Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »



User Guide
Yarnman –Orcamate – Engineer Toolkit

  Contents




UC Logs – On Demand

Supported systems

  • CUCM
  • IMP
  • UCXN

Select the cluster*, time period and services



*Clusters need to be configured, this is performed under Administration App -> Clusters

Trace Levels

To check Trace Levels of CUCM services, select 'Check Trace Levels' button

UC Logs – Scheduled

The scheduled log collection push logs to a SFTP server

  • Set the start and end time
  • How often the schedule is run
  • Cluster
  • Interface(s)
  • Services
  • Log duration on UC app
  • SFTP interface
  • SFTP path files are stored in <customer>/<cluster>/<interface>/<time period>


PRT upload

Problem report files can be uploaded to the engineer toolkit for both phones and Jabber if the upload URL is configured on the device in CUCM

These can also be configured to be pushed to SFTP

Inventory EOL

Feature preview
Select interface and support account



UC status

The UC status can be run for a specific interface or for a customer
It supports

  • CUCM
  • IMP
  • UCXN
  • EXPW

It can also check the Jabber DNS SRV records and certificates. Additional DNS servers and domains can be provided to test both public and internal records

If using customer option each of the UC applications is listed on the top

CUCM

Alerts


Trunks

Devices and Device Pools

Database

Services

Certificates

Expressway

Alarms

Connector Status

Fault Finder

Fault finder can be run against a customer or a CUCM cluster – if there are multiple clusters in the customer it will query each cluster
Search can be done by

  • Device Name
  • Directory Number
  • E164
  • Username


Based on the search criteria if will find devices and if provided the user

Alternate Syslog Search

These logs show device registration

Call Logs

Expressway Call Logs

CDR


DNA Visualizer

  • Select interface
  • Source number
  • Destination number
  • CSS


Yarndoor

Yarndoor Authentication and Setup

  1. Create Authentication Database

  1. Adjust roles as required restricting to only the required applications
  2. Create Access Policy

    1. Login via Email (UPN) – adjust regex's to restrict to specific domains and email format

Example email validation ([a-z0-9!#$%&'/=?`{|}](?:\.[a-z0-9!#$%&'/=?`{|}])@(?:[a-z0-9](?:[a-z0-9-][a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?)
Base DN = domain in LDAP syntax
Username field = userPrincipalName

    1. Login via username – adjust regex's to block domain\user and email address formats

Example (^[A-Za-z0-9](?:[ _-][A-Za-z0-9])*$)
Base DN = domain in LDAP syntax
Username field = userPrincipalName

  1. Start The Engineer App and Yarndoor App and set Access Policy

You may wish to directly expose Yarndoor and not use proxy for end users to do so
Set Host to 0.0.0.0 (or IP Address of node)

  1. Add both engineer app and Yarndoor app to proxy service

Yarndoor Branding

  1. Select Branding in the administration app

  1. Install Branding File

  1. Verify that the branding is available

  1. Navigate to the Yarndoor service that you wish to brand and apply the branding

Admin Access Setup

  1. Navigate to the Engineer App (ensure it was added to proxy)

  1. Add a feature

  1. Select Administration Access Tracking

  1. Add the required interface and set default allowed time. Note each CUCM/EXPW/UCXN will require to be added as an interface


Note that the role for admin users is defined on a per interface basis

If a CUCDM8 interface is added Yarnman can extract Customers/Hardware Groups and UC systems including IP addresses and credentials

  1. Select User Portal

  1. Add the required feature(s)

Using Admin Access


  1. Select Yarndoor (admin access) or browse directly

  1. Select the required customer and interface then press get access

  1. One time credentials are created
    1. Open interface opens new tab to target system
    2. Release access removes account
      1. Once account is removed audit logs are available for download





  • No labels