AMX Massio MCP-108 Webconsole And Programming Manual Download Page 129

Page: 129 / 145

Appendix A: LDAP Implementation Details

129

NX-Series Controllers - WebConsole & Programming Guide

Appendix A: LDAP Implementation Details

Overview

The process of verifying credentials and obtaining user authorization is designed to support most organizations requirements for

'least privilege'. The account used to search LDAP to provide user objects for authentication never needs access to user

information. Authorization lookups are performed as the authenticated user and as such, no elevated permission is required.

Changes to LDAP Implementation (v1.4.x)

There are numerous changes to LDAP configuration when you upgrade your Master’s firmware to version 1.4.x or higher.

Upgrading from version 1.3.x to 1.4.x may require you to make changes to the configuration on your LDAP server.



When a remote directory service is enabled, the Master maps a user’s group memberships in the LDAP database to a

locally-defined Role. A Role is a set of privileges or permissions assigned to one or more users. See the

Security -

Roles

section on page 47 for more information.



The common name of the LDAP group on the LDAP server must match the name of the Role assigned to the user on the

Master.



ICSP permission is granted for Device-type users, and only when the user is granted the Firmware/Software Update

permission. See the

Role Permissions

section on page 48 for more information.



Device authentication is no longer checked against the remote LDAP server. All device authentication is performed locally.



Several changes to Active Directory and OpenLDAP configurations. See the

Active Directory/OpenLDAP Setup

section below

for more details.

Active Directory/OpenLDAP Setup



Unix Identity Module on Active Directory or OpenLDAP must use posixAccount for user and group memberships. For

OpenLDAP, you can add posixAccount to each entry that requires SSH/SFTP authentication. inetOrgPerson will continue

to work for FTP/HTTP/HTTPS/Program Port authentication.

When adding posixAccount to an existing entry, you may be asked for a uidNumber or gidNumber. These numbers must be unique

for each user (uidNumber) or group (gidNumber), however, the actual values do not matter to the NX-controller. When creating the

attributes, consider the following rules:



uidNumber must be unique for each user (often enforced by the server.)



gidNumber must be unique for each group.



homeDirectory can be anything (typically it is

/home/<cn>

, but you can also use

/bin/false

/opt/amx/user

NOTE:

If you have already installed Identity Management for Unix (IDMU) on your Windows Server, you can assign these attributes

using the tools for IDMU. However, if you do not have IDMU installed, you must enter the attributes manually.

Perform these steps to manually set the attributes:
1.

In Windows, select

Start

Control Panel

Administrative Tools

. Select

Active Directory Users and Computers

In the Active Directory Users and Computers dialog, select

Advanced Features

from the View menu.

Create a new user or select an existing user.

Right-click the user to view user's properties.

Click the

Attribute

tab.

Select

gidNumber

and click

Edit

Enter a gidNumber.

Select

uidNumber

and click

Edit

Enter a uidNumber.

10. Click

to accept the changes, and click

close the user properties dialog.

Summary of Contents for Massio MCP-108

Page 1: ...NOVA DGX DIGITAL MEDIA SWITCHERS MASSIO CONTROLPADS NX 1200 NX 2200 NX 3200 NX 4200 DVX 3250HD SP DVX 3250HD T DVX 3255HD SP DVX 3255HD T DVX 3256HD SP DVX 3256HD T DVX 2250HD SP DVX 2250HD T DVX 2255HD SP DVX 2255HD T DVX 2210HD SP DVX 2210HD T DGX8 ENC DGX16 ENC DGX32 ENC A DGX64 ENC MCP 106 MCP 108 ...

Page 2: ...les and the point where they exit from the apparatus 11 ONLY USE attachments accessories specified by the manufacturer 12 USE ONLY with a cart stand tripod bracket or table specified by the manufacturer or sold with the apparatus When a cart is used use caution when moving the cart apparatus combination to avoid injury from tip over 13 UNPLUG this apparatus during lightning storms or when unused f...

Page 3: ... a DHCP Server 17 Initial Configuration 19 Overview 19 Before You Start 19 Preparing the Master for USB Communication 19 Configuring the NX Controller for LAN Communication 21 Obtaining the NX Controller s IP Address using DHCP 23 Assigning a Static IP to the NX Controller 24 Communicating via IP Address 25 Upgrading Firmware 28 Overview 28 NX Controllers Firmware Files 28 NX Master Firmware 28 De...

Page 4: ...ds 35 WebConsole Network Options 36 Network Overview 36 Network IPv4 Setup 37 IPv4 Options 37 Network IPv6 Setup 38 Network Date Time 38 Setting the Mode for the Clock Manager 39 Setting Daylight Savings Rules 39 Selecting a Custom NIST Server 39 Adding a Custom NIST Server to the List 40 Removing an NIST Server From the List 40 Clock Manager NetLinx Programming API 40 WebConsole Security Options ...

Page 5: ...ber on a Device 58 Resetting the Master Controller to the Factory Defaults Configuration 58 WebConsole Modules Options 59 Modules Overview 59 Modules Device Options 60 Configuring Device Binding Options 60 Managing Device Driver Modules 60 Uploading a Module 60 Archiving a Module 60 Deleting a Module 60 Modules Bindings 61 Configuring Application Defined Devices 62 Application Devices and Associat...

Page 6: ...Link Twisted Pair or Fiber Receivers for selected audio output 79 EDID Configuration 79 Setting an EDID for an Input 79 Setting an EDID for an Output 79 Setting the EDID Mode for an Audio Input 79 Loading and Saving EDIDs 79 Status Page 80 System Configuration Interface Tips 81 NetLinx Programming 82 Overview 82 Port Assignments by NetLinx Master 82 Port Assignments by All in One Presentation Swit...

Page 7: ...scape Sequences 92 27 17 time 92 27 18 0 92 27 18 1 92 27 19 time 92 27 20 0 92 27 20 1 92 ESCSEQOFF 92 ESCSEQON 92 IR Serial Ports Channels 93 IRRX Port Channels 93 IR Serial SEND_COMMANDs 93 CAROFF 93 CARON 93 CH 93 CLEAR FAULT 93 CP 94 CTOF 94 CTON 94 GET BAUD 94 GET FAULT 94 GET MODE 94 GET STATUS 94 IROFF 95 POD 95 POF 95 PON 95 PTOF 95 PTON 95 SET BAUD 96 SET FAULT DETECT OFF 96 SET FAULT DE...

Page 8: ...erminal Connection via the Program Port 104 Establishing a Terminal Connection via Telnet 104 Terminal Commands 105 Help D P S 105 or Help 105 ADD AUDIT SERVER D P P 105 AUTO LOCATE ENABLE DISABLE STATUS 105 BOOT STATUS 105 CHANGE PASSWORD 105 CLEAR AUDIT 105 CLEAR HTTPS REDIRECT 105 CLEAR MAX BUFFERS 105 CLEAR PERSISTENT VARS 105 CPU USAGE 105 DATE 105 DATE TIME ON OFF 105 DEVICE DEBUG 105 DEVICE...

Page 9: ...110 PWD 110 REBOOT 110 REMOVE AUDIT SERVER D P P 111 RENEW DHCP 111 REPORT FIRMWARE 111 REPORT NETLINX 111 RESETADMINPASSWORD 111 RESET FACTORY 111 ROUTE MODE DIRECT NORMAL 111 SELINUX STATUS 111 SEND_COMMAND D P S or NAME COMMAND 111 SEND_LEVEL D P S LEVEL ID LEVEL VALUE 111 SEND_STRING D P S or NAME STRING 111 SET DATE 111 SET DEVICE REBOOT 111 SET DNS D P S 112 SET DUET MEMORY 112 SET FTP PORT ...

Page 10: ... 120 ESC A 120 ESC D 120 ESC H 120 Using the ICSLAN Network 120 DHCP Server 120 Opening LAN and ICSLAN Sockets from Code 120 Accessing the Security Configuration Options 121 Setup Security Menu 122 Enabling LDAP via the Program Port 123 Security Options Menu 124 Edit User Menu 125 Edit Device Menu 125 Edit Role Menu 126 Access Rights Menu 126 Adding a Role 127 Default Security Configuration 127 Te...

Page 11: ...ng Installing Public Certificates 139 Appendix C SMTP Support 140 Overview 140 SMTP Server Configuration 140 Sending Mail 141 Appendix D Clock Manager NetLinx Programming API 142 Types Constants 142 Library Calls 142 CLKMGR_IS_NETWORK_SOURCED 142 CLKMGR_SET_CLK_SOURCE CONSTANT INTEGER MODE 142 CLKMGR_IS_DAYLIGHTSAVINGS_ON 142 CLKMGR_SET_DAYLIGHTSAVINGS_MODE CONSTANT INTEGER ONOFF 142 CLKMGR_GET_TI...

Page 12: ...Table of Contents 12 NX Series Controllers WebConsole Programming Guide CLKMGR_GET_END_DAYLIGHTSAVINGS_RULE 144 CLKMGR_SET_END_DAYLIGHTSAVINGS_RULE CONSTANT CHAR RECORD 144 ...

Page 13: ...One Presentation Switchers page at www amx com for details and variations available for these products Enova DVX 22xxHD DVX 325xHD Enova DVX 22xxHD All in One Presentation Switchers utilize an NX 2200 Controller therefore all controller related information that applies to the NX 2200 is fully applicable to DVX 22xxHD products Enova DVX 325xHD All in One Presentation Switchers utilize an NX 3200 Co...

Page 14: ...line Mainline is the section of the program that is executed on a periodic basis by the NetLinx Master Controller Under normal operation the DEFINE_PROGRAM section executes at least once every half second Various system activities can cause the DEFINE_PROGRAM section to execute more frequently than every half second For example any time an external event occurs button push level change the DEFINE_...

Page 15: ...function is called within DEFINE_PROGRAM then that function must likewise not change a global variable Additionally accessing global values such as TIME and DATE constitute a variable change Take for example the code in PRGM EX 4 IF TIME 22 00 00 PRGM EX 4 Time check At first glance this code does not appear to change a variable It is simply checking to see if the current time is equal to 22 00 00...

Page 16: ...piration 0 Until Expiration 0 Timeline Expiration 0 Periodic Mainline 0 Current internal event count 1 show interp stats Mainline Executions due to Variable Change 62295 Pending Int Event 1 Pulse Expiration 0 Hold Expiration 0 DoPush Expiration 0 Wait Expiration 0 Until Expiration 0 Timeline Expiration 0 Periodic Mainline 0 Current internal event count 0 show interp stats Mainline Executions due t...

Page 17: ...ess via the LAN connector Upgrading Firmware section on page 28 IP recommended Upgrade the on board Master firmware through an IP address via the LAN connector Upgrading Firmware section on page 28 IP recommended Configure NetLinx Security on the NX Controller Setup and finalize your NetLinx Security Protocols WebConsole Security Options section on page 41 Program your NX controller NetLinx Progra...

Page 18: ...ing the Master requires valid login information The browser will prompt you for User ID and Password before displaying the configuration pages for the selected device Note that the serial number is appended to the name of the device After logging in you can configure the device changing IP settings NetLinx settings User settings etc via the pages in the WebConsole see the On Board WebConsole User ...

Page 19: ... Alternatively if it is already installed use the Web Update option in NetLinx Studio s Help menu to obtain the latest version The default location for the NetLinx Studio application is Start Programs AMX Control Disc NetLinx Studio NetLinx Studio 2 Verify that a LAN cable is connected from the Master to the LAN Hub 3 Connect a programming cable Type B USB from the Program Port on the Master to a ...

Page 20: ...assword dialog to set the user name and password for authentication access to the Master This step is optional You can only change the user name and password in the dialog The additional fields are view only 7 Click OK to close the USB Master s Username Password dialog and click OK in the Communication Settings dialog to return to the Communication Settings dialog now indicating the USB connected ...

Page 21: ...n established use NetLinx Studio to configure the Controller for LAN Communication as described in the next section Configuring the NX Controller for LAN Communication 1 Use a LAN cable to connect the Controller to the LAN to which the PC running NetLinx Studio is connected 2 Select Diagnostics Network Addresses from the menu bar to open the Network Addresses dialog FIG 8 Use the options in this d...

Page 22: ...DHCP FIG 10 a Select Use DHCP b Click Set IP Information to retain the DHCP setting c To finish the process click Reboot Device d Click Done to close the dialog 6 To specify a network IP address FIG 11 a Select Specify IP Address b Enter the IP parameters into the available fields c Click Set IP Information to retain the pre reserved IP address to the Master d To finish the process click Reboot De...

Page 23: ...able the Use DHCP and Specify IP Address options 4 Select Use DHCP NOTE DO NOT enter ANY IP information at this time this step only gets the System Master to recognize that it should begin using an obtained DHCP Address 5 Click Reboot Device 6 After the device has booted repeat steps 1 3 7 Note the obtained IP address read only This information is later entered into the Communication Settings dial...

Page 24: ...HCP and Specify IP Address options 4 Select Specify IP Address to enable the IP fields for editing FIG 14 5 Enter the IP Address Subnet Mask and Gateway information into their respective fields as defined by the System Administrator NOTE Verify that these IP values are also entered into the related fields within either the IP Settings section of the System Connection page on the touch panel or wit...

Page 25: ...ddress follow the steps outlined in either the Obtaining the NX Controller s IP Address using DHCP section on page 23 or the Assigning a Static IP to the NX Controller section on page 24 2 Select Settings Workspace Communication Settings from the Main menu to open the Workspace Communication Settings dialog FIG 15 3 Click System Settings to open the Communications Settings dialog If you do not hav...

Page 26: ...o make sure the Master is initially responding on line before establishing full communication If the authentication is required for connecting to the Master at this address enter a User Name and Password in the text fields provided 6 Click OK to close the New TCP IP Settings dialog and return to the Communication Settings dialog FIG 19 a Click on the new IP address entry in the List of Addresses w...

Page 27: ...lternately blink during the incorporation Wait until the STATUS LED is the only LED to blink 9 Click the OnLine Tree tab in the Workspace window to view the devices on the System The default System value is one 1 10 Right click the associated System number and select Refresh System This establishes a new connection to the specified System and populates the list with devices on that system The comm...

Page 28: ...ware associated with the Enova DVX All In One Presentation Switchers FIG 21 NetLinx Studio Sample OnLine Tree NX Controllers Firmware Files NX Master Firmware The on board NX Master is listed first in the OnLine Tree as 00000 NX Master firmware version For example the NX Master in FIG 21 above is 00000 NX 3200 Master v3 4 555 00000 represents Device ID 0 which is reserved for the Master The number...

Page 29: ...r verify the Central Controller and associated devices are listed in the OnLine Tree 4 Check the appropriate product page on www amx com for the latest NX Master and Device Controller firmware files for your device If necessary follow the procedures outlined in the following sections to obtain these firmware kit files from www amx com and then transfer the new firmware files to the device Download...

Page 30: ...esentation Switchers Below is a table outlining the Master Device and Switcher firmware kit files used by Enova DVX Controllers NOTE The HTTP firmware kit enables you to upgrade firmware via an HTTP server Follow the same steps in NetLinx Studio as you would with a typical firmware upgrade Upgrading firmware via HTTP server is typically much faster than upgrading with the standard firmware kit fil...

Page 31: ...rmware file for any special instructions before upgrading to a newer firmware version If no specifics are provided use the order provided above Upgrading Firmware via USB All X Series controllers support firmware upgrades via a USB solid state drive You can upgrade via USB by selecting the appropriate kit file and initiating the upgrade via telnet The IMPORT KIT telnet command causes the controlle...

Page 32: ...ys 0 for the NX Master Note that the Port field is disabled FIG 26 7 Click Send to begin the transfer The file transfer progress is indicated in the Progress section of the dialog The Master reboots when the file transfer is complete 8 Click Close once the Master is finished rebooting 9 In the OnLine Tree right click on the Master and select Refresh System This establishes a new connection and ref...

Page 33: ...value 1 Modero panels that were set to connect to the Master on another System value will not appear in the OnLine Tree tab of the Workspace window For example A Modero touch panel was previously set to System 2 The system is then reset to its default setting of System 1 and then refreshed from within the Workspace window The panel will not reappear until the system is changed from within the Syst...

Page 34: ...System see the WebConsole System Options section on page 57 Modules Click to access several different device related pages see the WebConsole Modules Options section on page 59 Switcher Click to access the Enova Switcher Configuration page see the WebConsole Switching Options section on page 67 This page only appears for Enova devices From the Home page Web Control options become available e g RMS...

Page 35: ...d connect try any of the following options Shift Right click Internet Explorer icon and select Run as administrator Select Internet Options Advanced Security Settings and check Enable Enhanced Protection Mode A Windows 8 restart will be required Use the Master s Hostname instead of its IP numeric address to enter the URL e g http AMXM98A1A2B rather than http 192 168 1 123 Use a non Windows 8 devic...

Page 36: ...u to view change the Master s IP and DNS address information See the Network IPv4 Setup section on page 37 for details IPv6 Setup This page allows you to view the IPv6 address subnet mask and gateway for the Master See the Network IPv6 Setup section on page 38 for details Date Time Options on this page allow you to enable disable using a network time source and provide access to Daylight Saving co...

Page 37: ...er the IPv4 address in this field This field is only available if you select Specific IP Address Subnet Mask Enter the IPv4 subnet mask in this field This field is only available if you select Specific IP Address Gateway Enter the gateway IPv4 address in this field This field is only available if you select Specific IP Address DNS Address This section enables you to set DNS information for the Mas...

Page 38: ...g a network time source and provide access to Daylight Saving configuration and which NIST servers to use as a reference The Clock Manager Options are separated into three areas Clock Manager The Clock Manager allows you to set the Clock Manager Mode Network Time or Stand Alone Daylight Savings Time Manager The Daylight Savings Time Manager allows you to specify how and when to implement Daylight ...

Page 39: ... the local time by one hour this doesn t cover all locations To provide flexibility for such locations it is possible to configure a different daylight savings time offset 3 Use the Starts fields to specify when Daylight Savings should start The Starts rules include Select Fixed to specify the calendar date when the rule applies as a specific date March 21 When Fixed is selected use the Day Month ...

Page 40: ...s stated above the address entered into the IP field must be must be a valid IP address not a URL 4 Enter the NIST Server s location in the New Location field This is used only to help the user manage entries and it is not verified or used internally by the clock manager 5 Click Accept to save these settings to the Master Removing an NIST Server From the List 1 Click on the Remove x button to the ...

Page 41: ...elnet Commands See the Accessing the Security Configuration Options section on page 121 Login Rules There is no limit to the number of concurrent logins allowed for a single user This allows for the creation of a single user that is provided to multiple ICSP devices touch panels for example using the same login to obtain access to the Master For example if you have 50 devices connected to a Master...

Page 42: ...ange in case upper lower Character Classes Required A password must contain characters from a set number of character classes See the Character Classes table below for the list and definitions of character classes Library Check The password cannot contain a word from a dictionary file supplied with the OS Minimum Length The password must contain a minimum set number of characters Palindrome Check ...

Page 43: ...FIG 38 System Security Settings System Security Options Option Description Security Presets The Master provides three levels of security setting presets Low Medium and High Each level is a preset of various security settings see the Security Presets section on page 45 for more information When a preset is selected that setting is applied after clicking Accept NOTE If a security preset is not selec...

Page 44: ...or other authorized user can require that any consecutive sessions between the UI and the target Master are done over a more secure HTTPS connection By default the Master does not have security enabled and must be communicated with using http in the Address field The default port value is 80 NOTE One method of adding security to HTTP communication is to change the Port value If the port value is c...

Page 45: ...ct to allow ICSP access to the Master for Device type users connected to the ICSLAN ports Expand the ICSLAN AMX Device Connection section to view this option ICSLAN Encryption Select to enable encryption on the ICSLAN ports on the Master Expand the ICSLAN AMX Device Connection section to view this option Authenticate AMX Devices On LAN Ports Select to require user name and password authentication ...

Page 46: ...ed polls A single successful poll constitutes a re connection System reboot Software or firmware updates Creation modification and deletion of user accounts NOTE The Master retains audit log records for 30 days or less depending on available space after which they are automatically purged Banners Banners enable you to display pre and post login text in the WebConsole and terminal interfaces Banner...

Page 47: ...ave a remote directory such as LDAP enabled the common name of the LDAP group on the LDAP server must match the name of the Role assigned to the user on the Master Select the Roles option of the Security Page to access the Role Security Details page FIG 39 The options in this page allow authorized users to assign and alter role properties such as creating modifying or deleting a role s rights lock...

Page 48: ...ny other devices NOTE This permission is not required to view the information only to change it HTTP HTTPS Select to allow the role to have HTTP and HTTPS access through the web interface Network Configuration Select to allow the role to modify network configuration including the following Clock Manager settings DHCP Static setting Gateway IPv4 address IPv4 address IPv4 subnet mask if static selec...

Page 49: ...P group on the LDAP server must match the name of the Role assigned to the user on the Master 4 Enable the security access rights you want to provide to the role By default all of these options are disabled See the Role Permissions section on page 48 for details 5 Click the Accept button to save your changes to the target Master If there are no errors within any of the page parameters a Role added...

Page 50: ...lable security right from a target user is either to not associate a role to a user or to alter the security rights of the role being associated Deleting a Role 1 Select the Roles option in the Security section to open the Role Security Details page 2 Click the Edit button see FIG 41 for any Role listed on the Role Security Details page to expand the view to show details for the selected Role 3 Cl...

Page 51: ...Default User Accounts By default the NetLinx Master creates the following accounts access rights directory associations and security options FTP Security is always enabled on the Masters All other security options are disabled by default FIG 42 Security Users page Default User Accounts administrator netlinx Username administrator Username netlinx Password password Password password Role All_Permis...

Page 52: ...ions assigned to it Device connections are required for machine to machine over ICSP such as touch panels and ICSLan device control boxes Device type users are stored only in the local user database and are able to be modified even when a remote directory service is enabled 4 From the Roles options menu choose from a list of roles and associate the rights of the role to the new user You can assign...

Page 53: ...ty Details page 2 Click the Edit button for the User you want to delete to expand the User s details 3 Press the Delete button to remove the selected User and refresh the page The system will prompt you to verify this action click OK to proceed 4 Reboot the Master via the Reboot button on the Manage System Page select the System control button to access Locking Disabling a User 1 Select the Users ...

Page 54: ...the LDAP server for user verification FIG 45 Security LDAP page LDAP Options Option Description LDAP Enabled This parameter enables the LDAP configuration parameters described below NOTE When LDAP is enabled you can only create device users If the administrator user has been deleted you must perform a factory reset of the Master via pushbutton to restore the administrator user LDAP URI This parame...

Page 55: ...e file must be saved in a folder named certs Once the file is uploaded you must reboot the Master for the certificate file to be read and employed by the system LDAPS requires Master Firmware version 1 3 78 or greater Wired 802 1X support IEEE 802 1X is an IEEE Standard for Port based Network Access Control PNAC PNAC provides the ability to grant or deny network access to devices wishing to attach...

Page 56: ...ser For information on password rules see the Password Rules section on page 42 1 Select the Profile option in the Security section to open the User Profile Details page 2 Click Change Password The Change Password dialog box opens FIG 47 3 Enter the old password in the Old Password field 4 Enter the new password in the New Password field 5 Confirm the password by re entering the new password in th...

Page 57: ...es Options in this tab allow you to view the details of additional attached devices including module supported third party devices See the System Devices section on page 58 for details The default view for the System option is Manage System System Number FIG 48 System Info The Info page FIG 48 enables you to view a detailed list of the properties of the Master The properties include the Model ID a...

Page 58: ...ot to reboot the target Master The Device Tree then reads Rebooting After a few seconds the Device Tree refreshes with the current system information including the updated system number assignment If the Device Tree does not refresh within a few minutes press the Refresh button and reconnect to the Master Changing the Device Number on a Device Note that in most cases the Device Number for Masters ...

Page 59: ... on this page allow you to view the details of additional attached devices including module supported third party devices See the Modules Bindings section on page 61 for details User Defined Devices Options on this page provide a listing with all of the dynamic devices that have been discovered in the system and allow you to add and delete User Defined Devices See the Modules User Defined Devices ...

Page 60: ...button This action deletes the selected module from the unbound directory NOTE Any corresponding module within the bound directory will not be deleted Bound modules must be deleted via the Purge Bound Modules on Reset selection described in the Configure System Binding Options section Configure System Binding Options Option Description IP Device Discovery This option enables you to specify whether...

Page 61: ...virtual devices with discovered physical devices The table on this page displays a list of all application defined devices including each device s Friendly Name the Duet virtual device s D P S assignment the associated Duet Device SDK class indicating the type of the device and the physical device s D P S assignment This information has to be pre coded into the NetLinx file currently on the Master...

Page 62: ...DDD DEFINE_DEVICE COM1 5001 1 0 COM2 5001 2 0 dvDisplay 41001 1 0 dvVideoProjector 41002 1 0 DEFINE_CONSTANT DEFINE_TYPE DEFINE_VARIABLE DEFINE_START STATIC_PORT_BINDING dvDisplay COM1 DUET_DEV_TYPE_DISPLAY statbcc Display DUET_DEV_POLLED DYNAMIC_POLLED_PORT COM2 DYNAMIC_APPLICATION_DEVICE dvVideoProjector DUET_DEV_TYPE_VIDEO_PROJECTOR statbcc Serial Projector THE EVENTS GO BELOW DEFINE_EVENT DATA...

Page 63: ...ny physical devices attached to the port Dynamic application devices either display a Bind or Unbind button Dynamic application devices that have been bound display an Unbind button When you select Unbind any associated Duet module is destroyed and the link between the application device and the physical device is broken Dynamic application devices that have not been bound to a physical device dis...

Page 64: ...rt value D P S or an IP Address Control Method Use the drop down list to select the control method associated with the physical target device IR IP Serial Other SDK Class Use the drop down list to select the closest Device SDK class type match for the physical target device The SDK Class Types table on page 65 provides a listing of the available choices GUID Enter the manufacturer specified device...

Page 65: ...f the same name If the device specified a URL in its DDD beacon the file is retrieved from the URL either over the Internet or from the physical device itself provided the device has an inboard HTTP or FTP server 2 Once a list of all compatible modules is compiled the list of available Duet Modules appears on this page Each module is listed with its calculated match value The greater the match val...

Page 66: ...rs WebConsole Programming Guide Viewing Physical Device Properties Hold the mouse cursor over the Device entry in the table to display detailed device properties for that device in a pop up window FIG 56 FIG 56 Active Devices Device Properties pop up ...

Page 67: ...ate it is still active until Take is pressed From a cleared state switching is accomplished from either an input orientation or an output orientation depending on whether an input or an output is selected first When an input is selected first the Inputs title bar turns yellow see FIG 57 and input orientation switching is enabled Multiple outputs can then be selected for the input followed by Take ...

Page 68: ... of the available output signals in the system Click the output button s that needs to receive the signal from the currently selected input button Note that when the currently selected button is an output it also appears in the Configuration page with signal details for button signal details click the Legend button Scroll bars on the right hand side provide access to any outputs on large systems w...

Page 69: ...ick the Switch Mode button otherwise the switch will default to A V an Input button an Output button s and the Take button This is called input oriented switching also known as one to many switching NOTE If you select an output button first output oriented switching which can only be one to one switching you must select an input button next followed by the Take button i e you cannot select additio...

Page 70: ...ix Input click the Downmix button in the Switching pane on the left and then select the input from the Downmix Source drop down list in the Configuration pane on the right Designating an Input for Downmixing from Configuration page 1 In the Switching pane on the left select Audio Switch Mode The Downmix button displays at the end of the input buttons 2 Select the Downmix button 3 In the Configurat...

Page 71: ... the input or output currently selected for configuration Video default and Audio tabbed views click tabs to configure the video or audio signal that is selected in the Switching view The signal will be either input or output depending on the Config Viewer button selection The setting options vary depending on the signal Config Viewer buttons the Recent Inputs Only and Outputs Only buttons allow y...

Page 72: ...face controls are used to change the settings e g buttons sliders drop down lists depending on the values involved Details for these settings follow this section Switcher Setup button options are available on both the Switching and the Configuration pages Save and Load buttons after a system has been set up per the installation s requirements the configuration values for the entire switcher s stat...

Page 73: ...selected input to other inputs HDCP Setting HDCP Compliance if desired click the check box to enable HDCP compliance NOTE When EDID Mode All Resolutions is selected the Preferred EDID drop down list includes both standard EDIDs and Video Information Code VIC EDIDs denoted by either a p or an i For a complete list of VIC EDIDs for your input boards see the EDID Resolutions Supported through Local D...

Page 74: ...ct Black or Blue Screen Sleep click the check box to place the display in sleep mode in the Sleep Delay ms box set the delay time in milliseconds On Screen Display Enable OSD click check box to enable OSD Color in the drop down list select Black Blue White or Yellow OSD Position in the drop down list select Top Left Top Right Bottom Left or Bottom Right Image Adjustments Brightness use the slider ...

Page 75: ...ns when the DXLink Details button is clicked must be clicked DXLink Twisted Pair or Fiber Receivers for selected video output DXLink Details button click to display additional settings for the DXLink Receiver TX Settings DXLink Quality green good red poor number indicates degree or lack of quality Firmware Version current version Friendly Name current name IP Address for auto setup displays integr...

Page 76: ... dB to 24 dB Encoding PCM read only EDID Mode from the drop down list select the mode Basic PCM 2 Channel PCM Multi Channel Dolby Digital Dolby Digital DTS Dolby Digital MPEG Dolby Digital AAC Dolby TrueHD or DTS HD Master Compression Buttons at top click Off Low Medium High or Custom Threshold use the slider bar to adjust range 0 to 60 Attack ms Release ms and Ratio adjust the values in the boxes...

Page 77: ... output channels equally With Audio Switching Boards in the system Audio Routing defaults to Switched Levels Delay Mute click Mute if desired Output Volume 0 to 100 Min Max 0 to 100 Balance 20 to 20 left to right Sync Delay ms 0 to 200 Changing the volume level will not un mute the signal however the new volume level is saved and when the Mute button is deselected the volume returns at the new lev...

Page 78: ... output These settings display in addition to the normal audio settings for the input or output described in the previous section The Audio tabbed view must be selected DXLink Twisted Pair or Fiber Transmitter for selected audio input Audio Priority click either the Auto or Manual button Audio Source click either the HDMI SPDIF or Analog button DXLink Details button click to display additional set...

Page 79: ...elect the video output 4 Under General settings from the Resolution drop down list select the resolution refresh rate 5 Under General settings click the Save EDID button Click the Show only EDID Display Supported DS check box to narrow the drop down list to show only those resolution refresh rate options marked DS Display Supported Setting the EDID Mode for an Audio Input 1 From Configuration page...

Page 80: ...ansion Audio Boards A quick glance at this page will indicate whether the system is running okay green text will state OK or if any thing is failing red text will state FAIL IMPORTANT The Status page settings are not asynchronous To obtain the latest information the Refresh button must be clicked The example provided in the figure below is based on an Enova DGX 3200 Switcher with two each standard...

Page 81: ...degrees in Celsius with OK or FAIL status and Power OK or FAIL status Input and Output Board fields these fields give detailed information for each input or output board in the enclosure Slot Status Type FG part number Version Temperature actual degrees in Celsius with OK or FAIL status and Power OK or FAIL status A red Reboot button at the right cycles power to the individual board Input and Outp...

Page 82: ...inx Master The following table lists the port assignments for NetLinx Masters Port Assignments by All in One Presentation Switcher The following table lists the port assignments for Enova All in One Presentation Switchers Port Assignments by Massio ControlPad The following table lists the port assignments for Massio ControlPads Port Assignments By Master Master RS 232 RS 232 422 485 IR Serial IR R...

Page 83: ...ollowing Quickly flash the front panel LED of the port being used 10 times Generate an ONERROR data event in NetLinx Report the error to any Duet Module that has claimed the port Report the error to RMS if the controller is connected to an RMS server Set an error flag for that port The status of the error flag can be queried using the GET FAULT NetLinx command which will result in a DATA EVENT whe...

Page 84: ...owser The internal G4WC Send command to Master 0 1 0 has been revised to add G4 Web Control devices to Web control list displayed in the browser Syntax SEND_COMMAND D P S G4WC Name Description IP Address URL IP Port Enabled Variables Name Description A string enclosed in double quotes that is the description of the G4 Web Control instance It is displayed in the browser IP Address URL A string cont...

Page 85: ...nd Type 3 Local Ports Type 2 and Type 3 are referring to the protocol type that is part of the IP_CLIENT_OPEN call 4th parameter Type 1 is TCP Type 2 is UDP standard Type 3 is UDP 2 way The NetLinx axi defines constants for the protocol types CHAR IP_TCP 1 CHAR IP_UDP 2 CHAR IP_UDP_2WAY 3 Syntax SEND_COMMAND D P S UDPSENDTO IP or URL UDP Port Number Variables IP or URL A string containing the IP A...

Page 86: ...SSH_CLIENT_OPEN LocalPort ServerAddress remotePort username password privateKeyPathname privateKeyPassphrase Parameters LocalPort A user defined non zero integer value representing the local port on the client machine to use for this conversation This local port number must be passed to SSH_CLIENT_CLOSE to close the conversation ServerAddress A string containing either the IP address in dotted qua...

Page 87: ...oller the LEDs will not illuminate Syntax SEND_COMMAND DEV LED DIS Example SEND_COMMAND Port_1 LED DIS Disables all the LEDs on Port 1 of the Controller LED EN Enable the LED on 32 LED hardware for a port When the port is active the LED is lit When the port is not active the LED is not lit Issue the command to port 1 to enable the LEDs on the Controller default setting When activity occurs on a po...

Page 88: ...le time 0 255 Measured in 100 microsecond increments Example SEND_COMMAND RS232_1 CHARD 10 Sets a 1 millisecond delay between all transmitted characters CHARDM Set the delay time between all transmitted characters to the value specified in 1 Millisecond increments Syntax SEND_COMMAND DEV CHARDM time Variable time 0 255 Measured in 1 millisecond increments Example SEND_COMMAND RS232_1 CHARDM 10 Set...

Page 89: ...dshaking default Syntax SEND_COMMAND DEV HSOFF Example SEND_COMMAND RS232_1 HSOFF Disables hardware handshaking on the RS232_1 device HSON Enable RTS ready to send and CTS clear to send hardware handshaking NOTE This SEND_COMMAND is not compatible with Massio ControlPads While you may execute this command via Telnet the command will have no effect on the ControlPad and the ControlPad also will not...

Page 90: ...ND DEV SET FAULT DETECT OFF Example SEND_COMMAND RS232_1 SET FAULT DETECT OFF SET FAULT DETECT ON Enables fault detection on the port Fault detection is turned on by default Syntax SEND_COMMAND DEV SET FAULT DETECT ON Example SEND_COMMAND RS232_1 SET FAULT DETECT ON TSET BAUD Temporarily set the RS 232 422 485 port s communication parameters for a device TSET BAUD works the same as SET BAUD except...

Page 91: ..._COMMAND DEV TXCLR Example SEND_COMMAND RS232_1 TXCLR Clears and stops all characters waiting in the RS232_1 device s transmit buffer XOFF Disable software handshaking default Syntax SEND_COMMAND DEV XOFF Example SEND_COMMAND RS232_1 XOFF Disables software handshaking on the RS232_1 device XON Enable software handshaking Syntax SEND_COMMAND DEV XON Example SEND_COMMAND RS232_1 XON Enables software...

Page 92: ...njunction with the B9MON command Syntax SEND_STRING DEV 27 18 0 Example SEND_STRING RS232_1 27 18 0 Sets the RS232_1 device s ninth data bit to 0 on all character transmissions 27 18 1 Set the ninth data bit to 1 for all subsequent characters to be transmitted Used in conjunction with the B9MON command Syntax SEND_STRING DEV 27 18 1 Example SEND_STRING RS232_1 27 18 1 Sets the RS232_1 device s nin...

Page 93: ...Example SEND_COMMAND IR_1 CARON Starts transmitting IR carrier signals to the IR_1 port CH Send IR pulses for the selected channel All channels below 100 are transmitted as two digits If the IR code for ENTER function 21 is loaded an Enter will follow the number If the channel is greater than or equal to 100 then IR function 127 or 20 whichever exists is generated for the one hundred digit Uses CT...

Page 94: ...ommands in tenths of seconds Syntax SEND_COMMAND DEV CTON time Variable time 0 255 Given in 1 10ths of a second Default is 5 0 5 seconds Example SEND_COMMAND IR_1 CTON 20 Sets the IR pulse duration to 2 seconds GET BAUD Get the IR port s current DATA mode communication parameters The port sends the parameters to the device that requested the information Only valid if the port is in Data Mode see S...

Page 95: ...s of the corresponding I O Link input If at any time the IR sensor input reads that the device is OFF such as if one turned it off manually at the front panel IR function 27 if available or IR function 9 is automatically generated in an attempt to turn the device back ON If three attempts fail the IR port will continue executing commands in the buffer and trying to turn the device On If there are ...

Page 96: ...CT OFF Disables fault detection on the port Fault detection is turned on by default Syntax SEND_COMMAND DEV SET FAULT DETECT OFF Example SEND_COMMAND IR_1 SET FAULT DETECT OFF SET FAULT DETECT ON Enables fault detection on the port Fault detection is turned on by default Syntax SEND_COMMAND DEV SET FAULT DETECT ON Example SEND_COMMAND IR_1 SET FAULT DETECT ON SET IO LINK Link an IR or Serial port ...

Page 97: ... using SERIAL mode is 19200 Also SERIAL mode works best when using a short cable length 10 feet SP Buffers IR commands which haven t had time to execute yet and executes each command until the buffer is empty Syntax SEND_COMMAND DEV SP code Variable code IR code value 1 252 253 255 reserved Example SEND_COMMAND IR_1 SP 25 Pulses IR code 25 on IR_1 device XCH Transmit the selected channel IR codes ...

Page 98: ...MMAND IR_1 XCH 3 Transmits the IR code as 0 0 3 SEND_COMMAND IR_1 XCH 34 Transmits the IR code as 0 3 4 SEND_COMMAND IR_1 XCH 343 Transmits the IR code as 3 4 3 Mode 3 Example 100 100 x x SEND_COMMAND IR_1 XCH 3 Transmits the IR code as 0 3 SEND_COMMAND IR_1 XCH 34 Transmits the IR code as 3 4 SEND_COMMAND IR_1 XCH 343 Transmits the IR code as 100 100 100 4 3 Mode 4 Mode 4 sends the same sequences...

Page 99: ... port to 50ms Debounce time GET INPUT Get the active state for the selected channels An active state can be high logic high or low logic low or contact closure Channel changes Pushes and Releases generate reports based on their active state The port responds with either HIGH or LOW Syntax SEND_COMMAND DEV GET INPUT channel Variable channel Input channel 1 8 Example SEND_COMMAND IO GET INPUT 1 Gets...

Page 100: ... LOAD DISCONNECT MAX POWER EXCEEDED or POE NOT AVAILABLE Syntax SEND_COMMAND DEV GET FAULT Example SEND_COMMAND PoE_24 GET FAULT GET STATUS Retrieve the status of the PoE port This command receives a COMMAND event of STATUS NORMAL or STATUS FAULT Syntax SEND_COMMAND DEV GET STATUS Example SEND_COMMAND PoE_24 GET STATUS GET VOLTAGE Retrieve the current draw on the PoE port This command receives a C...

Page 101: ...ecifies the AxLink port on the controller Example SEND_COMMAND 5001 1 0 AXPWRON LOWER Powers on the lower AxLink port on the controller GET AX FAULT Retrieve the AxLink port which currently has a fault Syntax SEND_COMMAND DEV GET AX FAULT Example SEND_COMMAND 5001 1 0 GET AX FAULT Responds with the COMMAND event AX FAULT UPPER LOWER or NONE Audit Log SEND_COMMANDs Command Description LOG Sends Aud...

Page 102: ...ger value representing the local port on the client machine to use for this conversation This local port number must be passed to TLS_CLIENT_OPEN to open the conversation Returns 0 Success 1 Error Example TLS_CLIENT_CLOSE 5000 TLS_CLIENT_OPEN Opens a port for TLS communication with a remote device Syntax integer TLS_CLIENT_OPEN LocalPort hostname port mode Parameters LocalPort A user defined non z...

Page 103: ...tes the specified user name and password against the NetLinx Master Controller s internal user account database For the account to be valid the user name must exist with the matching password and the specified user account must have been set up with ICSP Authorization This command includes parameters for authorization and permission types Syntax sinteger VALIDATE_NETLINX_ACCOUNT_WITH_PERMISSION CH...

Page 104: ...tablishing a Terminal Connection via the Program Port To establish a terminal session via the Program Port the USB port on your PC must be physically connected to the Program port on the NetLinx Master Establishing a Terminal Connection via Telnet 1 In your Windows task bar select Start Run to open the Run dialog 2 Type cmd in the Open field and click OK to open an instance of the Windows command ...

Page 105: ... on page 112 CLEAR MAX BUFFERS Reset the max buffers high water counters to zero CLEAR PERSISTENT VARS Clear out the persistent non volatile variable values without having to download a new NetLinx program CPU USAGE Diagnostic tool to calculate a running average of the current CPU usage of the Master DATE Displays the current date and day of the week Example DATE 10 31 2004 Wed DATE TIME ON OFF EN...

Page 106: ...r route mode Message log length Message thresholds for threads NDP enable disable Queue sizes for threads Security configuration including the system group and user level settings Security profile Server port enable disable for FTP HTTP HTTPS ICSP SSH Telnet Server port numbers for FTP HTTP HTTPS ICSP SSH Telnet SSL certificate parameters Startup log enable disable UDP broadcast rate Zeroconfig en...

Page 107: ...MAC Address 00 60 9f 90 0d 39 GET LEASES Displays the leases on the ICSLAN port GET OCSP URL Retrieves the user Online Certificate Status Protocol OCSP URL GET PLATFORM INFO Retrieves information about a Master connected via USB port The command returns the master type host name system number IPv4 address IPv6 address MAC address and serial number in a single response Example get platform info DES...

Page 108: ...r specific devices Example log format Format Logging for which log device 0 ALL changes will apply to all devices 1 BUFFER 2 STARTUP 3 SESSION 4 USB 5 CONSOLE Enter selection or press return to exit without changes 3 Setting Log format for SESSION Print user friendly date timestamps in logs Y N Y Y Print Day of Week in logs Y N N Print Clock Tick ms since start in logs Y N N Print Thread IDs in lo...

Page 109: ...g messages over a time interval NDP Provides information about the NetLinx Discovery Protocol NDP setting Example NDP NDP beacon is ENABLED NETLINX LOG LEVEL Configure the current setting for the NetLinx AMX_LOG facility Example netlinx log level NetLinx Log Level is WARNING Set NetLinx Log level to 1 ERROR 2 WARNING 3 INFO 4 DEBUG Enter selection or press return to keep current level 3 NetLinx Lo...

Page 110: ...rear panel of the Master The setting persists until it is manually changed If the software setting is disabled OR dip switch 1 is on then the NetLinx program is disabled The default setting is enabled Syntax PROGRAM status enable disable PROGRAM INFO Displays a list of program files and modules residing on the Master Example PROGRAM INFO Program Name Info Module Count 1 1 Name is i PCLinkPowerPoin...

Page 111: ...Direct mode allows communication only with Masters that are directly connected route metric 1 Indirectly connected Masters cannot be communicated within this mode Examples ROUTE MODE DIRECT Route Mode Direct Set ROUTE MODE NORMAL Route Mode Normal Set SELINUX STATUS Displays the status of Security Enhanced Linux SELinux SEND_COMMAND D P S or NAME COMMAND Sends a specified command to a device The d...

Page 112: ...is setting does not take effect until the next reboot NOTE If you are trying to accomplish this setting of the Duet Memory size via a NetLinx program the program command DUET_MEM_SIZE_SET int should call REBOOT following a set SET FTP PORT Enables Disables the Master s IP port listened to for FTP connections NOTE The Master must be rebooted to enable new settings Example SET FTP PORT FTP is enable...

Page 113: ...ted for the specified number of seconds the socket connection is closed ICSP and i Web Control have built in timeouts and reducing the TCP timeout below these will cause undesirable results The default value is 45 seconds The current ICSP TCP timeout is 45 seconds Enter new timeout in seconds Once you enter a value and press the ENTER key you receive the following message New timeout value set in ...

Page 114: ... when adjusting these values Set Queue Size Menu 1 Interpreter factory default 2000 currently 600 2 Notification Manager factory default 2000 currently 200 3 Connection Manager factory default 2000 currently 500 4 Route Manager factory default 400 currently 200 5 Device Manager factory default 500 currently 500 6 Diagnostic Manager factory default 500 currently 500 7 TCP Transmit Threads factory d...

Page 115: ...e values Current Interpreter Threshold 2000 Enter new Interpreter Threshold Between 1 and 2000 Default 10 Once you enter a value and press the ENTER key you receive the following message Current Lontalk Threshold 50 Enter new Lontalk Threshold Between 1 and 2000 Default 50 50 Current IP Threshold 600 Enter new IP Threshold Between 1 and 2000 Default 200 600 Setting Thresholds to Interpreter 2000 L...

Page 116: ...UT 09 08 2009 06 07 46 192 168 220 171 administrator SSH LOGIN_SUCCESS 09 08 2009 06 07 55 192 168 220 171 administrator SSH LOGOUT 09 08 2009 07 44 29 192 168 220 171 administrator HTTPS LOGIN_FAIL 09 08 2009 07 44 44 192 168 220 171 administrator HTTPS LOGIN_SUCCESS 09 08 2009 07 45 25 192 168 220 171 administrator HTTPS LOGOUT Each record displays Date and time of access Connection source consi...

Page 117: ...t specifies message to begin the display If start is not entered the most recent message will be first If end is not entered the last 20 messages will be shown If ALL is entered all stored messages will be shown starting with the most recent Example SHOW LOG Message Log for System 50 Version v2 10 75 Entry Date Time Object Text 1 11 01 2001 THU 14 14 49 ConnectionManager Memory Available 11436804 ...

Page 118: ...nels Commands SHOW REMOTE Displays the Remote Device List Master Master This is a list of the devices this system requires input from and the types of information needed If when a NetLinx Master connects to another NetLinx Master the newly connecting system has a device that the local system desires input from the new system is told what information is desired from what device NOTE The local syste...

Page 119: ...ve TCP IP connections Example SHOW TCP The following TCP connections exist ed 1 IP 192 168 21 56 1042 Socket 0 Dead 2 IP 192 168 21 56 1420 Socket 0 Dead SHOW WATCHDOG Displays the Watchdog Manager monitors START LOG ON OFF Enables and disables the collection of startup log messages Once enabled the first x number of logs will be retained at startup for subsequent review via the SHOW START LOG STA...

Page 120: ...ontroller will open the socket on whichever network has an IP subnet that matches the address provided in the command to open the socket There is no indication which network was used only whether the socket was created successfully Escape Pass Codes Command Description ESC ESC Exit Pass Mode Typing a plus shift followed by another plus followed by an ESC the escape key followed by another escape e...

Page 121: ...to the Security Manager and Database 1 Set system security options for NetLinx Master 2 Display system security options for NetLinx Master 3 Add user 4 Edit user 5 Delete user 6 Show the list of authorized users 7 Add Device 8 Edit device 9 Delete device 10 Show list of authorized devices 11 Add role 12 Edit role 13 Delete role 14 Show list of authorized roles 15 Set Inactivity Timeout minutes 16 ...

Page 122: ...ers right see page 126 8 Edit device This selection will prompt you select a device whose properties you want to edit Once you have selected the device you want to edit it will take you to the Edit Device Menu so you can edit the device s rights see page 126 9 Delete device This selection will prompt you select a device to delete A device can only be deleted if there are no users assigned to that ...

Page 123: ... connection to the LDAP server This selection prompts you for a user name and password to access an LDAP server 19 Test an LDAP user This selection attempts to access the LDAP server with a user name and password you provide 20 Display LDAP security information This selection displays the current LDAP server information 21 Show active sessions logins This selection displays the users and administr...

Page 124: ...l Could not connect to server appears on the screen 7 Press Enter to return to the main menu NOTE Options 3 14 Add user Edit user Delete user Show the list of authorized users Add device Edit device Delete device Show list of authorized devices Add role Edit role Delete role Show list of authorized roles on the Security Setup menu are disabled when LDAP is enabled Security Options Menu Select Set ...

Page 125: ...ssage log length Message thresholds for threads Queue sizes for threads UDP broadcast rate 22 LDAP Security This selection enables disables LDAP Security Refer to Appendix A LDAP Implementation Details on page 127 for details on LDAP Implementation Edit User Menu Command Description 1 Generate New Password This selection creates a new password for the user Once the new password is entered the user...

Page 126: ...ut Master to master route mode Message log length Message thresholds for threads Queue sizes for threads UDP broadcast rate NOTE This permission also includes the right to reboot the Master after the configuration change It does not include the right to reboot the Master outside of this context or to reboot any other devices NOTE This permission is not required to view the information only to chan...

Page 127: ...nabled ICSP on WAN ICSLAN enabled All other options disabled Access Rights Menu Cont Option Description 9 Security Control Select to allow the role to view and configure security including the following Security settings Certificate policy trusted CAs etc and management upload delete LDAP server settings Role settings NOTE This permission also includes the right to reboot the Master after the conf...

Page 128: ...then hit keypad 0 then release ALT The standard line feed code is entered decimal 10 Windows will perform an ANSI to OEM conversion on some codes entered this way because of the way Windows handles languages and code pages The following codes are known to be altered but others may be affected depending on the computer s setup Characters 15 21 22 and any characters above 127 This affects both Windo...

Page 129: ...irectory and OpenLDAP configurations See the Active Directory OpenLDAP Setup section below for more details Active Directory OpenLDAP Setup Unix Identity Module on Active Directory or OpenLDAP must use posixAccount for user and group memberships For OpenLDAP you can add posixAccount to each entry that requires SSH SFTP authentication inetOrgPerson will continue to work for FTP HTTP HTTPS Program P...

Page 130: ...ribute contains two levels of directories which do not exist on the NX Master for example bin nonexistent directory FTP access will not work The uidNumber gidNumber homeDirectory and loginShell attributes MUST be readable by the BINDDN for FTP to work SSH Access with LDAP Authentication Same requirements as FTP see above The user account on either an Active Directory server or LDAP server can cont...

Page 131: ...ot be directly available to the user 7 The bind DN must have the ability to search for group membership This ability is similar to RMS requirements 8 When a person authenticates that account must have access to cn attributes for all groups of which it is a member 9 Group membership for users is defined by the Role assigned to the user Use GroupOfNames as the objectClass for group mapping GroupOfUn...

Page 132: ... from other users IMPORTANT The common name of the LDAP group on the server must match the name of the Role assigned to the user on the Master Administrator Access Example User Access Example NOTE If the DN of a user is in both the administrator groupOfNames and the user groupOfNames the administrative privileges take precedence over user privileges Administrator Access LDAP Server Configuration M...

Page 133: ...t be loaded manually this type should be rarely needed for a well defined system that does not connect to random sites Device Certificate and Private Key PEM A certificate and private key must be generated together used in Secure ICSPS connections The primary use of custom device certificates and private keys is to conform to unique site specific certificate security policies NOTE These must be ad...

Page 134: ... Alias Root_CA Certificate Signing Request Name csr amxnxmaster csr PKCS12 File Name p12 amxnxmaster p12 Key File Name key amxnxmaster key Backup Key File Name back amxnxmaster back Signed Certificate Name cer amxnxmaster_signed_Y_M_D cer Intermediate CA Name cer DoD_JITC_Root_CA_3_CA 37 cer Root CA Name cer JITC_Root_CA_3_CA_3 cer Certificate Signing Request Information Type Example Certificate V...

Page 135: ...TE The CN can be any desired name Naming conventions likely vary from site to site IMPORTANT The storepass and keypass values are fixed and should not be changed The passwords must be amxcertpassword Step 2 Generate a CSR request Use the following command to generate a CSR request keytool certreq keystore amxcert file master csr storepass amxcertpassword Step 3 Send the master csr file to the CA t...

Page 136: ...xcertpassword keypass amxcertpassword dname CN hostname OU Harman O Amx L Richardson S Tx C US NOTE The hostname should either be the IP or the DNS hostname NOTE Keystore storepass and keypass are all fixed values and must not be changed Installing a Self Signed KeyStore Perform these steps to install a self signed HTTPS KeyStore 1 Transfer the certificate to the NX Master and reboot the Master 2 ...

Page 137: ... the red X in the address bar FIG 62 An Untrusted Certificate pop up message will appear 5 Click View Certificates in the pop up The certificate information for the self signed certificate on the NX appears FIG 63 FIG 62 Untrusted Certificate pop up message FIG 63 Certificate dialog Click to access pop up screen ...

Page 138: ...ith a private internal certificate or signed by a CA not trusted by the default JVM installation The following instructions describe how to update the Duet TrustStore Updating the Duet TrustStore requires that a Java JDK Keytool is installed on the host system The default password for the TrustStore is changeit You can change the password but it is not necessary to do so The primary reason for mak...

Page 139: ...on the right hand side of the address bar FIG 66 3 The Website Identification pop up opens FIG 67 Click View Certificates 4 The Certificate dialog opens Select the Certification Path tab 5 Perform the following steps for every certificate in the path above the site to which you connected in this case Google Internet Authority G2 and GeoTrust Global CA Click View Certificate Select the Details tab ...

Page 140: ...rver port such as 25 or 0 0 means use the best default port which would imply using 25 which is the SMTP well known port USERNAME User name to offer for authentication If user name length is set to 0 authentication is not attempted PASSWORD Password to offer for authentication If password length is set to 0 authentication is still attempted but simply uses a zero length password FROM Mail address ...

Page 141: ...STR SMTP_SEND returns a signed integer If the return value is negative 0 that is an indication there was a failure in handing the message off to the mail service most likely due to an invalid argument supplied to the SMTP_SEND call If the return value is positive 0 then the value is the index associated with the mail being sent Mail sends are asynchronous to the normal processing of the NetLinx ap...

Page 142: ...ORK or CLK MGR_MODE_STANDALONE CLKMGR_IS_DAYLIGHTSAVINGS_ON Returns FALSE 0 or TRUE 1 default FALSE 0 CLKMGR_SET_DAYLIGHTSAVINGS_MODE CONSTANT INTEGER ONOFF Can be set to ON TRUE or OFF FALSE CLKMGR_GET_TIMEZONE Returns Timezone as a string in the format UTC HH MM CLKMGR_SET_TIMEZONE CONSTANT CHAR TIMEZONE Input string must have the correct format UTC HH MM CLKMGR_GET_RESYNC_PERIOD Returns the Clo...

Page 143: ...rm occurence OCCURENCE DAY OF WEEK MONTH HH MM SS with all fields as numeric except for the word occurence OCCURANCE range 1 5 5 indicates the LAST occurrence of a particular day of the month DAY OF WEEK translates as 1 Sunday 2 Monday 3 Tuesday 4 Wednsday 5 Thursday 6 Friday 7 Saturday Examples fixed 5 10 16 00 00 October 5 at 4 00PM occurence 5 1 10 02 00 00 last Sunday in October at 2 00AM CLKM...

Page 144: ... 10 16 00 00 October 5 at 4 00PM occurence 5 1 10 02 00 00 last Sunday in October at 2 00AM CLKMGR_SET_END_DAYLIGHTSAVINGS_RULE CONSTANT CHAR RECORD Sets the END Daylight Savings rule to the specified string which MUST be in either the Fixed Date format or the Occurence Of Day format The function returns a negative SLONG value if it encounters an error The Fixed Date rules have the form fixed DAY ...

Page 145: ...MX does not assume responsibility for errors or omissions AMX also reserves the right to alter specifications without prior notice at any time The AMX Warranty and Return Policy and related documents can be viewed downloaded at www amx com 3000 RESEARCH DRIVE RICHARDSON TX 75082 AMX com 800 222 0193 469 624 8000 1 469 624 7400 fax 469 624 7153 AMX UK LTD AMX by HARMAN Unit C Auster Road Clifton Mo...

Search results

Summary of Contents for Massio MCP-108

Reviews:

Brands by name

Popular brands

AMX Massio MCP-108, Webconsole And Programming Manual

Search results

Summary of Contents for Massio MCP-108

Reviews:

Brands by name

Popular brands