Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Words and Phrases
| Search for | Example | Results |
|---|---|---|
| A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
|
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Using Boolean Operators
| Search for | Operator | Example |
|---|---|---|
|
Two or more words in the same topic |
|
|
| Either word in a topic |
|
|
| Topics that do not contain a specific word or phrase |
|
|
| Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
| A combination of search types | ( ) parentheses |
|
Configuration Tools
NNMi provides several tools for configuring multi-tenancy and security.
Security Wizard
The Security Wizard in the NNMi console is useful for visualizing the security configuration. It is the easiest way to assign nodes to security groups within the NNMi console. The View Summary of Changes page presents a list of unsaved changes from the current wizard session. It also identifies potential problems with the security configuration.
Note The Security Wizard is for NNMi security configuration only. It does not include tenant information.
For information about using the Security Wizard, click the NNMi help links within the wizard.
NNMi console forms
The forms for individual security and multi-tenancy objects in the NNMi console are useful for concentrating on one aspect of the configuration at a time. For information about using these forms, see the NNMi help for each form.
The Tenants view contains NNMi multi-tenancy configuration information. This view is available under Discovery in the Configuration workspace. Each Tenant form describes one NNMi tenant and shows the nodes currently assigned to that tenant. The node assignment information is read-only.
To change the tenant or security group assignment for a node, use the Node form or the nnmsecurity.ovpl command.
The following NNMi console views are available under Security in the Configuration workspace. These views contain NNMi security configuration information:
-
User Accounts
- Each User Account form describes one NNMi user and shows the user groups to which that user belongs. The membership information is read-only.
- If you are storing user group membership in a directory service, user accounts are not visible in the NNMi console.
-
User Groups
Each User Group form describes one NNMi user group and shows the user accounts and security groups mapped to the user group. The mapping information is read-only.
-
User Account Mappings
- Each User Account Mapping form shows one user account-to-user group association.
- Changes to user account mappings do not affect the current NNMi console users. These users receive any changes the next time they log on to the NNMi console.
- If you are storing user group membership in a directory service, user account mappings are not visible in the NNMi console.
-
Security Groups
Each Security Group form describes one NNMi security group and shows the nodes currently assigned to that security group. The node assignment information is read-only.
-
Security Group Mappings
- Each Security Group Mapping form shows one user group-to-security group association.
- After initial configuration, the object access privilege associated with a security group mapping is read-only. To change the object access privilege for a security group mapping, delete that mapping and recreate it.
Command line
The nnmsecurity.ovpl command-line interface is useful for automation and bulk operations. The tool also provides reports of potential problems with the security configuration.
Many of the nnmsecurity.ovpl options support loading input data from comma-separated values (CSV) files. You can maintain configuration data in a file or system that can generate CSV output for consumption by the nnmsecurity.ovpl command. The command can also accept UUIDs generated outside of NNMi.
Tip Because security group and tenant names do not need to be unique, specify the security group or tenant UUID as input to the nnmsecurity.ovpl command.
The following example script uses the nnmsecurity.ovpl command to create the security configuration for two user accounts and five nodes.
#!/bin/sh
# create two users
nnmsecurity.ovpl -createUserAccount -u user1 -p password -role level1
nnmsecurity.ovpl -createUserAccount -u user2 -p password -role level2
# create two user groups
nnmsecurity.ovpl -createUserGroup local1
nnmsecurity.ovpl -createUserGroup local2
# assign the user accounts to the new user groups
nnmsecurity.ovpl -assignUserToGroup -user user1 -userGroup local1
nnmsecurity.ovpl -assignUserToGroup -user user2 -userGroup local2
# create two security groups
nnmsecurity.ovpl -createSecurityGroup secgroup1
nnmsecurity.ovpl -createSecurityGroup secgroup2
# assign the new user groups to the new security groups
nnmsecurity.ovpl -assignUserGroupToSecurityGroup -userGroup local1
-securityGroup secgroup1 -role level1
nnmsecurity.ovpl -assignUserGroupToSecurityGroup -userGroup local2
-securityGroup secgroup2 -role level2
# assign nodes to security groups
nnmsecurity.ovpl -assignNodeToSecurityGroup -node mplspe01 -securityGroup secgroup1
nnmsecurity.ovpl -assignNodeToSecurityGroup -node vwan_router-1 -securityGroup secgroup1
nnmsecurity.ovpl -assignNodeToSecurityGroup -node vwan_router-2 -securityGroup secgroup1
nnmsecurity.ovpl -assignNodeToSecurityGroup -node data_center_1 -securityGroup secgroup2
nnmsecurity.ovpl -assignNodeToSecurityGroup -node mplspe03 -securityGroup secgroup2
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to network-management-doc-feedback@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: