HP WBEM Services Version A.02.09.
© Copyright 2012 Hewlett-Packard Development Company, L.P. Legal Notices Confidential computer software. Valid license from HP required for possession, use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Contents 1 HP WBEM Services Version A.02.09.14 Release Notes....................................4 Announcement.........................................................................................................................4 What is in this version?.............................................................................................................4 Security ..................................................................................................................................
1 HP WBEM Services Version A.02.09.14 Release Notes Announcement The following information is for HP WBEM Services Version A.02.09.14: HP WBEM Services for HP-UX is available from http://software.hp.com. HP-UX implements the Distributed Management Task Force (DMTF) WBEM standard and this enables HP WBEM Services to deliver increased control of enterprise resources at reduced cost.
defect fixes and enhancements. For information on the defect fixes in this release, see Table 4 (page 17). The enhancement in this release is: • Strong ciphers enabled in cimserver by adding new config property i.e. sslCipherSuite. Following are the key differences between the HP WBEM Services Version A.02.07 and A.02.09: • From this release, the CIM Repository (/var/opt/wbem/repository) is a database instead of a file-based repository. This is done to increase the robustness of the CIM repository.
IMPORTANT: HP WBEM Services Version A.02.09 is not available on HP-UX 11i v1. Starting with the September 2009 Application Release (AR), no new features or enhancements for HP WBEM Services is addressed on HP-UX 11i v1. Only defects that are critical in nature are addressed. HP WBEM Services Version A.02.
Security considerations When you use the Simple Network Management Protocol (SNMP), Process Resource Manager (PRM), and Workload Manager (WLM) tools, consider the following security conditions: • You can use tools such as PRM and WLM to limit computing resources used by the WBEM Services processes. You can purchase these products from http://www.software.hp.com.
Table 2 Remote user authentication methods (continued) Certificate Based Authentication (CBA) HTTP Basic Authentication Benefits and Considerations • Requires a one-time server configuration. • Does not require any server configuration and hence, easy to set up. • Does not require the remote user to provide a password • Requires the remote user to provide a password to each time to access the WBEM data. access the WBEM data.
Using Certificate Based Authentication To use the Certificate Based Authentication (CBA) method, you must do the following: 1. Use the cimconfig command, to enable CBA . By default, the CBA is disabled. For more information, see the cimconfig(1M) and cimtrust(1M) manpages. 2. Use the cimtrust command to include the client certificates from the trust store in the cimserver and associate that certificate with a system user. 3.
1. Delete the existing /var/opt/wbem/server_2048.pem and /var/opt/wbem/ server.pem files and use the certificates in the /etc/opt/hp/sslshare directory. Or 2. Overwrite the new certificate in the /etc/opt/hp/sslshare/cert.pem file and the private key in the /etc/opt/hp/sslshare/file.pem file with the existing certificate and key in either /var/opt/wbem/server_2048.pem or /var/opt/wbem/ server.pem files. Before overwriting the /etc/opt/hp/sslshare/cert.pem and /etc/opt/hp/sslshare/file.
For more information, see the DMTF WBEM and CIM standards at http://www.dmtf.org. Compatibility information This section describes the compatibility information for HP WBEM Services Version A.02.09.14. Compatibility for WBEM providers Table 3 lists the product bundle and WBEM version information for HP-UX 11i v3. Use this table to determine, which bundle is compatible with your version of HP-UX. Use the swlist command to view your product bundle version number.
Table 3 HP-UX 11i v3 WBEM Solution Compatibility Table Product Tag Product Title Product Version Supported HP WBEM Services Version iCOD HP-UX iCOD (Instant Capacity) B.11.31.10.06.00.05 A.02.09.14 NParProvider nPartition Provider - HP-UX B.31.02.04 SW-DIST HP-UX Software Distributor B.11.31.1209.382 WBEMP-LAN LAN Provider for Ethernet LAN interfaces B.11.31.1209.06.01 VParProvider vPar Provider - HP-UX B.11.31.01.06 WBEMP-FCP WBEM Provider for FC HBAs B.11.31.1209.08.
invoked in the context of the user requesting an operation (i.e., “Run-As-Requestor”). This default setting can break backward compatibility for certain types of providers. This means that existing providers that run in the user context of the CIM Server can break. To resolve this situation, you have the following two alternatives: Alternative 1 To continue running the provider in a privileged context, you need to explicitly register the provider to run in a “Privileged User” context.
• Disk space requirements HP WBEM Services requires the following disk space to install: / 5 MB /opt 46 MB /var 184 KB /usr 1 MB Depending on the number of CIM objects to be stored in the CIM Repository, additional disk space might be needed for the/var/opt/wbem directory. • Port requirements HP WBEM Services uses dedicated ports for CIM-XML traffic. Two ports are dedicated for CIM-XML communications between CIM clients and the CIM Server.
/opt/wbem/mof MOF files /opt/wbem/mx Reserved /opt/wbem/providers/lib Links to shared libraries for providers /opt/wbem/sbin Commands and executables that only root user can run /opt/wbem/share/man Manpages /var/opt/wbem Configuration files, CIM repository, log files, and so on IMPORTANT: Do not move these files from the default location. If these files are moved, it can result in problems in the functioning of the CIM Server. 5.
After installing HP WBEM Services, the CIM Server is in a running state. For HP-UX, the following providers are bundled with HP WBEM Services: • Computer System • Operating System • Process • Domain Name Service • Network Time Protocol • Network Information Service • IP • SD • IOTree After installing HP WBEM Services, the following filesets are visible on the system: • WBEM-CORE, A.02.09.10 - WBEM Services core fileset for HP Integrity servers • WBEM-CORE-COM, A.02.09.
Removing HP WBEM Services Before removing the software, back up any files that you want to retain, such as the repository, log files, configuration files, and certificate files. If these files are removed or overwritten during the re-installation, you cannot restore them. To remove HP WBEM Services, run the following HP-UX command: # swremove WBEMServices When there are providers in your environment that have a dependency on the file sets of HP WBEM Services, then this command results in an error.
Table 4 Defects fixed in HP WBEM Services Version A.02.09.xx (continued) Identifier Description Resolution Defects fixed in A.02.09.10 QXCR1001105601 When the swverify(1M) command is executed with the (-x fix=true) option, CIM Server becomes unstable. Subsequent CIM Server start up fails. This defect is fixed in the current release.
Table 4 Defects fixed in HP WBEM Services Version A.02.09.xx (continued) Identifier Description Resolution This defect is fixed in the current release. QXCR1000586083 The cimserver consumes threads after a cimprovagt process, hosting a provider request, hangs. Eventually, cimserver reaches its process thread limit. This inhibits the cimserver from processing requests received from other providers as well.
Table 4 Defects fixed in HP WBEM Services Version A.02.09.xx (continued) Identifier Description Resolution QXCR1000890091 In the Networking page of HP System Management Homepage, the following error is displayed: This defect has been fixed to resolve this error message. CIM_ERR_FAILED: Error in ioctl() request SIOCGIFCONF: Invalid argument When this error message is displayed, no other data can be displayed on the Networking page. This error is noticed only with HP WBEM Services versions prior to A.
For systems using LDAP or other network services, before installing HP WBEM Services, you must manually add a local cimsrvr user and group using a unique UID and GID. You must first determine the available reserved IDs for the group (for example 130) and for the user (for example, 125) ensuring that these IDs are not in use by LDAP or other network services.
Related documentation Following are the documents available with this release of HP WBEM Services: • HP WBEM Services Administrator Guide, 5900-1802 available at www.hp.com/go/ hpux-networking-docs and select HP-UX 11i WBEM Software collection. Release Notes for this version and for previous versions of HP WBEM Services are available at www.hp.com/go/hpux-networking-docs and select HP-UX 11i WBEM Software collection. After installing HP WBEM Services, see the manpages for your system.
