4 Configuring the Environment

This chapter explains the steps required to configure Oracle Communications Convergent Charging Controller Service Management System (SMS).

This chapter contains the following topics.

• Configuration Overview
• Configuring the Resource Group in the Clustered Environment
• Configuring Replication Files
• Configuring the Oracle Wallet
• Creating the Oracle Wallet Automatically by Using setupOracleWallet.sh
• Configuring the Oracle Listener
• Configuring the SNMP Agent
• Configuring Connections for CORBA Services
• SMF AlarmMessage Format
• Defining the Screen Language
• Defining the Help Screen Language
• Assigning the Oracle Profile to New Users
• Setting up the Screens
• Configuring Nodes
• Installing the applications
• Configuring LDAP based SMS Login

Configuration Overview

This topic provides a high level overview of how the SMS application is configured. Configuration details for individual processes are located with the documentation for that process.

Configuration Process Overview

To configure SMS for the first time:

1. The environment SMS runs in must be configured correctly. This includes:
   • If the directory SMS was installed into was not the recommended directory, setting the root directory
   • If this was a clustered installation, configuring the resource groups
   • Configuring the Oracle wallet
   • Configuring the Oracle listener
   • Configuring the SNMP agent
   • Configuring connections for CORBA services
   • Configuring the location of the EDR directories
   • Configuring the smf_oper profile
   • Configuring the webserver
2. The replication groups must be configured.
3. If the default language for the SMS Java administration screens need changing, the new default language must be configured.
4. If the default language for the help system for the SMS Java administration screens needs changing, the new default language must be configured.
5. The SMS screen-based configuration must be completed. This includes checking node configuration and statistics configuration.

Configuration Components

SMS is configured by the following components:

Table 4-1 Configuration Components

Component	Locations	Description	Further Information
SMS Java Administration screens	SMS	The SMS screens provide a graphical interface for configuring many parts of SMS including: Replication Statistics Alarm filtering Reports	Service Management System User's Guide
replication.def	All machines with running replication agents	This file specifies the configuration parameters for replication. These parameters may also be specified on the command-line for each application.	replication.def File
replication.config	All machines with running replication agents	This file holds a binary version of the configuration held in the SMF. It is copied out to all machines and is required by all replication agent.	unresolvable-reference.html#GUID-74FDDECE-E835-4B53-BDCF-47A6A630CD73
logjob.conf	All SMSs	This file is automatically generated when the smsSms package is installed.	logjob.conf
snmp.cfg	All SMSs	This file configures the SNMP agent's details.	Configuring the SNMP Agent
repsib.cfg	All SLCs	This is the template file for the updateRequester program. Other applications typically append template definitions to this file when they are installed, and remove them when they are uninstalled.

About Configuration for Secure SSL Connection to the Database

Convergent Charging Controller supports secure network logins through Secure Socket Layer (SSL) connections from the Convergent Charging Controller UI to the database. SSL is the default method for connecting to the database when you install Convergent Charging Controller.

To enable SSL connections to the database, the following additional configuration must be set in the smsGui.bat/smsGui.sh file:

• The jnlp.sms.secureConnectionDatabaseHost Java application property (on non-clustered systems) or the jnlp.sms.secureConnectionClusterDatabaseHost Java application property (on clustered systems) must specify the database connection in the CONNECT_DATA part. In addition the PROTOCOL part must be set to TCPS and the PORT part must be set to 2484.

If present, the jnlp.sms.EncryptedSSLConnection Java application property should be set to true. The Convergent Charging Controller UI connects to the database by using encrypted SSL connections by default.

Note:

If you are using non-SSL connections to the database then you must set EncryptedSSLConnection to false. When EncryptedSSLConnection is set to false, the secureConnectionDatabaseHost and the secureConnectionClusterDatabaseHost parameters are ignored.

For more information, see Java Application Properties.

In addition, to enable SSL connections to the database:

• The Oracle wallet that identifies the database server must be created on the SMS node, and its location must be specified in the listener.ora and sqlnet.ora files. For more information, see Configuring the Oracle Wallet.
• The listener.ora file must be changed to additionally listen on port 2484 by using the TCPS protocol for secure SSL connections to the database. For more information, see Configuring the Oracle Listener.

Note:

The standard Oracle listener TCP port is 1521. However, SSL connections use the standard port for the TCPS protocol, port 2484 instead. If there is a firewall between screen clients and the SMS then you will need to open port 2484 in the firewall.

Configuring the Resource Group in the Clustered Environment

Certain tasks performed by the cluster require only one instance running across all cluster nodes. For example, an application which modifies a shared data source. There must be a mechanism in place to monitor the running processes and make sure they are restarted when problems arise. This is similar to normal UNIX inittab functionality with the caveat that a process can be restarted on any of the cluster nodes (failover).

Configuration of resource groups must be completed on each node in the cluster.

Starting the Webserver Failover

To start the httpd failover:

1. Change to the ESERVHttpd directory.

   Example command: cd /opt/ESERVHttpd

2. Read the readme file.
3. Change to the util directory within the httpd directory.

   Example command: cd util/

4. Start httpd failover using the following command:

   startHttpd -h hostname -p "port/tcp"

   Where:

   • hostname is the shared hostname for the SMS cluster
   • port is the port number the webserver accepts httpd requests on

   Example command: startHttpd -h smpVirtualCluster -p "80/tcp"

For more information about shared hostnames for clustered machines, see the Oracle documentation.

Starting the Sshd Failover

To start the sshd failover:

1. Change to the ESERVSshd directory.

   Example command: cd /opt/ESERVSshd

2. Read the readme file.
3. Stop the sshd.

   Example command: /etc/init.d/sshd stop

4. Change to the util directory in ESERVSshd.

   Example command: cd util/

5. Start sshd failover using the following command:

   startSshd -h hostname -p "port/tcp"

   Where:

   • hostname is the shared hostname for the SMS cluster.
   • port is the port number the sshd should be running on.

   Example command: startHttpd -h smpVirtualCluster -p "80/tcp"

For more information about shared hostnames for clustered machines, see the Oracle documentation.

Starting the smsAlarmDaemon Failover

To start the smsAlarmDaemon failover:

1. Unset the $HOSTNAME environmental variable.

   Example commands:

   echo $HOSTNAME

   unset HOSTNAME

   echo $HOSTNAME

2. Change to the OracleSmsAlarmDaemon/util directory.

   Example command: cd /opt/OracleSmsAlarmDaemon/util

3. Start the smsAlarmDaemon.

   Example command: ./startSmsAlarmDaemon

   Result: The following information is sent to stdout:

   Creating a scalable instance ...
   Registering resource type <Oracle.SmsAlarmDaemon>...done.
   Creating scalable resource group <SmsAlarmDaemon-sarg>...done.
   Creating resource <SmsAlarmDaemon-sars> for the resource type <Oracle.SmsAlarmDaemon>...done. 
   Bringing resource group <SmsAlarmDaemon-sarg> online...done.

Starting the smsAlarmRelay Failover

To start the smsAlarmRelay failover:

1. Change to the OracleSmsAlarmRelay directory

   Example commands: cd /opt/OracleSmsAlarmRelay

2. Read the readme file
3. Change to the util directory in the OracleSmsAlarmRelay

   Example command: cd util

4. Start the smsAlarmRelay.

   Example command: ./startSmsAlarmRelay

   Result: The following information is sent to stdout:

   Creating a failover instance ...
   Registering resource type <Oracle.SmsAlarmRelay>...done.
   Creating failover resource group <SmsAlarmRelay-harg>...done.
   Creating resource <SmsAlarmRelay-hars> for the resource type <Oracle.SmsAlarmRelay>...done. 
   Bringing resource group <SmsAlarmRelay-harg> online...done.

Starting the smsNamingServer Failover

To start the smsNamingServer failover:

1. Change to the OracleSmsNamingServer/util directory

   Example command: cd /opt/OracleSmsNamingServer/util

2. Start smsNamingServer failover.

   Example command: ./startSmsNamingServer

   Result: The following information is sent to stdout:

   Creating a scalable instance ...
   Registering resource type <Oracle.SmsNamingServer>...done.
   Creating scalable resource group <SmsNamingServer-sarg>...done.
   Creating resource <SmsNamingServer-sars> for the resource type
   <Oracle.SmsNamingServer>...done.
   Bringing resource group <SmsNamingServer-sarg> online...done.

Starting the smsReportScheduler Failover

To start the smsReportScheduler failover:

1. Change to the OracleSmsNamingServer/util directory

   Example command: cd /opt/OracleSmsReportScheduler/util

2. Start smsReportScheduler failover.

   Example command: ./startSmsReportScheduler

   Result: The following information is sent to stdout:

   Creating a failover instance...
   Registering resource type <Oracle.SmsReportScheduler>...done.
   Creating failover resource group <SmsReportScheduler-harg>...done.
   Creating resource <SmsReportScheduler-hars> for the resource type 
   <Oracle.SmsReportScheduler>...done.
   Bringing resource group <SmsReportScheduler-harg> online...done.

Starting the smsReportsDaemon Failover

To start the smsReportsDaemon failover:

1. Change to the OracleSmsReportsDaemon/util directory.

   Example command: cd /opt/OracleSmsReportsDaemon/util

2. Start the smsReportsDaemon failover.

   Example command: ../startSmsReportsDaemon

   Result: The following information is sent to stdout:

   Creating a scalable instance ...
   Registering resource type <Oracle.SmsReportsDaemon>...done.
   Creating scalable resource group <SmsReportsDaemon-sarg>...done.
   Creating resource <SmsReportsDaemon-sars> for the resource type
   <Oracle.SmsReportsDaemon>...done.
   Bringing resource group <SmsReportsDaemon-sarg> online...done.

Starting the smsStatsThreshold Failover

Follow these steps to start the smsStatsThreshold failover:

1. Change to the OracleSmsStatsThreshold/util directory.

   Example command: cd /opt/OracleSmsStatsThreshold/util

2. Start the smsStatsThreshold failover.

   Example command: ./startSmsStatsThreshold

   Result: The following information is sent to stdout:

   Creating a failover instance ...
   Registering resource type <Oracle.SmsStatsThreshold>...done.
   Creating failover resource group <SmsStatsThreshold-harg>...done.
   Creating resource <SmsStatsThreshold-hars> for the resource type 
   <Oracle.SmsStatsThreshold>...done.
   Bringing resource group <SmsStatsThreshold-harg> online...done.

Starting the smsTaskAgent Failover

Follow these steps to start the smsTaskAgent failover.

1. Change to the OracleSmsStatsThreshold/util directory.

   Example command: cd /opt/OracleSmsTaskAgent/util

2. Start the smsTaskAgent.

   Example command: ./startSmsTaskAgent

   Result: The following information is sent to stdout:

   Creating a scalable instance ...
   Registering resource type <Oracle.SmsTaskAgent>...done.
   Creating scalable resource group <SmsTaskAgent-sarg>...done.
   Creating resource <SmsTaskAgent-sars> for the resource type
   <Oracle.SmsTaskAgent>...done.
   Bringing resource group <SmsTaskAgent-sarg> online...done.

Configuring Replication Files

There are two configuration files for replication that may be changed by the administrator.

• replication.def
• replication.config

The replication.config file

The replication.config file is created and changed through the Node Management screens in the SMS screens. The user must move tables on the screen from the Available Replication Groups list to the node they are to be replicated to in the Allocated Replication Groups list. Clicking Create Config File produces a new replication.config file.

The previous configuration is deleted prior to the new configuration being loaded. This does not necessitate the application being restarted, but it causes disruption to service on any of the SLCs.

The replication.config file contains the configuration for the whole network. This includes all configuration details needed for smsMasters and infMasters (if necessary).

Implementing Changes to the replication.config file

The new replication.config file takes effect after the program called changeConfig is run.

If you make the new configuration from the screens, this will be immediately. If you make the config from the command line, the change can be scheduled.

The replication.def file

The replication.def file is configured when the application is installed and should not need to be updated. It contains parameters that may be changed by the operator on start-up.

Implementing change to replication.def

Since replication.def is read only when the application starts up, if it does need to be updated and changes are made, the application (updateLoader, infMaster or smsMaster) must be restarted for these changes to take effect. After restart, these changes take effect immediately.

The Replication.def file is held on each node in the same directory as the application (updateLoader, infMaster or smsMaster). If changes are made to the SLC configuration, infMaster and updateLoader must be restarted.

Where changes are to be made to the SMS configuration, the smsMasters must be restarted. In an unclustered installation, smsMaster must be shut down by merging it with a infMaster to avoid loss of data and update information.

Example replication.def file

Here is an example of the default replication.def file that is installed when you install Convergent Charging Controller:

# @(#)replication.def  1.2
MAX PENDING=10000
ORACLE USER=/
HB PERIOD=10
HB TIMEOUT=10
HB TOLERENCE=250
CONNECTION TIMEOUT=2
 SECONDARY DELAY=100000
CONN RETRY=1QUEUE WARN THRESH=5
#Some Update Loader values
CONN RETRY TIME=0
RESYNC DIR=/IN/service_packages/SMS/tmp
CONFIG DIR=/IN/service_packages/SMS/etc
HTML DIR=/IN/html
REPORT DIR=/IN/service_packages/SMS/output/Replication

Configuring the Oracle Wallet

About the Oracle Wallet

The Oracle wallet is the single-sign-on wallet that is used when connecting securely to the database and that contains certificate information for identifying the Oracle server. You must create the Oracle wallet if you are using secure SSL connections to the database.

The certificate identifying the server must be signed by a certificate authority (CA) either by creating a root CA and self-signing, or by sending a certificate signing request to a commercial CA.

You can create the Oracle wallet and server certificate in the following ways:

• Manually by using the Oracle PKI tool, orapki. The orapki tool provides a uniform interface for manipulating Oracle wallets and certificates. For more information, see Manually Creating the Oracle Wallet.
• Automatically by using the setupOracleWallet.sh script. This script automatically issues the orapki commands and prompts you for the required information. For more information, see Creating the Oracle Wallet Automatically by Using setupOracleWallet.sh.

On a clustered SMS you should create the Oracle wallet in a file system that is cluster-wide to allow all instances to access the same wallet information in a single location; for example, on a non-clustered SMS node the Oracle wallet is located in the following directory by default:

/u01/app/wallets/oracle/server

However, if /global is a shared volume on a cluster then you should use the following directory for the Oracle wallet:

/global/oracle/app/wallets/oracle/server

About Configuring the Location of the Oracle Wallet

The Oracle wallet is used for single sign on to the Oracle server. If you are using secure SSL connections to the database then you must configure the location of the Oracle wallet in the WALLET_LOCATION entry in the listener.ora and sqlnet.ora files by using the following syntax:

WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA = 
(DIRECTORY = directory))
)

Where directory is the directory where the Oracle auto-login wallet is located; for example, on a non-clustered system the Oracle wallet default location is:

/u01/app/wallets/oracle/server

On a clustered system, the Oracle wallet default location is:

/global/oracle/app/wallets/oracle/server

Note:

On a clustered system you should specify a cluster-wide shared location so that a single Oracle wallet definition can be accessed from all cluster nodes.

In addition you must configure the following entries in the listener.ora and the sqlnet.ora files:

SSL_CLIENT_AUTHENTICATION=FALSE 
SSL_CIPHER_SUITES =(TLS_RSA_WITH_AES_128_CBC_SHA)

You must also set the jnlp.sms.sslCipherSuites Java application property in the smsGui.bat/smsGui.sh file to the same value as the SSL_CIPHER_SUITES entry.

Manually Creating the Oracle Wallet

The following high-level procedure explains how to create the Oracle wallet by using the Oracle orapki tool, and how to add a trusted or a self-signed certificate to the server wallet.

Follow these steps to create the Oracle wallet and add a trusted or a self-signed certificate to the server wallet:

1. (Optional) Skip this step if you are using a commercial CA to sign the server certificate. If you want to use self-signed certificates, then you must create the wallet container for the root CA. For more information, see Creating the Wallet Container for the Root CA.
2. (Optional) Skip this step if you are using a commercial CA to sign the server certificate. If you want to use self-signed certificates, then you must create a self-signed certificate. For more information, see Creating a Self-Signed Certificate.
3. Create an Oracle wallet to store the Oracle server certificate. For more information, see Signing the Server Certificate Request by Using the Self-Signed Certificate from the Root CA.
4. Add a user certificate to the server wallet. For more information, see Adding a User Certificate to the Server Wallet.
5. Export a certificate-signing request from the server wallet. For more information, see Exporting the Server Certificate Request.
6. Sign the server certificate request. If you are using:
   • Self-signed certificates. For more information, see Creating an Oracle Wallet to Store the Oracle Server Certificate.
   • A commercial CA. For more information, see Signing the Server Certificate Request by Using a Commercial CA.
7. Configure the pathname to the server wallet in the WALLET_LOCATION entry in the listener.ora and sqlnet.ora files. For more information, see About Configuring the Location of the Oracle Wallet.
8. (Optional) Skip this step if you are using a commercial CA. Add the trusted certificates to the keystore on client PCs. For more information, see Adding Trusted Certificates to the Keystore on Client PCs.

Creating the Wallet Container for the Root CA

This procedure assumes that Convergent Charging Controller is installed on a non-clustered SMS node and that the following directory has been created for the Oracle wallet:

/u01/app/wallets/oracle

On a clustered SMS the Oracle wallet is located in a file system that is cluster-wide to allow all instances to access the same wallet information in a single location; for example, /global/oracle/app/wallets/oracle.

Follow these steps to create the wallet container for the root CA:

1. Log in to the SMS as user oracle.
2. Go to the directory created for the Oracle wallet, for example:

   cd /u01/app/wallets/oracle

3. Create the wallet container by entering the following command.

   orapki wallet create -wallet ./root

4. When prompted, specify a new password for the root wallet.

   Note:

   Wallet passwords have length and content validity checks applied to them. Generally passwords should have a minimum length of eight characters and contain alphabetic characters combined with numbers and special characters.
5. Confirm the password.

   orapki creates the following directory for the root wallet and adds the ewallet.p12 file in root directory:

   /u01/app/wallets/oracle/root

Creating a Self-Signed Certificate

Follow these steps to create a self-signed certificate in the root wallet and export it to a file named b64certificate.txt

1. Create a self-signed certificate that is added to the root wallet by entering the following command:

   orapki wallet add -wallet ./root -dn CN=root_CA,C=CC -keysize 2048 -self_signed -validity 3650

   Where root_CA is the self-signed certificate name and CC is the local international country code.

2. When prompted, enter the password for the root wallet.
3. Export the self-signed certificate from the root wallet by entering the following command:

   orapki wallet export -wallet ./root -dn CN=root_CA,C=CC –cert ./root/b64certificate.txt

   Where CC is the local international country code, and the –cert command line option specifies the location of the export certificate.

4. When prompted, enter the password for the root wallet.

   The self-signed certificate is exported to the file b64certificate.txt.

Creating an Oracle Wallet to Store the Oracle Server Certificate

You create an Oracle wallet in the server sub-directory of the wallet directory to store the Oracle server certificate. The server sub-directory is in addition to the root sub-directory that you optionally created for the root CA.

The server wallet is used to authenticate the Oracle server. The location of the Oracle server wallet must be specified in the following WALLET_LOCATION configuration in listener.ora and sqlnet.ora files:

WALLET_LOCATION =
    (SOURCE =
    (METHOD = FILE)
    (METHOD_DATA = (DIRECTORY = server_directory)
)

Where server_directory is the directory you create for the Oracle server certificate; for example:

/u01/app/wallets/oracle/server

For more information, see About Configuring the Location of the Oracle Wallet.

Follow these steps to create an Oracle wallet for the server certificate"

1. As user oracle on the SMS node, go to the Oracle wallet directory; for example:

   cd /u01/app/wallets/oracle

2. Create the server wallet by entering the following command:

   orapki wallet create -wallet ./server -auto_login

   Where trusted_CA_certificate is the file containing the CA's trusted public certificate.

3. When prompted specify a new password for the server wallet.

   Note:

   Wallet passwords have length and content validity checks applied to them. Generally passwords should have a minimum length of eight characters and contain alphabetic characters combined with numbers and special characters.
4. Confirm the password.

   orapki creates the /u01/app/wallets/oracle/server directory for the server wallet and adds the following files in the directory:

   cwallet.sso

   ewallet.p12

5. To check that the files have been created, enter the following command:

   ls server

Adding a User Certificate to the Server Wallet

Follow these steps to add a user certificate for the SMS to the server wallet

1. As user oracle on the SMS, enter the following command to add a user certificate for the SMS to the server wallet:

   orapki wallet add -wallet ./server/ewallet.p12 -dn 'CN=SMS,C=CC' -keysize 2048

   Where ewallet.p12 is the name of the server wallet and CC is the local international country code.

2. When prompted, enter the password for the server wallet.

Exporting the Server Certificate Request

You export a certificate request from the server wallet so that the request can be signed by a CA.

To export the server certificate request enter the following command as user oracle:

orapki wallet export -wallet ./server -dn 'CN=SMS,C=CC' -request ./server/creq.txt

Where CC is the local international country code and creq.txt is the name of the server certificate request file.

The server request is exported to the following file in the server directory:

/u01/app/wallets/oracle/server/creq.txt

Signing the Server Certificate Request by Using the Self-Signed Certificate from the Root CA

The following procedure uses the root CA you initially created to sign the certificate request. Alternatively you can send the request to a commercial CA for signing.

Follow these steps to sign the server certificate request:

1. Create the server certificate in the file named cert.txt using the certificate request in the file named creq.txt. As user oracle on the SMS, enter the following command:

   orapki cert create -wallet ./root -request ./server/creq.txt -cert ./server/cert.txt -validity 3650

   Where the command line option:

   • -wallet specifies to use the self-signed certificate in the root CA to sign the server request.
   • -cert specifies to create the signed certificate named cert.txt.
2. When prompted, enter the password for the root wallet.
3. Add the trusted certificate of the root CA, ./root/b64certificate.txt, and the user certificate signed by the root CA, ./server/cert.txt, into the server wallet by entering the following commands:

   • orapki wallet add -wallet ./server/ewallet.p12 -trusted_cert –cert ./root/b64certificate.txt

   • orapki wallet add -wallet ./server/ewallet.p12 -user_cert –cert ./server/cert.txt

   When prompted, enter the password for the server wallet.

Signing the Server Certificate Request by Using a Commercial CA

Follow these steps to use a commercial CA to sign the server certificate request:

1. Send the certificate request in the file named creq.txt to the commercial CA for signing.

   Where root_CA is the self-signed certificate name and CC is the local international country code.

2. When you receive the signed certificate back from the commercial CA, add the commercial CA's trusted public certificate to the server wallet container.

   orapki wallet add -wallet ./server/ewallet.p12 -trusted_cert –cert trusted_CA_certificate

   Where trusted_CA_certificate is the file containing the CA's trusted public certificate.

3. When prompted for a password, enter the password for the server wallet.
4. Add the CA-signed server certificate to the server wallet container.

   orapki wallet add -wallet ./server/ewallet.p12 -user_cert -cert CA_signed_certificate

   Where CA_signed_certificate is the signed server certificate from the CA.

5. When prompted, enter the password for the server wallet.

Adding Trusted Certificates to the Keystore on Client PCs

If you are using self-signed certificates then you must update the keystore on client PCs to trust certificates from the SMS server that have been signed by the root CA.

Note:

Certificates signed by a commercial CA are already trusted by definition, therefore update the keystore on client PCs only if you are using self-signed certificates.

Follow these steps to add a trusted certificate for the SMS server to the Java keystore on a client PC:

1. Copy the root CA certificate ./root/b64certificate.txt to the client PC
2. As the Administrator user on the client PC, open the command tool window and enter the following command:

   keytool -importcert -keystore "path_to_java_lib_security_cacerts" -alias SMS -file "path_to_b64certificate_txt"

   where:

   • path_to_java_lib_security_cacerts is the path for the cacerts file
   • path_to_b64certificate_txt is the path for the b64certificate.txt file
3. When prompted, enter the password for the keystore.

   Note:

   The Java installation sets the keystore password to changeit by default.
4. Answer yes to the following prompt:

   Trust this certificate? [no]:

   Oracle keytool updates the keystore on the client PC to trust certificates from the SMS server that have been signed with the root CA.

Creating the Oracle Wallet Automatically by Using setupOracleWallet.sh

About Creating the Oracle Wallet by Using setupOracleWallet.sh

The Oracle wallet is the single-sign-on wallet that is used when connecting securely to the database and that contains certificate information for identifying the Oracle server. You must create the Oracle wallet if you are using secure SSL connections to the database. For more information, see About the Oracle Wallet.

The setupOracleWallet.sh script enables you to automatically run the orapki commands for creating the Oracle wallet. The script prompts you to enter all the information it requires to create the Oracle wallet. For more information about setupOracleWallet.sh, see setupOracleWallet.sh.

When you run setupOracleWallet.sh, you specify whether or not you want to use self-signed certificates. If you are using:

• Self-signed certificates, the script completes after creating the Oracle wallet and self-signed certificate. You must then update the Java keystore on client PCs with the trusted certificates. For more information, see Adding Trusted Certificates to the Keystore on Client PCs on Client PCs.
• Certificates signed by a commercial CA, the script initially completes after creating the certificate signing request. You must send the certificate signing request to the commercial CA for signing. When the commercial CA returns the signed certificate, you re-run setupOracleWallet.sh to add the trusted CA certificate and the signed CA certificate to the Oracle server wallet.

After creating the Oracle wallet, the script prints details of the additional configuration that must be set in the Oraclelistener.ora and sqlnet.ora files. For more information, see the discussion on Configuring the Oracle Listener.

Information Required by setupOracleWallet.sh

The following table lists the information that is required by the setupOracleWallet.sh script.

Table 4-2 Information Required by setupOracleWallet.sh

Required Item	Description
Oracle wallet base directory	The base directory for the Oracle wallet. Specify the base directory to use for the Oracle root and Oracle server wallets. On a clustered SMS specify a file system that is cluster-wide to allow all instances to access the same wallet information in a single location. On a non-clustered system the default location for the Oracle wallet base directory is: /u01/app/wallets/oracle/ On a clustered system the default location for the Oracle wallet base directory is: /global/oracle/app/wallets/oracle/
ISO country code	The local international country (ISO) code for your country. Specify the two-letter code.
Wallet passwords	The password to use for the root CA wallet and the password to use for the server wallet. You will be prompted for the password each time the wallet is accessed. Note: Wallet passwords have length and content validity checks applied to them. Generally passwords should have a minimum length of eight characters and contain alphabetic characters combined with numbers and special characters.

Setting Up the Oracle Wallet to Use Self-Signed Certificates by Using setupOracleWallet.sh

Follow these steps to set up the Oracle server wallet to use self-signed certificates by using setupOracleWallet.sh:

1. Log in to the SMS as user oracle.
2. Enter the following command:

   /IN/service_packages/SMS/bin/setupOracleWallet.sh

3. Answer y to the following prompt:

   Do you wish to proceed with the configuration (y/n):

4. Enter the following information as required:
   • The base directory for the Oracle wallet. Specify the base directory to use for the Oracle root and Oracle server wallets. On a clustered SMS specify a file system that is cluster-wide to allow all instances to access the same wallet information in a single location.
   • The local international country (ISO) code for your country. Specify the two-letter code.
   • The password to use for the root CA wallet and the password to use for the server wallet. You will be prompted for the password each time the wallet is accessed.

   Note:

   Wallet passwords have length and content validity checks applied to them. Generally passwords should have a minimum length of eight characters and contain alphabetic characters combined with numbers and special characters.
5. Answer y to the following prompt:

   Would you like to use a self-signed root certificate to sign the SMS server certificate?

   When processing completes, the self-signed root certificate is exported to the following file:

   ./root/b64certificate.txt

   Where ./root is a sub-directory of the base directory for the Oracle wallet. You must import this certificate into the Java lib\security\cacerts file on each client PC by using the Java keytool utility. For more information, see Adding Trusted Certificates to the Keystore on Client PCs.

Setting Up the Oracle Wallet to Use CA-Signed Certificates by Using setupOracleWallet.sh

Note:

This procedure assumes that the commercial CA's own root certificate is available in the following file:

./root/b64certificate.txt

Where ./root is a sub-directory of the base directory for the Oracle wallet.

Follow these steps to set up the Oracle server wallet to use certificates signed by a commercial CA by using setupOracleWallet.sh.

1. Log in to the SMS as user oracle.
2. Enter the following command:

   /IN/service_packages/SMS/bin/setupOracleWallet.sh

3. Answer y to the following prompt:

   Do you wish to proceed with the configuration (y/n):

4. Enter the following information as required:
   • The base directory for the Oracle wallet. Specify the base directory to use for the Oracle root and Oracle server wallets. On a clustered SMS specify a file system that is cluster-wide to allow all instances to access the same wallet information in a single location.
   • The local international country (ISO) code for your country. Specify the two-letter code.
   • The password the password to use for the server wallet. You will be prompted for the password each time the wallet is accessed.

   Note:

   Wallet passwords have length and content validity checks applied to them. Generally passwords should have a minimum length of eight characters and contain alphabetic characters combined with numbers and special characters.
5. Answer n to the following prompt:

   Would you like to use a self-signed root certificate to sign the SMS server certificate?

   The script creates the server auto-login wallet and exports the certificate signing request to the following file:

   ./server/creq.txt

   Where ./server is a sub-directory of the base directory for the Oracle wallet.

6. Where ./server is a sub-directory of the base directory for the Oracle wallet.
7. Place the signed certificate in the following file:

   ./server/cert.txt

8. Place the root certificate from the commercial CA in the following file:

   ./root/b64certificate.txt

9. Log in as user oracle on the SMS and enter the following command:

   /IN/service_packages/SMS/bin/setupOracleWallet.sh -s ./server/cert.txt -t ./root/b64certificate.txt -w wallet_base_directory

10. Where:
    • -s ./server/cert.txt specifies the location of the signed server certificate.
    • -t ./root/b64certificate.txt specifies the location of the root certificate from the commercial CA.
    • -w wallet_base_directory specifies the Oracle wallet base directory.

    The setupOracleWallet.shscript completes by adding the trusted CA certificate and the CA-signed certificate to the server wallet.

Configuring the Oracle Listener

In order for the database on the SMS node to operate correctly it requires an Oracle listener. The Oracle listener listens for external requests to connect to a database on the SMS node.

The Oracle listener configuration in this section is defined in the listener.ora file on the SMS platform only; specific additional configuration is not required on any of the SLC nodes. This is because the listener.ora file on the SLC nodes is part of the standard Oracle installation and should not be changed.

The following high-level procedure explains how to add support to the listener.ora file to enable access to Oracle database instances by using the TCPS network protocol for secure SSL connections, or by using the TCP network protocol for non-SSL connections. It does not explain how to create a listener.ora file. The process of adding support for TCPS or TCP is also described in the Oracle documentation, however it is outlined here for quick reference.

The task of creating or updating the Oracle listener should be performed by your database administrator. For more information about creating an Oracle listener file, see Understanding Sql*Net, which is shipped with Oracle 7.

Note:

This is not a comprehensive guide to configuring Oracle Database. Configuring and maintaining a database is a non-trivial task, and if you are unsure how to proceed please consult your database administrator.

Procedure

Follow these steps to configure the Oracle listener:

1. Log in to the SMS as user oracle, or enter the following command from a root login to become the user oracle:

   su - oracle

   Note:

   Logging in as the user oracle ensures that the path to all the Oracle binaries is correct and that file ownership for Oracle files is preserved.
2. Go to the directory containing the listener.ora file. The location of the listener.ora file depends on the version of Oracle Database installed and the options selected at installation. It is located in one of the following directories by default:
   • $ORACLE_HOME/network/admin
   • /var/opt/oracle/
3. Edit the listener.ora file by using a text editor such as vi; for example:

   vi listener.ora

4. Add ADDRESS entries to ADDRESS_LIST to define the SMS hostname, protocols, and ports to use for connecting to the database. Use the following syntax:

   LISTENER=
    (DESCRIPTION_LIST = 
    (DESCRIPTION=(ADDRESS_LIST=
   (ADDRESS=
   (PROTOCOL=protocol)
   (HOST=hostname)
   (PORT=port_number)
   ))) 
   )

   where:

   • protocol is the protocol to use for connecting to the SMF database. You must specify TCPS for secure SSL connections, or TCP for non-SSL connections.
   • hostname is the hostname of the SMS node.
   • port_number is the number of the port on which the listener listens for requests. You must specify 2484 for secure SSL connections, or 1521 for non-SSL connections.

   Note:

   The TCPS protocol entry in the listener.ora file must appear after the TCP protocol entry.

   Example:

   The following example shows ADDRESS_LIST configuration for an SMS node called “hostSMP”:

   
   LISTENER=
    (DESCRIPTION_LIST = 
    (DESCRIPTION=(ADDRESS_LIST=
       (ADDRESS=
           (PROTOCOL=IPC)
           (KEY=SMF)   
           )))
    (DESCRIPTION=(ADDRESS_LIST=
       (ADDRESS=
           (PROTOCOL=TCP)
           (HOST=hostSMP)
           (PORT=1521)    
           )))
    (DESCRIPTION=(ADDRESS_LIST=
       (ADDRESS=
           (PROTOCOL=TCPS)
           (HOST=hostSMP)
           (PORT=2484)
           )))
       )
   )

   Note:

   The ORACLE_SID for the SMF database is SMF. The listener can be made aware of this by adding an ADDRESS entry to the ADDRESS_LIST.
5. The listener also needs to know where it can find the information for any particular ORACLE_SID. This is accomplished through SID_LIST. The listener needs to know the name of the SID, the Oracle home directory and the global database name.

   Add an entry to SID_LIST by using the following syntax:

   
   SID_LIST_LISTENER=(SID_LIST=
   (SID_DESC=
   (SID_NAME=SMF)
   (ORACLE_HOME=oracle_home_directory)
   (GLOBAL_DBNAME=SMF.Hostname)
   )
   )

   Where:

   • oracle_home_directory is the directory in which Oracle Database is installed
   • SMF.Hostname is the global database name. Hostname is the hostname of the SMS node

   Example:

   The following example shows SID_LIST configuration for an SMS node called “hostSMP”:

   
   SID_LIST_LISTENER=(SID_LIST=
   (SID_DESC=
   (SID_NAME=SMF)
   (ORACLE_HOME=/u01/app/oracle/product/12.1.0)
   (GLOBAL_DBNAME=SMF.hostSMP)
   ) 
   )

6. Comment out the following entries:

   
   USE_PLUG_AND_PLAY_LISTENER = TRUE
   USE_CKPFILE_LISTENER = TRUE

   Caution:

   Do not change the following settings:

   • STARTUP_WAIT_TIME_LISTENER = 0

   • CONNECT_TIMEOUT_LISTENER = 10

7. If you are using SSL connections to the database, set the following lines to these values:

    
   SSL_CLIENT_AUTHENTICATION=FALSE 
   SSL_CIPHER_SUITES=(TLS_RSA_WITH_AES_128_CBC_SHA)

   Note:

   You must also:

   • Configure the same entries for SSL_CLIENT_AUTHENTICATION and SSL_CIPHER_SUITES in the sqlnet.ora file.
   • Set the jnlp.sms.sslCipherSuites Java application property in smsGui.bat/smsGui.sh and the SSL_CIPHER_SUITES entry to the same value.
8. Save and close the file.
9. Stop the listener and then restart the listener using the updated configuration by entering the following commands:

   
   lsnrctl stop 
   lsnrctl start

Configuring Oracle Listener Java Application Properties

You configure the Java application properties for the Oracle listener in the smsGui.bat/smsGui.sh file. The installation process attempts to automatically configure this file for you, but you must check the data in the smsGui.bat/smsGui.sh file to ensure it is completely accurate.

Follow these steps to configure the Java application properties for the Oracle listener:

1. Log on as user root.
2. Edit the /IN/html/smsGui.bat and /IN/html/smsGui.sh file by using a text editor such as vi; for example:

   vi/ IN/html/smsGui.bat

3. If you are using secure SSL connections to the database on a non-clustered system, configure the jnlp.sms.secureConnectionDatabaseHost application property entry. The parameter value must be all on one line in the JNLP file:

   -Djnlp.sms.secureConnectionDatabaseHost="(DESCRIPTION= (ADDRESS_LIST= 
   (ADDRESS=(PROTOCOL=TCPS) (HOST=host_ip_addr)(PORT=lport))) (CONNECT_DATA= 
   (SERVICE_NAME=db_sid )))"

   If you are using secure SSL connections to the database on a clustered system, configure the jnlp.sms.secureConnectionClusterDatabaseHost application property entry. The parameter value must be all on one line in the JNLP file:

   -Djnlp.sms.secureConnectionClusterDatabaseHost="(DESCRIPTION= (ADDRESS_LIST= (ADDRESS=(PROTOCOL=TCPS) (HOST=host_ip_addr)(PORT=lport))) (CONNECT_DATA= (SERVICE_NAME=db_sid )))"

   Where:

   • host_ip_addr is the host name or IP address of the SMS node
   • lport is the listener port for SSL connections using the TCPS protocol. Set LPORT to 2484 for SSL connections.
   • db_sid is the database SID
   In addition, for SSL connections the jnlp.sms.EncryptedSSLConnection Java application property must be left undefined or set to true.

   Example Java application property configuration for SSL connections to the database (non-clustered):

   -Djnlp.sms.secureConnectionDatabaseHost=="(DESCRIPTION= (ADDRESS_LIST= (ADDRESS=(PROTOCOL=TCPS) (HOST=hostSMP)(PORT=2484))) (CONNECT_DATA= (SERVICE_NAME=SMF)))"

   -Djnlp.sms.EncryptedSSLConnection=true

4. If you are using SSL connections to the database you must set the jnlp.sms.sslCipherSuites Java application property to TLS_RSA_WITH_AES_128_CBC_SHA:

   -Djnlp.sms.sslCipherSuites="(TLS_RSA_WITH_AES_128_CBC_SHA)"

5. If you are using non-SSL connections to the database you must set the jnlp.sms.EncryptedSSLConnection parameter to false, and edit the following application property entries:

   -Djnlp.sms.host=”host_ip_addr”

   -Djnlp.sms.databaseID=”lport:db_sid”

   Where:

   • host_ip_addr is the host name or IP address of the SMS node
   • lport:db_sid is the listener port and the database SID. Set LPORT to 1521 for non-SSL connections.

   Example Java application property configuration for non-SSL connections to the database:

   -Djnlp.sms.host=="hostSMP"

   -Djnlp.sms.databaseID=="1521:SMF"

   -Djnlp.sms.EncryptedSSLConnection=false

6. Save and close the file.

   The parameters in the smsGui.bat/smsGui.sh files are updated to reflect those of the Oracle listener.

   Note:

   The sms.html file has been deprecated. However, if you upgraded from an earlier version of Convergent Charging Controller, you may continue to use the sms.html file. You must ensure that you set parameters to the same value in both the sms.html file, and the sms.jnlp file.

Configuring the SNMP Agent

SNMP trap relaying is not automatically enabled. If you require SNMP trap relaying then you must perform the steps described in this topic.

The SNMP agent supports the following functionality:

• Forwarding of alarms as SNMP traps, using the Alarm Relay mechanism (see Service Management System User's Guide).
• Resynchronization of traps, enabling an SNMP manager to request resend of traps.

Traps may be forwarded to multiple SNMP managers.

Note:

This is subject to the following restrictions:

• All managers must use the same port to receive SNMP traps;
• All managers must be configured to use the same Community string
• Any triggering of the resynchronization mechanism results in duplicate traps being forwarded to all managers.

Configuring the snmp.cfg file

The SNMP agent is configured via the Alarm Notification screen and the snmp configuration file as described in this section. The configuration file is /IN/service_packages/SMS/etc/snmp.cfg.

The name of the network management station is defined by the destination field in the rule, used to match alarms. This allows alarms to be sent to multiple machines and also to determine which alarms should be sent to which machines. The SNMP-specific parameters are:

• TARGET = “SNMP”

• DESTINATION = manager_hostname

The other parameters are the same for all destinations and are determined from this configuration file, read at the start up of the smsAlarmRelay program.

In understanding these parameters, you must be familiar with the Simple Network Management Protocol (SNMP).

We currently support SNMP v3 (IETF STD0062). SNMP v1 (IETF RFC1157) traps are supported for backward compatibility purposes only.

To support integration with as broad a range of SNMP managers as possible, two forms of SNMP trap are supported:

• Opaque traps include all of the fault data in a single structured data type
• Multiple variable traps, wherein each fault datum is represented by a distinct trap variable

A single trap type must be chosen for each installation. See the "opaque" and "specific" configuration parameter descriptions below for details.

SNMP relaying - Switching On

Follow these steps to turn on SNMP relaying of alarms.

Note:

Like any command line switches, the –p can appear at any point in the command line. –p is a parameter without any options, and is used to enable SNMP relaying of alarms. SNMP relaying of alarms is off by default

1. Open the snmp.cfg script with a text editor such as vi. The snmp.cfg file is located here by default:

   /IN/service_packages/SMS/etc/snmp.cfg

2. Add –p to the command line.
3. Save and close the file.

snmp.cfg example

This text shows the content of an example snmp.cfg file.

use-SNMPv3: 1
listenPort: 1161
userName: smf_oper
community: public
my-addr: addr
trap: 6
specific: 1 
opaque: 1
port: 162

snmp.cfg file parameters

The parameters available in this file are described below. The only parameter that you are required to modify is “my-addr”; the rest are given for reference only.

Note:

Separate the parameter from the value using the colon ‘:’.

community

Syntax:	community: type
Description:	The community to which smsAlarmRelay belongs.
Type:	String
Optionality:	Required
Allowed:
Default:	public
Notes:
Example:	community: public

listenPort

Syntax:	listenPort: port
Description:	The UDP port number from which smsAlarmRelay listens for get- and set-variable requests.
Type:	Integer
Optionality:	Required
Allowed:	1 - 65535
Default:
Notes:	If the use-SNMPv3 parameter is set to 0, the listenPort parameter has no effect.
Example:	listenPort: 1161

my-addr

Syntax:	my-addr: addr
Description:	The Internet Protocol (IP) address of the computer on which smsAlarmRelay is installed.
Type:	String
Optionality:	Required
Allowed:	May be either a symbolic host name or an Internet protocol number expressed in dotted-decimal format.
Default:
Notes:	In SNMP terminology, addr is called agent-addr. Most hosts have at least two addresses, the second one being the loop-back address: 127.0.0.1.
Example:	A symbolic host name might be SMS_main_1 . my-addr: SMS_main_1 An Internet protocol number could be 192.0.2.0 . my-addr: 192.0.2.0

my-oid

Syntax:	my-oid: id
Description:	The alarm parameter argument assigned to Oracle.
Type:	String
Optionality:	Optional (deprecated)
Allowed:	1.2.36.52947743
Default:	1.2.36.52947743
Notes:
Example:

notification-oid

Syntax:	notification-oid: str
Description:	A variable that can be queried or changed remotely.
Type:	String
Optionality:	Optional (deprecated)
Allowed:	Constructed from the value of the param-oid parameter to which is appended two additional digits. The value of each digit is determined by the format of alarms. 1.2.36.52947743.1.1 : Opaque encoding of Oracle fields. 1.2.36.52947743.1.2 : id, .3 = machine, .4 = time, .5 = cpu, etc. 1.2.36.52947743.2.1 : Opaque encoding of X.733 fields. 1.2.36.52947743.2.2 : Managed object instance, .3 event type, etc.
Default:	1.2.36.52947743.2.1
Notes:	The notification-oid parameter requires that: The use-SNMPv3 parameter is set for SNMP version 3. The listenPort parameter is configured
Example:

opaque

Syntax:	opaque: 0|1
Description:	Defines encoding for SNMP specific traps.
Type:	Boolean
Optionality:	Required if the specific parameter is used.
Allowed:	0 : Use if specific is set to 2 or 4. 1 : Use if specific is set to 1 or 3.
Default:
Notes:	The value depends on the value assigned to the specific parameter.
Example:	opaque: 1

param-oid

Syntax:	param-oid: id
Description:	The alarm parameter argument assigned to Oracle.
Type:	String
Optionality:	Optional (deprecated)
Allowed:	1.2.36.52947743
Default:	1.2.36.52947743
Notes:	The id is constructed from the values of the sub-parameters listed below: iso : 1 country : 2 australia : 36 Oracle : 52947743
Example:

port

Syntax:	port: port
Description:	The Internet Protocol (IP) port number of the remote SNMP manager computer.
Type:	Integer
Optionality:	Required
Allowed:	1 - 65535
Default:	162
Notes:	162 is the SNMP trap port.
Example:	port: 162

specific

Syntax:	specific: int
Description:	An SNMP-specific trap parameter.
Type:	Integer
Optionality:	Required if you set the opaque parameter
Allowed:	1 - A single opaque binding. 2 - Multiple variable bindings per trap, for each parameter. 3 - A single opaque binding in x733 format. 4 - Multiple x733 variable bindings per trap.
Default:
Notes:	If you use the specific parameter, you must also set the opaque parameter.
Example:	specific: 1

trap

Syntax:	trap: int
Description:	The value of the generic trap.
Type:	Integer
Optionality:	Required
Allowed:	6
Default:	6
Notes:
Example:	trap: 6

use-SNMPv3

Syntax:	use-SNMPv3: 0|1
Description:	The version of the SNMP implementation.
Type:	Integer
Optionality:	Required
Allowed:	0 : SNMPv1 is enabled. 1 : SNMPv3 is enabled.
Default:	1
Notes:
Example:	use-SNMPv3: 1

userName

Syntax:	userName: name
Description:	Used by smsAlarmRelay when it listens on a standard SNMP port that has already been opened.
Type:	String
Optionality:	Required
Allowed:
Default:	smf_oper
Notes:	In order to open the standard SNMP port, smsAlarmRelay needs root privileges. Once the port is open, smsAlarmRelay's privileges are restricted to those assigned to name.
Example:	userName: smf_oper

Formatting an SNMP trap message

The format of SNMP messages is defined in IETF STD0062.

At the top level the “Message” element has the “version” field set in accordance with the SNMP version set by the "use-SNMPv3" configuration parameter. The rest of the formatting differs according to the SNMP version that is being used.

SNMP v1

The SNMP v1 message is built up from each line of this table.

Part	Set from
version	Set by the use-SNMPv3 configuration parameter.
community	Set via the community configuration parameter.
enterprise	Set using the my-oid configuration parameter.
agent-addr	The IP address of the SMS set using my-addr parameter.
generic-trap	Set using the trap configuration parameter.
specific-trap	Set using the the specific parameter.

SNMP v3

The SNMP v3 message is built up as follows:

• version - set by the use-SNMPv3 configuration parameter
• Global Header - including a usm security model
• security parameters
• authoritative Engine ID - security ID
  • engine boots - record of the number of boots of the alarmRelay
  • engine time - record of the up of the alarmRelay
  • context engine ID - PID of smsAlarmRelay
• context name - "smsAlarmRelay"
• v2 trap PDU
  • error status
  • error index

variable bindings

The variable-bindings take one of two forms, in accordance with the settings of the opaque and specific configuration parameters.

The opaque form is composed of a sequence containing a single item. That single item is itself a sequence comprising of a pair. The pair is the object ID of the alarm (obtained from the configuration file) and the alarm data itself encased as an “Opaque” data item.

The multiple variable form is composed of a sequence of pairs, each pair being an object ID identifying the variable and the variable values. The object IDs and variable datatypes are specified in the MIB.

See SMF AlarmMessage Format (see "Configuring the SNMP Agent") for the ASN.1 format of the alarm data.

Transmission of the SNMP trap message

Given the trap message that has been previously formatted we can now send it to the network management station. As defined in RFC 1157, the message is sent over the User Datagram Protocol (UDP). The destination IP address and the port are specified in the configuration file.

Failure to send the trap does not raise an alarm as this would lead to an infinite loop of alarm messages.

Starting and stopping

The SNMP additions to the smsAlarmRelay send a “start” trap to all configured destinations when it starts up. Similarly, it sends a “stopped” trap and process shutdown.

Restarting the smsAlarmRelay

By default, SNMP trap relaying is not performed. Therefore the smsAlarmRelayStartup.sh script must be edited and the smsAlarmRelay process restarted using the steps below.

Follow these steps to restart the smsAlarmRelay daemon:

1. Type following command to find the process ID:

   ps -ef | grep smsAlarmRelay

   Note:

   The second column of the results returned is the process ID and the third column gives the parent process ID.

   Terminate the process ID from the second column.

2. Type kill -TERM pid

   Result: The process is terminated and is restarted by the inittab process.

Configuring Connections for CORBA Services

About CORBA Services Configuration

The CorbaServices section in the eserv.config configuration file defines common connection parameters for CORBA services on SMS nodes. The CorbaServices configuration overrides the default and command-line values specified for CORBA listen ports and addresses.

If you are using IP version 6 addresses, then you must include the CorbaServices section in the eserv.config file on SMS nodes. This section is optional if you are using only IP version 4 addresses.

The CorbaServices section includes the following required parameters:

• AddressInIOR
• smsTaskAgentOrbListenPort
• smsReportDaemonOrbListenPort
• smsTrigDaemonOrbListenPort
• ccsBeOrbListenPort

Example CORBA Services Configuration on the SMS

The following example shows the CorbaServices configuration section in the eserv.config file for CORBA services on the SMS node.

CorbaServices = {
AddressInIOR = "sms_machine.oracle.com"
OrbListenAddresses = [
"2001:db8:0:1050:0005:ffff:ffff:326b"
"192.0.2.0"
smsTaskAgentOrbListenPort = 6332
smsReportDaemonListenPort = 6333
smsTrigDaemonOrbListenPort = 6334
ccsBeOrbListenPort = 6335
}

CorbaServices Parameters

You specify CORBA services configuration in the CorbaServices section of the eserv.config file on SMS and SLC nodes. The CorbaServices configuration supports the following parameters:

AddressInIOR

Syntax:	AddressInIOR = "str"
Description:	The hostname or IP address to place in the IOR (Interoperable Object Reference) for the CORBA service.
Type:	String
Optionality:	Required (on SMS nodes only)
Allowed:	Hostname, IP version 6 address, or IP version 4 address
Default:
Notes:
Examples:	AddressInIOR = "2001:db8:0:1050:0005:ffff:ffff:326b" AddressInIOR = "192.0.2.0" AddressInIOR = "sms03xxx.us.oracle.com"

OrbListenAddresses

Syntax:	OrbListenAddresses = [ "str" ["str"] ]
Description:	List of IP addresses on which the CORBA service listens for incoming requests.
Type:	Array
Optionality:	Optional (on SMS nodes only)
Allowed:	IP version 6 addresses, and IP version 4 addresses
Default:
Notes:	If the OrbListAddresses parameter is not set, or you do not specify any IP addresses, then the CORBA service listens on all the IP addresses available on the host. Loopback IP addresses and special IP addresses, as defined in RFC 5156, are excluded.
Examples:	OrbListenAddresses = [ "2001:db8:0:1050:0005:ffff:ffff:326b" "192.0.2.0" ]

smsTaskAgentOrbListenPort

Syntax:	smsTaskAgentOrbListenPort = int
Description:	The number of the port on which smsTaskAgentOrb listens.
Type:	Integer
Optionality:	Required (on SMS nodes only)
Allowed:
Default:
Notes:	Overrides the CORBA service port specified for the smsTaskAgent process in the -s command-line parameter. For more information, see smsTaskAgent.
Examples:	smsTaskAgentOrbListenPort = 6332

smsReportDaemonOrbListenPort

Syntax:	smsReportDaemonOrbListenPort = int
Description:	The number of the port on which smsReportDaemonOrb listens.
Type:	Integer
Optionality:	Required (on SMS nodes only)
Allowed:
Default:
Notes:	Overrides the CORBA listen port specified for the smsReportDaemon process in the -s command-line parameter. For more information about smsReportDaemon, see smsReportsDaemon.
Examples:	smsReportDaemonOrbListenPort = 6333

smsTrigDaemonOrbListenPort

Syntax:	smsTrigDaemonOrbListenPort = int
Description:	The number of the port on which smsTrigDaemonOrb listens.
Type:	Integer
Optionality:	Required (on SMS nodes only)
Allowed:
Default:
Notes:	Overrides the smsTrigDaemon CORBA listen port set in the listenPort parameter in the triggering section of the eserv.config file. For more information about smsTrigDaemon, see smsTrigDaemon.
Examples:	smsTrigDaemonOrbListenPort = 6334

ccsBeOrbListenPort

Syntax:	ccsBeOrbListenPort = int
Description:	The number of the port on which ccsBeOrb listens.
Type:	Integer
Optionality:	Required (on SMS nodes only)
Allowed:
Default:
Notes:	Overrides the CORBA listen port specified for the ccsBeOrb process in the listenPort parameter. For more information, see Charging Control Services Technical Guide.
Examples:	ccsBeOrbListenPort = 6335

SMF AlarmMessage Format

This topic provides the format of the SMFalarmMessage including the MIB definitions.

Alarm Table fields

This table defines the layout of the SMF_ALARM_MESSAGE and SMF_ALARM_DEFN tables in the SMF from which the alarms are derived.

Name	Field size	Field type	Null value
id	38	NUMBER	not null
machine	16 (15 characters for hostname; 1 terminating charater)	VARCHAR2	not null
time		DATE	not null
cpu	3	NUMBER	not null
name	6	NUMBER	not null
subsystem	24	VARCHAR2	not null
severity	1	NUMBER	not null
description	256	VARCHAR2
opcomment	256	VARCHAR2
count	4	NUMBER	not null
close_time		DATE
status	7	VARCHAR2
change_sequence	38	NUMBER
managed_object_instance	2000	VARCHAR2
event_type	2	NUMBER
probable_cause	4	NUMBER
specific_problem	256	VARCHAR2
perceived_severity	1	NUMBER
additional_text	1000	VARCHAR2

MIB field mappings - SMF_ALARM_MESSAGE

This table provides the SMF_ALARM_MESSAGE to MIB field mappings.

DB Alarm		MIB
0	id	Mapped directly (unique ID)
1	machine	Mapped directly (hostname)
2	time	Mapped directly (“YYYYMMDDHHMMSS”
3	cpu	Mapped directly (CPU number)
4	name	= 0 for Solaris & HPUX
6	subsystem	Mapped directly (process identifier)
7	severity	Mapped directly (0=NOTICE, 2=WARNING, 4=ERROR, 6=CRITICAL, 8=CLEARANCE)
8	description	Mapped directly (free text)
9	opcomment	Mapped directly (free text)
10	count	Mapped directly (number of duplicates)
	close_time	Not sent
5	status	Mapped directly (“OPEN”, “PENDING”, “CLOSED”)
	change_sequence	Not sent

MIB field mappings - SMF_ALARM_MESSAGE

This table provides the SMF_ALARM_MESSAGE to MIB field mappings.

DB Alarm		MIB
0	id	Mapped directly (unique ID)
1	machine	Mapped directly (hostname)
2	time	Mapped directly (“YYYYMMDDHHMMSS”
3	cpu	Mapped directly (CPU number)
4	name	= 0 for Solaris
6	subsystem	Mapped directly (process identifier)
7	severity	Mapped directly (0=NOTICE, 2=WARNING, 4=ERROR, 6=CRITICAL, 8=CLEARANCE)
8	description	Mapped directly (free text)
9	opcomment	Mapped directly (free text)
10	count	Mapped directly (number of duplicates)
	close_time	Not sent
5	status	Mapped directly (“OPEN”, “PENDING”, “CLOSED”)
	change_sequence	Not sent

MIB field mappings - SMF_ALARM_DEFN

This table provides the SMF_ALARM_DEFN to MIB field mappings.

DB Alarm	MIB
Alarm_type_id	not sent
event_type	Mapped directly (event_type)
probable_cause	Mapped directly (probable_cause)
severity	Mapped directly (severity)
specific_problem	Mapped directly (specific_problem)
recommended_action	not sent
additional_text	Prefixed with description and mapped to additional_text
present_to_am	not sent
present_to_ar	not sent
autoclear period	not sent
regular_expression	not sent
notes	not sent

SMF Listen Messages

An SNMP manager may trigger the resend of traps by setting eServDataLastChgSeq to the value of the identifier (id or eServId) of the last successfully received trap.

Note:

Use of this mechanism will cause traps to be sent to all active SNMP managers.

Defining the Screen Language

The default language file sets the language that the Java administration screens start in. The user can change to another language after logging in.

The default language can be changed by the system administrator.

By default, the language is set to English. If English is your preferred language, you can skip this step and proceed to the next configuration task, Defining the Help Screen Language.

Default.lang

When SMS is installed, a file called Default.lang is created in the application's language directory in the screens module. This contains a soft-link to the language file that defines the language used by the screens.

If a Default.lang file is not present, the English.lang file is used.

The SMS Default.lang file is:

/IN/html/SMS/language/Default.lang

Example Screen Language

If Dutch is the language you want to set as the default, create a soft-link from the Default.lang file to the Dutch.lang file.

Language Files for Multi-Byte Character Sets

To create and use a language file for a language that requires a multi-byte character set, as simplified or traditional Chinese does, as well as others, you should create the file in the UTF-8 (Unicode Transformation Format-8) format.

Note:

To support reading and writing of UTF-8 characters, you must ensure that the database character set is UTF-8. You can use the following query to determine what the database character set is:

select value from nls_database_parameters where parameter = 'NLS_CHARACTERSET';

User-Specific Language Settings

All screens in the SMS are able to support selected languages. On login, the screens are displayed in the default language. You can subsequently specify a language for a specific user in the Configuration field of the User Management screen by specifying LANGUAGE=ABC where ABC must match the language file name, is case-sensitive, and does not include the file name extension. After a language is selected for a user, it is stored in their profile.

If a character set other than UTF-8 is used to create the language file, you must specify the character set for a user using CHARSET=XYZ in the Configuration field on the User tab of the User Management screen, where XYZ specifies one of the following character sets: US-ASCII, ISO-8859-1, UTF-16BE, UTF-16LE, or UTF-16.

For more information about setting the Configuration field, see Service Management System User's Guide.

Procedure

Follow these steps to set the default language for your SMS Java Administration screens:

1. Change to the following directory:

   /IN/html/SMS/language

   Example command: cd /IN/html/SMS/language/

2. Ensure the Default.lang file exists in this directory.
3. If the required file does not exist, create an empty file called Default.lang.
4. Ensure that the language file for your language exists in this directory. The file should be in the format:

   language.lang

   Where:

   language = your language.

   Example:

   Spanish.lang

5. If the required language file does not exist, either:
   • create a new one with your language preferences, or
   • contact Oracle support.

   To create a language file, you need a list of the phrases and words used in the screens. These should appear in a list with the translated phrase in the following format:

   original phrase=translated phrase

   Any existing language file should have the full set of phrases. If you do not have an existing file to work from, contact Oracle support with details.

6. Create a soft-link between the Default.lang file, and the language file you want to use as the default language for the SMS Java Administration screens.

   Example command: ln -s Dutch.lang Default.lang

Defining the Help Screen Language

The default Helpset file sets the language that the help system for the Java Administration screens start in. The user can change to another language after logging in.

The default language can be changed by the system administrator. By default, the language is set to English.

Default.SMS.hs

When SMS is installed, a file called Default.SMS.hs is created in the application's language directory in the screens module. This contains a soft-link to the language file which defines the language which will be used by the screens.

If a Default.SMS.hs file is not present, the English.SMS.hs file will be used.

If a Default.SMS.hs file is present, a user must explicitly set their language to their required language in the Tools screen or the default language will be used.

The Default.SMS.hs file is:

/IN/html/SMS/helptext/Default.SMS.hs

Example Helpset Language

If Dutch is the language you want to set as the default, create a soft-link from the Default.SMS.hs file to the Dutch.SMS.hs file

Procedure

Follow these steps to set the default language for your SMS Java Administration screens.

1. Change to the following directory:

   /IN/html/SMS/helptext

   Example command: cd /IN/html/SMS/helptext

2. Ensure the Default.SMS.hs file exists in this directory.
3. If the required file does not exist, create an empty file called Default.SMS.hs.
4. Ensure that the language file for your language exists in this directory. The file should be in the format:

   language.SMS.hs

   Where:

   language is your language.

   Example:

   Dutch.SMS.sh

5. If the required language file does not exist, either:
   • create a new one with your language preferences, or
   • contact Oracle support.

   To create a language file, you need a list of the phrases and words used in the screens. These should appear in a list with the translated phrase in the following format:

   original phrase=translated phrase

   Any existing language file should have the full set of phrases. If you do not have an existing file to work from, contact Oracle support with details.

6. Create a soft-link between the Default.SMS.hs file, and the language file you want to use as the default language for the SMS Java Administration screens.

   Example command: lln -s Dutch.Acs_Service.hs Default.Acs_Service.hs

Assigning the Oracle Profile to New Users

You create users that can access the SMS UI by using the Service Management System System, User Management screen. By default, when you add a new SMS user, the new user is assigned the standard Oracle profile, named DEFAULT. This profile includes a password verification function that checks things such as the minimum length, number of digits, and so on.

You can create a non-standard Oracle profile to assign to new users by using the CREATE PROFILE command. When you create the Oracle profile, you specify the password verification function that will be applied to user passwords. You can use this feature, for example, to specify an Oracle profile that uses a password verification function that has stricter password verification conditions.

For information about creating Oracle profiles by using the CREATE PROFILE command, see the Oracle Database documentation.

When you create or edit a user's password, smsTaskAgent verifies that you have entered an acceptable password by applying the password verification function that is specified in the Oracle profile assigned to the user.

You configure smsTaskAgent to assign a non-standard Oracle profile to new users instead of the default Oracle profile as follows:

smsTaskAgent = {
defaultOracleProfile = "password_profile"
}

where password_profile is the name of the Oracle profile you want to use. You must specify the name of an existing Oracle profile. For more information, see smsTaskAgent.

You specify the message that displays for failed attempts to create or change a user's password in the jnlp.sms.passwordPolicyMessage Java application property. For more information, see jnlp.sms.passwordPolicyMessage.

Setting up the Screens

Accessing SMS

To access the SMS user interface (UI), do the following:

• Ensure the Java SE Runtime Environment version 21 is installed on your computer.
• If required, obtain, and install the trusted certificate for the database connection into your keystore.
• Obtain the application zip file containing jars and other files (smsGui.bat or smsGui.sh).
• In Windows, run smsGui.bat to start the application.
• In other machines:
• Change the permission of smsGui.sh using chmod 755 smsGui.sh command.
• Run the application using bash smsGui.sh command.

For more information about the SMS UI, see SMS User's Guide.

About Customzing the SMS UI

You can customize the SMS UI by setting application properties in the smsGui.bat/smsGUi.bat file, which is in the /IN/html/ directory. You set java application properties:

-Dproperty="value"

Where:

• property is the name of the application property.
• value is the value of the specified property.

Note:

If the properties are present in multiple lines, separate properties with "^" in smsGui.bat or "\" in smsGui.sh. For example:

In smsGui.bat :

-Dproperty="value" ^

In smsGui.sh:

-Dproperty="value" \

Java Application Properties

The following application properties are available to customize the UI:

jnlp.acs.ACSDefaultCustomerIscodephpaid

Syntax:	-Djnlp.acs.ACSDefaultCustomerIscodephpaid="value"
Description:	Specifies whether the ACS New Customer screen has the codephpaid Charging Customer check box selected by default.
Type:	String
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	True
Notes:	If set to: True – The codephpaid Charging Customer check box is selected by default. False – The codephpaid Charging Customer check box is cleared by default.
Example:	-Djnlp.acs.ACSStartScreenVersion="1"

jnlp.acs.ACSStartScreenVersion

Syntax:	-Djnlp.acs.ACSStartScreenVersion="num"
Description:	This property is provided for backwards compatibility only. It allows you to display the version of the ACS main screen for releases prior to NCC release 5.0.3. The current version of the ACS main screen is displayed by default.
Type:	String
Optionality:	Optional
Allowed:	1 – The version of the ACS main screen for releases prior to NCC release 5.0.3 is displayed that includes the Events button. The ACS events feature is now decodephcated. Use this setting only if you want to access existing events configuration in ACS. Not set – The current version of the ACS main screen is displayed.
Default:	Not set
Notes:	This property is provided for backwards compatibility.
Example:	-Djnlp.acs.ACSStartScreenVersion="1"

jnlp.acs.allowCallPlanSchedulingInPast

Syntax:	-Djnlp.acs.allowCallPlanSchedulingInPast="value"
Description:	Specifies whether control plans can be scheduled to start in the past.
Type:	String
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	False
Notes:	If set to: True – Control plans can be scheduled to start in the past. False – Control plans cannot be scheduled to start in the past.
Example:	-Djnlp.acs.allowCallPlanSchedulingInPast="t"

jnlp.ccs.AllowDeletedVouchers

Syntax:	-Djnlp.ccs.allowDeletedVouchers="value"
Description:	Specifies whether you can set a voucher status or a voucher range state to Deleted. This parameter is used by the following in the Voucher Manager screens: The Vouchers tab The Voucher Ranges tab
Type:	Boolean
Optionality:	Optional (default used if not set)
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	True
Notes:	If set to: True – You can set a voucher range state or a voucher status to Deleted. False – You cannot set a voucher range state or a voucher status to Deleted.
Example:	-Djnlp.ccs.allowDeletedVouchers="true"

jnlp.acs.allowRefInCustCombo

Syntax:	-Djnlp.acs.allowRefInCustCombo="value"
Description:	Specifies whether users can perform searches in the ACS UI by using the customer reference number rather than the customer name.
Type:	String
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	False
Notes:	If set to: True – Allows searches using the customer reference number only. False – Requires searches to include a customer name along with a customer reference number.
Example:	-Djnlp.acs.allowRefInCustCombo="t"

jnlp.acs.autoCloseCompileDialog

Syntax:	-Djnlp.acs.autoCloseCompileDialog="value"
Description:	Specifies whether the CPE compiler report closes automatically after a control plan compiles successfully.
Type:	String
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	False
Notes:	If set to: True – The CPE compiler report closes automatically after a control plan compiles successfully. False – The CPE compiler report remains open after a control plan compiles successfully.
Example:	-Djnlp.acs.autoCloseCompileDialog ="t"

jnlp.acs.autoCloseCPE

Syntax:	-Djnlp.acs.autoCloseCPE="value"
Description:	Specifies whether the Control Plan Editor closes automatically after a control plan compiles successfully.
Type:	String
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	False
Notes:	If set to: True – The CPE closes automatically after a control plan compiles successfully. False – The CPE remains open after a control plan compiles successfully.
Example:	-Djnlp.acs.autoCloseCPE="t"

jnlp.ccs.BeORBTimeoutms

Syntax:	-Djnlp.ccs.BeORBTimeoutms="num"
Description:	Specifies the length of time, in milliseconds, after which an ORB request from the screen operator's terminal to the Convergent Charging Controller server times out.
Type:	Integer
Optionality:	Optional (default used if not set)
Allowed:	Any positive integer
Default:	20000 (that is, 20 seconds)
Notes:
Example:	-Djnlp.ccs.BeORBTimeoutms="5000"

jnlp.ccs.ccs_oper_cmnReceiveFiles_port

Syntax:	-Djnlp.ccs.ccs_oper_cmnReceiveFiles_port="port"
Description:	Specifies the port number on which the cmnReceiveFiles background process listens on the SMS machine when running as the ccs_oper user. This property is used by the following: The Voucher Management GPG Public Keys tab to import public keys The Subscriber Management Subscriber Batch tab to upload batch files
Type:	Integer
Optionality:	Optional (default used if not set)
Allowed:	Any positive integer
Default:	2027
Notes:
Example:	-Djnlp.ccs.ccs_oper_cmnReceiveFiles_port="2027"

jnlp.ccs.CCSAccountNumLength

Syntax:	-Djnlp.ccs.CCSAccountNumLength="num"
Description:	Specifies the required length of credit card numbers entered in the Card Number field of the CCS New Subscriber screen.
Type:	Integer
Optionality:	Optional (default used if not set)
Allowed:	Any positive integer
Default:	Not set
Notes:	If this property is not set, the number in the Card Number field must have more than 0 digits.
Example:	-Djnlp.ccs.CCSAccountNumLength="9"

jnlp.sms.clusterDatabaseHost

Syntax:	-Djnlp.sms.clusterDatabaseHost="(DESCRIPTION= (LOAD_BALANCE=YES)(FAILOVER=ON)(ENABLE=BROKEN) (ADDRESS_LIST=(ADDRESS=(PROTOCOL=type)(HOST=name)(PORT=port)) (ADDRESS=(PROTOCOL=type)(HOST=name)(PORT=port))) (CONNECT_DATA=(SERVICE_NAME=SMF)(FAILOVER_MODE=(TYPE=SESSION) (METHOD=BASIC)(RETRIES=5)(DELAY=3))))"
Description:	Specifies the connection string (including a host and an alternative host address, in case the first IP address is unavailable) for non-SSL cluster-aware connection to the database. To use non-SSL connections to the database, set the jnlp.sms.EncryptedSSLConnection property to false.
Type:	String
Optionality:	Optional
Allowed:
Default:	By default, port is set to 1521.
Notes:	If codephsent, this property is used instead of the jnlp.sms.databaseID property.
Example:	-Djnlp.sms.clusterDatabaseHost="(DESCRIPTION= (LOAD_BALANCE=YES)(FAILOVER=ON)(ENABLE=BROKEN) (ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=smsphysnode1) (PORT=1521)) (ADDRESS=(PROTOCOL=TCP)(HOST=smsphysnode2)(PORT=1521))) (CONNECT_DATA=(SERVICE_NAME=SMF)(FAILOVER_MODE=(TYPE=SESSION)(METHOD=BASIC)(RETRIES=5)(DELAY=3))))"

jnlp.acs.connectionsDialog

Syntax:	-Djnlp.acs.connectionsDialog="value"
Description:	Specifies whether the Control Plan Editor displays the Manage Node Exits dialog box when you hold down the Shift key while dragging the mouse to connect a feature node exit to a feature node entry.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:	shown – CPE displays the Manage Node Exits dialog box. hidden – CPE does not display the Manage Node Exits dialog box.
Default:	shown
Notes:
Example:	-Djnlp.acs.connectionsDialog"="hidden"

jnlp.acs.cpeLineDrawingMechanism

Syntax:	-Djnlp.acs.cpeLineDrawingMechanism="connection_type"
Description:	Specifies the type of connector lines that the Control Plan Editor displays. You use connector lines to connect feature nodes in control plans. Connector lines can be angled or straight lines: Angled connector lines bend around feature nodes where possible instead of crossing over them. Angled connector lines are colored when highlighted. HV connector lines use a combination of horizontal and vertical lines to connect feature nodes and may cross over other feature nodes. HV connector lines can be black or colored when highlighted.
Type:	String
Optionality:	Optional
Allowed:	ColouredNodeConnectionDrawer – The CPE displays connectors as angled lines that are colored when highlighted. HVNodeConnectionDrawer – The CPE displays connectors as horizontal and vertical lines that are black. ColouredHVNodeConnectionDrawer – The CPE displays horizontal and vertical lines that are colored when highlighted.
Default:	ColouredNodeConnectionDrawer
Notes:
Example:	-Djnlp.acs.cpeLineDrawingMechanism="HVNodeConnectionDrawer"

jnlp.ccs.CreditTransferCP

Syntax:	-Djnlp.ccs.CreditTransferCP="name"
Description:	Specifies the name of the control plan to run when a credit transfer is performed.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:
Default:	CREDIT_TRANSFER
Notes:
Example:	-Djnlp.ccs.CreditTransferCP="CREDIT_CP"

jnlp.sms.database

Syntax:	-Djnlp.sms.database="SMF"
Description:	Specifies the Oracle SID for the SMF database.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:
Default:	SMF
Notes:	Set at installation.
Example:	-Djnlp.sms.database="SMF"

jnlp.sms.databaseHost

Syntax:	-Djnlp.sms.databaseHost="ip:port:sid"
Description:	Sets the IP address and port to use for non-SSL connections to the SMF database, and the database SID. To use non-SSL connections to the database, set port to 1524 and the jnlp.sms.EncryptedSSLConnection property to false. To use SSL connections to the database, set the jnlp.sms.EncryptedSSLConnection property to true and set either the jnlp.sms.secureConnectionDatabaseHost property or the jnlp.sms.secureConnectionClusterDatatbaseHost property appropriately. When the jnlp.sms.EncryptedSSLConnection property is set to true or is undefined, jnlp.sms.databaseHost is ignored.
Type:	String
Optionality:	Optional
Allowed:
Default:	Not set. Secure SSL connection is enabled at installation by default.
Notes:	Internet Protocol version 6 (IPv6) addresses must be enclosed in square brackets []; for example:{2001:db8:n:n:n:n:n:n] where n is a group of 4 hexadecimal digits. The industry standard for omitting zeros is also allowed when specifying IP addresses.
Example:	-Djnlp.sms.databaseHost="192.0.2.1:2484:SMF" -Djnlp.sms.databaseHost="[2001:db8:0000:1050:0005:0600:300c:326b]:2484:SMF" -Djnlp.sms.databaseHost= "[2001:db8:0:0:0:500:300a:326f]:2484:SMF" -Djnlp.sms.databaseHost= "[2001:db8::c3]:2484:SMF"

jnlp.sms.databaseID

Syntax:	-Djnlp.sms.databaseID="port:sid"
Description:	Specifies the SQL*Net port for connecting to the database, and the database SID.
Type:	String
Optionality:	Required
Allowed:
Default:	1521:SMF
Notes:	To use non-SSL connections to the database, set port to 1521 and the jnlp.sms.EncryptedSSLConnection property to false. To use SSL connections to the database, set the jnlp.sms.EncryptedSSLConnection property to true and set either the jnlp.sms.secureConnectionDatabaseHost property or the jnlp.sms.secureConnectionClusterDatatbaseHost property appropriately. When the jnlp.sms.EncryptedSSLConnection property is set to true or is undefined, jnlp.sms.databaseID is ignored.
Example:	-Djnlp.sms.databaseID="1521:SMF"

jnlp.sms.dbPassword

Syntax:	-Djnlp.sms.dbPassword="password"
Description:	Specifies the database password. This password is for a special database user that the ACS Logon screen uses before the user logs in. This property is set during installation and is then not changed.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:
Default:	acs_public
Notes:	Do not change this value.
Example:	-Djnlp.sms.dbPassword="acs_public"

jnlp.sms.dBUser

Syntax:	-Djnlp.sms.dBUser="user"
Description:	Specifies the database user name. This is a special database user that the ACS Logon screen uses before the user logs in. This property is set during installation and is then not changed.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:
Default:	acs_public
Notes:	Do not change this value.
Example:	-Djnlp.sms.dBUser="acs_public"

jnlp.ccs.defaultEDRSearchAge

Syntax:	-Djnlp.ccs.defaultEDRSearchAge="num"
Description:	Used to calculate the default start date that is shown in the EDR Viewer. The default start date is equal to the current date and time minus jnlp.ccs.defaultEDRSearchAge. The default end date is the current date and time.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:	Any positive integer
Default:	2
Notes:
Example:	-Djnlp.ccs.defaultEDRSearchAge="5"

jnlp.ccs.defaultEDRSearchCategories

Syntax:	-Djnlp.ccs.defaultEDRSearchCategories="list_of_categories"
Description:	Specifies the default EDR categories to search for when viewing EDRs in the CCS View EDRs for Subscriber screen. Use a comma-separated string of EDR sub-types.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:
Default:	All
Notes:	The list of categories must be comma-separated and enclosed in single quotes.
Example:	-Djnlp.ccs.defaultEDRSearchCategories="'Amount Charge','Bad Pin'"

jnlp.ccs.defaultSubscriberSearchType

Syntax:	-Djnlp.ccs.defaultSubscriberSearchType="exact|codephfix"
Description:	Sets the default search type for subscribers in the following locations in the CCS UI: The Subscriber tab The Register Subscriber to Credit Card dialog box
Type:	String
Optionality:	Optional (default used if not set)
Allowed:	exact – Searches for the matching subscriber. codephfix – Searches for all subscribers with IDs that match the entered codephfix.
Default:	codephfix
Notes:
Example:	-Djnlp.ccs.defaultSubscriberSearchType="exact"

jnlp.acs.defaultTelcoManaged

Syntax:	-Djnlp.acs.defaultTelcoManaged="value"
Description:	Specifies whether new ACS customer accounts are marked as being managed by a Telecommunications Operator (telco) by default. Telco-managed customers are customers that never log into ACS but are managed explicitly (and without resource limits) by the telco. This property controls whether the Managed Customer check box is selected in the ACS New Customer Details dialog box by default.
Type:	String
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	True
Notes:	If set to: True – The Managed Customer check box is selected by default. False – The Managed Customer check box is clear by default.
Example:	-Djnlp.acs.defaultTelcoManaged="f"

jnlp.sms.DUAL_STATS_NODE

Syntax:	-Djnlp.sms.DUAL_STATS_NODE="value"
Description:	Specifies whether the View Statistics tab of the Statistics Viewer screen displays information about the SMS node.
Type:	String
Optionality:	Optional
Allowed:	true – The View Statistics tab of the Statistics Viewer screen displays information about the SMS node. false – The View Statistics tab of the Statistics Viewer screen does not display information about the SMS node.
Default:	false
Notes:	For more information, see Viewing Statistics in SMS User's Guide.
Example:	-Djnlp.sms.DUAL_STATS_NODE="true"

jnlp.ECEExtensions

Syntax:	-Djnlp.ECEExtensions="value"
Description:	Specifies whether to enable the Notification Gateway tab in the OSD UI.
Type:	Boolean
Optionality:	Optional (default used if not set)
Allowed:	true – Enables the Notification Gateway tab in the OSD UI. false or not set – Disables the Notification Gateway tab in the OSD UI.
Default:	Not set (disabled)
Notes:
Example:	-Djnlp.ECEExtensions="true"

jnlp.sms.EncryptedSSLConnection

Syntax:	-Djnlp.sms.EncryptedSSLConnection = "value"
Description:	Specifies whether connections to the client UI use encrypted SSL.
Type:	Boolean
Optionality:	Optional (default used if not set)
Allowed:	true – Use encrypted SSL connections to access the client UI. false – Use non-SSL connections to access the client UI.
Default:	true
Notes:	To use SSL connections to the database, set the jnlp.sms.EncryptedSSLConnection property to true and set either the jnlp.sms.secureConnectionDatabaseHost property or the jnlp.sms.secureConnectionClusterDatatbaseHost property appropriately. To use non-SSL connections to the database, set the jnlp.sms.EncryptedSSLConnection property to false.
Example:	-Djnlp.sms.EncryptedSSLConnection = "true"

jnlp.sms.host

Syntax:	-Djnlp.sms.host="IPaddress"
Description:	Specifies the Internet Protocol (IP) address for the SMS host machine that is set at installation.
Type:	String
Optionality:	Required
Allowed:	IP version 4 (IPv4) addresses IP version 6 (IPv6) addresses
Default:	No default
Notes:	You can use the industry standard for omitting zeros when specifying IP addresses.
Example:	-Djnlp.sms.host="192.0.2.0" -Djnlp.sms.host="2001:db8:0000:1050:0005:0600:300c:326b" -Djnlp.sms.host="2001:db8:0:0:0:500:300a:326f" -Djnlp.sms.host="2001:db8::c3"

jnlp.sms.protocol

Syntax:	-Djnlp.sms. protocol="value"
Description:	Specifies the protocol used to load the GUI images.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:	http, https
Default:	http
Notes:	When the GUI is launched using https, set the value of jnlp.sms.protocol to https in order to load the images.
Example:	-Djnlp.sms.protocol="https"

jnlp.vpn.INProtocol

Syntax:	-Djnlp.vpn.INProtocol="name"
Description:	Specifies the IN protocol for VPN screens.
Type:	String
Optionality:	Required
Allowed:	AIN – Hides settings not relevant to AIN. Only customers using Advanced Intelligent Network (AIN) should set the property to AIN. Not set – All settings are shown.
Default:	Not set
Notes:	Set at installation.
Example:	-Djnlp.vpn.INProtocol="AIN"

jnlp.acs.issuePCClockWarning

Syntax:	-Djnlp.acs.issuePCClockWarning="value"
Description:	Specifies whether a warning is raised when the user's PC clock time is more than two minutes faster or slower than the SMS platform's clock time.
Type:	String
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	True
Notes:	If set to: True – A warning is raised. False – A warning is not raised.
Example:	-Djnlp.acs.issuePCClockWarning="t"

jnlp.sms.logo

Syntax:	-Djnlp.sms.logo="file"
Description:	Specifies the logo displayed on the splash screen immediately before the ACS Logon screen appears. At installation, the property is set to an Oracle logo GIF file.
Type:	String
Optionality:	Optional
Allowed:	A valid network path and filename.
Default:	None
Notes:
Example:	-Djnlp.sms.logo="SMS/images/oracle.gif"

jnlp.acs.MAX_CONTROL_PLANS_DISPLAYED

Syntax:	-Djnlp.acs.MAX_CONTROL_PLANS_DISPLAYED="num"
Description:	Specifies the maximum number of control plans that can be displayed in the search results section of an ACS UI dialog box.
Type:	String
Optionality:	Optional
Allowed:	1 through 999
Default:	200
Notes:
Example:	-Djnlp.acs.MAX_CONTROL_PLANS_DISPLAYED="200"

jnlp.ccs.MaxGlobalLimitedLiabilityPromotions

Syntax:	-Djnlp.ccs.MaxGlobalLimitedLiabilityPromotions="num"
Description:	Specifies the maximum number of promotions that can have global limited liability. This property is used by the Details tab of the Promotion Manager screen. After the maximum number is reached, the global limited liability fields are disabled on the Details tab.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:	Any integer greater than or equal to 0
Default:	20
Notes:
Example:	-Djnlp.ccs.MaxGlobalLimitedLiabilityPromotions="25"

jnlp.acs.maximiseAcsScreens

Syntax:	-Djnlp.acs.maximiseAcsScreens="value"
Description:	Specifies whether the windows in the ACS UI are opened at maximum size or optimum size.
Type:	String
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	False
Notes:	If set to: True – The windows in the ACS UI are opened at maximum size. False – The windows in the ACS UI are opened at optimum size.
Example:	-Djnlp.acs.maximiseAcsScreens="t"

jnlp.ccs.MaxPDSMSThresholdEntries

Syntax:	-Djnlp.ccs.MaxPDSMSThresholdEntries="num"
Description:	Specifies the maximum number of promotional destination discount thresholds that you can define. That is, the number of non-discounted short messages that must be sent before the discount is applied. This property is used by the Promotional Destination Rates option of the New Product Type screen.
Type:	Integer
Optionality:	Optional (default used if not set)
Allowed:	Any number greater than or equal to zero
Default:	5
Notes:
Example:	-Djnlp.ccs.MaxPDSMSThresholdEntries="10"

jnlp.ccs.MaxRowsRTWN

Syntax:	-Djnlp.ccs.MaxRowsRTWN="num"
Description:	Specifies the maximum number of rows to display in the Real Time Wallet Notifications option of the CCS New Product Type screen.
Type:	Integer
Optionality:	Optional (default used if not set)
Allowed:	Any positive integer
Default:	100
Notes:
Example:	-Djnlp.ccs.MaxRowsRTWN="50"

jnlp.sms.namingServerPort

Syntax:	-Djnlp.sms.namingServerPort" value="port"
Description:	Tells the CCP Dashboard screens how to contact the naming server.
Type:	Integer
Optionality:	Optional
Allowed:
Default:	5556
Notes:	The value in this field should be the same as the value you set in the -p parameter of smsNamingServerStartup.
Example:	-Djnlp.sms.namingServerPort" value="5556"

jnlp.ORB_HOST

Syntax:	-Djnlp.ORB_HOST="hostsms"
Description:	Specifies the host name of the machine running the ccsBeOrb background process.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:
Default:	The SMS machine host name.
Notes:
Example:	-Djnlp.ORB_HOST="hostname"

jnlp.acs.paletteStyle

Syntax:	-Djnlp.acs.paletteStyle="value"
Description:	Specifies the style used to display the feature palette in the Control Plan Editor window. There are two possible feature palette styles: The floating panel style feature palette displays feature group names in a list, and the feature nodes within a selected group in a floating panel. The floating panel style enables you to quickly locate a feature node in the palette by using the Search Palette feature to filter the available feature nodes. The static panel style feature palette displays an expandable list of feature node groups from which you select individual feature nodes in a static panel. The Search Palette feature is not available with this style.
Type:	String
Optionality:	Optional
Allowed:	old – Sets the feature palette to the static panel style. Not set – Sets the feature palette to the floating panel style.
Default:	Floating panel style
Notes:	To enable the jnlp.acs.paletteStyle property, clear the Java cache and the client browser cache before restarting the Control Plan Editor.
Example:	-Djnlp.acs.paletteStyle="old"

jnlp.sms.passwordPolicyMessage

Syntax:	-Djnlp.sms.passwordPolicyMessage="message_text"
Description:	Specifies the message text that is displayed for failed attempts to change a user's password through the User Management screen in the SMS UI.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:	Any text. The text should be relevant to the password restrictions imposed by the password verification function defined in the user's (Oracle) profile.
Default:	The new password is not compliant with the password policy.
Notes:	The definition must be specified on one line. Do not include new lines in the message text. If the message is longer than 80 characters, the displayed message is broken up into multiple lines automatically.
Example:	-Djnlp.sms.passwordPolicyMessage="The new password must contain at least 9 characters and must contain at least 2 digits"

jnlp.sms.port

Syntax:	-Djnlp.sms.port="num"
Description:	Specifies the SQL*Net port for connecting to the SMS host machine.
Type:	Integer
Optionality:	Optional (default used if not set)
Allowed:
Default:	1521
Notes:	Set at installation
Example:	-Djnlp.sms.port="1521"

jnlp.sms.printingFontSize

Syntax:	-Djnlp.sms.printingFontSize="num"
Description:	Specifies the point size of text that can be printed from screens that support printing.
Type:	Integer
Optionality:	Optional (default used if not set)
Allowed:	6 through 12 (inclusive)
Default:	8
Notes:
Example:	-Djnlp.sms.printingFontSize="10"

jnlp.acs.ProfileN

Syntax:	-Djnlp.acs.Profilenumber="new_name"/>
Description:	Specifies to supcodephss or change the name of any of the 20 profile blocks.
Type:	String
Optionality:	Optional
Allowed:	1 <= number <= 20 new_name is one of the following: – (dash): The profile block is not displayed in screens. String comprising any printable characters.
Default:	The following lists default profile block names in the order in which they appear in feature node drop-down lists. Profile1: VPN Network Profile Profile2: VPN Station Profile Profile3: Customer Profile Profile4: Control Plan Profile Profile5: Global Profile Profile6: CLI Subscriber Profile Profile7: Service Number Profile Profile8: App Specific 1 Profile9: App Specific 2 Profile10: App Specific 3 Profile11: App Specific 4 Profile12: App Specific 5 Profile13: App Specific 6 Profile14: App Specific 7 Profile15: App Specific 8 Profile16: Any Valid Profile Profile17: Temporary Storage Profile18: Call Context Profile19: Outgoing Extensions Profile20: Incoming Extensions
Notes:	If VPN is not installed, Profile1 and Profile2 are supcodephssed by default. If Charging Control Services is installed, profile block names associated with Profile8 through Profile15 are changed automatically. For more information, see CCS Technical Guide. If RCA is not installed, Profile19 and Profile20 are supcodephssed by default. You can make them available by installing RCA or by appending them to the sms.jnlp file. Feature nodes with writable fields cannot write into Profile16.
Example:	-DProfile1="–" -DProfile6="Originating CLI"

jnlp.acs.requireCustomerReference

Syntax:	-Djnlp.acs.requireCustomerReference="value"
Description:	Specifies whether a customer reference number is mandatory for each ACS customer that is created.
Type:	String
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	True
Notes:	If set to: True – Customer reference numbers are mandatory for newly created ACS customers. False – Customer reference numbers are optional for newly created ACS customers.
Example:	-Djnlp.acs.requireCustomerReference="f"

jnlp.sms.ResyncServerPort

Syntax:	-Djnlp.sms.ResyncServerPort="port"
Description:	Specifies the port number on which the SMS resyncServer process listens for connections. This property is used by the SMS Replication Check screen.
Type:	Integer
Optionality:	Optional (default used if not set)
Allowed:	Any positive integer
Default:	7669
Notes:
Example:	-Djnlp.sms.ResyncServerPort="7669"

jnlp.sms.reports_location

Syntax:	-Djnlp.sms.reports_location="hostname"
Description:	Specifies the machine name of the HTML server on which generated reports are available in the /output directory. This property is used by the SMS Report Functions screen.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:
Default:	Not set, which means that reports are generated on the SMS machine.
Notes:
Example:	-Djnlp.sms.reports_location="SMSmachine"

jnlp.acs.scfs

Syntax:	-Djnlp.acs.scfs="scfn"
Description:	Lists the network entities that are available for handover. The names listed in this section are used by the following feature nodes: TCAP Handover (as the SCP Name list) RIMS MAP Query and IS41 Query (as the Return Address for mapping the SCCP Calling Party Address)
Type:	String
Optionality:	Optional. However, the TCAP Handover feature node must have at least one scf to work.
Allowed:	Any scf name configured in the acs.conf file. See acsChassis SSF Configuration (SLC).
Default:	None
Notes:	For every jnlp.acs.scfs property in the JNLP file, you must create a matching scf entry in the acs.conf file on each SLC defining the address associated with this entry.
Example:	-Djnlp.acs.scfs="SCF_Name1,SCF_Name2"

jnlp.acs.SDRfastTimeoutDefault

Syntax:	-Djnlp.acs.SDRfastTimeoutDefault="secs"
Description:	Specifies the default fast timeout period, in seconds, for the Selection Dependent Routing feature node. If the specified timeout period expires before a customer enters a digit on their telephone keypad, the feature node exits. You can use this feature, for example, to connect calls directly to the operator after timing out.
Type:	Integer
Optionality:	Optional (default used if not set)
Allowed:	Any positive integer
Default:	10
Notes:
Example:	-Djnlp.acs.SDRfastTimeoutDefault="5"

jnlp.sms.secureConnectionClusterDatabaseHost

Syntax:	-Djnlp.sms.secureConnectionClusterDatabaseHost = "(DESCRIPTION= (ADDRESS_LIST=(ADDRESS=(PROTOCOL=type)(HOST=IPaddress) (PORT=port)) (ADDRESS=(PROTOCOL=type)(HOST=IPaddress)(PORT=port))) (CONNECT_DATA=(SERVICE_NAME=servicename)))"
Description:	Specifies the connection string (including host address and port) for encrypted SSL connections to the SMF database on a clustered system. To enable secure SSL connections to the database, set port to 2484 and set the jnlp.sms.EncryptedSSLConnection property to true.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:
Default:
Notes:	If codephsent, this property is used instead of the jnlp.sms.secureConnectionDatabaseHost property.
Example:	-Djnlp.sms.secureConnectionClusterDatabaseHost = "(DESCRIPTION= (ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCPS)(HOST=192.0.1.1) (PORT=2484)) (ADDRESS=(PROTOCOL=TCP)(HOST=192.0.2.1)(PORT=2484))) (CONNECT_DATA=(SERVICE_NAME=SMF)))" jnlp.sms.secureConnectionDatabaseHost

jnlp.sms.secureConnectionDatabaseHost

Syntax:	-Djnlp.sms.secureConnectionDatabaseHost = "(DESCRIPTION= (ADDRESS_LIST=(ADDRESS=(PROTOCOL=type)(HOST=IPaddress) (PORT=port))))(CONNECT_DATA=(SERVICE_NAME=servicename)))"
Description:	Specifies the connection string (including host address and port) for encrypted SSL connections to the SMF database on a non-clustered system. To use SSL connections to the database, set port to 2484 and set the jnlp.sms.EncryptedSSLConnection property to true.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:
Default:
Notes:	If codephsent, this property is used instead of the jnlp.sms.databaseID property.
Example:	-Djnlp.sms.secureConnectionDatabaseHost = "(DESCRIPTION= (ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCPS)(HOST=192.0.1.1) (PORT=2484))))(CONNECT_DATA=(SERVICE_NAME=SMF)))"

jnlp.ses.SES_DATE_FORMAT

Syntax:	-Djnlp.ses.SES_DATE_FORMAT="format"
Description:	Specifies the date format used by the SES Configuration screens.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:	Any format supported by Java SimpleDateFormat (see https://docs.oracle.com/javase/8/docs/api/java/text/SimpleDateFormat.html)
Default:	dd/MM/yyyy HH:mm:ss
Notes:
Example:	-Djnlp.ses.SES_DATE_FORMAT="yyMMddHHmmssZ"

jnlp.acs.showAnnouncementSource

Syntax:	-Djnlp.acs.showAnnouncementSource="value"
Description:	Specifies whether announcement sources (i.e., the resource name and resource ID) are displayed next to announcement names in ACS UI windows.
Type:	String
Optionality:	Optional
Allowed:	TRUE true YES yes Y y All other values are considered to be false.
Default:	True
Notes:	If set to: True – Announcement sources are displayed. False – Announcement sources are not displayed.
Example:	-Djnlp.acs.showAnnouncementSource="f"

jnlp.sms.showEFM

Syntax:	-Djnlp.sms.showEFM="value"
Description:	Specifies whether the Alarm Definition tab is available on the Alarm Management screen.
Type:	Boolean
Optionality:	Optional (default used if not set)
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	False
Notes:	If set to: True – The Alarm Definition tab is available. False – The Alarm Definition tab is not available.
Example:	-Djnlp.sms.showEFM="True"

jnlp.ccs.ShowEmptyEDRTags

Syntax:	-Djnlp.ccs.ShowEmptyEDRTags= "taglist"
Description:	Lists the CCS EDR tags that must be displayed in EDR Viewer or CCP Dashboard when they are empty.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:	Comma separated list of the tags to include.
Default:	Empty tags are not displayed in EDR Viewer.
Notes:	Do not insert spaces in the list of tags.
Example:	-Djnlp.ccs.ShowEmptyEDRTags="ACS_CUST_ID,PI,WALLET_TYPE"

jnlp.acs.showNetwork

Syntax:	-Djnlp.acs.showNetwork="value"
Description:	Specifies whether the Network field is displayed in the ACS New Customer dialog box.
Type:	String
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	True
Notes:	If set to: True – The Network field is displayed. False – The Network field is not displayed.
Example:	-Djnlp.acs.showNetwork="f"

jnlp.acs.showCallPlanCopy

Syntax:	-Djnlp.acs.showCallPlanCopy="value"
Description:	Specifies whether the Copy button is enabled on the ACS Numbers screen.
Type:	String
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	True
Notes:	If set to: True – The Copy button is enabled. False – The Copy button is disabled.
Example:	-Djnlp.acs.showCallPlanCopy="f"

jnlp.sms.smf_oper_cmnReceiveFiles_port

Syntax:	-Djnlp.sms.smf_oper_cmnReceiveFiles_port="port"
Description:	Specifies the port number on which the cmnReceiveFiles background process listens on the SMS machine when running as the smf_oper user. This property is used by the following: The Location Capabilities Pack Import screen when importing LCP cell or area data The Voucher Management GPG Public Keys tab to import public keys The Subscriber Management Subscriber Batch tab to upload batch files
Type:	Integer
Optionality:	Optional (default used if not set)
Allowed:
Default:	2028
Notes:
Example:	-Djnlp.sms.smf_oper_cmnReceiveFiles_port="2028"

jnlp.sms.smsProductInfo

Syntax:	-Djnlp.sms.smsProductInfo="product"
Description:	Specifies the product name displayed in the About Oracle Communications Convergent Charging Controller help screen.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:
Default:	SMS – Service Management System
Notes:
Example:	-Djnlp.sms.smsProductInfo="SMS – Service Management System"

jnlp.sms.smsVersionInfo

Syntax:	-Djnlp.sms.smsVersionInfo="version"
Description:	Specifies the product version number displayed in the About Oracle Communications Convergent Charging Controller help screen.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:
Default:	Version 6.0.1
Notes:
Example:	-Djnlp.sms.smsVersionInfo="Version 6.0.1"

jnlp.acs.ssfs

Syntax:	-Djnlp.acs.ssfs="ssf1,ssf2,...,ssfn"
Description:	Lists the switches that are available in the IN network. The switches listed in this section are used by the Call Initiation feature node (as the switch name list).
Type:	String
Optionality:	Optional. However, the Call Initiation feature node must have at least one scf to work.
Allowed:	Any ssf name configured in the acs.conf file. See acsChassis SSF Configuration (SLC).
Default:	None
Notes:
Example:	-Djnlp.acs.ssfs="SSF_Name1,SSF_Name2"

jnlp.sms.sslCipherSuites

Syntax:	<property name = "jnlp.sms.sslCipherSuites="(TLS_RSA_WITH_AES_128_CBC_SHA)"
Description:	Specifies the cipher suites to use for SSL encryption. You must set this property if you are using encrypted SSL for connecting to the SMS database.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:	(TLS_RSA_WITH_AES_128_CBC_SHA)
Default:	(TLS_RSA_WITH_AES_128_CBC_SHA)
Notes:	You must also set the SSL_CIPHER_SUITES property to (TLS_RSA_WITH_AES_128_CBC_SHA) in the listener.ora and sqlnet.ora files.
Example:	<property name = "jnlp.sms.sslCipherSuites="(TLS_RSA_WITH_AES_128_CBC_SHA)"

jnlp.acs.supcodephssedSDRDigits

Syntax:	-Djnlp.acs.supcodephssedSDRDigits="digits"
Description:	The Selection Dependent Routing feature node allows you to route calls based on the number, letter, or special character entered on the caller's telephone keypad. You use the jnlp.acs.supcodephssedSDRDigits property to codephvent users from assigning specified digits to a calling route and to exclude those digits from the Configure Selection Dependent Routing dialog box of the ACS Control Plan Editor.
Type:	String
Optionality:	Optional
Allowed:	Numbers ranging from 0 (zero) through 9 Letters ranging from A through F Special characters * and #
Default:	None
Notes:
Example:	-Djnlp.acs.supcodephssedSDRDigits="12ab"

jnlp.acs.SupcodephssTagID

Syntax:	-Djnlp.acs.SupcodephssTagID="value"
Description:	Specifies to not include the profile tag value when displaying a profile field name in the ACS Control Plan Editor. For example, when jnlp.acs.SupcodephssTagID is set to: true – The profile tag 196613 displays the name "PIN codephfix" false – The profile tag 196613 displays the name "PIN codephfix (196613)"
Type:	Boolean
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false
Default:	True
Notes:	If set to: True – Only the profile field name is displayed. False – Both the profile field name and the profile field value is displayed.
Example:	-Djnlp.acs.SupcodephssTagID="True"

jnlp.trace

Syntax:	-Djnlp.trace="value"
Description:	Specifies whether to enable tracing for the Control Plan Editor. The output is displayed in the Java Console.
Type:	Boolean
Optionality:	Optional (default used if not set)
Allowed:	on | off, true | false, yes | no, 1 | 0, enabled | disabled
Default:	Off
Notes:
Example:	-Djnlp.trace="on"

jnlp.sms.TZ

Syntax:	-Djnlp.sms.TZ="timezone"
Description:	Specifies the time zone used for all time and date values displayed in Convergent Charging Controller UI windows.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:	Any Java supported time zone.
Default:	GMT
Notes:	For a full list of Java supported time zones, see Time Zones.
Example:	-Djnlp.sms.TZ="GMT"

jnlp.sms.OsTZ

Syntax:	-Djnlp.sms.OsTZ="timezone"
Description:	Specifies the Operating System time zone of the SMS node. It is used in conjunction with the sms.TZ parameter to successfully show dates in the correct time zone.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:	Any Java supported time zone.
Default:	GMT
Notes:	For a full list of Java supported time zones, see Time Zones.
Example:	-Djnlp.sms.OsTZ="GMT"

jnlp.acs.updateCcodephferences

Syntax:	-Djnlp.acs.updateCcodephferences="value"
Description:	When you update a control plan, the Control Plan Editor creates a new version of the control plan. If any customers are scheduled to use the older version of the control plan, the customers' service numbers or CLIs remain attached to the older version by default. This property specifies whether you can attach customers' service numbers or CLIs to the new control plan version.
Type:	String
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	None
Notes:	If set to: True – After an updated control plan compiles successfully, the Control Plan Editor prompts you to select the service numbers or CLIs to attach to the new control plan version. False – The existing service numbers or CLIs remain attached to the older version of the content plan.
Example:	-Djnlp.acs.updateCcodephferences="t"

jnlp.ccs.UseAnnouncements

Syntax:	-Djnlp.ccs.UseAnnouncements="value"
Description:	Specifies whether to play announcements.
Type:	String
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	False
Notes:
Example:	-Djnlp.ccs.UseAnnouncements="Yes"

jnlp.acs.useTNForNodeName

Syntax:	-Djnlp.acs.useTNForNodeName="value"
Description:	Specifies whether the feature node name displayed in the Control Plan Editor window is the Termination Number (TN). This applies to the following feature nodes only: Attempt Termination (AT) Unconditional Termination (UT) The TN is displayed for any UT or AT feature node in the CPE window, without requiring you to save each feature node to update the stored control plan data.
Type:	Boolean
Optionality:	Optional (default used if not set)
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	False
Notes:	If set to: True – The feature node name is displayed as the TN in the CPE window. False – The feature node name is displayed as the stored feature node name in the CPE window. You can update the TN for these feature nodes in a control plan by using the ACS Numbers screen. See the discussion about Editing Termination Numbers in ACS User's Guide for more information.
Example:	-Djnlp.acs.useTNForNodeName="true"

jnlp.vpn.vpnMaxNumOfHL

Syntax:	-Djnlp.vpn.vpnMaxNumOfHL="num"
Description:	Specifies the maximum number of hunting lists per station.
Type:	Integer
Optionality:	Optional (default used if not set)
Allowed:
Default:	10
Notes:	A hunting list is a terminating call feature where a subscriber may request a list of alternate destination addresses. If their mobile station is not attached, or does not answer a call, the service logic attempts to reach the supplied alternate destinations in sequence.
Example:	-Djnlp.vpn.vpnMaxNumOfHL="15"

jnlp.vpn.vpnMaxNumOfHLEntries

Syntax:	-Djnlp.vpn.vpnMaxNumOfHLEntries="num"
Description:	Specifies the maximum number of entries in a hunting list.
Type:	Integer
Optionality:	Optional (default used if not set)
Allowed:
Default:	20
Notes:
Example:	-Djnlp.vpn.vpnMaxNumOfHLEntries="25"

jnlp.ccs.VRRedeemMaxVoucherLength

Syntax:	-Djnlp.ccs.VRRedeemMaxVoucherLength="int"
Description:	Specifies the maximum number of digits in a voucher number.
Type:	Integer
Optionality:	Optional (default used if not set)
Allowed:	Must be equal to or larger than VRRedeemMinVoucherLength.
Default:	18
Example:	-Djnlp.ccs.VRRedeemMaxVoucherLength="18"

jnlp.ccs.VRRedeemMinVoucherLength

Syntax:	-Djnlp.ccs.VRRedeemMinVoucherlength="int"
Description:	Specifies the minimum number of digits in a voucher number.
Type:	Integer
Optionality:	Optional (default used if not set)
Allowed:	Must be equal to or smaller than VRRedeemMaxVoucherLength.
Default:	10
Example:	-Djnlp.ccs.VRRedeemMinVoucherlength="10"

jnlp.acs.warnAboutUnfilledExits

Syntax:	-Djnlp.acs.warnAboutUnfilledExits="True"
Description:	Specifies whether a control plan passes validation if any of its feature nodes are missing exits. This property has a dependency on the endUnlinkedExits parameter. For more information, see endUnlinkedExits.
Type:	String
Optionality:	Optional
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	False
Notes:	If set to: True – Control plans that are missing feature node exits will pass validation. To work, you must also set the endUnlinkedExits parameter to 1. False – Control plans that are missing node exits will fail during validation.
Example:	-Djnlp.acs.warnAboutUnfilledExits="True"

jnlp.osd.WSDLDirectory

Syntax:	-Djnlp.osd.WSDLDirectory="file"
Description:	Specifies the path to the Operation Sets WSDL file.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:
Default:	/IN/html/wsdls
Notes:	Part of OSD. If you change this property's value, you must also change the wsdlUriBaseName parameter in the eserv.config file.
Example:	-Djnlp.osd.WSDLDirectory="/IN/html/wsdls"

jnlp.osd.WSDLURL

Syntax:	-Djnlp.osd.WSDLURL="url"
Description:	Specifies the WSDL URL field value (same as wsdlUriBaseName parameter), and has the form of: http://host_name/wsdls
Type:	String
Optionality:	Optional (default used if not set).
Allowed:
Default:	http://<unset>
Notes:	Part of OSD. If you change this property's value, you must also change the wsdlUriBaseName parameter in the eserv.config file.
Example:	-Djnlp.osd.WSDLURL="http://nzwn-test08.uk.oracle.com/wsdls"

jnlp.sms.OverWriteSwingFont

Syntax:	-Djnlp.sms.OverWriteSwingFont="value"
Description:	Specifies whether to overwrite the default font of Swing components like JTextArea, JTextPane, JOptionPane, and JTable to support some special languages (for example: Dhivehi for Maldives).
Type:	Boolean
Optionality:	Optional (default used if not set)
Allowed:	True t(rue) Yes y(es) 1 All other values are considered to be false.
Default:	False
Notes:	If set to: True: Certain swing component default value is overwritten with value configured for jnlp.sms.OverWriteSwingFontValue. False: Default swing component font is used.
Example:	-Djnlp.sms.OverWriteSwingFont="True"

jnlp.sms.OverWriteSwingFontValue

Syntax:	-Djnlp.sms.OverWriteSwingFontValue="value"
Description:	Specifies the font to be used for certain Swing components like JTextArea, JTextPane, JOptionPane, and JTable in order to support some special languages.
Type:	String
Optionality:	Optional (default used if not set)
Allowed:	Any valid font available in the system.
Default:	None
Notes:	This field is used if jnlp.sms.OverWriteSwingFont is set to True.
Example:	-Djnlp.sms.OverWriteSwingFontValue="MV Boli"

Example of smsGui Script Files

Here is an example of the application properties for resources in the smsGui.bat and smsGui.sh files. Note that other applications, such as ACS and CCS, may add properties to this file.

smsGui.bat

@echo off 
REM Copyright (c) 2025 Oracle. All rights reserved.
REM
REM This material is the confidential property of Oracle Corporation or its
REM licensors and may be used, reproduced, stored or transmitted only in
REM accordance with a valid Oracle license or sublicense agreement.
REM
REM
REM smsGui.bat: runs the SMS application
REM Run: execute smsGui.bat 
REM Set JAR_PATH to the current directory
set JAR_PATH=%~dp0 
REM Enable delayed expansion
setlocal enabledelayedexpansion 
REM Set classpath
set CLASSPATH=%JAR_PATH%;%JAR_PATH%sms.jar.sig;%JAR_PATH%common.jar.sig;%JAR_PATH%ojdbc11.jar.sig;%JAR_PATH%oraclepki.jar.sig;%JAR_PATH%acs.jar.sig;%JAR_PATH%osd.jar.sig;%JAR_PATH%PIsecurity.jar.sig;%JAR_PATH%pi.jar.sig;%JAR_PATH%dap.jar.sig;%JAR_PATH%jaxb-runtime-4.0.5.jar.sig;%JAR_PATH%jaxb-core-4.0.5.jar.sig;%JAR_PATH%istack-commons-runtime-4.1.2.jar.sig;%JAR_PATH%jakarta.activation-2.0.1.jar.sig;%JAR_PATH%jakarta.xml.bind-api-4.0.2.jar.sig;%JAR_PATH%http_client.jar.sig;%JAR_PATH%orawsdl.jar.sig;%JAR_PATH%ccs.jar.sig;%JAR_PATH%UIS_GW.jar.sig;%JAR_PATH%UPC.jar.sig;%JAR_PATH%upcMacros.jar.sig;%JAR_PATH%rims.jar.sig;%JAR_PATH%xms.jar.sig;%JAR_PATH%smcb.jar.sig;%JAR_PATH%np.jar.sig;%JAR_PATH%lcp.jar.sig;%JAR_PATH%enum.jar.sig;%JAR_PATH%ses.jar.sig;%JAR_PATH%vpn.jar.sig;%JAR_PATH%rca.jar.sig;%JAR_PATH%asm-9.1.jar.sig;%JAR_PATH%asm-analysis-9.1.jar.sig;%JAR_PATH%asm-commons-7.3.1.jar.sig;%JAR_PATH%asm-tree-9.1.jar.sig;%JAR_PATH%asm-util-9.1.jar.sig;%JAR_PATH%exception-annotation-processor-4.2.5.jar.sig;%JAR_PATH%glassfish-corba-csiv2-idl-4.2.5.jar.sig;%JAR_PATH%glassfish-corba-internal-api-4.2.5.jar.sig;%JAR_PATH%glassfish-corba-omgapi-4.2.5.jar.sig;%JAR_PATH%glassfish-corba-orb-4.2.5.jar.sig;%JAR_PATH%gmbal-api-only-4.0.3.jar.sig;%JAR_PATH%org.osgi.core-6.0.0.jar.sig;%JAR_PATH%pfl-basic-4.1.2.jar.sig;%JAR_PATH%pfl-basic-tools-4.1.2.jar.sig;%JAR_PATH%pfl-dynamic-4.1.2.jar.sig;%JAR_PATH%pfl-tf-4.1.2.jar.sig;%JAR_PATH%pfl-tf-tools-4.1.2.jar.sig;%JAR_PATH%management-api-3.2.3.jar.sig;%JAR_PATH%ohj.jar.sig;%JAR_PATH%help-share.jar.sig;%JAR_PATH%oracle_ice.jar.sig;%JAR_PATH%jewt.jar.sig;%JAR_PATH%share.jar.sig 
REM Starting GUI....
java ^
 -Djava.util.Arrays.useLegacyMergeSort=true ^
 -Djnlp.sms.TZ=GMT ^
 -Djnlp.sms.host=OUI_HOSTNAME ^
 -Djnlp.sms.OhcHelp=true ^
 -Djnlp.sms.OhcNccHelpLinks=OHCFLAG ^
 -Djnlp.sms.logo=SMS/images/oracle.gif ^
 -Djnlp.sms.databaseID=LPORT:OUI_ORACLE_SID ^
 -Djnlp.sms.databaseHost=NCC_DBHOST:LPORT:OUI_ORACLE_SID ^
 -Djnlp.sms.EncryptedSSLConnection=false ^
 -Djnlp.sms.sslCipherSuites="(TLS_RSA_WITH_AES_128_CBC_SHA)" ^
 -Djnlp.sms.secureConnectionDatabaseHost="(DESCRIPTION= (ADDRESS_LIST= (ADDRESS=(PROTOCOL=TCPS)(HOST=NCC_DBHOST)(PORT=SECPORT))) (CONNECT_DATA= (SERVICE_NAME=OUI_ORACLE_SID)))" ^
 -Djnlp.sms.piUsersPasswordPolicyMessage="The new password must be at least 9 characters long and have at least 2 uppercase characters, 2 lowercase characters, 2 digits and 2 special characters, and must be 4 characters or more different from the previous password if there was one." ^
 -Djnlp.sms.showEFM=1 ^
 -Djnlp.sms.OverWriteSwingFont=false ^
 -Djnlp.sms.OverWriteSwingFontValue="MV Boli" ^
 -Djnlp.acs.SuppressTagID=TRUE ^
 -Djnlp.acs.maximiseAcsScreens=false ^
 -Djnlp.ECEExtensions=true ^
 -Djnlp.acs.Profile8="Account Reference Profile" ^
 -Djnlp.acs.Profile9="Product Type Profile" ^
 -Djnlp.acs.Profile10="Control Plan Profile (App 3)" ^
 -Djnlp.acs.Profile12="CCS Global Profile" ^
 -Djnlp.acs.Profile13="CCS Temporary Profile (App 6)" ^
 -Djnlp.acs.Profile14="CCS Temporary Profile (App 7)" ^
 -Djnlp.acs.Profile15="CCS Temporary Profile (App 8)" ^
 -Djnlp.acs.ssfs="vssp,sca" ^
 -Djnlp.acs.scfs=scf ^
 -Djnlp.vpn.INProtocol=IN_PROTOCOL ^
 -Djnlp.osd.WSDLDirectory="/IN/html/wsdls" ^
 -Djnlp.osd.WSDLURL="http://SHORTHOSTNAME/wsdls" ^
 -Djnlp.ccs.UseAnnouncements=YES ^
 -Djnlp.ccs.BeORBTimeoutms=5000 ^
 -Djnlp.ccs.VRRedeemMinVoucherLength=9 ^
 -Djnlp.ccs.VRRedeemMaxVoucherLength=15 ^
 -Djnlp.ccs.defaultEDRSearchAge=2 ^
 -Djnlp.ccs.allowTTC=true ^
 -Djnlp.ORB_HOST=SHORTHOSTNAME ^
 -Djnlp.sms.ldapDbUser="LdapDbUserName" ^
 -Djnlp.sms.ldapProviderURL="ldaps://LdapHostAddress" ^
 -Djnlp.sms.ldapAuthType=simple ^
 -Djnlp.sms.ldapSecurityPrincipal="uid=#username#,ou=OU,dc=Domain,dc=com" ^
 -Djnlp.sms.ldapSecurityProtocol=ssl ^
 -Djnlp.sms.ldapTemplateAttribute=LdapTemplateAttributeName ^
 -cp "%CLASSPATH%" ^
UserScreens.Application
REM End delayed expansion
endlocal 

smsGui.sh

#!/bin/bash 
###############################################################################
#
# Copyright (c) 2025 Oracle. All rights reserved.
#
# This material is the confidential property of Oracle Corporation or its
# licensors and may be used, reproduced, stored or transmitted only in
# accordance with a valid Oracle license or sublicense agreement.
#
#
# smsGui.sh : runs the SMS application
# Run: bash smsGui.sh
#
############################################################################### JAR_PATH=$(pwd)

JAXB_VERSION=4.0.5
GMBAL_VERSION=4.0.3
PFL_VERSION=4.1.2
GLASSFISH_VERSION=4.2.5
ASM_VERSION=9.1
ASM_COMMON_VERSION=7.3.1
JAKARTA_ACTIVATION=2.0.1
JAKARTA_XML_BIND=4.0.2
OSGI_VERSION=6.0.0
MANAGEMENT_API_VERSION=3.2.3

CLASSPATH=$JAR_PATH/:\
$JAR_PATH/sms.jar.sig:\
$JAR_PATH/common.jar.sig:\
$JAR_PATH/ojdbc11.jar.sig:\
$JAR_PATH/oraclepki.jar.sig:\
$JAR_PATH/acs.jar.sig:\
$JAR_PATH/osd.jar.sig:\
$JAR_PATH/PIsecurity.jar.sig:\
$JAR_PATH/pi.jar.sig:\
$JAR_PATH/dap.jar.sig:\
$JAR_PATH/http_client.jar.sig:\
$JAR_PATH/orawsdl.jar.sig:\
$JAR_PATH/ccs.jar.sig:\
$JAR_PATH/UIS_GW.jar.sig:\
$JAR_PATH/UPC.jar.sig:\
$JAR_PATH/upcMacros.jar.sig:\
$JAR_PATH/rims.jar.sig:\
$JAR_PATH/xms.jar.sig:\
$JAR_PATH/smcb.jar.sig:\
$JAR_PATH/np.jar.sig:\
$JAR_PATH/lcp.jar.sig:\
$JAR_PATH/enum.jar.sig:\
$JAR_PATH/ses.jar.sig:\
$JAR_PATH/vpn.jar.sig:\
$JAR_PATH/rca.jar.sig:\
$JAR_PATH/ohj.jar.sig:\
$JAR_PATH/help-share.jar.sig:\
$JAR_PATH/oracle_ice.jar.sig:\
$JAR_PATH/jewt.jar.sig:\
$JAR_PATH/share.jar.sig:\
$JAR_PATH/jaxb-runtime-$JAXB_VERSION.jar.sig:\
$JAR_PATH/jaxb-core-$JAXB_VERSION.jar.sig:\
$JAR_PATH/istack-commons-runtime-$PFL_VERSION.jar.sig:\
$JAR_PATH/jakarta.activation-$JAKARTA_ACTIVATION.jar.sig:\
$JAR_PATH/jakarta.xml.bind-api-$JAKARTA_XML_BIND.jar.sig:\
$JAR_PATH/asm-$ASM_VERSION.jar.sig:\
$JAR_PATH/asm-analysis-$ASM_VERSION.jar.sig:\
$JAR_PATH/asm-commons-$ASM_COMMON_VERSION.jar.sig:\
$JAR_PATH/asm-tree-$ASM_VERSION.jar.sig:\
$JAR_PATH/asm-util-$ASM_VERSION.jar.sig:\
$JAR_PATH/exception-annotation-processor-$GLASSFISH_VERSION.jar.sig:\
$JAR_PATH/glassfish-corba-csiv2-idl-$GLASSFISH_VERSION.jar.sig:\
$JAR_PATH/glassfish-corba-internal-api-$GLASSFISH_VERSION.jar.sig:\
$JAR_PATH/glassfish-corba-omgapi-$GLASSFISH_VERSION.jar.sig:\
$JAR_PATH/glassfish-corba-orb-$GLASSFISH_VERSION.jar.sig:\
$JAR_PATH/gmbal-api-only-$GMBAL_VERSION.jar.sig:\
$JAR_PATH/org.osgi.core-$OSGI_VERSION.jar.sig:\
$JAR_PATH/pfl-basic-$PFL_VERSION.jar.sig:\
$JAR_PATH/pfl-basic-tools-$PFL_VERSION.jar.sig:\
$JAR_PATH/pfl-dynamic-$PFL_VERSION.jar.sig:\
$JAR_PATH/pfl-tf-$PFL_VERSION.jar.sig:\
$JAR_PATH/pfl-tf-tools-$PFL_VERSION.jar.sig:\
$JAR_PATH/management-api-$MANAGEMENT_API_VERSION.jar.sig:


echo "Starting GUI...."
exec ${JAVA_HOME}/bin/java \
     -Djava.util.Arrays.useLegacyMergeSort=true \
     -Djnlp.sms.TZ=GMT \
     -Djnlp.sms.host=OUI_HOSTNAME \
     -Djnlp.sms.OhcHelp=true \
     -Djnlp.sms.OhcNccHelpLinks=OHCFLAG \
     -Djnlp.sms.logo=SMS/images/oracle.gif \
     -Djnlp.sms.databaseID=LPORT:OUI_ORACLE_SID \
     -Djnlp.sms.databaseHost=NCC_DBHOST:LPORT:OUI_ORACLE_SID \
     -Djnlp.sms.EncryptedSSLConnection=false \
     -Djnlp.sms.sslCipherSuites="(TLS_RSA_WITH_AES_128_CBC_SHA)" \
     -Djnlp.sms.secureConnectionDatabaseHost="(DESCRIPTION= (ADDRESS_LIST= (ADDRESS=(PROTOCOL=TCPS)(HOST=NCC_DBHOST)(PORT=SECPORT))) (CONNECT_DATA= (SERVICE_NAME=OUI_ORACLE_SID)))" \
     -Djnlp.sms.piUsersPasswordPolicyMessage="The new password must be at least 9 characters long and have at least 2 uppercase characters, 2 lowercase characters, 2 digits and 2 special characters, and must be 4 characters or more different from the previous password if there was one." \
     -Djnlp.sms.showEFM=1 \
     -Djnlp.sms.OverWriteSwingFont=false \
     -Djnlp.sms.OverWriteSwingFontValue="MV Boli" \
     -Djnlp.acs.SuppressTagID=TRUE \
     -Djnlp.acs.maximiseAcsScreens=false \
     -Djnlp.ECEExtensions=true \
     -Djnlp.acs.Profile8="Account Reference Profile" \
     -Djnlp.acs.Profile9="Product Type Profile" \
     -Djnlp.acs.Profile10="Control Plan Profile (App 3)" \
     -Djnlp.acs.Profile12="CCS Global Profile" \
     -Djnlp.acs.Profile13="CCS Temporary Profile (App 6)" \
     -Djnlp.acs.Profile14="CCS Temporary Profile (App 7)" \
     -Djnlp.acs.Profile15="CCS Temporary Profile (App 8)" \
     -Djnlp.acs.ssfs="vssp,sca" \
     -Djnlp.acs.scfs=scf \
     -Djnlp.vpn.INProtocol=IN_PROTOCOL \
     -Djnlp.osd.WSDLDirectory="/IN/html/wsdls" \
     -Djnlp.osd.WSDLURL="http://SHORTHOSTNAME/wsdls" \
     -Djnlp.ccs.UseAnnouncements=YES \
     -Djnlp.ccs.BeORBTimeoutms=5000 \
     -Djnlp.ccs.VRRedeemMinVoucherLength=9 \
     -Djnlp.ccs.VRRedeemMaxVoucherLength=15 \
     -Djnlp.ccs.defaultEDRSearchAge=2 \
     -Djnlp.ccs.allowTTC=true \
     -Djnlp.ORB_HOST=SHORTHOSTNAME \
     -Djnlp.sms.ldapDbUser="LdapDbUserName" \
     -Djnlp.sms.ldapProviderURL="ldaps://LdapHostAddress" \
     -Djnlp.sms.ldapAuthType=simple \
     -Djnlp.sms.ldapSecurityPrincipal="uid=#username#,ou=OU,dc=Domain,dc=com" \
     -Djnlp.sms.ldapSecurityProtocol=ssl \
     -Djnlp.sms.ldapTemplateAttribute=LdapTemplateAttributeName \
     -cp "$CLASSPATH" \
UserScreens.Application

Configuring Nodes

SMS Nodes

During installation of the SMS software, each SMS is set up so that it is a valid replication node. Check that each node has at least the following configuration details:

• Valid primary address (or hostname)
• Node number of 1-16 (starting at 1), and
• Validator check box checked.

You can check the setup via the Node Management screen in the SMS Administration screens. For more information on node configuration and setup, see Service Management System User's Guide.

SLC Nodes

In a clustered installation, each SLC has one node number associated with it:

• One in the range 256 to 511 for the Update Loader

These node numbers can be assigned using the Node Management screen in the SMS Java screens.

Each Update Loader should at least have:

• Valid primary address (or hostname)
• Node number in the range 256 to 511 (the Node Numbers of the Update Loader should start at 301).
• Empty validator check box.

For more information on node configuration and setup, see the SMS User's Guide.

Statistics Nodes

You must complete the process by configuring Statistics within the SMS, see SMS User's Guide.

Installing the applications

Follow these steps to install the applications:

1. Install each application to create a set of replication groups.
2. Decide which SLCs will run this application.
3. Target all of the new groups (or such different set as is advised in the instructions for the application) onto each of these SLCs (the i+256 node).

Installing the Applications

Order of Replication

Please note that the order in which replication tables are added is important.

Configuring LDAP based SMS Login

This topic provides details of configurations for setting up LDAP based authentication for SMS GUI login.

Prerequisites

Before setting up LDAP authentication, ensure you have the following configured:

• LDAP Server: This is the server which will perform the user authentications. It should have proper connectivity with the client system performing the SMS GUI login.
• LDAP Template Attribute: One of the user attributes has to be identified as the attribute having the list of NCC templates that the user is assigned to. The template names can be assigned to the attribute either one to one (attribute value pair), or one to many, in a comma separated pattern.
  • For example, if groups is the attribute identified to be containing the template names, and you want to assign four templates (ACS_BOSS, OSD Superuser, DAP AspEdit Full, and CCSBPL) to the user, you can use the following methods for the template entries:

    Method 1: Attribute Value Pairs - one to one

    groups: ACS_BOSS

    groups: OSD Superuser

    groups: DAP AspEdit Full

    groups: CCSBPL

    Method 2: Attribute Value Pairs - one to many - comma separated

    groups: ACS_BOSS,OSD Superuser,DAP AspEdit Full,CCSBPL

    Method 3: (Mixed)

    groups: ACS_BOSS

    groups: OSD Superuser,DAP AspEdit Full

    groups: CCSBPL

• LDAP NCC Database User: For LDAP authentication, you need to have a user which can connect to SMF database and fetch the required screen details. As a one-time activity, a screen user (LDAP_DB_USER) should be created from the NCC user management screen, and a password should be set for that user. You need not assign any template to this newly created user. For more information about creating a screen user, see Service Management System User's Guide.

Configurations

All the LDAP configurations are set as properties in smsGui.bat/smsGui.sh file which is located in the /IN/html directory.

This table describes the properties that needs to be configured in the resources section of the smsGui.bat/smsGui.sh file.

Property	Description
sms.ldapDbUser	This is the LDAP_DB_USER created as part of prerequisite. This is used to connect to SMF database when any LDAP user logs in. Same LDAP_DB_USER is used for all LDAP logins. Example: -Djnlp.sms.ldapDbUser="ldapDbUser"
sms.ldapProviderURL	LDAP server host connection URL. This URL is used by the GUI to connect to LDAP server in order to authenticate the user and fetch the LDAP NCC templates. Example: -Djnlp.sms.ldapProviderURL="ldaps://LdapHostAddress"
sms.ldapAuthType	LDAP authentication type. Following authentication types are supported: none simple Example: -Djnlp.sms.ldapAuthType=simple
sms.ldapSecurityPrincipal	Specifies the name of the user/program performing the authentication. This depends on the value of the sms.ldapAuthType property. It should be set to the fully qualified domain name of the client to authenticate, as per the LDAP user’s domain hierarchy in the LDAP server. Example: -Djnlp.sms.ldapSecurityPrincipal="uid=#username#,ou=OU,dc=Domain,dc=com" Note: The #username# is a place holder for the LDAP username. Wherever you need to enter the LDAP username, enter #username#. This is replaced with actual LDAP username (as supplied by logging-in user) during the authentication process.
sms.ldapSecurityProtocol	Specifies the name of the security protocol to be used for communicating with LDAP server. It supports TLS version as per the underlying Java runtime environment. If this value is left blank or unspecified, SSL will not be used for communication. Example: -Djnlp.sms.ldapSecurityProtocol=ssl Note: If ssl is specified here, then update sms.ldapProviderURL to use the 'ldaps' link, instead of the usual 'ldap' link.
sms.ldapTemplateAttribute	The attribute name which has the list of templates for the LDAP users. Example: -Djnlp.sms.ldapTemplateAttribute=LdapTemplateAttributeName