4. Configuring NP-Live

You are here:
< All Topics

Configuration Steps

Once NP-Live is installed, the application will start automatically.  If the Administrator wishes to start and stop the application, two helper scripts have been included to aid in these tasks:

  • Stop : /opt/np-live/stop_NP-Live.sh
  • Start : /opt/np-live/start_NP-Live.sh
NP-Live Docker IP Conflict
If NP-Live Docker is using IP addresses that conflict with addresses used on the local area network, the IP addresses used by Docker can be changed as follows:

  • Create a new network that will place hosts on an appropriate subnet
  • Configure NP-Live to use the new network

To create the network, log into the Docker host and run the following command (the example subnet can be replaced by any suitable value):

docker network create --driver overlay --subnet

To configure NP-Live, navigate to the directory where NP-Live is installed and create a file named “local-settings.yml” with the following contents:
'#' Local settings for NP-Live
version: '3.1'
name: NP-Live_external

Next, modify the file start_NP-Live.sh by changing the last line to read:
     docker stack deploy -c docker-compose.yml -c local-settings.yml
After the two files have been updated, re-start NP-Live and verify that the monitor container is using an IP address from the correct subnet.

Version mismatched between two composefiles : 3.4 and 3.1
When starting NP-Live, if this error is received, the version number in /opt/np-live/local-settings.yml needs to be at “version: ‘3.4’”. If not at version 3.4, please replace the contents of the local-settings.yml file with the code listed in the Setting the NP-Live Virtual Appliance Time Zone section and set your application time zone accordingly. This file is sticky and will remain after future upgrades. After the update, start the server using the above command.

Upon initial start, the Welcome screen shows the configuration wizard to guide the Administrator through the remaining configuration steps which include:

  • Configure authentication
  • Configure license key
  • Configure automatic updates
  • Configure users

Configure Authentication

The following authentication options are available in NP-Live.  Follow the wizard to setup any of the below options.  Note:  NP-View only uses local authentication.

  • Local: to create local accounts inside the NP-Live database with local user groups.
  • Active Directory / LDAP: to use active directory or LDAP for single sign on.
  • Radius: to connect NP-Live to your Radius authentication service.

The Administrator can reset the authentication method by selecting the “Reset authentication system” link that is available under the User Management function (the top-right menu).

Note that workspaces are assigned to user id’s.  If the authentication method is changed, the workspaces will no longer be available as the user id will likely change.  The administrator or workspace admin must utilize the transfer workspace function to assign the legacy workspace to the new user id’s.

Configure License Key

After the authentication, the Welcome screen will guide the Administrator through reviewing the EULA and adding the license key. The license key should have been sent to you by email and also posted on the Portal website at https://portal.network-perception.com. If you haven’t received a key, please send a request to support@network-perception.com.

Once the license key is installed, the user must navigate back to the workspaces page for the devices in all workspaces to be activated.

Configure Automatic Updates

NP-Live can automatically download new releases and update itself if you select “Automatically check for updates”. Alternatively, you can select “Update NP-Live” from the system menu or update  offline using the following steps:

  1. Contact the support team to request a link to download the latest release
  2. Copy the release file to the NP-Live server using SCP or WinSCP
  3. Connect to the NP-Live shell using SSH and execute the release file with the command sh NP-Live_server_installer.sh

Configure User Groups

NP-Live allows for the assignment of user users to groups. For local Authentication, the Administrator can create, manage (rename and reset password) and delete users within the system.  Users can be assigned to one of three user groups:

  1. Administrator – Has access to all user, workspace and system administration functions
  2. WorkspaceAdmin – Has access to all user and workspace administration functions
  3. Viewer – Has access to all user functions

For Active directory or LDAP authentication, the setup page will allow for the definition of three system groups using a distinguished name.  A Distinguished Name (often referred to as a DN or FDN) is a string that uniquely identifies an entry in the Directory Information Tree.

The format of a DN is: CN=groupname,OU=grouptype,DC=subdomain,DC=example,DC=com.

For example:

ldap_group_admin = 'CN=NP-Live Admin, OU=Permissions, DC=ad, DC=np, DC=test'
ldap_group_write = 'CN=NP-Live WorkspaceAdmin, OU=Permissions, DC=ad, DC=np, DC=test'
ldap_group_read = 'CN=NP-Live Viewer, OU=Permissions, DC=ad, DC=np, DC=test'
group_translation = {'Administrator' : ldap_group_admin,
'WorkspaceAdmin' : ldap_group_write,
'Viewer' : ldap_group_read}

To find the DN on Windows, open a Windows command prompt and type the command: dsquery group -name {known group name}.  Industry best practices suggest using different names for each of the user groups.  If the same user group is used for one or more of the entries, the high level of permissions will be assigned to each user.

For Radius authentication, all users are assigned to the Administrator group.

NP-View is a single user system and uses local authentication which does not require the function.

Additional Configuration Features

Password Reset

Workspace Admin or Viewer user groups:  Contact your Administrator who can manually reset your password through the User management function on the system menu (upper right corner).

If you have an Administrator account, connect through SSH to the NP-Live server and remove the file db/auth_provider.cfg inside the NP-Live application folder (by default: /opt/np-live).

Refresh the NP-Live web page to show the Welcome screen and reconfigure the authentication.

License and Terms

The Administrator can Show, Add or Upgrade NP-View or NP-Live licensing. Additionally, licensing terms and legal disclosures are available from this function.

Next: Training, NP-Connect and Notification Manager

Once configured, please proceed to the training section of the Knowledge Base to learn how to use NP-Live.  After training, please proceed to the NP-Connect Configuration section to configure automated data collection.  If you have any question, please don’t hesitate to contact support@network-perception.com.

Table of Contents