Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 VSE Management Software Installation and Update Guide Version A.03.00.01 > Chapter 3 Installation

Preparing for Installation
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

For a description of HP SIM patch requirements, see the HP Systems Insight Manager 5.1 Installation and Configuration Guide for HP-UX.

Verify that your CMS and managed systems meet the VSE Management Software system requirements described in “System Requirements”.

Check the VSE Management Software Release Notes Version A.03.00.01 for any updates to the requirements or installation instructions. This document is available on the HP Instant Information CD. The latest version can also be downloaded from http://docs.hp.com/en/vse.html.

Establish common WBEM credentials on the CMS and on the managed systems to allow authenticated access to WBEM data. The VSE Management Software uses WBEM connections to obtain information from the managed systems. To avoid having to maintain multiple WBEM user accounts and passwords, HP recommends that you use one of the following WBEM authentication models.

  1. Single WBEM user account.  Assign a user name that is the same on all your servers and is reserved for use by WBEM. For security reasons, this user name should not have root privileges and should not have a login shell associated with it. Use NIS, LDAP, or other techniques to maintain a single password for this user name across all of your systems. Enter this user name and password during the HP SIM First Time Wizard or by using Options->Protocol Settings->Global Protocol Settings from the HP SIM menu.

    IMPORTANT: Even though the WBEM user account information is configured as a global default, HP SIM remembers the credentials that previously succeeded for each managed system, and tries the same credentials in subsequent WBEM exchanges. If the password for the WBEM account is changed, the previously successful user name and password will no longer be valid. However, if your network includes storage systems managed through WBEM, authentication via the same expired WBEM credentials may be attempted multiple times. In some network environments, these repeated authentication requests using an expired password can cause the WBEM user account to be locked out. If your network environment requires frequent password changes and locks out user accounts after multiple failed password attempts, WBEM certificate-based authentication may be a better choice.

  2. WBEM Certificate-Based Authentication.  You can configure WBEM authentication for a single system or a selected set of systems using Options->Protocol Settings->System Protocol Settings from the HP SIM menu. To authenticate through a certificate instead of using a WBEM user account and password, select Use certificate instead. Online help for this option is available in HP SIM. Online help for certificates in general can be found in the HP SIM help system under the Networking and security topic.

    NOTE: On all HP-UX managed systems, HP WBEM Services for HP-UX version A.02.05 or later is required in order to use certificate-based WBEM authentication.

For more information about WBEM security configuration in HP SIM, see the HP white paper Understanding HP Systems Insight Manager security, available from the Information Library link at http://hp.com/go/hpsim.

Preinstallation Steps for Linux Managed Systems

On managed systems running Red Hat Enterprise Linux, disable SELinux to avoid conflicts with the WBEM providers and agent software.

In order for Linux managed systems to be correctly discovered by HP SIM, you must install WBEM and the required WBEM providers from the HP Integrity Essentials Foundation Pack for Linux Management CD. You can download the contents of this CD in tar format using the following procedure:

  1. On the Web site http://hp.com/go/integritylinux, click the Software & Drivers link.

  2. Under the section Support for your products, select the option Download drivers and software (and firmware).

  3. In the same section, enter your server product information in the product field (for example, “integrity rx7620 servers” and press Enter. The support center page for your server is displayed.

  4. Under Select operating system, click the link that corresponds to your Linux OS version. The Download drivers and software page for your server should be displayed.

  5. Click the Software - Support Pack link to jump to the correct section of the page.

  6. Click the Download button under the Software - Support Pack section to download the tar file.

  7. Install the software according to the instructions included in the docs directory contained in the tar file.

  8. Make sure that the tog-pegasus package is installed and running on the system.

  9. On Red Hat Enterprise Linux, you might need to modify the file /etc/Pegasus/access.conf to allow WBEM access using your designated WBEM user name and password. Perform the following steps to configure this file. In this example, your designated WBEM user name is assumed to be wbemuser.

    1. Look for the following line in this file: 

      -: ALL EXCEPT pegasus:wbemNetwork

    2. Change this line to either of the following options: 

      # Allow access only from user 'wbemuser':
-: ALL EXCEPT wbemuser pegasus:wbemNetwork

# Allow access by all users:
+: ALL EXCEPT :wbemNetwork

    3. If tog-pegasus is not running, start it by executing the following command: 

      # /etc/init.d/tog-pegasus start

OpenSSH on Linux managed systems must be configured for use by HP SIM. Normally you can use the same procedure that is used to configure OpenSSH for HP SIM on HP-UX managed systems, described in “Installing VSE Agent Software on Managed Systems”. However, if you are using SUSE Linux Enterprise Server 9, you must first manually configure OpenSSH to use password authentication.

IMPORTANT: SUSE Linux Enterprise Server 9 ships with SSH configured to use PAM authentication instead of password authentication. Password authentication is required in order for the mxagentconfig to configure OpenSSH for use by HP SIM.

On managed systems running SUSE Linux Enterprise Server 9, change to password authentication using the following procedure:

  1. Configure the following lines in /etc/ssh/sshd_config on the managed system: 

      PasswordAuthentication yes
  #UsePAM yes

  2. Retrieve the process id of the running sshd from the file /var/run/sshd.pid.

  3. Restart sshd by executing the following command: 

    # kill -SIGHUP pid

    where pid is the sshd process id.

Preinstallation Steps for Microsoft Windows Managed Systems

On Windows managed systems OpenSSH is not installed by default, but it can be installed from the HP Smart Setup installation media (version 4.5 or later). Use the following procedure to install OpenSSH and configure it for use with HP SIM. You can then install the VSE agent software and WMI/WBEM providers from HP SIM using the procedure described in “Installing VSE Agent Software on Managed Systems”.

  1. Follow the instructions in the HP Smart Setup CD to install OpenSSH Services on the Windows managed system. During installation you must specify the user name and password for the account that runs the OpenSSH service. The Administrator account is typically used for this.

    NOTE: During installation, OpenSSH automatically imports your local user accounts into its password file. If additional accounts are added later, you must reinstall OpenSSH or use the sshuser command to import the new user account information into OpenSSH.

  2. Reboot the Windows managed system to enable SSH communication.

  3. Configure OpenSSH for use with HP SIM by executing the following command on the CMS: 

    # mxagentconfig -a -n node-hostname -u Administrator -p password

    where node-hostname is the name of the system as it is known by HP SIM. If the system administrator user account on your managed system is not Administrator, substitute your administrator user name in the preceding command. You can use multiple -n options in order to perform this operation on more than one managed system.

    NOTE: This step can be performed within HP SIM by selecting the managed systems to configure, then choosing Configure->Configure or Repair Agents... from the HP SIM menu bar. At the Configure or Repair Settings page, select Configure secure shell (SSH) access.

  4. If you are using Partition Manager to manage Windows systems, you must also create a user account named root on those Windows systems. Partition Manager uses this user name for remote execution of nPartition commands through OpenSSH. Add this user to the Administrators group in Windows, then add this user to OpenSSH using the sshuser command.

    Execute the following command on the CMS to configure remote connections from the CMS using the root account: 

    # mxagentconfig -a -n node-hostname -u root -p root-password

OpenSSH is now configured for connections from the CMS (with host-based authentication), using either the Administrator or root account. Partition Manager uses the root account for remote command execution.



Chapter 3 Installation
  		 


Before Upgrading from a Previous Version  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2006-2007 Hewlett-Packard Development Company, L.P.