The SSH Device XML file lets you configure how SAM connects to an SSH Device endpoint, discovers user accounts, and changes privileged account passwords on the endpoint.
Different SSH Device XML files configure the interactions with different types of SSH Device endpoints. For example, the aix_connector_conf.xml file configures the connection to an AIX endpoint, and the device_connector_conf.xml file configures the connection to an SSH device such as a router.
Note: For more information about SSH Device XML file types, see the Enterprise Administration Guide.
The SSH Device XML files are located in the following directory:
ACServerInstallDir/Connector Server/conf/override/sshdyn
If required, you can customize the SSH Device XML files to suit your enterprise requirements.
Structure
The SSH Device XML file contains the following elements:
The <class name="CommandSet"> element contains array elements that group sets of commands, as follows:
Note: The <array name="oSubstituteUser"> element is valid only for the aix_connector_conf.xml, checkpoint_connector_conf.xml, and ssh_connector_conf.xml files.
Each array element contains multiple <item> elements. An <item> element defines the parameters for a specific command that SAM executes on the endpoint. For example, an <item> element in the <array name="oGetUsers"> element may specify the:
Note: For examples of how <item> elements in the SSH Device XML file configure interactions with SSH Device endpoints, see the Enterprise Administration Guide.
You use nested parameters to define the configuration settings for each element, as follows:
Each nested parameter has the following format:
<param name="name" value="value" />
The following snippet of an SSH Device XML file shows how the elements are nested:
<package name="com.ca.jcs.sshdyn"> <class name="SSHConnectionManager"> <param name="name" value="value" /> </class> </package> <package name="com.ca.sessame.conn.unix"> <class name="CommandProcessor"> <param name="name" value="value" /> </class> <class name="CommandSet"> <instance name="ssh"> <array name="oGetUsers"> <item> <param name="name" value="value" /> </item> </array> <array name="oChangePassword"> <item> <param name="name" value="value" /> </item> </array> <array name="oSubstituteUser"> <item> <param name="name" value="value" /> </item> </array> </instance> </class> </package>
Elements
Specifies the settings that SAM uses to manage the SSH connection.
This class element contains the following parameter:
Defines the number of concurrent connections to the endpoints.
Default: 10
Specifies the settings that SAM uses to connect to the SSH Device endpoint.
This class element contains the following parameters:
Specifies whether SAM writes messages to sLogFileName.
Limits: true, false
Default: true
Defines the relative pathname to the log file.
Default: ..\logs\uxlog.txt
Defines the maximum number of characters CA ControlMinder writes to the log file for each connection.
Default: 1500
Specifies
Limits: true, false
Default: true
Defines the maximum time, in milliseconds, that SAM waits for values.
Default: 1500
Defines the time, in milliseconds, that SAM wait
Default: 500
Specifies the Telnet request command for a user name.
Example: login
Specifies the Telnet request command for password.
Example: password
Specifies the answer that the device for the Telnet command "Are You There"
Default: Solaris-Yes, Linux-yes, AIX-here
Note: Due to different configurations, each SSH device can have a unique reply to the AYT command. You can modify the SSH XML file accordingly.
To discover the format, open a telnet session to the device and run the following:
^+] send ayt
Defines the SSH port number.
Note: By default, this parameter is commented out.
Default: 22
Specifies the commands that SAM executes on the endpoint.
This class element contains array elements that group the commands that SAM executes on the endpoint.
Specifies the commands that SAM executes to get users.
This array element contains item elements that define the parameters for the specific commands that SAM executes to get users.
Specifies the commands that SAM executes to change user passwords.
This array element contains item elements that define the parameters for the specific commands that SAM executes to change user passwords.
Specifies the commands that SAM executes to su to another user.
This array element contains item elements that define the parameters for the specific commands that SAM executes to su to another user.
Note: This element is valid only for the aix_connector_conf.xml, checkpoint_connector_conf.xml, and ssh_connector_conf.xml files.
Specifies the parameters for a specific command that SAM executes on the endpoint.
Each item element may contain the following parameters:
Defines the command that SAM sends to the endpoint.
Defines the interval, in milliseconds, that SAM waits until it performs the next step.
Default: 500
Defines the text string that SAM waits to receive in response to the command defined in sCommand.
Defines the text string that SAM receives from the endpoint that indicates the command failed.
Defines the text strings that SAM removes from the endpoint output.
Specifies whether to write commands to the log file.
Limits: true - SAM does not write commands to the log file, false - SAM does write commands to the log file
Default: true
(Optional) Specifies to compare the command results with the specified string. If the result does not match the string, an error message is displayed.
Note: By default, this parameter is commented out.
Indicates the XML file version. The XML version cannot be later than the XML version that is defined in the SSL connector.
Default: 0
Specifies whether XML processing data is logged to $XML_NAME..lodaing_report.xml. The log file is located in the following directory:
ACServerInstallDir/Connector Server/conf/override/sshdyn
Limits: true, false
Default: true
Indicates that the XML file was loaded successfully.
Default: OK
Copyright © 2013 CA Technologies.
All rights reserved.
|
|