1 2 Previous Next

Product Blog

26 Posts authored by: christineb

Here's the scenario: you use IE8 with https. You use NPM 10 and upgrade to SP1. Then, IE starts complaining in a message like the one below: 

 

We have heard reports that some customers are seeing this alert on every single page as they navigate through the Orion website. Ugh, we're sorry. So there's good news and bad news. We'll give you the bad news first: we don't have a permanent fix for this yet, but we're working on it. But wait - we have some really good news too. So, the good news is - we know what causes this and we're going to fix it. It has to do with the optional Toolset integration. Additionally, the problem is more annoying than anything else. There's no real danger or underlying issue you need to worry about. But wait - there's still more good news: we also have a workaround. First, you can use Firefox or another browser. That solves the problem in that this is just IE specific. You can also disable Toolset integration by going to Settings->Account Manager -> Select your Account (admin) -> Change the option for “Allow Browser Integration” to No. 

 

We're working to fix this issue in a more permanent way - so stay tuned!

Other IE 8 Issues You Might See

While we're on the topic - we know that IE 8 will also give you all this error even if you don't have HTTPS configured: 

If you add the site to the Local Sites in IE, then you get the option to download SWToolset.exe. 

However, even if you install, you will still be prompted to download and install every time you go to a new page. If you disable Toolset integration, or use a different browser, the ActiveX control is not run and this is not a problem. Also, you can manually register it per the Engineers Toolset V10.2 integration with Orion NPM

 

 

 

 

From time to time, we hear requests for information about how to use NCM in tandem with RADIUS and/or TACACS for device authentication, that is:

NCM ----->  Device -----> RADIUS/TACACS Server.

 

The key lies in changing how NCM authenticates the user against the device. Typically, NCM is set up to authenticate using a set of credentials for each device. If you want to use the same credentials to log in to all devices, you can do this by going to File > Settings > Global Macro Settings > Login Information and choose the option to enable global login settings on all devices. You also have the option to set this up during installation. 

However, if you want to use an external authentication server - you'll want to configure user-level device credentials:

1.    Go to File->Settings->Device Connectivity Method and select the option to manage devices using individual set of credentials:

By changing this option as shown, NCM provides user-level device log in credentials for each NCM user. Also, there is special logic in our SSH/Telnet communication component to handle the RADIUS authentication prompt since devices connected to the RADIUS server may have a slightly different log in flow. 

 

2.  Next, go to File->Change My Device Login Credentials and specify user level credentials:

3.       On device- level control, specify  which credentials will be used to login on device (device-level or user-level):

 

And that's that. The device itself will authenticate the credentials against the RADIUS server - and use the permissions with the associated account. 

You all are probably familiar with our What We Are Working On Now... posts... Well, we're going to expand on that from time to time and not only *tell* you what we're working on... we're actually going to *show* you. And in NCM-land - one thing we're working on is enhanced policy reports. I hope you'll take some time to check out what we're up to and let us know your thoughts. 

 

One note - all of these screen shots are from the Orion integration module. Here we go - first - we have the Manage Policy screen. 

 

A few notes on this screenshot: 

 

1. Did you notice the "Share on thwack" tab? Yup, that does exactly what you think it does. Neat!

2. Search reports (got trimmed due to the blog display size, it's a field in the menu off to the right) - this searches what I'd refer to as the "visual" page content - title, date, description, etc.  - the content displayed on the page. Searching will search all the reports however, regardless of what folder you've put them in. 

 

____________________________

 

Moving on to screen shot two. We have Create New Rule. This one is especially exciting in that it provides the much-requested interface-level policy checking functionality. 

A couple of notes on this screen shot: 

1. The remediation scripts are not automatic. When you run a report, you have the ability to run a script to remediate a violation from the results, but we opted not to build in an auto-remediation function. Do you have an opinion on that? 

2. Check syntax does just what it says. If you write a regular expression in the box, the function will check to make sure you have formatted it correctly, but will not check to make sure it will work. 

 

___________________

Create New Policy: Rules go into Policies, Policies take those rules and assign them to nodes, then Policies roll up into Reports. Here we're showing the Create New Policy screen shot. 

______________

 

Lastly - here's the Violation Details popup. In the past, we only told you about the first time a rule was violated. Now we spell out each and every time. 

 

A few notes on this one: 

1. Here's your chance to run that remediation script you defined in the Create Rule screen shot. 

2. You can remediate this node - or all nodes in violation (that have a script of course). 

 

So, there you are. I haven't added a ton of commentary for the express reason (and hope) that it should make sense to you without explanation. If it doesn't, please ask and we'll look into making it more self explanatory. As we get further along, we'll be doing beta reviews so stay tuned for that as well. Looking forward to your feedback!

Well, we wrapped up NCM 6.0 and we've hit the ground running working on a number of new features. In addition to the routine set of fixes, new device templates, and other optimizations – we’re working on:

Improved Policy Reports –

  • moving a lot more of this functionality to the web
  • the ability to import and export policies, rules, and possibly whole reports  
  • adding the ability to check for violations in config blocks (interface-level checking)

**Special bonus note on this one - look for mockups on this functionality soon. I'll be posting them to thwack to get your feedback while we're in the design phase. 

Support for multiple config types 

  • you’ve asked for this, and we’re working on it now - we're planning for these to be fully customizable

Additional IpV6 support

  • NCM already has IpV 6 support for many activities, and we’re working on additional support

Improved inventory management 

  • we are working on making this process easier and the reports even more useful

Of course, I can't promise that all of this will make it into the next release, but we are working on all these features now. Let me know what you think - and be sure and check the NCM forum for updates. 

One of the super snazzy new features you'll find in NCM 6 is Config Change Templates. The concept is something like the Config Generator Free Tool, but much more powerful - and integrated right into NCM so you can not only generate the CLI - you can push it right out to the devices in one easy flow. We envision this having lots of applications on the power-user side of the spectrum, in that you can create some really powerful templates, save them, share them, and re-apply them at will. We also see new users finding this feature very useful, as the wizard-like interface takes a lot of the complexity out of creating basic config change scripts. 

How does it work? Well, let me show you.  NCM 6.0 comes out of the box with a few config change templates, along with a base template to get your started if you'd like to write your own. 

 

1. To get started - choose a template, and click "Define Variables and Run." That will start the wizard: 

 

2. Next, you'll be asked which nodes to apply the changes to. Just check them off, and choose "Next." 

3. Then, you'll be asked to define the variables. Depending on the config change template, the variables might be drop downs as above, or they might be text fields. Click next, and the CLI will generate. 

4. Once the scripts are done, click on the + sign to preview the CLI in-line, or click the link to preview it in a new window. If everything looks good, click "Execute" to run the script against the selected nodes.  

 

5. To import shared templates from Thwack - click the tab and you can preview what is available directly from within NCM. Check the boxes next to any of them you'd like to import, click import, and they are yours!

 

Again, we see lots of applications for all experience levels of users. Users without advanced scripting or CLI knowledge can leverage prepackaged and shared config change yemplates to execute config changes by simply filling out a few simple variables. At the same time, advanced users can create advanced Config Change Templates that allow retrieval of inventory data and use of logic (e.g. if/then/else) and variables to make decisions.  You can also quickly define the user interface used for variable definition during config change template execution (more on that in a future post). 

We're not far away from GA with NCM 6.0 - stay tuned - we're excited to get everyone's feedback on the new release. 

An alert is one thing. An alert with usable information is even better. Even better than that? An alert with NCM data. And that's what we have for you in NCM 6. The Release Candidate is coming up soon - if you'd like in on it and you're under active maintenance - send me a message and we'll get you fixed up. 

Ok, back to the blog topic. NCM 6.0 brings some really nice alert integration with Orion - so that when you get an alert - you can get additional configuration info and/or trigger some config management actions.

These include: 

1. backup the running config

2. trigger a script

3. show the last config changes

When might this be useful? Just imagine - you get an alert that says something has gone down. Knowing if something recently changed ("show the last config change" action) would really give you a head start on troubleshooting. 

It's a piece of cake to set these up. Just go to the Alert Manager in Orion - where you go to set up all your alerts. Click "New" and you'll see this screen. 

Name your alert, fill out any pertinent data in any of the other tabs, and proceed on to the tab "Trigger Actions." Here, you'll "Add a New Action." Scroll to the bottom - and look what's there... "Execute NCM Action."

 

Choose that one and you'll get a number of options: 

 

 

Fill in the blanks - and you're on your way. Another neat thing to note - is that these actions are stored in the $(Notes) variable - which means you can reference them in other alert actions. 

The more information you have in an alert - the faster you can fix the problem. Happy alerting!

Group policy is a security administrator's friend: it allows centralized administration of what a user can, and cannot do on their computer. While this is usually helpful and benign, it can also be a right pain when there are unintended consequences. 

Has this ever happened to you? 

You go home on Friday after a productive week at work, using Orion on a daily basis, and getting lots of good things done. Monday, you come to work ready to tackle the day, start up the Orion web interface and you see: 

"Access denied.: 

Or 

"Page cannot be displayed."

This is no way to start your week. It's not like you can't remember your password - the website won't even load!

While there are a bunch of things that could be going wrong, one common culprit is group policy. We get a lot of support calls when GPOs are dropped that limit access to Orion directories, or they disable access to the application pool services in IIS (below). 

 

The really annoying thing about group policy errors is that while we can fix them, they will usually "unfix" themselves when the policies are refreshed (usually every 5 minutes). So it's going to take a call to your security folks to get exempted from those certain GPOs going forward. 

Top Errors that Indicate You Have a Group Policy Problem

1. Suddenly, you get an "Access Denied" screen when you try to access the Orion website. 

2. You're heard talk that your systems have been recently hardened. 

3. You can't access the temp directories on your machine. 

 

What to do?

1. First of all, call your security administrator and see if they've implemented a new GPO. Chances are, you can track it down that way.

2. If you prefer to be armed with a little more data - you can check your event logs by following the directions here: http://technet.microsoft.com/en-us/library/cc749336(WS.10).aspx. Errors are easy to find in your logs - just go to: control panel -> administrative tools -> event viewer. Once you're there, choose "application" and sort them by "event." Anything in the 5000 range is a new group policy. You can see I have a few from a while back. 

 

Keep in mind that sooner or later you'll still have to address it with the security folks, otherwise the magic of group policy will keep undoing everything you've done. 

You know that to have nodes appear in the NCM integration module, the nodes need to exist in both NCM and NPM. So, if you add nodes and/or change node properties in Orion, you'd like to have those changes automatically propagated to NCM. However, what you might not know is that you can easily set up a job to help you with this task. In the NCM application, go to Schedule -> Create New Job -> then choose "Import Orion Database." Once you have this set up, everything will stay in sync without your needing to bring up the NCM application (unless you want to manage specific config properties on those nodes). 

Eventually, we want to bring node management completely into the Orion website, but in the meantime, try this. 

 

1. Choose the job and set it up according to your preferred schedule. 

 

2. Select the database to be imported. 

 

3. Map the columns. This allows you to sync nodes with custom properties as well. 

 

 

4. Customize the rows. If for some reason, there are some devices you don't want synced, you'll de-select them here.

 

 

5. Choose how you want the job to run. If you choose "Add only new nodes," then that is *all* that will happen. Info for existing nodes won't get updated. If you uncheck that box, you'll get updates and new nodes when the job runs. If a node already exists, it won't be re-added, but keep in mind that that identification is done by IP address, so if you have nodes that tend to change IP address, duplicates could happen. 

6. Click finish - and you're done!

***** UPDATE 3/30/10 **** PLEASE NOTE:  You will need to select all existing nodes you want synced, right-click and select Edit Multiple Nodes, and change Orion Node Import Allow to Yes for this to work.   We inadvertently set this value to No by default, which means that changes will be ignored unless this value is changed.   This is being fixed in the 6.0 release currently in development.

Did you know that NPM offers audible alerts? It sure does - and they are super easy to set up. You may find yourself wondering - now why in the world would I need that? Well, you might find yourself work, work, working away and be completely oblivious when an alert appears in another window - or on another monitor. But, if you had sound - a customizable sound - then that would definitely help grab your attention. (When you think customizable sound - think any .wav file you like.) You might also worry that adding sound to alerts would really make a lot of racket in your workplace - no worries - we've solved that too. 

Here's how you do it (from the admin guide): 

 

Configuring Audible Web Alerts

When browsing the Orion Web Console, audible alerts can be sounded whenever new alerts are generated. When enabled, you will receive an audible alert the first time, after login, that an alert is displayed on the page. This alert may come from either an alert resource or the Alerts view. You will not receive audible alerts if the Alerts view or the alert resource you are viewing is empty.

Following the initial alert sound, you will receive an audible alert every time an alert is encountered that was triggered later than the latest alert that has already been viewed. For example, a user logs in and sees a group of alerts with trigger times ranging from 9:01AM to 9:25AM, and the user receives an audible alert. If the user browses to a new page or allows the current page to auto-refresh, a new alert sounds if and only if an alert triggered later than 9:25AM is then displayed.

To enable audible web alerts:

1. Log in to the Orion Web Console as an administrator.

2. Click Admin in the Views toolbar, and then click Account Manager in the Accounts grouping of the Orion Website Administration page.

3. Select the account you want to configure.

4. Click Edit.

5. Select the sound file you want to play when new alerts arrive from the Alert Sound list.

Note: By default, sounds are stored in the Sounds directory, located at C:\Inetpub\SolarWinds\NetPerfMon\Sounds. Sounds in .wav format that are added to this directory become available as soon as the Edit User Account page refreshes.

6. Click Submit.

And there you go. Sound!

One of life's small frustrations now has an easy fix.

I exchanged emails with a customer who mentioned that it can be frustrating to page through pages and pages in the inventory report. If the view showed just a few more rows....it would be so much nicer as you could see much more on one screen.... but alas.... there's no setting for that.

Well, actually there is, but it's a bit roundabout.  You can change this: 

 

to this:

And... it's easy. 

 

NCM Standalone: 

Just go to  your c:/inetpub/solarwindsncm directory and find the web.config file. Find the line <add key="InventoryPageSize" value="20" /> and change it to something bigger – say 200 (or whatever you desire). Save it and voila – you’ll have a lot longer page view.

 

NCM Integration Module:

Go to the Orion web.config file and add the line:

<add key="InventoryPageSize" value="100" />

 

In the AppSettings section in Orions web.config file

Example:

<appSettings>

    <add key="SWOISv2.RemoteEndpoint" value="net.tcp://{0}:17777/SolarWinds/InformationService/Orion/ssl" />

    <add key="SWOIS.LocalEndpoint" value="net.pipe://localhost/SW/InformationService/Orion" />

    <add key="SWOIS.RemoteEndpoint" value="net.tcp://{0}:17777/SW/InformationService/Orion/ssl" />

    <add key="DisableBreadcrumbs" value="false" />

    <add key="InventoryPageSize" value="100" />

 </appSettings>

Save it and you are done. Feel free to experiment with the line length until you get the report view just right. 

If you're like most of us, you have better things to do than go through your nightly config backup report looking for the devices that have changes.

In fact, this has been brought up numerous times on thwack - Config change report with ONLY changed configs.

The good news is  - there's a super easy way to solve the problem. Just select "Send config change details in a separate email" and you'll receive the whole job report as one email, and just the things that changed in a separate email.  This option has been available in NCM since v5.5, but it's easy to miss so we wanted to bring it to your attention. 

Filter Blog

By date: By tag:

SolarWinds uses cookies on its websites to make your online experience easier and better. By using our website, you consent to our use of cookies. For more information on cookies, see our cookie policy.