USER GUIDE
Prepared by the
Directorate of Enterprise Application Planning and Management 8
For the users of the Canadian Cadet Organizations Wide Area Network
(CCO Net)
2700-18 (CCO ITI Proj Mgr)
Preface
The User Guide for the Canadian Cadet Organizations Wide Area
Network (CCO Net) is issued under the authority of the Director Enterprise
Application Planning and Management (DEAPM 8).
This guide is intended to assist any user of the CCO Net with gaining access to
the electronic resources contained within. It also provides details of some of the
tools incorporated into the Common Software Configuration (CSC).
Suggestions for changes should be forwarded to the CSC Technician via the
PrairieServiceDesk@cadets.gc.ca
References
Change History
Table of contents
1. Introduction ....................................................................................................4
2. The CCO Wide Area (CCO Net) Network Overview ......................................4
2.1 Network Conceptual Diagram.................................................................5
2.2 How to use this guide .............................................................................6
3. Gaining access to the CCO Net.....................................................................8
3.1. User Support ..........................................................................................8
3.2. Operating without a network account .....................................................9
4. Connecting to the CCO Net .........................................................................10
4.1 VPN Client ............................................................................................10
4.1.1 Broadband.....................................................................................13
4.1.2 DSL or ADSL.................................................................................15
4.1.3 Dial-up ...........................................................................................17
4.2 Directly Connected ...............................................................................19
4.3 Logging in with cached credentials.......................................................20
4.4 SSL Portal - Web Access – Not Yet Available ......................................21
4.5 Access from the Defence Wide Area Network (DWAN) – Not Yet
Available..........................................................................................................21
5 Using the CCO Net ......................................................................................22
5.1 User Settings ........................................................................................22
5.2 Drives, Document Saving .....................................................................22
5.2.1 Removable media..........................................................................22
5.2.2 Network Drives – To Be Implemented Spring 2010.......................23
5.2.3 Local Drive(s) ................................................................................23
5.2.4 Data Loss and Recovery – Not Yet Available................................24
6. Troubleshooting ...........................................................................................25
6.1 Tips & Tricks................................................ Error! Bookmark not defined.
6.2 Service Desk Assistant Tool......................................................................27
6.2.1 S.D.A. overview and System Info. ......................................................27
6.2.2 Installing printers with the S.D.A. ........................................................29
6.2.3 Setting a Static IP ..............................................................................30
6.3 PDF Printing ..............................................................................................31
7. Acronyms.....................................................................................................32
Page 4 of 32
1. Introduction
This guide is intended for users of the Canadian Cadet Organizations (CCO)
Wide Area Network (WAN) commonly referred to as the “CCO Net”. This guide
provides detailed instructions on the available methods of connections to the
CCO Net.
For the purpose of this document “Plain English 1 ” is utilized in order to allow easy
comprehension of the technical information covered. A glossary of all the
technical terms is included at the end of this guide.
In addition, the term “Remote users” defines those users who are away from a
location that has a direct connection to the CCO Net (e.g. a Local Cadet
Corps/Squadron). “Network users” are defined as users who work on a CCO
issued computer with direct connection to the CCO Net (e.g. Users, in most
locations, at the RCSU’s and/or CSTC’s). A “Local User” is anyone who logs
onto a CCO Net computer using the local account. (Note: this account is
restricted from connecting to any network or Internet provider. It is intended for
word processing only. See Figure 1 (5)
This ITI houses all of the CCO specific corporate applications such as Fortress
and the Website Content Management System (CMS). These systems aim to
reduce the administrative burden on users by providing automation along with
access to IT support and service personnel.
1
http://en.wikipedia.org/wiki/Plain_English
Page 5 of 32
Figure 1
The diagram also shows how this is accomplished from a non-CCO issued
computer (e.g. a personal or public computer (4) or DWAN (3)). Using Internet
Explorer on a computer running windows (other browsers are not supported), the
software connects over a secure webpage, (HTTPS), similar to that used for
Internet banking. This will allow limited access for users to connect to CCO
corporate applications like Fortress and the Website CMS.
Page 6 of 32
The CCO Net is very versatile and has multiple connection methods for users.
The type of connection method is based upon the user environment. Since that
may change, it can be difficult to know which method to use. The following flow
charts (Figure 2 & 3) are designed to direct you to the appropriate section of the
manual where you can find directions to the type most appropriate for you.
Remember, when in doubt; contact your Regional IT Service Desk (See section
3.1 “User Support”).
Figure 2
Page 7 of 32
Figure 3
Page 8 of 32
In order to obtain access to the CCO Net, members must have a valid enhanced
reliability clearance (ERC) 2 . In addition, members are required to read the
applicable policy and security orders pertaining to the use of this network. After
which a statement of compliance (SOC) is completed, signed and submitted to
the appropriate Regional IT Service Desk.
Users that require support with accessing the CCO Net can contact their
Regional IT Service Desk via the following website, email or telephone
information.
Atlantic
Website: www.cadets.ca/help
Phone: 1-877-494-8164 option 7
Central
Email: STG-RCSU-ISSupport@forces.gc.ca
Phone: 1-800-282-2049
Eastern
Email: 7119@forces.gc.ca
Phone: 1-800-681-8180 ext: 7119
Prairie
Email: PrairieServiceDesk@cadets.gc.ca
Phone: 1-800-842-1851 option 4
Pacific
Email: rcsupac.it@cadets.gc.ca
Phone: 1-877-363-7347
Northern
Email rcsunor.it@cadets.gc.ca
Phone: 1-877-363-7347
2
Contact your RCSU for assistance with getting an ERC. This applies to all personnel, including cadets and Civilian
Instructors.
Page 9 of 32
For personnel who do not have a CCO Net Account but do require access to a
computer for word processing, research from local resources (i.e. CD-ROMs’,
DVDs, USB memory sticks, etc.), and/or printing may use the built-in local user
account.
Note: Personnel must hold a valid ERC to access the computer and compliance
with the CCO/DND/CF security orders is mandatory. The local user account
does not allow for connection to network resources or the Internet. All data must
be stored on removable media and not on the local computer.
Username = “offline”
Password = “CCO*OCC”
Figure 4
Page 10 of 32
This section is for personnel with a valid CCO Net account. It details each of the
methods of connecting to the CCO Net (see Figure 1). You may need to become
familiar with more than one method if you move from one environment to
another. For example, access using an issued CCO computer over the Internet
is different from using a personally owned computer.
The VPN Client is a small but powerful piece of software that is used to create a
secure link between your computer and the CCO Net servers over the Internet. It
is used by any issued CCO computer when it is not possible to connect directly
to the network in locations such as CSTCs or RCISs (depending on the location).
All of the communications are encrypted and the VPN acts just like a long
physical cable. There are 3 different methods of connecting to the CCO Net with
the VPN Client (Broadband – Section 4.1.1, DSL – Section 4.1.2, and Dialup –
Section 4.1.3).
Figure 5
Page 11 of 32
Figure 6 shows the Security Banner that will pop up prior to the logon screen. It
also shows the VPN Client. This is only required if a VPN connection is required.
If you are logging on using Cached Credentials (see Section 4.3) or if you are
Directly Connected (see Section 4.2) you do not need to use this control. Simply
ignore it or close the box by clicking the X.
Figure 6
If connecting over the VPN, click on the drop down box and choose your region –
connection type. (For example: If you are in Pacific Region using a High Speed
Internet Service Provider, then choose “PAC-HauteVitesse_HighSpeed” and click
connect.)
Note: If the connection does not work the first time, wait a minute and try another
time. If this persists call your Regional IT Service Desk.
Page 12 of 32
Figure 7
You can also log in using Cached Credentials (see Section 4.3) and then when
required, start the VPN Client as shown in Figure 8.
Figure 8
Page 13 of 32
4.1.1 Broadband
Broadband Internet is a method to connect to the CCO Net with the VPN client
where the connection to the Internet does not require a username and password
to access. This option involves using a high-speed modem to connect to the
Internet. This option does not require a username and password to connect to
the Internet. It may also include DSL or ADSL, if the username and password
are set in the modem or router. (see Section 6.1 “Tips & Tricks” for assistance)
The following instructions describe how to connect using this option.
In the VPN Client control (lower left side), select the connection for your region
and method (example: PRA-HauteVitesse_HighSpeed if your unit has cable
Internet);
The VPN Client | User Authentication window will open. Enter your Username
and Password in the spaces provided. Click OK;
(In this window ensure the Domain field is left blank)
Figure 9
Read through the and then click OK in the Security Banner window;
Figure 10
Type in your User Name and Password into the fields provided;
Change the Log on to: menu item to match your region (Example: PRA for
Prairie);
Click OK
Page 15 of 32
Digital Subscriber Line (DSL) or Asymmetrical DSL (ADSL) are two other
methods available to connect to the CCO Net with the VPN client. This method
involves using a high-speed DSL modem connected to a regular phone line to
connect to the Internet (Note: not the same as dial-up, see section 5.1.3). Use
this method if your connection requires a username and password to gain access
to the Internet. The following instructions describe how to connect using this
method. (For DSL or ADSL where the username and password are managed in
the modem or router see Section 4.1.1)
In the VPN Client window (lower left side), select the connection for your region
and method (example: EST-HauteVitesse_Highspeed(ADSL) if your unit has
DSL internet);
Enter your DSL User name and Password. (This will have come from the Phone
Company or RCSU that provides your Internet Service.)
Click Connect:
Figure 11
The VPN Client | User Authentication window will open. Enter your Username
and Password in the spaces provided. Click OK;
(In this window ensure the Domain field is left blank)
Page 16 of 32
Figure 12
Read through the and then click OK in the Security Banner window;
Figure 13
Type in your User Name and Password into the fields provided;
Change the Log on to: menu item to match your region (Example: PRA for
Prairie);
Click OK
Page 17 of 32
4.1.3 Dial-up
In the VPN Client window (lower left side) select the connection for your region
and method (example: PAC-ParTelephone_ByPhone)
Figure 14
In the Dial up Connection window enter your Dial up username, password, and
phone number. ((If you are using a telephone line that requires a prefix before
the telephone number, add it to the beginning of the number, followed by a
comma (e.g. 89,1-888-518-5555)
Click Dial:
Page 18 of 32
The VPN Client | User Authentication window will open. Enter your Username
and Password in the spaces provided. Click OK;
(In this window ensure the Domain field is left blank)
Figure 15
Read through the and then click OK in the Security Banner window;
Figure 16
Type in your User Name and Password into the fields provided;
Change the Log on to: menu item to match your region (Example: PRA for
Prairie);
Click OK
Page 19 of 32
This section is for those users who are in an environment where the computer is
directly connected to the CCO Net, such as at the Directorate of Cadets & Junior
Cadet Rangers in Ottawa, the Regional Cadet Support Units (RCSU), Cadet
Summer Training Centers (CSTC), Cadet Detachments, Regional Cadet
Instructor Schools (RCIS), and certain Corps and Squadrons across the country.
The following instructions describe how to connect using this method.
Read through the Security Banner and then click OK in the Security Banner
window;
Figure 17
Type in your User Name and Password into the fields provided;
Change the Log on to: menu item to match your region (Example: PRA for
Prairie);
Click OK
Page 20 of 32
Users who have a network account and who have previously logged into the
specific computer in use, at least once before, can log into the computer using
their network username and password when they do not have a current network
connection. When the account is used on the network for the first time, a copy of
those credentials are cached (stored) locally on the computer. In this mode, your
desktop and other personal settings will be exactly the same as when you are
connected to the network except for access to network resources and the
Internet.
If you decide later during your session that you wish to connect to the VPN follow
these steps.
3. Enter your user credentials, and leave the domain field blank.
Figure 18
Page 21 of 32
Currently in development, this feature will allow access to CCO applications from
Non-CCO issued such as: personally owned computers, sponsor supplied
computers or public workstations, etc.
4.5 Access from the Defence Wide Area Network (DWAN) – Not Yet
Available
Currently in development, this feature will allow access to CCO applications from
DWAN computers.
Page 22 of 32
The CCO Net is a standardized, nation wide network created to allow a high level
of protection and security to both the users and corporate applications. All
Internet traffic within the Network is filtered and monitored. This allows the ability
to block prohibited sites and ensure proper use of the workstations and network.
Software patches and updates are managed via the network. The anti-virus
software is updated automatically via the network without user intervention.
Workstations may run slower when patches and updates are being applied.
Workstations could stop working if patches and updates are not applied regularly.
The following section describes the user settings for the CCO Net. All settings
are in accordance with the current Network Technical Specification and
Information Security (IS) policy. Any required changes must be requested via
your Regional IT Service Desk and are subject to approval/denial based on
current IS polices and consideration for operational requirements.
Users have the ability to save files and create shortcuts on their desktop.
However, files on the desktop are not backed-up and could be lost if the
computer is stolen or becomes defective. For these reasons users should also
backup data to a DND issued removable storage medium such as a CD ROM,
USB memory stick, or to a Network drive when possible (note 5.2.1 below).
User passwords have a maximum validity period of 90 days and must meet
complexity requirements IAW Network Technical Specification. This means that
the password must by at least 8 characters long, include an upper and lower
case letter, a number and/or special character.
This section briefly explains the different drive letters as well as where users
should save their files and documents. For the purpose of this guide, documents
can be saved either on removable media, network drive(s) or local drive(s).
Removable media (i.e. USB memory stick, CD ROM, USB Hard Drive) are not a
safe place for long term data storage as they can malfunction. Removable media
should be used when documents need to be accessed on multiple DND issued
Page 23 of 32
workstations and where a backup exists. It is important to note that only DND
issued removable media is authorized to be used with DND issued workstations
IAW IT/IM policy.
“Local Drive” refers to the physical storage inside of your PC. It is highly
recommended that you do not store any data on your local PC. The data on your
local drive is accessible to all users that log into the machine. Hard drives have a
comparably high rate of failure and data on them is non-recoverable by the
Regional IT Support Staff. Locations such as your desktop, C: Drive and “My
Documents” are all stored on the Local Drive.
c. “C:\” This drive is the main hard disk drive in the computer. This drive
contains the Operating System and all critical system files;
e. “E:\ and F:\” These drives are normally assigned to removable media
once attached to the computer.
Network drives are the preferred location for documents to be saved. Users may
have several network drives when connecting to the CCO Net. The main
network drives are described below.
f. “G:\”: This drive is the common drive for the user’s home unit. This
drive should be used to save documents relevant to Corps/Squadron
functions.
g. “M:\”: This drive is used for network applications. Users do not have
access to save documents to this drive.
h. “N:\”: This drive is the common drive for the users at the CSTC. This
drive should be used to save documents relevant to CSTC functions.
Page 24 of 32
In order to prevent and alleviate the loss of data, data should be stored on
network drives. Data stored on network drives will be backed up on a weekly
basis.
If users delete a file by error or lose a file that was saved on a network drive, a
recovery may be possible. In this situation users should contact their Regional
Information Support Service Desk.
Page 25 of 32
6. Troubleshooting
Ensure that you have chosen the correct connection method in the Cisco VPN
Client.
Figure 19
Ensure that the Domain field in the VPN client is left blank.
Figure 20
Page 26 of 32
Ensure that you have chosen the correct domain at the Log On to Windows
screen.
Figure 21
When calling your Help Desk try and have as much information available as
possible.
For example, the Computer name, the Model and Serial number, the CSC
version, your unit information (number, UIC, location), the type of Internet being
used (DSL, Dialup, Broadband).
Page 27 of 32
The Service Desk Assistant (SDA) is a tool created specifically for the CCO Net
and is designed to help both users and your IT support staff perform tasks on the
local PC.
You can locate the SDA wrench icon in the lower right corner of the screen (see
figure 22). Some simple features that the SDA provide are:
Figure 22
1. Tools & Assistance – This group allows the user to perform simple
functions that are not normally allowed with basic user priveledges.
These fuctions include:
In the following subsections, some of the functions of the SDA are explained in
detail.
Right-clicking on the SDA icon and selecting System Info will display key
information that you or your IT Service Desk may need when troubleshooting
system errors, (see Figure 23)
.
Figure 23
Page 29 of 32
Normally, a basic user does not have sufficient privileges to install a printer.
Using the SDA, a basic user can install printers as required without the
intervention of the IT Service Desk staff.
Right click the SDA wrench icon, select Tools & Assistance and click Add local
printer (Figure 24). Follow the steps in the Add Printer Wizard until completed the
installation. If you experience difficulties or require assistance, call your Regional
IT Service Desk.
Figure 24
Page 30 of 32
This tool allows the basic user to assign a static IP address to the computer or
release a static IP address and use DHCP. To do so:
1. Right click on the SDA icon in the lower right corner of the screen;
4. Ensure you select the correct network adapter from the list
before clicking OK.
Figure 25
Page 31 of 32
To convert any printable file to Portable Document Format (.PDF), simply choose
Print as you would to send the document to a physical printer, but select
“PDFCreator” as your printer (Figure 26) instead. Make selections, as
necessary, and click OK. The PDFCreator window will then open and allow you
to set the filename and save location (see Figure 27).
Figure 26
Enter the Document Title and additional information as desired. You may, at this
point, click on Wait – Collect if you wish to compile multiple pages/documents
into a single .pdf file. If not, click on Save and the Save as window will pop-up.
Choose a location for the file and click Save.
Figure 27
Page 32 of 32
7. Acronyms