMP
135.64.0.*
2011. All rights reserved. 93
94
SNMP V3
95
96
97
98
Devices discovered
99
10 0
10 2
10 3
License file is bound to specific SMGR Contains reference to MAC (unique ID)
Licenses are not portable!
10 4
Deploying Licenses
10 5
10 6
10 8
Initially provisioning an enterprise Moving lots of information into a new Avaya Aura
installation
Professional Services
10 9
quickly
11 0
11 1
Import Process
SMGR Data
Represented as XML
Read by SMGR and added
to the DB
SMGR doesnt say how you do this only what format the data should be in
11 2
Performance
Initial provisioning of SMGR may involve a large dataset
Bulk Import supports 60 records / minute
11 3
Failed records?
Failed to import
Any records that fail to import should be provided for download by the UI Records can then be modified and re-imported
2011. All rights reserved. 11 4
<xml>
<xml>
Contacts Roles
</xml>
11 5
11 6
???
2011. All rights reserved. 11 7
11 8
11 9
12 0
12 1
Generates XML from simple input file ./genxml.sh [-o <output file>] [<input file>]
<xml> <xml> <data> <data> </data> </data> </xml> </xml> <xml> <xml> <data> <data> </data> </data> </xml> </xml> <xml> <xml> <data> <data> </data> </data> </xml> </xml>
12 2
Generates XML from simple input file ./genxml.sh [-o <output file>] [<input file>]
<xml> <xml> <data> <data> </data> </data> </xml> </xml> <xml> <xml> <data> <data> </data> </data> </xml> </xml> <xml> <xml> <data> <data> </data> </data> </xml> </xml>
12 3
Generates XML from simple input file ./genxml.sh [-o <output file>] [<input file>]
<xml> <xml> <data> <data> </data> </data> </xml> </xml>
???
<xml> <xml> <data> <data> </data> </data> </xml> </xml>
12 4
Existing CM Association (<ext>|<first ext>-<last ext>), <phone pass>, <domain>, <SM name>, [<orig app. seq. name>], [<term app. seq name>], <cm name> LOCATION=<location> New CM Association (<ext>|<first ext>-<last ext>), <phone pass>, <domain>, <SM name>, [<orig app. seq. name>], [<term app. seq name>], <cm name> LOCATION=<location> template=<endpoint template name> No CM Association (<ext>|<first ext>-<last ext>), <phone pass>, <domain>, <SM name>, [<orig app. seq. name>], [<term app. seq name>] LOCATION=<location>
12 5
Existing CM Association 5500-6500, 123456, avaya.com, nearEndSm, origSeq1, termSeq1, mycm.dr.avaya.com LOCATION=Denver New CM Association 5500-6500, 123456, avaya.com, nearEndSm, origSeq1, termSeq1, mycm.dr.avaya.com asm2=secondarySm bsm=branchSm LOCATION=Denver No CM Association 5386000, 123456, avaya.com, nearEndSm, origSeq1, termSeq1 LOCATION=Denver
12 6
Range of endpoints Vs single endpoint Existing CM Association 5500-6500, 123456, avaya.com, nearEndSm, origSeq1, termSeq1, mycm.dr.avaya.com LOCATION=Denver New CM Association 5500-6500, 123456, avaya.com, nearEndSm, origSeq1, termSeq1, mycm.dr.avaya.com asm2=secondarySm bsm=branchSm LOCATION=Denver No CM Association 5386000, 123456, avaya.com, nearEndSm, origSeq1, termSeq1 LOCATION=Denver
12 7
Existing CM Association 5500-6500, 123456, avaya.com, nearEndSm, origSeq1, termSeq1, mycm.dr.avaya.com LOCATION=Denver
SMs, CMs, Locations, Domains & App sequences must have already been administered before attempting to import
12 8
password1 %z[323*&3
Usage:
um_bulkimport-encryptUtil.sh import <xmlfilename> <basenamespaceprefix> <deltanamespaceprefix>
12 9
13 0
Miscellaneous
Login name treated as unique identifier
As such, loginname cannot be updated by bulk import
2. Presence Data
13 1
13 2
13 3
13 4
13 5
bulkexportconfig.properties file
Use this to configure:
Set number of records to be exported
File size Export file destination
13 6
Perform Export
p : Password
f : Export file name prefix r : Records per file
d : Destination Folder
s : Record starting index e : End offset index (number of records)
Optional Parameters
13 7
# unzip <filename.zip>
# cat <filename.xml> Compare to the XML files from the import exercise
Extension:
If you find yourself waiting, experiment with the settings in the
bulkexportconfig.properties file
Try modifying your exported data, and using it to import new users into
SMGR
Remember the login name Field must be unique
<xml>
13 8
Perform Export
You can also schedule an export to be performed
YYYY:MM:DD:HH:MM:SS
E.g:
exportUpmUsers.sh -t 2010:05:01:12:00:00
???
13 9
Perform Export
Zip file is created
14 0
14 1
14 2
<tns:user></tns:user> <tns:users></tns:users>
<tns:userDelta></tns:userDelta> <tns:deltaUserList></tns:deltaUserList>
2011. All rights reserved. 14 3
Demo
Modify Exported Data
Perform Partial Import
14 4
14 5
Entities, Entity Links, Time Ranges, Routing Policies etc. can all be exported
Click the More Actions button to find option
2011. All rights reserved. 14 6
Routing Policies
NB:
Remember that when re-importing something like a routing
policy, it will contain references to SIP entities, domains, dial patterns and so on
These will need to have been re-imported first
2011. All rights reserved. 14 7
High Availability
15 0
When the active node fails, the backup node automatically takes over
2011. All rights reserved. 15 1
SP Utilities
CentOS C-DOM
15 2
Proc
HDD
RAM
NIC
Proc
HDD
RAM
NIC
15 4
15 5
takes to:
1. Detect active node is down
2. Boot the remote node VA (triggered
automatically)
15 6
Proc
HDD
RAM
NIC
Proc
HDD
RAM
NIC
192.168.1.102
SP Utilities CentOS
SP Utilities CentOS
C-DOM
C-DOM
Proc
HDD
RAM
NIC
Proc
HDD
RAM
NIC
???
192.168.1.101
192.168.1.101
SP Utilities CentOS
SP Utilities CentOS
C-DOM
C-DOM
Proc
HDD
RAM
NIC
Proc
HDD
RAM
NIC
15 9
Score = 6.0
down
The surving node becomes active (if it
isnt already)
16 0
3.1
Crossover cable
Enterprise Network
6.0
16 1
Why?
16 2
System Platform Server fitted with (at least) dual port NIC
16 3
16 4
Crossover cable
Enterprise Network
16 5
Crossover cable
Enterprise Network
Crossover cable is preferred, not mandatory
admin admin01
The Toolwire Internet Explorer contains a shortcut to the SP Web Console in Favorites
2011. All rights reserved. 16 7
High Availability
High Availability
Remote node
Test by logging into the SMGR using the IP of the active node Kill the active node VA, then attempt to access the SMGR IP again
17 0
Thank you!