Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Authentication Files

Status
Not open for further replies.

glimma

Technical User
Jul 10, 2007
148
GB
Hi All,

Can somebody explain the purpose of the Authentication Files in CM5 and earlier releases?

Are they linked to the license file?

If I have to install a new license file due to an upgrade or Maintenance Serial Number swap-out, should I also update the Auth File as well as the License file?

If I'm doing a Maintenance Serial Number swap-out on an ESS site, say the IPSI is being replaced, I know I need to update the License file on the ESS server, but do I need to update the license file or Auth file at the core CM?

Regards

Glimma
 
No, it just has the product ID and profiles for account types if a partner or Avaya installed it. So, you first go in RFA and "make a new auth file" for "cm" and give it the hostname - that's it. You get a auth file to load on CM that just stops craft from logging in and when CM dials out alarms to Avaya it's from productID # xxx so they know its your switch under maintenance tied to your FL and that they should care.
 
You do not need to do anything at the main server for license or authentication files for the serial number swap for an IPSI for the ESS.
You also do not need an updated authentication file for the ESS server.

Authentication file has secret-keys for sroot, init, inads, craft, rasaccess, tsc, and also has a craft password for the services port so you can login as craft without being challenged. The productid in the authentication file which is the productid 7xxxxxxxxx presented when a services login needs response to a challenge. This is not the same productid used for alarming. When you get new authentication files from Avaya RFA, you will get an updated craft password, and new secret-keys for the services logins is an option when requesting an authentication file. Asking for new keys when requesting a new authentication file will update Avaya databases for the ASG servers. If you do not install the new authentication file there could be a mismatch in the server keys and the Avaya ASG database keys. The ASG database stores current and previous keys so access would not be a problem for Avaya.

loadlicense is a Linux bash program to load and install a license sxxxxx.lic file
loadpwd is a Linux bash program to load and install a authentication sxxxxx.pwd file

These files are unique to the servers they are installed in.
statuslicense -v is a Linux bash program that will show the RFA System ID and the Module ID for main, ESS, and LSP servers.

A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

40 years Bell, AT&T, Lucent, Avaya
Tier 3 for 30 years and counting
[URL unfurl="true"]http://bshtele.com[/url]
 
Thanks kyle555.

So in RFA, when I complete the serial number swap out and I go to deliver files, why do I get the license and pwd files?

I assumed as you get them at the same time, there linked. So if you update the license file you have to update the auth file as well.....

 
if youre swapping the golden ipsi, then just a new license
 
Avaya RFA file Delivery:

Select ALL License Files
Select ALL Files
Select Files that are checked

RFA provides choices for what you download. If you only want a license, make sure the authentication box is not checked.


A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

40 years Bell, AT&T, Lucent, Avaya
Tier 3 for 30 years and counting
[URL unfurl="true"]http://bshtele.com[/url]
 
Thanks all for the responses...

So really I'd only ever update/install the auth file if there was a need to update the secret keys for the avaya services logins? Does/should this be done regularly or only as instructed by avaya?
 
Answer would be "rarely" or "never", unless you replace a server and have no backups or original lic or pwd file.
On a new server, always.
On a replacement server, if you have good backups, you can do a restore and not have to load a license or authentication file because
the lsfile and lacfile are part of the security backups.


A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

40 years Bell, AT&T, Lucent, Avaya
Tier 3 for 30 years and counting
[URL unfurl="true"]http://bshtele.com[/url]
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top