Table Of Contents

Using the Cisco IPICS CLI Tools and Service Commands

Understanding the CLI-Based Tools

Using the CLI-Based Tools

Changing the Server IP Address With the modify_ip Tool

Unlocking or Enabling a Locked or Disabled User With the enableuser Tool

Resetting, Changing, or Creating a Password With the reset_pw Tool

Configuring and Checking Cisco IPICS Network Processes With Service Commands

Using the Cisco IPICS CLI Tools and Service Commands

---

This chapter describes the command-line interface (CLI) tools and service commands that are available in Cisco IPICS. You use the tools to fix system problems. You use the service commands to start, stop and restart the Cisco IPICS network processes.

This chapter includes the following sections:

•Understanding the CLI-Based Tools

•Using the CLI-Based Tools

•Configuring and Checking Cisco IPICS Network Processes With Service Commands

Understanding the CLI-Based Tools

The CLI-based tools that are bundled with Cisco IPICS allow you to change the IP address for the server, perform password resets for a subset of users, and enable a user that has been locked out.

Table 5-1 lists the Cisco IPICS CLI-based tools.

Table 5-1 CLI-Based Tools That Are Used with Cisco IPICS 

Log Name	Description
modify_ip	This tool changes the IP address for your server. If you do not use the modify_ip tool to change the server IP address, the /etc/hosts file might not get updated with your new IP address, which can cause license and connectivity problems. See the "Changing the Server IP Address With the modify_ip Tool" section for information about the modify_ip tool.
enableuser	This tool enables a user that has been disabled, or unlocks a user that has been locked out. See the "Unlocking or Enabling a Locked or Disabled User With the enableuser Tool" section for information about the enableuser tool.
reset_pw	This tool resets the ipics password, creates the ipicsadmin and informix passwords, and changes the root password. See the "Resetting, Changing, or Creating a Password With the reset_pw Tool" section for information about the reset_pw tool.

Using the CLI-Based Tools

This section contains instructions on how to use the CLI-based tools and includes the following topics:

•Changing the Server IP Address With the modify_ip Tool

•Unlocking or Enabling a Locked or Disabled User With the enableuser Tool

•Resetting, Changing, or Creating a Password With the reset_pw Tool

Changing the Server IP Address With the modify_ip Tool

Perform the following procedure to change the IP address of the server:

Procedure

---

Step 1 Log in to the Cisco IPICS server by using the root user ID.

Step 2 To change your IP address, enter the following command:

[root]# modify_ip

The system displays the following text:

Use this tool to faciliate changing the Cisco IPICS server network 
settings, such as IP address or host name.  

To change the current settings, enter the new values below.  To accept 
the existing values without making any changes, press Enter.

ip address for interface eth0[x.x.x.x]:

Step 3 Enter the IP address for your server; then, press Enter.

---

Note If you have an existing value for this field, or for any of the fields in the following steps, the data in the square brackets displays the current value. Press Enter without entering any value to retain the existing value.

---

The system displays the following text:

Subnet mask for interface eth0[]:

Step 4 Enter the subnet mask for your IP address; then, press Enter.

Step 5 The system displays the following text:

default gateway[]:

Step 6 Enter the default gateway for your network; then, press Enter.

The system displays the other fields that you configure to ensure network connectivity.

Step 7 Enter the host name, domain name, primary DNS server and (optional) any secondary DNS servers at the command line when you are prompted. Press Enter after each entry.

---

Note Make sure that you also update your DNS servers if you want to access Cisco IPICS by using the host name.

---

The system displays the following text:

Enter Y to confirm the new settings[No]:

Step 8 Press Y; then, press Enter to confirm the entries.

---

Note If you press No, or press Enter with no text, the system returns you to the beginning of the configuration steps, starting with Step 3.

---

The system displays the following text:

The tool is now ready to modify your system configuration. 

After changing the configuration files, the tool will initiate a 
system shutdown and restart the server.

If you are using a network connection, your session will be 
interrupted and you will need to 

reconnect by using the new settings:

    IP Address: 10.1.1.1       Hostname: myhostname

Enter Y to proceed with these values or N to cancel[N]:

Step 9 Enter Y; then, press Enter to confirm your choices and reboot the server.

The server reboots and returns you to Login screen.

---

Unlocking or Enabling a Locked or Disabled User With the enableuser Tool

A user can be locked out or disabled in the following ways:

•The number of invalid login attempts exceeded the number of maximum attempts, and Cisco IPICS automatically locked out the user. For more information, refer to the "Performing Cisco IPICS System Administrator Tasks" chapter in the Cisco IPICS Server Administration Guide, Release 2.0(1).

•A user with Operator or All privileges manually locked out or disabled the user. For more information about locking out or disabling a user, refer to the "Performing Cisco IPICS Operator Tasks" chapter in the Cisco IPICS Server Administration Guide, Release 2.0(1).

When a user is disabled, Cisco IPICS disallows any endpoint devices from logging in to the system; any existing login sessions, such as PMC, dial-in, and Administration Console, are automatically terminated.

When a user is locked out, Cisco IPICS disallows any new logins; existing logins continue to work until the user logs out of the system.

Perform the following procedure to unlock or enable a user:

Procedure

---

Step 1 Log in to the Cisco IPICS server by using the root user ID.

Step 2 To log in as the informix user, enter the following command:

[root]# su - informix

Step 3 To unlock or enable the user, enter the following command:

[informix]# enableuser <user-id>

where:

<user-id> represents the user ID that you would like to unlock or enable.

---

Note Enter the user ID in all lower case letters.

---

---

Resetting, Changing, or Creating a Password With the reset_pw Tool

If you need to reset the ipics password, create the ipicsadmin or informix passwords, or change the root password, perform the following procedure:

---

Step 1 Log in to the Cisco IPICS server by using the root user ID.

Step 2 To reset, change or create a password, enter the following command:

[root]# reset_pw

The system displays the following text:

Select the user name for password reset:

1) ipics

2) ipicsadmin

3) informix

4) root

5) quit

Step 3 To reset, create or change a password, perform one of the following actions:

•Enter 1 to reset the password for the ipics user.

•Enter 2 to create the password for the ipicsadmin user.

•Enter 3 to create the password for the informix user.

•Enter 4 to change the password for the root user.

The system prompts you to enter a new password for the user.

Step 4 Enter a new password for the user; then, press Enter.

---

Note To ensure a strong password, you must create a password that is at least eight characters long, and includes the following elements:

---

–At least one lower case letter

–At least one upper case letter

–At least one number

–At least one of the following special characters:

@ [ ] ^ _ ` ! " # $ % & ' ( ) * + , - . / : ; { < | = } > ~ ?

The system prompts you to reenter the new password.

Step 5 Reenter the new password for the ipicsadmin or informix user; then, press Enter.

Cisco IPICS changes the ipicsadmin or informix user password. To test the new password, log in to the server by using the ipicsadmin or informix user ID.

---

For more information about the ipicsadmin and informix users, see the "Glossary" chapter of this document.

Configuring and Checking Cisco IPICS Network Processes With Service Commands

Service commands start, stop or restart network processes that are used with Cisco IPICS, such as the tomcat service or the license manager. You can also check the status of the network processes with some service commands.

For more information about network processes and the commands that are described in this section, see the "Troubleshooting Cisco IPICS Network Processes" section.

Table 5-2 lists the service commands that you use with Cisco IPICS.

Table 5-2 CLI-Based Tools That Are Used with Cisco IPICS 

Log Name	Description
service ciscosec {start | stop}	This command starts and stops the Cisco Security Agent (CSA). For more information about starting and stopping CSA, see the "Performing CSA Procedures" section.
service ipics {start | stop | restart | status}	This command allows you to start, stop, restart, and check the status of the Cisco IPICS policy engine (known hereafter as policy engine) and the tomcat service. For more information about the policy engine, refer to the "Using the Cisco IPICS Policy Engine" chapter in the Cisco IPICS Server Administration Guide, Release 2.0(1).
service ipics_db {start | stop | restart | status}	This command allows you to start, stop, restart, and check the status of the database server. For more information about the database server, refer to the "Understanding the Cisco IPICS Databases" section in the "Performing Cisco IPICS Database Backup and Restore Operations" chapter in the Cisco IPICS Server Administration Guide, Release 2.0(1).
service ipics_lm {start | stop | restart | status}	This command allows you to start, stop, restart, and check the status of the license manager. For more information about licenses and the license manager, refer to the "Managing Licenses" section in the "Performing Cisco IPICS System Administrator Tasks" chapter in the Cisco IPICS Server Administration Guide, Release 2.0(1).
service ipics_tomcat {start | stop | restart | status}	This command allows you to start, stop, restart, and check the status of the tomcat service. The tomcat service is the Web server for Cisco IPICS and enables access to the Administration Console. For more information about the tomcat service, see the "Performing Tomcat Service Procedures" section.
service ippe_dial_engine {start | stop | status}	This command allows you to start, stop, and check the status of the dial engine. For more information about the dial engine, refer to the "Configuring and Managing the Cisco IPICS Policy Engine" chapter in the Cisco IPICS Server Administration Guide, Release 2.0(1).