Network Configuration Manager provides an alternative interface (to the user interface), allowing you to complete the following tasks, via the Command Line:  

  • Importing Credentials
  • Importing Users
  • Importing Groups
  • Importing Sites
  • Exporting Credentials
  • Decrypting Credential Logs
  • Setting the number of Devices
  • Auto Discovery
  • Importing Devices

The Command Line Interface allows you to use command line operations to import and export credentials, and to decrypt Credential Logs generated by password roll outs. It also allows you to import devices and Auto Discover devices.

Important Variables Information!

To begin using the Bulk commands, and to set the $VOYENCE_HOME variable, you must first enter the following command:

. /etc/voyence.conf

After you have entered the above command, you can then use the $VOYENCE_HOME variable.

Security Permissions

Ensure you have the following permissions to successfully complete any Command Line Interface tasks.

  • To work with Global credentials , you must have System Administrator security access.

  • Systems Administration functions: are intended for access by any user that has been given VoyencControl system administrator, network administrator, or user administrator privileges. The system administrator can create or delete networks, manage device servers and devices, create and edit system users, and create authorization policies between users, groups, and networks. System Administrators can see and alter information about any network in the VoyencControl application.  

  • To work with Network credentials , you must have System Administrator, Network Administrator, and View Device Passwords on Devices security access.

Network Administration functions: are limited to those networks to which you are assigned, or that you create. Network Administrators cannot see or manage any networks that they do not have specific permissions to access; manage users, groups, and network authorizations; or edit system global information.

Important Syntax Information - for Global Credentials

You must include the syntax global: in each credential name.

For example, if you have 2 global credentials, you must use the global: for each c_name. Such as, global: c_credentialname1, global: c_credentialname2.

Available Commands

The following is a listing of the available Command Line Interface commands. If you need to review this list from the actual command line, enter help, then press Enter,and the list displays showing the syntax needed for each of the commands.  

importCredentials [snmpv3] <scope> <credFile> <update>

exportCredentials [snmpv3] <scope>  

seedAD <network name> <device server name> <Discovery type> hostfile <credentials>  

importDevices <network name> <device server name> devicesCSVFile <updateFlag>  

decryptCredentials <credentialsRollOutLogFileName> <outputFileName>

importUsers inputfile

importGroups inputfile

importSites <network name> inputfile

quit  

help <cmd name>

Creating Command Files

To work with these commands, you must first ensure that specific files needed to process these commands have been created. For example, to successfully complete Importing Credentials , you must have the <credFile> file created to enter the credFile name within the syntax of the command.

Creating a credFile

The following is an example of credFile content used to import credentials using the importCredentials command.

#CREDENTIAL_NAME,CREDENTIAL_TYPE,COMMUNITY_STRING:RO,COMMUNITY_STRING:RW,ACCOUNT:USERNAME,ACCOUNT:PASSWORD,ACCOUNT:EXTERNAL

AUTHENTICATION,ACCOUNT:PRIVILEGE_CREDENTIAL,PRIVILEGE:PASSWORD,UNIQUE,LENGTH,SECURE(PrivPassOnly)

Credfiles Rules

Following is a sample of the information from the various columns (shown in the csv file), that must be provided, based on the credential type. Column 1 (Credential Name), and Column 2 (Credential Type) are mandatory

Credential Type

 Mandatory Column Names

Privilege

  • PRIVILEGE:PASSWORD

  • UNIQUE

  • SECURE(PrivPassOnly)

Account

  • ACCOUNT:USERNAME

  • ACCOUNT:PASSWORD

  • ACCOUNT:EXTERNAL AUTHENTICATION

  • ACCOUNT:PRIVILEGE_CREDENTIAL

If there is an Associated Privilege Credential, add the following:

  • PRIVILEGE:PASSWORD

  • UNIQUE

SNMP v1/v2c

  • COMMUNITY_STRING:RO

  • COMMUNITY_STRING:RW

  • UNIQUE

SNMP v3

  • SNMPV3:UserName

  • SNMPV3:Security Level                1 -> NoAuthNoPriv 2-> AuthNoPriv 3 -> AuthPriv

  • SNMPV3:Authentication Protocol    1 -> NONE   2-> MD5        3 - SHA

  • SNMPV3:Privacy Protocol              none = 1, des = 2, idea = 9, aes128 = 19, aes192 = 20, aes256 = 21

  • SNMPV3:Authentication Password  Only needed for AuthNoPriv and AuthPriv security levels

  • SNMPV3:Privacy Password            Only needed for AuthPriv  security level

These parameters are not mandatory

  • SNMPV3:Context Name                         

  • SNMPV3:Engine Id

  • SNMPV3:Group

  • SNMPV3:View                                   

  • SNMPV3:ViewAccess  1 -> Read Access  2 – Write Access

  • SNMPV3:IncMibs        -  Separate the individual mibs using "*"

  • SNMPV3:ExcMibs       -  Separate the individual mibs using "*"

Following is an example:

#CREDENTIAL_NAME,SNMPV3:UserName,SNMPV3:SecLevel,SNMPV3:AuthProt,SNMPV3:PrivProt,

SNMPV3:AuthPasswd,SNMPV3:PrivPasswd,SNMPV3:CtxName,SNMPV3:EngineId,SNMPV3:Group,

SNMPV3:View,SNMPV3:ViewAccess,SNMPV3:IncMibs,SNMPV3:ExcMibs,UNIQUE, LENGTH

cnv3-1,test123username,3,2,2,test123,test123,test123Ctx,test123EngineId,test123Group,test123,2,

intenet*mib2,internet, N,

Note: Length is the length of the unique credential that is generated by the application.

Creating a hostfile

You must also ensure the <hostfile> file is created to complete both the Auto Discovery and Importing Devices tasks.

Creating a SeedAD file <hostfile>

The following is an example of seedAD content used for Auto Discovery.

172.18.0.1      r3640-1.internal.powerupnetworks.com    r3640-1

172.18.0.2      r3640-2.internal.powerupnetworks.com    r3640-2

172.18.0.3      r3640-3.internal.powerupnetworks.com    r3640-3

Note: This is very similar to the /etc/hosts file....

Examples of files

Examples of the Command Line Interface commands can be found in examples.tar in the $VOYENCE_HOME /tools/bulk-import

directory. ( . /etc/voyence.conf)

The examples.tar contains the following sample files:  

  • createCred.csv - sample file used in importCredentials command
  • hosts - sample file used in seedAD command
  • importDevices.csv - sample file used in importDevices command
  • exportedCredentials.csv - sample output of exportCredentials command

Accessing the Command Line Interface

  1. SSH to the application server machine.

  2. Enter cd to change the directory to $VOYENCE_HOME/tools/bulk-import, and press Enter.

  3. At the command prompt, enter runCmd.sh, then press Enter.

Important: For Windows, enter runCmd.pl, then press Enter.

  • At the next command prompt, enter your User Name and Password.  See the following prompts: 

  • Enter User Name: where you then enter the user name

  • Enter Password: where you enter the password

  • After entering the User Name and Password, press Enter.

Note: This is the same User Name and Password you use to access the VoyencControl application. The Command Line Interface feature is now started by displaying a command prompt cmd>.

To work with the Command Line Interface functions, determine the task you want to complete, then go to: