HP WBEM Services Version A.02.07 Release Notes, September 2008, Second Edition

ManualsBrandsHP ManualsSoftwareHP-UX 11i WBEM Software

HP WBEM Services Version A.02.07

Release Notes

HP-UX 11i

HP Part Number: B8465-90039

Published: September 2008

Summary of content (30 pages)

PAGE 1
HP WBEM Services Version A.02.
PAGE 2
© Copyright 2008 Hewlett-Packard Development Company, L.P. All rights reserved Legal Notices © Copyright 2008 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license.
PAGE 3
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, provided that the above copyright notice(s) and this permission notice appear in all copies of the Software and that both the ab
PAGE 4
PAGE 5
Table of Contents 1 HP WBEM Services Version A.02.07 Release Notes.......................................................................7 Announcement.....................................................................................................................8 What's in This Version..........................................................................................................9 Product Documentation..........................................................................................
PAGE 6
List of Tables 1-1 1-2 1-3 1-4 1-5 1-6 1-7 1-8 6 HP WBEM Services Releases......................................................................................10 Remote User Authentication Methods........................................................................13 Software requirements and OS platform/version compatibility:................................17 HP-UX 11i v1 WBEM Solution Compatibility Table...................................................
PAGE 7
1 HP WBEM Services Version A.02.
PAGE 8
Announcement The following information is for Version A.02.07 of HP WBEM Services. HP WBEM Services for is available from http://software.hp.com. As the HP-UX implementation of the DMTF WBEM standard, the HP WBEM Services product enables management solutions that deliver increased control of enterprise resources at reduced cost.
PAGE 9
HP WBEM Services makes it easier for software developers to create management applications that manage HP-UX systems, and makes HP Servers and workstations easier for system administrators to manage. The following version of the HP WBEM Services product is now being made available: For HP-UX: WBEMSvcs A.02.07.02 What's in This Version HP WBEM Services for HP-UX version A.02.07.02 is a minor update to the HP WBEM Services A.02.07 currently released with HP-UX 11i v1, 11i v2 and 11i v3.
PAGE 10
"unlock" operations within the same command ensures that the repository will not be accidentally left in a locked state. • Indication Subscription Management (cimsub) - Provides a command line interface to manage CIM indication subscriptions on the local CIM Server. Refer to the man page for more information. The new command would support enabling, disabling, or removing a subscription, display of selected subscription information, as well as removal and display of filters and handlers.
PAGE 11
Product Documentation • • HP WBEM Services Administrator’s Guide, Second Edition B8465-90017 available from http://docs.hp.com/en/netsys.html. Release Notes for this version and for previous versions of HP WBEM Services are available from http://docs.hp.com/en/netsys.html. After installation, refer to the man pages for your system. Man pages are summarized in the Administrator’s Guide. For more information about DMTF, WBEM, and CIM standards, go to http://www.dmtf.org.
PAGE 12
SSL Support With HTTPS connections enabled, HP WBEM Services uses SSL (Secure Sockets Layer) for all communications, with server-side certificates that are trusted by the management application. HP WBEM Services uses OpenSSL to support HTTPS connections. NOTE: OpenSSL is an open source cryptography toolkit that implements the network protocols and related cryptography standards of SSL v2/v3 and TLS (Transport Layer Security). For more information about OpenSSL, go to http://www.openssl.org.
PAGE 13
Table 1-2 Remote User Authentication Methods Certificate Based Authentication (CBA) HTTP Basic Authentication Description The cimserver requests the client certificate while HTTPS connection is in progress. Using a request/challenge mechanism and authenticating the user-supplied username and password through Pluggable Authentication Modules (PAM). Benefits and Considerations • Requires a one-time server configuration.
PAGE 14
wbem account required libpam_hpsec.so.1 wbem account sufficient libpam_unix.so.1 wbem account required libpam_ldap.so.1 # Session management wbem session required libpam_hpsec.so.1 wbem session sufficient libpam_unix.so.1 wbem session required libpam_ldap.so.1 # Password management wbem password required libpam_hpsec.so.1 wbem password required libpam_ldap.so.1 try_first_pass wbem password required libpam_ldap.so.
PAGE 15
For more information about the wbemexec command, see the wbemexec man page. wbemexec uses trust store for server certificate verification. Be sure to import the certificate in /etc/opt/hp/sslshare/cert.pem from the system where the CIM Server is running to the client system’s trust store. For more information about certificates, see Importing Server Certificates into the Trust Store, below.
PAGE 16
1. — Delete the existing /var/opt/wbem/server_2048.pemand/or /var/opt/wbem/server.pem files and use the certificates in /etc/opt/hp/sslshare directory. OR 2. — Overwrite the new certificate in /etc/opt/hp/sslshare/cert.pem and the private key in /etc/opt/hp/sslshare/file.pem with the existing certificate and key in either /var/opt/wbem/server_2048.pem or /var/opt/wbem/server.pem files. Before overwriting/etc/opt/hp/sslshare/cert.pem and /etc/opt/hp/sslshare/file.
PAGE 17
NOTE: The wbemexec command uses the file /etc/opt/hp/sslshare/client.pem as its trust store. Import the server certificates for this client into the /etc/opt/hp/sslshare/client.pem file. Standards Conformance This version of the HP WBEM Services product complies with the following standards: • • • • CIM Operations over HTTP, Version 1.1 Representation of CIM in XML, Version 2.1 CIM Infrastructure Specification, Version 2.3 CIM Schema, Version 2.13.
PAGE 18
NOTE: As updates to OpenSSL become available and installed over time, the HP WBEM Services cimserver process must be shutdown and restarted in order to run against any new version of OpenSSL. For more information on shutting down and restarting the cimserver, see the HP WBEM Services System Administrator’s Guide. • • For HP-UX 11i v1 install Strong Random Number Generator depot KRNG11i.
PAGE 19
Table 1-4 HP-UX 11i v1 WBEM Solution Compatibility Table Product Tag Product Title Product Version Supported HP WBEM Services Version iCOD HP-UX iCOD (Instant Capacity) B.11.11.08.03.00.22 A.02.07.xx NParProvider nPartition Provider HP-UX B.12.02.07.03 SW-DIST HP-UX Software Distributor B.11.11.0612.458 WBEMP-LAN LAN Provider for Ethernet LAN interfaces B.11.11.0706 VParProvider vPar Provider - HP-UX B.11.11.01.06 WBEMP-FCP WBEM Provider for FC B.11.11.
PAGE 20
NOTE: Unless otherwise indicated, the table column titled “Product Version” indicates support for the listed or later versions. Table 1-5 HP-UX 11i v2 WBEM Solution Compatibility Table 20 Product Tag Product Title Product Version Supported HP WBEM Services Version iCOD HP-UX iCOD (Instant Capacity) B.11.23.08.03.00.22 A.02.07.xx NParProvider nPartition Provider HP-UX B.23.01.07.04* SW-DIST HP-UX Software Distributor B.11.23.0803.317 WBEMP-LAN LAN Provider for Ethernet LAN interfaces B.11.
PAGE 21
Table 1-5 HP-UX 11i v2 WBEM Solution Compatibility Table (continued) Product Tag Product Title Product Version WBEMPIOTreeIP CIM/WBEM Indication B.11.23.0712 Provider for IOTreesubsystem AppDiscMN Application Discovery Managed Node Agent 3.1.00.01 RAIDSAPROVIDER Smart Array Provider product B.11.23.0712 KernalProviders HPUX Kernel Providers B.01.00.04.01 gWLM-Agent HP Global Workload Manager Agent Supported HP WBEM Services Version A.03.00.01.05 * PHCO_31559 patch must be installed.
PAGE 22
NOTE: Unless otherwise indicated, the table column titled “Product Version” indicates support for the listed or later versions. Table 1-6 HP-UX 11i v3 WBEM Solution Compatibility Table 22 Product Tag Product Title Product Version Supported HP WBEM Services Version iCOD HP-UX iCOD (Instant Capacity) B.11.31.08.03.00.22 A.02.07.xx NParProvider nPartition Provider HP-UX B.31.01.10.03 SW-DIST HP-UX Software Distributor B.11.31.0803.317 WBEMP-LAN LAN Provider for B.11.31.
PAGE 23
Table 1-6 HP-UX 11i v3 WBEM Solution Compatibility Table (continued) Product Tag Product Title Product Version WBEMPIOTreeIP CIM/WBEM Indication Provider for IOTreesubsystem B.11.31.0709 AppDiscMN Application Discovery Managed Node Agent 3.1.00.01 RAIDSAPROVIDER Smart Array Provider product B.11.31.0803 KernalProviders HP-UX Kernel Providers C.02.00.05 gWLM-Agent HP Global Workload Manager Agent Supported HP WBEM Services Version A.03.00.01.05 Compatibility Starting with the A.02.
PAGE 24
{ Name = "OperatingSystemModule"; Vendor = "OpenPegasus"; Version = "2.0.0"; InterfaceType = "C++Default"; InterfaceVersion = "2.5.0"; Location = "OSProvider"; UserContext = 2; }; Alternative 2: To support running in the “Requestor” context, developers need to ensure that their Provider has been written to allow multiple instances of the Provider to run at the same time (in different user contexts). In some cases, the Provider may need to coordinate the actions of the Provider instances.
PAGE 25
/opt/wbem (directory) /opt/wbem/bin commands, executables /opt/wbem/lbin Executables that are not intended to be used directly by customers. /opt/wbem/lib Shared libraries. /opt/wbem/mof/CIM2131 MOF files. /opt/wbem/mof/CIM29 MOF files. /opt/wbem/mx Reserved. /opt/wbem/providers/lib Links to shared libraries for providers. /opt/wbem/sbin Commands and executables that only root user can run. /opt/wbem/share/man Man pages. /var/opt/wbem Configuration files, CIM repository, log files, etc.
PAGE 26
NOTE: For HP-UX 11i v1, these three providers are NOT automatically registered because you must install a patch first. See Required and Recommended Patches below. Running the HP WBEM Services CIM Server After installation, the HP WBEM Services CIM Server process (cimserver) is active. To restart it, first stop cimserver with the cimserver -s command. Use the cimserver command, with no options to start the cimserver daemon on the system where the command is issued.
PAGE 27
Patches and Fixes in this Version The following sections detail the known problems, required patches, and fixes for this release of HP WBEM Services. Required and Recommended Patches Table 1-7 lists patches that are required or recommended for HP WBEM Services Version A.02.07.xx. This list is subject to change without notice. Contact your HP support representative for up-to-the-moment information.
PAGE 28
Table 1-8 Defects Fixed in HP WBEM Services A.02.07.02 (continued) Identifier Description QXCR1000814657 When a system is ignited from a CD/DVD media, the certificate is generated with the following values: commonName=localhost. When certificates from two such systems are added to the cimtrust database on the server, the second certificate is not loaded into the cimtrust database. An error message indicates that the certificate already exists.
PAGE 29
WBEM Service clients. The following warning message is logged in the swagent.log file: Warning: Cannot find the fully-qualified domain name (FQDN) for this system, SSL certificates for WBEM Services are created with the short hostname. Correct this either by editing the /etc/hosts file or by making the appropriate DNS registration. If not corrected, the created certificates may not be acceptable to the WBEMService clients that expect a FQDN in the common name field of the SSL certificate.
PAGE 30
• WBEM Services. The usePAMAuthentication configuration option has been obsoleted and is no longer supported. What is the workaround or available patch? You must do the following: 1. Before updating the WBEM Services, check if the usePAMAuthentication configuration option is present in the following WBEM configuration files: /var/opt/wbem/cimserver_current.conf /var/opt/wbem/cimserver_planned.conf 2.