HP WBEM Services Version A.02.
© Copyright 2009 Hewlett-Packard Development Company, L.P. All rights reserved Legal Notices Confidential computer software. Valid license from HP required for possession, use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Table of Contents 1 HP WBEM Services Version A.02.07 Release Notes.................................................5 Announcement.......................................................................................................................................6 What's in This Version............................................................................................................................6 Product Documentation.............................................................................
List of Tables 1-1 1-2 1-3 1-4 1-5 1-6 1-7 1-8 4 HP WBEM Services Releases...........................................................................................................7 Remote User Authentication Methods..........................................................................................10 Software requirements and OS platform/version compatibility:..................................................13 HP-UX 11i v1 WBEM Solution Compatibility Table.........................................
1 HP WBEM Services Version A.02.
Announcement The following information is for Version A.02.07 of HP WBEM Services. HP WBEM Services for is available from http://software.hp.com. As the HP-UX implementation of the DMTF WBEM standard, the HP WBEM Services product enables management solutions that deliver increased control of enterprise resources at reduced cost.
• Audit Logging - Provides a mechanism from which auditors can use to track various WBEM client operations and provider usages. The audits include access, activity, and configuration changes on the selected CIM server for the WBEM client(s). A dynamic configuration property, enableAuditLog, is used to enable or disable audit logging at run time. By default, enableAuditLog is set to false.
— — • Configuration files CIM schemas Packaged Provider Modules — Computer System — Operating System — Process — Domain Name Service — Network Time Protocol — Network Information Service — IP To install any A.02.07 Version, use the instructions contained in these Release Notes. Product Documentation • • HP WBEM Services Administrator’s Guide, Second Edition B8465-90017 available from http://docs.hp.com/en/netsys.
Security Considerations Keep in mind the following security considerations if you plan to make use of SNMP as well as PRM and WLM: • You can use tools such as Process Resource Manager (PRM) and Workload Manager (WLM) to limit computing resources used by the WBEM Services processes. You can purchase these products from http://www.software.hp.com.
Table 1-2 Remote User Authentication Methods Certificate Based Authentication (CBA) HTTP Basic Authentication Description The cimserver requests the client certificate while HTTPS Using a request/challenge mechanism and authenticating connection is in progress. the user-supplied username and password through Pluggable Authentication Modules (PAM). Benefits and Considerations • Requires a one-time server configuration.
NOTE: HP-UX uses the cimservera executable in HP WBEM Services to provide the cimserver with PAM Authentication services. For more information, see the HP WBEM Services for HP-UX and Linux System Administrator's Guide (part number B8465-90017, chapter 3). More about using Client Certificate-Based Authentication Before making use of CBA, you must do the following: 1. 2. 3. Enable Certificate Based Authentication (CBA) using the cimconfig command. By default, CBA is disabled.
Here are two examples of updating certificates when an earlier version of HP WBEM Services was already installed: • Scenario 1: Using the default installed certificates from WBEM Services Version A.01.05: It is recommended that after installing HP WBEM Services Version A.02.07, you do the following: 1. — Delete the existing /var/opt/wbem/server_2048.pemand/or /var/opt/ wbem/server.pem files and use the certificates in /etc/opt/hp/sslshare directory. OR 2.
NOTE: The wbemexec command uses the file /etc/opt/hp/sslshare/client.pem as its trust store. Import the server certificates for this client into the /etc/opt/hp/ sslshare/client.pem file. Standards Conformance This version of the HP WBEM Services product complies with the following standards: • • • • CIM Operations over HTTP, Version 1.1 Representation of CIM in XML, Version 2.1 CIM Infrastructure Specification, Version 2.3 CIM Schema, Version 2.13.
/var 58 MB /usr 1 MB Depending on the number of CIM objects to be stored in the CIM Repository, additional disk space may be needed for the/var/opt/wbem directory. • Port Requirements: HP WBEM Services uses dedicated ports for CIM-XML traffic. Two ports are dedicated for CIM-XML communications between CIM clients and the CIM Server. One port is dedicated for CIM-XML communications between Indication sender and Indication receiver (a CIM Server).
Table 1-4 HP-UX 11i v1 WBEM Solution Compatibility Table Product Tag Product Title Product Version Supported HP WBEM Services Version iCOD HP-UX iCOD (Instant Capacity) B.11.11.09.01.00.28 A.02.07.04 NParProvider nPartition Provider HP-UX B.12.02.07.03 SW-DIST HP-UX Software Distributor B.11.11.0903.332 WBEMP-LAN LAN Provider for Ethernet B.11.11.0706 LAN interfaces VParProvider vPar Provider - HP-UX B.11.11.01.06 WBEMP-FCP WBEM Provider for FC HBAs B.11.11.
NOTE: Unless otherwise indicated, the table column titled “Product Version” indicates support for the listed or later versions. Table 1-5 HP-UX 11i v2 WBEM Solution Compatibility Table Product Tag Product Title Product Version Supported HP WBEM Services Version iCOD HP-UX iCOD (Instant Capacity) B.11.23.09.01.00.28 A.02.07.04 NParProvider nPartition Provider HP-UX B.23.01.07.05* SW-DIST HP-UX Software Distributor B.11.23.0903.332 WBEMP-LAN LAN Provider for Ethernet B.11.23.
Table 1-6 details HP-UX 11i v3 with product bundle and WBEM version compatibility information.
NOTE: Unless otherwise indicated, the table column titled “Product Version” indicates support for the listed or later versions. Table 1-6 HP-UX 11i v3 WBEM Solution Compatibility Table 18 Product Tag Product Title Product Version Supported HP WBEM Services Version iCOD HP-UX iCOD (Instant Capacity) B.11.31.09.01.00.28 A.02.07.04 NParProvider nPartition Provider HP-UX B.31.01.10.05 SW-DIST HP-UX Software Distributor B.11.31.0903.332 WBEMP-LAN LAN Provider for Ethernet B.11.31.
Compatibility Starting with the A.02.05 release, HP WBEM Services for HP-UX will support an option that allows a WBEM Provider (i.e., the management instrumentation) to run as the user who issued the management request. Prior to this release, all WBEM Providers executed in a privileged context. With the release of HP WBEM Services A.02.05.02 for HP-UX 11i v3, WBEM Providers will, by default, be invoked in the context of the user requesting an operation (i.e., “Run-As-Requestor”).
command and follow the instructions to install the software from the depot. The filesets that make up the HP WBEM Services product are: • • • • WBEM-CORE, A.02.07.xx - WBEM Services core fileset for hp Integrity servers WBEM-CORE-COM, A.02.07.xx - WBEM Services core fileset for hp Integrity servers and hp 9000 servers WBEM-MAN, A.02.07.xx - WBEM Services man pages WBEM-MX, A.02.07.
The command to register these three providers is (all on one line): /opt/wbem/bin/cimmof -I /opt/wbem/bin/cimmof -n root/PG_InterOp /etc/opt/wbem/mof/HPUX_ManagedSystemSchema20R.mof NOTE: For HP-UX 11i v1, these three providers are NOT automatically registered because you must install a patch first. See Required and Recommended Patches below. Running the HP WBEM Services CIM Server After installation, the HP WBEM Services CIM Server process (cimserver) is active.
Contact your HP support representative for up-to-the-moment information. Patches can be superseded or withdrawn at any time, so always be sure to check the status of any patch before downloading it. Table 1-7 Required Patches Patches HP-UX Version WBEM Version Notes PHCO_36184 11i v1 A.02.07.
Table 1-8 Defects Fixed in HP WBEM Services A.02.07.04 (continued) Identifier Description QXCR1000589480 Include the WBEMInfo script with HP WBEM Services. Resolution Defects Fixed in A.02.07.02 QXCR1000782304 When there is no random generator installed or if there is no OpenSSL daemon running, the cimserver uses the cim.server.rnd file as the source. Earlier, the cim.server.rnd files were created with the following permissions: The owner and the group name for the cimserver.
Table 1-8 Defects Fixed in HP WBEM Services A.02.07.04 (continued) Identifier Description Resolution QXCR1000814657 When a system is ignited from a CD/DVD media, the certificate is generated with the following values: commonName=localhost. When certificates from two such systems are added to the cimtrust database on the server, the second certificate is not loaded into the cimtrust database. An error message indicates that the certificate already exists.
HP WBEM Services is not installed appropriately on systems that use NIS • What is the problem? While installing HP WBEM Services, the configure phase creates the cimsrvr user and group in the passwd(4) and group(4) files. But when you upgrade to HP WBEM Services, as part of a custom bundle, on a system that has NIS configured, and the custom bundle requires a restart, the configure phase is run before the NIS services are up and running.
/var/opt/wbem/cimserver_planned.conf 2. If the usePAMAuthentication configuration option is present, then run the following command before updating the WBEM Services product. # cimconfig -u usePAMAuthentication -p Software Availability in Native Languages HP WBEM Services is available only in English. 26 HP WBEM Services Version A.02.
