| Previous | Contents | Index |
To configure the Portmapper, run the SYS$MANAGER:TCPIP$CONFIG command procedure. Select option 3 (Server components) and then option 8 (PORTMAPPER). Select the option to "Enable service on this node." For example:
$ @SYS$MANAGER:TCPIP$CONFIG
DIGITAL TCP/IP Services for OpenVMS Configuration Menu
Configuration options:
1 - Core environment
2 - Client components
3 - Server components
4 - Optional components
5 - Shutdown DIGITAL TCP/IP Services for OpenVMS
6 - Startup DIGITAL TCP/IP Services for OpenVMS
7 - Run tests
A - Configure options 1 - 4
[E] - Exit configuration procedure
Enter configuration option: 3
DIGITAL TCP/IP Services for OpenVMS SERVER Components Configuration Menu
Configuration options:
1 - BIND Disabled
2 - BOOTP Disabled
3 - TFTP Disabled
4 - FTP Enabled
5 - LPR/LPD Disabled
6 - NFS Disabled
7 - PC-NFS Disabled
8 - PORTMAPPER Enabled
9 - TELNET/RLOGIN Enabled
10 - SNMP Enabled
11 - NTP Disabled
12 - METRIC Disabled
13 - POP Disabled
14 - FINGER Disabled
15 - RMT Disabled
16 - LBROKER Disabled
17 - DHCP Disabled
A - Configure options 1 - 17
[E] - Exit menu
Enter configuration option: 8
PORTMAPPER SERVER configuration options:
1 - Enable service on all nodes
2 - Enable service on this node
E - Exit PORTMAPPER configuration
Enter configuration option: 2
|
To exit from the command procedure, enter E twice.
Now shut down and restart TCP/IP on this node:
$ @SYS$STARTUP:TCPIP$SHUTDOWN $ @SYS$STARTUP:TCPIP$STARTUP |
If you logged in to this node using TCP/IP, you will lose connectivity after the first command executes. You may have to reboot the machine in order to log in and complete the procedure. To avoid this problem, put the shutdown and startup commands into a command procedure, and submit the procedure to a batch queue that is guaranteed to run on this node. |
After TCP/IP starts up, the Portmapper should be ready to use. The Portmapper process itself does not start until it is needed, but you should make sure it is defined as described in Section 2.2.1.1.
You can test RPC access to the Remote Manager by using ACMSMGR
commands. But you will need to get the ACMSMGR running first (see
Section 2.3).
2.2.2 Set Up SNMP
Perform this task if SNMP is not set up on the node you are using, or if SNMP is set up incorrectly.
This procedure may require that you restart TCP/IP on the node you are using.
When you configure SNMP, you must configure the SNMP communities to which the node will belong. SNMP communities govern SNMP network access to the node, which may have significant security implications. Be sure you understand these implications before you configure SNMP. If you are in doubt, consult your network or security administrator. If the SNMP communities are not configured properly, you may be unable to access the ACMS Remote Manager. |
To determine whether SNMP is configured, enter the following commands:
$ TCPIP TCPIP> SHOW SERVICES |
If SNMP is configured, you will see a display similar to the following:
Service Port Proto Process Address State ... ESNMP 242 UDP ESNMP 0.0.0.0 Disabled SNMP 161 UDP TCPIP$SNMP 0.0.0.0 Enabled ... |
If you do not see both of these services, proceed to Section 2.2.2.3. If
both services are displayed, SNMP is configured on this node. If you
suspect that SNMP is not working correctly, you can proceed to
Section 2.2.2.2. Otherwise, there is no additional work to be performed.
(Note: It is fine if ESNMP has a state of Disabled.)
2.2.2.2 Remove the Existing SNMP Configuration
Perform this step if you suspect SNMP is not working correctly or if you were directed here from Section 2.2.2.1.
Enter the following commands:
$ TCPIP TCPIP> SET NOSERVICE SNMP |
Enter Y at the "Remove? [N]:" prompt, and then enter:
TCPIP> SET NOSERVICE ESNMP |
Enter Y again at the "Remove? [N]:" prompt, and then exit the utility.
Now shut down and restart TCP/IP on this node:
$ @SYS$STARTUP:TCPIP$SNMP_SHUTDOWN $ @SYS$STARTUP:TCPIP$SNMP_STARTUP |
To configure SNMP, run the SYS$MANAGER:TCPIP$CONFIG command procedure. Select option 3 (Server components) and then option 10 (SNMP Configuration). Select the option to "Enable service on this node", and respond to the prompts as shown in the following example.
Configuring SNMP communities must be coordinated among all nodes that will participate. If you are unsure which SNMP communities to configure, contact your network administrator. |
$ @SYS$MANAGER:TCPIP$CONFIG
DIGITAL TCP/IP Services for OpenVMS Configuration Menu
Configuration options:
1 - Core environment
2 - Client components
3 - Server components
4 - Optional components
5 - Shutdown DIGITAL TCP/IP Services for OpenVMS
6 - Startup DIGITAL TCP/IP Services for OpenVMS
7 - Run tests
A - Configure options 1 - 4
[E] - Exit configuration procedure
Enter configuration option: 3
DIGITAL TCP/IP Services for OpenVMS SERVER Components Configuration Menu
Configuration options:
1 - BIND Disabled
2 - BOOTP Disabled
3 - TFTP Disabled
4 - FTP Enabled
5 - LPR/LPD Disabled
6 - NFS Disabled
7 - PC-NFS Disabled
8 - PORTMAPPER Enabled
9 - TELNET/RLOGIN Enabled
10 - SNMP Enabled
11 - NTP Disabled
12 - METRIC Disabled
13 - POP Disabled
14 - FINGER Disabled
15 - RMT Disabled
16 - LBROKER Disabled
17 - DHCP Disabled
A - Configure options 1 - 17
[E] - Exit menu
Enter configuration option: 10
SNMP SERVER configuration options:
1 - Enable service on all nodes
2 - Enable service on this node
E - Exit PORTMAPPER configuration
Enter configuration option: 2
Do you want to provide the public community [Y]: <site dependent>
Do you want to provide another community [N]: <site dependent>
Enter contact person(s): <site administrator>
Enter the location of the system: <site location>
|
To exit from the command procedure, enter E twice.
After exiting from the procedure, you may need to modify the public communities you just specified to allow SNMP reads, writes, or traps. The following example shows how to do so. (Community names are case sensitive. Also note the use of double quotes.) To allow SNMP writes to occur on the node, you also need to enable the set flag, as follows:
$ TCPIP TCPIP> SET CONFIG SNMP/COMMUNITY="PUBLIC"/TYPE=WRITE TCPIP> SET CONFIG SNMP/COMMUNITY="PUBLIC"/TYPE=TRAP TCPIP> SET CONFIG SNMP/FLAGS=SETS |
Now exit the TCP/IP utility and restart TCP/IP on this node:
$ @SYS$STARTUP:TCPIP$SHUTDOWN $ @SYS$STARTUP:TCPIP$STARTUP |
If you logged in to this node using TCP/IP, you will lose connectivity after the first command executes. You may have to reboot the machine in order to log in and complete the procedure. To avoid this problem, put the shutdown and startup commands into a command procedure, and submit the procedure to a batch queue that is guaranteed to run on this node. |
After TCP/IP starts, SNMP should be ready to use. The following SNMP processes should be running:
TCPIP$ESNMP
TCPIP$OS_MIBS
TCP/IP includes a DCL command line utility that can be used to issue SNMP commands to SNMP agents on OpenVMS. To use this utility, define the following foreign commands:
$ SNMPGET :== $SYS$SYSTEM:TCPIP$SNMP_REQUEST <your node name> PUBLIC GET -W 20 $ SNMPSET :== $SYS$SYSTEM:TCPIP$SNMP_REQUEST <your node name> PUBLIC SET -W 20 |
Then, after starting the ACMS Remote Manager (see Section 2.3), test access to SNMP:
$ SNMPGET 1.3.6.1.4.1.36.2.18.48.5.1.10.1 1.3.6.1.4.1.36.2.18.48.5.1.10 = 14 $ SNMPSET 1.3.6.1.4.1.36.2.18.48.5.1.10.1 -I 15 1.3.6.1.4.1.36.2.18.48.5.1.10 = 15 |
In this example, the first command issues an SNMP GET to get the value of the parameter mgr_audit_level (the audit level of the main thread). The second command sets the value of the mgr_audit_level parameter to 15 (log all messages). Following each command, the current value of the field is returned.
If these commands fail to return the expected results, refer to
Section 2.4.
2.3 Remote Manager Setup
Setting up the Remote Manager primarily involves preparing the OpenVMS environment to start the Remote Manager. While many of the steps in this procedure can be performed without having previously configured TCP/IP, it is strongly suggested that you perform TCP/IP setup tasks described in Section 2.2 before you attempt to start and access the Remote Manager.
Most of what you need to know to set up the ACMS Remote Manager is
covered in Chapter 3. Please read that chapter before you set up the
ACMS Remote Manager.
2.3.1 Run the Postinstallation Procedure
The postinstallation procedure creates two important command procedures:
Both of these procedures are required to start and run the ACMS Remote Manager successfully.
In addition, the postinstallation procedure modifies ACMSTART.COM to execute ACMS$MGMT_SETUP.COM to ensure that important logicals are defined whenever the ACMS run-time system is started.
Run the ACMS_POST_INSTALL.COM command procedure as follows:
$ @SYS$STARTUP:ACMS_POST_INSTALL |
Respond appropriately to all prompts until you reach the following prompt:
Do you want to SETUP and CONFIGURE the ACMS Remote System Manager [Y]? |
Be sure to respond YES (the default) to this prompt. Several more questions are posed. The procedure continues with the following questions. Your responses are stored in the ACMS$MGMT_SETUP.COM file.
Do you want to allow Proxy Authorization [Y]? |
All clients must be authenticated and authorized to access the ACMS Remote Manager. Proxy access allows ACMS proxies to be used for this purpose. Proxy access is described in detail in Section 3.4.1.2.
Enter Y to enable proxy authentication and authorization when the Remote Manager is started.
(ACMS$MGMT_CONFIG) Enter the file specification for the configuration file used by the ACMS Remote Manager Equivalence string [ SYS$SYSROOT:[SYSEXE]ACMS$MGMT_CONFIG.ACM ]: |
The configuration file contains the default startup configuration for both ACMS data collections and the Remote Manager. Section 3.2 describes how to use the ACMSCFG utility to manage this file. The default location is SYS$SYSROOT:[SYSEXE]ACMS$MGMT_CONFIG.ACM. The information in this file is not node dependent; however, you may choose to configure the nodes in your cluster differently. If you configure all nodes in the cluster the same, you can put this file in the cluster common root. Otherwise, the default value places it in the node-specific root.
Either press Return to accept the default, or type the file specification you want to use.
(ACMS$MGMT_TEMP) Enter the directory where the temp command procedures will be created Equivalence string [ SYS$SYSROOT:[SYSMGR] ]: |
The Remote Manager uses temporary command procedures (see Section 4.3.2 to update the ACMS run-time system. The default location of the command procedures is SYS$MANAGER. This directory should not be a cluster common directory.
Either press Return to accept the default, or type the directory specification you want to use. If the directory does not exist, the command procedure creates it for you.
(ACMS$MGMT_LOG) Enter the directory for the ACMS Remote Manager's Log file Equivalence string [ SYS$SYSROOT:[ACMS_RM.LOG] ]: |
The Remote Manager log file (described in Section 3.7 contains a variety of messages generated by the Remote Manager at run time. The default location of the audit log is SYS$SYSROOT:[ACMS_RM.LOG]ACMS$MGMT_LOG.LOG. If you choose to place this log in a cluster common directory, be sure that the file name is different for each node.
Either press Return to accept the default, or type the file specification you want to use.
(ACMS$MGMT_CREDS_DIR) Enter the directory for the ACMS Remote Manager Credential's Equivalence string [ SYS$SYSROOT:[ACMS_RM.CREDS] ]: |
Client credential files (described in Section 3.4.1.1 contain encrypted client identity information used for client authorization. The default location for these files is SYS$SYSROOT:[ACMS_RM.CREDS]. Credential files are created with unique names and can be safely placed in a cluster common directory.
Either press Return to accept the default, or type the directory specification you want to use. If the directory does not exist, the command procedure creates it for you.
Please enter the UIC for the ACMS$SNMP account, in the form [ggggg,nnnnnn] UIC: |
This account is used to control SNMP access to ACMS system management information and functions. Section 3.4.1 and Section 6.2 describe the uses of this account. In general, if you will be using an SNMP-based management console to access ACMS, you should create this account.
Please enter a password of at least 8 characters, using only the following characters: ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789$_ Password: |
The password for this account is never used. Enter any combination of the characters shown. However, keep in mind that you will be prompted to verify whatever you type.
After you run the postinstallation procedure, you should rerun
SYS$STARTUP:ACMSTART.COM to ensure that the newly created
ACMS$MGMT_SETUP.COM is run.
2.3.2 Define Process Logicals and Symbols
Four symbols are defined in the ACMS$MGMT_ENV.COM procedure:
Before you attempt to run any of these utilities, run the ACMS$MGMT_ENV.COM procedure:
$ @SYS$STARTUP:ACMS$MGMT_ENV.COM |
The ACMS$MGMT_CONFIG system logical points to the configuration file. This logical is defined in the ACMS$MGMT_SETUP.COM procedure, which is executed by the ACMSTART.COM procedure. If this logical is not defined, the ACMSCFG utility will not be able to locate the file. If you have not already run ACMSTART.COM, do so before issuing any ACMSCFG commands.
The ACMS_POST_INSTALL.COM procedure creates a configuration file with default values in SYS$SYSROOT:[SYSEXE]ACMS$MGMT_CONFIG.ACM.
The configuration file contains the startup configuration for ACMS data collections and provides many defaults for the Remote Manager. Section 3.2 describes how to use the ACMSCFG utility to manage this file.
In particular, consider the following:
$ ACMSCFG SET INTERFACE/INTERFACE=SNMP/STATE=DISABLED |
$ ACMSCFG ADD COLL/ENT=*/CLASS=RUNTIME/COLL_STATE=ENABLED $ ACMSCFG ADD COLL/ENT=*/CLASS=POOL/COLL_STATE=ENABLED |
At this point, you can start the Remote Manager. You can start the Remote Manager before or after you start the ACMS run-time system. Start the Remote Manager by entering the following command:
$ STARTMGR |
If you prefer, you can run the startup procedure directly:
$ @SYS$STARTUP:ACMS$MGMT_STARTUP |
Once this command completes, you should be able to see the Remote Manager process running by issuing the following command:
$ SHOW SYSTEM/PROCESS=ACMS$MGMT_SVR |
If this process is not running, refer to Section 2.4.
2.3.5 Communicate with the Remote Manager
If the ACMS$MGMT_SVR process is running and you have enabled both the RPC interface and proxy access, you should be able to communicate with the Remote Manager. The exact commands you will use depends on the interfaces you have enabled and the mode of authentication you want to use. This section shows two examples of communicating with the Remote Manager:
If you will not be using proxy accounts, or if you have not set them up yet, you can log in directly to the Remote Manager and communicate with it. To reduce typing, define the process logicals ACMS$MGMT_USER to be the user account you will log in with, and ACMS$MGMT_SERVER_NODE to be the node on which the Remote Manager is running:
$ DEFINE ACMS$MGMT_USER MYNAME $ DEFINE ACMS$MGMT_SERVER_NODE NODE_SERVER_RUNS_ON |
Then you can log in as follows (the ACMSMGR utility will prompt you for your password):
$ ACMSMGR LOGIN Password: MYPASSWORD |
If no error messages are returned, you have successfully logged in to the Remote Manager. You can now issue ACMSMGR commands from this process. Try the following command:
$ ACMSMGR SHOW USERS |
| Previous | Next | Contents | Index |