Chapter 2 Managing BTS Users and Commands Using EMS

Sun Microsystems Configurations

Pluggable Authentication Module Support

The BTS 10200 deploys a Secure Shell (SSH) package with Pluggable Authentication Module (PAM) support. The package includes the PAM support required to utilize the Radius and LDAP servers.

The supporting configuration allows local accounts to fall through if the Radius and LDAP servers are not available. These default local accounts for the BTS 10200 are the btsuser, btsadmin and secadmin accounts. These are the standard default accounts provided in the base product and use the native password management.

A UNIX-based user provides access to the operating system on all nodes. The oamp user is defined for package management purposes. The account is locked and no password is available. However, to grant UNIX access to all nodes of the BTS 10200, a default password is provided.

When PAM support is used, SSH transfers the control of authentication to the PAM library, that then loads the modules specified in the PAM configuration file. Finally, the PAM library tells SSH whether the authentication was successful. SSH is not aware of the details of the actual authentication method employed by PAM. Only the final result is of interest.

User Security Account Management

The BTS 10200 EMS contains an application program known as User Security Management (USM). This program determines if an account is local or off-board. Password management facilities are disabled for all accounts on the BTS 10200 when an AAA deployment is configured. The AAA deployment transfers the responsibility for these existing facilities to the end-user AAA servers. These facilities include the following attributes:

Password aging, warning, and expiration

Password reset and automatic account locking

Local account management (password and shadow files) for new accounts

Sun Microsystems Configurations

Table 2-4lists the Solaris 10 architecture-specific or hardware specific packages for certain Sun Microsystems configurations.

 

 

 

 

Table 2-4

Solaris Architectural- or Hardware-Specific Optional Package List

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Package

Description

Type

Status

 

 

 

 

 

 

 

 

 

 

 

 

SMEvplr

SME platform links

SYSTEM

 

 

 

 

 

 

 

 

 

 

 

 

SMEvplu

SME usr/platform links

SYSTEM

 

 

 

 

 

 

 

 

 

 

 

 

SUNWaudd

Audio drivers

SYSTEM

 

 

 

 

 

 

 

 

 

 

 

 

SUNWauddx

Audio drivers (64-bit)

SYSTEM

 

 

 

 

 

 

 

 

 

 

 

 

SUNWced

Sun GigaSwift Ethernet Adapter (32-bit driver)

SYSTEM

 

 

 

 

 

 

 

 

 

 

 

 

SUNWcedx

Sun GigaSwift Ethernet Adapter (64-bit driver)

SYSTEM

 

 

 

 

 

 

 

 

 

 

 

 

SUNWcg6

GX (cg6) device driver

SYSTEM

 

 

 

 

 

 

 

 

 

 

 

 

SUNWcg6x

GX (cg6) device driver (64-bit)

SYSTEM

 

 

 

 

 

 

 

 

 

 

 

 

SUNWcsd

Core Solaris devices

SYSTEM

 

 

 

 

 

 

 

 

 

 

 

Cisco BTS 10200 Softswitch Operations and Maintenance Guide, Release 6.0.x

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

2-12

 

 

 

 

 

OL-16000-07

 

 

 

 

 

 

 

 

Page 28
Image 28
Cisco Systems 10200 manual Sun Microsystems Configurations, Pluggable Authentication Module Support, System