Cisco Systems OL-11390-01 manual Creating Self-Signed Security Certificates Yearly, 11-7

Page 7

Chapter 11 Administering DFM (Advanced)

System Administration

To create custom roles and privileges, see the Cisco Secure ACS online help. (On Cisco Secure ACS, click Online Documentation > Shared Profile Components > Command Authorization Sets to view the help page.)

Note See the Common Services online help for important information on how ACS custom roles affect the DCR.

Modifying CiscoWorks Roles and Privileges

If another instance of DFM is registered with the same Cisco Secure ACS, your instance of DFM will inherit those role settings. Furthermore, any changes you make to DFM roles will be propagated to other instances of DFM through Cisco Secure ACS. If you reinstall DFM, your Cisco Secure ACS settings will automatically be applied upon DFM restart.

Step 1 Select Shared Profile Components > DFM and click on the DFM roles that you want to modify.

Step 2 Select or deselect any of the DFM tasks that suit your business workflow and needs.

Step 3 Click Submit.

Device-Based Filtering

In ACS, you can create and modify users who can perform certain tasks on certain devices. The devices listed for you are based on your roles defined in CiscoSecure ACS. See User Guide for CiscoSecure ACS for more information.

Creating Self-Signed Security Certificates Yearly

When you install DFM, DFM creates a self-signed security certificate on the server. Users on some client systems must install the certificate; see Responding to Security Alerts, page 2-7. Self-signed security certificates expire one year from the date of creation.

Create a new self-signed security certificate yearly, before the certificate expires. You can also do so after the certificate expires; however, users might not be able to access DFM until you complete this task.

Step 1 From the LMS portal, select Server > Security > Single-Server Management > Certificate Setup. The Create Certificates page appears.

Step 2 Enter the values for the fields described in the following table.

 

 

Field

Description

Usage Notes

 

 

 

 

 

 

 

Country Name

Name of your country

Use two-character country code.

 

 

 

 

 

 

 

State or

Name of your state or

Use two-character state or province code or complete name

 

 

Province

province

of state or province.

 

 

 

 

 

 

 

Locality

Name of your city or

Use two-character city or town code or complete name of

 

 

 

town

city or town.

 

 

 

 

 

 

 

 

 

 

 

User Guide for Device Fault Manager

 

 

 

 

 

 

 

 

 

OL-11390-01

 

 

 

11-7

 

 

 

 

 

 

Page 6 Page 8
Image 7
Page 6 Page 8
Contents 11-1 File Ownership and Protection11-2 Secure Socket Layer SSLSNMPv3 Working with Firewalls11-3 NMSROOT/objects/smarts/bin/smserver --help Registering Additional DFM Servers with the LMS Portal Configuring Users ACS and Non-ACS 11-4 11-5 Configuring Users Using CiscoWorks Local Mode11-6 Using DFM in ACS ModeField Description Usage Notes Creating Self-Signed Security Certificates Yearly11-7 11-8 Backing Up and Restoring DFM Data11-9 Changing the Password for DFM DatabasesOption Description Usage Notes Before You Begin11-10 Configuring LoggingLog Files Size KB Folder Maximum Backup Function/ModuleViewing and Maintaining Log Files No.11-12 DPSName Description Dependency Starting and Stopping DFM Processes11-13 11-14 11-15 Registering and Unregistering DFM Processes11-16 Option Description and Arguments11-17 Arguments11-18 Example 1 Specifying Clients that Can Connect to DFM11-19 Reregister any processes that depend on DfmServer11-20
Top Page Image Contents