Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Words and Phrases
| Search for | Example | Results |
|---|---|---|
| A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
|
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Using Boolean Operators
| Search for | Operator | Example |
|---|---|---|
|
Two or more words in the same topic |
|
|
| Either word in a topic |
|
|
| Topics that do not contain a specific word or phrase |
|
|
| Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
| A combination of search types | ( ) parentheses |
|
Deploy Mcast
This topic includes the following sections:
Use Single Sign-On with NNMi
You can configure Network Node Manager i Software (NNMi) single sign-on (SSO) to facilitate access to the NNM iSPI for IP Multicast Configuration workspace from the NNMi console without needing to log on again. SSO is not enabled during installation or when you upgrade from the previous versions.
To enable SSO:
For Windows:
- Edit the %NnmDataDir%\shared\nnm\conf\props\nms-ui.properties file. Change com.hp.nms.ui.sso.isEnabled= "false" to com.hp.nms.ui.sso.isEnabled = "true”.
-
Run the nnmsso.ovpl -reload script.
-
Run the nmsmulticastssoreload.ovpl script.
For Linux:
-
Edit the $NnmDataDir/shared/nnm/conf/props/nms-ui.properties file. Change com.hp.nms.ui.sso.isEnabled= "false" to com.hp.nms.ui.sso.isEnabled = "true”.
-
Run the nnmsso.ovpl -reload script.
- Run the nmsmulticastssoreload.ovpl script.
Do not enable Single Sign-On feature when NNMi and the NNM iSPI for IP Multicast is configured to use Public Key Infrastructure (PKI) authentication
For more information about SSO, see NNMi Deployment Reference, Using Single Sign-On.
Configure Access with Public Key Infrastructure Authentication
You can configure NNMi to map Public Key Infrastructure (PKI) certificates to NNMi user accounts. As a result, you can log on to the NNMi console without having to type in the NNMi user name and password on the Login page. However, you will be prompted to provide NNMi user name and password again when you try to launch the NNM iSPI for IP Multicast Configuration form, unless you perform additional steps to reconcile the mapping with the iSPI.
When the NNMi is configured to use the PKI authentication, it is mandatory for the iSPI to use the PKI authentication.
You can continue to authenticate users with the NNMi user credentials for the NNM iSPI for IP Multicast Configuration form. However, do not configure only the iSPI to use the PKI authentication when NNMi continues to use the credentials-based authentication.
Configuring the iSPI to use the PKI authentication involves the following tasks:
- Configuring NNMi
- Configuring a Certificate Validation Method
- Enabling Secure Sockets Layer (SSL) on the NNM iSPI for IP Multicast
- Configuring the NNM iSPI for IP Multicast
To configure PKI authentication on the NNM iSPI for IP Multicast in an HA cluster, you must perform all the required changes on both, primary and secondary node.
Configure NNMi
To configure NNMi to use the PKI authentication, follow the steps in the Configuring NNMi to Support Public Key Infrastructure Authentication section.
Configure a Certificate Validation Method
When NNMi is configured to use the PKI authentication, unauthorized access using invalid certificates must be prevented. You must perform additional steps to configure NNMi to use a certificate validation method—Certificate Revocation List (CRL) or Online Certificate Status Protocol (OCSP).
Follow the steps in the Certificate Validation (CRL and OCSP) section.
Enable Secure Sockets Layer (SSL) on the NNM iSPI for IP Multicast
When NNMi is configured to use the PKI authentication, you must enable SSL on the NNM iSPI for IP Multicast to ensure communication between the NNMi management server and the NNM iSPI for IP Multicast.
To enable SSL on the NNM iSPI for IP Multicast:
- Log on to the NNM iSPI for IP Multicast.
-
Navigate to the following directory:
On Windows
%nnmdatadir%\shared\multicast\conf
On Linux
var/opt/OV/shared/multicast/conf
- Open the nnm.extended.properties file with a text editor.
-
Set the value of following properties to true:
com.hp.ov.nms.spi.multicast.spi.isSecure
com.hp.ov.nms.spi.multicast.Nnm.isSecure
-
Save and close the file.
-
Restart the ovjboss process by running the following commands:
ovstop -c multicastjboss
ovstart -c multicastjboss
Configure the NNM iSPI for IP Multicast
Configuring the NNM iSPI for IP Multicast to enable the PKI authentication you must modify the nms-authconfig.xml file in the iSPI configuration data directory (%nnmdatadir%\nmsas\multicast\conf on Windows; /var/opt/OV/nmsas/multicast/conf on Linux) based on the updated nms-auth-config.xml file.
To configure the NNM iSPI for IP Multicast to use the PKI authentication:
-
Make sure that Task 1, Task 2 and Task 3 are complete.
-
Log on to the NNMi management server.
-
Navigate to the following directory:
On Windows
%nnmdatadir%\nmsas\multicast\conf
On Linux
/var/opt/OV/nmsas/multicast/conf
Open the nms-auth-config.xml file using a text editor.
Modify the nms-auth-config.xml file to enable the PKI authentication.
Make sure that you modify the iSPI nms-auth-config.xml file to match the changes done to the nms-auth-config.xml file on the NNMi management server.
- Save and close the file.
-
Run the following command:
On Windows
%NnmInstallDir%\multicast\bin\nmsmulticastauthconfigreload.ovpl
On Linux
/opt/OV/multicast/bin/nmsmulticastauthconfigreload.ovpl
The NNM iSPI for IP Multicast now starts using the PKI authentication.
Do not enable Single Sign-On feature when NNMi and the NNM iSPI for IP Multicast is configured to use Public Key Infrastructure (PKI) authentication.
The -u <user> and -p <password> parameters are optional for Command Line Interface (CLI) in the NNM iSPI for IP Multicast.
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to network-management-doc-feedback@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: