Technical FAQs

Ask a Question

Mass Configuration of Users and User Preferences on Network Management Card 2 (NMC2) v6.X.X


Issue

How do I mass configure/bulk upload user configuration information on v6.X.X Network Management Card 2 firmware? (this is no longer done via config.ini)

 
Product Line
 
  • Network Management Card 2 - AP9630/30CH, AP9631/31CH, AP9635/35CH
Devices with an embedded Network Management Card 2 include (but are not limited to): 2G Metered/Switched Rack PDUs (AP84XX, AP86XX, AP88XX, AP89XX), Certain Audio/Video Network Management Enabled products.


 

Environment
 
  • v6.X.X firmware
  • Users wishing to add Network Management Card 2 (NMC2) local users in bulk and/or via a configuration file via FTP/SCP.
  • Users wishing to add users via script using local serial console, Telnet or SSH


Cause

Beginning with NMC2 firmware v6.0.6, user configuration/modification is no longer supported or available via the config.ini. This functionality can now be accomplished via a .csf file which can be uploaded to the NMC2 via FTP or SCP. INIUtil-v3, available in knowledge base FA156117 for uploading/download config.ini files in bulk, will now support uploading .csf files (since they cannot be downloaded).  Alternatively, a user can write a script to create users via the CLI (which is accessible via the local serial console, Telnet, or SSH).



Resolution

The user can use a .csf configuration file to be uploaded to the NMC2 via FTP or SCP. Alternatively, these instructions can be used by the user to create a script which can be used with the NMC2 via local serial console, telnet, or SSH.


Note: Secure Copy (SCP) users - please review knowledge base article ID FA235654 for important information prior to proceeding.


To begin, the NMC2 offers a "default settings" configuration (which is available in the config.ini as well as all of the other NMC2 interfaces - review knowledge base FA175982 for a known issue) which can serve as a template for adding users. If many of your users will have the same preferences (which are now configurable on a per user basis), you can modify these settings first so that your .csf file requires less data. You can also still configure preferences individually via the .csf file.

So, to begin, if you want to configure the Default User Settings that will apply to most, if not all, of your local users, begin with that. You can do this in the web interface in the Configuration Menu->Security->Local Users->Default settings. See below.




If the web interface is not an option, you can also configure this via the CLI using the userdflt command.


Usage: userdflt --  Configuration Options
    userdflt [-e   <enable | disable>] (Enable)
             [-pe  <Administrator | Device | Read-Only | Network-Only>]
                    (user permission)
             [-d   <user description>]
             [-st  <session timout>] minute(s)
             [-bl  <bad login attempts>]
             [-el  <enable | disable>] (Event Log Color Coding)
             [-lf  <tab | csv>] (Export Log Format)
             [-ts  <us | metric>] (Temperature Scale)
             [-df  <mm/dd/yyyy | dd.mm.yyyy | mmm-dd-yy |
                    dd-mmm-yy | yyyy-mm-dd>] (Date Format)
             [-lg  <language code (enUs, etc)>] (User Language)
             [-sp  <enable | disable>] (Strong Passwords)
             [-pp  <interval in days>] (Required Password Change Interval)
 


Once these settings have been modified or you've chosen to skip it, you'll need to create your .csf file if you're not scripting this. This must be a plain text file which has been modified to a .csf file extension. (Make sure that your system is set to show file extensions to avoid a filename such as userupload.csf.txt.)

You'll use the syntax of the user command to create your .csf user configuration file. The syntax is shown below. This would be the syntax you follow if you're creating your own script.


Note: The .csf file must only contain one command per line.



 
Usage: user --  Configuration Options
    user -n <user>
                   [-cp  <current password>] (Only required for remote access or .csf upload methods while modifying super user account, serial access to CLI does not require -cp to modify super user account)
                   [-pw  <user password>]
                   [-pe  <Administrator | Device | Read-Only | Network-Only>]
                          (user permission)
                   [-d   <user description>]
                   [-e   <enable | disable>] (Access Enable)
                   [-st  <session timout>] minute(s)
                   [-sr  <enable | disable>] (Serial Remote Auth. Override)
                   [-el  <enable | disable>] (Event Log Color Coding)
                   [-lf  <tab | csv>] (Export Log Format)
                   [-ts  <us | metric>] (Temperature Scale)
                   [-df  <mm/dd/yyyy | dd.mm.yyyy | mmm-dd-yy |
                          dd-mmm-yy | yyyy-mm-dd>] (Date Format)
                   [-lg  <language code (enUs, etc)>] (User Language)
                   [-del <user name>]
                   [-l   (shows current user list)]
 
 

Example (assuming creating via .csf for upload via FTP or SCP):

user -n newadmin -pw apc -pe administrator -e enable
user -n newdevice -pw apc -pe device -lg enUs -e enable
user -n newdev1 -pw dv1 -pe device -e enable
user -n apc -cp apc -pw 123secretpassword -el enable -ts us
 

Note: There is a bug in AOS 6.0.6 in which the Read-Only or Device user type will not work via the user command. This type of user must be added via the web interface for v6.0.6. This is corrected in v6.1.3 AOS or higher. (Each Network Management Card has an AOS and application file and they cannot be updated independently. Please check http://www.apc.com/tools/download/index.cfm to verify the latest versions available for your device.)


Once your file is complete, save it as <anyname>.csf and you'll be able to upload it to your NMC2 via one of the specified methods. To confirm your changes were accepted, you can display the current user list by issuing the command user -l via CLI or checking the web interface under Configuration->Security->Local Users->Management to view your system's local users. Please note, there is no way to export this list to a file unless you do it manually or script it.



Still not working or do you have questions?

If you need further assistance or your .csf file is not working, please contact APC technical support and be prepared to provide the following information:
 
  • Your .csf file with any personal information removed, if required
  • Firmware version
  • Event.txt (and config.ini if pertaining to default user settings) - instructions to retrieve these are in knowledge base FA156131.
     
Was this helpful?
What can we do to improve the information ?