Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn how to install, maintain, operate and troubleshoot CiscoWorks LAN Management solution with Cisco experts Svetlana Radzevich and Geert Cober. Svetlana has been a customer support engineer at the Cisco Technical Assistance Center in the Network Management team for five years. She holds a bachelor's degree in computer science from Tomsk Polytechnical University, Russia, and a master's degree in computer science from Saarland University, Germany. Geert is also a customer support engineer at the Cisco Technical Assistance Center. He currently works in the Network Management team, supporting customers on the Cisco LAN Management Solution (LMS), Cisco Unified Operations Manager, Cisco Network Analysis Module, Simple Network Management Protocol, and Cisco IOS IP Service Level Agreements technology. He has 10 years experience in troubleshooting Cisco LMS and has delivered multiple sessions on deploying and troubleshooting Cisco LMS at Cisco Live.
Remember to use the rating system to let know if you have received an adequate response.
Geert and Svetlana might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Network Management discussion forum shortly after the event. This event lasts through April 8, 2011. Visit this forum often to view responses to your questions and the questions of other community members.
Thanks for the Ask the Experts forum.
Why would my Ciscoworks LMS 4.0.1 be causing the following:
Mar 25 18:28:32.801 GMT: %PARSER-5-CFGLOG_LOGGEDCMD: User:ciscoworks logged command:!exec: enable failed
I see the message over and over - several per minute.
The device having this issue is a 2811 running IOS Version 12.4(25b).
User "ciscoworks" is a RO user defined in TACACS. I haven't noticed the log message on other devices managed by this server. Those deivces use the same TACACS server and have the same vty acls.
The syslog message indicates that the config logger is enabled on the device and LMS is trying to enter enable mode. LMS expects to have privilege level 15 on the devices. If you would like to avoid these messages, you can increase the privilige level for the ciscoworks user to 15 on the TACACS server, or you can disable the config logger on the device.
You may not see the same syslog message on the other devices if the config logger is not enabled or if the device software does not support config logger.
Is it possible for me to configure LMS 4.0 to use the hostname as the device name in DFM?
Can I configure lms to send the hostname of device in a fault notification email.
if you have DNS server where all devices are configured, you could try the following:
1. stop the CiscoWorks
2. open discovery.conf file under $NMSRoot\objects\smarts\conf\discovery and change:
NameFormat = "TM_USESEEDNAME"
#NameFormat = "TM_USEAUTONAME"
#NameFormat = "TM_USESEEDNAME"
NameFormat = "TM_USEAUTONAME"
3. start the CiscoWorks and once all processes are up rediscover the device.
You could include the devicename/ip address in the Fault email subject under Admin -> Network -> Notification and Action Settings -> Fault - E-mail subject customization.
Thanks for your reply.
The devices are not in DNS. The device names are shown in DCR but the device name in DFM is the IP address. As a result when the alerts are send the ip address for the device is shown in the device name section of the email.
What is a user defined field?
I saw a user-defined field in the alert customization and I was wondering if I could create a user-defined field to capture the hostname of a device and send this on the fault email alert.
DCR supports up to 10 user-defined fields. These fields are used to store additional user-defined data for a device. For instance, you could store the hostname of the device as user defined field if you wish. LMS initially provides four user-defined fields. You can add up to 10 user-defined fields as needed under Admin > Network > Device Credential Settings > User Defined Fields.
In order to specify the value for the user-defined field you should go to Inventory -> Device Administration -> Add/Import/Manage Devices, specify a device and click "Edit Credentials" button. The fifth step in Edit credentials are "User Defined Fields"
Hi Svetlana, Hi Geert,
Is there a way to rediscover a device in DFM using cli?
Regarding the thirdparty device support in LMS4, is there anything new in Campus and DFM?
Few more questions:
I have a number of devices working apparently fine in all LMS applications except DFM.
After having removed the discovered the SNMP v3 engineID from the DCR on request of the TAC, I'm now adding it again, again on request of the TAC but without the ":" colon symbols that we in there.
What is the purpose of these engineID's and what is the impact of having a static engineID in the DCR, if there is any impact?
We use 2 nexus 7000's as the default gateway routers for a network. I noticed a patch is available for LMS 3.2 but the description is not visible for me.
Do I need a similar path for LMS 4?
I know that in SNMP v3 we need to define a SNMP context to read the mac table for that VLAN for usertracking.
Do I need the same context to read the ARP table per VLAN or has this remained generic?
I'm still looking to see how to create the snmp context on the NEXUS 7K. If you have any hints or can confirm it can't be done please say so.
Later is not LMS so I'll go find another tree to bark at
The SNMP EngineID is used to identify the snmp agent. If you leave the EngineID empty in DCR, LMS needs to discover the EngineID of the device before it can perform any snmp requests. This means that you will have one extra snmp request and one extra reply when you leave the EngineID blank. If you manually add the EngineID in DCR, LMS can poll the device without having to discover the EngineID.
Can I have the name of the patch that you mentioned, so I can look it up?
There is no need to add the vlan contexts in order to read the ARP table. You need to add the vlan context to read the bridge tables on your switches because switches keep a separate forwarding table for every vlan. There is only one ARP table, so there is no need for vlan contexts.
In LMS it says:
Now Available! Patch for Nexus 7K User Tracking support
The bugid is:CSCtl10414
No doubt you can see what this is.
Can the EngineID change? And what will happen if an old EngineID is still in the DCR?
The EngineID does not change automatically, but you can change it manually in IOS with the snmp-server engineID command:
(config)#snmp-server engineID local ?
WORD engine ID octet string
When the EngineID changes, you need to update the EngineID in DCR as well (or leave it blank to let LMS discover the EngineID).
The patch adds UserTracking support for Nexus 7K. The Nexus 7K platform was not supported in user tracking. The patch allows User tracking to collect end hosts and ip phones connected to Nexus 7K devices. The fix is also included in LMS 4.0.1.
I've made the CSCtl10414 bug public. You should be able to view the bug details on cisco.com when the bug toolkit gets updated.
to rediscover the device you need:
1. to verify which DFM instance is monitoring your device (DFM or DFM1):
$NMSRoot\objects\smarts\bin> dmctl -s DFM geti ICIM_UnitaryComputerSystem
$NMSRoot\objects\smarts\bin> dmctl -s DFM1 geti ICIM_UnitaryComputerSystem
2. attach dmctl to DFM or DFM1:
$NMSRoot\objects\smarts\bin> dmctl -s DFM
DFM default password is admin/admin
3. run the command:
dmctl> invoke ICF_TopologyManager::ICF-TopologyManager rediscover Router::
dmctl> invoke ICF_TopologyManager::ICF-TopologyManager rediscover Switch::
Regarding the thirdparty device support - I am not aware about any changes. You could check the supported devices in LMS 4.0 at http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.0/device_support/table/lms40sdt.html
Thank you Svetlana,
Your explanation for DFM is very clear.
I'm thinking of using the same "automated actions" mechanism used to trigger a new inventory collection to do the a rediscovery on the DFM side.
The supported devices table only mentions cisco devices.
The doc https://supportforums.cisco.com/docs/DOC-14507 mentions device that are recognized by LMS.
I was hoping there might be more info somewhere on what the rest of LMS can do with these devices. E.g. RME being able to detect inventory changes, or Campus to see where a device is connected
I have an ASR 1002 running IOS-XE 12.2(33)XNE2. As I understand it, the second memory pool (lsmp_io) should normally be almost entirely allocated. That is, something like this:
cv-wstn-edge-01#sh mem summary
Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
Processor 2C084008 726739464 237823980 488915484 477714384 476528380
lsmpi_io 577C61D0 6295088 6294120 968 968 968
However, DFM does not like the looks of that condition and thus reports:
Fault Last Updated At
Component Event Code
Free Memory Pct
Free Memory Threshold
Is there a way to suppress that alarm or tune it for that type of memory only? I know I can change the threshold value for ALL types of memory but that would prevent me from getting legitimate memory-related faults on non-IOS-XE devices.
you are right, the amount of free memory on lsmp_io memory pool is very low. However, it is not possible to tune DFM to stop reporting insufficient memory only for this type of memory.
I have a few questions regarding LMS 4.0 after spending some time exploring the evaluation version.
1. Is there any way to permanently unmanage some devices, so that LMS won't try to download their configuration, yet it will still keep track of their availability? I keep unmanaging devices using Inventory > Manage Device State, getting this message every time:
"Any subsequent change to Manage All Devices option or a change in Policy in Manage By Groups option will move the Unmanaged devices to managed state. Do you wish to continue?"
I click "Yes", of course, and the devices are switched to "unmanaged", but after some time they return to the managed state and the config collection job fails. I'm not using any custom Device Groups at all so I have no clue as for the reason why the devices switch back to managed state.
2. For some reason, Reports > Contract Connection only worked for me until I restarted the LMS machine for the first time after completing installation. Since then, after entering my CCO credentials, I get the following error message:
"CCX0005:You do not have Cisco Services contracts registered to your Cisco.com user ID. Register your contracts with the Cisco Service Contract Center and try again. For more information, refer to Contract Connection FAQ in the Appendix of the user guide Administration of CiscoWorks LMS"
I *do* have contracts registered to my user ID. Even better, Contract Connection worked fine shortly after installation, now it won't talk to me. Is that a known issue? Are there any workarounds? I've tried several other CCO IDs as well, to no avail.
3. Is there any way to generate an e-mail once a certain SNMP trap has been received for a given host? So far I have only managed to generate e-mails upon receival of a specific SYSLOG message, but that's not what I want.
4. Is there any correlation between Cisco Security Manager (CSM) and LMS? AFAIK, they share the Resource Manager Essentials module, but apart from that, do these two products share any features? I can't test drive CSM right now and basically I would like to know if there is any point installing CSM when you already have LMS running.
Thanks in advance for your support!
You can enable and disable certain management functions like Topology, Usertracking, Faults and IPSLA under Admin> System> Device Management Functions, but these settings apply to all the devices. You cannot enable or disable these management functions for only some of the devices.
If you would like to disable the configuration archive for some of the devices, you can disable the Periodic Polling and Periodic Collection under Admin> Collection Settings> Config> Config Collection Settings. Then go to Configuration> Configuration Archive> Synchronization and only select the devices that you would like to archive. Select Run Type: Daily or Weekly to make the config archive periodic.
For the contract connection issue, try logging into the following urls with your cco account:
These urls should show you your contracts. If not, then the problem is with your cco account, not LMS and I would recommend to contact your account manager or firstname.lastname@example.org.
You can have LMS generate an email when a fault condition occurs on a certain device. First go to Admin> Network> Notification and Action Settings> Fault Notification Group to select the devices and faults that you are interested in and then go to Admin> Network> Notification and Action Settings> Fault - Email notification to set up the email recipients. Please note however that LMS will only send an email when it receives a trap that it processes (environment traps, linkup/down traps, etc.). You cannot configure LMS to send all traps as email notifications. Here is a list of traps that LMS processes:
LMS and CSM only share Common Services and RME. Other than that, they are separate products with separate functions.
Thank you for your precise answers, they were very helpful. I have one more question about LMS & CSM. Suppose there is a machine powerful enough to run LMS & CSM at the same time. Would these two work together on one workstation? Or are they using the same ports (or at least a subset of ports) etc. and thus have to be installed on separate hosts?
We do not support running LMS and CSM on the same server. The problem is not just with port conflicts, but also with the Common Services versions. LMS usually supports a later version of Common Services than CSM. So if you have LMS and CSM using the same Common Services then you will not be able to upgrade your LMS until CSM supports the same Common Services version.
A better option is to run VMWare on the server and install LMS and CSM in a separate virtual machine.
Thanks for the great help so far.
DFM appears to poll every IP interface on the discovered devices. My problem is that I have a number of interfaces that are, by design, not routable remotely (i.e., including to my LMS server). Currently all of those interfaces are reported as faults in DFM. Can I "unmanage" individual IP interfaces while continuing to monitor reachability of the device?
You can disable the IP address monitoring for each interface through Detailed Device View:
- Go to DFM > Device Management > Device Details
- Select the device
- Click View
- Click on the device name to open Detailed Device View
- Select InterfaceStatus -> Interface
- Set the Managed State of the IP addresses that are not routable to False
- Click Submit
Thanks for your earlier suggestions regarding DFM.
Now that I have my faults pared down to the important ones, I am wondering why the fault listing / table (19 faults, no filters applied) does not match the banner in LMS. I'm talking about the little banner - screen shot attached - at the top center of LMS. It indicates 62 faults despite the fact that I only have 19.
Instead of clicking on the alarms link in the faults bar, try listing the alarms with Monitor> Monitoring Tools> Fault Monitor> Device Fault Summary View. The number of faults should be the same. Please note that the faults bar only counts the active alarms and only refreshes every 60 seconds.
Thanks for the suggestion. Unfortunately,I am continuing to see the same discrepancy when I list the alarms using the procedure you suggested (Monitor> Monitoring Tools> Fault Monitor> Device Fault Summary View).
At the moment my faults bar is showing 61 critical alarms while the listing only shows 19.
Try a restart of the Daemon Manager to force a refresh of the faults count. If that does not resolve the problem, I would recommend opening a TAC case against this so we can investigate this further.
i have LMS 3.0 kit and bougt license to upgrade to LMS 4.0 The lincese description shows " upgrade LIC for LMS 2.x,3.x,to 4.0 1.5K Devices , Base Kit Required " . Can yuou please advise me what steps do i need to follow to install LMS 4.0. We used have version 3.0 in our network, now we have uninstalled from our server, i want to install fresh copy of verison 4.0, Also advise me how to update the license once i install the LMS 4.0.
your earliest response would be appreciated.