Discovery 7: Lab - Basic Administration

Time for a lab activity!

Introduction
Complete this lab exercise to practice what you learned in the “Performing Basic Administration” section of this
course. In this activity, you will learn how to create and manage location groups and virtual domains, and configure
users and user settings.

Lab Topology
Task 1: Create a Location Group
The purpose of this task is to create dynamic location groups that can be used to group devices. Device groups are
especially useful when you are using the topology maps.

Activity Procedure
Complete these steps:

Step 1
From the jump host, open the Google Chrome web browser and click the Cisco EPN Manager bookmark
(https://epnm-40.lab.local) on the toolbar to access your Cisco EPN Manager server.

Step 2
Log in as user root with the password Pass1234.

Step 3
From the menu, choose Inventory > Group Management > Network Device Groups.
Step 4
The Network Device Groups page is displayed. In the Device Groups (left) pane, click the + icon and choose
Create Location Group.

Step 5
Add a group name for the location of Core.
Step 6
To add the PE and XRv9K device to the group, you can use the Add Devices Dynamically feature.

From the Select drop-down menu, choose Device Name, and enter PE in the text entry box.

Step 7
To add the XRv9K devices, click the + icon to add a new line, and change the operator from And to Or. Create
the rule Device Name contains XRv.

Step 8
Click the Preview tab to verify that the correct devices were added to your location group. You will see six core
devices listed.

Step 9
Click Save.

The newly created location group appears in the Location > All Locations folder.
Step 10
Repeat this procedure to add another location group for the optical devices.

Step 11
You will now see both newly created location groups in the Location > All Locations folder.

Step 12
To see a listing of the devices in each group, navigate to Inventory > Device Management > Network Devices
and expand Location and All Locations. Then choose your location group. The member devices are listed in
the pane at the right.
Activity Verification
You have completed this task when you attain this result:
You have successfully created two location groups and added the appropriate devices to each group.

Task 2: Create a Virtual Domain

The purpose of this task is to create and assign objects to a virtual domain.

Activity Procedure
Complete these steps:

Step 1
From the menu, choose Administration > Users > Virtual Domains.

Step 2
In the Virtual Domains pane on the left, choose ROOT-DOMAIN, and click the + icon.

Step 3
Add a unique name for the domain: CoreOnly.

Step 4
Optionally, enter a time zone, an email address, and a description.

Step 5
You can add objects to a domain by clicking the tabs. In this case, click the Network Devices tab and then click
+ Add.

Step 6
Choose all the PE and XRv9K devices to assign to this domain, and click Select.
Step 7
When all objects have been configured, click Submit.
Step 8
A Summary dialog box is displayed. If it is correct, click Save.

This new virtual domain will be used in a later task.

Activity Verification
You have completed this task when you attain this result:
You have created and assigned objects to a virtual domain.

Task 3: User Settings

The purpose of this task is to configure account settings.

Activity Procedure
Complete these steps:

Step 1
From the jump host, open the Google Chrome web browser and click the Cisco EPN Manager bookmark
(https://epnm-40.lab.local) on the toolbar to access your Cisco EPN Manager server.

Step 2
Log in as user root with the password Pass1234.

Step 3
From the menu, choose Administration > Users > Users, Roles & AAA.

Step 4
Choose AAA Mode Settings from the submenu. Note the options.

Step 5
Choose Active Sessions from the submenu. Note your session.
Step 6
Click the Audit Trail icon to view your past actions.

Step 7
Choose Local Password Policy from the submenu. Note the various rules. Remember that any changes made
are global.

Step 8
Choose User Groups from the submenu. Click System Monitoring. Scroll down to Reports to view the types of
reports that this user group is able to run.

Note: This step is very important in day-to-day operations to ensure that operators have the privileges necessary
 to do their jobs. This includes selecting the reports that this type of user would be able to run.

Step 9
There are 50 user-defined groups to customize for an environment. Click one of the 50 groups to see all possible
tasks. Note the default selected tasks.

Step 10
Return to the User Groups dialog box and click Task List to the right of the group name to view the TACACS+
and RADIUS attributes associated with each task in the group. These attributes must be copied to the external
TACACS+ or RADIUS server to allow for external authorization (AAA mode set, using AAA Mode Settings).

Activity Verification
You have completed this task when you attain this result:
You have set various user account attributes associated with authentication and authorization.

Task 4: Create Users

The purpose of this task is to create user accounts.

Activity Procedure
Complete these steps:

Step 1
If the User, Roles & AAA page is not already displayed, choose Administration > Users > Users, Roles & AAA
from the menu.

Step 2
Choose Users from the submenu. A list of existing users is displayed.

Step 3
From the menu bar, choose Add User.

Step 4
Create a new user, name the user MyAdmin, and use the password Pass1234. Enter the email example
[email protected], and check the check boxes of the groups Super Users and Admin to assign them to the user.
Step 5
Click the Virtual Domains tab and assign the ROOT-DOMAIN virtual domain.

Step 6
Click Save to create the user. Notice the success message at the top of the page.

Step 7
Create a second user, called MySysMon, with the password Pass1234 and the email address
[email protected], and assign the System Monitoring user group.
Step 8
Assign the virtual domain that you created earlier (CoreOnly). Click Save to create the user.

Step 9
Log out of Cisco EPN Manager (click the Gear icon in the upper-right corner).

Step 10
Log in with your MySysMon user account.

Step 11
Click OK in the change password pop-up window, and click Okay, got it to clear the screen overlay.

Notice that the Getting Started tasks are not displayed on your temporary home page.
Step 12
Choose Network Summary Dashboard as your new home page, and click Save and Launch Homepage.

Step 13
From the menu, choose Inventory > Device Management > Network Devices.
Note the devices that are listed. Why aren’t all devices listed?

A: Because we selected the CoreOnly virtual domain

Step 14
Log out of this account and log in to your Super User account (MyAdmin).
Step 15
Verify that you can see all the devices, and then log out of Cisco EPN Manager.

Activity Verification
You have completed this task when you attain this result:
You have successfully created two user accounts.

© 2023 Cisco y/o sus filiales. Todos los derechos reservados. Contenido impreso de g.pereira