Documentation forNetwork Configuration Manager

Configure nodes to use user-level login credentials for NCM connections

When NCM uses user-level login credentials to connect to a node, the login credentials are associated with an Orion user account rather than the node. Each NCM user defines a set of credentials that NCM can connect with. Each set of login credentials is associated with the Orion account under which it was defined:

  • When a user logs in with an Orion account and performs an action in NCM, NCM connects to the node with the user-level login credentials associated with that Orion account.

  • When NCM processes a job, it connects to the node with the user-level login credentials associated with the Orion account of the user who created or most recently edited the job definition.

The access provided by user-level login credentials can vary.

For information about other configuration options, see Options for specifying NCM connection information.

To configure user-level login credentials, complete the following tasks.

Gather information

Before you begin:

  • Locate the login credentials for the node you want to add to NCM.
  • Determine whether NCM communicates with the device by way of Telnet or SSH.
  • Identify the Telnet or SSH ports used for communication.

Enable user-level login credentials in NCM

User-level login credentials are not enabled by default. Complete the following steps to enable them.

  1. Click Settings > All Settings.
  2. Under Product Specific Settings, click NCM Settings.
  3. Under Security, click Security.
  4. Under Device Login & User Account Credentials, select Individual - User Level.
  5. Click Submit.

Define user-level login credentials

Each NCM user must define the credentials that NCM will use to log in to devices. When credentials change (for example, when passwords are updated on the authentication server), each user must update the user-level login credentials in NCM.

  1. Log in to the Orion Web Console with the Orion user account that will be associated with this set of user-level login credentials.
  2. Click Settings > All Settings.
  3. Under Product Specific Settings, click NCM Settings.
  4. Under Security, click Manage User Level Login Credentials.
  5. Enter the user name and password that NCM should use to access the network device.
  6. Under Enable Level, select enable if NCM must enter a command to provide a higher level of access on the network devices. On some devices, this command is required to allow NCM to back up configs, upload changed configs, and run certain scripts.

    If a command is required, but the command is not enable, do the following:

    1. Select enable in the connection profile.

    2. In the device template that defines the device-specific commands used to perform actions on that device, include the following:

      <Command Name="EnableCommand" Value="commandForMyDevice"/>

      where commandForMyDevice is the command entered on your device (for example, super).

    If the NCM account has the privileges it needs without having to enter a command such as enable, then make sure enable is not selected in the connection profile.

  7. If you selected enable, enter the password for it.
  8. Click Submit.

Assign user-level login credentials to nodes

  1. Choose Settings > Manage Nodes.
  2. Select one or more nodes.
  3. Click Edit Properties.
  4. Scroll down to Manage node(s) with NCM, and verify that Yes is selected.
  5. If multiple nodes are selected, click the Connection Profile check box to enable editing.
  6. For Login Credentials, select User.

    The user name, password, enable level, and enable level password can no longer be specified because they are defined by the user account.

  7. If necessary, change the values selected for protocols and ports.

    If the connection profile uses global variables, you can review or change the value of the global variables.

    To override global variables, update any of the following:

    1. For Execute Scripts Using, choose the protocol that NCM should use to execute commands and scripts.
    2. For Request Configs Using, choose the protocol that NCM should use to log in to a device and request a config transfer.

      For more information about Config Request and Transfer Config options, see Protocols NCM uses to transfer configurations.

    3. For Transfer Configs using, choose the protocol that NCM should use to upload and download configs.
    4. Set the Telnet and SSH ports to the ports allowed on your network.
  8. Click Submit.