Pda management with ibm tivoli configuration manager sg246951

600 views

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
600
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Pda management with ibm tivoli configuration manager sg246951

  1. 1. Front coverPDA Management with IBMTivoli Configuration ManagerA primer for deployments of any sizeand proofs of conceptStep-by-step installation andhow-to instructionsScenario-based PDAmanagement Edson Manoel Zoltan Veress Szabolcs Barabasibm.com/redbooks
  2. 2. International Technical Support OrganizationPDA Management with IBM Tivoli ConfigurationManagerMay 2003 SG24-6951-00
  3. 3. Note: Before using this information and the product it supports, read the information in “Notices” on page vii.First Edition (May 2003)This edition applies to IBM Tivoli Configuration Manager Version 4, Release 2, and IBM TivoliAccess Manager for e-business Version 3, Release 9.© Copyright International Business Machines Corporation 2003. All rights reserved.Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADPSchedule Contract with IBM Corp.
  4. 4. Contents Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix The team that wrote this redbook . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Become a published author . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x Comments welcome . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiPart 1. Concepts, planning, and implementation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Chapter 1. Device management architecture . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1 Device Management overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.1.1 Tivoli Resource Manager and Web Gateway . . . . . . . . . . . . . . . . . . . 4 1.1.2 Device Management internals. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 1.2 Our approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Chapter 2. Getting the environment up and running . . . . . . . . . . . . . . . . . 13 2.1 Planning for the single-box installation . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 2.1.1 Software requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 2.1.2 Hardware requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 2.1.3 Installation matrix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 2.2 Single-box implementation: RS/6000-based . . . . . . . . . . . . . . . . . . . . . . . 17 2.2.1 IBM DB2 Server installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 2.2.2 IBM DB2 Fixpack 7 installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 2.2.3 IBM WebSphere installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 2.2.4 IBM WebSphere Fixpack 3 installation . . . . . . . . . . . . . . . . . . . . . . . 25 2.2.5 IBM Tivoli Configuration Manager installation . . . . . . . . . . . . . . . . . . 26 2.2.6 Tivoli Web Gateway Server installation on AIX . . . . . . . . . . . . . . . . . 33 2.3 Single-box implementation: Intel-based . . . . . . . . . . . . . . . . . . . . . . . . . . 42 2.3.1 IBM DB2 Server installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 2.3.2 IBM DB2 Fixpack 7 installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 2.3.3 IBM WebSphere installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 2.3.4 IBM WebSphere Fixpack 3 installation . . . . . . . . . . . . . . . . . . . . . . . 47 2.3.5 IBM Tivoli Configuration Manager installation . . . . . . . . . . . . . . . . . . 47 2.3.6 Tivoli Web Gateway Server installation on WIndows . . . . . . . . . . . . 53 2.4 Tivoli Resource Gateway configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 Chapter 3. Implementing security on the PDA management environment65 3.1 General considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66© Copyright IBM Corp. 2003. All rights reserved. iii
  5. 5. 3.2 Access Manager for e-business installation . . . . . . . . . . . . . . . . . . . . . . . 67 3.2.1 Installing IBM Directory Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 3.2.2 Installing Access Manager - Policy Server . . . . . . . . . . . . . . . . . . . . 72 3.2.3 Installing Access Manager - Authorization Server . . . . . . . . . . . . . . 74 3.2.4 Installing Access Manager - Application Development Kit . . . . . . . . 76 3.2.5 Installing Access Manager - WebSEAL . . . . . . . . . . . . . . . . . . . . . . 78 3.2.6 Installing Access Manager - Java Runtime Environment . . . . . . . . . 82 3.3 Configuring the secure environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 3.3.1 Creating a WebSEAL junction to the Web Gateway . . . . . . . . . . . . . 86 3.3.2 Configuring query_contents for WebSEAL . . . . . . . . . . . . . . . . . . . . 89 3.3.3 Installing Tivoli Web Gateway with security enabled . . . . . . . . . . . . 91 3.3.4 Configuring Web Gateway to use WebSEAL junction . . . . . . . . . . . 92Part 2. Case study scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Chapter 4. Managing pervasive devices . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 4.1 Case study overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 4.2 Managing Nokia 9290 Communicator . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 4.2.1 Installation and configuration of the Device Agent for Nokia. . . . . . 103 4.2.2 Distributing software packages to Nokia 9290 Communicator . . . . 108 4.3 Managing Palm devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 4.3.1 Installation and configuration of the Device Agent for Palm . . . . . . 118 4.3.2 Distributing software packages to Palm . . . . . . . . . . . . . . . . . . . . . 122 4.3.3 Performing inventory scan on Palm . . . . . . . . . . . . . . . . . . . . . . . . 131 4.4 Managing WinCE/PocketPC devices . . . . . . . . . . . . . . . . . . . . . . . . . . . 137 4.4.1 Installation and configuration of the Device Agent for PocketPC . . 138 4.4.2 Distributing software on WinCE/PocketPC . . . . . . . . . . . . . . . . . . . 142 4.4.3 Running inventory on the WinCE/PocketPC . . . . . . . . . . . . . . . . . . 149 4.5 Weekly distribution of the price and stock list . . . . . . . . . . . . . . . . . . . . . 153 Appendix A. Troubleshooting Web Gateway and Device Management . 155 Troubleshooting Web Gateway Installation . . . . . . . . . . . . . . . . . . . . . . . . . . 156 Useful log files for installation troubleshooting . . . . . . . . . . . . . . . . . . . . . 157 Cleaning up a failed Web Gateway installation . . . . . . . . . . . . . . . . . . . . . 160 Common Web Gateway and Device Management problems . . . . . . . . . . . . 161 Problems with starting the Web Gateway . . . . . . . . . . . . . . . . . . . . . . . . . 161 Problems with using the Web Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . 163 Problems with registering device classes and job classes . . . . . . . . . . . . 164 Problems with enrolling a device. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 Problems with connecting the agent to the Web Gateway . . . . . . . . . . . . 164 Problems with publishing and downloading a package. . . . . . . . . . . . . . . 167 Problems with running jobs for devices. . . . . . . . . . . . . . . . . . . . . . . . . . . 168 Receiving return codes from the C language APIs . . . . . . . . . . . . . . . . . . 169 Using a non-standard port number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170iv PDA Management with IBM Tivoli Configuration Manager
  6. 6. Inventory problems . . . . . . . . . . . . . . . . . . . . . . ...... ....... ...... . 170 Software Distribution problems . . . . . . . . . . . . . ...... ....... ...... . 170 Resource Manager problems . . . . . . . . . . . . . . ...... ....... ...... . 171Tracing the Web Gateway . . . . . . . . . . . . . . . . . . . ...... ....... ...... . 171Abbreviations and acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175Other publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175Online resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176How to get IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179 Contents v
  7. 7. vi PDA Management with IBM Tivoli Configuration Manager
  8. 8. NoticesThis information was developed for products and services offered in the U.S.A.IBM may not offer the products, services, or features discussed in this document in other countries. Consultyour local IBM representative for information on the products and services currently available in your area.Any reference to an IBM product, program, or service is not intended to state or imply that only that IBMproduct, program, or service may be used. Any functionally equivalent product, program, or service thatdoes not infringe any IBM intellectual property right may be used instead. However, it is the usersresponsibility to evaluate and verify the operation of any non-IBM product, program, or service.IBM may have patents or pending patent applications covering subject matter described in this document.The furnishing of this document does not give you any license to these patents. You can send licenseinquiries, in writing, to:IBM Director of Licensing, IBM Corporation, North Castle Drive Armonk, NY 10504-1785 U.S.A.The following paragraph does not apply to the United Kingdom or any other country where such provisionsare inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDESTHIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED,INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT,MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimerof express or implied warranties in certain transactions, therefore, this statement may not apply to you.This information could include technical inaccuracies or typographical errors. Changes are periodically madeto the information herein; these changes will be incorporated in new editions of the publication. IBM maymake improvements and/or changes in the product(s) and/or the program(s) described in this publication atany time without notice.Any references in this information to non-IBM Web sites are provided for convenience only and do not in anymanner serve as an endorsement of those Web sites. The materials at those Web sites are not part of thematerials for this IBM product and use of those Web sites is at your own risk.IBM may use or distribute any of the information you supply in any way it believes appropriate withoutincurring any obligation to you.Information concerning non-IBM products was obtained from the suppliers of those products, their publishedannouncements or other publicly available sources. IBM has not tested those products and cannot confirmthe accuracy of performance, compatibility or any other claims related to non-IBM products. Questions onthe capabilities of non-IBM products should be addressed to the suppliers of those products.This information contains examples of data and reports used in daily business operations. To illustrate themas completely as possible, the examples include the names of individuals, companies, brands, and products.All of these names are fictitious and any similarity to the names and addresses used by an actual businessenterprise is entirely coincidental.COPYRIGHT LICENSE:This information contains sample application programs in source language, which illustrates programmingtechniques on various operating platforms. You may copy, modify, and distribute these sample programs inany form without payment to IBM, for the purposes of developing, using, marketing or distributing applicationprograms conforming to the application programming interface for the operating platform for which thesample programs are written. These examples have not been thoroughly tested under all conditions. IBM,therefore, cannot guarantee or imply reliability, serviceability, or function of these programs. You may copy,modify, and distribute these sample programs in any form without payment to IBM for the purposes ofdeveloping, using, marketing, or distributing application programs conforming to IBMs applicationprogramming interfaces.© Copyright IBM Corp. 2003. All rights reserved. vii
  9. 9. TrademarksThe following terms are trademarks of the International Business Machines Corporation in the United States,other countries, or both: Redbooks (logo) ™ IBM® SP2® ibm.com® PowerPC® Tivoli Enterprise™ pSeries™ Redbooks™ Tivoli® AIX® RS/6000® TME® DB2 Universal Database™ SecureWay® WebSphere® DB2® SP™The following terms are trademarks of other companies:ActionMedia, LANDesk, MMX, Pentium and ProShare are trademarks of Intel Corporation in the UnitedStates, other countries, or both.Microsoft, Windows, Windows NT, PowerPC® and the Windows logo are trademarks of MicrosoftCorporation in the United States, other countries, or both.Java and all Java-based trademarks and logos are trademarks or registered trademarks of SunMicrosystems, Inc. in the United States, other countries, or both.C-bus is a trademark of Corollary, Inc. in the United States, other countries, or both.UNIX is a registered trademark of The Open Group in the United States and other countries.SET, SET Secure Electronic Transaction, and the SET Logo are trademarks owned by SET SecureElectronic Transaction LLC.Other company, product, and service names may be trademarks or service marks of others.viii PDA Management with IBM Tivoli Configuration Manager
  10. 10. Preface IBM® Tivoli® Configuration Manager 4.2 was launched in October 2002. Along with many new functional and performance features, it includes an enhanced Web-based device management capability, called Tivoli Web Gateway, running on top of IBM WebSphere Application Server. This Redbook describes in detail the steps required to install and configure Tivoli Web Gateway and all the prerequisite products. The instructions given in this Redbook are very detailed and explicit. These instructions are not the only way to install the products and related prerequisites. They are meant to be followed by someone with limited experience in the products, to allow them to successfully install and set up the pervasive device management environment. Our approach is to install and configure all the products required for the PDA management on a single box. In order to enable security, we also provide installation and configuration of IBM Tivoli Access Manager for e-business on a separate machine. While the information provided by this Redbook can be used on deployments of any size, it will be particularly useful to enable the management of pervasive devices by small and medium businesses (SMBs). It will also help Business Partners and IBM services in setting up demonstrations and proofs of concept.The team that wrote this redbook This redbook was produced by a team of specialists from around the world working at the International Technical Support Organization, Austin Center. Edson Manoel is a Software Engineer at the International Technical Support Organization, Austin Center, working as an IT Specialist in the Systems Management area. Prior to joining the ITSO, Edson worked in the IBM Software Group as a Tivoli Technology Ambassador and in IBM Brasil Professional Services Organization as a Certified IT Specialist. He was involved in numerous projects, designing and implementing systems management solutions for IBM customers and Business Partners. Edson holds a BSc degree in Applied Mathematics from Universidade de Sao Paulo, Brazil. Zoltan Veress is an independent consultant currently working for IBM Belgium on a large Tivoli rollout. He has five years of experience with Tivoli products and© Copyright IBM Corp. 2003. All rights reserved. ix
  11. 11. eight years of IT experience in total. His major areas of expertise include software distribution, inventory, and remote control, and also has experience with almost all major Framework-based products. Szabolcs Barabas is an independent consultant. Formerly he was an IT Specialist IBM Global Services Hungary for five years. He holds a degree in Information Technologies. He has four years of experience with Tivoli products and eight years of IT experience in total. His major areas of expertise include ITM, TEC, and remote control, but has experience with almost all major Framework-based products. Thanks to the following people for their contributions to this project: Joanne Luedtke, Lupe Brown, Wade Wallace, and Chris Blatchley International Technical Support Organization, Austin Center Tom Ellingwood Device Management Development and Test Team, IBM Software Group Raleigh David Thiessen Technical Evangelist, IBM Software Group Austin Alan Hsu Market Manager - Pervasive Devices, IBM Software Group AustinBecome a published author Join us for a two- to six-week residency program! Help write an IBM Redbook dealing with specific products or solutions, while getting hands-on experience with leading-edge technologies. Youll team with IBM technical professionals, Business Partners and/or customers. Your efforts will help increase product acceptance and customer satisfaction. As a bonus, youll develop a network of contacts in IBM development labs, and increase your productivity and marketability. Find out more about the residency program, browse the residency index, and apply online at: ibm.com/redbooks/residencies.htmlx PDA Management with IBM Tivoli Configuration Manager
  12. 12. Comments welcome Your comments are important to us! We want our Redbooks™ to be as helpful as possible. Send us your comments about this or other Redbooks in one of the following ways: Use the online Contact us review redbook form found at: ibm.com/redbooks Send your comments in an Internet note to: redbook@us.ibm.com Mail your comments to: IBM Corporation, International Technical Support Organization Dept. JN9B Building 003 Internal Zip 2834 11400 Burnet Road Austin, Texas 78758-3493 Preface xi
  13. 13. xii PDA Management with IBM Tivoli Configuration Manager
  14. 14. Part 1Part 1 Concepts, planning, and implementation© Copyright IBM Corp. 2003. All rights reserved. 1
  15. 15. 2 PDA Management with IBM Tivoli Configuration Manager
  16. 16. 1 Chapter 1. Device management architecture Pervasive Device Management is a new feature of IBM Tivoli Configuration Manager that is used to perform basic operations on pervasive devices. The functionality provided by this new feature includes software distribution, inventory, and configuration. The type of pervasive devices supported are: Palm WinCE and Windows PocketPC Nokia 9200 Series In this chapter, the following topics are discussed: IBM Tivoli Configuration Manager device management overview and architecture IBM Tivoli Configuration Manager components and supporting applications required for management of pervasive devices© Copyright IBM Corp. 2003. All rights reserved. 3
  17. 17. 1.1 Device Management overview By extending its management capabilities to pervasive devices, such as PalmOS, WinCE, Windows PocketPC, and Nokia Communicator devices, IBM Tivoli Configuration Manager allows the update of configuration information and software on these devices using the same tools with which desktops and servers are managed. This allows for better control over the increasing number of pervasive devices being used for business applications across the enterprise. Another advantage is that administrators do not need to learn to use a separate, specialized tool for managing different kinds of pervasive devices. The Tivoli Resource Manager and Resource Gateway components enable you to determine where resources, pervasive devices, or users are associated with the computers in your enterprise and provide all the functionality to manage these resources. In the following section we will go over the concepts of both Tivoli Resource Manager and Resource Gateway components, as well as their role in the management of pervasive devices.1.1.1 Tivoli Resource Manager and Web Gateway Tivoli Resource Manager (TRM) is a new service that extends the functionality of the Tivoli Management Framework to manage various type of resources. A fourth tier of resources is added by the Tivoli Resource Manager to the three-tiered Tivoli architecture of Tivoli Management Region (TMR) server, gateway, and endpoint. Resources managed by the Tivoli Resource Manager can be either pervasive devices or users. Tivoli Resource Manager enables you to perform operations on pervasive devices, such as inventory scanning, distribution of software packages, and customizing the devices. Tivoli Resource Manager’s main roles are to: Create an association between each device and assigned endpoint. Retrieve users’ information and their endpoints. Determine where resources, pervasive or users, are associated. All the resources intended to be managed need to be grouped into resource groups. Resource groups must contain resources of the same type. There can be two types of resource groups: Device groups for pervasive devices Users groups for Enterprise Directory users The members of a resource group can be static or dynamic. The resource group shields applications, such as Software Distribution or Inventory, from knowing4 PDA Management with IBM Tivoli Configuration Manager
  18. 18. device or user concepts by taking care to create an association between eachdevice or user with its assigned endpoint.Figure 1-1 shows the infrastructure of Tivoli Resource Manager. ecruoseR ecruoseR ecruoseR ecruoseR ecruoseR ecruoseR ecruoseR ecruoseR esaBataD ec veD ec veD eciiiveD reganaM reganaM reganaM reganaM reganaM reganaM reganaM reganaM ecafraettnI esaB aD esaBataD ecafretnI ecafretnI yrectcer D yrectiiceriiiD o veD o veD yrotcer D P AD L P AD L P AD L P AD L P AD L P AD L P AD L P AD L P AD L dSA Table1 Group GroupFigure 1-1 Tivoli Resource Manager infrastructureTivoli Resource Manager enables you to work with the resource users that aredefined in an Enterprise Directory server, for example, the Lightweight DirectoryAccess Protocol (LDAP) server. Users are associated with endpoints in aone-to-one relationship and the mapping is stored in the LDAP server. TivoliResource Manager enables you to view the association between a user and anendpoint.Resource tasks will be carried on by Tivoli Resource Manager. It will use adatabase interface to address the Device Directory (which is a storing system)and to pull information from the Enterprise Directory server via LDAP (seeFigure 1-1). The database interface implementation is resource type-specific.A component of Tivoli Resource Manager resides on the Tivoli Server. A TivoliResource Manager gateway component, which is installed at the Tivoli gatewaylevel, connects the Tivoli Resource Manager server with the endpoints that areconnected by the pervasive devices in the region.A Web Gateway enables you to manage the devices that connect to it. The WebGateway is installed at the endpoint level and connects to a centrally installedTivoli Resource Manager. The Web Gateway can communicate with a largenumber of devices and connect the Tivoli environment with these resourcesthrough the endpoint. In this release of IBM Tivoli Configuration Manager, theonly Web Gateway supported is the Tivoli Web Gateway (TWG). Chapter 1. Device management architecture 5
  19. 19. Each Web Gateway has its own resource database, but the Tivoli Resource Manager keeps a master database. The Tivoli Resource Manager and Web Gateway will notify each other of any changes to their database. This will typically happen when a device connects to a Web Gateway and is automatically enrolled or a device is added to the Tivoli Resource Manager database. Depending on the number of resources, a Tivoli Resource Manager configuration could consist of a cluster of Web Gateways sharing the same database management system. The Tivoli Resource Manager uses a RIM host to access and query the RDBMS server; however, the Tivoli Web Gateway uses standard SQL statement to access and query its database. It is possible for the Tivoli Resource Manager and Tivoli Web Gateway to use the same database server, but at the moment only IBM DB2® is supported for the Tivoli Web Gateway database. Figure 1-2 on page 7 shows the relationship between the Tivoli Resource Manager and the Tivoli Web Gateway components.6 PDA Management with IBM Tivoli Configuration Manager
  20. 20. TMR Server RIM Tivoli Resource Manager Server Host RDBMS Tivoli Gateway Tivoli Resource Manager GW Endpoint Tivoli Web Gateway Resource Collector WebSphere Server IBM DB2 Server IBM DB2 Client HTTP HTTP HTTP Host PC with Pervasive Host PCs with Pervasive device connected device connectedFigure 1-2 Tivoli Resource Manager and Web Gateway componentsTo enable the management of pervasive devices, as shown in Figure 1-2, anumber of components should be installed as follows: Tivoli Resource Manager server must be installed on the Tivoli Server and it should also be installed on the managed nodes to run Tivoli Resource Manager commands. Tivoli Resource Manager Gateway should be created on Tivoli Gateways that communicate with endpoints hosting the Web Gateway component. The Tivoli Resource Manager Gateway components are also referred to as Resource Gateways. Chapter 1. Device management architecture 7
  21. 21. Tivoli Web Gateway Version 4.2 must be installed on the Tivoli endpoints that connect to pervasive devices. Before installing the Tivoli Web Gateway component for Resource Management of devices, you must install and configure the following software: IBM DB2 IBM WebSphere® Application Server1.1.2 Device Management internals As previously mentioned, IBM Tivoli Configuration Manager 4.2 has a new feature that extends management to pervasive devices. Software distributions and inventory scans can now be done against these devices. Imagine sending a weekly price list to the Palm devices of 20,000 business partners or sales representatives. Another scenario would have all the pervasive devices become part of a reference model. You can have a reference model for sales, marketing, executives, accounting, etc., such that when a user changes a role in the organization or group, the software on the device changes and the new role will be reflected on the user’s pervasive device. Before going into detail about how IBM Tivoli Configuration Manager 4.2 manages pervasive devices, we need to provide the concepts of the following IBM Tivoli Configuration Manager 4.2 internal components: Activity Planner Is a deployment service that enables you to define a group of activities to be submitted as an activity plan, to schedule or to execute the plan and monitor it while it runs. Operations can include software distribution and inventory scans. Activity Planner is also known as Activity Planner Manager (APM). Change Manager Is a deployment service which, together with Activity Planner, supports software distribution, inventory, and change management. Change Manager works with Activity Planner to manage specified groups of users, workstations, or devices as single subscribers. Subscribers can be users, user groups, or devices groups. Change Manager is also known as Configuration Change Manager (CCM). In addition to being able to send a profile to a group that contains pervasive devices, Activity Planner extends targets and Change Manager extends subscribers to pervasive devices. The Tivoli Web Gateway (TWG) is extended to allow management actions (inventory, software distribution, and device configuration) to be controlled from a TMR server. In the Tivoli environment, the devices are managed using the Tivoli Resource Manager (TRM) service. Using this application the administrator can define devices, can link them to the endpoints that directly or indirectly manage them, and can create device groups.8 PDA Management with IBM Tivoli Configuration Manager
  22. 22. Device groups are known to the Tivoli Framework (a device group is a specialized profile manager) and can be used by Tivoli applications to address devices. Figure 1-3 shows an example of an activity flow when performing software distribution to pervasive devices: 1 Configuration Change Administrator Manager 2 3 Inventory DB 4 SWDistManager Activity Planner Tivoli Web Gateway Object Manager 5 Device Directory 6 Tivoli Software Dist Engine Server / Gateway 6 Software Distribution Subagent Agent 7 8 Endpoint CT Abstraction Layer Result Websphere Collector Device 11 10 Gateway 9 HTTP Host PC with Pervasive device connectedFigure 1-3 Data flow using software distribution to push to devices Chapter 1. Device management architecture 9
  23. 23. Based on Figure 1-3, here we detail each step of the software distribution prepared by the Tivoli Administrator using the reference model example mentioned above. The flow shown in Figure 1-3 on page 9 is as follows: 1. The administrator defines a reference model for the marketing people that have been assigned a device of type, for example, Palm OS. The default configuration should have an e-mail client, a browser, and a list of contacts for the main customers installed. The software to be installed to the devices is packaged in a Software Distribution package. Suppose that some new people join the marketing division of the company. To install the right software on the new Palms, the administrator adds them to the device group containing all Palms for marketing people and, using CCM, synchronizes the reference model of marketing people to the new devices. 2. CCM, using information in the inventory database, determines the state of the package on the devices and prepares an APM plan to install it on the devices. 3. CCM submits the plan to APM. 4. Before starting an activity of the plan, APM interacts with TRM to define a temporary group to contain the list of devices to be addressed by the operation. 5. APM submits the request to the Software Distribution engine. The request addresses the new temporary group generated. 6. The Software Distribution engine, once having received the device group, interacts with TRM to know the list of the endpoints that control the target devices and submits the request to the endpoints. The diagram shows a single endpoint, but a distribution could actually spawn across several endpoints. 7. When each endpoint receives the distribution, the Software Distribution Agent decodes the software package and executes the actions on the objects, as described in the software package. In this case, the built-in actions are specific for the Palm device. 8. The built-in action for the Palm device (sub-agent) converts the software package into a group of TWG packages and submits a job, addressing all packages, to the Web Gateway. 9. When a target device connects to the TWG, the TWG executes the requested actions on the devices. 10. TWG sends the result of the job execution to the Results Collector. 11.The Results Collector collects results, and sends multiple results based on how the administrator has configured the Results Collector, and sends them to the SWD Manager. The SWD Manager is responsible for the report management for Software Distribution. After these operations the report is sent to APM to allow the update of the state of the plan on devices. Reports10 PDA Management with IBM Tivoli Configuration Manager
  24. 24. are sent from TWG to the SWD Manager by the MCollect service. MCollect moves data from the endpoint to the TMR.1.2 Our approach It is the intention of this redbook to show how to enable the management of pervasive devices by small and medium businesses (SMBs). While the information provided in the following chapters can be used on deployments of any size, our focus is to provide a concise and straight forward approach to the deployment of required components into a single box. This single box will serve all pervasive devices in a small- to medium-sized organization. Of course, the instructions provided by this redbook can also be used and easily adapted to any sized deployment. Figure 1-4 on page 12 shows the basic architecture for managing pervasive devices. Since IBM DB2 is the only supported RDBMS by the Tivoli Web Gateway, it is shown in Figure 1-4 on page 12 as the RDBMS used also by the Tivoli server. Chapter 2, “Getting the environment up and running” on page 13 provides all steps required to install and configure the components for this single-box approach. Chapter 1. Device management architecture 11
  25. 25. TMR Server RIM Tivoli Resource Manager Server Host Tivoli Gateway Tivoli Resource Manager GW IBM DB2 Server Endpoint Tivoli Web Gateway Resource Collector WebSphere Server IBM DB2 Client HTTP HTTP HTTP Host PC with Pervasive Host PCs with Pervasive device connected device connected Figure 1-4 Single-box approach To optionally protect the enrollment URLs, you can use IBM Tivoli Access Manager for e-business software. The WebSEAL component of Tivoli Access Manager for e-business lets organizations control access to applications and data, and provides Single Sign-On (SSO) for authorized users. Tivoli Access Manager for e-business integrates with the Tivoli Resource Manager via a junction to deliver a secure personalized e-business experience for authorized pervasive devices users. Chapter 3, “Implementing security on the PDA management environment” on page 65 also provides additional information on how to protect the Tivoli Resource Manager environment.12 PDA Management with IBM Tivoli Configuration Manager
  26. 26. 2 Chapter 2. Getting the environment up and running In this chapter, we show how to install the necessary components for PDA management through the Tivoli Web Gateway. Our primary focus is on how to scale down IBM Tivoli Configuration Manager, that is, how to install most of the components on one single server using the model shown in Figure 1-4 on page 12. We will go through the basic installation steps of the components, showing the possible gaps in the installation procedure. The following will be discussed in this chapter: Planning for the single-box installation Single-box implementation: RS/6000-based Single-box implementation: Intel-based Tivoli Resource Gateway configuration© Copyright IBM Corp. 2003. All rights reserved. 13
  27. 27. 2.1 Planning for the single-box installation In this section, we provide the hardware and software requirements for pervasive management with the Tivoli Web Gateway component of IBM Tivoli Configuration Manager. The information provided here is for reference only. Always consult the IBM Tivoli Configuration Manager Version 4.2 Release Notes, GI11-0934 for up-to-date information.2.1.1 Software requirements The following software needs to be installed for the Tivoli Web Gateway: IBM DB2 Universal Database Enterprise Edition Version 7.2 IBM DB2 Universal Database Enterprise Edition Fixpack 7 (Version 7.2.5) IBM WebSphere Application Server Advanced Edition Version 4.0.1 IBM WebSphere Application Server Advanced Edition Fixpack 3 (Version 4.0.3) IBM Tivoli Framework Version 4.1 IBM Tivoli Configuration Manager Version 4.2 IBM Tivoli Access Manager for e-business Version 3.9 or later- Optional IBM Tivoli Access Manager for e-business WebSEAL Version 3.9 or later - Optional2.1.2 Hardware requirements The hardware/operating system requirements for the Tivoli Web Gateway are: For AIX® operating systems on pSeries™ and PowerPC® systems, the Web Gateway database and Web Gateway server are supported on IBM AIX 4.3.3 or IBM AIX 5.1 running a 332 megahertz (MHz) or greater processor. For Linux on Intel 486 and Pentium systems, the Web Gateway database and Web Gateway server are supported on Red Hat 7.2 running a 1130 MHz or greater processor. For Solaris operating environment on Sun SPARC systems, the Web Gateway database and Web Gateway server are supported on Sun Solaris 7 or Sun Solaris 8 running a 332 MHz or greater processor. For Windows operating system on Intel 486 and Pentium systems, the Web Gateway database and Web Gateway server are supported on Microsoft Windows NT 4.0 Server with SP™ 6a, Microsoft Windows 2000 Server with SP2®, and Microsoft Windows 2000 Advanced Server with SP2 running a 600 MHz or greater processor.14 PDA Management with IBM Tivoli Configuration Manager
  28. 28. Table 2-1 Memory / disk space requirements for Tivoli Web Gateway Component Disk Space Memory Web Gateway database 672 MB 512 MB Web Gateway server 300 MB 1 GB Bear in mind that the IBM Tivoli Configuration Manager is dependent on some supporting applications, such as IBM DB2 and IBM WebSphere Advanced Edition. The hardware requirements for the system you intend to use also has to meet the minimum hardware requirements of such applications. Single-box hardware requirements In order to achieve the single-box approach, here are the hardware specifications used in our lab environment for the Tivoli Web Gateway installation for that particular equipment. We will show the installation procedures for the Tivoli Web Gateway on both AIX and Windows 2000 Advanced server platforms. We use the following hardware and system software: Intel-based Single-box Tivoli Web Gateway Server – P4 2.4 GHz processor – 1 GB RAM – 40 GB hard disk – Windows 2000 Advanced Server with Service Pack 3 RS/6000-based Single-box Tivoli Web Gateway Server – 2 * POWER3 processor – 2 GB RAM – 3 * 18 GB hard disk – AIX 4.3.32.1.3 Installation matrix This section covers the installation matrixes for the single-box approach on the Intel-based and RS/6000®-based platforms. The following tables describe the installation/configuration time requirements for each of the components on each platform. In subsequent sections, we show the installation steps for each server individually. Both the servers will have a separate Tivoli environment. Both the RS/6000-based and Intel-based servers will have only the necessary components of the Tivoli Web Gateway installation. Optionally, a second machine can be used to protect the PDA management environment. In this case, IBM Tivoli Access Manager for e-business and IBM Tivoli Access Manager WebSEAL (WebSEAL) need to be installed. This will be Chapter 2. Getting the environment up and running 15
  29. 29. covered for the Intel platform only in Chapter 3, “Implementing security on the PDA management environment” on page 65. The component installation/configuration and estimated times matrix for the RS/6000-based environment is shown in Table 2-2. Table 2-2 RS/6000-based installation matrix RS/6000-based Tivoli Web Gateway Server Estimated Time 1 (minutes) IBM DB2 + IBM DB2 Fixpack 7 (V7.2.5) 40 IBM WebSphere Advanced Edition + Fixpack 3 (V4.0.3) 40 IBM HTTP Server 1.3.19.2 (installed with the base - WebSphere installation + fixpack applied) IBM Tivoli Configuration Manager 4.2 (using integrated 90 installation, which includes all the Tivoli software components required for the PDA management solution) Tivoli Web Gateway 30 1 Total estimated time: 3-4 hours The component installation/configuration and estimated times matrix for the Intel-based environment is shown in Table 2-3. Table 2-3 Intel-based installation matrix Intel-based Tivoli Web Gateway Server Estimated Time 1 (minutes) IBM DB2 + IBM DB2 fixpack 7 (V7.2.5) 30 IBM WebSphere Advanced Edition + Fixpack 3 (V4.0.3) 40 IBM HTTP Server 1.3.19.2 (installed with the base - WebSphere installation + fixpack applied) IBM Tivoli Configuration Manager 4.2 (using integrated 80 installation, which includes all the Tivoli software components required for the PDA management solution) Tivoli Web Gateway 40 IBM Tivoli Access Manager 3.9 (includes all the Access 120 Manager components for securing the PDA management environment). Optional. 1 Total estimated time: 5-6 hours (including optional components)16 PDA Management with IBM Tivoli Configuration Manager
  30. 30. The component installation/configuration and estimated times matrix for the optional security infrastructure - Intel-based environment is shown in Table 2-4. Table 2-4 Security infrastructure- Intel-based installation matrix Intel-based Tivoli Web Gateway Server Estimated Time 1 (minutes) IBM Tivoli Access Manager for e-business 3.9 (includes all 120 the Access Manager components for securing the PDA management environment). Optional.2.2 Single-box implementation: RS/6000-based Prior to installing all the components for the Tivoli Web Gateway and the related software, we need to ensure all the operating system packages are installed and configured at the correct level. On AIX 4.3.3, the following steps need to be performed: 1. We installed the following extra AIX filesets: – X11.adt.lib 4.3.3.10 – bos.rte 4.3.3.10 – devices.isa_sio.baud.rte 4.3.2.1 Note: If you do not have the required level of AIX filesets and you do not have the installation media, you can download the upgrade packages from http://techsupport.services.ibm.com/server/mlfixes/43/. 2. We created and mounted the file systems shown inTable 2-5 to enable a successful installation. Table 2-5 Created file systems File system name File system size in 512-byte blocks /tivoli 1048576 /db 1048576 /dmsdb 1048576 3. We also had to expand some base filesystems, such as those listed in Table 2-6 on page 18. Chapter 2. Getting the environment up and running 17
  31. 31. Table 2-6 Expanded file systems File system name Expanded size in 512-byte blocks /usr 3014656 /home 327680 /tmp 655360 4. We edited the /etc/hosts file to contain both the host name and the fully qualified host name of the Server.2.2.1 IBM DB2 Server installation This section describes the IBM DB2 Universal Database Enterprise Edition Server Version 7.2 installation process on AIX. 1. Log in as a user with root authority, move to the directory where the DB2 7.2 Server for AIX CDROM is mounted, and start the DB2 setup utility, as follows: # ./db2setup 2. The Install DB2 V7 window, shown in Figure 2-1, appears. Select DB2 Administration Client and DB2 UDB Enterprise Edition. Figure 2-1 Install DB2 V7 components18 PDA Management with IBM Tivoli Configuration Manager
  32. 32. 3. A New DB2 instance should be created for the Administration Server database. We specified the DB2 instance name db2inst1, as shown in Figure 2-2. You should also specify /home/db2inst1 as the instance owner directory.Figure 2-2 Create DB2 Services - DB2 Instance db2inst14. The installation process creates the DB2 fenced user. We specified the DB2 instance name db2fenc1, as shown in Figure 2-3 on page 20. Chapter 2. Getting the environment up and running 19
  33. 33. Figure 2-3 Create the DB2 fenced user 5. Select the Do not set up DB2 Warehouse Control Database option at the next window and then click OK. 6. Next, Figure 2-4 on page 21 shows the values we used to create the user ID for the DB2 Administration Server.20 PDA Management with IBM Tivoli Configuration Manager
  34. 34. Figure 2-4 Administration Server window7. The installation process creates and sets the values of several environment variables, for example DB2SYSTEM.8. At the end of the installation process, you may check the installation log file created at /tmp/db2setup.log.9. The installed JDBC code level needs to be upgraded to Version 2.0. You should log on to the system with a valid DB2 user ID, and issue the following commands: – For bash, Bourne, or Korn shell: # . INSTHOME/sqllib/db2profile # cd /INSTHOME/sqllib/java12/ # . ./usejdbc2 Where INSTHOME is the home directory of the instance. – Verify that the JDBC level is correct by entering the following command: # echo $CLASSPATH The output must include the following path: INSTHOME/sqllib/java12/db2java.zip Chapter 2. Getting the environment up and running 21
  35. 35. 2.2.2 IBM DB2 Fixpack 7 installation This session describes the installation of DB2 Fixpack 7 on AIX. Here are the steps for installing IBM DB2 Fixpack 7: 1. Stop all database activity before applying this fixpack. To stop all database activity, issue the commands: # db2stop # db2admin stop 2. Unzip the fixpack using the following command to get a tar file: # gzip FP7_U484480.tar.Z 3. Un-tar the fixpack using the following command to extract the fixpack files. # tar -xvf FP7_U484480.tar 4. Run the following command to install the fixpack from the location where you un-tar the fixpack files. # ./installFixpack 5. Provide the DB2 instance password if prompted. 6. The installation wizard copies the files and finishes the installation of the fixpack. Note: If you are using a 32-bit IBM DB2 Server, make sure to install the 32-bit Fixpack 7. Or if you are using a 64-bit IBM DB2 Server, make sure to install the 64-bit Fixpack 7.2.2.3 IBM WebSphere installation For our environment, we decided to use the IBM WebSphere Application Server Advanced Edition Version 4.0. In this section, we describe the IBM WebSphere Application Server Advanced Edition Version 4.0 installation steps on AIX. In order to install IBM WebSphere Application Server Advanced Edition Version 4.0, perform the following steps: 1. Logged in as a user with root authority, create the WAS40 database on DB2. Next the server and the database need to be cataloged, as shown in Example 2-1, where <hostname> is the host name of your machine. Example 2-1 Creating and cataloging WAS40 database on DB2 # su - db2inst1 # db2 create database was # db2 update db config for WAS using applheapsz 256 # db2 catalog tcpip node db2svr remote <hostname> server 5000022 PDA Management with IBM Tivoli Configuration Manager
  36. 36. # db2 catalog database was as was40 at node db2svr# db2 connect to was user dmsadmin using dmsadmin2. Logged in as a user with root authority, issue the following command from the directory where the IBM WebSphere Application Server CD-ROM is mounted: # ./install.sh3. You are then prompted to select the type of installation. We have selected Typical Installation, as it will automatically install all the required components, such as the WebSphere Application Assembly Tool (AAT). If you decide to use a different installation method, make sure you select the AAT option.4. In the next window, the installation wizard asks for the database information. WebSphere Server uses this database repository to store configuration information. In our scenario, we used the local DB2 Server installed on the Server machine. Database type: DB2 You should also provide the database name: Database name (SID): was40 The DB2 instance owner home directory: DB home: /home/db2inst1 And the user ID and password of the DB2 instance owner: Database user id: db2inst1 Database password: ****5. In the following window, you need to specify the installation directories. We used the default values /usr/WebSphere/AppServer and /usr/HTTPServer.6. A final installation window informs you that the setup program has finished.7. When the installation of WebSphere completes successfully, the window shown in Figure 2-5 on page 24 appears. Select Start the Application Server. Chapter 2. Getting the environment up and running 23
  37. 37. Figure 2-5 IBM WebSphere Application Server configuration window 8. Launch the Administrative Console and start the Default Server. 9. Open a Web browser and type in the following URL: http://WebSphere_Server/servlet/snoop Where WebSphere_Server can either be the Administration server’s host name or IP address. Information about /servlet/snoop is displayed.24 PDA Management with IBM Tivoli Configuration Manager
  38. 38. Figure 2-6 WebSphere Servlet/Snoop information 10.The IBM WebSphere Application Server runs as root and requires access to the IBM DB2 environment. You should insert the following line at the end of root’s .profile file: ./home/db2inst1/sqllib/db2profile Assuming that the db2inst1 is the IBM DB2 instance owner.2.2.4 IBM WebSphere Fixpack 3 installation Because the Tivoli Web Gateway Server requires IBM WebSphere Application Server Advance Server 4.0.3, here are the steps for installing IBM WebSphere Fixpack 3: 1. Make sure you stop IBM HTTP Server and IBM WebSphere Application Server before installing the fixpack, as follows: a. To stop the HTTP Server, type the following command: # cd /usr/HTTPServer/bin # ./apachectl stop Chapter 2. Getting the environment up and running 25
  39. 39. b. To stop the IBM WebSphere Application Server: # cd /WebSphere_AppServer_Install_Directory/bin # ./stopServer.sh 2. Un-tar the fixpack using the following command to extract the fixpack files: # tar -xvf was40_ae_ptf_3_aix.tar 3. Run the following command to install fixpack from the from the location you un-tar the fixpack files: # ./install.sh 4. During the installation of this fixpack, the setup asks many questions. These questions allow you to select the modules that the fixpack will update. In our case, we answered “No” to iPlanet and Apache updates because we were using IBM HTTP Server. 5. Start the WebSphere Server manually: # cd /<WebSphere_AppServer_Install_Directory>/bin # ./startServer.sh Where <WebSphere_AppServer_Install_Directory> is the directory where you installed the IBM WebSphere Application Server. Note: In order to have both IBM HTTP Server and IBM WebSphere Application Server, you may add startup entries in the inetd.conf file.2.2.5 IBM Tivoli Configuration Manager installation In this section, we will install the IBM Tivoli Configuration Manager 4.2 (ITCM) and the IBM Tivoli Framework 4.1 using the integrated installation option. The integrated installation is a Java-based InstallShield application that guides you through the setup process. We will use the typical installation method in order to simplify the process. In order to make this method work, you must perform the following steps: 1. Create user IDs for the ITCM. The default user IDs and passwords are shown in Table 2-7. Table 2-7 ITCM default user IDs User IDs Password Group ID planner planner db2iadm1 mdstatus mdstatus db2iadm1 invtiv tivoli db2iadm126 PDA Management with IBM Tivoli Configuration Manager
  40. 40. User IDs Password Group ID tivoli tivoli db2iadm1 dmsadmin db2iadm1 dmsuser db2iadm1 The users are used by the integrated installation to run the database schema and admin scripts and access the database through the automatically created RIM objects. We also create the required users for the Web Gateway server installation. The dmsadmin DB2 user owns the database tables, and the dmsuser DB2 user accesses and queries the database tables. In our case, we specified the password for those users to be the same as their user IDs. You can use the following command to create the user IDs: mkuser pgrp=db2iadm1 <userid> Set the passwords for these users repeating the following command: passwd <userid>2. Create the cm_db database performing the following steps: # su - db2inst1 # db2 create db cm_db3. Mount the ITCM installation media, go into the FRESH directory and start installation with the following command: # ./setup_aix.bin Click Next in the ITCM installation start window (Figure 2-7 on page 28). Chapter 2. Getting the environment up and running 27
  41. 41. Figure 2-7 ITCM integrated installation start window 4. Select I accept terms in the license agreement and click Next.28 PDA Management with IBM Tivoli Configuration Manager
  42. 42. Figure 2-8 Installation type selection5. Select the Typical installation option and click Next.6. Specify the directory to be used for the installation. Specify /tivoli and click Next. Chapter 2. Getting the environment up and running 29
  43. 43. Figure 2-9 Database vendor specification 7. Select DB2 as the database vendor and the /home/db2inst1/sqllib as the Database Client interface home, as shown in Figure 2-9. Note that /home/db2inst1 is the DB2 instance owner directory created during the IBM DB2 installation process. Click Next.30 PDA Management with IBM Tivoli Configuration Manager
  44. 44. Figure 2-10 RDBMS and RIM information specification8. In the next window (Figure 2-10), specify the RDBMS and RIM information. Most of the information is automatically given by the setup program. Specify the password for the db2inst1 and click Next. Chapter 2. Getting the environment up and running 31
  45. 45. Figure 2-11 Review installation settings 9. The Review the Installation Setting window appears. By clicking the Next button, the ITCM installation starts. It will ask frequently for the installation media, such as the Tivoli Framework 4.1 CDs 1 and 2 or the ITCM 4.2 server CD. However, you will not have to look for the specific product directories on the CD, because the installation program finds it automatically.32 PDA Management with IBM Tivoli Configuration Manager
  46. 46. Figure 2-12 Successful installation 10.At the completion of a successful installation, you can check the list of the successfully installed products and database scripts.2.2.6 Tivoli Web Gateway Server installation on AIX Important: If you intend to enable security in your pervasive device management environment, you must proceed first with the IBM Tivoli Access Manager for e-business installation. Access Manager must be operational in order to the Tivoli Web Gateway installation be successful. Please refer to Chapter 3, “Implementing security on the PDA management environment” on page 65 for installation and configuration instructions. The Tivoli Web Gateway Server installation has aJava-based setup program similar to the ITCM4.2 installation. We will use the custom installation type. Before the installation, verify the following: Check if the IBM DB2 server is up and running Verify that IBM HTTP Server is started. In a browser, type the following http://<hostname>:ihs_http_port Chapter 2. Getting the environment up and running 33
  47. 47. Verify that WebSphere Application Server and IBM HTTP Server are started and the Default Server Application server is started. In a browser, type the following: http://<hostname>:ihs_http_port/servlet/snoop The following components will be installed by the setup program: Tivoli Endpoint Web Gateway Database Tivoli Web Gateway Server Web Infrastructure Inventory plug-in for Web Infrastructure Software Distribution plug-in for Web Infrastructure For details on each one of the above components, refer to IBM Tivoli Configuration Manager Introduction Version 4.2, GC23-4703. To proceed with the installation, follow these steps: 1. Mount the ITCM installation media and start the installation: # ./setup_aix.bin Figure 2-13 Tivoli Web Gateway integrated installation start window Click Next on the Tivoli Web Gateway installation start window. 2. Select I accept terms in the license agreement and click Next.34 PDA Management with IBM Tivoli Configuration Manager
  48. 48. Figure 2-14 Select Type of Installation3. Select the Custom installation type and click Next.Figure 2-15 Tivoli Web Gateway Component selection Chapter 2. Getting the environment up and running 35
  49. 49. 4. As shown in Figure 2-15 on page 35, select all components to install and click Next. Figure 2-16 Endpoint Information dialog 5. In the endpoint installation window, specify the following options: – Destination directory This is where the endpoint will be installed. Leave this option at the default value, /opt/Tivoli/lcf. – Gateway port This is the port of the Tivoli Endpoint Gateway. As the ITCM integrated installation uses the default port for the Gateway, leave this at 9494. – Endpoint port This is the port of the installable Tivoli Endpoint. Use the default value, which is 9495. – Endpoint options Here, select the lcs.login_interfaces option, which represents the Tivoli Endpoint Gateway’s IP address and port where the Endpoint will log on at the first time. In our case the full syntax is: -D lcs.login_interfaces=<IPaddr>+9494 where <IPaddr> is the IP address of the single box.36 PDA Management with IBM Tivoli Configuration Manager
  50. 50. Figure 2-17 Web Gateway Database information specification6. The next step, shown in Figure 2-17, is to specify the Tivoli Web Gateway database information. The following options need to be specified: – Destination directory This is the temporary directory where the database installation files such as sql and shell scripts are unpacked and executed. We used the default option /tmp/TWG. – DB2 Instance Name The name of the DB2 instance in our scenario is db2inst1. – DB2 port The TCP/IP port of the DB2 server. The default value provided is used (5000). To figure out your DB2 port, look in the /etc/services file. – Password for the dmsadmin user We used the dmsadmin as password. – Password for dmsuser user We used the dmsuser as password. – Database home We used the /dmsdb default option. Chapter 2. Getting the environment up and running 37
  51. 51. – Database container home The database will be installed in this directory. We used the default option /db/db2. Figure 2-18 Web Gateway Server Information 7. Define the Web Gateway server- related options shown in Figure 2-18. – Destination directory Where the Web Gateway Server files will be installed. We used the default option /usr/TivTwg. – Web server home We installed the IBM HTTP server to the /usr/HTTPServer directory, which is the default option. – JDBC driver home The location of the JDBC driver. The default option is /home/db2inst1/sqllib/java12/db2java.zip. If you use a different DB2 instance from db2inst1, you have to specify the correct values here.38 PDA Management with IBM Tivoli Configuration Manager
  52. 52. Figure 2-19 Web Gateway Server Configuration Information8. Specify the RDBMS and Web Gateway connection information in the window shown in Figure 2-19. Using the default options is recommended. Chapter 2. Getting the environment up and running 39
  53. 53. Figure 2-20 Access Manager configuration information Important: If you intend to enable security in your pervasive device management environment, you must proceed first with the IBM Tivoli Access Manager for e-business installation. Access Manager must be operational in order for the Tivoli Web Gateway installation to be successful. Please refer to Chapter 3, “Implementing security on the PDA management environment” on page 65 for installation and configuration instructions. 9. If you do not wish to enable security with IBM Tivoli Access Manager for e-business, set the Enable Security option to False, as shown in Figure 2-20. Otherwise, refer to 3.3.3, “Installing Tivoli Web Gateway with security enabled” on page 91 for details on this step.40 PDA Management with IBM Tivoli Configuration Manager
  54. 54. Figure 2-21 Review installation settings10.The Review the Installation Settings window appears. By clicking the Next button, the installation starts. It will ask frequently for the installation media, such as the Tivoli Framework 4.1 CDs 1 and 2 or the ITCM 4.2 server CD. However, you will not have to look for the specific product directories on the CD, because the installation program finds it automatically. Click Next.11.At the Successful Installation window, you can check the list of products and components installed. Chapter 2. Getting the environment up and running 41
  55. 55. Figure 2-22 Starting the DMS_AppServer 12.To test the installation, start up the DMS_AppServer from the WebSphere Administrative Console. Open the following link in a Web browser: http://<hostname>/dmserver/ResultsCollector where <hostname> is the host name of your Tivoli server machine. If the installation was successful, it displays some basic information in the browser window concerning the Web Gateway. Expand the Application Servers folder, right-click DMS_AppServer and select Start.2.3 Single-box implementation: Intel-based Prior to installing all the components for the Tivoli Web Gateway and the related software, we need to ensure all the operating system packages are installed and42 PDA Management with IBM Tivoli Configuration Manager
  56. 56. configured at the correct level. On Windows 2000 Advanced Server, the following steps need to be performed: 1. We installed the Service Pack 3 and all the Microsoft critical updates. 2. We stopped and disabled the Internet Information Services (IIS) services because it conflicts with the port to be used by the IBM HTTP server. They both use port 80. Alternatively you can set your IIS server to a different port. If you install a fresh Windows 2000 Advanced Server on your server, you can disable the installation of the IIS when you install the additional services. 3. We edited the c:winntsystems32driversetchosts file to add the host name and the fully qualified host name of the server machine.2.3.1 IBM DB2 Server installation This section describes the IBM DB2 Universal Database Enterprise Edition Server Version 7.2 installation process on Windows. Note: Use the installation media provided with the IBM Tivoli Configuration Manager product. This ensures that you install the correct version and fixpack of DB2. 1. Load the DB2 installation media. 2. Select Start -> Run. Type in D:setup.exe and click OK to start the installation. From the Installation window, select Install. 3. The Select Products window opens. From this window you can select the component(s) of DB2 for Windows you would like to install. Select DB2 Enterprise Edition as shown in Figure 2-23 on page 44. Click Next. Chapter 2. Getting the environment up and running 43
  57. 57. Figure 2-23 Select DB2 Enterprise Edition 4. The Select Installation Type window opens. Select the installation type you prefer. We selected Typical. 5. For the installation directory, we used C:db2. 6. For the DB2 administrative user, we selected db2admin. 7. After the installation wizard copies the DB2 files onto the machine, the Install OLAP Starter Kit window opens. Select Do not install the OLAP Starter Kit and then click Finish. 8. Update Java. The installed JDBC code level needs to be upgraded to Version 2.0. You should open a DOS-command prompt window and issue the following commands: cd DB2_DIRjava12 usejdbc2 Where DB2_DIR is the DB2 installation directory. The usejdbc2 command will copy the appropriate version of db2java.zip into the DB2_DIRjava12 directory. 9. Reboot the machine.2.3.2 IBM DB2 Fixpack 7 installation This section describes the installation of IBM DB2 Fixpack 7 on Windows.44 PDA Management with IBM Tivoli Configuration Manager
  58. 58. If you are installing the fixpack by using the Administrator account of Windows 2000 Advanced Server, please make sure you complete the following steps: 1. Click Start -> Programs -> Administrative Tools -> Local Security Settings -> User Rights Assignment. 2. In the window, you will see lists of user rights. Make sure the Administrator account has the following rights: – Act as part of Operating System – Create a token object – Increase quotas – Replace a process level token Note: Once you have installed a fixpack, you won’t be able to un-install it. 3. Stop all database activity before applying this fixpack. To stop all database activity, on a DB2 command window run: c:db2sqllibbin:>db2stop c:db2sqllibbin:>db2admin stop 4. Unzip and extract the fixpack files to a temporary directory. 5. Run the following command to install fixpack from the fixpack directory: c:fp7_wr21311setup.exe 6. Key in the DB2 instance owner password if the setup prompts for it and click Next. 7. The wizard shows the selection window. Click Next to continue. 8. As soon as the installation ends, reboot the machine.2.3.3 IBM WebSphere installation For our environment, we use the IBM WebSphere Application Server Advanced Edition Version 4.0 (plus Fixpack 3). In this section, we describe the IBM WebSphere Application Server Advanced Edition Version 4.0 installation steps on Windows. In order to install IBM WebSphere Application Server Advanced Edition Version 4.0, perform the following steps: 1. Logged in as Administrator, issue the following command from the directory where the IBM WebSphere Application Server CD-ROM is mounted: setup.exe 2. You are then prompted to select the type of installation. We have selected Typical Installation, because it will automatically install all the required Chapter 2. Getting the environment up and running 45
  59. 59. components, such as the WebSphere Application Assembly Tool (AAT). If you decide to use a different installation method, make sure you select the AAT option. 3. In the following window you should specify the installation directories. We used the default values C:WebSphereAppServer and C:IBM HTTPServer. 4. In the next window, the installation wizard asks for the database information. WebSphere uses this database repository to store configuration information. In our scenario we used the local DB2 Server installed on the Runtime server machine. Database type: DB2 You should also provide the database name to be created: Database name (SID): was40 Provide the DB2 instance owner user ID, password, and home directory: Database user id: db2admin Database password: Database Path: c:db2sqllib 5. A final installation window informs you that the setup program has finished. 6. When the installation of WebSphere completes successfully, the window shown in Figure 2-24 appears. Select Start the Application Server. Figure 2-24 IBM WebSphere Application Server configuration window46 PDA Management with IBM Tivoli Configuration Manager
  60. 60. 7. Recycle the IBM WebSphere Application Server by clicking Start -> Programs -> IBM WebSphere -> Application Server V4.0 AE ->Stop Admin Server. Then select Start -> Programs -> IBM WebSphere -> Application Server V4.0 AE ->Start Admin Server. 8. Open the services window and set the IBM WS Admin Server 4.0 to start automatically instead of manually. 9. Launch the Administrative Console and start the Default Server. 10.Open a Web browser and type in the following URL: http://WebSphere_Server/servlet/snoop Where WebSphere_Server can either be the Administration server’s host name or an IP address. Information about /servlet/snoop is displayed. Note: IBM HTTP Server and IBM WebSphere may not start automatically after restarting the machine. In this case, you will have to start it manually. For Windows, you may open the Services window and change the startup option for IBM HTTP Server and IBM WebSphere from Manual to Automatic.2.3.4 IBM WebSphere Fixpack 3 installation Since the Tivoli Web Gateway Server requires IBM WebSphere Application Server Advanced Server 4.0.3, here are the steps for installing the WebSphere Fixpack 3: 1. Make sure you stop IBM HTTP Server and IBM WebSphere Application Server before installing the fixpack. 2. Unzip the fixpack named was40_ae_ptf_3.zip to a temporary directory. 3. Run the following command to install the fixpack from the fixpack directory. c:was40_ae_ptf_3install.bat 4. During the installation of this fixpack, the setup asks many questions. These questions allow you to select the modules that the fixpack will update. In our case we answered “No” to iPlanet updates and Apache updates because we use IBM HTTP Server.2.3.5 IBM Tivoli Configuration Manager installation We also need to install IBM Tivoli Configuration Manager 4.2 and Framework 4.1 using the integrated installation option of IBM Tivoli Configuration Manager. The integrated installation is a Java-based InstallShield application, which guides you through the setup process. We will use the typical installation method in order to Chapter 2. Getting the environment up and running 47
  61. 61. simplify the process. In order to make this method work, you must perform the following steps: 1. Create user IDs for the ITCM. The default user IDs and passwords are shown in Table 2-8. Table 2-8 ITCM default user IDs User IDs Password Group ID planner planner Administrators mdstatus mdstatus Administrators invtiv tivoli Administrators tivoli tivoli Administrators dmsadmin Administrators dmsuser Administrators The users are used by the integrated installation to run the database schema and admin scripts and access the database through the automatically created RIM objects. We also create the required users for the Web Gateway server installation. The dmsadmin DB2 user owns the database tables, and the dmsuser DB2 user accesses and queries the database tables. In our case, we specified the password for those users to be the same as their user IDs. You can use the following command to create the user IDs: net user <userid> dmsuser /add net localgroup "Administrators" mdstatus /add 2. Create the cm_db database performing the following steps. Open the DB2 command console by selecting Start -> Programs -> IBM DB2 -> Command Line Processor. Type the following commands: create db cm_db # su - db2inst1 # db2 create db cm_db 3. Mount the ITCM installation media, go into the FRESH directory and start installation with the following command: setup.exe Click Next in the ITCM installation start window (Figure 2-25 on page 49).48 PDA Management with IBM Tivoli Configuration Manager
  62. 62. Figure 2-25 ITCM integrated installation start window4. Select I accept terms in the license agreement and click Next.Figure 2-26 Installation type selection Chapter 2. Getting the environment up and running 49
  63. 63. 5. Select the Typical installation option and click Next. 6. Specify the directory to be used for the installation. Specify c:Program filesTivoli as the destination directory and click Next. Figure 2-27 Database vendor specification 7. Select DB2 as the database vendor and c:DB2Sqllib as the Database Client interface home, as shown in Figure 2-27. Note that c:DB2 is the DB2 instance owner directory created during the IBM DB2 installation. Click Next.50 PDA Management with IBM Tivoli Configuration Manager
  64. 64. Figure 2-28 RDBMS and RIM information specification8. In the next window (Figure 2-28), specify the RDBMS and RIM information. Most of the information is automatically given by the setup program. Specify the password for the db2admin and click Next. Chapter 2. Getting the environment up and running 51
  65. 65. Figure 2-29 Review installation settings. 9. The Review the Installation Setting window appears. By clicking the Next button, the installation starts. It will ask frequently for the installation media, such as the Tivoli Framework 4.1 CDs 1 and 2 or the ITCM 4.2 server CD. However, you will not have to look for the specific product directories on the CD, because the installation program finds it automatically. Click Next. 10.After the Framework installation, you must restart your computer. The installation continues automatically at the reboot. Select the Now option and click Next.52 PDA Management with IBM Tivoli Configuration Manager
  66. 66. Figure 2-30 Successful Installation 11.At the completion of a successful installation, you can see the list of the successfully installed products and database scripts.2.3.6 Tivoli Web Gateway Server installation on WIndows Important: If you intend to enable security in your pervasive device management environment, you must proceed first with the IBM Tivoli Access Manager for e-business installation. Access Manager must be operational in order for the Tivoli Web Gateway installation to be successful. Please refer to Chapter 3, “Implementing security on the PDA management environment” on page 65 for installation and configuration instructions. The Tivoli Web Gateway Server installation has a Java-based setup program similar to the ITCM4.2 installation. We will use the custom installation type. Before the installation, verify the following: Check if the IBM DB2 server is up and running. Verify that IBM HTTP Server is started. In a browser, type the following: http://<hostname>:ihs_http_port Chapter 2. Getting the environment up and running 53
  67. 67. Verify that WebSphere Application Server and IBM HTTP Server are started and the Default Server Application server is started. In a browser, type the following: http://<hostname>:ihs_http_port/servlet/snoop The following components will be installed by the setup program: Tivoli Endpoint Web Gateway Database Tivoli Web Gateway Server Web Infrastructure Inventory plugin for Web Infrastructure Software Distribution plugin for Web Infrastructure For details on each one of the above components, refer to IBM Tivoli Configuration Manager Introduction Version 4.2, GC23-4703 . To proceed with the installation, follow these steps: 1. Mount the ITCM installation media and start the installation: setup.exe Figure 2-31 Tivoli Web Gateway integrated installation start window Click Next in the Tivoli Web Gateway installation start window. 2. Select I accept terms in the license agreement and click Next.54 PDA Management with IBM Tivoli Configuration Manager
  68. 68. Figure 2-32 Select Type of Installation3. Select the Custom installation type and click Next.Figure 2-33 Tivoli Web Gateway Component selection Chapter 2. Getting the environment up and running 55

×