CN101018155A - Network element management method, system and network element - Google Patents
Network element management method, system and network element Download PDFInfo
- Publication number
- CN101018155A CN101018155A CN 200710073242 CN200710073242A CN101018155A CN 101018155 A CN101018155 A CN 101018155A CN 200710073242 CN200710073242 CN 200710073242 CN 200710073242 A CN200710073242 A CN 200710073242A CN 101018155 A CN101018155 A CN 101018155A
- Authority
- CN
- China
- Prior art keywords
- network element
- server
- authority information
- user
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The disclosed net element management method comprises: the net element transmits local user log-on request to the EMS; the latter certifies user ID, hen the local management terminal operates the element. Wherein, the net element operation right is configured by the EMS uniformly.
Description
Technical field
The present invention relates to moving communicating field, particularly a kind of method of NE management, system and network element.
Background technology
Along with the high speed development of the communications industry, communication network become complexity and diversification day by day.Mobile network architecture is tending towards the networking mode of 2G, 2.5G, 3G fusion gradually, and operator need manage the communication equipment of multiple different technologies simultaneously in same supervising the network.Their functional characteristic of various device among the mobile network is had nothing in common with each other, may be owing to cause also having than big-difference on the operational administrative from different manufacturers even finish the equipment of identical function.
The structure chart of NE management at present as shown in Figure 1, as can be seen from the figure, NE management at present comprises two parts:
The one, local management system, promptly Local Management Terminal LMT is to the management of network element, and key step is:
The local management user logins network element by Local Management Terminal LMT;
Network element authenticates local management user's identity;
The local management user carries out initial installation, configuration, the network optimization, upgrading of equipment etc. behind the authentication success to network element.
Above local management user manages network element, and each network element need dispose all user accounts that it is managed.This has just caused the system of NE management to have many cover user accounts and password, can't realize unified login management for being dispersed in the local management user who directly safeguards on each network equipment.
The 2nd, NM server EMS is to the management of network element, and key step is:
NMS user login NM server EMS;
NM server EMS authenticates the identity of NMS user;
NMS user is monitored network element.
In the prior art, the management of local management system and NM server EMS is two independently systems, local management user's account is not configured and manages by NM server EMS, the independent separately webmaster operation to the user of local management system and network management system authenticates and authentication, network side can not carry out centralized configuration and management to user account, further caused to be difficult on the management strategy between local management system and the NM server EMS synchronously, so that the management strategy of each communication equipment is chaotic and the unified management cost is too high.
Summary of the invention
The embodiment of the invention provides a kind of method, system and network element of NE management, to solve the problem that network side can not carry out centralized configuration and management to user account in the prior art.
The embodiment of the invention provides following technical scheme:
A kind of method of NE management presets the user profile tabulation at NM server, specifically comprises step:
The logging request from Local Management Terminal LMT that A, network element will receive is transmitted to described NM server;
B, described NM server receive after the described logging request that tabulation is carried out authentication to described logging request according to user profile;
Behind C, the authentication success, NM server sends the authentication success notice by network element to Local Management Terminal LMT;
D, Local Management Terminal LMT manage operation to network element.
A kind of system of NE management, comprise Local Management Terminal LMT, network element, NM server, described Local Management Terminal LMT is used for sending logging request to described network element, receives the authentication result that network element sends, and instructs to described network element transmit operation according to authentication result;
Described network element is used to transmit logging request and gives Local Management Terminal LMT from the authentication result of NM server for NM server and forwarding, responds the operational order that described Local Management Terminal LMT sends;
Described NM server is used for the configure user information list, and according to the user profile tabulation logging request of network element forwarding is carried out authentication, sends authentication result to network element.
A kind of network element comprises message delivery module, respond module, and the log messages that described message delivery module is used to transmit from Local Management Terminal LMT is given NM server, and transmits from the authentication result of NM server and give Local Management Terminal LMT;
Respond module is used to respond the operational order that Local Management Terminal LMT sends.
The embodiment of the invention has following beneficial effect:
As from the foregoing, the embodiment of the invention is by configure user information list on NM server, like this, network element is transmitted to it NM server EMS after receiving the local management login request of users, according to user profile tabulation the local management user is carried out authentication by NM server EMS, thereby realize the centralized configuration of user account and the purpose of centralized management.
Description of drawings
Fig. 1 is the structure chart of the NM server EMS of prior art;
Fig. 2 is the embodiment flow chart according to the inventive method;
Fig. 3 is the first embodiment flow chart according to the inventive method;
Fig. 4 is the second embodiment flow chart according to the inventive method;
Fig. 5 is the example structure figure according to system of the present invention;
Fig. 6 is the first example structure figure according to system of the present invention;
Fig. 7 is the second example structure figure according to system of the present invention;
Fig. 8 is the structure chart according to network element embodiment of the present invention;
Fig. 9 is according to the network element first example structure figure of the present invention;
Figure 10 is according to the network element first example structure figure of the present invention.
Embodiment
Can't centralized configuration and the problem of management in order to solve local management user account in the prior art, embodiments of the invention are by presetting the user profile tabulation in NM server EMS, when the local management user logins, network element is transmitted to NM server EMS with the local management login request of users, according to user profile tabulation the local management user is carried out authentication by NM server EMS, thereby realized centralized configuration and management user account.
Be illustrated in figure 2 as the inventive method embodiment flow chart, set in advance the user profile tabulation among the NM server EMS, this user profile tabulation comprises the user account information of centralized configuration, promptly comprises the account name and the account password of each user account, and present embodiment specifically may further comprise the steps:
Step 201, network element is transmitted the local management login request of users to NM server EMS.
When needs manage when safeguarding network element, the local management user logins network element by Local Management Terminal LMT, send logging request to network element, this request comprises user account names and account password at least, network element is not directly handled after receiving described logging request, but it is transmitted to NM server EMS.
Step 202, NM server EMS authenticates logging request.
NM server EMS authenticates described logging request after receiving the logging request that described network element forwards, and this verification process comprises:
A, NM server EMS search for described user profile tabulation according to the user account names that is comprised in the logging request, if do not comprise the user account names in the described logging request in the user profile tabulation, represent that then there is not this authentification failure in the requesting users account of institute;
B, if after searching associated user's account information, NM server EMS compares the user account password that comprised in the logging request password with the same account that searches in the user profile tabulation, if both differences, then this authentification failure; If both are identical, this authentication success then.
Step 203, NM server EMS sends authentication failure notification by network element to Local Management Terminal LMT.
The local management user can carry out register after receiving authentication failure notification once more, perhaps this flow process this end of arriving.
Step 204, NM server EMS sends authentication success and notifies to Local Management Terminal LMT.
Step 205, Local Management Terminal LMT manages operation to network element.
Step 203, carry out respective handling according to authentication result.
If this authentification failure, NM server EMS can send authentication failure notification to described Local Management Terminal LMT by described network element, and then the user can select to initiate again login after learning this authentification failure, also can select to stop this flow process; Can at Local Management Terminal LMT be set a time period in advance, if this authentification failure, NM server EMS can not do any response, send after the logging request in the time period of described setting described Local Management Terminal LMT from the user so and all do not receive any response message that forwards from network element, then Local Management Terminal LMT is judged this authentification failure, this moment, the user can select to initiate again login, also can select to stop this flow process;
If this authentication success, NM server EMS can send the authentication success notice to described Local Management Terminal LMT by described network element, and then after learning this authentication notice, the user can begin by the maintenance management operation of Local Management Terminal LMT to network element.
Like this, by at centralized configuration user account in NM server EMS in advance, network element is given to it NM server EMS after receiving login request of users, by NM server EMS the user is carried out Collective qualification, having solved in the prior art network side can not carry out centralized configuration and centralized management and cause nusrmgr.cpl to disperse and chaotic situation user account, be unified in NM server EMS and be configured, simplified the nusrmgr.cpl of the whole network.
In order to realize the unification of the whole network management strategy, the embodiment of the invention has further increased the step of pre-configured operating right information list on the basis of the foregoing description, each step maintenance management operation that the user carries out after logining successfully all must be tabulated according to authority information earlier and be carried out authentication, have only and after the authentication success, just can carry out described maintenance management operation, otherwise can not carry out the maintenance management operation, like this, can dispose the authority of each user account according to the management strategy of the whole network, reach synchronously with the unification that reaches the whole network management strategy, realize standardized administration, reduce management cost.
Method first embodiment as shown in Figure 3, pre-configured user profile tabulation, described user profile tabulation comprises user account names and account password, and, in pre-configured user profile tabulation, dispose the operating right information that this account had according to user account information, form user profile tabulation and authority information tabulation, being about to authority information associates with user account, dispose the operating right that this user account has at each user account, authority information tabulation this moment comprises user account and corresponding authority information at least; For example, the user account of user account A is called " 123456 ", its corresponding operating right comprises the related request of " data configuration " and these operations, the user account of user account B is called " 987654 ", its corresponding operating right comprises " data configuration ", " software upgrading " etc., and the related request of these operations.
Step 301 after network element will be received user's logging request, sends to NM server EMS with logging request.
When needs were safeguarded network element, the local management user logined network element by Local Management Terminal LMT, sends logging request to network element, comprised user account names and account password in the logging request; Network element is transmitted to it NM server EMS after receiving described logging request.
Step 302, NM server EMS authenticates logging request according to the user profile tabulation of presetting, and authentication success goes to step 304, and authentification failure goes to step 303.
NM server EMS authenticates logging request according to the user profile tabulation of presetting after receiving logging request, and concrete operations and step 202 are similar.
Step 303, NM server EMS sends authentication failure notification by network element to Local Management Terminal LMT, and this flow process finishes.
If do not have user account entrained in the logging request in the user profile tabulation, authentification failure then, authentication failure notification can be " user account does not exist "; If the password of the user account that carries in the logging request is inconsistent with the password of user account corresponding during user profile is tabulated, then authentication failure notification can be " a password mistake " etc.
Certainly during authentification failure, NM server EMS also can not do any response, a timer is set on Local Management Terminal LMT, send after the logging request in the time period of described setting described Local Management Terminal LMT from Local Management Terminal LMT so and all do not receive any response message that forwards from network element, then Local Management Terminal LMT is judged this authentification failure, the prompting authentification failure.
Step 304, NM server EMS sends the authentication success notice by network element to Local Management Terminal LMT, and obtains corresponding authority information according to logging request, to network element sending permission information:
NM server EMS obtains the authority information of this user account correspondence according to the user account information in the logging request in the authority information table, as the related request of software upgrading, data configuration etc. and these operations.
NM server EMS can send authentication success notice and authority information respectively to network element, also authority information and the packing of authentication success notice can be issued network element together.
Step 305, network element buffer memory authority information sends the authentication success notice to Local Management Terminal LMT.
Network element extracts authority information and authentication success notice, and authority information is preserved this locality, simultaneously the authentication success notice is sent Local Management Terminal LMT.
Step 306, Local Management Terminal LMT instructs to the network element transmit operation.
After Local Management Terminal LMT was received the authentication success notice, the local management user sent operational order by Local Management Terminal LMT, and operational order can be a data configuration, software upgrading etc.
Step 307, network element is received operational order, and operational order is carried out authentication.
Whether network element is differentiated operational order whether in authority information, and legally wait operation to require to differentiate to time of implementation of this operation, and all information are differentiated and passed through that then authentication is successful, go to step 309; Any information is differentiated not by then authentication is unsuccessful, goes to step 308.In the prior art, network element realizes that authentication functions has several different methods, repeats no more herein.
Step 308, network element sends the failed authentication notice to Local Management Terminal LMT, and the failed authentication notice can be " not having operating right ", " operating time is not inconsistent requirement " etc.
Step 309, the instruction of network element executable operations, and to Local Management Terminal LMT return result, operating result can be configuration status of " operating successfully ", " operation failure ", network element etc., network element also can send to operating result NM server EMS simultaneously, and NM server EMS can monitor the operation that network element is carried out like this.
Step 310 is carried out multi-pass operation mutual (interactive step and step 306 are similar to step 309).
Step 311, Local Management Terminal LMT sends exit instruction to network element, and network element is transmitted exit instruction to NM server EMS.
Step 312, network element erase right information table, flow process finishes.
Method second embodiment, when pre-configured user profile was tabulated, described user profile tabulation can also comprise user gradation except comprising user account names, account password, each user account all disposes corresponding user gradation.Be configured according to the user account grade when pre-configured authority information is tabulated, dispose the operating right that user account had of each grade respectively, authority information tabulation this moment comprises user gradation and corresponding authority information at least; For example, the user gradation of user account A, B is " Senior Administrator ", its corresponding operating right comprises the related request of " data configuration ", " software upgrading ", " network element initialization " etc. and these operations, the user gradation of user account C is " general management person ", and its corresponding operating right comprises the related request of " configuration ", " upgrading " and these operations.
The inventive method embodiment and method first embodiment are similar, and different is step 304.Among the inventive method embodiment, NM server EMS obtains corresponding authority information according to logging request and is specially:
NM server EMS obtains the user gradation of this user account in user message table according to the user account information in the logging request, in the authority information table, obtain the authority information of this user gradation correspondence again, as the related request of software upgrading, data configuration etc. and these operations.
Authority information dispose multiple situation, except according to user related information,, also can be configured for making operational administrative to network element have more specific aim, below with method the 3rd embodiment explanation according to network element as user account, user gradation configuration.
Pre-configured user profile tabulation, described user profile tabulation comprises user account names, account password at least.According to different network element configuration authority information tables, at the operating right of all operations that can carry out on this network element of each network element configuration, authority information tabulation this moment comprises network element ID and corresponding authority information at least; For example, the network element ID of network element A is " 101a ", the operating right of the operation that can carry out on this network element comprises the related request of " data configuration ", " software upgrading ", " network element initialization " etc. and these operations, as " the data configuration time is between 0 o'clock to 2 o'clock morning ", the network element ID of network element B is " 201b ", its corresponding operating right comprises " data configuration ", the related request of " software upgrading " and these operations, " is between the 4:00 AM to 6 setup time as data ".
The inventive method embodiment and method first embodiment are similar, and the difference part is a step 304.In this method inventive embodiments, NM server EMS obtains corresponding authority information according to logging request and is specially:
The network element ID that NM server EMS obtains according to decapsulation from the logging request that network element is transmitted obtains the authority information of described network element ID correspondence in the authority information table.
Said method embodiment one is to method embodiment three unified user account and account password of having disposed on NM server EMS, network element is transmitted to NM server EMS with the local management login request of users, NM server EMS tabulates according to user profile the local management user is carried out authentication, thereby realizes the unified management to the whole network user.And NM server EMS has also disposed the authority information table, can carry out unified management to the local management strategy of network element.
For NM server EMS can be monitored in real time to network element, can carry out authentication to the operational order that Local Management Terminal LMT sends by EMS, embodiment is as described below:
Method the 4th embodiment as shown in Figure 4, pre-configured user profile tabulation, described user profile tabulation comprises user account names and account password, and, in pre-configured user profile tabulation, dispose the operating right information that this account had according to user account information, form user profile tabulation and authority information tabulation, being about to authority information associates with user account, dispose the operating right that this user account has at each user account, authority information tabulation this moment comprises user account and corresponding authority information at least; For example, the user account of user account A is called " 123456 ", its corresponding operating right comprises the related request of " configuration " and these operations, the user account of user account B is called " 987654 ", its corresponding operating right comprises " data configuration ", " software upgrading " etc., and the related request of these operations.
Step 401~403 are similar with step 301~303, repeat no more herein.
NM server EMS obtains the authority information of described user account correspondence according to the user account information in the logging request in the authority information table, as the related request of software upgrading, data configuration etc. and these operations.
NM server sends to network element with the authentication success notice, after network element is received described authentication success notice, described authentication success notice is sent to Local Management Terminal LMT.
After step 406, network element are received described ground operational order, forward it to NM server EMS.
Whether NM server EMS differentiates operational order whether in authority information, and legally wait operation to require to differentiate to time of implementation of this operation, and all information are differentiated and passed through that then authentication is successful, go to step 409; Any information is differentiated not by then authentication is unsuccessful, goes to step 408.In the prior art, NM server EMS realizes that authentication functions has several different methods, repeats no more herein.
Among the said method embodiment, when pre-configured user profile is tabulated, described user profile tabulation is except comprising user account names, account password, can also comprise user gradation, each user account all disposes corresponding user gradation, be configured according to the user account grade when pre-configured authority information is tabulated, dispose the operating right that user account had of each grade respectively, authority information tabulation this moment comprises user gradation and corresponding authority information at least; For example, the user gradation of user account A, B is " Senior Administrator ", its corresponding operating right comprises the related request of " data configuration ", " software upgrading ", " network element initialization " etc. and these operations, the user gradation of user account C is " general management person ", and its corresponding operating right comprises the related request of " configuration ", " upgrading " and these operations.
The inventive method embodiment concrete steps and method the 4th embodiment are similar, and difference is a step 404, and NM server EMS obtains corresponding authority information according to logging request and is specially:
NM server EMS obtains the user gradation of this user account in user message table according to the user account information in the logging request, in the authority information table, obtain the authority information of this user gradation correspondence again, as the related request of software upgrading, data configuration etc. and these operations.
The authority information configuration,, also can be configured according to network element for feasible operational administrative to network element has more specific aim as user account, user gradation configuration except according to user related information.According to different network element configuration authority information tables, at the operating right of all operations that can carry out on this network element of each network element configuration, authority information tabulation this moment comprises network element ID and corresponding authority information at least; For example, the network element ID of network element A is " 101a ", the operating right of the operation that can carry out on this network element comprises the related request of " data configuration ", " software upgrading ", " network element initialization " etc. and these operations, as " the data configuration time is between 0 o'clock to 2 o'clock morning ", the network element ID of network element B is " 201b ", its corresponding operating right comprises " data configuration ", the related request of " software upgrading " and these operations, " is between the 4:00 AM to 6 setup time as data ".Pre-configured user profile tabulation, described user profile tabulation comprises user account names, account password at least.
Concrete implementation step of the inventive method embodiment and method the 4th embodiment are similar, and different is step 404, and pipe server EMS obtains corresponding authority information according to logging request and is specially:
The network element ID that NM server EMS obtains according to decapsulation from the logging request that network element is transmitted obtains the authority information of described network element ID correspondence in the authority information table.
On NM server EMS, unify to have disposed the user profile tabulation among above-mentioned three method embodiment, network element is transmitted to NM server EMS with the local management login request of users, NM server EMS tabulates according to user profile the local management user is carried out authentication, thereby realizes the user account centralized management.Also disposed the authority information table on the NM server EMS, can carry out unified management to the local management strategy of network element, NM server EMS carries out authentication to the operational order that Local Management Terminal LMT sends, and reaches NM server EMS and can carry out real-time monitoring and management to the operation of network element.
Embodiments of the invention provide a kind of system of NE management, and as shown in Figure 5, this system comprises NM server EMS100, network element 200, Local Management Terminal LMT 300.Described Local Management Terminal LMT 300 is used for sending logging request to described network element 200, to described network element 200 transmit operations instruction, and receives the authentication result that network element 200 sends; Described network element 200 is used to transmit logging request and gives Local Management Terminal LMT 300 from the authentication result of NM server for NM server and forwarding, responds the operational order that described Local Management Terminal LMT 300 sends; Described NM server 100 is used for the configure user information list, and carries out authentication according to the logging request that the user profile tabulation is transmitted network element 200, sends authentication result to network element 200.
In order to realize the unification of the whole network management strategy, native system embodiment has preset the authority information table in NM server EMS100, by NM server EMS100 the operating right of the NE management of the whole network is unified configuration.As shown in Figure 6: first embodiment of system comprises NM server EMS100, network element 200, Local Management Terminal LMT 300.
Wherein NM server EMS100 comprises configuration module 1001, authentication module 1002, authority acquiring module 1003;
Described network element comprises message delivery module 2001, respond module 2002, and respond module 2002 comprises network element authentication module 20021;
Described Local Management Terminal LMT comprises login module 3001, instruction sending module 3002, message sink module 3003.
Configuration module 1001 configure user information lists, comprise information such as user account and password in the described user profile tabulation, and, in the configure user information list, dispose the operating right information that this account had according to user account information, form user profile tabulation and authority information tabulation, being about to authority information associates with user account, dispose the operating right that this user account has at each user account, authority information tabulation this moment comprises user account and corresponding authority information at least.
When the local management user need manage network element, send logging request to message delivery module 2001 by login module 3001, message delivery module 2001 is encapsulated into network element ID and is sent to authentication module 1002 in the logging request, after authentication module 1002 is received described logging request, to its decapsulation, tabulation authenticates logging request according to the user profile in the configuration module 1001, whether the user account of promptly judging logging request is consistent with user account and password in the user profile tabulation with password, unanimity is authentication success then, and inconsistent then authentication is unsuccessful.
After message sink module 3003 was received the message of authentication success, notification instruction sending module 3002 can the transmit operation instruction.Instruction sending module 3002 is to respond module 2002 transmit operations instruction, and operational order can be data configuration, software upgrading etc., and respond module 2002 receives that described moral operational order sends it to network element authentication module 20021 transmit operations instruction.Network element authentication module 20021 is carried out authentication according to authority information to operational order, and with authenticating result push-notification-answer module 2002.Failed authentication, then respond module 2002 sends response results to message sink unit 3003, and this moment, response results was " failed authentication ", " operating time is not inconsistent requirement " etc.The authentication success, then respond module 2002 operation responses instruction sends response results to message sink module 3003, operation is unsuccessful, then response results can be " operation failure ", if operate successfully, then response results is the configuration status of " operating successfully ", network element etc.Respond module 2002 also can send to NM server 100 by message delivery module 2001 with response results, is convenient to the monitoring of 100 pairs of network elements of NM server.Login module 3001 sends exit instruction to message delivery module 2001, and message delivery module 2001 is transmitted exit instruction and given NM server, network element authentication module 20021 erase right information, and flow process finishes.
Configuration module 1001 configure user information lists, described user profile tabulation is except comprising user account and account password, also comprise user gradation, each user account disposes a user gradation, user gradation can be divided into the Senior Administrator, general management person etc., user account and user gradation are many-to-one relation, and, in the configure user information list, dispose the corresponding operating right information of described user gradation according to user gradation, form user profile tabulation and authority information tabulation, dispose the operating right that this user gradation has at each user gradation, authority information tabulation this moment comprises user gradation and corresponding authority information at least.Then authority acquiring module 1003 is received when obtaining logging request in the authentication module 1002, authority acquiring module 1003 is according to the user gradation that obtains this user account in the user profile tabulation of the user account in the logging request in configuration module 1001, from the authority information table, obtain the authority information of this user gradation correspondence again, and described authority information is sent to network element authentication module 20021.
Configuration module 1001 can dispose the authority information table according to network element ID, comprises network element ID and authority information in the authority information table, and different network element IDs disposes corresponding authority information.Then authority acquiring module 1003 is received when obtaining logging request in the authentication module 1002, authority acquiring module 1003 is according to the authority information that obtains described network element ID correspondence in the authority information table of the network element ID in the logging request in configuration module 1001, and described authority information is sent to network element authentication module 20021.
For NM server can be monitored in real time to the NE management of the whole network, can there be NM server to unify authentication.Second embodiment of system comprises NM server EMS100, network element 200, Local Management Terminal LMT 300 as shown in Figure 7.
Wherein NM server EMS100 comprises configuration module 1001, authentication module 1002, authority acquiring module 1003, webmaster authentication module 1004; Described network element comprises message delivery module 2001, respond module 2002; Described Local Management Terminal LMT comprises login module 3001, instruction sending module 3002, message sink module 3003.
Configuration module 1001 configure user information lists, comprise information such as user account and password in the described user profile tabulation, and, in the configure user information list, dispose the operating right information that this account had according to user account information, form user profile tabulation and authority information tabulation, being about to authority information associates with user account, dispose the operating right that this user account has at each user account, authority information tabulation this moment comprises user account and corresponding authority information at least.
When the local management user need manage network element, send logging request to message delivery module 2001 by login module 3001, message delivery module 2001 is encapsulated into network element ID and is sent to authentication module 1002 in the logging request, when authentication module 1002 is received described logging request according to the user profile in the configuration module 1001 tabulation logging request is separated packing, and user account and account password wherein authenticated, whether the user account of promptly judging logging request is consistent with user account and password in the user profile tabulation with password, unanimity is authentication success then, and inconsistent then authentication is unsuccessful.
After message sink module 3003 was received the message of authentication success, notification instruction sending module 3002 can the transmit operation instruction.Instruction sending module 3002 is to respond module 2002 transmit operations instruction, and respond module 2002 sends to webmaster authentication module 1004 with it by message delivery module 2001 after receiving described operational order.Webmaster authentication module 1004 is carried out authentication according to authority information to described operational order, and authenticating result is sent to respond module 2002.Failed authentication, then respond module 2002 sends response results to message sink unit 3003, and this moment, response results was " failed authentication ", " operating time is not inconsistent requirement " etc.The authentication success, then respond module 2002 operation responses instruction sends response results to message sink module 3003, operation is unsuccessful, then response results can be " operation failure ", if operate successfully, then response results is the configuration status of " operating successfully ", network element etc.Respond module 2002 also can send to NM server 100 by message delivery module 2001 with response results, is convenient to the monitoring of 100 pairs of network elements of NM server.Login module 3001 sends exit instruction to message delivery module 2001, and message delivery module 2001 is transmitted exit instruction and given NM server, after webmaster authentication module 1004 is received exit instruction, and process ends.
Similar with first embodiment of system of network element authentication, configuration module 1001 can dispose the authority information table according to user gradation, or according to network element configuration authority information table, repeats no more herein.
Be illustrated in figure 8 as the structure chart of network element embodiment of the present invention, comprise message delivery module 2001 and respond module 2002, the log messages that message delivery module 2001 is used to transmit from Local Management Terminal LMT is given NM server, and transmits from the authentication result of NM server and give Local Management Terminal LMT; Respond module 2002 is used to respond the operational order that Local Management Terminal LMT sends.
Be illustrated in figure 9 as the structure chart of network element first embodiment of the present invention, comprise as shown in Figure 8 message delivery module 2001 and respond module 2002, the log messages that message delivery module 2001 is used to transmit from Local Management Terminal LMT is given NM server, and transmits from the authentication result of NM server and give Local Management Terminal LMT; Respond module 2002 is used to respond the operational order that Local Management Terminal LMT sends; Respond module 2002 is connected with message delivery module 2001, and respond module 2002 sends to NM server with the operational order of receiving by message delivery module 2001.
As shown in figure 10 for the structure chart of network element second embodiment of the present invention, comprise as shown in Figure 8 message delivery module 2001 and respond module 2002, the log messages that message delivery module 2001 is used to transmit from Local Management Terminal LMT is given NM server, and transmits from the authentication result of NM server and give Local Management Terminal LMT; Respond module 2002 is used to respond the operational order that Local Management Terminal LMT sends; Respond module 2002 also comprises network element authentication module 20021, and the operational order that network element authentication module 20021 is used for respond module 2002 is received carries out authentication.
Obviously, those skilled in the art can carry out some changes and distortion to the present invention and not break away from the spirit and scope of the present invention.Like this, if these modifications of the present invention and distortion are belonged within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and is out of shape interior.
Claims (16)
1, a kind of method of NE management is characterized in that, NM server presets the user profile tabulation, and this method specifically comprises:
The logging request from Local Management Terminal LMT that A, network element will receive is transmitted to described NM server;
B, described NM server receive after the described logging request that tabulation is carried out authentication to described logging request according to user profile;
Behind C, the authentication success, described NM server sends the authentication success notice by described network element to Local Management Terminal LMT;
D, described Local Management Terminal LMT manage operation to network element.
2, network element management method as claimed in claim 1, it is characterized in that the tabulation of described user profile comprises user account and password, then described step B is specially:
Described NM server carries out consistency detection to user account and the password in the user account in the described logging request and password and the user profile tabulation, if unanimity then authentication success, otherwise authentification failure.
3, the method for NE management as claimed in claim 2 is characterized in that, the pre-configured authority information table of described NM server, step C comprise that further NM server searches corresponding authority information according to logging request in described authority information table; Then Local Management Terminal LMT described in the step D manages operation to network element and specifically comprises:
Network element is transmitted to NM server with the operational order of Local Management Terminal LMT;
NM server carries out authentication and authenticating result is sent to described network element described operational order according to described authority information;
Described network element responds described operational order according to described authenticating result.
4, the method for NE management as claimed in claim 2, it is characterized in that, the pre-configured authority information table of NM server, step C comprise that further NM server searches corresponding authority information and send it to described network element according to logging request in described authority information table;
Then Local Management Terminal LMT described in the step D manages operation to network element and specifically comprises: network element carries out authentication according to described authority information to the operational order of Local Management Terminal LMT;
Network element responds described operational order according to authenticating result.
5, as the method for claim 3 or 4 described NE managements, it is characterized in that, the pre-configured authority information table of described NM server is specially: in advance according to user account configuration authority information table, the authority information table comprises user account and corresponding authority information thereof at NM server.
As the method for claim 3 or 4 described NE managements, it is characterized in that 6, described user profile tabulation also comprises user gradation information, each user account disposes corresponding user gradation;
The pre-configured authority information table of then described NM server is specially: in advance according to user gradation information configuration authority information table, the authority information table comprises user gradation information and corresponding authority information thereof at NM server.
7, the method for NE management as claimed in claim 6 is characterized in that, described NM server is searched corresponding authority information according to logging request and is specially in described authority information table:
NM server inquires the corresponding user gradation information of described user account according to the user account in the logging request in the user profile tabulation, find out the corresponding authority information of described user gradation information again in the authority information table.
8, as the method for claim 3 or 4 described NE managements, it is characterized in that, the pre-configured authority information table of described NM server is specially: according to network element ID configuration authority information table, the authority information table comprises network element ID and corresponding authority information thereof to NM server in advance.
9, the method for NE management as claimed in claim 8 is characterized in that, described NM server finds out corresponding authority information according to logging request and is specially in the authority information table:
NM server extracts network element ID in logging request, find out in the authority information table then and the corresponding authority information of described network element ID.
10, a kind of system of NE management, comprise Local Management Terminal LMT, network element, NM server, it is characterized in that described Local Management Terminal LMT is used for sending logging request to described network element, receive the authentication result that described network element sends, and to described network element transmit operation instruction;
Described network element is used to transmit described logging request and gives described Local Management Terminal LMT from the authentication result of described NM server for described NM server and forwarding, responds the described operational order that described Local Management Terminal LMT sends;
Described NM server is used for the configure user information list, carries out authentication according to the logging request that described user profile tabulation is transmitted network element, sends authentication result to network element.
11, the system of NE management as claimed in claim 10 is characterized in that, described NM server also is used to dispose the authority information table, obtains corresponding authority information according to logging request in the authority information table.
12, the system of NE management as claimed in claim 11 is characterized in that, described NM server is used for according to described authority information the operational order of transmitting from network element being carried out authentication, and authenticating result is sent to network element.
13, the system of NE management as claimed in claim 11 is characterized in that, described NM server sends to network element with described authority information, and described network element also is used for according to authority information operational order being carried out authentication.
14, a kind of network element, it is characterized in that, described network element comprises message delivery module, respond module, and the log messages that described message delivery module is used to transmit from Local Management Terminal LMT is given NM server, and transmits from the authentication result of NM server and give Local Management Terminal LMT;
Respond module is used to respond the operational order that Local Management Terminal LMT sends.
15, network element as claimed in claim 14 is characterized in that, described respond module is connected with the message delivery module, and the message delivery module also is used for the operational order that respond module is received is sent to NM server.
16, network element as claimed in claim 14 is characterized in that, described respond module comprises the network element authentication module, and the operational order that described network element authentication module is used for respond module is received carries out authentication.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2007100732423A CN100492991C (en) | 2007-02-08 | 2007-02-08 | Network element management method, system and network element |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2007100732423A CN100492991C (en) | 2007-02-08 | 2007-02-08 | Network element management method, system and network element |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101018155A true CN101018155A (en) | 2007-08-15 |
| CN100492991C CN100492991C (en) | 2009-05-27 |
Family
ID=38726922
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2007100732423A Active CN100492991C (en) | 2007-02-08 | 2007-02-08 | Network element management method, system and network element |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100492991C (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010031234A1 (en) * | 2008-09-19 | 2010-03-25 | 中兴通讯股份有限公司 | System and method for managing network element right |
| CN101141763B (en) * | 2007-10-09 | 2010-06-02 | 中兴通讯股份有限公司 | Method and system of performing network element configuring authority management according to granularity of network element |
| WO2010149030A1 (en) * | 2009-06-23 | 2010-12-29 | 中兴通讯股份有限公司 | Centralized authentication method and system |
| CN101309279B (en) * | 2008-07-07 | 2011-04-20 | 成都市华为赛门铁克科技有限公司 | Control method, system and device for terminal access |
| CN102148691A (en) * | 2010-02-08 | 2011-08-10 | 北京启明星辰信息技术股份有限公司 | Distributed intrusion detection system and connecting method of centralized management in same |
| WO2011144071A2 (en) * | 2011-05-24 | 2011-11-24 | 华为技术有限公司 | Method, device and system for processing domain user authority information |
| CN101197711B (en) * | 2007-12-06 | 2012-04-04 | 华为技术有限公司 | Method, device and system for implementing unified authentication management |
| CN103067404A (en) * | 2013-01-10 | 2013-04-24 | 上海斐讯数据通信技术有限公司 | Method for accessing embedded web server by users |
| CN105554262A (en) * | 2015-12-11 | 2016-05-04 | 小米科技有限责任公司 | Method and device for operation mode switching |
| CN105744555A (en) * | 2014-12-12 | 2016-07-06 | 华为技术有限公司 | Terminal maintenance method, maintenance device and network management server |
| CN106027462A (en) * | 2016-01-21 | 2016-10-12 | 李明 | Operation request control method and device |
| CN108243059A (en) * | 2016-12-27 | 2018-07-03 | 大唐移动通信设备有限公司 | A kind of webmaster centralized management method and server-side |
| CN110198241A (en) * | 2019-06-03 | 2019-09-03 | 北京盟力星科技有限公司 | A kind of security control apparatus based on Network Management System |
| CN112039851A (en) * | 2020-08-07 | 2020-12-04 | 郑州阿帕斯数云信息科技有限公司 | Server login method, system and device |
| CN116347046A (en) * | 2023-06-01 | 2023-06-27 | 深圳市万佳安智能科技有限公司 | Household monitoring method and system based on visual mobile terminal control |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102571459B (en) * | 2012-03-09 | 2016-12-14 | 浪潮通信信息系统有限公司 | A kind of network management system medium-long range logs in, operates network element or the method for EMS |
-
2007
- 2007-02-08 CN CNB2007100732423A patent/CN100492991C/en active Active
Cited By (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101141763B (en) * | 2007-10-09 | 2010-06-02 | 中兴通讯股份有限公司 | Method and system of performing network element configuring authority management according to granularity of network element |
| CN101197711B (en) * | 2007-12-06 | 2012-04-04 | 华为技术有限公司 | Method, device and system for implementing unified authentication management |
| CN101309279B (en) * | 2008-07-07 | 2011-04-20 | 成都市华为赛门铁克科技有限公司 | Control method, system and device for terminal access |
| CN101677275B (en) * | 2008-09-19 | 2012-05-23 | 中兴通讯股份有限公司 | System and method of managing network element authority |
| WO2010031234A1 (en) * | 2008-09-19 | 2010-03-25 | 中兴通讯股份有限公司 | System and method for managing network element right |
| WO2010149030A1 (en) * | 2009-06-23 | 2010-12-29 | 中兴通讯股份有限公司 | Centralized authentication method and system |
| CN101931613A (en) * | 2009-06-23 | 2010-12-29 | 中兴通讯股份有限公司 | Centralized authenticating method and centralized authenticating system |
| CN101931613B (en) * | 2009-06-23 | 2014-12-10 | 中兴通讯股份有限公司 | Centralized authenticating method and centralized authenticating system |
| CN102148691A (en) * | 2010-02-08 | 2011-08-10 | 北京启明星辰信息技术股份有限公司 | Distributed intrusion detection system and connecting method of centralized management in same |
| CN102273135B (en) * | 2011-05-24 | 2014-05-07 | 华为技术有限公司 | Method, device and system for processing domain user authority information |
| WO2011144071A3 (en) * | 2011-05-24 | 2012-04-26 | 华为技术有限公司 | Method, device and system for processing domain user authority information |
| CN102273135A (en) * | 2011-05-24 | 2011-12-07 | 华为技术有限公司 | Method, device and system for processing domain user authority information |
| WO2011144071A2 (en) * | 2011-05-24 | 2011-11-24 | 华为技术有限公司 | Method, device and system for processing domain user authority information |
| CN103067404A (en) * | 2013-01-10 | 2013-04-24 | 上海斐讯数据通信技术有限公司 | Method for accessing embedded web server by users |
| CN105744555B (en) * | 2014-12-12 | 2019-05-28 | 华为技术有限公司 | A kind of terminal maintenance method, maintenance device and NM server |
| CN105744555A (en) * | 2014-12-12 | 2016-07-06 | 华为技术有限公司 | Terminal maintenance method, maintenance device and network management server |
| CN105554262B (en) * | 2015-12-11 | 2018-11-02 | 小米科技有限责任公司 | Operational mode switching method and device |
| CN105554262A (en) * | 2015-12-11 | 2016-05-04 | 小米科技有限责任公司 | Method and device for operation mode switching |
| CN106027462A (en) * | 2016-01-21 | 2016-10-12 | 李明 | Operation request control method and device |
| CN106027462B (en) * | 2016-01-21 | 2019-09-27 | 李明 | A kind of operation requests control method and device |
| CN108243059A (en) * | 2016-12-27 | 2018-07-03 | 大唐移动通信设备有限公司 | A kind of webmaster centralized management method and server-side |
| CN108243059B (en) * | 2016-12-27 | 2020-05-15 | 大唐移动通信设备有限公司 | Network management centralized management method and server |
| CN110198241A (en) * | 2019-06-03 | 2019-09-03 | 北京盟力星科技有限公司 | A kind of security control apparatus based on Network Management System |
| CN112039851A (en) * | 2020-08-07 | 2020-12-04 | 郑州阿帕斯数云信息科技有限公司 | Server login method, system and device |
| WO2022027904A1 (en) * | 2020-08-07 | 2022-02-10 | 郑州阿帕斯数云信息科技有限公司 | Server login method, system and device |
| CN116347046A (en) * | 2023-06-01 | 2023-06-27 | 深圳市万佳安智能科技有限公司 | Household monitoring method and system based on visual mobile terminal control |
| CN116347046B (en) * | 2023-06-01 | 2023-08-11 | 深圳市万佳安智能科技有限公司 | Household monitoring method and system based on visual mobile terminal control |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100492991C (en) | 2009-05-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100492991C (en) | Network element management method, system and network element | |
| CN1988489B (en) | Intelligent system and method for monitoring house | |
| CN101146051B (en) | An enterprise-level instant communication interconnection system and method for realizing enterprise interconnection | |
| CN102724175B (en) | The telecommunication safety management framework of ubiquitous green community net control and method | |
| CN201479143U (en) | Intranet safety management system | |
| CN101931613B (en) | Centralized authenticating method and centralized authenticating system | |
| CN101355415B (en) | Method and system for implementing safety access public network of network terminal as well as special network access controller thereof | |
| CN105337756A (en) | Centralized operation and maintenance method and device | |
| EP1670188A2 (en) | Methods and systems for connection determination in a multi-point virtual private network | |
| CN104378382A (en) | Multiple client wireless authentication system and authentication method thereof | |
| CN101277308A (en) | Method for insulating inside and outside networks, authentication server and access switch | |
| CN103039037B (en) | For effectively managing the method and system of the connection between communication network and this communication network and customer rs premise equipment | |
| CN103489233A (en) | Electronic door control system with dynamic password | |
| CN102404254A (en) | Multi-network integrated intelligent home gateway device and system | |
| US20140204727A1 (en) | Redundant control of self-configuring wireless network | |
| CN202475474U (en) | Multi-network integration intelligent home gateway device and system | |
| CN101197711A (en) | Method, device and system for implementing unified authentication management | |
| CN106330479A (en) | Equipment operation and maintenance method and equipment operation and maintenance system | |
| US7962608B2 (en) | Monitoring systems and methods that incorporate instant messaging | |
| CN101212346B (en) | Software version management method and device for network element management system | |
| CN112929387B (en) | Broadband network multiple authentication and encryption method applied to intelligent community | |
| CN103516674B (en) | Quickly and the method for network device online and control device | |
| CN101207475A (en) | Method for preventing non-authorization linking of network system | |
| US20080052766A1 (en) | Method and a system for managing secure transmission | |
| CN112929188B (en) | Device connection method, system, apparatus and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |