HP Systems Insight Manager 7.0 User Guide
Table Of Contents
- Systems Insight Manager 7.0 User Guide
- Table of Contents
- Part I Introduction
- Part II Setting up HP SIM
- 3 Setting up managed systems
- 4 Credentials
- 5 WMI Mapper Proxy
- 6 Discovery
- 7 Manage Communications
- 8 Automatic event handling
- 9 Users and Authorizations
- 10 Managed environment
- Part III HP SIM basic features
- 11 Basic and advanced searches
- 12 Monitoring systems
- 13 Event management
- 14 Reporting in HP SIM
- 15 HP SIM tools
- Part IV HP SIM advanced features
- 16 Collections in HP SIM
- 17 HP SIM custom tools
- 18 Federated Search
- 19 CMS reconfigure tools
- 20 Understanding HP SIM security
- 21 Privilege elevation
- 22 Contract and warranty
- 23 License Manager
- 24 Storage integration using SMI-S
- 25 Managing MSCS clusters
- 26 HP SIM Audit log
- 27 HP Version Control and HP SIM
- 28 Compiling and customizing MIBs
- A Important Notes
- System and object names must be unique
- Setting the Primary DNS Suffix for the CMS
- Distributed Systems Administration Utilities menu options not available
- Virtual machine guest memory reservation size
- Insight Remote Support Advanced compatibility
- Database firewall settings
- Annotating the portal UI
- Security bulletins
- Validating RPM signatures
- Central Management Server
- Complex systems displaying inconsistency with the number of nPars within the complex
- Configure or Repair Agents
- Data collection reports
- B Troubleshooting
- Authentication
- Browser
- Central Management Server
- Complex
- Configure or Repair Agents
- Container View
- Credentials
- Data Collection
- Database
- Discovery
- iLO
- Linux servers
- Event
- Host name
- HP Insight Control power management
- Insight Control virtual machine management
- HP Smart Update Manager
- Systems Insight Manager
- Identification
- Installation
- License Manager
- Locale
- Managed Environment
- HP MIBs
- Onboard Administrator
- OpenSSH
- Performance
- Ports used by HP SIM.
- Privilege elevation
- Property pages
- Reporting
- Security
- Sign-in
- SNMP settings
- SSH communication
- System Page
- System status
- Target selection wizard
- Tasks
- Tools
- Upgrade
- UUID
- Virtual identifiers
- Virtual machines
- VMware
- WBEM
- WBEM indications
- WMI Mapper
- C Protocols used by HP SIM
- D Data Collection
- E Default system tasks
- Biweekly Data Collection
- System Identification
- Old Noisy Events
- Events Older Than 90 Days
- Status Polling for Non Servers
- Status Polling for Servers
- Status Polling for Systems No Longer Disabled
- Hardware Status Polling for Superdome 2 Onboard Administrator
- Data Collection
- Hardware Status Polling
- Version Status Polling
- Version Status Polling for Systems no Longer Disabled
- Check Event Configuration
- Status polling
- F Host file extensions
- G System Type Manager rules
- H Custom tool definition files
- I Out-of-the-box MIB support in HP SIM
- J Support and other resources
- Glossary
- Index

enabled managed systems do not support the 2,048-bit key length. For those systems the default
1,024-bit SSO key must be used.
The certificate chosen for SSO, either the main certificate or the SSO default certificate, will be
used for all the managed systems selected for SSO.
Using the main certificate for SSO
The following command will select the main certificate for use as the SSO certificate:
mxcert -S 1
To switch back to the default 1,024-bit key length SSO certificate, use the following command:
mxcert -S 0
WBEM certificate
In HP SIM 7.0, the WBEM certificate uses the 2,048-bit key length. A new HP SIM 7.0 installation
creates a WBEM certificate with the 2,048-bit key length. The WBEM certificate can be regenerated
if required with the following commands:
mxcert -w(Distinguished Name)
mxcert -W
Upgrading to HP SIM 7.0
Upgrading from a previous version of HP SIM to 7.0 does not overwrite the main or WBEM
certificates. The existing certificates are maintained to preserve the trust relationships between the
CMS and managed systems. After the upgrade HP recommends you upgrade the HP SIM main
and WBEM certificates to use 2,048-bit keys.
The SSO certificate is created during the upgrade. To reestablish the trust relationships with the
managed systems you might need to import the newly generated main certificate into the managed
systems. Also, you might need to import the trusted certificates back into HP SIM's trust store.
Certificate expiration and Certificate Revocation Check (CLR Check)
HP SIM does not check for Certificate revocation of its trusted systems. The revocation of the trusted
system certificates must be done manually by removing them from HP SIM's trust store.
HP SIM's main self-signed certificate is valid for 10 years. Signing by a CA could set a different
expiration and add Certificate Revocation List (CRL).
Certificate sharing
HP SIM supports a mechanism whereby other components installed on the system can use the same
certificate and private key, facilitating authentication of the system as a whole instead of each
individual component. This is currently used by the Web Agents and the WBEM components on
the CMS.
SSH keys
An SSH key-pair is generated during initial configuration. The CMS public key is copied to the
managed system using the mxagentconfig tool. This key-pair is not the same as for SSL and requires
a manual process to regenerate a new pair. See the manpages or online documentation for
mxagentconfig for more details. See the Secure Shell (SSH) in HP SIM white paper located at
http://h18013.www1.hp.com/products/servers/management/hpsim/infolibrary.html.
The SSH keys of the trusted systems do not expire. These keys can be removed manually from the
trust store.
Credentials management 119