Tata Teleservices Limited Network Operations

___________________________________________________________________________

Password Management on the OMC-R and the MM

1. Introduction
System administrator is the responsible for the user creation and password
management. The Following documents gives the detailed and step by step procedure
for the changing passwords on the UNO and OMC for different users of the system.

2. Purpose
The purpose of this document is to have clear and detailed information on
password management, thus avoiding any ambiguity.

3. Responsibility
System administrator is solely responsible for this activity.

4. Department bound by this process

a. OMCR

5. Changing Passwords on the MM

 Introduction
This document provides a step-by-step procedure to change any user’s password. The first
user to change will be the root user. This user is also known as the super user. The next user to
change will be the scadm user.

 Change MM root password

It is recommended, though not essential, that this procedure be completed in a maintenance

window.

1. Changing root password on the MM

2. Procedure :

1 Log in as root on the MM.

2 To change the root password, enter passwd root on the command line as follows:

root # passwd root
UX passwd: INFO: Changing password for root
New password:
Re­enter new password:

3 Are you also changing scadm password on the MM?

– If YES, go to Table 2.
– If NO, continue to step 4.

4 NOTE : These commands will push the password to the Service Processors on the MM and
should be entered during the MAINT window.

1
 Tata Teleservices Limited Network Operations
___________________________________________________________________________
Numbers (i.e., 1.3.313) in the following commands represent slot locations of the Service
processor. These locations are the same on all Puma MMs.

Enter the following commands:

# /usr/mds/sp/bin/spcfg –p 1.3.313
# /usr/mds/sp/bin/spcfg –p 1.3.319

5 Exit from root by entering:

exit

 Change MM scadm password

 Introduction
This procedure will need to be completed for each MM that has a new scadm password.
It is recommended, though not essential, that this procedure be completed in a Maintenance
window.

 Changing scadm password on the MM

 Procedure

1 Log in as scadm on the MM.

2 To change the scadm password, enter passwd scadm on the command line as follows:

mm1b{scadm}$ passwd scadm
UX:passwd: INFO: Changing password for scadm
Old password:
New password:
Re–enter new password:
mm1b{scadm}$
3 Repeat step 2 for the standby node.
4 Log in as root on the MM.
5 NOTE : These commands will push the password to the Service Processors on the MM and
should be entered during the MAINT window.
Numbers (i.e., 1.3.313) in the following commands represent slot locations of the Service
processor. These locations are the same on all Puma MMs.

Enter the following commands :

# /usr/mds/sp/bin/spcfg –p 1.3.313
# /usr/mds/sp/bin/spcfg –p 1.3.319
6 Exit from root by entering:
exit
7 Log in as scadm on the OMC-R.
8 * IMPORTANT: There are multiple (~5) entries for each MM in the .netrc file on the
OMC-R; each line of the file for the associated MM must be updated with the new scadm
password.

For example, here is a sample of .netrc entries for a freshly installed system, OMC-R3, MM1:

2
 Tata Teleservices Limited Network Operations
___________________________________________________________________________
machine mm1 login scadm password scadm
machine OMC3–MM1–PSU login scadm password scadm
machine OMC3–MMI–PSU–BAK login scadm password scadm
machine OMC3–MMI–DNP–NODEA login scadm password scadm
machine OMC3–MMI–DNP–NODEB login scadm password scadm

The above entries exist (by default, from a fresh OMCR install) for MM numbers 1–8.
Enter new scadm password into the .netrc file as follows:

8a Enter the following commands:

OMC{SCADM}$ cp .netrc .netrc.old
OMC{SCADM}$ vi .netrc

8b Using the w key, move your cursor to the first letter of scadm’s old password on the
Correct MM number.
8c When the cursor is resting on the first letter of scadm’s old password and on the desired
MM number, use the cw keys to change the old password. A $ will appear at the end of the
old scadm password.
8d Enter the new scadm password, and depress the Esc key.

9 Step 8 must be completed for each MM that has a new scadm password.
Have all MMs With a new scadm password been entered into the .netrc file?
If YES, continue to the next step.
If NO, repeat Step 8 until all MMs with a new scadm password have been entered
into the .netrc file. Then, continue to the next step.

10 Once all MMs with a new scadm password been entered into the .netrc file, write the
.netrc file, and end the vi session by entering:

<shift> zz

6. Changing Passwords on the OMC Devices

 Introduction
This document provides a step-by-step procedure to change any user’s password. The first
user to change will be the root user. This user is also known as the super user. The next user to
change will be the scadm user.

If the commands as outlined in this document are not entered as shown, root can bring
down a system.

 Change OMC root password

It is recommended, though not essential, that this procedure be completed in a Maintenance

window.

*
 Changing root password on the OMC device

3
 Tata Teleservices Limited Network Operations
___________________________________________________________________________
 Procedure
1 Log in as root on the OMC.
2 To change the root password, enter passwd root on the command line as follows:
# passwd root
New password:
Re–enter new password:
passwd (SYSTEM): passwd successfully changed
for root
3 Exit from root by entering:
exit

 Changing scadm password on the OMC

 Procedure
1 Log in as scadm on the OMC.
2 To change the scadm password, enter passwd scadm on the command line as
follows:
omcr {scadm}$ passwd scadm
passwd: Changing password for scadm
Enter login password
New password:
Re–enter new password:
Passwd (SYSTEM): passwd successfully changed for scadm
omcr {scadm} $
3 Log in as scadm on the MM.
rlogin mmX (Where _ = the number of the MM)
4 * IMPORTANT : This step must be completed for all nodes (active and standby) of
the MMs associated with the OMC-R that had the scadm password change.

Enter new scadm password into the .netrc file as follows:

4a Enter the following commands:
cp .netrc .netrc.old
vi .netrc

4b * IMPORTANT: All lines for the OMC having the scadm password in the MM’s
.netrc file must also be changed to the new password.
Using the w key, move your cursor to the first letter of scadm’s old password on the
OMC.

4c When the cursor is resting on the first letter of scadm’s old password and on the
OMC, use the cw keys to change the old password. A $ will appear at the end of the
old scadm password.

4d Enter the new scadm password, and depress the Esc key.

5 Step 4 must be completed for each OMC and OMCx–PSU entry that has a new scadm
password.
Have all OMC entries had the scadm password updated in the .netrc file?
– If YES, continue to next step.

4
 Tata Teleservices Limited Network Operations
___________________________________________________________________________
– If NO, repeat Step 4 until all OMC entries in the .netrc file have been updated with the
new scadm password. Then, continue to the next step.

6 Once all OMC entries in the .netrc file have been updated with the new scadm
password, write the .netrc file, and end the vi session by entering:

<shift> zz

7 Log in to the standby node as scadm: rlogin other

Repeat steps 4 through 6 for the standby node and for each MM associated with the
OMC-R that had a scadm password change.

8 If on Release 16.0 or above, the ANMed.conf file must be edited to allow the OMC-R
to receive AN/Agnode alarms.
Are you currently running Release 16.0 or above?
– If YES, continue to next step.
– If NO, procedure is complete.
–
9 Enter the following commands:

cd /screl/active/data/agent/mediation
vi ANMed.conf

9a NOTE:The informix.password field in the ANMed.conf file also contains

the scadm password.
Using the w key, move your cursor to the first letter of informix.password’s old
password.
9b When the cursor is resting on the first letter of informix.password’s old password,
use the cw keys to change the old password. A $ will appear at the end of the old
informix.password.
9c Enter the new scadm password, and depress the Esc key.
9d Once the informix.password has been entered into the ANMed.conf file, write the
ANMed.conf, and end the vi session by

<shift> zz

9e * IMPORTANT :
It is highly recommended that this step be completed in a Maintenance window.

Once you have edited the file, log in as root on the OMC. Kill the SNMP Mediation
process:

kill ‘ps –e | grep SNMPMedi | awk ’{print $1}’‘

The SNMPMediation process will take a few minutes to recover.

9f Verify that the SNMPMediation process has restarted by entering:

ps –e | grep SNMPMedi
If the process has restarted, the system will respond with output similar to the
following:
3195 ? 3:25 SNMPMedi

5
 Tata Teleservices Limited Network Operations
___________________________________________________________________________
If the process has not restarted, there may be a problem; contact CNRC for
assistance.

 Change OMC scusers password

It is recommended, though not essential, that this procedure be completed in a Maintenance
window.

 Procedure
1 Log in as scadm on the OMC-R.
2 To change the scusers password, enter passwd <user name> on the command line as
follows:
omcr {user name} $ passwd <user name>
passwd: Changing password for {user name}
Enter login password
New password:
Re–enter new password:
Passwd (SYSTEM): passwd successfully changed for {user name}
$

7. Records

S.N Record Record Title Maintained by Retention Period

No.

1. SYSO1 Daily Sys admin log book Sys 6 Months

administrator

8. Process Measures

S.N. Parameter Unit of Frequency Compiled By Review by

Measure
1 Not applicable

9. Revision History

Revision No. Effective Date Brief description of Change

00 11/10/2004 Initial Document

6
 Tata Teleservices Limited Network Operations
___________________________________________________________________________

Appendix Information
Purpose of .netrc
The PM data is transferred from the MM to the OMC via ftp by scadm. In order for this to work,
there must be a .netrc file in scadm’s (OMC) home directory. This /home/scadm/.netrc file contains
information used by the automatic login feature of the ftp commands.

File permissions
The .netrc file is a hidden file in a user’s home directory and must be owned either by the user
executing the command or by the root user. If the .netrc file contains a login password, the file’s
permissions must be set to 600 (read and write by owner only).
The .netrc file MUST have the following permissions:
$ ls –l .netrc
–rw––––––– 1 scadm scadm 81 Apr 6
18:13 .netrc
If permissions are not set as above, you will need to change them, as shown below, so that security is
not breeched on the OMC or on the MM. Also, if permissions are not set as above, the automatic
login feature will actually fail (i.e., no pm data transfer).

chmod 600 /home/scadm/.netrc

Description
The .netrc can contain the following entries (separated by spaces, tabs, or new lines):

machine HostName The HostName variable is the name of a remote host. This entry begins the
definition of the automatic login process for the specified host. All following entries up to the
next machine entry or the end of the file applies to that host.

login UserName The UserName variable is the full domain user name for use at the remote host. If
thisentry is found, the automatic login process initiates a login, using the specified name. If this entry
is missing, the automatic login process is unsuccessful.

password Password The Password variable is the login password to be used. The automatic login
process supplies this password to the remote server. A login password must be established at the
remote host, and that password must be entered in the .netrc file. Otherwise, the automatic login
process is unsuccessful, and the user is prompted for the login password.

account Password The Password variable is the account password to be used. If this entry is found
and an account password is required at the remote host, the automatic login process supplies the
password to the remote server. If the remote host requires an account password but this entry is
missing, the automatic login process prompts for the account password.

macdef MacroName The MacroName variable is the name of an ftp subcommand macro. The macro
is defined to contain all of the following ftp subcommands up to the next blank line or the end of the
file. If the macro is named init, the ftp command executes the macro upon successful completion of
the automatic login process. The rexec command does not recognize a macdef entry.

7
 Tata Teleservices Limited Network Operations
___________________________________________________________________________

Examples
The following is an example of an entry in a .netrc file:
machine mm1 login scadm password bluebonnet
^^^
| | |_____: valid login password for mm
| |_________________: valid login for mm
|___________________________: valid machine name for mm
If the .netrc file is set up correctly, you should be able to execute as scadm an ftp command from the
OMC to the MM without the need to enter the login (scadm) and password. The program
/screl/active/bin/pm_rqst executes the script /screl/active/bin/pm_vdt_by_ftp. It is this script that
performs the ftp transfer of PM data from the MM to the OMC. The syntax of this command is:

/screl/active/bin/pm_vdt_by_ftp MMHOST SOURCEPATH TARGETPATH

Where:
MMHOST is the hostname of the MM.
SOURCEPATH is the directory path on the MM where the PM data will be found, normally
/sc/spool/PmTrans.
TARGETPATH is the directory on the OMC where the PM data will be placed, normally
/sc/spool/PmTrans.

AN Mediation
The SNMPMediation process (also known as AN Mediation) is used for handling traps from AN
devices such as MLS, RPM, MGX, and OMCIP. It also translates traps into SuperCell alarms (GER)
and forwards them to UNO. PingPoller is one of the processes started by SNMPMediation which
pings all above-mentioned AN devices every 5 minutes. If device is not pingable, it will raise an
alarm. Below is an example of how large the /sc/processes/ANMed.PingPoller.err can get:

omc:/sc/processes > # ls –l ANMed.PingPoller.err
–rw–rw–rw– 1 root root 699838205 Jan 30 12:45 ANMed.PingPoller.err
omc:/sc/processes > #
PingPoller application generates ERRORs, which get logged in ANMed.PingPoller.err file.
(/sc/processes/ANMed.PingPoller.err)
Normally, ERROR means something unexpected. Some are critical errors, which need to be
investigated, and others are logged just for debugging purposes.

The following error and fix apply only to Software Release 16.0.

NOTE
Shown here is an error that refers to the ANMed.conf file:
ERROR: date: Tue May 28 06:54:49 HST 2002
file: PingPoller.java
func: main()
Exception occured is java.lang.NullPointerException This is possibly
a DB connect error –– check DB config.
The database configuration that is mentioned in the error can be found in
/screl/active/data/agent/mediation directory. You will need to edit the informix.password to reflect the
password for scadm in the file ANMed.conf. Once you have edited the file, you will need to kill the
SNMPMediation process as root. The SNMPMediation process will take a few minutes to recover.

8
 Tata Teleservices Limited Network Operations
___________________________________________________________________________

Shown below is an example of what part of the file would look like after the editing of the
informix.password line:
#ANMed Properties
#Thu Mar 07 16:06:12 HST 2002
informix.server=localhost
informix.dbname=SNMP_DB
ANMed.RTM_debug_filename=/sc/processes/ANMed.RTM.out
informix.port=1526
ANMed.LWRTR_IF_poller_interval=120000
ANMed.PingPoller_debug_level=0
ANMed.SNMPPoller_debug_filename=/sc/processes/ANMed.SNMPPoller.out
ANMed.MLS_CHASSIS_poller_interval=120000
ANMed.TrapReceiver_debug_filename=/sc/processes/ANMed.TrapReceiver.o
ut
ANMed.RTM_debug_level=0
ANMed.EDGERTR_IF_poller_interval=120000
ANMed.PingPoller_debug_filename=/sc/processes/ANMed.PingPoller.out
ANMed.RTMcommUnity=public
ANMed.MLS_MODULE_poller_interval=120000
ANMed.RTM_error_filename=/sc/processes/ANMed.RTM.err
ANMed.LWRTR_CHASSIS_poller_interval=120000
informix.password=poi4y0u <edited to reflect the current scadm 
passwd>
ANMed.SNMPPoller_error_filename=/sc/processes/ANMed.SNMPPoller.err
ANMed.PING_Interval=300000
.
.
output delete