Cisco CISCOWORKS COMMON SERVICES 3.0 User Manual

User Guide for CiscoWorks
Common Services 3.0

CiscoWorks

Corporate Headquarters

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000

800 553-NETS (6387)

Fax: 408 526-4100

Customer Order Number: DOC-7816571
Text Part Number: 78-16571-01

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT
NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT
ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR
THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION
PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO
LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as
part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE
PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED
OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL
DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR
INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.

CCSP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live,
Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE,
CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco
Systems logo, Cisco Unity, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare,
GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys,
MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet , PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX,
ScriptShare, SlideCast, SMARTnet, StrataView Plus, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO
are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a
partnership relationship between Cisco and any other company. (0411R)

User Guide for CiscoWorks Common Services

Copyright © 1998-2005 Cisco Systems, Inc. All rights reserved.

Preface xiii

Audience xiii
Conventions xiii
Product Documentation xiv
Related Documentation xvi
Additional Information Online xvi
Obtaining Documentation xvi

Cisco.com xvii
Ordering Documentation xvii

CONTENTS

CHAPTER

Documentation Feedback xviii
Obtaining Technical Assistance xviii

Cisco Technical Support Website xviii
Submitting a Service Request xix
Definitions of Service Request Severity xx

Obtaining Additional Publications and Information xx

1 Overview 1-1

New Features 1-2
Understanding Time Zone Settings 1-3
Learning More About the Common Services 1-3

78-16571-01

User Guide for CiscoWorks Common Services

iii

Contents

CHAPTER

2 Interacting With CiscoWorks Homepage 2-1

Invoking CiscoWorks Homepage 2-2

Invoking CWHP in Normal Mode (HTTP) 2-2

Invoking CWHP in SSL Enabled Mode (HTTPS) 2-3
Logging Into CiscoWorks 2-4
Using CWHP 2-5

Common Services Panel 2-5

Application Panels 2-6

Supporting Applications on Another Server 2-6

Supporting Traditional Applications With New Navigation 2-7
Device Troubleshooting Panel 2-7
Resources Panel 2-7
CiscoWorks Product Updates Panel 2-7
Tool Bar Items 2-8

Configuring CWHP 2-8

CHAPTER

Registering Applications With CWHP 2-8

Registering a New Application 2-9

Importing from other servers 2-10

Unregistering an Application 2-11
Registering Links With CWHP 2-11

Unregistering a Link 2-12
Setting Up CiscoWorks Homepage 2-12

Using Online Help 2-13
Changing Web Server Port Numbers 2-14

3 Configuring the Server 3-1

Setting up Security 3-1
Managing Security in Single Server Mode 3-1

User Guide for CiscoWorks Common Services

iv

78-16571-01

Setting up Browser-Server Security 3-2

Enabling Browser-Server Security From the CiscoWorks Server 3-2
Enabling Browser-Server Security From the Command Line Interface

(CLI)

3-4

About User Accounts 3-4
Understanding Security Levels 3-5
Setting up Local Users 3-6

Modifying Your Profile 3-6
Adding a User 3-7
Editing User Profiles 3-8
Deleting a User 3-8

Creating Self Signed Certificate 3-9

Contents

Managing Security in Multi-Server Mode 3-10
Setting up Peer Server Account 3-11
Setting up System Identity Account 3-13
Setting up Peer Server Certificate 3-14

Deleting Peer Certificates 3-15

Enabling Single Sign-On 3-15
Navigating Through the SSO Domain 3-16

Registering Server Links 3-17
Launching a new Browser Instance 3-17

Changing the Single Sign-On Mode 3-18
Setting up the AAA Mode 3-20
About Common Services Authentication 3-21
Cisco Secure ACS Support for Common Services Client Applications 3-22
Setting the Login Module to Non-ACS 3-24

Changing Login Module to CiscoWorks Local 3-25
Changing Login Module to IBM SecureWay Directory 3-25
Changing Login Module to KerberosLogin 3-27

78-16571-01

User Guide for CiscoWorks Common Services

v

Contents

Changing Login Module to Local Unix System 3-28
Changing Login Module to Local NT System 3-29
Changing Login Module to MS Active Directory 3-29
Changing Login Module to Netscape Directory 3-30
Changing Login Module to Radius 3-32
Changing Login Module to TACACS+ 3-33
Understanding Fallback Options for Non-ACS mode 3-35

Setting the Login Module to ACS 3-35

Assigning Privileges in ACS 3-38
Creating and Modifying Roles in ACS 3-39

Resetting Login Module 3-42
Understanding Fallback Options for ACS Mode 3-43

Managing Cisco.com Connection 3-44

Setting up Cisco.com User Account 3-44
Setting Up the Proxy Server 3-44

Generating Reports 3-45

Log File Status Report 3-45
Permissions Report 3-46
Users Logged In Report 3-47
Process Status Report 3-48
Viewing Audit Log Report 3-49

Administering Common Services 3-51
Using Daemon Manager 3-52

Restarting Daemon Manager on Solaris 3-52
Restarting Daemon Manager on Windows 3-53

Managing Processes 3-53

Viewing Process Details 3-54
Starting a Process 3-54
Stopping a Process 3-55

User Guide for CiscoWorks Common Services

vi

78-16571-01

Backing Up Data 3-55

Backing up Using CLI 3-57
Data Backed up During CS 3.0 Backup 3-57

Restoring Data 3-58

Restoring Data on UNIX 3-59
Restoring Data on Windows 3-60
Data Restored from Common Services 3.0 Backup Archive 3-61
Data Restored from Common Services 2.2 Backup Archive 3-62
Data Restored from CD One 5th Edition Backup Archive 3-62

Effects of Backup-Restore on DCR 3-63

Master -Slave Configuration Prerequisites and Restore Operations 3-66

Effects of Backup-Restore on Groups 3-67

Contents

Licensing CiscoWorks Applications 3-68

Obtaining a License for CiscoWorks Applications 3-68
Licensing the Application 3-69
Viewing License Information 3-70
Updating Licenses 3-70

Collecting Server Information 3-71
Collecting Self Test Information 3-72
Messaging Online Users 3-72
Managing Jobs 3-73
Managing Resources 3-76
Maintaining Log Files 3-78

Maintaining Log Files on UNIX 3-78
Maintaining Log Files on Windows 3-80
Using Logrot 3-81
Configuring Logrot 3-81
Running Logrot 3-82

Modifying System Preferences 3-83

78-16571-01

User Guide for CiscoWorks Common Services

vii

Contents

CHAPTER

4 Managing Device and Credentials 4-1

DCR Architecture 4-5

Master DCR 4-6
Slave DCR 4-6
Standalone DCR 4-6

Using the Device and Credential Admin 4-7
Managing Devices 4-7

Adding Devices 4-8

Standard Type 4-9

Auto Update Type 4-10

Cluster Managed Type 4-11
Deleting Devices 4-12
Editing Device Credentials 4-13
Importing Devices and Credentials 4-14

Import Using DCA Interface 4-15
Exporting Devices and Credentials 4-18

Export Using DCA Interface 4-19
Excluding Devices 4-21

A Sample CSV Exclude File 4-21
Viewing Devices List 4-22

Generating Reports in DCA 4-23
Managing Auto Update Servers 4-24

Adding Auto Update Server 4-24
Editing Auto Update Server 4-25
Deleting Auto Update Server 4-25

User Guide for CiscoWorks Common Services

viii

78-16571-01

Administering Device and Credential Repository 4-26

Changing DCR Mode 4-26
Master-Slave Configuration Prerequisites 4-27

Changing the Mode to Standalone 4-27

Changing the Mode to Master 4-28

Changing the Mode to Slave 4-28
Adding User-defined Fields 4-29
Renaming User-defined Fields 4-30
Deleting User-defined Fields 4-31

Sample CSV File 4-31

A Sample CSV 2.0 File 4-31

A Sample CSV 3.0 File 4-32

Sample CSV 3.0 File for Auto Update Server Managed Devices 4-33

Contents

Sample CSV 3.0 File for Cluster Managed Devices 4-34
Mapping CSV 2.0 to CSV 3.0 Fields 4-35

Sample XML File 4-36

Sample XML File (Standard) 4-36

Sample XML File for Auto Update Server Managed Devices 4-37

Sample XML File for Cluster Managed Devices 4-38

Using DCR Features Through CLI 4-39

Adding Devices Using dcrcli 4-39
Deleting Devices Using dcrcli 4-39
Editing Devices Using dcrcli 4-40
Listing the Attributes 4-40
Viewing the Current DCR Mode Using dcrcli 4-41
Viewing Device Details 4-41
Changing DCR Mode Using dcrcli 4-42
Import Using CLI 4-43
Export Using CLI 4-44

78-16571-01

User Guide for CiscoWorks Common Services

ix

Contents

Implications of ACS Login Module on DCR 4-45

Custom Roles and DCR 4-45

CHAPTER

5 Administering Groups 5-1

Group Concept 5-2

Group Hierarchy 5-2
Dynamic Group 5-3
Static Group 5-3
Container Groups 5-3
System-defined and User-defined Groups 5-3
Common Groups and Shared Groups 5-4

Secure Views 5-6
Groups in a Single-Server Setup 5-7
Groups in Multi-Server Setup 5-7
DCR Mode Changes and Group behavior 5-10
Unregistering a Slave 5-13
Group Administration 5-14

Creating Groups 5-14

Specifying Group Properties 5-15

Defining Group Rules 5-17

Assigning Group Membership 5-18

Removing Devices 5-19
Viewing Group Details 5-19
Modifying Group Details 5-20
Refreshing Groups 5-22
Deleting Groups 5-22

System Defined and User Defined Attributes 5-23

User Guide for CiscoWorks Common Services

x

78-16571-01

Contents

CHAPTER

6 Using Device Center 6-1

Launching Device Center 6-2
Invoking Device Center 6-3
Using Device Center Functions 6-3

Device Selector 6-4
Device Summary 6-4
Management Functions 6-5

Enabling Debugging Tools 6-5

Checking Device Connectivity 6-6
Using Ping 6-8
Using Traceroute 6-9
Using SNMP Walk 6-9
Using SNMP Set 6-11
Using Packet Capture 6-12

Creating a New Packet Capture File 6-13

CHAPTER

Editing Device Credentials 6-15

Displaying Reports 6-15
Performing Management Tasks 6-15

7 Working With Software Center 7-1

Performing Software Updates 7-2
Performing Device Update 7-4

Deleting Packages 7-6

Scheduling Device Package Downloads 7-7
Viewing Activity Logs 7-9

78-16571-01

User Guide for CiscoWorks Common Services

xi

Contents

CHAPTER

APPENDIX

8 Diagnosing Problems With CiscoWorks Server 8-1

Verifying Server Status 8-1
Testing Device Connectivity 8-4
Troubleshooting the CiscoWorks Server 8-6
Frequently Asked Questions 8-6
Troubleshooting Suggestions 8-33

A Understanding CiscoWorks Security A-1

General Security A-2
Server Security A-2

Server–Imposed Security A-2

Files, File Ownership, and Permissions A-3

Runtime A-4

Remote Connectivity A-5

Access to Systems Other Than the CiscoWorks Server A-6

I

NDEX

Access Control A-6
System Administrator-Imposed Security A-7
Connection Security A-7

Security Certificates A-7

Terms and Definitions A-8

User Guide for CiscoWorks Common Services

xii

78-16571-01

Preface

This document describes CiscoWorks Common Services 3.0 and gives an
overview of the features and functions provided by CiscoWorks Common
Services.

Audience

This manual is for network administrators who need to configure and maintain
CiscoWorks Common Services. Most of the tools and applications described are
available only to systems administrators.

Conventions

This document uses the following conventions:

Item Convention

Commands and keywords boldface font
Variables for which you supply values italic font
Displayed session and system information
Information you enter
Variables you enter

screen font

boldface screen font

italic screen font

Menu items and button names boldface font

78-16571-01

User Guide for CiscoWorks Common Services

xiii

Product Documentation

Note Means reader take note. Notes contain helpful suggestions or references to

Caution Means reader be careful. In this situation, you might do something that could

Preface

Item Convention

Selecting a menu item in paragraphs Option > Network Preferences
Selecting a menu item in tables Option > Network Preferences

material not covered in the publication.

result in equipment damage or loss of data.

Product Documentation

Note We sometimes update the printed and electronic documentation after original

publication. Therefore, you should also review the documentation on Cisco.com
for any updates.

Table 1 describes the product documentation that is available.

User Guide for CiscoWorks Common Services

xiv

78-16571-01

Preface

Table 1 Product Documentation

Document Title Available Formats

Product Documentation

Release Notes for CiscoWorks
Common Services 3.0

Installation Guide for CiscoWorks
Common Services 3.0 on Windows

Installation Guide for CiscoWorks
Common Services 3.0 on Solaris

User Guide for CiscoWorks
Common Services 3.0 (this
document)

• Printed document that was included with the product.

• On Cisco.com at:

http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/c
w2000/cw2000_d/comser30/relnotes/index.htm

• PDF on the product CD-ROM.

• On Cisco.com at:

http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/
cw2000/cw2000_d/comser30/ig_win/index.htm

• Printed document available by order (part number

DOC-7816497=).

• PDF on the product CD-ROM.

• On Cisco.com at:

1

http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/
cw2000/cw2000_d/comser30/ig_sol/index.htm

• Printed document available by order (part number

DOC-7815885=).

• PDF on the product CD-ROM.

• On Cisco.com at:

1

http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/
cw2000/cw2000_d/comser30/usrguide/index.htm

Context-sensitive online help • Select an option from the navigation tree, then click Help.

1. See the “Obtaining Documentation” section on page xvi

78-16571-01

• Printed document available by order (part number

DOC-7816571=).

• Click the Help button in the dialog box

1

User Guide for CiscoWorks Common Services

xv

Related Documentation

Related Documentation

Note We sometimes update the printed and electronic documentation after original

publication. Therefore, you should also review the documentation on Cisco.com
for any updates.

Table 2 describes the additional documentation that is available.

Table 2 Related Documentation

Document Title Available Formats

Preface

Quick Start Guide for LAN
Management Solution 3.0

• Printed document that was included with the product.

• PDF on the product CD-ROM.

• On Cisco.com at:

Additional Information Online

To determine which packages are installed on your CiscoWorks Server, select
Common Services > Software Center > Applications and Versions.

You can also obtain any published patches from the download site.

Obtaining Documentation

Cisco documentation and additional literature are available on Cisco.com. Cisco
also provides several ways to obtain technical assistance and other technical
resources. These sections explain how to obtain technical information from Cisco
Systems.

User Guide for CiscoWorks Common Services

xvi

78-16571-01

Preface

Cisco.com

You can access the most current Cisco documentation at this URL:

http://www.cisco.com/univercd/home/home.htm

You can access the Cisco website at this URL:

http://www.cisco.com

You can access international Cisco websites at this URL:

http://www.cisco.com/public/countries_languages.shtml

Ordering Documentation

You can find instructions for ordering documentation at this URL:

Obtaining Documentation

http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm

You can order Cisco documentation in these ways:

• Registered Cisco.com users (Cisco direct customers) can order Cisco product

documentation from the Ordering tool:

http://www.cisco.com/en/US/partner/ordering/index.shtml

• Nonregistered Cisco.com users can order documentation through a local

account representative by calling Cisco Systems Corporate Headquarters
(California, USA) at 408 526-7208 or, elsewhere in North America, by
calling 1 800 553-NETS (6387).

78-16571-01

User Guide for CiscoWorks Common Services

xvii

Documentation Feedback

Documentation Feedback

You can send comments about technical documentation to bug-doc@cisco.com.
You can submit comments by using the response card (if present) behind the front

cover of your document or by writing to the following address:
Cisco Systems

Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

Preface

For all customers, partners, resellers, and distributors who hold valid Cisco
service contracts, Cisco Technical Support provides 24-hour-a-day,
award-winning technical assistance. The Cisco Technical Support Website on
Cisco.com features extensive online support resources. In addition, Cisco
Technical Assistance Center (TAC) engineers provide telephone support. If you
do not hold a valid Cisco service contract, contact your reseller.

Cisco Technical Support Website

The Cisco Technical Support Website provides online documents and tools for
troubleshooting and resolving technical issues with Cisco products and
technologies. The website is available 24 hours a day, 365 days a year, at this
URL:

http://www.cisco.com/techsupport

Access to all tools on the Cisco Technical Support Website requires a Cisco.com
user ID and password. If you have a valid service contract but do not have a user
ID or password, you can register at this URL:

http://tools.cisco.com/RPF/register/register.do

User Guide for CiscoWorks Common Services

xviii

78-16571-01

Preface

Note Use the Cisco Product Identification (CPI) tool to locate your product serial

number before submitting a web or phone request for service. You can access the
CPI tool from the Cisco Technical Support Website by clicking the Tools &

Resources link under Documentation & Tools. Choose Cisco Product
Identification Tool from the Alphabetical Index drop-down list, or click the
Cisco Product Identification Tool link under Alerts & RMAs. The CPI tool

offers three search options: by product ID or model name; by tree view; or for
certain products, by copying and pasting show command output. Search results
show an illustration of your product with the serial number label location
highlighted. Locate the serial number label on your product and record the
information before placing a service call.

Submitting a Service Request

Obtaining Technical Assistance

Using the online TAC Service Request Tool is the fastest way to open S3 and S4
service requests. (S3 and S4 service requests are those in which your network is
minimally impaired or for which you require product information.) After you
describe your situation, the TAC Service Request Tool provides recommended
solutions. If your issue is not resolved using the recommended resources, your
service request is assigned to a Cisco TAC engineer. The TAC Service Request
Tool is located at this URL:

http://www.cisco.com/techsupport/servicerequest

For S1 or S2 service requests or if you do not have Internet access, contact the
Cisco TAC by telephone. (S1 or S2 service requests are those in which your
production network is down or severely degraded.) Cisco TAC engineers are
assigned immediately to S1 and S2 service requests to help keep your business
operations running smoothly.

To open a service request by telephone, use one of the following numbers:
Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227)

EMEA: +32 2 704 55 55
USA: 1 800 553-2447

For a complete list of Cisco TAC contacts, go to this URL:

http://www.cisco.com/techsupport/contacts

78-16571-01

User Guide for CiscoWorks Common Services

xix

Obtaining Additional Publications and Information

Definitions of Service Request Severity

To ensure that all service requests are reported in a standard format, Cisco has
established severity definitions.

Severity 1 (S1)—Your network is “down,” or there is a critical impact to your
business operations. You and Cisco will commit all necessary resources around
the clock to resolve the situation.

Severity 2 (S2)—Operation of an existing network is severely degraded, or
significant aspects of your business operation are negatively affected by
inadequate performance of Cisco products. You and Cisco will commit full-time
resources during normal business hours to resolve the situation.

Severity 3 (S3)—Operational performance of your network is impaired, but most
business operations remain functional. You and Cisco will commit resources
during normal business hours to restore service to satisfactory levels.

Preface

Severity 4 (S4)—You require information or assistance with Cisco product
capabilities, installation, or configuration. There is little or no effect on your
business operations.

Obtaining Additional Publications and Information

Information about Cisco products, technologies, and network solutions is
available from various online and printed sources.

• Cisco Marketplace provides a variety of Cisco books, reference guides, and

logo merchandise. Visit Cisco Marketplace, the company store, at this URL:

http://www.cisco.com/go/marketplace/

• The Cisco Product Catalog describes the networking products offered by

Cisco Systems, as well as ordering and customer support services. Access the
Cisco Product Catalog at this URL:

http://cisco.com/univercd/cc/td/doc/pcat/

• Cisco Press publishes a wide range of general networking, training and

certification titles. Both new and experienced users will benefit from these
publications. For current Cisco Press titles and other information, go to Cisco
Press at this URL:

http://www.ciscopress.com

User Guide for CiscoWorks Common Services

xx

78-16571-01

Preface

Obtaining Additional Publications and Information

• Packet magazine is the Cisco Systems technical user magazine for

maximizing Internet and networking investments. Each quarter, Packet
delivers coverage of the latest industry trends, technology breakthroughs, and
Cisco products and solutions, as well as network deployment and
troubleshooting tips, configuration examples, customer case studies,
certification and training information, and links to scores of in-depth online
resources. You can access Packet magazine at this URL:

http://www.cisco.com/packet

• iQ Magazine is the quarterly publication from Cisco Systems designed to

help growing companies learn how they can use technology to increase
revenue, streamline their business, and expand services. The publication
identifies the challenges facing these companies and the technologies to help
solve them, using real-world case studies and business strategies to help
readers make sound technology investment decisions. You can access iQ
Magazine at this URL:

http://www.cisco.com/go/iqmagazine

• Internet Protocol Journal is a quarterly journal published by Cisco Systems

for engineering professionals involved in designing, developing, and
operating public and private internets and intranets. You can access the
Internet Protocol Journal at this URL:

http://www.cisco.com/ipj

• World-class networking training is available from Cisco. You can view

current offerings at this URL:

http://www.cisco.com/en/US/learning/index.html

78-16571-01

User Guide for CiscoWorks Common Services

xxi

Obtaining Additional Publications and Information

Preface

User Guide for CiscoWorks Common Services

xxii

78-16571-01

CHAPTER

1

Overview

CiscoWorks Common Services (Common Services) represents a common set of
management services that are shared by CiscoWorks applications. CiscoWorks is
a family of products based on Internet standards for managing networks and
devices. All CiscoWorks products use and depend on Common Services.

Common Services provides a foundation for CiscoWorks applications to share a
common model for data storage, login, user role definitions, access privileges,
security protocols, as well as navigation.

It creates a standard user experience for all management functions. It also
provides the common framework for all basic system level operations such as
installation, data management including backup-restore and import-export, event
and message handling, and job and process management.

78-16571-01

Common Services 3.0 provides a set of new features required to drive the
CiscoWorks applications towards a common look and feel. The new CiscoWorks
Homepage replaces the existing desktop.

Common Services 3.0 enables sharing of critical information among the various
products, and provides a new framework for delivering timely support of new
devices. In addition, it supports new platforms, and provides enhanced security
mechanisms.

User Guide for CiscoWorks Common Services

1-1

New Features

New Features

The major new features in this release:

• CiscoWorks Homepage

• Device and Credential Repository (DCR)

• Device Center

Chapter 1 Overview

Provides launch points for CiscoWorks family of products and other
resources. The HTML based CiscoWorks Homepage replaces the Java applet
based Desktop.

Provides a central place for management of devices and their credentials that
the different applications managing those devices can use. Sharing of devices
and credentials help in common administration.

Provides a one-stop place where you can see a summary for a device, and
launch troubleshooting tools, management tasks, and reports for the selected
device.

• Groups

Provides a mechanism for applications to create shared device groups.
Provides grouping facility based on various attributes in Device and
Credential Repository (DCR).

• Software Center

Allows you to download and deploy device packages and software patches.

• Enhanced security to support SNMPv3 authNoPriv

Provides packet level security, integrity protection, and replay protection.
However, it does not encrypt the packets.

• Enhanced restore framework.

Enables Common Services and its applications to restore the data backed up
from an earlier version.

• Security mechanisms for managing security in Single-Server and

Multi-Server scenarios. Granular role based access.

• New utilities for diagnosing problems with CiscoWorks Server, and

managing log files.

• New licensing framework.

User Guide for CiscoWorks Common Services

1-2

78-16571-01

Chapter 1 Overview

• Support for IPv6.

• HTML based Online help.

Understanding Time Zone Settings

Common Services and associated CiscoWorks application suites support many
time zones. However, applications that have scheduling and reporting functions,
and applications that produce or use time stamps vary based on:

• Server and client—Time stamps can differ between server and client if they

are located in different time zones.

• Platforms—Windows and UNIX servers support different time zones and are

not synchronized.

For detailed information, see the Release Notes included with your CiscoWorks
applications.

Understanding Time Zone Settings

Learning More About the Common Services

You can find detailed information on the features and functions of CiscoWorks
Common Services in the following sections:

• Interacting With CiscoWorks Homepage

• Setting up Security

• Generating Reports

• Administering Common Services

• Managing Device and Credentials

• Administering Groups

• Using Device Center

• Working With Software Center

In addition, the Online help included with Common Services provides
explanations and procedures for the related tasks.

You can launch the Online help from the CiscoWorks Homepage by clicking the
Help button on top of the right hand side of the CiscoWorks Homepage.

78-16571-01

User Guide for CiscoWorks Common Services

1-3

Learning More About the Common Services

For tips about accessing Online help, see Using Online Help.
You can check the version details and licensing information about Common

Services by clicking the About button on top of the right hand side of the
CiscoWorks Homepage.

Chapter 1 Overview

User Guide for CiscoWorks Common Services

1-4

78-16571-01

CHAPTER

2

Interacting With CiscoWorks
Homepage

CiscoWorks Homepage (CWHP) provides launch points for all Common Services
features. It also provides launch points for applications installed on the same
server or a remote server, and their major functions.

CWHP also provides launch points for other web-based products
(Non-CiscoWorks products and third party/home-grown tools) residing on the
same or a different server.

After you install the applications, you can see the application panels on CWHP.

78-16571-01

CWHP supports application oriented and device oriented navigation paradigms.
When you select any of the application functions on CWHP, it launches the
application homepage, and the selected function is launched in application
homepage content area.

CWHP is completely based on HTML, and provides intuitive navigation for you
to move back-and-forth between CiscoWorks Homepage, and all other application
homepages.

CWHP has the look and feel of a portal. By default, CWHP provides launch
points for:

• Server

• HomePage

• Device and Credentials

• Groups

User Guide for CiscoWorks Common Services

2-1

Chapter 2 Interacting With CiscoWorks Homepage

Invoking CiscoWorks Homepage

• Software Center

• Device Center

The following sections explain the CWHP features, in detail:

• Invoking CiscoWorks Homepage

• Logging Into CiscoWorks

• Using CWHP

• Configuring CWHP

• Using Online Help

• Changing Web Server Port Numbers

Invoking CiscoWorks Homepage

You may invoke CWHP in the normal mode (HTTP), or secure mode (HTTPS).

Invoking CWHP in Normal Mode (HTTP)

To invoke CWHP in the normal mode (HTTP), enter the URL for your
CiscoWorks Server in your web browser:

http://server_name:port_number

where server name is the name of the CiscoWorks Server and port number is the
TCP port used by the CiscoWorks Server, in the normal mode.

If you enter,
CiscoWorks Server will not launch. Also, do not bookmark the URL with the
login.html.

In normal mode (HTTP), the default TCP port for CiscoWorks Server is 1741.

• On Windows, the CiscoWorks Server always uses the default port numbers in

secure and normal modes.

• On Solaris, if the default TCP ports (1741 and 443) are used by other

applications, you can select different ports for secure and normal modes
during CiscoWorks Server installation.

http://server_name:port_number/login.html in your browser, the

User Guide for CiscoWorks Common Services

2-2

78-16571-01

Chapter 2 Interacting With CiscoWorks Homepage

Invoking CiscoWorks Homepage

For more information, see the “Logging Into CiscoWorks” section on page 2-4.
See also, Installation and Setup Guide for CiscoWorks Common Services on
Solaris.

Invoking CWHP in SSL Enabled Mode (HTTPS)

To invoke CWHP in the SSL enabled mode (HTTPS):

Step 1 Enter the URL for your CiscoWorks Server in your browser.

http://server_name:port_number

where server name is the name of the CiscoWorks Server and port number is the
TCP port used by the CiscoWorks Server, when SSL is enabled (secure mode).

If you enter,

http://server_name:port_number/login.html in your web

browser, the CiscoWorks Server will not launch. Also, do not bookmark the URL
with the login.html.

When SSL is enabled (HTTPS), the default TCP port for CiscoWorks Server is

443.

• On Windows, CiscoWorks Server always uses the default port numbers in

secure and normal modes.

• On Solaris, if the default TCP ports (1741 and 443) are used by other

applications, you can select different ports for secure and normal modes
during CiscoWorks Server installation. For more information, see Installation
and Setup Guide for CiscoWorks Common Services on Solaris.

If you use Microsoft Internet Explorer to invoke CWHP, the browser displays a
Security Alert window, indicating that you are about to view web pages over a
secure connection.

a. Click OK in the Security Alert window.

The Security Alert window displays the security certificate alert.

b. Click Yes in the Security Alert window.

If you use Netscape Navigator to invoke CWHP, the browser displays the New
Site Certificate wizard.

78-16571-01

User Guide for CiscoWorks Common Services

2-3

Logging Into CiscoWorks

In the New Site Certificate wizard you can accept the certificate for the current
session or accept it till the certificate expires. To avoid going through the New Site
Certificate wizard every time you invoke CWHP, you may accept the certificate
till it expires.

If Common Services is running in a Plug-in environment, it displays Plug-in alert
dialogs. (For example, Server Certificate details, Hostname Mismatch details).

Step 2 Click Yes in the Plug-in alert dialogs to get to the Login panel.

If the server is in SSL mode and if you invoke Common Services as

http://server_name:1741, you will be redirected to https://server_name:443

Logging Into CiscoWorks

Chapter 2 Interacting With CiscoWorks Homepage

If you have installed CiscoWorks Server and logging in for the first time, use the
reserved admin user name and password.

To log in:

Step 1 Enter admin in the User ID field, and the password for admin in the Password

field of the Login Page.
The CiscoWorks Server administrator can set the passwords to admin and guest

users during installation. Contact the CiscoWorks Server administrator if you do
not know the password.

Step 2 Click Login or press Enter.

You are now logged into CiscoWorks Server.

Step 3 You can change the admin password at Common Services > Server >

Security > User Management

For more information, see Online Help.

Login sessions time out after two hours of inactivity. If the session is not used for
two hours, you will be prompted to login again.

Session timeout is not automatic. If you try to do any task after timeout, a message
appears informing you that your session has timed out.

User Guide for CiscoWorks Common Services

2-4

78-16571-01