Tripp Lite 0 Idades Manual
Have a look at the manual Tripp Lite 0 Idades Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 7 Tripp Lite manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
191 Chapter 14: Command Line Configuration The following command will synchronize the live system with the new confi\ guration: # config -r serialconfig Note: Supported serial port baud-rates are ‘50’, ‘75’, ‘\ 110’, ‘134’, ‘150’, ‘200’, ‘300’, ‘600’\ , ‘1200’, ‘1800’, ‘2400’, ‘4800’, ‘9600’, '1\ 9200', '38400', '57600', '115200', and '230400'. Supported parity values are 'None', 'Odd', 'Even', 'Mark' and 'Space'. Supported data-bits values are '8', '7', '6' and '5'. Supported stop-bits values are '1', '1.5' and '2'. Supported flow-control values are 'Hardware', 'Software' and 'None'. Additionally, before any port can function properly, the mode of the port needs to be set. Any port can be set to run in on\ e of the five possible modes (refer Chapter 4 for details): [Console S\ erver mode | Device mode | SDT mode | Terminal server mode | Serial bridge mode]. All these modes are mutually exclusive. Console Server mode The command to set the port in portmanager mode: # config -s config.ports.port5.mode=portmanager To set the following optional config elements for this mode: Data accumulation period 100 ms Escape character % (default is ~) log level 2 (default is 0) Shell power command menu Enabled RFC2217 access Enabled Limit pot to 1 connection Enabled SSH access Enabled TCP access Enabled telnet access Disabled Unauthorized telnet access Disabled # config -s config.ports.port5.delay=100 # config -s config.ports.port5.escapechar=% # config -s config.ports.port5.loglevel=2 # config -s config.ports.port5.powermenu=on # config -s config.ports.port5.rfc2217=on # config -s config.ports.port5.singleconn=on # config -s config.ports.port5.ssh=on # config -s config.ports.port5.tcp=on # config -d config.ports.port5.telnet # config -d config.ports.port5.unauthtel Device Mode For a device mode port, set the port type to either ups, rpc, or enviro: # config -s config.ports.port5.device.type=[ups | rpc | enviro] For port 5 as a UPS port: # config -s config.ports.port5.mode=reserved For port 5 as an RPC port: # config -s config.ports.port5.mode=powerman For port 5 as an Environmental port: # config -s config.ports.port5.mode=reserved
192 Chapter 14: Command Line Configuration SDT mode To enable access over SSH to a host connected to serial port 5: # config -s config.ports.port5.mode=sdt # config -s config.ports.port5.sdt.ssh=on To configure a username and password when accessing this port with User\ name = user1 and Password = secret: # config -s config.ports.port#.sdt.username=user1 # config -s config.ports.port#.sdt.password=secret Terminal server mode Enable a TTY login for a local terminal attached to serial port 5: # config -s config.ports.port5.mode=terminal # config -s config.ports.port5.terminal=[vt220 | vt102 | vt100 | lin\ ux | ansi] The default terminal is vt220 Serial bridge mode Create a network connection to a remote serial port via RFC-2217 on port 5: # config -s config.ports.port5.mode=bridge Optional configurations for the network address of RFC-2217 server of 192.168.3.3 and TCP port used by the RFC-2217 service = 2500: # config -s config.ports.port5.bridge.address=192.168.3.3 # config -s config.ports.port5.bridge.port=2500 To enable RFC-2217 access: # config -s config.ports.port5.bridge.rfc2217=on To redirect the serial bridge over an SSH tunnel to the server: # config -s config.ports.port5.bridge.ssh.e\ nabled=on Syslog settings Additionally, the global system log settings can be set for any specific port, in \ any mode: # config -s config.ports.port#.syslog.facility='facility' 'facility' can be: Default local 0-7 auth authpriv cron daemon ftp kern lpr mail news user uucp # config -s config.ports.port#.syslog.priority='priority' 'priority' can be: Default warning notice Info error emergency debug critical alert
193 Chapter 14: Command Line Configuration 14.1.2 Adding and removing Users Firstly, determine the total number of existing Users (if you have no existing\ Users you can assume this is 0): # config -g config.users.total This command should display config.users.total 1. Note that if you see config.users.total this means you have 0 Users configured. Your new User will be the existing total plus 1. So if the previous comma\ nd gave you 0 then you start with user number 1, if you already have 1 user your new user will be number 2 etc. To add a user (with Username=John, Password=secret and Description =mySecondUser) issue the commands: # config -s config.users.total=2 (assuming we already have 1 user c\ onfigured) # config -s config.users.user2.username=John # config -s config.users.user2.description=mySecondUser # config -P config.users.user2.password NOTE: The -P parameter will prompt the user for a password, and encrypt \ it. In fact, the value of any config element can be encrypted using the -P parameter, but only encrypted user passwords and system passwords are supported. \ If any other element value were to be encrypted, the value will become inaccessible a\ nd will have to be re-set. To add this user to specific groups (admin/users): # config -s config.users.user2.groups.group1='groupname' # config -s config.users.user2.groups.group2='groupname2' etc... To give this user access to a specific port: # config -s config.users.user2.port1=on # config -s config.users.user2.port2=on # config -s config.users.user2.port5=on etc... To remove port access: # config -s config.users.user2.port1='' (the value is left blank) or simply: # config -d config.users.user2.port1 The port number can be anything from 1 to 48, depending on the available\ ports on the specific Console Server. For example assume we have an RPC device connected to port 1 on the Conso\ le Server and the RPC is configured. To give this user access to RPC outlet number 3 on the RPC device, run the 2 commands\ below: # config -s config.ports.port1.power.outlet3.users.user2=John # config -s config.ports.port1.power.outlet3.users.total=2 (total number of users that have access to this \ outlet) If more users are given access to this power outlet, then increment the \ 'config.ports.port1.power.outlet3.users.total' element accordingly. To give this user access to network host 5 (assuming the host is confi\ gured): # config -s config.sdt.hosts.host5.users.user1=John # config -s config.sdt.hosts.host5.users.total=1 (total number of u\ sers having access to host) To give another user called 'Peter' access to the same host: # config -s config.sdt.hosts.host5.users.user2=Peter # config -s config.sdt.hosts.host5.users.total=2 (total number of u\ sers having access to host) To edit any of the user element values, use the same approach as when add\ ing user elements i.e. use the '-s' parameter. If any of the config elements do not exist, they will automatically be cr\ eated. To delete the user called John, use the delete-node script: # ./delete-node config.users.user2 The following command will synchronize the live system with the new confi\ guration: # config -r users
194 Chapter 14: Command Line Configuration 14.1.3 Adding and removing User Groups The Console Server is configured with a few default user groups (even\ though only two of these groups are visible in the Management Console GUI). To find out how many groups are already present: # config -g config.groups.total Assume this value is six. Make sure to number any new groups you create \ from seven onwards. To add a custom group to the configuration with Group name=Group7, Grou\ p description=MyGroup and Port access= 1,5 you’d issue the commands: # config -s config.groups.group7.name=Group7 # config -s config.groups.group7.description=MyGroup # config -s config.groups.total=7 # config -s config.groups.group7.port1=on # config -s config.groups.group7.port5=on Assume we have an RPC device connected to port 1 on the console manager, and the RPC is configured. To give this group access to RPC outlet number 3 on the RPC device, run the two commands be\ low: # config -s config.ports.port1.power.outlet3.groups.group1=Group7 # config -s config.ports.port1.power.outlet3.groups.total=1 (total number of groups that have access to thi\ s outlet) If more groups are given access to this power outlet, then increment the\ 'config.ports.port1.power.outlet3.groups.total' element accordingly. To give this group access to network host 5: # config -s config.sdt.hosts.host5.groups.group1=Group7 # config -s config.sdt.hosts.host5.groups.total=1 (total number of \ groups having access to host) To give another group called 'Group8' access to the same host: # config -s config.sdt.hosts.host5.groups.group2=Group8 # config -s config.sdt.hosts.host5.groups.total=2 (total number of \ users having access to host) To delete the group called Group7, use the following command: # rmuser Group7 Attention: The rmuser script is a generic script to remove any config element from config\ .xml correctly. However, any dependencies or references to this group will not be affected. Only the \ group details are deleted. The administrator is responsible for going through config.xml and removing group dependencies and references manually, specifically if the group had access to a host or RPC device. The following command will synchronize the live system with the new confi\ guration: # config -a
195 Chapter 14: Command Line Configuration 14.1.4 Authentication To change the type of authentication for the Console Server: # config -s config.auth.type='authtype' 'authtype' can be: Local LocalTACACS TACACS TACACSLocal TACACSDownLocal LocalRADIUS RADIUS RADIUSLocal RADIUSDownLocal LocalLDAP LDAP LDAPLocal LDAPDownLocal To configure TACACS authentication: # config -s config.auth.tacacs.auth_server='comma separated list' (\ list of remote authentiction and authorization servers.) # config -s config.auth.tacacs.acct_server='comma separated list' \ (list of remote accounting servers. If unset, Authentication and Authorization Server Address will be used.) # config -s config.auth.tacacs.password='password' To configure RADIUS authentication: # config -s config.auth.radius.auth_server='comma separated list' (\ list of remote authentiction and authorization servers.) # config -s config.auth.radius.acct_server='comma separated list' \ (list of remote accounting servers. If unset, Authentication and Authorization Server Address will be used.) # config -s config.auth.radius.password='password' To configure LDAP authentication: # config -s config.auth.ldap.server='comma separated list' (list o\ f remote servers.) # config -s config.auth.ldap.basedn='name' (The distinguished nam\ e of the search base. For example: dc=my- company,dc=com) # config -s config.auth.ldap.binddn='name' (The distinguished nam\ e to bind to the server with. The default is to bind anonymously.) # config -s config.auth.radius.password='password' The following command will synchronize the live system with the new confi\ guration: # config -r auth
196 Chapter 14: Command Line Configuration 14.1.5 Network Hosts To determine the total number of currently configured hosts: # config -g config.sdt.hosts.total Assume this value is equal to 3. If you add another host, make sure to i\ ncrement the total number of hosts from 3 to 4: # config -s config.sdt.hosts.total=4 If the output is config.sdt.hosts.total then assume 0 hosts are configured. Add power device host To add a UPS/RPC network host with the following details: IP address/ DNS name 192.168.2.5 Host name remoteUPS Description UPSroom3 Type UPS Allowed services ssh port 22 and https port 443 Log level for services 0 Issue the commands below: # config -s config.sdt.hosts.host4.address=192.168.2.5 # config -s config.sdt.hosts.host4.name=remoteUPS # config -s config.sdt.hosts.host4.description=UPSroom3 # config -s config.sdt.hosts.host4.device.type=ups # config -s config.sdt.hosts.host4.tcpports.tcpport1=22 # config -s config.sdt.hosts.host4.tcpports.tcpport1.loglevel=0 # config -s config.sdt.hosts.host4.udpports.udpport2=443 # config -s config.sdt.hosts.host4.udpports.udpport2.loglevel=0 The loglevel can have a value of 0 or 1. The default services that should be configured are: 22/tcp (ssh), 23/tcp (telnet), 80/tcp (http), 443/tcp (https), 1\ 494/tcp (ica), 3389/tcp (rdp), 5900/tcp (vnc) Add other network host To add any other type of network host with the following details: IP address/ DNS name 192.168.3.10 Host name OfficePC Description MyPC Allowed sevices ssh port 22,https port 443 log level for services 1 Issue the commands below. If the Host is not a PDU or UPS power device or a server with IPMI pow\ er control then leave the device type blank: # config -s config.sdt.hosts.host4.address=192.168.3.10 # config -s config.sdt.hosts.host4.description=MyPC # config -s config.sdt.hosts.host4.name=OfficePC # config -s config.sdt.hosts.host4.device.type='' (leave this valu\ e blank) # config -s config.sdt.hosts.host4.tcpports.tcpport1=22 # config -s config.sdt.hosts.host4.tcpports.tcpport1.loglevel=1 # config -s config.sdt.hosts.host4.udpports.tcppport2=443 # config -s config.sdt.hosts.host4.udpports.tcpport2.loglevel=1 If you want to add the new host as a managed device, make sure to use th\ e current total number of managed devices + 1, for the new device number. To get the current number of managed devices: # config -g config.devices.total
197 Chapter 14: Command Line Configuration Assuming we already have one managed device, our new device will be devi\ ce 2. Issue the following commands: # config -s config. devices.device2.connections.connection1.name=192\ .168.3.10 # config -s config. devices.device2.connections.connection1.type=Hos\ t # config -s config. devices.device2.name=OfficePC # config -s config. devices.device2.description=MyPC # config -s config.devices.total=2 The following command will synchronize the live system with the new confi\ guration: # config -hosts 14.1.6 Trusted Networks You can further restrict remote access to serial ports based on the sourc\ e IP address. To configure this via the command line you need to do the following: Determine the total number of existing trusted network rules (if you ha\ ve no existing rules) you can assume this is 0 # config -g config.portaccess.total This command should display config.portaccess.total 1 Note that if you see config.portaccess.total this means you have 0 rules configured. Your new rule will be the existing total plus 1. So if the previous comma\ nd gave you 0 then you start with rule number 1. If you already have 1 rule your new rule will be number 2 etc. If you want to restrict access to serial port 5 to computers from a sing\ le class C network (192.168.5.0 say) you need to issue the following commands (assuming you have a previous rule in place). Add a trusted network: # config -s config.portaccess.rule2.address=192.168.5.0 # config -s "config.portaccess.rule2.description=foo bar" # config -s config.portaccess.rule2.netmask=255.255.255.0 # config -s config.portaccess.rule2.port5=on # config -s config.portaccess.total=2 The following command will synchronize the live system with the new confi\ guration: # config -r serialconfig 14.1.7 Cascaded Ports To add a new slave device with the following settings: IP address/DNS name 192.168.0.153 Description CM in office 42 Label BL6-5 Number of ports 16 The following commands must be issued: # config -s config.cascade.slaves.slave1.address=192.168.0.153 # config -s "config.cascade.slaves.slave1.description=CM in office\ 42" # config -s config.cascade.slaves.slave1.label=BL6-5 # config -s config.cascade.slaves.slave1.ports=16 The total number of slaves must also be incremented. If this is the fi\ rst slave being added, type: # config -s config.cascade.slaves.total=1 Increment this value when adding more slaves. NOTE: If a slave is added using the CLI, then the master SSH public key will need to be manually copied to every slave device before cascaded ports will work (refer Chapter 4) The following command will synchronize the live system with the new confi\ guration: # config -r cascade
198 Chapter 14: Command Line Configuration 14.1.8 UPS Connections Managed UPS Systems Before adding a managed UPS, make sure that at least 1 port has been con\ figured to run in 'device mode', and that the device is set to 'ups'. To add a managed UPS with the following values: Connected via Port 1 UPS name My UPS Description UPS in room 5 Username to connect to UPS User2 Password to connect to UPS secret shutdown order 2 (0 shuts down first) Driver genericups Driver option - option option Driver option - argument argument Logging Enabled Log interval 2 minutes Run script when power is critical Enabled # config -s config.ups.monitors.monitor1.port=/dev/port01 If the port number is higher than 9, eg port 13, enter: # config -s config.ups.monitors.monitor1.port=/dev/port13 # config -s "config.ups.monitors.monitor1.name=My UPS" # config -s "config.ups.monitors.monitor1.description=UPS in room 5"\ # config -s config.ups.monitors.monitor1.username=User2 # config -s config.ups.monitors.monitor1.password=secret # config -s config.ups.monitors.monitor1.sdorder=2 # config -s config.ups.monitors.monitor1.driver=genericups # config -s config.ups.monitors.monitor1.options.option1.opt=option # config -s config.ups.monitors.monitor1.options.option1.arg=argumen\ t # config -s config.ups.monitors.monitor1.options.total=1 # config -s config.ups.monitors.monitor1.log.enabled=on # config -s config.ups.monitors.monitor1.log.interval=2 # config -s config.ups.monitors.monitor1.script.enabled=on Make sure to increment the total monitors: # config -s config.ups.monitors.total=1 The 5 commands below will add the UPS to 'Managed devices. Assuming ther\ e are already 2 managed devices configured: # config -s "config.devices.device3.connections.connection1.name=My \ UPS" # config -s "config.devices.device3.connections.connection1.type=UPS\ Unit" # config -s "config.devices.device3.name=My UPS" # config -s "config.devices.device3.description=UPS in toom 5" # config -s config.devices.total=3 To delete this managed UPS: # config -d config.ups.monitors.monitor1 Decrement monitors.total when deleting a managed UPS
199 Chapter 14: Command Line Configuration Remote UPSes To add a remote UPS with the following details (assuming this is our fi\ rst remote UPS): UPS name oldUPS Description UPS in room 2 Address 192.168.50.50 Log status Disabled Log rate 240 seconds Run shutdown script Enabled # config -s config.ups.remotes.remote1.name=oldUPS # config -s "config.ups.remotes.remote1.description=UPS in room 2" # config -s config.ups.remotes.remote1.address=192.168.50.50 # config -d config.ups.remotes.remote1.log.enabled # config -s config.ups.remotes.remote1.log.interval=240 # config -s config.ups.remotes.remote1.script.enabled=on # config -s config.ups.remotes.total=1 The following command will synchronize the live system with the new confi\ guration: # config -a 14.1.9 RPC Connections You can add an RPC connection from the command line but it is not recomme\ nded that you do so because of dependency issues. However FYI before adding an RPC the Management Console GUI code makes s\ ure that at least 1 port has been configured to run in 'device mode', and that the device is set to 'rpc'. To add an RPC with the following values: RPC type APC 7900 Connected via Port 2 UPS name MyRPC Description RPC in room 5 Login name for device rpclogin Login password for device secret SNMP community v1 or v2c Logging Enabled Log interval 600 second Number of power outlets 4 (depends on the type/model of the RPC) # config -s config.ports.port2.power.type=APC 7900 # config -s config.ports.port2.power.name=MyRPC # config -s "config.ports.port2.power.description=RPC in room 5" # config -s config.ports.port2.power.username=rpclogin # config -s config.ports.port2.power.password=secret # config -s config.ports.port2.power.snmp.community=v1 # config -s config.ports.port2.power.log.enabled=on # config -s config.ports.port2.power.log.interval=600 # config -s config.ports.port2.power.outlets=4 The following five commands are used by the Management Console to add \ the RPC to 'Managed Devices': # config -s config.devices.device3.connections.connection1.name=myRP\ C # config -s "config.devices.device3.connections.connection1.type=RPC\ Unit" # config -s config.devices.device3.name=myRPC # config -s "config.devices.device3.description=RPC in room 5" # config -s config.devices.total=3 The following command will synchronize the live system with the new confi\ guration: # config -a
200 Chapter 14: Command Line Configuration 14.1.10 Environmental To configure an environmental monitor with the following details: Monitor name Envi4 Monitor Description Monitor in room 5 Temperature offset 2 Humidity offset 5 Enable alarm 1 ? yes Alarm 1 label door alarm Enable alarm 2 ? yes Alarm 2 label window alarm Logging enabled ? yes Log interval 120 seconds # config -s config.ports.port3.enviro.name=Envi4 # config -s "config.ports.port3.enviro.description=Monitor in room 5\ " # config -s config.ports.port3.enviro.offsets.temp=2 # config -s config.ports.port3.enviro.offsets.humid=5 # config -s config.ports.port3.enviro.alarms.alarm1.alarmstate=on # config -s config.ports.port3.enviro.alarms.alarm1.label=door alarm\ # config -s config.ports.port3.enviro.alarms.alarm2.alarmstate=on # config -s config.ports.port3.enviro.alarms.alarm2.label=window ala\ rm # config -s config.ports.port3.enviro.alarms.total=2 # config -s config.ports.port3.enviro.log.enabled=on # config -s config.ports.port3.enviro.log.interval=120 It is important to assign alarms.total=2 even if they are off. The following 5 commands will add the environmental monitor to 'Managed \ devices': To get the total number of managed devices: # config -g config.devices.total Make sure to use the total + 1 for the new device below: # config -s config. devices.device5.connections.connection1.name=Env\ i4 # config -s "config. devices.device5.connections.connection1.type=EM\ D Unit" # config -s config. devices.device5.name=Envi4 # config -s "config. devices.device5.description=Monitor in room 5" # config -s config.devices.total=5 The following command will synchronize the live system with the new confi\ guration: # config -a 14.1.11 Managed Devices To add a managed device: (also see UPS, RPC connections and Environmenta\ l) # config -s "config.devices.device8.name=my device" # config -s "config.devices.device8.description=The eighth device" # config -s "config.devices.device8.connections.connection1.name=my \ device" # config -s config.devices.device8.connections.connection1.type=[ser\ ial | Host | UPS | RPC] # config -s config.devices.total=8 (decrement this value wh\ en deleting a managed device) To delete the above managed device: # config -d config.devices.device8 The following command will synchronize the live system with the new confi\ guration: # config -a