Compaq ACMS for OpenVMS
Remote Systems Management Guide


Previous Contents Index

3.2.3 Changing Values

ACMSCFG values can be changed using one of three verbs:

Each object has unique qualifiers that determine which values are to change. Qualifiers are either mandatory or optional. Mandatory qualifiers have no default and must be specified by the user. Optional qualifiers have default values and do not have to be specified. See Chapter 9 for a complete description of the syntax for each command and the qualifiers they support.

3.3 Starting and Stopping the Remote Manager

The following information discusses starting and stopping the ACMS Remote Manager.

3.3.1 Remote Manager Startup

The Remote Manager is started as a detached process using the command procedure SYS$STARTUP:ACMS$MGMT_STARTUP, as follows:


$ @SYS$STARTUP:ACMS$MGMT_STARTUP

You should run this file from the SYSTEM account during system startup. You can run the file either before or after the ACMS run-time system has been started. Alternatively, you can run it at any time from a privileged account.

During process startup, the Remote Manager reads the ACMSCFG file (located in SYS$SYSTEM:ACMS$MGMT_CONFIG.ACM or wherever the ACMS$MGMT_CONFIG logical points). If the file cannot be found and opened, the Remote Manager will not start.

The Remote Manager writes errors to the ACMS$MGMT_LOG file. This is a binary file that can be displayed using the ACMSMGR utility, as follows:


$ ACMSMGR SHOW LOG

The ACMSMGR utility generally performs operations on remote nodes. If the Remote Manager fails to start, it will not be accessible remotely. You will need to log in to the node on which it failed to start, and issue the following command:


$ ACMSMGR SHOW LOG/LOCAL

This command instructs the ACMSMGR utility to read the log file directly, bypassing the Remote Manager. See Chapter 10 for a complete description of the ACMSMGR utility, commands, and command syntax.

In addition to writing messages to the ACMS$MGMT_LOG file, the Remote Manager writes messages to SYS$OUTPUT if it cannot access the log file. You can have all messages written to SYS$OUTPUT by invoking the startup procedure with the LOG_TO_SYSOUT parameter, as follows:


$ @SYS$STARTUP:ACMS$MGMT_STARTUP LOG_TO_SYSOUT

The ACMS$MGMT_STARTUP procedure redirects SYS$OUTPUT for the Remote Manager to a file called ACMS$MGMT_SERVER.OUT in the SYS$ERRORLOG directory.

3.3.2 Remote Manager Shutdown

The Remote Manager is stopped using the ACMSMGR STOP MANAGER command, which has the following syntax:

ACMSMGR STOP MANAGER /NODE=node-name

The /NODE qualifier can be omitted if the ACMS$MGMT_SERVER_NODE logical is defined. If the /NODE qualifier is provided, it overrides the ACMS$MGMT_SERVER_NODE logical.

The Remote Manager can be stopped independently of the ACMS run-time system. Stopping the Remote Manager has no effect on the running ACMS system. Note, however, that simply stopping the Remote Manager does not stop any active data collections. Data collections can be stopped only by using ACMSMGR commands, or from an SNMP management console that has access to the Remote Manager.

Note also that prior to issuing this command, the user must either have logged in to the Remote Manager, or the user must have a valid proxy (and proxy access must have been enabled). Regardless of how access is gained, the user must hold the ACMS$MGMT_OPER rights identifier on the node the Remote Manager is running in order to stop it. See Section 3.4 for a description of how to log in to the Remote Manager.

The ACMSMGR STOP MANAGER command executes asynchronously of the actual shutdown. That is, the command will complete (control will return to the user) before the shutdown has completed.

If the Remote Manager fails to shut down, it can be stopped by using the DCL command STOP/ID, which has the following syntax:

STOP/ID=pid

Determine the PID of the Remote Manager using the DCL command SHOW SYSTEM, and then look for the process named ACMS$MGMT_SVR.

3.4 Logging In to the Remote Manager

The Remote Manager requires that each client is authenticated and that each access attempt is authorized.

3.4.1 Authentication

Authentication can be performed in one of two ways: either through an explicit login (using a valid OpenVMS user name and password) or through a valid ACMS proxy account.

The exception to this rule is SNMP access, which is controlled by the presence of the ACMS$SNMP account in the local rights database. Authentication for external entities that communicate with the Remote Manager through the SNMP protocol is allowed only when a valid OpenVMS account exists for the user ACMS$SNMP. If this account exists and is not disusered, the user is considered to be an authentic user. Authorization for SNMP users is treated the same as for any other user --- by OpenVMS rights identifier. See Section 3.4.2 for more information about authorization.

All access for an interface can be disabled by disabling the interface itself, either through the ACMSCFG utility prior to management startup, or through the ACMSMGR utility after Remote Manager startup.

The total number of users that can be simultaneously logged in to the Remote Manager (regardless of authentication mechanism) is controlled by the Remote Manager parameter MAX_LOGINS, which can be modified by the Remote Manager. (This parameter is not the same as the MAX_LOGINS ACMS system parameter in ACMSGEN.) When the number of users currently logged in is equal to the value of this parameter, new logins are rejected until some users have logged out, or until their credentials have expired. You can set the initial value of MAX_LOGINS with the ACMSCFG utility. You can change the value of MAX_LOGINS dynamically (but nondurably) with the ACMSMGR utility.

Attempts to log in to the Remote Manager are recorded in the Remote Manager log file if the security_audit_level parameter is set for informational level logging (any odd value, up to and including F). By default, informational messages are not logged. See Section 3.7.1 for more information.

Use the SHOW USER command of the ACMSMGR utility to display a list of users currently logged in to the Remote Manager. (Note: You must be authenticated in order to issue this command.)


$ ACMSMGR SHOW USER

3.4.1.1 Logging In

Login is performed using the ACMSMGR LOGIN command, which has the following syntax:

ACMSMGR LOGIN /USER=user-name /PASSWORD=password /NODE=node-name

The /USER qualifier can be omitted if the ACMS$MGMT_USER logical is defined. If the qualifier is provided, it overrides the ACMS$MGMT_USER logical. If neither the logical nor the qualifier is present, the ACMSMGR utility prompts the user for the user name.

If the /PASSWORD qualifier is not present, the ACMSMGR utility prompts the user for the password. There is no logical name for the password.

The /NODE qualifier can be omitted if the ACMS$MGMT_SERVER_NODE logical is defined. If it is provided, it overrides the ACMS$MGMT_SERVER_NODE logical. If neither the qualifier nor the logical name is provided, no login is attempted.

For each node to which a user logs in, a credentials file is created, either in the current directory or in the directory pointed to by the logical name ACMS$MGMT_CREDS_DIR. The credentials file contains encrypted security information (password is not stored in the file) and can be used by subsequent executions of the ACMSMGR utility. Credentials are specific to the process that created them and cannot be used by other processes. Prior to creating a new credentials file, any old credential files for the process are deleted.

Once a user has logged in to the Remote Manager, the user's credentials are valid for the duration of the credentials lifetime period, as specified by the parameter LOGIN_CREDS_LIFETIME. You can set the initial value of LOGIN_CREDS_LIFETIME with the ACMSCFG utility. You can change the value of LOGIN_CREDS_LIFETIME dynamically (but nondurably) with the ACMSMGR utility.

Once a user's credentials have expired, the user must log in to the server again.

3.4.1.2 Proxy Accounts

Proxy access to the management server is supported if the logical name ACMS$MGMT_ALLOW_PROXY_ACCESS is defined on the Remote Manager node. The valid values for this logical name are: 1, T, t, Y, y, TRUE, and true. If the name is defined to be any other value or if the logical name is not defined, proxy access is disabled.

When proxy access is allowed, users do not need to explicitly log in to the Remote Manager with a user name and password, and no credentials file is created. See Section 3.4.1.1 for a description of how to log in with user name and password.

In order for a user to be granted proxy access, there must be an entry in the ACMSPROXY.DAT for the combination of node and user attempting access. See Compaq ACMS for OpenVMS Managing Applications for more information. The first time a user attempts to access a management function without having first logged in using user name and password, the Remote Manager looks for a valid ACMS proxy. If one is found, the OpenVMS account specified by the proxy is used for authorization.

The Remote Manager maintains a cache of users who have been logged in by proxy. Records remain in the cache for the duration of the proxy credentials' lifetime, as specified by the PROXY_CREDS_LIFETIME parameter. You can set the initial value of PROXY_CREDS_LIFETIME with the ACMSCFG utility. You can change the value of PROXY_CREDS_LIFETIME dynamically (but nondurably) with the ACMSMGR utility. Proxy credentials are automatically refreshed when they expire.

3.4.2 Authorization

Authorization consists of ensuring that the user attempting access holds the appropriate rights identifier on the node they are attempting to access. There are three levels of access, each with its own identifier, as shown in Table 3-1.

Table 3-1 Node Access Types and Rights Identifiers
Access Type Rights Identifier
Operate ACMS$MGMT_OPER
Read ACMS$MGMT_READ
Write ACMS$MGMT_WRITE

3.4.2.1 Read Access

Read access allows users to perform the following functions:

3.4.2.2 Write Access

Write access allows users to issue the following commands:

3.4.2.3 Operate Access

Operate access allows users to issue the following commands:

3.5 Starting and Stopping Interfaces

You can control which interfaces are started or stopped by using either the ACMSCFG utility prior to Remote Manager startup or the ACMSMGR utility after Remote Manager startup. The Remote Manager supports two interfaces:

Either the RPC or SNMP interface should always be enabled. If both are disabled, there is no way to communicate with the Remote Manager.

For a more complete discussion of the available interfaces and their attributes, see Section 8.6.

3.5.1 Using ACMSCFG to Enable or Disable Interfaces

Use the ACMSCFG utility to configure which interfaces should be enabled or disabled when the Remote Manager starts up. Either the SNMP or RPC interface should always be enabled. If both are disabled, there is no way to communicate with the Remote Manager.

Use the ACMSCFG SET INTERFACE command to enable or disable an interface. This command has the following syntax:

ACMSCFG SET INTERFACE /INTERFACE=interface-name /STATE=state

In this format:

Use the ACMSCFG SHOW INTERFACE command to determine the state of an interface in the configuration file:


$ ACMSCFG SHOW INTERFACE

3.5.2 Using ACMSMGR to Start or Stop Interfaces

Use the ACMSMGR utility to dynamically enable or disable an interface after the Remote Manager has already been started. As noted previously, at least one of either the SNMP or RPC interfaces should always be enabled. If both are disabled, there is no way to communicate with the Remote Manager (for example, to shut it down or to enable an interface). Changes made with the ACMSMGR interface are not stored in the ACMSCFG file and are lost when the Remote Manager is stopped. Use the ACMSCFG utility to save changes to the ACMSCFG file.

An interface cannot disable itself. Since the ACMSMGR utility uses the RPC interface, it cannot be used to disable the RPC interface. To disable the RPC interface, either use the ACMSCFG utility and restart the Remote Manager, or use the SNMP interface.

Use the ACMSMGR SET INTERFACE command to disable the SNMP interface. The command has the following syntax:

ACMSMGR SET INTERFACE /INTERFACE=interface-name /STATE=state

In this format:

Use the ACMSMGR SHOW INTERFACE command to determine the state of an interface:


$ ACMSMGR SHOW INTERFACE

3.6 Modifying Management Parameters

There are a large number of parameters that affect the internal processing of the ACMS Remote Manager. In general, most of these parameters will not need to be changed. However, you may need to alter some of these parameters in order to make the ACMS Remote Manager operate more efficiently or to meet your computing needs. You can modify these parameters using both the ACMSCFG and the ACMSMGR utilities.

For a more complete discussion of the available management parameters and their functions, see Section 8.8.

3.6.1 Using ACMSCFG to Modify Management Parameters

Use the ACMSCFG utility to set the values of management parameters when the Remote Manager starts up.

Use the ACMSCFG SET PARAMETER command to modify the value of a parameter. The command has the following syntax:

ACMSCFG SET PARAMETER /parameter-name=value

In this format:

Use the ACMSCFG SHOW PARAMETER command to determine the current value of the parameter in the configuration file:


$ ACMSCFG SHOW PARAMETER

3.6.2 Using ACMSMGR to Modify Management Parameters

Use the ACMSMGR utility to dynamically modify a management parameter after the Remote Manager has already been started. Not all parameters can be modified dynamically. Also, changes made with the ACMSMGR interface are not stored in the ACMSCFG file and are lost when the Remote Manager is stopped.

Use the ACMSMGR SET PARAMETER command to modify the value of a parameter. The command has the following syntax:

ACMSMGR SET PARAMETER /parameter-name=value

In this format:

Use the ACMSMGR SHOW PARAMETER command to determine the current value of the parameter in the configuration file:


$ ACMSMGR SHOW PARAMETER

3.7 Managing Log Files

The ACMS Remote Manager maintains an audit log of internally generated messages. The log is stored in a location determined by the logical name ACMS$MGMT_LOG. If the logical is not defined, the default location is in the default directory for the account under which the Remote Manager process runs.

Depending on the tracing levels specified, the size of this file will vary. It is strongly suggested that ACMS system managers monitor this file to ensure that it does not grow too large.

If the Remote Manager is unable to write to the audit log, it prints a message to file SYS$ERRORLOG:ACMS$MGMT_SERVER.OUT and terminates. This can occur if logical name ACMS$MGMT_LOG is incorrectly defined, if the output device is full, or if the Remote Manager does not have sufficient privilege to write to the file.

3.7.1 Setting Audit Levels

Facilities within the Remote Manager write audit log messages based on the parameter settings, as shown in Table 3-2.

Table 3-2 Audit Level Parameters
Parameter Function
DCL_AUDIT_LEVEL Controls auditing for the DCL subprocess (used internally to modify the ACMS run-time system).
MGR_AUDIT_LEVEL Controls auditing for the main Remote Manager process.
MSG_PROC_AUDIT_LEVEL Controls auditing for the message processing thread (used internally to handle communications from ACMS processes).
PROC_MON_AUDIT_LEVEL Controls auditing for the process monitor.
RPC_AUDIT_LEVEL Controls auditing for the RPC interface.
SECURITY_AUDIT_LEVEL Controls auditing for security access (authorization and authentication).
SNMP_AUDIT_LEVEL Controls auditing for the SNMP interface.
TIMER_AUDIT_LEVEL Controls auditing for the timer thread.

The value of each parameter determines what level of information is stored in the Remote Manager audit log. Table 3-3 shows the four levels of auditing and the integer value for each.

Table 3-3 Auditing Levels and Their Values
Auditing Level Integer Value
Informational 1
Warning 2
Error 4
Fatal 8

Auditing values can be combined by logically ORing the integer values in order to have multiple levels of auditing in effect for a given facility. Table 3-4 shows the valid auditing values.

Table 3-4 Auditing Level Combinations and Their Values
Auditing Level Value
None 0
Info 1
Warn 2
Info, Warn 3
Error 4
Info, Error 5
Warn, Error 6
Info, Warn, Error 7
Fatal 8
Info, Fatal 9
Warn, Fatal A
Info, Warn, Fatal B
Error, Fatal C
Info, Error, Fatal D
Warn, Error, Fatal E
All F

Parameter settings are stored in the ACMSCFG file and can also be modified dynamically using the ACMSMGR utility. For example, in order to specify that all messages and events generated by the security routines should be stored in the audit log, use the following command:


$ ACMSCFG SET PARAMETER/SECURITY_AUDIT_LEVEL=F

Alternatively, to dynamically modify an auditing level, use the following ACMSMGR utility command:


$ ACMSMGR SET PARAMETER/SECURITY_AUDIT_LEVEL=F


Previous Next Contents Index