Adding a login profile 1

If you logon to the system and then do the following command:-

add login <user-id>

where <user-id> is the name you want them to logon with and should be between 2 and 8 characters.You should then do the

change permissions <user-id>

to adjust what you want them to have access to.

Hope this helps

Is you s8400 cm4 or higher or is it cm2 or cm3?

A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

36 years Bell, AT&T, Lucent, Avaya
Tier 3 for 26 years and counting

AvayaTier3,
It is CM4.
I have tried to add login but that command doesn't exist.
i have logged into the CM and confirmed that the user is set for profile 18.
The user can log in but when he tries to perform a backup
this message pops up.
A SYSTEM ERROR HAS OCCURRED.CLICK CONTINUE TO RETURN TO THE MAIN PAGE.

Thank you,
CommoGuy101

This will explain the web browser version of login administration for cm4 and higher. It was moved from CM to linux.

logins, user-profiles, and webProfiles in cm loads higher than cm3:

list user-profile
add user-profile
change user-profile
duplicate user-profile
display user-profile
export user-profile
remove user-profile

from linux CLI, cmuseradd, cmusermod, cmuserdel, cmpasswd can be used instead
of the Web Browser

from Web Browser, Security, Administrator Accounts
bullet in Add Login Group - Enter Login ID or Group Name "prof28" submit
associate "prof28" with group number "10028" Add

from Web Browser, Security, Web Access Mask
Add, 28 in Box for Enter new Access Mask Number:
Create has 3 choices, one is to copy a new webProfile from an existing
webProfile:
Create by copying values from Access Mask number: 18
Change, put check in box of webProfile you want display, change
Here you can administer a name for the webProfile and turn on / off the access
to links for the user that logs into the Web Browser with this webProfile

NOTES:
linux CLI "cmuseradd super-user -C 28 logname" or "cmusermod -C 28 logname"
will add entry for prof28:x:10028 to the /etc/group file

user-profile group must exist in linux before you can associate a login to
a user-profile Group Name using the Web Browser
customized groups can be prof20 to prof69

A login is associated with prof28 it is also associated with webProfile 28

Once you associate a login to a Group Name "prof28" the login will not
be able access CM until the user-profile group exists in CM.
Trying to login to CM before the users CM user-profile exists will return
"Access Denied: User ID/Profile unknown to Communication Manager"

Once you associate a login to a Group Name "prof28" the login will not
be able access the Web Browser until a webProfile group exists in linux.

Don't forget to sync the webProfiles to standby, ESS / LSP servers

Web Browser does not authenticate with some logins on a Main "active" or
"standby" server, or a connected "LSP" or "ESS" server. CM4 only

Web Browser access is controlled by the webProfiles in each server

These profiles can be located in:

/etc/opt/ecs/webProfiles or /diskroot/etc/opt/ecs/webProfiles

Files use the naming convention of webProfile_XX.conf where XX is the
login_name defined profile. These profiles are always added with the
Web Browser under the Security, Web Access Mask page with the ADD button.
This must be done from the active server Web Browser in order to do the
sync steps below. You cannot sync from an ESS / LSP or standby server.
Default profiles range from 0 to 19. Customizable profiles 20 - 69

Then, for other connected servers, must be file sync from this page to the
connected standby, ESS, LSP servers. This must be done manually from this
page after any addition, deletion, modification of webProfiles in order to
maintain the same webProfile properties in all servers.
KB01028820 - sync webProfiles to all servers

A missing profile in any of the servers would block access to the server via
the Web Browser

NOTE: In future releases, the webProfiles will be changed to sync with
normal routine file sync (i.e. save translation all from Main "active"
server. Reference defsw073716 fix on cm4-736.0, cm5-825.0 and with
cm4.0.1sp03.00

CAUTION: Do Not blindly execute a file sync of webProfiles. Always compare
the "active" and "standby" server's webProfiles to see which has
the most profiles first. You can only execute file sync from the
"active" server's Web Browser. Many customers have built all of
the webProfiles and may have not known to do the file sync. If this
was the case, and an interchange to the other server has occurred,
the new "active" server may have just the default webProfiles
0 - 19. A file sync from this server will make the "standby" and
ESS and LSP servers match the current "active" server, which would
possibly blow away all of the webProfiles that reside in the other
servers.


A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

36 years Bell, AT&T, Lucent, Avaya
Tier 3 for 26 years and counting

How is the user trying to do a backup?
Web browser? linux bash?
Can any user do a successful backup?
ftp backup? pc_card backup?

A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

36 years Bell, AT&T, Lucent, Avaya
Tier 3 for 26 years and counting

Trying to perform a backup using web browser.
I can perform a backup when I am logged in as dadmin.
The user logs in as SA but cannot perform a network or flash backup.
So I have assigned the SA login into profile 18(hoping that would do it).
But I get the same results.

Thank you
CommoGuy101

sa and vm logins are for ia770
you should create a separate cm login for the folks you want to do backups for CM.

you can add logins from web browser or from linux bash

bash examples are below:

You can use the commands without arguments for help.

cmuseradd super-user -C 18 cust (add super-user login)
cmuseradd super-user -C 18 -P cust (add super-user login with ASG instead of pw)
cmuseradd nonsuper-user -C 19 bob (add nonsuper-user login)
cmuseradd -P 33355014162535251700 cust (add login with PIN for ASG from linux)

cmusermod craft2 custcraft (change login to type "craft2")
cmusermod -C 25 bob (change login to use prof25)
cmusermod -P cust (change login to use ASG instead of pw)
cmusermod -P 33355014162535251700 cust (change login's PIN for ASG from linux)

cmuserdel bob (delete login from system)

cmpasswd dadmin (set password for login)


A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

36 years Bell, AT&T, Lucent, Avaya
Tier 3 for 26 years and counting

Thank you Avayatier3
I think I have it now.


CommoGuy101