2.5
Table Of Contents
- ACE Management Server Administrator’s Manual
- Contents
- About This Book
- Introduction
- Planning an ACE Management Server Deployment
- Installing and Configuring ACE Management Server
- Configuration Options for ACE Management Server
- Prerequisites for Configuring the Server
- Starting ACE Management Server Configuration
- Viewing and Changing Licensing Information
- Using an External Database
- Creating Access Control
- Uploading Custom SSL Certificates
- Logging Events
- Applying Configuration Settings
- Load-Balancing Multiple ACE Management Server Instances
- Typical Setup Using Load-Balanced ACE Management Server Instances
- Install the Required Services for Load Balancing
- Use the Same SSL Certificate on All Servers
- Create New SSL Certificates and Keys for Each Server
- Installing and Configuring the Load Balancer
- Verify That ACE Instances Are Using the Load Balancer
- Managing ACE Instances
- Viewing ACE Instances That the Server Manages
- Search for an Instance
- Sort by Column Heading and Change Column Width
- Show, Hide, and Move Columns in the Instance View
- Create or Delete Custom Columns in the Instance View
- View Instance Details
- Reactivate, Deactivate, or Delete an ACE Instance
- Change a Copy Protection ID
- Reset the Authentication Password
- Add Information for Custom Columns
- Troubleshooting and Maintenance
- Appendix: Database Schema and Audit Event Log Data
- Glossary
- Index
ACE Management Server Administrator’s Manual
76 VMware, Inc.
Database Schema
TablesintheACEManagementServerdatabaserepresentthemajorconfiguration
objectsofACEManagementServer,includingAce,Package,Instance,AccessPolicy,
RuntimePolicy,andUserData,whichcontainsimagecustomizationsettingsandother
dataforeachuser.AdministratoranduseractionsareauditloggedintheEventtable
inthe
database,whilepossibleeventtypesarelistedintheEventTypetable.
Notethefollowingaboutthedatabaseschema:
Afewtableswithinternalsysteminformationandindexesarenotlisted.
BooleanvaluesarestoredasstringswithTRUEorFALSEvalues.
Timestampsarestoredasdecimal64‐bitnumberstringsshowingthenumberof
microsecondsfrom12:00a.m01/01/1970.
Otherdatesandtimesarestoredasdecimalstringsshowingthenumberof
secondsfrom12:00a.m01/01/1970.
ACE,Package,Instance,Access,andUserDatarecordsareneverdeletedfromthe
database.TheyaremarkedasdeletedwiththedeletedfieldsettoTRUE,sothat
thepreviousinformationcanbeinspectedforauditpurposes.
TheguestandhostoperatingsystemportionsoftheACEpolicysetarestoredin
thePolicyDb_RuntimePolicytableinrespectivefieldsasstrings,iftheirsizeisless
than2000bytes.Ifthepolicycomponentexceeds2000bytes,thestringissplitin
2000‐bytechunksandstoredinthePolicyDb_LongField
table.Inthiscase,the
valuefortherespectiveExtKeyfieldintheRuntimePolicytablecontainsthe
foreignkeypointingtothecorrespondingseriesofstringsintheLongFieldtable
(seethenotesinthetabledefinition).
Thefollowingisthedatabaseschemascript.
/* Name – value pairs of service information, e.g. DB schema version number */
CREATE TABLE PolicyDb_MetaInfo (
name VARCHAR(128), /* Name of the name-value pair */
value VARCHAR(1024), /* Value of the name-value pair */
PRIMARY KEY(name));
/* This table holds data for guest and host policy sets, split in 2K chunks */
/* Select all fields for the key in the order of index and append strings together */
/* to reconstruct the policy set */
CREATE TABLE PolicyDb_LongField (
longFieldKey VARCHAR(128), /* Unique ID of the long field series */
longFieldIndex INTEGER, /* Index in the series */
longFieldValue VARCHAR(2000), /* Up to 2000 chars of field value chunk */
sessionExpires VARCHAR(21), /* Optional field for storing session blob */
PRIMARY KEY (longFieldKey, longFieldIndex));