User`s guide
Table Of Contents
- VCM Installation and Getting Started Guide
- Updated Information
- About This Book
- Preparing for Installation
- Installing VCM
- Using Installation Manager
- Installing and Configuring the OS Provisioning Server and Components
- Installing the Operating System Provisioning Server
- Preparing Boot Images for Windows Provisioning
- Copy the VCM Certificate to the OS Provisioning Server for Linux Provisioning
- Importing Distributions into the OS Provisioning Server Repository
- Configuring the OS Provisioning Server Integration with the VCM Collector
- Maintaining Operating System Provisioning Servers
- Upgrading or Migrating vCenter Configuration Manager
- Upgrade and Migration Scenarios
- Prerequisites
- Back up Your Databases
- Back up Your Files
- Back up Your Certificates
- Software Supported by the VCM Collector
- Migration Process
- Prerequisites
- Foundation Checker Must Run Successfully
- Use the SQL Migration Helper Tool
- Migrate Only Your Database
- Replace your existing 32-Bit Environment with the Supported 64-bit Environment
- How to Recover Your Machine if the Migration is not Successful
- Migrate a 32-bit environment running VCM 5.3 or earlier to VCM 5.4
- Migrate a 64-bit environment running VCM 5.3 or earlier to VCM 5.4
- Migrate a split installation of VCM 5.3 or earlier to a single-server install...
- After You Migrate VCM
- Upgrade Process
- Upgrading Existing Windows Agents
- Upgrading Existing Remote Clients
- Upgrading Existing UNIX Agents
- Upgrading VCM for Virtualization
- Getting Started with VCM Components and Tools
- Getting Started with VCM
- Discover, License, and Install Windows Machines
- Verifying Available Domains
- Checking the Network Authority
- Assigning Network Authority Accounts
- Discovering Windows Machines
- Licensing Windows Machines
- Installing the VCM Windows Agent on your Windows Machines
- Performing an Initial Collection
- Exploring Windows Collection Results
- Getting Started Collecting Windows Custom Information
- Discover, License, and Install UNIX/Linux Machines
- Discover, License, and Install Mac OS X Machines
- Discover, License, and Collect Oracle Data from UNIX Machines
- Customize VCM for your Environment
- How to Set Up and Use VCM Auditing
- Discover, License, and Install Windows Machines
- Getting Started with VCM for Virtualization
- Getting Started with VCM Remote
- Getting Started with VCM Patching
- Getting Started with Operating System Provisioning
- Getting Started with Software Provisioning
- Getting Started with VCM Management Extensions for Assets
- Getting Started with VCM Service Desk Integration
- Getting Started with VCM for Active Directory
- Accessing Additional Compliance Content
- Installing and Getting Started with VCM Tools
- Maintaining VCM After Installation
- Troubleshooting Problems with VCM
- Index
n
All private keys are RSA keys.
n
Certificates are created or obtained, and copied to the required locations using industry best practices.
n
On the VCM Collector:
Copy certificate to c:\Program Files (x86) \VMware\VCM\Tools\sTunnel\certs\vcm_stunnel_
cert.pem.
Copy private key to c:\Program Files (x86)\VMware\VCM\Tools\sTunnel\key\vcm_stunnel_
pk.pem.
n
On the OS Provisioning Server: Copy certificate to /opt/FastScale/var/certs/vcm_stunnel_cert.pem
All directories where these keys and certificates are stored are appropriately secured.
Configure Stunnel on the OS Provisioning Server
Stunnel is used to establish secure communication between VCM and the OS Provisioning Server SOAP
services. On the OS Provisioning Server, you copy the certificates to the locations specified in the
stunnel.conf file.
Procedure
1. Log into the OS Provisioning Server as root.
2. Place the VCM stunnel certificate validation chain in /opt/FastScale/var/certs as described in
/opt/FastScale/etc/stunnel.conf.
All of the files in this directory are owned by root and have permissions of -rw-r--r--.
The stunnel configuration file on the OS Provisioning Server is
/opt/FastScale/etc/stunnel.conf.
; stunnel configuration file for server proxy
; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
; debug = 7
cert = /opt/FastScale/var/certs/service.pem
key = /opt/FastScale/var/certs/private/service.key
; Either CAfile or CAPath, but not both, should be defined
; CAfile = /opt/FastScale/var/certs/ca-cert.pem
; Certificate Authority directory
; This is the directory in which stunnel will look for certificates
when using the verify.
; Note that the certificates in this directory should be named
; XXXXXXXX.0 where XXXXXXXX is the hash value of the DER encoded
subject of the
; cert (the first 4 bytes of the MD5 hash in least significant byte
order).
Installing and Configuring the OS Provisioning Server and Components
VMware, Inc. 33