IBM IP Edition Version 4 Release 1 Network Manager Installation and Configuration Guide
IBM Network Manager IP Edition Version 4 Release 1 helps you manage your network by providing detailed network discovery, device monitoring, topology visualization, and root cause analysis (RCA) capabilities. This guide will help you set up and configure your network, along with providing information about the different hardware and software requirements for a smooth installation.
advertisement
Assistant Bot
Need help? Our chatbot has already read the manual and is ready to assist you. Feel free to ask any questions about the device, but providing details will make the conversation more productive.
▼
Scroll to page 2
of
330
Network Manager IP Edition Version 4 Release 1 Installation and Configuration Guide R4.1 E1 Network Manager IP Edition Version 4 Release 1 Installation and Configuration Guide R4.1 E1 Note Before using this information and the product it supports, read the information in “Notices” on page 307. This edition applies to version 4.1 of IBM Tivoli Network Manager IP Edition (product number 5724-S45) and to all subsequent releases and modifications until otherwise indicated in new editions. © Copyright IBM Corporation 2006, 2013. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents About this publication . . . . . . . . v Intended audience . . . . . . What this publication contains . . Publications . . . . . . . . Accessibility . . . . . . . . Tivoli technical training . . . . Support and community information Conventions used in this publication . . . . . . . . . . . v . v . . . . . . vi . . . . . . ix . . . . . . ix . . . . . . x . . . . . . xi Chapter 1. Planning for installation . . . 1 Deployment of Network Manager . . . . . . . 1 Deployment scenarios . . . . . . . . . . 1 Deployment considerations . . . . . . . . 11 Deployment examples . . . . . . . . . . 14 Network domains . . . . . . . . . . . . 20 Event collection using one domain per ObjectServer . . . . . . . . . . . . . 21 Event collection using multiple domains per ObjectServer . . . . . . . . . . . . . 22 Example visualization of topology from multiple domains . . . . . . . . . . . . . . 23 Hardware requirements . . . . . . . . . . 24 Processor selection guidelines . . . . . . . 25 Requirements to run the installer . . . . . . 25 Requirements for the core components . . . . 26 Requirements for the GUI components . . . . 27 Requirements for the topology database server 27 Disk space for events and interfaces . . . . . 28 Swap space requirements (UNIX) . . . . . . 28 Bandwidth requirements for discovery . . . . 29 Discovery memory requirements . . . . . . 29 Software requirements . . . . . . . . . . . 30 Requirements for other products . . . . . . 30 Supported topology databases . . . . . . . 32 Supported operating systems . . . . . . . 32 Supported browsers for Web applications . . . 34 Supported browsers for the installer launchpad 36 Operating system tools . . . . . . . . . 36 Domain Name Service (DNS) requirements . . . 36 UNIX user restrictions . . . . . . . . . . 37 Installation directory requirements. . . . . . 37 File handle requirements . . . . . . . . . 38 Requirements for charting . . . . . . . . 38 About DNCIM . . . . . . . . . . . . . 39 Chapter 2. Installing . . . . . . . . . 41 Preparing to install . . . . . . . . . . . . Configuring an existing Tivoli Netcool/OMNIbus installation on a remote server . . . . . . . Setting up a topology database . . . . . . . Installing Tivoli Common Reporting . . . . . Extracting the installation file . . . . . . . Checking system prerequisites . . . . . . . Configuring Red Hat Linux Enterprise Edition . Installing Network Manager . . . . . . . . . © Copyright IBM Corp. 2006, 2013 Differences between basic and custom installation About a FIPS 140-2 installation . . . . . . . Installing Network Manager using the wizard . . Installing Network Manager in console mode . . Installing Network Manager in silent mode. . . Postinstallation tasks . . . . . . . . . . . Troubleshooting the installation. . . . . . . . Viewing the installation logs. . . . . . . . Checking login URL and default ports . . . . Dependency error messages . . . . . . . . Running installation and maintenance procedures as root or non-root . . . . . . . . . . . Not enough disk space to complete the installation . . . . . . . . . . . . . Console mode installation error. . . . . . . Backing up and restoring the Deployment Engine Harmless installation messages . . . . . . . Insufficient disk space for install . . . . . . Installation failure scenario . . . . . . . . Install fails after deployment engine upgrade . . Uninstalling Network Manager . . . . . . . . Removing reports . . . . . . . . . . . Uninstalling on UNIX . . . . . . . . . . Installing fix packs . . . . . . . . . . . . 50 51 51 72 73 81 84 84 88 89 89 89 89 90 91 91 91 92 93 93 93 96 Chapter 3. Upgrading and migrating . . 99 About upgrading and migrating . . . . . . . 99 Upgrade paths . . . . . . . . . . . . 99 Default locations for different product versions 101 Migrated files . . . . . . . . . . . . 102 Upgrading and migrating to latest Network Manager . . . . . . . . . . . . . . . 110 Upgrading to latest Network Manager: full side-by-side migration . . . . . . . . . 110 Upgrading to latest Network Manager by reusing your existing Tivoli Integrated Portal environment. . . . . . . . . . . . . 138 Copying an existing V4.1 installation . . . . . 143 Troubleshooting the upgrade . . . . . . . . 147 Viewing the upgrade logs . . . . . . . . 147 Harmless upgrade error messages . . . . . 149 Network views with duplicate names following import. . . . . . . . . . . . . . . 149 Not all GUI components were exported . . . 149 Poll definition classes not migrated correctly 150 41 Chapter 4. Configuring Network Manager . . . . . . . . . . . . . 151 41 44 47 48 48 49 49 Configuring integrations with other products. . Configuring Tivoli Netcool/OMNIbus for use with Network Manager . . . . . . . . Configuring integration with Netcool Configuration Manager . . . . . . . . Exporting discovery data to CCMDB, TADDM, and TBSM . . . . . . . . . . . . . 151 . 151 . 179 . 179 iii Configuring the Tivoli Integrated Portal . . . Integrating with IBM Tivoli Monitoring . . . Configuring integration with IBM Systems Director . . . . . . . . . . . . . . Accessing discovery data from dNCIM . . . . Configuring Network Manager for UNIX operating systems . . . . . . . . . . . . . . . Configuring root/non-root permissions. . . . Installing and configuring DB2 after a non-root installation . . . . . . . . . . . . . Configuring connection to existing DB2 . . . Configuring GUIs . . . . . . . . . . . . Administering the TopoViz client . . . . . . Loading updated MIB information . . . . . Configuring the presentation of events from unmanaged devices . . . . . . . . . . Configuring reports for existing installations . . . Migrating the Cognos content store from Derby to DB2 . . . . . . . . . . . . . . . . Enabling failover . . . . . . . . . . . . About failover . . . . . . . . . . . . About NCIM topology database high availability . . . . . . . . . . . . . Failover architectures . . . . . . . . . . Failover operation of the Network Manager core processes . . . . . . . . . . . . . . Limitations of the Network Manager failover process . . . . . . . . . . . . . . Configuring failover . . . . . . . . . . Troubleshooting failover . . . . . . . . . Changing the IP address and hostname of the Network Manager installation . . . . . . . . Changing the IP address and hostname for Network Manager . . . . . . . . . . . Changing the IP address and hostname on the Tivoli Netcool/OMNIbus server . . . . . . Updating Network Manager for a new Tivoli Netcool/OMNIbus IP address and hostname . . iv 195 201 202 212 213 213 216 217 218 218 237 238 239 240 241 241 242 244 254 261 262 279 284 284 284 Updating the Tivoli Integrated Portal for a new Tivoli Netcool/OMNIbus IP address and hostname. . . . . . . . . . . . . . Changing the IP address and hostname on the Tivoli Integrated Portal server . . . . . . . Updating Network Manager for changed hostname of the Tivoli Integrated Portal server . Changing the IP address and hostname on the Deployment Engine server . . . . . . . . Changing the IP address for Tivoli Common Reporting . . . . . . . . . . . . . Configuring Network Manager for a changed IP address of the DB2 NCIM server . . . . . . Setting environment variables . . . . . . . . Default directory structure . . . . . . . . . Configuring Juniper PE Devices . . . . . . . Providing support for legacy devices in a FIPS 140-2 installation . . . . . . . . . . . . Creating and configuring extra network domains Configuring OQL Service Provider authentication Configuring the SNMP Helper . . . . . . . Configuring SNMP Helper throttling . . . . Configuring GetBulk support for SNMP v2 and v3 . . . . . . . . . . . . . . . . Configuring SSO between Charting and Tivoli Monitoring . . . . . . . . . . . . . . The IBM Support Assistant (ISA) . . . . . . . Installing the IBM Support Assistant Lite collector . . . . . . . . . . . . . . Appendix. Network Manager glossary 285 286 286 287 287 288 288 289 292 293 294 296 297 297 298 300 302 302 303 Notices . . . . . . . . . . . . . . 307 Trademarks . . . . . . . . . . . . . . 309 Index . . . . . . . . . . . . . . . 311 285 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide About this publication IBM Tivoli Network Manager IP Edition provides detailed network discovery, device monitoring, topology visualization, and root cause analysis (RCA) capabilities. Network Manager can be extensively customized and configured to manage different networks. Network Manager also provides extensive reporting features, and integration with other IBM products, such as IBM Tivoli Application Dependency Discovery Manager, IBM Tivoli Business Service Manager and IBM Systems Director. The IBM Tivoli Network Manager IP Edition Installation and Configuration Guide describes how to install Network Manager. The guide also describes post-installation configuration tasks. This publication is for administrators who need to install and set up Network Manager. Intended audience This publication is intended for administrators who need to install Network Manager and perform post-installation configuration. Readers need to be familiar with the following topics: v Network management v Operating System configuration IBM Tivoli Network Manager IP Edition works in conjunction with IBM Tivoli Netcool/OMNIbus; this publication assumes that you understand how IBM Tivoli Netcool/OMNIbus works. For more information on IBM Tivoli Netcool/OMNIbus, see the publications described in “Publications” on page vi. What this publication contains This publication contains the following sections: v Chapter 1, “Planning for installation,” on page 1 Provides information on what to consider before installing Network Manager, such as deployment configurations including failover and network domains, hardware, operating system, software, and communication requirements. v Chapter 2, “Installing,” on page 41 Describes how to install Network Manager. v Chapter 3, “Upgrading and migrating,” on page 99 Describes how to upgrade to the latest version of Network Manager, including the migration of existing data from your previous production environment. v Chapter 4, “Configuring Network Manager,” on page 151 Describes tasks to perform after installing Network Manager, and settings you can change later on during the use of the product. © Copyright IBM Corp. 2006, 2013 v Publications This section lists publications in the Network Manager library and related documents. The section also describes how to access Tivoli publications online and how to order Tivoli publications. Your Network Manager library The following documents are available in the Network Manager library: v IBM Tivoli Network Manager IP Edition Release Notes, GI11-9354-00 Gives important and late-breaking information about IBM Tivoli Network Manager IP Edition. This publication is for deployers and administrators, and should be read first. v IBM Tivoli Network Manager Getting Started Guide, GI11-9353-00 Describes how to set up IBM Tivoli Network Manager IP Edition after you have installed the product. This guide describes how to start the product, make sure it is running correctly, and discover the network. Getting a good network discovery is central to using Network Manager successfully. This guide describes how to configure and monitor a first discovery, verify the results of the discovery, configure a production discovery, and how to keep the network topology up to date. Once you have an up-to-date network topology, this guide describes how to make the network topology available to Network Operators, and how to monitor the network. The essential tasks are covered in this short guide, with references to the more detailed, optional, or advanced tasks and reference material in the rest of the documentation set. v IBM Tivoli Network Manager IP Edition Product Overview, GC27-2759-00 Gives an overview of IBM Tivoli Network Manager IP Edition. It describes the product architecture, components and functionality. This publication is for anyone interested in IBM Tivoli Network Manager IP Edition. v IBM Tivoli Network Manager IP Edition Installation and Configuration Guide, SC27-2760-00 Describes how to install IBM Tivoli Network Manager IP Edition. It also describes necessary and optional post-installation configuration tasks. This publication is for administrators who need to install and set up IBM Tivoli Network Manager IP Edition. v IBM Tivoli Network Manager IP Edition Administration Guide, SC27-2761-00 Describes administration tasks for IBM Tivoli Network Manager IP Edition, such as how to administer processes, query databases and start and stop the product. This publication is for administrators who are responsible for the maintenance and availability of IBM Tivoli Network Manager IP Edition. v IBM Tivoli Network Manager IP Edition Discovery Guide, SC27-2762-00 Describes how to use IBM Tivoli Network Manager IP Edition to discover your network. This publication is for administrators who are responsible for configuring and running network discovery. v IBM Tivoli Network Manager IP Edition Event Management Guide, SC27-2763-00 Describes how to use IBM Tivoli Network Manager IP Edition to poll network devices, to configure the enrichment of events from network devices, and to manage plug-ins to the Tivoli Netcool/OMNIbus Event Gateway, including configuration of the RCA plug-in for root-cause analysis purposes. This publication is for administrators who are responsible for configuring and running network polling, event enrichment, root-cause analysis, and Event Gateway plug-ins. vi IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide v IBM Tivoli Network Manager IP Edition Network Troubleshooting Guide, GC27-2765-00 Describes how to use IBM Tivoli Network Manager IP Edition to troubleshoot network problems identified by the product. This publication is for network operators who are responsible for identifying or resolving network problems. v IBM Tivoli Network Manager IP Edition Network Visualization Setup Guide, SC27-2764-00 Describes how to configure the IBM Tivoli Network Manager IP Edition network visualization tools to give your network operators a customized working environment. This publication is for product administrators or team leaders who are responsible for facilitating the work of network operators. v IBM Tivoli Network Manager IP Edition Management Database Reference, SC23-9906-00 Describes the schemas of the component databases in IBM Tivoli Network Manager IP Edition. This publication is for advanced users who need to query the component databases directly. v IBM Tivoli Network Manager IP Edition Topology Database Reference, SC27-2766-00 Describes the schemas of the database used for storing topology data in IBM Tivoli Network Manager IP Edition. This publication is for advanced users who need to query the topology database directly. v IBM Tivoli Network Manager IP Edition Language Reference, SC27-2768-00 Describes the system languages used by IBM Tivoli Network Manager IP Edition, such as the Stitcher language, and the Object Query Language. This publication is for advanced users who need to customize the operation of IBM Tivoli Network Manager IP Edition. v IBM Tivoli Network Manager IP Edition Perl API Guide, SC27-2769-00 Describes the Perl modules that allow developers to write custom applications that interact with the IBM Tivoli Network Manager IP Edition. Examples of custom applications that developers can write include Polling and Discovery Agents. This publication is for advanced Perl developers who need to write such custom applications. v IBM Tivoli Monitoring for Tivoli Network Manager IP User's Guide, SC27-2770-00 Provides information about installing and using IBM Tivoli Monitoring for IBM Tivoli Network Manager IP Edition. This publication is for system administrators who install and use IBM Tivoli Monitoring for IBM Tivoli Network Manager IP Edition to monitor and manage IBM Tivoli Network Manager IP Edition resources. Prerequisite publications To use the information in this publication effectively, you must have some prerequisite knowledge, which you can obtain from the following publications: v IBM Tivoli Netcool/OMNIbus Installation and Deployment Guide, SC14-7604 Includes installation and upgrade procedures for Tivoli Netcool/OMNIbus, and describes how to configure security and component communications. The publication also includes examples of Tivoli Netcool/OMNIbus architectures and describes how to implement them. v IBM Tivoli Netcool/OMNIbus User's Guide, SC14-7607 Provides an overview of the desktop tools and describes the operator tasks related to event management using these tools. v IBM Tivoli Netcool/OMNIbus Administration Guide, SC14-7605 About this publication vii Describes how to perform administrative tasks using the Tivoli Netcool/OMNIbus Administrator GUI, command-line tools, and process control. The publication also contains descriptions and examples of ObjectServer SQL syntax and automations. v IBM Tivoli Netcool/OMNIbus Probe and Gateway Guide, SC14-7608 Contains introductory and reference information about probes and gateways, including probe rules file syntax and gateway commands. v IBM Tivoli Netcool/OMNIbus Web GUI Administration and User's Guide SC14-7606 Describes how to perform administrative and event visualization tasks using the Tivoli Netcool/OMNIbus Web GUI. Accessing terminology online The IBM Terminology Web site consolidates the terminology from IBM product libraries in one convenient location. You can access the Terminology Web site at the following Web address: http://www.ibm.com/software/globalization/terminology Accessing publications online IBM posts publications for this and all other Tivoli products, as they become available and whenever they are updated, to the Tivoli Information Center Web site at: http://publib.boulder.ibm.com/infocenter/tivihelp/v3r1/index.jsp Note: If you print PDF documents on other than letter-sized paper, set the option in the File > Print window that allows your PDF reading application to print letter-sized pages on your local paper. Ordering publications You can order many Tivoli publications online at the following Web site: http://www.ibm.com/e-business/linkweb/publications/servlet/pbi.wss You can also order by telephone by calling one of these numbers: v In the United States: 800-879-2755 v In Canada: 800-426-4968 In other countries, contact your software account representative to order Tivoli publications. To locate the telephone number of your local representative, perform the following steps: 1. Go to the following Web site: http://www.ibm.com/e-business/linkweb/publications/servlet/pbi.wss 2. Select your country from the list and click Go. The Welcome to the IBM Publications Center page is displayed for your country. 3. On the left side of the page, click About this site to see an information page that includes the telephone number of your local representative. viii IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Accessibility Accessibility features help users with a physical disability, such as restricted mobility or limited vision, to use software products successfully. Accessibility features The following list includes the major accessibility features in Network Manager: v The console-based installer supports keyboard-only operation. v Network Manager provides the following features suitable for low vision users: – All non-text content used in the GUI has associated alternative text. – Low-vision users can adjust the system display settings, including high contrast mode, and can control the font sizes using the browser settings. – Color is not used as the only visual means of conveying information, indicating an action, prompting a response, or distinguishing a visual element. v Network Manager provides the following features suitable for photosensitive epileptic users: – Web pages do not contain anything that flashes more than two times in any one second period. The Network Manager Information Center is accessibility-enabled. The accessibility features of the information center are described in Accessibility and keyboard shortcuts in the information center. Extra steps to configure Internet Explorer for accessibility If you are using Internet Explorer as your web browser, you might need to perform extra configuration steps to enable accessibility features. To enable high contrast mode, complete the following steps: 1. Click Tools > Internet Options > Accessibility. 2. Select all the check boxes in the Formatting section. If clicking View > Text Size > Largest does not increase the font size, click Ctrl + and Ctrl -. IBM® and accessibility See the IBM Human Ability and Accessibility Center for more information about the commitment that IBM has to accessibility. Tivoli technical training For Tivoli technical training information, refer to the following IBM Tivoli Education Web site: http://www.ibm.com/software/tivoli/education About this publication ix Support and community information Use IBM Support, Service Management Connect, and Tivoli user groups to connect with IBM and get the help and information you need. IBM Support If you have a problem with your IBM software, you want to resolve it quickly. IBM provides the following ways for you to obtain the support you need: Online Go to the IBM Software Support site at http://www.ibm.com/software/ support/probsub.html and follow the instructions. IBM Support Assistant The IBM Support Assistant (ISA) is a free local software serviceability workbench that helps you resolve questions and problems with IBM software products. The ISA provides quick access to support-related information and serviceability tools for problem determination. To install the ISA software, go to http://www.ibm.com/software/support/isa Tivoli user groups Tivoli user groups are independent, user-run membership organizations that provide Tivoli users with information to assist them in the implementation of Tivoli Software solutions. Through these groups, members can share information and learn from the knowledge and experience of other Tivoli users. Tivoli user groups include the following members and groups: v 23,000+ members v 144+ groups Access the link for the Tivoli Users Group at www.tivoli-ug.org. Service Management Connect Access Service Management Connect at https://www.ibm.com/developerworks/ servicemanagement/. Use Service Management Connect in the following ways: v Become involved with transparent development, an ongoing, open engagement between other users and IBM developers of Tivoli products. You can access early designs, sprint demonstrations, product roadmaps, and prerelease code. v Connect one-on-one with the experts to collaborate and network about Tivoli and the (enter your community name here) community. v Read blogs to benefit from the expertise and experience of others. v Use wikis and forums to collaborate with the broader user community. x IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Conventions used in this publication This publication uses several conventions for special terms and actions and operating system-dependent commands and paths. Typeface conventions This publication uses the following typeface conventions: Bold v Lowercase commands and mixed case commands that are otherwise difficult to distinguish from surrounding text v Interface controls (check boxes, push buttons, radio buttons, spin buttons, fields, folders, icons, list boxes, items inside list boxes, multicolumn lists, containers, menu choices, menu names, tabs, property sheets), labels (such as Tip:, and Operating system considerations:) v Keywords and parameters in text Italic v Citations (examples: titles of publications, diskettes, and CDs v Words defined in text (example: a nonswitched line is called a point-to-point line) v Emphasis of words and letters (words as words example: "Use the word that to introduce a restrictive clause."; letters as letters example: "The LUN address must start with the letter L.") v New terms in text (except in a definition list): a view is a frame in a workspace that contains data. v Variables and values you must provide: ... where myname represents.... Monospace v Examples and code examples v File names, programming keywords, and other elements that are difficult to distinguish from surrounding text v Message text and prompts addressed to the user v Text that the user must type v Values for arguments or command options Bold monospace v Command names, and names of macros and utilities that you can type as commands v Environment variable names in text v Keywords v Parameter names in text: API structure parameters, command parameters and arguments, and configuration parameters v Process names v Registry variable names in text v Script names About this publication xi Operating system-dependent variables and paths This publication uses environment variables without platform-specific prefixes and suffixes, unless the command applies only to specific platforms. For example, the directory where the Network Manager core components are installed is represented as NCHOME. On UNIX systems, preface environment variables with the dollar sign $. For example, on UNIX, NCHOME is $NCHOME. xii IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Chapter 1. Planning for installation Read about deployment considerations and system requirements for Network Manager. Deployment of Network Manager Use this information for guidance on how to configure the physical deployment of your Network Manager installation. Deployment scenarios How you deploy Network Manager depends on your environment, including factors such as the size and complexity of your network and the number of operations staff who require system access. The following are typical Network Manager deployment scenarios: v Small demonstration or educational system deployment v Small customer network v Medium customer network v Large customer network v Very large customer network A further deployment scenario is the following: Telecommunications company or service provider network. Note: Failover can be applied to each of these Network Manager deployments. This section provides general guidance to assist you in deciding how to deploy Network Manager. For more detailed information, see the IBM Tivoli Network Manager IP Edition Installation and Configuration Guide and the IBM Tivoli Network Manager IP Edition Release Notes. Network and deployment comparisons Use this information to compare the example customer networks and to compare the Network Manager deployments for each of the example customer networks. Customer networks compared: Use this information to compare the example customer networks and to identify which example most closely matches your network. The following table lists typical features for each of the example customer networks. These values are example values only. Your specific network values might vary. In particular, you should note the following: v With regard to the values for Average number of interfaces per device specified in this table, the actual interface counts can vary considerably from the average interface count. An example of this is found in MPLS networks, where the number of interfaces per device is very high in the core network, but might be as low as 2 to 3 interfaces per device for the edge devices. v With regards to the number of devices for a telecommunications company, the value specified (15,000) is an average value. A national telecommunications © Copyright IBM Corp. 2006, 2013 1 company will have a far larger number of devices, a small local telecommunications company will have far fewer. Table 1. Example customer networks compared Feature Demo Enterprise Telco Small Medium Large Very large Number of devices 25 150 to 300 250 to 1,000 1,000 to 12,000 12,000 to 30,000 15,000 Average number of interfaces per device 1-2 3-5 20-30 30 or more 30 or more 1,200 Network locations Single location Single location Distributed Global network Global network, distributed management One or more locations Network architecture Flat Flat Flat Complex Complex Complex Number of active GUI clients 1 to 3 3 5 to 20 5 to 20 5 to 20 5 to 20 Chassis ping polling examples Values set for demonstration purposes 2-minute intervals 2 - 5 minutes 2 - 5 minutes 2 - 5 minutes 2 - 5 minutes SNMP polling examples Values set for demonstration purposes 3 to 6 values at 5 to 15 minute 30 minute intervals intervals 10 to 15 minute intervals. Intervals of 15 minutes or longer 5 values at 5 minute intervals ITM with TDW ITM with TDW ITM with TDW TBSM TBSM TBSM TADDM TADDM TADDM 31 days 31 days 7 days SNMP v1, 2c, or 3 polling in any of the environments listed Device and interface polls in any of the environments listed. ® Tivoli product None integrations Performance data collection period None 1 to 5 days 31 days ITM with TDW 31 days Network Manager deployments compared: Use this information to compare the Network Manager deployments for each of the example customer networks. The following table lists the settings required for the Network Manager deployments for each of the example customer networks. These values are example values only. The values that are appropriate for your specific deployment might vary. Note: With regard to the values for Deployment specified in this table, these values do not take failover servers into account. 2 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 2. Example Network Manager deployments compared Settings Demo Enterprise Small Medium Large Telco Very large Platform Linux x86 Any supported Any supported Linux and platform platform UNIX Linux and UNIX Any supported platform Deployment Single server Single server 4 or more servers 3 servers Client system Single processor 1- 2 servers 3-4 servers 2 GB DRAM minimum, or 4 GB DRAM for large networks Supported JRE and Internet browser Topology database Default database Default database Any supported Any supported Any supported Any supported RDBMS RDBMS RDBMS RDBMS Number of network domains 1 1 1-2 1 Number of polling engines based on network size 1 Consider more Consider more Consider more Consider more than one poller than one poller than one poller than one poller 2 or more 2 or more 1-2 Reasons for multiple domains: There are a number of reasons why you might need to partition your network into multiple domains. You might need to partition your network into multiple domains for one of the following reasons: v Your network exceeds a certain size. See the section Guidelines for number of network domains to determine whether your network requires multiple domains. v Discovery takes a very long time. You can shorten your discovery times by partitioning your network into multiple domains. v Operational boundaries dictate the need for multiple domains. Examples of operational boundaries include geographical boundaries and security boundaries. v Your network contains overlapping IP addresses. Guidelines for number of network domains: If your network exceeds a certain size, you might need to break up the network into multiple domains. Use this information to work out the number of network domains needed for your deployment. Use the following procedure to determine the number of required domains. For information on how to create and configure extra network domains, see the IBM Tivoli Network Manager IP Edition Installation and Configuration Guide. Note: The calculations presented here provide approximate figures only. The actual number of domains required varies, depending on various factors, including the agents used in the discovery. For example, the Entity agent discovers a lot of extra network entities, and this might require more domains. 1. Gather the following data: Chapter 1. Planning for installation 3 v Number of devices in the network v Average number of interfaces per device Note: The actual interface counts on a given device can vary considerably from the average interface count. An example of this is found in MPLS networks, where the number of interfaces per device is very high in the core network, but might be as low as 2 to 3 interfaces per device for the edge devices. 2. Apply the following equation to determine an approximate number of network entities: Number of network entities = Number of devices * Average interface count * multiplier Where: v multiplier = 2 for a routed network v multiplier = 3.5 for a switched network Note: Switched networks tend to generate more network entities because they contain VLANs, which contain multiple entities. 3. Apply the following equation to determine the suggested number of network domains: Number of domains required = (Number of network entities) / 250,000 Where 250,000 is the suggested maximum number of network entities in a domain. Router-centric customer The data for this customer is as follows: v Number of devices in the network: 15,000 v Average number of interfaces per device: 20 This customer network will produce approximately 600,000 network entities: Number of network entities = 15,000 * 20 * 2 = 600,000 Based on the following calculation, this network requires three network domains: Number of domains required = 600,000 / 250,000 = 2.4 Switch-centric customer The data for this customer is as follows: v Number of devices in the network: 1,000 v Average number of interfaces per device: 24 This customer network will produce approximately 84,000 network entities: Number of network entities = 1,000 * 24 * 3.5 = 84,000 Based on the following calculation, this network requires one network domain: Number of domains required = 84,000 / 250,000 < 1 4 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Related concepts: “Network domains” on page 20 Before installing, you need to consider whether to partition your network into domains, or have a single domain for the entire network. A network domain is a collection of network entities to be discovered and managed. Demonstration or educational system deployment This is a small installation for use as a demonstration system or for training and educational purposes. The following sections describe this network in greater detail and provide suggestions for a Network Manager deployment to meet the needs of this network. Description This environment consists of about 25 network devices and key servers combined. All devices are in one location, on the same network subnet as the devices to be managed. There is one local GUI client session supported by the same machine that hosts the Network Manager product components. There might be one or two GUI client sessions on other machines. The network devices come from multiple vendors. The network architecture is flat. All devices are attached to a LAN and have Fast Ethernet connections. For demonstration purposes only, a number of network devices have SNMPv3, and a number of workstations have IPv6. Within this environment the following example conditions apply: v 1 to 3 active GUI clients. v Chassis ping polling and some SNMP polling activity is required. v No major Tivoli products are integrated with the system, other than the required Tivoli Netcool/OMNIbus. v Performance reports are required for short data collection periods (typically 1 to 5 days) to match the length of the training course. Network Manager deployment A single-server deployment is sufficient for this type of environment. In addition to the single-server deployment description provided elsewhere, the following deployment settings are appropriate for this type of environment. v System is an entry workstation class machine, with 4 to 6 GB of memory, dual-core processor preferred, single-core acceptable, reasonable current processor speed, and Fast Ethernet capability. v IPv6 dual stack support is required if workstations or network devices have IPv6. v Default database used for the NCIM database. v Client system: single processor, 3 GB of memory, supported JRE and Internet browser Chapter 1. Planning for installation 5 Small customer network This customer is a company with a network consisting of about 150-300 network devices and key servers. The purpose of this installation is to manage this customer network by alerting the operations staff to major failures. The following sections describe this network in greater detail and provide suggestions for a Network Manager deployment to meet the needs of this network. Description The primary users of the product are the networking operations staff. All devices are in one location and managed by a small operations group of a few people. Network devices come from multiple vendors. A mixture of layer 2 and layer 3 network devices are present. Approximately 20 to 30 VLANs are defined. The network architecture is fairly flat and simple. All devices to be managed are located in the same network as the Network Manager system and have Fast Ethernet connections. Internet connections are passed through a firewall and access to the systems within the protected network is available through a company VPN. The network operations staff have clients attached by means of one of the following: a local LAN, WiFi connections, or by means of a VPN established by a telecommunications service provider. Network changes are made once a month and a new discovery is anticipated at this time. Within this environment the following example conditions apply: v 3 active GUI clients. v Chassis ping polling at two-minute intervals. SNMP polling at 30 minute intervals. Typically three to 6 SNMP MIB values require polling. v No major Tivoli products are integrated with the system, other than the required Tivoli Netcool/OMNIbus. v Performance reports are required for data collection periods on the order of 31 days. Network Manager deployment A single-server deployment is sufficient for this type of environment. In addition to the single-server deployment description provided elsewhere, the following deployment settings are appropriate for this type of environment. v A single network domain is sufficient for this size of network. v System can be any of the supported platforms. System requires 6 to 8 GB of memory, dual-core processor, and multiple physical disks in RAID 5 configuration. v Client system: single processor, 3 GB of memory, supported JRE and Internet browser v Default database used for the NCIM database. v A single ncp_poller polling engine is sufficient for this environment. 6 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Medium customer network This customer is a company with a central major data center and connections to several remote sites. The purpose of this installation is to manage this customer network by alerting the operations staff to major failures. The following sections describe this network in greater detail and provide suggestions for a Network Manager deployment to meet the needs of this network. Description This network has between 250 and 1000 network devices and key servers of interest. Workstations, while numbering in the thousands, are not managed. Network devices come from multiple vendors. All devices in the central location have Fast Ethernet or Gigabit Ethernet connections. Remote sites are connected by WAN connections. The devices and servers to be managed are distributed among the central and remote sites. Within this environment the following example conditions apply: v There are 5 to 20 active GUI clients. v Chassis ping polling at two to five-minute intervals. SNMP polling at five to 15-minute intervals. v Other major Tivoli products integrated with the system, other than the required Tivoli Netcool/OMNIbus: IBM Tivoli Monitoring with Tivoli Data Warehouse running DB2® to support performance reporting. v Performance reports are required for data collection periods on the order of 31 days. Network Manager deployment Each customer environment with this kind of network is different. The key to success is adequate memory and a careful understanding of the polling targets, combined polling rates, and the event rates. Based on these considerations, a single-server deployment or a two-server deployment is sufficient for this type of environment. The following deployment settings are appropriate for this type of environment. v One or two network domains are required, depending on the size of network. v Single server deployment (up to 250 network devices and 5 to 10 concurrent users) Four processors 8 to 10 GB memory Multiple physical disks in RAID 5 configuration v Two-server deployment (up to 1000 network devices and 10 to 20 concurrent users) Four processors for system with Network Manager Four processors for system with Tivoli Netcool/OMNIbus and Tivoli Integrated Portal 8 GB memory for each server Multiple physical disks in RAID 5 configuration v System may be any of the supported platforms. v Client system: single processor, 3 GB of memory, supported JRE and Internet browser v Any supported RDBMS used for the NCIM database. Chapter 1. Planning for installation 7 v Number of polling engines: Single-server deployment: 1 Two-server deployment: One poller for chassis pings, two or more pollers for SNMP polls Large customer network This customer is a large enterprise company with a globally deployed network. The purpose of this installation is to manage this customer network by alerting the operations staff to major failures and to support the latest network devices and network architecture. The following sections describe this network in greater detail and provide suggestions for a Network Manager deployment to meet the needs of this network. Description The architecture of the network is complex. and contains the most up to date technology. For example, the network contains MPLS core networks. The network device count ranges from 1,000 to 12,000 devices, and the complexity of the network is reflected in the fact that there are 30 or more ports per device on average. Network operations are done from a central location with operations staff constantly monitoring the core network. Network devices come from multiple vendors. Within this environment the following example conditions apply: v There are typically 5 to 20 concurrently active GUI clients. v Polling: Chassis ping polling at two to 5 minute intervals. SNMP polling at 10-15 minutes. SNMPv3 polling of key network devices SNMPv1 polling for real time graphing as well as storage for performance reports. v Other major Tivoli products integrated with the system, other than the required Tivoli Netcool/OMNIbus: IBM Tivoli Monitoring (ITM) with Tivoli Data Warehouse (TDW) running DB2 to support performance reporting. IBM Tivoli Business Service Manager (TBSM) IBM Tivoli Application Dependency Discovery Manager (TADDM) v Performance reports are required for data collection periods on the order of 31 days. Network Manager deployment Deployment choices vary depending on the size of the network. For the 1000 device network in this customer range, the choice ranges from a single-server to a two-server deployment. Key factors for success include the network response time for the targets (given that this is a county or global distribution of target devices), memory availability on the supporting servers, the polling selected and the rates of polling. 8 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide For the top end of the network (approximately 12,000 devices), a distributed, multiple domain deployment is required. In addition to the multiple-server deployment description provided elsewhere, the following deployment settings are appropriate for this type of environment. v Deploy two domains with two servers for each domain. v Deployment of a dedicated database server might be required. v Each of the servers requires the following: Four processors. 8 GB of memory. 3 disk, RAID 5 multiple disk array v For the systems used for each domain, deploy as follows: Server 1: Network Manager Server 2: Tivoli Netcool/OMNIbus and Tivoli Integrated Portal System 3 (optional): a customer-selected RDBMS supporting both domains v Systems to be deployed on Linux or UNIX platform. v Any supported RDBMS used for the NCIM database. v Two polling engines: Use the default ncp_poller process for chassis ping. Create a separate ncp_poller for the SNMP polls. v Client system: single processor, 3 GB of memory, supported JRE and Internet browser Very large customer network This customer is a very large global enterprise company with a simple network architecture but very large numbers of devices. The purpose of this installation is to manage this customer network by alerting the operations staff to major failures and to support short-term capacity planning. The following sections describe this network in greater detail and provide suggestions for a Network Manager deployment to meet the needs of this network. Description Network management is done from a central location and from regional locations. The network is very large and contains over 12,000 network devices and critical servers. Network devices come from multiple vendors. The devices fall into two categories: v Network device infrastructure with interface counts in the range of 30 or more per device. v Managed devices with 1-2 interfaces per device. The majority of the devices are in the second category, managed devices. To manage a network of this size, the network is partitioned for management on a geographical basis. Within this environment the following example conditions apply: v There are 5 to 20 active GUI clients. v Polling: Chassis ping polling at two to 5 minute intervals. SNMP polling at 15 minutes or longer. Chapter 1. Planning for installation 9 SNMPv1 data collection v Other major Tivoli products integrated with the system, other than the required Tivoli Netcool/OMNIbus: IBM Tivoli Monitoring (ITM) with Tivoli Data Warehouse (TDW) running DB2 to support performance reporting. IBM Tivoli Business Service Manager (TBSM) IBM Tivoli Application Dependency Discovery Manager (TADDM) v Performance reports are required for data collection periods on the order of 31 days. Network Manager deployment Assistance from an experienced IBM services group or qualified IBM business partner is highly advisable for a successful deployment. Multiple domains are needed, supported by a collection of individual servers, or running together on a very large system. After completing a survey of the network to be managed, break the network up into sections that yield about 250-300K network entities, and then assign each of these sections be to a domain. In addition to the multiple-server deployment description provided elsewhere, the following deployment settings are appropriate for this type of environment. v Multiple network domains. v Platform selections: Linux and UNIX. v Large systems (many processors and very large amounts of memory) can host multiple domains as long as the memory allocations and processor counts are acceptable. Memory: 8-12 GB per domain Processors: 4-8 per domain depending on workloads v Any supported RDBMS used for the NCIM database. v Two polling engines for each domain: Use the default ncp_poller process for chassis ping. Create a separate ncp_poller for the SNMP polls. v Individual process memory limitations are a factor in this environment. v Client system: single processor, 3 GB of memory, supported JRE and Internet browser Telecommunications company network This customer is a telecommunications company and internet services provider. The purpose of this installation is to manage this customer network by alerting 24x7 network operations center staff to major failures. The following sections describe this network in greater detail and provide suggestions for a Network Manager deployment to meet the needs of this network. Description The network to be managed has about 300 network devices; with an average interface count per device of 15. This is an MPLS network, and consequently the network devices are “large” in terms of their interface counts and complexity. Network devices come from multiple vendors. All devices are in one or more locations and are managed by a small network operations group. All devices to be managed are connected via Fast Ethernet or Gigabit Ethernet. 10 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Within this environment the following example conditions apply: v Number of simultaneous active clients: 5-20. v Polling requirements: chassis pings at two to 5-minute intervals; SNMP polling of 5 values at 5 minute intervals. v Some SNMPv3 polling is in place. v Other major Tivoli products integrated with the system, other than the required Tivoli Netcool/OMNIbus: IBM Tivoli Monitoring (ITM) with Tivoli Data Warehouse (TDW) running DB2 to support performance reporting. IBM Tivoli Business Service Manager (TBSM) IBM Tivoli Application Dependency Discovery Manager (TADDM) v Performance reports done once a day for key devices, used to assemble weekly capacity reports. Network Manager deployment A three-server deployment is needed for this type of environment. In addition to the multiple-server deployment description provided elsewhere, the following deployment settings are appropriate for this type of environment. v One to two domains. v A three-server deployment is advised. v System specifications: System 1: two to four processors, 6-8 GB of memory, two or more disks System 1 (where Network Manager is installed): four processors, 6-8 GB of memory, two or more disks. Note that beyond 4 processors or processor cores, the core clock speed and on-chip cache can be more important than additional cores. The general rule is as follows: select the fastest 4 cores before additional cores. System 2: two to four processors, 6-8 GB of memory, two or more disks System 3: database server; processors, memory and disks selected by the DBA v Any supported RDBMS used for the NCIM database. v Two polling engines: Use the default ncp_poller process for chassis ping. Create a separate ncp_poller for the SNMP polls. v Client system: single processor, 3 GB of memory, supported JRE and Internet browser Deployment considerations You can deploy your entire Network Manager installation on a single server or as a distributed installation. During a Network Manager installation, you install the following four Network Manager components. Network Manager core This component consists of the core Network Manager processes: network discovery, polling, root cause analysis and event enrichment. NCIM database This database stores topology data. Chapter 1. Planning for installation 11 Tivoli Netcool/OMNIbus This component consists of the Tivoli Netcool/OMNIbus event management software. Many customers choose to have a trouble-ticketing system integrated with Tivoli Netcool/OMNIbus. Tivoli Integrated Portal This component consists of the Tivoli Integrated Portal user interface framework, together with the web applications. The objective of the installation is to place these components on one or more servers. The following are typical Network Manager deployment configurations: v Single-server deployment v Distributed deployment: two servers or more The factors that require an increased number of servers in a distributed deployment include the following: v v v v v Active event rates Amount and rate of stored polling data Device status polling rates and number of polling targets Network response times for polled targets Discovery frequency and v Size of the network to be discovered (for each domain, where there are multiple domains) Note: These deployment configurations do not take into consideration requirements for other product integrations. In addition, you must consider deployment of appropriate systems to support GUI client sessions. Single-server deployment Single-server deployments are appropriate for small demonstration or educational systems, and for systems to support small to medium customer networks. A single-server deployment must meet the following minimum specification: v A minimum of two processors of current speeds, preferably four processors. Examples of current speeds include 3 GHz or better for processors from the Intel product line, and 1.6 GHz or better for processors from the Sun product line. v A minimum of 6 GB of memory, preferably 8 GB. Distributed deployment: two servers or more In distributed deployments, Network Manager components are distributed across multiple servers, that is, two servers or more. Here are some guidelines for distributed deployments: v Two-server deployments are appropriate for the top end of the range of medium customer networks. v Deployments might require three servers or more in situations where there are multiple network domains. 12 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide v Three-server deployments might also be deployed where it is determined that a separate server is required to support a relational database product that provides topology data storage. In addition, a separate database server enables the relational database to support multiple applications, in addition to Network Manager. Two-server deployment An example of a two-server deployment consists of the following allocation of host workstations: v Server 1: Network Manager core components and the NCIM database. The core components are the network discovery, polling, root cause analysis and event enrichment components. v Server 2: Tivoli Integrated Portal with associated Network Manager web applications. In this two-server deployment, each server must meet the following minimum specification: v A minimum of two processors of current speeds, preferably four processors. v A minimum of 4 GB of memory. v For improved performance report response time, an enhanced disk I/O system, consisting of three to 6 physical disks in RAID supporting a logical volume. Three-server deployment An example of a three-server deployment consists of the following allocation of host workstations: v Server 1: Network Manager core components. v Server 2: Tivoli Netcool/OMNIbus v Server 3: Tivoli Integrated Portal with associated Network Manager web applications, together with the NCIM database. Client systems You must consider deployment of appropriate systems to support GUI client sessions. The following system specification provides support for a wide range of end-user activities on GUI client sessions: Note: The web application clients, notably the Tivoli Netcool/OMNIbus Web GUI Active Event List and the Network Manager Network Views, Hop View, and Structure Browser, are Java-based and therefore are dependent on the performance of the client system. Consequently, the more memory and CPU performance on the client system, the better. v Larger display supporting comfortable viewing at higher resolution, such as 1280x1024 v Current® speed single or dual core processor v 3 GB of memory v Supported JRE and Internet browser v Fast Ethernet. v Processor specification: Chapter 1. Planning for installation 13 For normal topology displays or event displays Single processor with the following speeds: 1 GHz or better, as found on many laptops, 2.4 GHz, as found in many workstations Enhanced time to display larger or complex topology maps and enhanced display of MIB graphs A very current processor (3.0 GHz or better) typically available in the latest workstation class systems. Deployment examples Use these examples of Network Manager to help you plan your deployment architecture. Constraints for installing and starting components Some components must be installed and started before others. Use this information as well as the installation examples to understand the order in which you must install and start components. Topology database constraints You must install a topology database before you install the Network Manager core components, or as part of the same installation process. You must install a topology database before you install the Network Manager Web applications (including the Tivoli Integrated Portal), or as part of the same installation process. You must create database tables only during the first installation of the Network Manager core components or the Network Manager Web applications (including the Tivoli Integrated Portal), and not during subsequent installations. Tivoli Netcool/OMNIbus constraints You must install Tivoli Netcool/OMNIbus before you install the Network Manager Web applications (including the Tivoli Integrated Portal), or as part of the same installation process. Web application constraints You must install the Network Manager core components before you install the Network Manager Web applications, or as part of the same installation process. If you are using ObjectServer authentication for the Network Manager Web applications, Tivoli Netcool/OMNIbus must be running during the installation of the Network Manager Web applications. Starting components in the right order Do not start the Network Manager core components until the installation of the Network Manager Web applications is complete. Ensure that both Tivoli Netcool/OMNIbus and the topology database are running before starting the Network Manager core components. 14 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Ensure that Tivoli Netcool/OMNIbus, the topology database, and the Network Manager core components are running before using the Network Manager Web applications. Related reference: “Server allocation for failover” on page 251 Any primary system must be installed on a separate host to a backup system, so that if the primary host fails, the backup host is unaffected. Example simple deployment architecture Use this example to familiarize yourself with the architecture of a simple Network Manager deployment. Components This example simple deployment consists of the following components: v One ObjectServer virtual pair. v One Tivoli Integrated Portal server. v One Network Manager installation running one domain with failover. v One instance of the NCIM topology database. The following figure shows the architecture for this deployment. Webtop Client Tivoli Integrated Portal ObjectServer virtual pair Network Views NCIM topology database Network Manager Figure 1. Simple deployment architecture Allocation of host workstations The following figure shows an example allocation of host workstations for this deployment. Note: If you have a particularly large topology, you might want to install the topology database on its own server. This decision depends on the specification of Chapter 1. Planning for installation 15 your machines and how you want to spread the load between them. Host Machine 1 Bi-directional Primary ObjectServer Gateway Backup Network Manager installation Host Machine 2 Primary Network Manager installation Host Machine 3 Tivoli Integrated Portal Backup ObjectServer NCIM topology database Figure 2. Simple deployment host machine allocation Steps to install a simple deployment The following steps provide an overview of the tasks required for this deployment, and help plan for a similar deployment. . To install the deployment described above, perform the following steps: 1. Install the topology database on host machine 3, create the necessary tables, and start the database. Note: The topology database must be installed and started before you start the Network Manager core components so that discovery data can be saved. 2. Install the following ObjectServers and related components: a. Install the primary ObjectServer and the Bi-directional Gateway on host machine 1. b. Install the backup ObjectServer on host machine 2. 3. Configure and run the ObjectServers. Note: The ObjectServers must be running before the Network Manager core components are started. 4. Install the primary Network Manager core components on host machine 2. 5. Install the backup Network Manager core components on host machine 1. 6. Install the Network Manager Web applications on host machine 3 (part of the GUI components category in the installation wizard). The Tivoli Integrated Portal server is automatically installed with the installation of the Network Manager Web applications. Tip: If you install the Tivoli Integrated Portal on a machine with no other products, performance is likely to be better than if you install it on a machine with other products. When you install the Network Manager web applications, the Tivoli Netcool/OMNIbus Web GUI is installed and automatically configured on host 16 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide machine 3 if it is not already installed there. The Tivoli Netcool/OMNIbus Web GUI was known as Netcool/Webtop in versions 2.2 and below. Note: The Network Manager core components must be installed before the Web applications. 7. Configure the primary Network Manager for failover and start it. 8. Configure the backup Network Manager for failover and start it. Example large deployment architecture Use this example to familiarize yourself with the architecture of a large Network Manager deployment. Components This example deployment consists of: v One ObjectServer and one Network Manager installation in London. The London domain sends events and topology to San Francisco. v One ObjectServer and one Network Manager installation in New York. The New York domain also sends events and topology to San Francisco. v One ObjectServer and one Tivoli Integrated Portal installation in San Francisco. The ObjectServer in San Francisco consolidates the events from London and New York. The Tivoli Integrated Portal server in San Francisco can access topology from both London and New York, but does not consolidate the topologies. Clients anywhere in the world can connect to the Tivoli Integrated Portal server, and view topology from London and New York. The following figure shows the architecture for this deployment. Chapter 1. Planning for installation 17 London host machine 1 Network Manager London host machine 2 Uni-directional Gateway San Francisco host machine 1 New York host machine 1 Tivoli Integrated Portal Network Manager San Francisco host machine 2 ObjectServer New York host machine 2 Uni-directional Gateway San Francisco host machine 3 ObjectServer ObjectServer NCIM topology database Figure 3. Large deployment architecture Allocation of host workstations The following figure shows an example allocation of servers for this deployment. 18 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide London office Head office San Francisco Network Manager Server domain= LONDON Network Manager Server domain= NY NCIM topology database Remote client ObjectServer LONDON New York office Remote client Tivoli Integrated Portal ObjectServer SANFRAN ObjectServer NY Figure 4. Large deployment host machine allocation Steps to install a large deployment The following steps provide an overview of the tasks required for this deployment, and help plan for a similar deployment. . To install this deployment, perform the following steps: 1. Install the topology database on San Francisco host machine 3, and create the necessary database tables. Note: The topology database must be installed and started before you start the Network Manager core components so that discovery data can be saved. 2. Install the following ObjectServers and related components: v Install the ObjectServer on San Francisco host machine 2. v Install the ObjectServer and the uni-directional gateway on London host machine 2. v Install the ObjectServer and the uni-directional gateway on New York host machine 2. 3. Configure and run the ObjectServers. Note: The ObjectServers must be running before the Network Manager core components are started. 4. Install the Network Manager core components on London host machine 1. Note: The Network Manager core components must be installed before the Web applications. 5. Install the Network Manager core components on New York host machine 1. Chapter 1. Planning for installation 19 6. If a version of Tivoli Netcool/OMNIbus Web GUI earlier than version 7.3.1 is already present on host machine 3, then upgrade this to the Tivoli Netcool/OMNIbus Web GUI version 7.3.1. Network Manager is not compatible with earlier versions of the Tivoli Netcool/OMNIbus Web GUI. 7. Install the Network Manager Web applications on host machine 3 (part of the GUI components category in the installation wizard). The Tivoli Integrated Portal server is automatically installed with the installation of the Network Manager Web applications. Tip: If you install the Tivoli Integrated Portal on a machine with no other products, performance is likely to be better than if you install it on a machine with other products. When you install the Network Manager web applications, Tivoli Netcool/OMNIbus Web GUI version 7.4 is installed and automatically configured on host machine 3 if it is not already installed there. Network domains Before installing, you need to consider whether to partition your network into domains, or have a single domain for the entire network. A network domain is a collection of network entities to be discovered and managed. Restriction: Only alphanumeric characters and the underscore (_) character may be used for domain names. Any other characters, for example the hyphen (-) are forbidden. Reasons for partitioning your network into multiple domains Partitioning your network into domains allows you to discover your network in sections. Reasons for partitioning your network include: v Scalability: Your network might be too big to be discovered in one piece. v Geography: You might want to break the network into geographical regions, and make each region correspond to a domain. v Logical network boundaries: You might want to discover and manage the network based on particular network boundaries. Discovered domains can be monitored separately. You can run multiple domains in order to perform multiple network discoveries, and multiple Network Manager processes can run independently of each other on the same server if they belong to different domains. Identifying the domain of an event Identifying the domain of an event enables the Network Views and Hop view to generate the correct topology map for that event. The domain in which an event originates can be identified in the following ways: v By using one domain per ObjectServer and using the name of the ObjectServer to identify the domain from which the event originates. v If using multiple domains per ObjectServer, probes in each domain need to be configured to enable the event itself to hold information that identifies the domain. This approach enables multiple Network Manager domains to be connected to a single ObjectServer. 20 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Related concepts: “Guidelines for number of network domains” on page 3 If your network exceeds a certain size, you might need to break up the network into multiple domains. Use this information to work out the number of network domains needed for your deployment. Related tasks: “Creating and configuring extra network domains” on page 294 If your deployment requires additional network domains, you must configure process control for the domains and register the domains with the NCIM topology database. You can also migrate the configuration and network polls from an existing domain to the new domains. Event collection using one domain per ObjectServer You can configure independent Network Manager domains by using a collection ObjectServer and an aggregation ObjectServer. Restriction: The architecture described in this topic is only applicable to Tivoli Netcool/OMNIbus versions 7.2.1 or earlier, and is based on the standard architecture from the Event Services Framework (ESF) that was previously released by the IBM Tivoli Netcool® Advanced Architecture Group. The collection ObjectServer collects events from the probes that are connected to each domain, whereas the aggregation ObjectServer gathers events from each of the collection ObjectServers. As a result the Network Manager domains are independent. One domain can be up while the other is down for maintenance. Furthermore, the scopes of the discovery can overlap. This structure is flexible as additional ObjectServers can be added when new domains are required, providing scalability when working with large networks. However, this approach requires multiple ObjectServers and therefore may only be of interest to customers with larger networks. The following figure shows an example architecture using one domain per ObjectServer. Chapter 1. Planning for installation 21 Domain A events events Domain B Aggregation ObjectServer Web Applications Webtop Collection ObjectServer events Event Gateway Collection ObjectServer events Event Gateway Tivoli Integrated Portal Probes Probes topology topology Network Manager domain=A NCIM topology database Network Manager domain=B Network Operations Center Figure 5. Managing event ownership: architecture for single-domain ObjectServers Event collection using multiple domains per ObjectServer You can connect multiple Network Manager domains to a single ObjectServer. In this configuration, the Tivoli Netcool/OMNIbus probes collect information on the name of the domain when an event is generated and populate the NmosDomainName field to hold this domain name. To implement this configuration you must first modify all Tivoli Netcool/OMNIbus probe rules files to ensure that each event contains an NmosDomainName field. This field is used to store the domain name associated with the event. This also ensures that the event is processed by the Event Gateway. Note: The incoming event filter in the Event Gateway handles both single-domain and multi-domain systems by default. For more information see the IBM Tivoli Network Manager IP Edition Event Management Guide. Note: This is a less expensive approach as it requires a single ObjectServer only. Scalability might be an issue as each new domain requires extra probe configuration. The following figure shows an example architecture using multiple domains per ObjectServer. 22 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Domain A Domain B tagged events NmosDomainName=’B’ single ObjectServer filter NmosDomainName=’A’ filter NmosDomainName=’B’ Web applications WebGUI Event Gateway Event Gateway Tivoli Integrated Portal Probe Probe topology topology Network Manager domain=A Network Manager domain=B NCIM topology database Network Operations Center Figure 6. Managing event ownership: architecture for multiple-domain ObjectServer Example visualization of topology from multiple domains Web clients using a single Tivoli Integrated Portal can view topology from more than one Network Manager domain. Multiple domains held in one topology database To enable topology visualization from multiple domains, each Network Manager domain forwards topology information to the Network Connectivity and Inventory (NCIM) topology database. When you have multiple domains, the topology from each domain is held in NCIM. Linking discovered domains You can find links between devices in different domains by configuring and running a cross-domain discovery. The following figure shows an example of three discovery domains feeding data into a single NCIM topology database. All web clients connected to the Tivoli Integrated Portal can view topology maps in any of the domains by choosing a single domain from the domain menu. Chapter 1. Planning for installation 23 Network Manager Domain = TOKYO Network views Network Manager NCIM topology database Tivoli Integrated Portal Domain = LONDON Hop view Network Manager Domain = PARIS Figure 7. Viewing topology from multiple domains If cross-domain discoveries have been run, an aggregated domain is created in the topology database, which includes device collections from all discovered domains. All web clients connected to the Tivoli Integrated Portal can view topology maps in all domains by choosing the AGGREGATION domain from the domain menu. For more information on viewing topology, see the Network Manager Topology Visualization Guide. Hardware requirements Hardware requirements vary according to the size and composition of your network and the features of Network Manager you want to use. Ensure that your servers meet the hardware requirements before you install Network Manager. Important: Do not run any other resource-intensive applications during the installation of Network Manager. 24 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Processor selection guidelines Read about guidelines for processor requirements before selecting the right server to install Network Manager on. The guidelines discussed here are for servers expected to support only Network Manager components. The guidelines assume the deployment of other Tivoli products, such as IBM Tivoli Monitoring, Tivoli Data Warehouse, and IBM Tivoli Business Service Manager on other servers. To combine the deployment of multiple major products on a single server, add the minimal requirements for each product together (see the individual product documentation for more information). For small customer networks and demonstration or educational system deployments, use two processors at least on all platforms. Deployments of medium or large customer networks require four processors. Note: For multiple core processors, individual core speed can be more important than the number of cores. While processors of any speed can be used, selecting the fastest core speed and largest on-chip cache makes a significant difference depending on the size of the network being discovered and polled. For virtualized settings (supported by VMWare ESX) use both processor and memory resources fixed to a virtual system supporting Network Manager. For more details on processor selection and other deployment considerations, see “Deployment of Network Manager” on page 1. Requirements to run the installer To install any components of Network Manager, your server must meet the hardware requirements. Disk space requirements for the installer You need a certain amount of space free in certain directories to be able to run the installer, regardless of which components you are installing. On UNIX operating systems, you need at least 1 GB space in the /tmp directory and at least 350 MB space in the /usr directory, and 500 KB in the /var directory. If you install Network Manager into any location other than /opt, you must have at least 50 MB of space in the /opt directory. Disk space requirements for installing as a non-root user On UNIX operating systems, if you are installing as a non-root user, you must have at least 350 MB space free in your home directory to store files related to the installation. Chapter 1. Planning for installation 25 Requirements for the core components To install the Network Manager core components, your servers must meet the minimum hardware requirements. Memory requirements Ensure that the server where you want to run Network Manager meets the following memory requirements. v For a single-server deployment, where the Network Manager core components, Web applications, topology database, and Tivoli Netcool/OMNIbus are all on the same server, you need a minimum of 8 GB DRAM, preferably more for large networks. v For a distributed deployment, where only the Network Manager core components are installed on the server, you need a minimum of 4 GB DRAM. These are minimum requirements, and the amount of memory required will vary depending on the size of the network to be managed and how you deploy Network Manager. For more information, see “Deployment of Network Manager” on page 1. Disk space requirements Ensure that the server where you want to run Network Manager meets the following disk space requirements. v 4 GB hard disk space to store the software v 4 GB hard disk space per domain for cache storage v As a guidance estimate for log files, assuming that each log file is 1 GB in size and six processes are set to full debug level, you would require 24 GB of disk space. (6 processes x 4 log or trace files each = 24 log or trace files x 1 GB = 24 GB). v 50 GB free disk space to run Network Manager. These are minimum values for guidance, and the amount of disk space required will vary depending on the size of the network to be managed and how you deploy Network Manager. For more information, see “Deployment of Network Manager” on page 1. Bandwidth requirements The Network Manager server requires a 100 Mbps full duplex fast Ethernet connection (or equivalent) with the DNS server. It is required that the systems supporting Network Manager components are placed in the data center with LAN speed connections of 100 Mbps fast Ethernet or Gigabit Ethernet to the DNS system and the core network devices to be discovered and managed. Slower connection speeds can be used, but might impact client session response times and must be factored into key workloads such as polling (including response times, retry count, and total network traffic introduced). Note: During the discovery of a network device, many SNMP queries are made of that device. After discovery, routine polling (ICMP and SNMP) can introduce significant traffic on the network. With the supporting network hosted by modern LAN speeds, these workloads can be accommodated. 26 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide For more details on discovery bandwidth requirements, see “Bandwidth requirements for discovery” on page 29. Other requirements You also need a DVD drive, if you are not installing the software from a download. Requirements for the GUI components The server on which you install the GUI components of Network Manager (also referred to as Web Applications, which includes Tivoli Integrated Portal and Tivoli Netcool/OMNIbus Web GUI) must meet the following hardware requirements. v 5.5 GB hard disk space. v A minimum of 4 GB DRAM. Note: The installer checks to ensure a minimum of 3 GB DRAM is available to accommodate demonstration and educational system deployments. However, a minimum of 4 GB DRAM is required in production environments. v 500 MB in the /tmp directory. v DVD drive if not installing from download. Hardware requirements for Tivoli Common Reporting To enable network management reports, you must have Tivoli Common Reporting installed. Tivoli Common Reporting is an optional component that needs to be installed separately to be able to use the reporting feature of Network Manager. Review the hardware requirements for Tivoli Common Reporting to make sure you meet your performance requirements. For detailed information on hardware requirements for Tivoli Common Reporting, see the Tivoli Common Reporting information center at the following URL: http://publib.boulder.ibm.com/infocenter/tivihelp/v3r1/topic/ com.ibm.tivoli.tcr.doc_211/rtcr_soft_and_hard_reqs.html Installation directory requirements If you are installing Network Manager GUI components including the Tivoli Integrated Portal provided, do not install into a directory that already contains any version of Tivoli Integrated Portal. Requirements for the topology database server Read about Network Manager topology database requirements. Disk space requirements To store Network Manager data, ensure you have at least 5 GB disk space available for your topology database . Note: These figures are minimum values. The actual disk space required depends on the size of your network and the amount of data stored. The storage of performance data can require a large amount of disk space. If you are planning to store such large amounts of data, consider 50 GB for Network Manager-related disk space. Chapter 1. Planning for installation 27 For a large network contained within a single domain you should have 5 GB for the topology data, and a total of 50 GB to cover storage data as well. For more information about planning the Network Manager deployment for your network including considerations for size and domains, see “Deployment of Network Manager” on page 1. Ensure that the server where you want to run the topology database meets the following disk requirements: v Three disks in RAID 1 configuration (more disks for RAID 5) v High speed SATA or SCSI disks Disk space for events and interfaces You must calculate and allow additional disk space for the number of events and interfaces on your installation. The additional hardware requirements for Network Manager are as follows: v 4 KB of disk space for each expected event, per day of storage required v 4 KB of disk space for each interface or port on a managed device For example, if you have 5000 ports on devices in your network, expect 3000 events each day and require events to be stored for 30 days, you require: 3000 * 30 * 4 KB = 360 MB The total disk space required is therefore: 512 MB + 512 MB cache + 360 MB + (4 KB * 5000) = 1.4GB Swap space requirements (UNIX) On UNIX platforms, you must ensure that you have adequate free disk space that is configured to be used as swap space. The exact amount of swap space needed depends on the size and composition of your network and the type of discovery. For smaller amounts of physical RAM, you need proportionally greater amounts of swap space. The following figures show the approximate amount of swap space depending on the amount of physical RAM. 4GB RAM Configure 10GB swap space. 8GB RAM Configure 16GB swap space. 12GB RAM Configure 18GB swap space. For amounts of RAM greater than 12 GB, configure the same amount of swap space. For example, for 24GB RAM, configure 24GB swap space. 28 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Bandwidth requirements for discovery Network discovery operations require a minimum of broadband connection speed. Do not attempt discoveries over dial-up connection speeds. If the connection speed is not sufficient, packets might be lost due to the amount of SNMP traffic that is generated by the default discovery and monitoring operations. Even over a broadband connection, the number of SNMP helper threads must be kept low. This might cause the discovery to take a long time. Discoveries should be run using an Ethernet (or similar speed) connection. The required speed of the Ethernet connection depends on the size of your network: v 10 Mbps full duplex speed is required to support up to 100 SNMP helper threads and a relatively low number of devices. If you are using Telnet with SSH to access many devices in the discovery, the number of SNMP helper threads should be reduced due to the bandwidth used by the Telnet Helper. v 100 Mbps full duplex fast ethernet connection (or equivalent) is required for discovering a large network. Bandwidth should not be a problem over a 100 Mbps connection regardless of the number of SNMP helper threads used, unless there are other bandwidth-hungry applications sharing the link. The above figures assume an average round trip time for an SNMP packet is 10 milliseconds, and the average SNMP packet size is around 125 bytes. This means each SNMP helper thread could transmit 12,500 bytes per second, and retrieve 12,500 bytes per second, which equals 100,000 bits per second. If there are 20 threads, then 20 multiplied by 100,000 equals 2,000,000 bits per second, which is 2 Mbps. For 100 threads, the figure is 10 Mbps. By default, the SNMP helper runs 120 threads. These estimates assume that every thread in the SNMP helper is in full operation at the same time, which is generally not the case. However, if there is insufficient bandwidth, the UDP packets used to transport SNMP could either be lost, or the packets might queue up in the network and arrive with a delay. For more information on configuring the SNMP helper, see IBM Tivoli Network Manager IP Edition Discovery Guide. Discovery memory requirements When discovering very large networks, the discovery process (ncp_disco) and the topology model process (ncp_model) use the most memory. If the network is very large, consider dividing it into multiple domains. Related concepts: “Guidelines for number of network domains” on page 3 If your network exceeds a certain size, you might need to break up the network into multiple domains. Use this information to work out the number of network domains needed for your deployment. Chapter 1. Planning for installation 29 Software requirements Software requirements vary according to the operating system, products, and features of Network Manager that you want to use. Requirements for other products Make sure that you meet the requirements for the products that are integrated with Network Manager. Extra product requirements Important: These requirements are in addition to any other hardware, software, installation directory, user or other requirements discussed in the individual product documentation. Ensure that you are familiar with all of the requirements and prerequisites before installing any product. Tivoli Netcool/OMNIbus Make sure that Tivoli Netcool/OMNIbus V7.3.1 or V7.4 is installed on a server to which Network Manager can connect. If you do not have an installation of Tivoli Netcool/OMNIbus, you must install it. You must download Tivoli Netcool/OMNIbus separately. If you choose the option to install event management software, and supply the location of the downloaded package or installation media, you can install Tivoli Netcool/OMNIbus as part of the Network Manager installation. The Network Manager installer expects to install Tivoli Netcool/OMNIbus V7.4. You can also installTivoli Netcool/OMNIbus V7.3.1 using the Network Manager installer: in this case, create a subdirectory called OMNIbus in the top-level directory of the extracted Network Manager installation package, and extract the downloaded Tivoli Netcool/OMNIbus package into this directory. If you install Tivoli Netcool/OMNIbus not using the Network Manager installer, you must install from a different window to that used to install Network Manager, ensuring that any environment variables are set correctly according to the Tivoli Netcool/OMNIbus documentation. The Tivoli Netcool/OMNIbus Web GUI The Tivoli Netcool/OMNIbus Web GUI was known as Netcool/Webtop in versions 2.2 and below. If you install the Web GUI not using the Network Manager installer, you must install from a different window to that used to install Network Manager, ensuring that any environment variables are set correctly according to the Tivoli Netcool/OMNIbus documentation. Tivoli Common Reporting To enable network management reports, you must have Tivoli Common Reporting 2.1.1 installed. Network Manager installs the reports package required for network management reports on the server where the Network Manager GUI components are installed. If the chosen installation location for Network Manager already has existing Tivoli Integrated Portal and Tivoli Common Reporting instances, then Network Manager automatically configures the reports to be used with that Tivoli Common Reporting instance. If you do not have Tivoli Common Reporting installed when installing Network Manager, you can install Tivoli Common Reporting at a later date and configure the reports then as described in “Configuring reports for existing installations” on page 239. 30 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Restriction: Tivoli Common Reporting version 2.1.1 is not supported on Red Hat Enterprise Linux 6.0. If you want to run network management reports using Network Manager's reporting feature, you must install the Network Manager GUI components and Tivoli Common Reporting on another supported operating system other than Red Hat Enterprise Linux 6.0. IBM Tivoli Business Service Manager You must install IBM Tivoli Business Service Manager from a different window to that used to install Network Manager, ensuring that any environment variables are set correctly according to the IBM Tivoli Business Service Manager documentation. Previous versions Install Network Manager 4.1 in a different directory to Network Manager V3.9 or earlier, and Netcool/Webtop V2.1 or earlier. Related tasks: “Configuring integrations with other products” on page 151 You can set up Network Manager to work with a number of Tivoli® products. Read about necessary configuration tasks required to set up the available integrations. Compatibility with other Tivoli products Network Manager is compatible with other Tivoli products, providing options for integrating with other products to build a solution to address your requirements. The following table describes the compatibility of Network Manager V4.1 with other Tivoli products. Table 3. Compatibility of Network Manager with other products Product Compatible versions IBM Tivoli Netcool/OMNIbus 7.3.1 7.4 Tivoli Netcool/OMNIbus Web GUI 7.3.1 (using Tivoli Integrated Portal 2.2) 7.4 IBM Tivoli Netcool Configuration Manager 6.3 6.4 Tivoli Integrated Portal 2.2 Note: Network Manager 4.1 uses Tivoli Integrated Portal 2.2.0.9 by default (installed by the Tivoli Netcool/OMNIbus Web GUI component). Products integrating with Network Manager 4.1 must support Tivoli Integrated Portal 2.2.0.9 or later. To use certain browser versions, you might need to upgrade to later Tivoli Integrated Portal versions. For more information, see “Supported browsers for Web applications” on page 34. Tivoli Common Reporting 2.1.1 IBM Tivoli Application Dependency Discovery Manager and IBM Tivoli Change and Configuration Management Database 7.2.1 Chapter 1. Planning for installation 31 Table 3. Compatibility of Network Manager with other products (continued) Product Compatible versions IBM Systems Director 6.2.1 IBM Tivoli Business Service Manager 6.1.1 IBM Tivoli Monitoring 6.2.3 Fix Pack 3 or later Supported topology databases IBM DB2 Universal Database version 10.1 is the default topology database for Network Manager V4.1. Network Manager also supports IBM DB2 Universal Database version 9.7. For a matrix of supported operating systems and databases, see the detailed system requirements document at: http://pic.dhe.ibm.com/infocenter/prodguid/v1r0/clarity/index.html Important: Ensure that your database has all the recommended patches applied, including the latest patch levels. Important: The Network Manager V4.1 installer includes installation of DB2, either as a DB2 server for a single-server installation, or as a DB2 client to enable Network Manager V4.1 to talk to an existing DB2 server installation. If the installing user has an existing DB2 client already defined in their environment (for example, in the PATH or LD_LIBRARY_PATH environment variables) and this version of DB2 is different to the V10.1 version being used by Network Manager V4.1, then the existing DB2 client might interfere with the Network Manager V4.1 DB2 installation. Any references to an existing DB2 installation on the server should be removed from the environment of the user that is installing Network Manager V4.1. The prerequisite checking utility performs a check to determine if there are any existing references to DB2 in the environment. Related tasks: “Setting up a topology database” on page 44 You must configure an existing database or install and configure a new one to use as the topology database for Network Manager. Supported operating systems Network Manager is supported on the following operating systems. For the most current information about supported operating systems, see the detailed system requirements document at: http://pic.dhe.ibm.com/infocenter/prodguid/v1r0/clarity/index.html Important: Ensure that your operating system has all the recommended patches installed, including the latest patch levels. On Intel and Advanced Micro Devices (AMD) x86 processors, the following versions are supported: v Red Hat Enterprise Linux 5 (x86-64) 32 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide v Red Hat Enterprise Linux 6 (x86-64) Note: Network Manager 4.1 only supports installing on 64-bit hardware. You can reuse 32-bit components such as 32-bit installations of Tivoli Integrated Portal and Web GUI when installing Network Manager 4.1 on a 64 bit machine. The Network Manager GUI components will work with existing 32-bit Tivoli Integrated Portal and Web GUI installations. Note: On Red Hat Enterprise Linux 6, you must have the 32-bit Red Hat Enterprise Linux libraries installed in addition to the 64-bit libraries. The default 64-bit Red Hat Enterprise Linux 6 installation does not include the 32 bit libraries. Restriction: If you have an existing 32-bit Tivoli Integrated Portal and no Web GUI installation on the server you are installing the Network Manager GUI components on, then you must install a 32-bit Web GUI before installing the Network Manager GUI components, or remove the 32-bit Tivoli Integrated Portal and use the Network Manager installation process to install a 64-bit Web GUI and Tivoli Integrated Portal. The Network Manager installer only installs 64-bit Web GUI, and that installs a 64-bit Tivoli Integrated Portal. Attention: Network Manager uses the JVM version used by Tivoli Integrated Portal on the server hosting the GUI components. This means that if you have a 64-bit Tivoli Integrated Portal, then Network Manager runs against a 64-bit JVM, but if you have a 32-bit Tivoli Integrated Portal, then Network Manager runs against a 32-bit JVM. Restriction: Tivoli Common Reporting version 2.1.1 is not supported on Red Hat Enterprise Linux 6.0. If you want to run network management reports using Network Manager's reporting feature, you must install the Network Manager GUI components and Tivoli Common Reporting on another supported operating system other than Red Hat Enterprise Linux 6.0. Attention: Make sure you disable Security-Enhanced Linux (SELinux) or set it to permissive in the selinux configuration file before attempting to install Network Manager. Linux systems running Security-Enhanced Linux (SELinux) are not supported. Also, Linux systems running AppArmor are not supported. Disable AppArmor to allow the installation to continue. Additional requirements for Tivoli Common Reporting on Linux Ensure your system meets the following requirements for Tivoli Common Reporting: v On all versions of Linux, make sure you have the libXm.so.3 or later (available from the openmotif RPM 22 or later) available on your system before the installation. For versions of libXm.so.x later than libXm.so.3, make a symbolic link from the later version to libXm.so.3, using a command similar to the following example: ln -s /usr/lib/libXm.so.4 libXm.so.3. For detailed information on software requirements for Tivoli Common Reporting, see the Tivoli Common Reporting information center at the following URL: http://publib.boulder.ibm.com/infocenter/tivihelp/v3r1/topic/ com.ibm.tivoli.tcr.doc_211/rtcr_soft_and_hard_reqs.html Restriction: Tivoli Common Reporting version 2.1.1 is not supported on Red Hat Enterprise Linux 6.0. If you want to run network management reports using Chapter 1. Planning for installation 33 Network Manager's reporting feature, you must install the Network Manager GUI components and Tivoli Common Reporting on another supported operating system other than Red Hat Enterprise Linux 6.0. Additional requirements for Red Hat Enterprise Linux AS, ES, and WS 5 If installing Network Manager on Red Hat Enterprise Linux AS, ES, or WS 5, you must ensure that the following RPMs are available on your system before the installation: v v v v v v compat-libstdc++-33-3.2.3-61 libXp-1.0.0-8 openmotif22-2.2.3-18 libXmu-1.0.2-5 libXpm-3.5.5-3 compat-libstdc++-296-2.96-138 These files should be available on the installation CDs for the operating system. For more information about obtaining packages, go to the IBM WebSphere® Application Server Information Center at http://publib.boulder.ibm.com/ infocenter/wasinfo/v6r1/index.jsp, and search for the package name. Additional requirement for Linux systems Make sure you have both the 32 bit and 64 bit versions of the pam-1.1.1-10.el6.system packages installed. Supported browsers for Web applications Ensure that clients use one of the supported Web browsers. If your Web browser is not supported, a Web application might hang or crash. The following table describes the supported Web browsers and the Java™ Runtime Environment (JRE) versions for each client operating system. 34 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 4. Supported Web browser versions for client operating systems Web browser Java Runtime Environment (JRE) version Client operating system Internet Explorer 8.0 and 9.0 Windows XP Service Pack 3 Note: Network Manager 4.1 Windows 7 Enterprise includes Tivoli Integrated Portal 2.2.0.9 which supports Windows Vista Enterprise Internet Explorer 9.0. IBM 1.7 and Oracle 1.7 Windows Server 2008 (R1) Standard Edition Windows Server 2008 (R1) Enterprise Edition Windows Server 2008 (R2) Datacenter Edition Windows Server 2008 (R2) Enterprise Edition Windows Server 2008 (R2) Standard Edition Mozilla Firefox 17 Extended Support Release (ESR) Note: You must have Tivoli Integrated Portal 2.2.0.11 or later to use Firefox 17 ESR. For more information, see the section about upgrading to Tivoli Integrated Portal 2.2.0.11 in “Postinstallation tasks” on page 81. IBM 1.7 (not on Solaris) and Oracle 1.7 Tip: If you are using Mozilla Red Hat Enterprise Linux Firefox on UNIX operating (RHEL) 5.0 and 6.0 systems, refer to the Firefox documentation to ensure that SuSE Linux Enterprise the Java plugin is correctly Desktop (SLED) 10 and 11 installed, and that any symbolic links that might be SuSE Linux Enterprise Server necessary have been made. (SLES) 10 and 11 Red Hat Enterprise Linux Desktop 5.0 and 6.0 Solaris 9, 10, and Zones SPARC Windows XP Service Pack 3 Windows 7 Enterprise Windows Vista Enterprise Windows Server 2008 (R1) Standard Edition Windows Server 2008 (R1) Enterprise Edition Windows Server 2008 (R2) Datacenter Edition Windows Server 2008 (R2) Enterprise Edition Windows Server 2008 (R2) Standard Edition Chapter 1. Planning for installation 35 Supported browsers for the installer launchpad To run the installer launchpad, you must have a supported browser installed. List of supported browsers The supported browsers for the installer launchpad are described in the following table. Important: The supported browsers for the installer launchpad are not necessarily the same as the supported browsers for the Web applications. Note: To use the launchpad, you must have the xterm command installed on this system. Table 5. Supported browsers for the installer launchpad Browser Version Firefox 2.0 and above Mozilla 1.7 and above Internet Explorer 5.5 and above SeaMonkey 1.1.4 and above Operating system tools Because the stability of the installation process depends on the stability of the Operating System (OS) tools, ensure that the OS versions of standard tools are included in your path before non-OS versions of the same tools (for example, GNU utilities). Domain Name Service (DNS) requirements Ensure that your servers have DNS set up correctly before installing Network Manager. Domain names Ensure that all servers onto which you want to install any components of Network Manager have the host name defined as a fully qualified domain name. Incomplete or incorrect DNS setup can cause problems installing or using Network Manager. On UNIX platforms, the host name is defined in the /etc/hosts file. Restriction: Do not use underscore when specifying host names. Use of underscores as part of a host name causes the installation of the Tivoli Integrated Portal to fail. 36 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide UNIX user restrictions On UNIX operating systems, if you have installed other Tivoli network management products on a particular server, you must install Network Manager into the same directory as the same user. If you install the Network Manager Web applications as the root user, Network Manager will not integrate with IBM Tivoli Business Service Manager. If you want to use Network Manager with TBSM, you must create a different user to install and manage all Tivoli products on this server. If you install Network Manager as a non-root user, you must perform extra post-installation configuration steps in order to run the core components as the root user. If you install Network Manager as a non-root user, you must install all future Tivoli products as the same user. If you install and run Network Manager as a non-root user, then it is not possible to have two versions of Network Manager installed on the same server. Related tasks: “Configuring root/non-root permissions” on page 213 On UNIX, if you installed Network Manager as a non-root user, you must perform additional configuration. Installation directory requirements The directory where you install Network Manager must fulfill certain requirements. Requirements on all operating systems By default, the installer places Tivoli Network Management products into the same directory. The full path to the installation directory must contain only alphanumeric characters (A-Z, a-z, 0-9), dashes, underscores, periods, colons, slashes, or spaces. Requirements on UNIX operating systems The user installing Network Manager must have write permission to the installation directory, and if different, the /opt directory. Requirements for the installer The installer installs files in the main installation directory that you choose during the installation process. It also installs files in other directories, depending on the operating system being installed on and the user performing the installation. Review the default directory structure and ensure that the user performing installation has write access to the relevant directories. Related reference: “Default directory structure” on page 289 Use this information to understand the Network Manager directory structure. Chapter 1. Planning for installation 37 File handle requirements On UNIX and Linux operating systems, ensure that there are enough file handles allowed. If you are installing Network Manager on a UNIX or Linux operating system, ensure that the number of open files for processes is set to 8192 in all environments for the user who runs Network Manager. You can check this value by issuing the following command as the user who is running Network Manager: ulimit -n If this value is less than 8192, please contact your system administrator to increase the value appropriately for your user. The following are examples of using the command to increase the value: Linux ulimit -n 8192 Also ensure you have the number of processes per user set to a minimum of 1024. You can check this value using the following command: ulimit -u Note: The 1024 value is a minimum one and this value might need to be adjusted for your environment based on your needs. Requirements for charting Charting is an optional component that enables you to display charts from supported Tivoli products and charts that were created with the Business Intelligence and Reporting Tools Designer. The Charting option also installs the ITM Web Service with the Tivoli Integrated Portal Server. When Tivoli Management Services is part of your networked enterprise, the ITM Web Service is used to query attribute values collected by your IBM Tivoli Monitoring or OMEGAMON® XE products and retrieve them to chart portlets in the console. Important: If your installation will use the ITM Web Service, be sure to read “Configuring SSO between Charting and Tivoli Monitoring” on page 300 before installing Tivoli Integrated Portal. Your product may already come with predefined charts or perhaps the chart format is not appropriate for your product. In either case, you will not see the Charting option during an advanced installation if it is not offered with your product. Secure Web service connection Charting supports the HTTPS protocol for confidentiality. When data requests are made from the portal to the IBM Tivoli Monitoring application server (Tivoli Enterprise Portal Server) the credentials of the logged-in user are passed to the Web service for authentication and authorization. When requests are made to retrieve Tivoli Monitoring data into a chart portlet, the user name and password that were provided at installation time are passed to the Tivoli Enterprise Portal Server, and an LTPA token is passed to the backend Web service. To participate in this secure connection, the ITM Web Service must be installed and run on the same Tivoli Integrated Portal Server instance. 38 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide About DNCIM In this version of Network Manager the Discovery engine, ncp_disco, uses a new embedded relational database, known as Discovery NCIM (DNCIM). During the discovery process, data is collected from the network, and the network topology is created using this data. During data collection and processing into a network topology, the network topology data is stored in different databases. Once the final network model, including connectivity and containment, is built the network topology data is stored in DNCIM. DNCIM has the same structure as the NCIM topology database. Note: DNCIM replaces the legacy scratchTopology database. For more information about DNCIM, see the IBM Tivoli Network Manager IP Edition Discovery Guide. Chapter 1. Planning for installation 39 40 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Chapter 2. Installing Use this information to plan and perform an installation of Network Manager. After installation, you might need to perform configuration tasks. Preparing to install Before you begin installing Network Manager, you must obtain and extract the installation package, and depending on your installation, complete additional tasks. If you want to integrate Network Manager with an existing installation of Tivoli Netcool/OMNIbus on a different server, you must configure the Tivoli Netcool/OMNIbus installation before installing Network Manager. For information about setting up your database for an existing Network Manager installation, see the tasks about creating topology database schemas in the IBM Tivoli Network Manager IP Edition Administration Guide. Click the following link to retrieve technotes about known installation issues in version 4.1 of Network Manager: http://www.ibm.com/support/search.wss?word=ow&wfield=install&rs=3118 &tc=SSSHRK&atrn=SWVersion&atrv=4.1&ibm-go.x=18&ibm-go.y=12 Restriction: Any passwords you choose for use in Network Manager must conform to the password policies of the server or system environment. Configuring an existing Tivoli Netcool/OMNIbus installation on a remote server If you want to integrate Network Manager with an existing installation of Tivoli Netcool/OMNIbus on a different server, you must configure the Tivoli Netcool/OMNIbus installation before installing Network Manager. If you are installing Tivoli Netcool/OMNIbus 7.3.1 or later on the same server as part of the Network Manager installation, you do not need to do this task. You can use the Network Manager installer to install and configure Tivoli Netcool/OMNIbus. If you want to integrate Network Manager with an existing installation of Tivoli Netcool/OMNIbus 7.3.1 or later on the same server, you do not need to do this task. You can use the Network Manager installer to configure the existing Tivoli Netcool/OMNIbus. Attention: Using the Network Manager installer to configure an existing Tivoli Netcool/OMNIbus on the same server also installs probes and the Netcool/OMNIbus Knowledge Library unless you choose not to. If you do not want to overwrite your existing probe and Netcool/OMNIbus Knowledge Library customizations, ensure you do not select to install these Tivoli Netcool/OMNIbus components during the installation. © Copyright IBM Corp. 2006, 2013 41 To configure an existing Tivoli Netcool/OMNIbus for use with Network Manager, complete the following tasks. 1. Make sure you have an existing Tivoli Netcool/OMNIbus ObjectServer installation to configure. 2. Download and extract the Network Manager installation package on the server that contains the Tivoli Netcool/OMNIbus installation. Alternatively, if you already have an extracted Network Manager installation package on a machine, you can also copy the ExportPackage file from that server to the host that contains the Tivoli Netcool/OMNIbus installation. The ExportPackage file includes the launchpad and script required to configure the existing Tivoli Netcool/OMNIbus installation. 3. If you are configuring a Tivoli Netcool/OMNIbus version other than 7.4 then download the installation package for the appropriate version of the SNMP Probe (also known as the MTTRAPD Probe). 4. To be able connect to an existing Tivoli Netcool/OMNIbus on the remote server, configure it for this Network Manager installation before installing Network Manager using one of the following options. Start the configuration script either from the installer launchpad or the command line. Option Description Run the script from the launchpad. 1. Depending on your operating system, start the launchpad using the launchpad.sh script on UNIX or the launchpad.exe executable on Windows. 2. Go to Preinstallation and Migration and expand the Configure an existing Netcool/OMNIbus installation section. 3. Click Configure existing Netcool/OMNIbus installation. 4. Enter the access credentials for the ObjectServer you want to configure. Run the script from the scripts directory of the installation package. v Depending on your operating system, run the ConfigOMNI.sh script on UNIX or the ConfigOMNI.bat script on Windows. v Enter the access credentials for the ObjectServer you want to configure. v For information about running the script, see “ConfigOMNI command-line options” on page 43. If you install Tivoli Netcool/OMNIbus as part of the Network Manager installation, the installer adds the itnmadmin, itnmuser, and itnmclient users to the ObjectServer, turns on AES encryption, turns on process control for the Objectserver, and installs the SNMP Probe and the Netcool/OMNIbus Knowledge Library. If you use the ConfigOMNI utility (from launchpad or from command line), you can choose which options are configured using the appropriate command line arguments. If you are configuring a Tivoli Netcool/OMNIbus version other than 7.4, supply the installation package for the appropriate version of the SNMP Probe using the -m command line argument. 5. Required: After you configure Tivoli Netcool/OMNIbus, install Network Manager. 42 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide a. During the installation, select Connect to an existing Tivoli Netcool/OMNIbus installation on another server. b. Provide the details of the ObjectServer that you configured using the script. ConfigOMNI command-line options Use the ConfigOMNI script, with optional advanced arguments, to configure Tivoli Netcool/OMNIbus for use with Network Manager before installing Network Manager. The ConfigOMNI script is started by using the following command line; optional arguments are shown enclosed in square brackets. ConfigOMNI -o name -p password [ -a ] [ -c ] [ -e ] [ -h directory ] [ -k package ] [ -m package ] [ -n portnumber ] [ -u password ] The following example runs the script on ObjectServer DIAMOND with the administrative password p3w0d. If the ObjectServer DIAMOND does not already exist, it is created. Using the appropriate options, you can configure the script to add the itnmadmin, itnmuser, and itnmclient users to the ObjectServer, turn on AES encryption, turn on process control for the Objectserver, and install the SNMP Probe and the Netcool/OMNIbus Knowledge Library. Note: The ConfigOMNI script does not perform any configuration unless the appropriate command line options are provided, or you respond to the appropriate questions. ConfigOMNI -o DIAMOND -p p3w0d The following table describes the command-line options for the ConfigOMNI script. Table 6. ConfigOMNI command-line options Command-line options Description -o name The name of the ObjectServer that you want to create or configure. -p password The administrative password of the ObjectServer that you want to create or configure. -a Optional. Runs the script in interactive mode, which prompts for all information. -c Optional. Configures the ObjectServer to run under Tivoli Netcool/OMNIbus process control. This is necessary for the itnm_start, itnm_stop, and itnm_status scripts to function correctly with the ObjectServer. -e Optional. Set AES encryption for the ObjectServer password. -h directory Optional. The directory containing the Tivoli Netcool/OMNIbus installation (OMNIHOME). -k package Optional. Install Netcool/OMNIbus Knowledge Library from this package. You must specify the path to the package if it is not in the current directory. -m package Optional. Install the SNMP Probe from this package. You must specify the path to the package if it is not in the current directory. Chapter 2. Installing 43 Table 6. ConfigOMNI command-line options (continued) Command-line options Description -n portnumber Optional. The port number of the ObjectServer that you want to create or configure. -u password Optional. Create the itnmadmin, itnmuser, and itnmclient users in the ObjectServer. Setting up a topology database You must configure an existing database or install and configure a new one to use as the topology database for Network Manager. You have the following options to set up a database for your topology: v You can install and configure the default DB2 database bundled with Network Manager and set it up using the Network Manager installer. In this case, you do not need to follow any of the database setup tasks before installing Network Manager. You can start the installer and select the options for setting up a new DB2 database. v If you want to use an existing DB2 database on either a local or a remote host, you must configure it before installing Network Manager as described in the following tasks. For information about setting up your database for an existing Network Manager installation, see the tasks about creating topology database schemas in the IBM Tivoli Network Manager IP Edition Administration Guide. Important: Ensure that your database has all the recommended patches applied, including the latest patch levels. Related reference: “Supported topology databases” on page 32 IBM DB2 Universal Database version 10.1 is the default topology database for Network Manager V4.1. Setting up existing DB2 databases on UNIX To use an existing DB2 database as the topology database on UNIX, you must install DB2, configure an instance, and create a database before Network Manager is installed. The database for Network Manager is created by scripts that are contained in the /PrecisionIP/scripts directory of the extracted installation image. You must have extracted the installation package before you install DB2 and attempt to create the database. The DB2 environment must be set up as the DB2 administrative user on the server hosting DB2. If the host is on a remote server then copy the database creation scripts to the remote server. During installation of Network Manager, the NCIM topology database is installed on the DB2 database that you create. For information on how to install and configure DB2, see your DB2 documentation. The documentation for the supported versions of DB2 are at the following locations: 44 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide v For DB2 9.7, see http://pic.dhe.ibm.com/infocenter/db2luw/v9r7/index.jsp v For DB2 10.1, see http://pic.dhe.ibm.com/infocenter/db2luw/v10r1/index.jsp 1. Install DB2 and configure an instance in which the installation process can create the NCIM database. 2. Change to the directory into which the instance was installed and then change to the sqllib subdirectory. 3. Set up the environment by typing the following command: Shell Command Bourne . ./db2profile C source db2cshrc The Network Manager application wrapper scripts automatically set up the DB2 environment. For more information about how the wrapper scripts set up the environment, see “Example of how the wrapper scripts search for a file” on page 46. 4. Change to the /PrecisionIP/scripts directory of the extracted Network Manager installation image. 5. Optional: If you are setting up DB2 on a different server from Network Manager, copy the following scripts to the remote host where you installed DB2: v create_db2_database.sh v create_db2_cognos_database.sh v catalog_db2_database.sh 6. Run the create_db2_database.sh script as the DB2 administrative user by typing the following command: ./create_db2_database.sh database_name user_name -force where: database_name Is the required name of the database user_name Is the DB2 user that will be used to connect to the database Important: This user must not be the administrative user. This user must be an existing operating system and DB2 user. -force Is an optional argument that forces any DB2 users off the instance before the database is created. For example, to create a DB2 database called “ITNM” for the DB2 user “ncim”, type: ./create_db2_database.sh ITNM ncim After running create_db2_database.sh, restart the database as the DB2 administrative user as follows: run db2stop and then run db2start. 7. When running the Network Manager installer later on, make sure you select the option to configure an existing DB2 database. The Network Manager installer can then create the tables in the database either on the local or a remote host, depending on where your database is installed. 8. Optional: After the installation of Network Manager, if you want to use network management reports with Tivoli Common Reporting, you have the option of migrating the Cognos® content store database from the default Derby Chapter 2. Installing 45 database to DB2 using the create_db2_cognos_database.sh script. If you want to do so, follow the steps in “Migrating the Cognos content store from Derby to DB2” on page 240 after installation. 9. Optional: After the installation of Network Manager, if you are setting up DB2 on a different server to Network Manager, log in as the DB2 administrator on the DB2 client running on the Tivoli Integrated Portal server (default is db2inst9 if the DB2 runtime client is installed by Network Manager). Run the following script to catalog the database: ./catalog_db2_database.sh database_name host port where database_name Is the name of the NCIM database. host Is the hostname of the server where NCIM is installed port Is the port on which the NCIM database is running The following command shows an example usage of the script: ./catalog_db2_database.sh ITNM db2server.ibm.com 50000 Example of how the wrapper scripts search for a file Under the Bourne shell, when the wrapper scripts set up the environment variables for DB2, the scripts search for the following file and run it: $ITNMHOME/.db2sqllib. This file is automatically created during the install, and it first checks for the existence of a file called db2profile with which to set up the DB2 environment. If the file exists, it is run as shown in the following example: if [ -f /home/db2inst/sqllib/db2profile ] ; then . /home/db2inst/sqllib/db2profile fi The $ITNMHOME/.db2sqllib file is parsed by the setup_run_as_setuid_root.sh script to determine the location of the DB2 client libraries (see “Configuring the core components to run as non-root” on page 214). Related concepts: “About NCIM topology database high availability” on page 242 Network Manager allows you to configure the NCIM topology database for high availability, minimizing the impact of computer or network failure. The following sections provide an overview of NCIM topology database high availability and explain how to configure it. “Network Manager failover architecture (core processes)” on page 247 Failover of the Network Manager core processes can be implemented by setting up primary and backup Network Manager installations that run on different servers and domains. Both installations can either connect to a single Tivoli Netcool/OMNIbus ObjectServer or to a virtual pair of ObjectServers. 46 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Setting up NCIM to handle multibyte characters You must configure the NCIM database to handle multibyte characters, such as Simplified Chinese characters, if you want the NCIM database to store multibyte data. Such configuration is useful when, for example, you need to enter multibyte characters into the Description field of a poll definition. Ensure that you have the following settings for the NCIM database: DB2 If you are running Network Manager in a locale that supports multibyte characters, then there is no need to make any configuration changes. For example, both of the following locales support multibyte characters when NCIM is running on DB2: v LANG=zh_CN.gb18030 LC_ALL=zh_CN.gb18030 v LANG=en_US.utf8 LC_ALL=en_US.utf8 Related information: http://publib.boulder.ibm.com/infocenter/idshelp/v115/index.jsp?topic=/ com.ibm.glsug.doc/ids_gug_068.htm Installing Tivoli Common Reporting You must have Tivoli Common Reporting installed to run the network management reports provided by Network Manager. To enable network management reports, you must have Tivoli Common Reporting 2.1.1 installed. Network Manager installs the reports package required for network management reports on the server where the Network Manager GUI components are installed. If the chosen installation location for Network Manager already has existing Tivoli Integrated Portal and Tivoli Common Reporting instances, then Network Manager automatically configures the reports to be used with that Tivoli Common Reporting instance. If you do not have Tivoli Common Reporting installed when installing Network Manager, you can install Tivoli Common Reporting at a later date and configure the reports then. Attention: If you have an existing Tivoli Common Reporting installation, ensure you have the required repository for user authentication set up before installing the Network Manager GUI components. You cannot change the user authentication method with the Network Manager installer. For example, if you are planning to use the ObjectServer-based authentication and it is not configured yet on the existing Tivoli Integrated Portal installation used by your Tivoli Common Reporting instance, then install the Tivoli Netcool/OMNIbus Web GUI (included in the Network Manager package) into the existing Tivoli Integrated Portal installation, and select the option to enable ObjectServer-based authentication. Then install the Network Manager GUI component into the existing Tivoli Integrated Portal. To install Tivoli Common Reporting: 1. Download the Tivoli Common Reporting package. You can download Tivoli Common Reporting as an optional part from the Network Manager package. For more information, see the download document at http://www01.ibm.com/support/docview.wss?rs=3117&uid=swg24035480. Chapter 2. Installing 47 2. Go to the Tivoli Common Reporting documentation for information about installing Tivoli Common Reporting: http://pic.dhe.ibm.com/infocenter/ tivihelp/v3r1/index.jsp?topic=%2Fcom.ibm.tivoli.tcr.doc_211%2Fic-home.html 3. Install Tivoli Common Reporting on the host where the Network Manager GUI components will be installed. 4. Install Network Manager as described in “Installing Network Manager” on page 49. The Network Manager installation process automatically installs the network management reports package and configures the reports to work with Tivoli Common Reporting. Important: Stop Tivoli Common Reporting before installing Network Manager. As the user who installed Tivoli Common Reporting, run the following command from the TCR_component_dir/bin directory: ./stopTCRserver.sh <tip_admin_user> <password> 5. Optional: If you do not install Tivoli Common Reporting before installing Network Manager, you can configure the network management reports at a later date after installing Network Manager as described in “Configuring reports for existing installations” on page 239. Extracting the installation file If you have downloaded the installation file, you must extract the installation package before installing the product. Ensure that the directory in which you extract the installation package has general read and execute permissions (for example, 755 on UNIX systems). To extract the installation file, perform the following steps: Extract the file. v UNIX Type the following command: gunzip -d < installation_file.tar.gz | tar xvf - Checking system prerequisites You can use the Network Manager launchpad to perform an automated check of system prerequisites to determine whether your servers are suitable for installing the components you want to install. To use the launchpad, you need a browser that supports the launchpad installed on the server. Note: To use the launchpad, you must have the xterm command installed on this system. Important: The Network Manager V4.1 installer includes installation of DB2, either as a DB2 server for a single-server installation, or as a DB2 client to enable Network Manager V4.1 to talk to an existing DB2 server installation. If the installing user has an existing DB2 client already defined in their environment (for example, in the PATH or LD_LIBRARY_PATH environment variables) and this version of DB2 is different to the V10.1 version being used by Network Manager V4.1, then the existing DB2 client might interfere with the Network Manager V4.1 DB2 installation. Any references to an existing DB2 installation on the server should be removed from the environment of the user that is installing Network Manager V4.1. 48 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide The prerequisite checking utility performs a check to determine if there are any existing references to DB2 in the environment. To perform an automated check of system prerequisites: 1. Download and uncompress the installation package. 2. Start the launchpad. UNIX Run the launchpad.sh script v 3. Select the Prerequisite Information menu item. 4. Enter an installation location in the Installation Location box. 5. Select the components for which you want to check the prerequisites. 6. Click Check System Prerequisites. The results of the system prerequisites check are displayed, indicating whether the current server is suitable for installing your choice of components. Configuring Red Hat Linux Enterprise Edition Before you install on Red Hat Linux Enterprise Edition, you must disable SELinux. When Red Hat Enterprise Linux is installed, SELinux is optionally enabled. To disable SELinux, turn off SELinux enforcing by completing the following steps: 1. Open the following file: /etc/sysconfig/selinux 2. Find the following line: SELINUX=enforcing 3. Change it to SELINUX=disabled. 4. Restart the server. Installing Network Manager You can install Network Manager in different modes, depending on your requirement If you want to use an existing installation of Tivoli Netcool/OMNIbus, see “Configuring an existing Tivoli Netcool/OMNIbus installation on a remote server” on page 41. Attention: When installing Network Manager GUI components on a host that already has an existing Tivoli Integrated Portal installation, ensure you have the required repository for user authentication set up (file-based, ObjectServer-based, or LDAP authentication). You cannot change the user authentication method with the Network Manager installer. For example, if you are planning to use the ObjectServer-based authentication and it is not configured yet on the existing Tivoli Integrated Portal installation, then install the Tivoli Netcool/OMNIbus Web GUI (included in the Network Manager package) into the existing Tivoli Integrated Portal installation, and select the option to enable ObjectServer-based authentication. Then install the Network Manager GUI component into the existing Tivoli Integrated Portal. Chapter 2. Installing 49 Differences between basic and custom installation Performing a custom installation gives you many more options than a basic installation. Basic installation Choose a basic installation if the following criteria apply. v You are installing for demonstration or testing purposes. v The installation is for a small network. v You are installing all components on single server with default options. Note: A basic installation automatically performs a network discovery after installing. Custom installation Choose a custom installation if any of the following criteria apply. v The installation is for a medium or large network. v You need to distribute an installation over several servers. v The installation is for a network with advanced technologies such as Network Address Translation (NAT) or Multiprotocol Label Path Switching (MPLS). v You want to use an existing installation of Tivoli Netcool/OMNIbus. v You want to decide whether to install Tivoli Netcool/OMNIbus probes or the Netcool/OMNIbus Knowledge Library when installing a new Tivoli Netcool/OMNIbus or configuring the Network Manager installation to use an existing one. v You want to use an existing installation of Tivoli Integrated Portal. v You want to specify the context root of the URL used to access the Tivoli Integrated Portal (the default is /ibm/console). v You require failover. v You want to use an existing database for topology data, or you want to set up the database with non-default values (for example, different user name than the default). v FIPS 140–2 compliance is important to you. Note: A custom installation gives you the option to perform different types of network discoveries after installing. Note: During a custom installation, you must select at least one Network Manager component to install. You cannot use the Network Manager installer to install other products without installing at least one of the Network Manager components. The Network Manager installer only installs Tivoli Netcool/OMNIbus and a local DB2 in conjunction with the installation of Network Manager components, and does not install them in a stand-alone setup. For distributed installations, use the native installer of the products to ensure that the products are customized to the specific needs of the environment. 50 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide About a FIPS 140-2 installation Federal Information Processing Standard (FIPS) 140–2 is a US Federal cryptographic standard. You can install Network Manager using a restricted set of cryptographic algorithms. Important: Network Manager cannot be said to be compliant with the FIPS 140–2 standard, and nothing in this information or in the product should be understood as making this claim. However, Network Manager can be installed in a mode that has been designed with FIPS 140–2 specifications taken into consideration. You can install Network Manager using a restricted set of cryptographic algorithms by selecting the appropriate option from the Select Installation Options panel in the installation wizard. Restriction: If FIPS 140–2 compliance is important to you, you must use only version 7.3.1 or higher of IBM Tivoli Netcool/OMNIbus, and you must install IBM Tivoli Netcool/OMNIbus in FIPS mode. You must also ensure that all products integrating with Network Manager, such as IBM Tivoli Netcool/OMNIbus, have a FIPS mode, and you must configure the products if necessary. You must also check that your operating system uses only FIPS 140–2 compliant modules. Restriction: If you choose to install Network Manager using a restricted set of cryptographic algorithms, non-compliant features are not installed. You cannot change from a FIPS installation to a non-FIPS installation except by uninstalling and reinstalling the product. You also cannot change from a non-FIPS installation to a FIPS installation except by uninstalling and reinstalling the product. Differences in a FIPS 140–2 installation of Network Manager An FIPS 140–2 installation differs from a normal installation in the following ways: v The Telnet discovery agents do not use SSHv1 to interrogate devices. This might result in a failure to connect securely to a device if the device supports only SSHv1, or if the device only supports non-compliant SSHv2 algorithms. v The SNMP Helper and the MIB browser cannot be configured to use MD5 or DES encryption. v The Element Management Systems (EMS) collectors are not installed. Installing Network Manager using the wizard The easiest way to install Network Manager is by using the wizard. Before installing, ensure that you have performed any necessary pre-installation tasks, including checking that your servers are suitable for installing Network Manager. Note: To use the launchpad, you must have the xterm command installed on this system. Tip: The installation wizard takes focus when displaying windows. If you want to work in another window while the product is being installed, minimize the installation windows first. To start the installation wizard, perform the following steps. Chapter 2. Installing 51 1. Start the installer wizard from the launchpad. UNIX Run the launchpad.sh script. v a. Select the Installing Network Manager item from the menu. b. Select either a basic or custom installation by clicking the Start Basic Installation or Start Custom Installation button. A basic installation installs all components of the product onto a single server using default values. A basic installation is shorter and simpler than a custom installation and is suitable for small networks, small enterprise customers, and demonstration purposes. A basic installation automatically starts a network discovery when it finishes. A custom installation is suitable for medium to large networks, integrating with existing products, or multi-server installations. A custom installation gives you the option to start a network discovery when it finishes. Note: During a custom installation, you must select at least one Network Manager component to install. You cannot use the Network Manager installer to install other products without installing at least one of the Network Manager components. The Network Manager installer only installs Tivoli Netcool/OMNIbus and a local DB2 in conjunction with the installation of Network Manager components, and does not install them in a stand-alone setup. For distributed installations, use the native installer of the products to ensure that the products are customized to the specific needs of the environment. 2. If you cannot start the launchpad, start the installation wizard from the command line. v UNIX Run the install.sh script. You have the option of choosing a basic or custom installation when the installation wizard starts, in the Select Installation Type wizard panel, which is the fourth wizard panel to be displayed. 3. Enter the appropriate values in the wizard panels to install the product. For guidance on values to be entered, see the values for a basic or a custom installation, depending on your selection. At the end of a successful installation, the installer wizard displays the ports used by each product or component that was installed. The ports are also included in the NCHOME/log/install/Configuration.log file. Note: If you intend to migrate NCIM data to this Network Manager installation, do not start the processes at this time. Migrate the NCIM data first and then start the Network Manager processes from the command line. For more information, see Importing NCIM topology database data. Values for a basic installation Use this information to understand what values to enter in the wizard panels for a basic installation. A basic installation uses a restricted set of wizard panels to collect configuration information. The following table describes the values that you must enter for each panel. Note: The basic installation only installs the default DB2 database. To use an existing instance of a DB2 database , choose the custom installation option. 52 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Tip: Print out this table for ease of reference while you install the product. You can use this table to check that you have all the required information in advance, and to record important values that you enter. Table 7. Wizard panels and their values Wizard panel Value/option Description Introduction None After reading the introductory text, click Next. Validate system None This panel is only displayed if one or more of the system validation checks fail. If any error messages are displayed in this wizard panel, you must cancel the installation, fix the errors, and start the installation again. This system validation establishes whether the current server is suitable in general for installing network management software. The validation checks include checks for consistent DNS and for a minimum of available memory for the installation process itself. Software License Agreement I accept both the IBM and the non-IBM terms Select this option to continue the installation. I do not accept the terms in the license agreement If you select this option, you cannot continue installation. Tivoli Network Manager install location Use the default location or enter the location where you want Network Manager to be installed. Restriction: If you are upgrading Network Manager from a previous version, you must choose a different directory to the one that Network Manager is currently installed in. You cannot upgrade Network Manager by overwriting files. Select Installation Location Permitted characters in the installation path are alphanumeric (A-Z, a-z, 0-9), dashes, underscores, periods, colons, slashes, and spaces. Chapter 2. Installing 53 Table 7. Wizard panels and their values (continued) Wizard panel Value/option Description Collect Default Installation Information Netcool Domain Name Enter a name to be used as a network domain by Network Manager. Enter a descriptive name, for example, TESTNETWORK. The domain name must consist of between one and 29 characters (letters, numbers, or both), with the letters all capitals, no spaces, and no special characters. Make a note of the domain name, because it is used when starting components manually. Domain name: 54 Administrative Password Enter a password to be used as the Tivoli Netcool/OMNIbus ObjectServer root password, the topology database administrator password, and the password for the default user accounts itnmadmin and itnmuser. The password must consist of between four and eight ASCII characters, and must match any password requirements that are applicable on the machine where you are installing. Restriction: The password must not start with a dollar sign ($). Confirm Password Re-enter the administrative password. IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 7. Wizard panels and their values (continued) Wizard panel Value/option Description Collect Port Connection Information Netcool/OMNIbus ObjectServer Port Enter the port that you want to use for the ObjectServer, or accept the default value. If you are connecting to a failover pair of ObjectServers, specify details for the virtual Objectserver here. Tivoli Integrated Portal HTTP Port Enter the port that you want to use for the Tivoli Integrated Portal, or accept the default value. Make a note of the port number, because you use this to connect to the Web applications. HTTP port: DB2 database port Enter the port that you want to use for the database, or accept the default value. Collect SNMP V1/V2 Community Strings List of community strings When the installation finishes, a simple discovery of the local subnet is started. Enter up to six SNMP community strings (passwords). These community strings are needed by the discovery process in order to get SNMP information from devices on your network. To reduce discovery time, list the community strings in order, from most frequently to least frequently used. Public is installed by default. Pre-Installation Summary None Review the information about the components that will be installed. Click Next to run a final prerequisite check before installation. Chapter 2. Installing 55 Table 7. Wizard panels and their values (continued) Wizard panel Value/option Prerequisite Checking Results None Description Review the results of the prerequisite check. This prerequisite check establishes whether the current server is suitable for installing the specific components that you have chosen. If there are any serious errors, you must cancel the installation, fix the errors, and start the installation again. If there are no serious errors, click Install to install your chosen components. When prompted, accept any license agreements to continue. Values for a custom installation Use this information to understand what values to enter in the wizard panels for a custom installation. A custom installation uses different panels to collect configuration information depending on the choices you make. The following table describes the values that you must enter for each panel. Tip: Print out this table for ease of reference while you install the product. You can use this table to check that you have all the required information in advance, and to record important values that you enter. Table 8. Wizard panels and their values Wizard panel When panel is displayed Value/option Description Introduction Always displayed. None After reading the introductory text, click Next. Validate system Displayed if the system fails validation. None This panel is only displayed if one or more of the system validation checks fail. Cancel the installation, fix the errors, and start the installation again. This system validation establishes whether the current server is suitable in general for installing network management software. The validation checks include checks for consistent DNS and for a minimum of available memory for the installation process itself. 56 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Description Software License Agreement Always displayed. I accept both the IBM and the non-IBM terms Select this option to continue the installation. I do not accept the terms in the license agreement If you select this option, you cannot continue installation. Tivoli Network Manager install location Use the default location or enter the location where you want Network Manager to be installed. Restriction: If you are upgrading Network Manager from a previous version, you must choose a different directory to the one that Network Manager is currently installed in. You cannot upgrade Network Manager by overwriting files. Select Installation Location Always displayed. Permitted characters in the installation path are alphanumeric (A-Z, a-z, 0-9), dashes, underscores, periods, colons, slashes, and spaces. Chapter 2. Installing 57 Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Description Select Installation Options Always displayed. Number of Servers > Single Server Installation Select this option to install Network Manager, the DB2 topology database, and the GUI components (the Network Manager Web applications and the Tivoli Integrated Portal) on the current server. If you have obtained Tivoli Netcool/OMNIbus V7.4 and have the installation package available, you can also install Tivoli Netcool/OMNIbus V7.4 using this option. Note: If you create a subdirectory called OMNIbus in the top-level directory of the extracted Network Manager installation package and place the Tivoli Netcool/OMNIbus image there, the Network Manager installer installs Tivoli Netcool/OMNIbus regardless of version. 58 Number of Servers > Multi-server Installation Select this option to choose which components to install on the current server. Default values > Accept default settings Select this option to minimize the number of wizard panels displayed. Default values > Customize settings Select this option to be able to customize every installation option. FIPS Compliance > Use FIPS 140–2 compliant cryptographic routines Select this option if you want to install using cryptographic routines from a validated cryptographic module. If you select this option there are restrictions to the product functionality (as described in “About a FIPS 140-2 installation” on page 51). IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Description Select Components to Install Displayed for multi-server installations. Core components Select whether to install the Network Manager network discovery, polling, root cause analysis and event enrichment components on this server. Web Applications Also referred to in the documentation as "GUI components". Select this option if you want to install the Network Manager Web applications on this server. If the Tivoli Integrated Portal is not already installed, it is installed with the Web applications. If there is an existing installation of the Tivoli Integrated Portal on this server, you can choose to use it in a later panel. Note: You must select at least one Network Manager component to install. You cannot use the Network Manager installer to install other products without installing at least one of the Network Manager components. The Network Manager installer only installs Tivoli Netcool/OMNIbus and a local DB2 in conjunction with the installation of Network Manager components, and does not install them in a stand-alone setup. For distributed installations, use the native installer of the products to ensure that the products are customized to the specific needs of the environment. Chapter 2. Installing 59 Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Description Select Components to Install (continued) Displayed for multi-server installations. Tivoli Netcool/OMNIbus You have the following options: 1. If you want to install Tivoli Netcool/OMNIbus on the same server as Network Manager, and set it up for use with this instance of Network Manager, select the option to install Tivoli Netcool/OMNIbus on this server. You can later provide details for the installation in the Collect Netcool/OMNIbus Installation Details panel. You must have already downloaded V7.3.1 or later to this server. If you want to install and configure a Tivoli Netcool/OMNIbus version other than 7.4, create a subdirectory called OMNIbus in the top-level directory of the extracted Network Manager installation package, and extract the downloaded Tivoli Netcool/OMNIbus package into this directory. Note: You do not need to create the subdirectory if you have downloaded version 7.4. If the installer cannot locate the Tivoli Netcool/OMNIbus 7.4 package, the installer asks for the location of the package. 60 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide 2. If you want to configure an existing Tivoli Netcool/OMNIbus installation on the server where you are installing Network Manager, select the option to configure an existing Tivoli Netcool/OMNIbus installation on this server for use with Network Manager. You can later provide details for the setup in the Configure existing ObjectServer panel. Note: Tivoli Netcool/OMNIbus must already be installed on this server. Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Description Select Components to Install (continued) Displayed for multi-server installations. Tivoli Netcool/OMNIbus (continued) 3. If you want to use an ObjectServer running on a different server to this one where you are installing Network Manager, select the option to connect to an existing Tivoli Netcool/OMNIbus installation on a another server. You can later provide details for the connection in the Connect to Existing ObjectServer panel. 4. You can also select not to install, configure, or connect to an ObjectServer by selecting the option not to install or configure Tivoli Netcool/OMNIbus at this time. Select Components to Install (continued) Displayed for multi-server installations. Topology database Choose to install a DB2 database on this host to use as the Network Manager topology database, or connect to an existing DB2 database to use as the topology database. Note: DB2 can only be installed by the root user. If you are installing Network Manager as non-root, there is an additional post-installation step: You must log in as root after completing the Network Manager installation and complete the DB2 installation on the system. See “Installing and configuring DB2 after a non-root installation” on page 216 Chapter 2. Installing 61 Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Get Netcool/OMNIbus Package Location Enter the location of the Displayed if you selected a Choose directory single server installation or containing the downloaded package or if you selected Install event Netcool/OMNIbus package installation media. The Network Manager installer management software in a multi-server installation. requires Tivoli Netcool/OMNIbus 7.4 packages and if it does not find them it asks for the location of the Tivoli Netcool/OMNIbus image. Note: If you create a subdirectory called OMNIbus in the top-level directory of the extracted Network Manager installation package and place the Tivoli Netcool/OMNIbus image there, the Network Manager installer installs Tivoli Netcool/OMNIbus regardless of version. 62 Value/option IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Description Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Description Collect Default Installation Information Displayed if you selected Accept Default Settings. Netcool Domain Name Enter a name to be used as a network domain by Network Manager. Enter a descriptive name, for example, TESTNETWORK. The domain name must consist of between one and 29 characters (letters, numbers, or both), with the letters all capitals, no spaces, and no special characters. Make a note of the domain name, because it is used when starting components manually. Domain name: Administrative Password Enter a password to be used as the Tivoli Netcool/OMNIbus ObjectServer root password, the topology database administrator password, and the password for the default user accounts itnmadmin and itnmuser. The password must consist of between four and eight ASCII characters, and must match any password requirements that are applicable on the machine where you are installing. Confirm Password Re-enter the administrative password. Chapter 2. Installing 63 Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Description Collect Port Connection Information Displayed if you selected Accept Default Settings. Netcool/OMNIbus ObjectServer Port Enter the port that you want to use for the ObjectServer, or accept the default value. Tivoli Integrated Portal HTTP Port Enter the port that you want to use for the Tivoli Integrated Portal, or accept the default value. Make a note of the port number, because you use this to connect to the Web applications. HTTP port: Collect Netcool/OMNIbus Installation Details 64 Displayed if you chose to installTivoli Netcool/OMNIbus and selected Customize Settings. DB2 database port Enter the port that you want to use for the database, or accept the default value. Netcool/OMNIbus ObjectServer name Enter a name to use for the ObjectServer that is being installed. The name must not contain spaces. Netcool/OMNIbus ObjectServer port Enter a port to use for the ObjectServer that is being installed. The port must not currently be in use. Netcool/OMNIbus administrator account password Enter a password for the administrator account. Confirm password Confirm the password for the administrator account. Install the following Netcool/OMNIbus components Select the Tivoli Netcool/OMNIbus probes or the Netcool/OMNIbus Knowledge Library if you want to install them as part of the process. Clear the selection of the ones you do not want to install. IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Description Configure existing ObjectServer Displayed if you chose to configure an existing installation of Tivoli Netcool/OMNIbus on this server. Netcool/OMNIbus installation location (OMNIHOME) The location on this server where Tivoli Netcool/OMNIbus is installed. Netcool/OMNIbus ObjectServer name Enter the name of the ObjectServer that you want this installation to configure. If you are connecting to a failover pair of ObjectServers, specify the details of the virtual ObjectServer here. Netcool/OMNIbus ObjectServer port Enter the port used by the ObjectServer. If you are connecting to a failover pair of ObjectServers, specify the details of the virtual ObjectServer here. Netcool/OMNIbus administrator account name Enter the user name for the administrator account. Netcool/OMNIbus administrator account password Enter the password for the administrator account. Confirm password Confirm the password for the administrator account. Install the following Netcool/OMNIbus components Select the Tivoli Netcool/OMNIbus probes or the Netcool/OMNIbus Knowledge Library if you want to install them as part of the process. Clear the selection of the ones you do not want to install. Attention: Using the Network Manager installer to configure an existing Tivoli Netcool/OMNIbus on the same server also installs probes and the Netcool/OMNIbus Knowledge Library unless you choose not to. If you do not want to overwrite your existing probe and Netcool/OMNIbus Knowledge Library customizations, ensure you do not select to install these Tivoli Netcool/OMNIbus components during the installation. Chapter 2. Installing 65 Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Description Connect to Existing ObjectServer Displayed if you chose to connect to an existing installation of Tivoli Netcool/OMNIbus on another server. Note: Ensure you have configured this existing installation of Tivoli Netcool/OMNIbus before installing Network Manager, as described in “Configuring an existing Tivoli Netcool/OMNIbus installation on a remote server” on page 41. Note: If you choose to connect to an existing Tivoli Netcool/OMNIbus on another server, you might need to complete additional post-installation tasks, as described in “Configuring Tivoli Netcool/OMNIbus for use with Network Manager” on page 151. Netcool/OMNIbus server host name Enter the name of the system where the Tivoli Netcool/OMNIbus installation to use is located. Netcool/OMNIbus ObjectServer name Enter the name of the ObjectServer that you want this installation to connect to. If you are connecting to a failover pair of ObjectServers, specify the details of the virtual ObjectServer here. Netcool/OMNIbus port Enter the port used by the ObjectServer. If you are connecting to a failover pair of ObjectServers, specify the details of the virtual ObjectServer here. Netcool/OMNIbus administrator account password Enter the password for the administrator account. Confirm password Confirm the password for the administrator account. Displayed if you selected Install User Console and Customize Settings. Choose an install folder Choose a location for the Tivoli Integrated Portal to be installed. Select this option if the Tivoli Integrated Portal is not already installed on this server. Reuse an existing install folder Click reuse, and select the directory path of an existing installation of the Tivoli Integrated Portal. If the Tivoli Integrated Portal is not installed on the server, this option is not available. Select installation directory for TIP 66 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Collect Tivoli Integrated Portal Installation Details TIP HTTP port Displayed if you selected Install User Console and Customize Settings, and then you selected Choose an install folder in the Select Installation Directory for TIP panel. Description Enter the port to be used for the Tivoli Integrated Portal. Make a note of the port number, because you use this to connect to the Web applications. HTTP port: TIP console context root The context root determines the URL that users supply to access the Tivoli Integrated Portal and hence Network Manager. The default is /ibm/console. TIP administrator account name Enter a name to be used for the Tivoli Integrated Portal administrator account. TIP administrator account password Enter a password to be used for the Tivoli Integrated Portal administrator account. Confirm password Confirm the password for the administrator account. Select the initial authentication method to use Select Internal (File-based) or ObjectServer, depending on which repository you want to use for authenticating Tivoli Integrated Portal users. Note: To use LDAP for authentication, select either of the options and configure LDAP authentication after installation as described in in section Configuring user authentication of the IBM Tivoli Netcool/OMNIbus Installation and Deployment Guide. Chapter 2. Installing 67 Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Collect Tivoli Integrated Portal Reuse details TIP HTTP port Displayed if you selected Install User Console and Customize Settings, and then you selected Reuse an existing install folder in the Select Installation Directory for TIP panel. Description Enter the port to be used for the Tivoli Integrated Portal. Make a note of the port number, because you use this to connect to the Web applications. HTTP port: 68 TIP administrator account name Enter a name to be used for the Tivoli Integrated Portal administrator account. TIP administrator account password Enter a password to be used for the Tivoli Integrated Portal administrator account. Confirm password Confirm the password for the administrator account. IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Description Collect Network Manager Installation Details Displayed if Network Manager is being installed and you selected Customize Settings. Network Manager Domain Enter a name to be used as Name a network domain by Network Manager. Enter a descriptive name, for example, TESTNETWORK. The domain name must consist of between one and 11 characters (letters, numbers, or both), with the letters all capitals, no spaces, and no special characters. Make a note of the domain name, because it is used when starting components manually. Make a note of the domain name, because it is used when starting components manually. Domain name: Attention: The domain name is mandatory. You must enter a value. Discover subnet Select this option if you want the installation process to start a network discovery of your local subnet. Seed Discovery from IBM Tivoli NetView Installation Select this option if you want the installation process to start a network discovery using information that you already exported from an IBM Tivoli NetView installation. Seed Discovery from other Select this option if you want the installation network management application process to start a network discovery using information from another network management application. None Select this option if you want to complete the installation process without starting a discovery. If you choose not to start a discovery now, you can start a discovery later using the Discovery Status GUI. Note: The domain name is mandatory. You must enter a value under Network Manager Domain Name previously even if you do not want to start a discovery after installation. Chapter 2. Installing 69 Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Description Collect Initial Discovery Information Displayed if you chose to discover your local subnet. IP address of the subnet to Enter the IP address of the be discovered subnet to be discovered. Only IPv4 addresses can be entered here. Netmask Enter the netmask of the subnet. For a class C subnet, this is 255.255.255.0. Collect SNMP V1/V2 Community Strings Displayed if you chose to discover your local subnet. List of community strings Enter up to six SNMP community strings (passwords). These community strings are needed by the discovery process in order to get SNMP information from devices on your network. To reduce discovery time, list the community strings in order, from most frequently to least frequently used. Get NetView Discovery Data Displayed if you chose to use NetView® data to seed your discovery. Full name of the NetView migration script output Enter the location of the output of the IBM Tivoli NetView migration script that you ran from the Launchpad as part of the installation prerequisites. Full name of the file containing the network nodes Enter the location of the file that contains a list of nodes in your network. The file must be in a format that can be parsed by the File finder, for example, a text file containing a list of IP addresses and hostnames separated by spaces. Full name of the file containing the SNMP community strings Enter the location of the file that contains a list of community strings used in your network. Get Generic Discovery Data Displayed if you chose to use information from another network management application to seed your discovery. 70 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Description Collect DB2 Installation Details Displayed if a DB2 database is being installed. DB2 database port Enter a port to be used for connections to the DB2 database. The port must not currently be in use. The default is 50000. DB2 database name Enter a name for use as the DB2 database name. The default is ITNM. DB2 database account name Enter the name of the system account to be used to access the DB2 database. The name must be in lowercase letters and numbers. The default is ncim. Note: Do not use an existing account. If the database account already exists on the operating system, an error message is displayed and you must ensure you create a new account to continue. DB2 database account password Enter a password for the DB2 database account. Restriction: The password must not start with a dollar sign ($). Confirm Password Re-enter the database password. Create tables to hold topology data in selected database Select this option to configure the selected topology database. You only need to do this once for any topology database. If you have already installed a component of Network Manager and selected this option in a previous installation, do not select this option now. Create Network Manager Topology database tables Displayed if a DB2 database is not being installed. Chapter 2. Installing 71 Table 8. Wizard panels and their values (continued) Wizard panel When panel is displayed Value/option Connect to Existing DB2 Database Displayed if an existing DB2 database server host DB2 database is being used name for topology data. Description Enter the name of the server on which the DB2 database is installed. DB2 database port Enter the ports that is used for connections to the DB2 database. DB2 database name Enter the name for the DB2 database. DB2 database account name Enter the name of the DB2 administrator account. DB2 database account password Enter the password for the DB2 administrator account. Confirm Password Re-enter the administrative password. Pre-Installation Summary Always displayed. None Review the information about the components that will be installed. Click Next to run a final prerequisite check before installation. Prerequisite Checking Results Always displayed. None Review the results of the prerequisite check. This prerequisite check establishes whether the current server is suitable for installing the specific components that you have chosen. If there are any serious errors, you must cancel the installation, fix the errors, and start the installation again. If there are no serious errors, click Install to install your chosen components. When prompted, accept any license agreements to continue. Installing Network Manager in console mode If you cannot run the GUI-based installation wizard, then install Network Manager in console mode. When you install in console mode, you specify installation options by responding to menus and prompts in a text-based user interface. To run the installer in console mode, complete the following tasks: 1. Run the installation script with the -i console option. v UNIX Enter the following command: install.sh -i console 2. Make the appropriate selections, and select to perform a basic or custom installation. 72 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide 3. Follow the prompts, using the same values as for a GUI-based basic or custom installation, depending on your choice. Note: During a custom installation, you must select at least one Network Manager component to install. You cannot use the Network Manager installer to install other products without installing at least one of the Network Manager components. The Network Manager installer only installs Tivoli Netcool/OMNIbus and a local DB2 in conjunction with the installation of Network Manager components, and does not install them in a stand-alone setup. For distributed installations, use the native installer of the products to ensure that the products are customized to the specific needs of the environment. 4. At any time, type back to return to the previous screen, or quit to exit the installer. At the end of a successful installation, the installer records in NCHOME/log/install/Configuration.log the ports used by each product or component that was installed. Note: If you intend to migrate NCIM data to this Network Manager installation, do not start the processes at this time. Migrate the NCIM data first and then start the Network Manager processes from the command line. For more information, see Importing NCIM topology database data. Related reference: “Values for a basic installation” on page 52 Use this information to understand what values to enter in the wizard panels for a basic installation. “Values for a custom installation” on page 56 Use this information to understand what values to enter in the wizard panels for a custom installation. Installing Network Manager in silent mode In silent mode, the installer reads the configuration information from a file, and does not prompt you for any information. You can run the installer in silent mode if, for example, you want to deploy Network Manager with identical installation options on multiple machines, or when you are installing on a system that has no access to any GUI. You cannot cancel a silent installation once it has started. The silent mode of installation is a two-step operation that requires you to define your installation settings in a response file and then run the installation program with the settings in this file. To install in silent mode, complete the following steps. 1. Create a response file that defines the features you want to install. You have the following options to create the response file: Option Description Create a response file using the launchpad “Creating a response file using the launchpad” on page 74 Create a response file by editing the sample file provided “Creating a response file using sample file” on page 75 Chapter 2. Installing 73 Option Description Create a response file by running the installer in console mode You can create a response file by running the installer in console mode and answering yes to the question Generate Silent Response File? when prompted. You can then create a silent response file interactively by answering on-screen questions without using a GUI. Console mode then creates a file named silent-install.txt in the directory you specify as the installation directory. The default is /opt/IBM/tivoli/netcool. See “Installing Network Manager in console mode” on page 72 2. After you have created the response file, start the installation script for your operating system: v UNIX Start the install.sh script using the following command: install.sh -i silent -f path to response file At the end of a successful installation, the installer records in NCHOME/log/install/Configuration.log the ports used by each product or component that was installed. Note: If you intend to migrate NCIM data to this Network Manager installation, do not start the processes at this time. Migrate the NCIM data first and then start the Network Manager processes from the command line. For more information, see Importing NCIM topology database data. Creating a response file using the launchpad You can create the response file for your silent installation using the launchpad. To create the response file using the launchpad: 1. Go to the directory where you extracted the Network Manager installation package. 2. Start the launchpad. UNIX Run the launchpad.sh script. v 3. Click Installing Network Manager. 4. Expand Create a Response File for Silent Installation and click Generate a response file for a basic installation or Generate a response file for a custom installation depending on whether you want to perform a basic or a custom installation silently later on. 5. Follow the instructions on the panels to enter values for the response file. The panels are the same as when you install Network Manager using the wizard. Tip: Check the values for basic or custom installation topics to understand the values to enter in the wizard panels. 6. Save the file. Run the installation script with the silent command line option and full path to this file. 74 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Related reference: “Values for a basic installation” on page 52 Use this information to understand what values to enter in the wizard panels for a basic installation. “Values for a custom installation” on page 56 Use this information to understand what values to enter in the wizard panels for a custom installation. Creating a response file using sample file You can create the response file for your silent installation by editing the sample file provided. To create the response file by editing the sample: 1. Back up the sample response file. The sample response file, ITNM-sample-response.txt, is in the top level directory, wherever the installation package was extracted. 2. Edit the sample response file in a text editor. a. Uncomment any parameters that you want to use by removing the hash character # at the beginning of the line. b. Check the default values of the parameters and set new values as necessary. c. Replace all instances of --UserInput-- with the appropriate values. 3. Save the file in a convenient location, for example, in the same directory as the Network Manager INSTALL script. Run the installation script with the silent command line option and full path to this file. Sample response file parameters for silent mode installation: Use this information to understand how to edit the response file for a silent installation. List of response file parameters The following table lists the parameters provided in the default response file for silent installation in the order in which they appear in the file. Table 9. Response file parameters Parameter Default value Description INSTALLER_UI SILENT Do not change this value or remove this line. SingleServer 0 Do not change this value or remove this line. DefaultValues 0 Do not change this value or remove this line. Chapter 2. Installing 75 Table 9. Response file parameters (continued) Parameter Default value Description $LICENSE_ACCE PTED$ false To accept the license agreement, uncomment the variable and change the value to true. If the LICENSE_ACCEPTED is anything other than true, the installation will exit and no log will be produced and no indication of failure provided. By removing the # sign before #LICENSE_ACCEPTED=false and changing false to true you have signified acceptance of the Network Manager license agreement. USER_INSTALL_ DIR /opt/IBM/tivoli/ netcool If you are installing on UNIX, provide the fully qualified path to the directory where you want to install the product. installOMNI 0 Set the value as follows: v Set the value to 1 to install and configure Tivoli Netcool/OMNIbus, the necessary Tivoli Netcool/OMNIbus probes, and the IBM Tivoli Netcool/OMNIbus Knowledge Library. v Set the value to 2 to configure an existing Tivoli Netcool/OMNIbus that is already installed on this system. v Set the value to 3 to connect to an existing Tivoli Netcool/OMNIbus without configuring it. v Set the value to 0 if you do not want to install, configure, or connect to Tivoli Netcool/OMNIbus at this time. Attention: Using the Network Manager installer to configure an existing Tivoli Netcool/OMNIbus also installs the SNMP probe and the Netcool/OMNIbus Knowledge Library. If you do not want to overwrite your existing SNMP probe and Netcool/OMNIbus Knowledge Library customizations, you must set the installOMNI value to 0. After the installation of Network Manager, copy the installation package to the server where your existing Tivoli Netcool/OMNIbus installation is, and run the ConfigOMNI script to configure your Tivoli Netcool/OMNIbus, but ensure you do not select options to configure the SNMP probe or the Netcool/OMNIbus Knowledge Library. For more information, see “Configuring an existing Tivoli Netcool/OMNIbus installation on a remote server” on page 41. installTIP 76 0 Set the value to 1 to install and configure the Tivoli Integrated Portal, the Tivoli Netcool/OMNIbus Web GUI, and the Network Manager Web applications. IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 9. Response file parameters (continued) Parameter Default value Description installITNM 0 Set the value to 1 to install and configure the Network Manager core components (the root cause analysis, event gateway, discovery and polling engines). installNCIM 0 Set the value to 1 to install and configure DB2 for use as the topology database. IAGLOBAL_comply 0 FIPS Set the value to 1 to use cryptographic routines that have been designed with FIPS 140–2 compliance in mind. IALOCAL_ITNM_ PASSWORD --UserInput-- Provide a password for the default itnmadmin and itnmuser user accounts. If the IDS database account already exists on the operating system, enter the password used to access it. PACKAGE.DIR. NCO --UserInput-- If IBM Tivoli Netcool/OMNIbus is being installed on this system (in this case you would have set the installOMNI to 1 above) and the package is not in the same location as the install media, uncomment the PACKAGE.DIR.NCO variable, and change "--UserInput--" to the full path name where the Tivoli Netcool/OMNIbus package can be found on the system. Then uncomment the PACKAGE.NCO variable and change "--UserInput--" to the name of the directory or file containing Tivoli Netcool/OMNIbus. Note: The installer looks for the name plus a .tar, .tar.gz, .tar.Z or .zip suffix automatically, so do not add a suffix to the file name. PACKAGE.NCO --UserInput-- See the instructions for the PACKAGE.DIR.NCO parameter. OMNIHOME /opt/IBM/tivoli/ netcool/omnibus On UNIX, if IBM Tivoli Netcool/OMNIbus is already installed on this system and you wish to configure it for use with Network Manager (in this case you would have set the installOMNI to 2 above), complete the following tasks: 1. Uncomment the OMNIHOME variable for a UNIX directory. 2. Provide the full path name of the directory that contains Tivoli Netcool/OMNIbus. IAGLOBAL_OBJE CTSERVER_PRI MARY_HOST --UserInput-- If this installation will be connecting to an existing IBM Tivoli Netcool/OMNIbus (in this case you would have set the installOMNI to 0 above), then uncomment the IAGLOBAL_OBJECTSERVER_PRIMARY_ HOST and provide the short name or IP address of the server where IBM Tivoli Netcool/OMNIbus is already installed. Chapter 2. Installing 77 Table 9. Response file parameters (continued) Parameter Default value Description IAGLOBAL_OBJE CTSERVER_PRI MARY_NAME --UserInput-- Enter the name of the ObjectServer that is being installed, or that you want this installation to connect to. IAGLOBAL_OBJE CTSERVER_PRI MARY_PORT 4100 Enter the port for the ObjectServer that is being installed, or that you want this installation to connect to. IAGLOBAL_OBJE CTSERVER_USER root Enter the administrative user name for the ObjectServer that is being installed, or that you want this installation to connect to. IALOCAL_OBJEC TSERVER_PASS WORD --UserInput-- Enter the administrative password of the ObjectServer that is being installed, or that you want this installation to connect to. Install_SYSLOG 0 Specifies whether to install the SYSLOG probe during the installation process. Set value to 1 if you want to install the probe, or set to 0 if you do not. Install_SNMPD 0 Specifies whether to install the SNMPD probe during the installation process. Set value to 1 if you want to install the probe, or set to 0 if you do not. Install_NCKL 1 Specifies whether to install the Netcool/OMNIbus Knowledge Library during the installation process. Set value to 1 if you want to install the library, or set to 0 if you do not. IAGLOBAL_WAS _defaulthost 16310 Enter the port to be used for the Tivoli Integrated Portal. Make a note of the port number, because you use this to connect to the Web applications. 78 IAGLOBAL _CONSOLE _CONTEXT_ROOT /ibm/console Specify the context root that determines the URL that users supply to access the Tivoli Integrated Portal and hence Network Manager. IAGLOBAL_WAS UserID tipadmin Enter a name to be used for the Tivoli Integrated Portal administrator account. IALOCAL_WAS Password --UserInput-- Enter a password to be used for the Tivoli Integrated Portal administrator account. TIP_INSTALL_DIR /opt/IBM/tivoli/tip If you are installing on UNIX, provide the fully qualified path to the directory where you want to install the Tivoli Integrated Portal. IAGLOBAL_INST ALL_LOCATION_ SELECTION create Set to create if you want to install the Tivoli Integrated Portal. Set to reuse if you want to use an existing Tivoli Integrated Portal. IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 9. Response file parameters (continued) Parameter Default value Description IAGLOBAL_WUI_ HOME /opt/IBM/ WebSphere/ UpdateInstaller On UNIX systems, if you are using an existing Tivoli Integrated Portal and set IAGLOBAL_INSTALL_LOCATION_ SELECTION to reuse, then uncomment this parameter and provide the fully qualified path to the directory where the WAS Update Installer is located. If the WAS Update Installer has not been installed on the system, you can find the installation package in the top-level directory of the Network Manager installation media. authOMNI 1 Set this parameter to 1 to use the ObjectServer for authentication for Tivoli Integrated Portal users. If this parameter is not set or set to 0, then the default internal file-based repository is used for authentication. To use LDAP for authentication, set to either of the values and configure LDAP authentication after installation as described in in section Configuring user authentication of the IBM Tivoli Netcool/OMNIbus Installation and Deployment Guide. IAGLOBAL_PREC ISION_DOMAIN0 --UserInput-- Enter a name to be used as a network domain by Network Manager. Enter a descriptive name, for example, TESTNETWORK. The domain name must consist of between one and 11 characters (letters, numbers, or both), with the letters all capitals, no spaces, and no special characters. Make a note of the domain name, because it is used when starting components manually. UI_Initial_Discovery 0 Set to 1 if you want the installation process to start a network discovery of your local subnet. UI_Import_Netview 0 Set to 1 if you want the installation process to start a network discovery using information that you already exported from an IBM Tivoli NetView installation. UI_Import_Other 0 Set to 1 if you want the installation process to start a network discovery using information from another network management application. UI_No_Discovery 1 Set to 1 if you want to complete the installation process without starting a discovery. If you choose not to start a discovery now, you can start a discovery later the using the Discovery Configuration GUI. Chapter 2. Installing 79 Table 9. Response file parameters (continued) 80 Parameter Default value Description UI_Subnet --UserInput-- If you have selected to start a discovery, enter the IP address of the subnet to be discovered. Only IPv4 addresses can be entered here. UI_Netmask 255.255.255.0 If you have selected to start a discovery, enter the netmask of the subnet. For a class C subnet, this is 255.255.255.0. UI_SNMP_1 --UserInput-- If you have selected to start a discovery, you can enter up to six SNMP community strings (passwords). UI_SNMP_2 --UserInput-- If you have selected to start a discovery, you can enter up to six SNMP community strings (passwords). UI_SNMP_3 --UserInput-- If you have selected to start a discovery, you can enter up to six SNMP community strings (passwords). UI_SNMP_4 --UserInput-- If you have selected to start a discovery, you can enter up to six SNMP community strings (passwords). UI_SNMP_5 --UserInput-- If you have selected to start a discovery, you can enter up to six SNMP community strings (passwords). UI_SNMP_6 --UserInput-- If you have selected to start a discovery, you can enter up to six SNMP community strings (passwords). UI_Network_Nodes --UserInput-- Enter the location of the output of the IBM Tivoli NetView migration script that you ran from the Launchpad as part of the installation prerequisites. UI_Network_Nodes --UserInput-- If you are seeding discovery from another Network Manager installation, enter the location of the file that contains a list of nodes in your network. UI_SNMP_Strings --UserInput-- If you are seeding discovery from another Network Manager installation, enter the location of the file that contains a list of community strings used in your network. IAGLOBAL_NCI M_SERVER db2 Enter the name of the server on which to install the NCIM topology database. IAGLOBAL_NCI M_CREATE yes Set to no if you want to use an existing NCIM topology database. IAGLOBAL_NCI M_PORT 50000 Enter the port for the NCIM topology database. IAGLOBAL_NCI M_USERNAME ncim Enter the username for the administrator account for the NCIM topology database. IALOCAL_NCIM_P --UserInput-ASSWORD Enter the password for the administrator account for the NCIM topology database. connectDB2 Uncomment this line if you want to use an existing DB2 database to hold the topology data. 1 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 9. Response file parameters (continued) Parameter Default value Description IAGLOBAL_NCI M_HOST --UserInput-- If you are using an existing database to hold the topology data, enter the name or IP address of the host where the database is installed. IAGLOBAL_NCI M_CREATE yes If you are using an existing database to hold the topology data, set this value to yes in order to create the NCIM database tables. Set this value to no if the NCIM database tables already exist. IAGLOBAL_NCI M_PORT 50000 If you are using an existing database to hold the topology data, enter the port used by the database. IAGLOBAL_NCI M_DBNAME ITNM If you are using an existing DB2 database to hold the topology data, enter the name of the DB2 database instance that holds the topology data. IAGLOBAL_NCI M_USERNAME ncim This is the user that the product uses to connect to the database. Do not change this value. IALOCAL_NCIM_P --UserInput-ASSWORD Enter the password for the ncim user. StartDaemons Uncomment this line if you want to start Network Manager before the installer exits. Start IBM Tivoli Network Manager before exiting Postinstallation tasks After installing Network Manager, you might need to perform some postinstallation tasks. Make sure you have successfully installed Network Manager. To perform postinstallation tasks: 1. Ensure your Network Manager installation has completed. 2. Optional: If you want to use an existing installation of Tivoli Netcool/OMNIbus (version 7.3.1 or 7.4) that is configured for a previous version of Network Manager (version 3.9 or earlier), you must follow additional post-installation steps to set up the automation for service-affected events (SAE), as described in “Configuring automation for SAEs” on page 152. 3. Depending on the additional settings required, perform the steps in the following topics: Option Description Configuring LDAP for user authentication After a successful installation of Network Manager, you can configure LDAP for user authentication, as described in in section Configuring user authentication of the IBM Tivoli Netcool/OMNIbus Installation and Deployment Guide Chapter 2. Installing 81 Option Description Non-root postinstallation tasks (UNIX only) v DB2 can only be installed by the root user. If you installed Network Manager as non-root and you also selected DB2 to be installed on the same server as part of the installation, perform the steps described in “Installing and configuring DB2 after a non-root installation” on page 216 v If you want to use an existing DB2 installation for your topology database either on the same server where Network Manager is installed or on a different server, you must install the DB2 runtime client as described in “Configuring connection to existing DB2” on page 217. If you installed the DB2 server using the Network Manager installer, you do not need to follow these steps. v You can configure what user manages Network Manager processes, as described in “Configuring root/non-root permissions” on page 213 v For non-root installations, you can configure your Network Manager processes to start automatically when your system is started or restarted, as described in “Non-root installation: Configuring processes to start automatically” on page 215. Note: You do not need to configure this if you installed Network Manager as the root user. The automatic restart is set up as part of a root installation without the need for this post-installation step. 82 Upgrading from a previous Network Manager version Follow steps described in “Upgrading and migrating to latest Network Manager” on page 110 Installing the Monitoring agent If you want to use IBM Tivoli Monitoring for IBM Tivoli Network Manager IP Edition, follow the steps described in “Integrating with IBM Tivoli Monitoring” on page 201 Setting up network management reports to use with Tivoli Common Reporting after installing Network Manager During installation, Network Manager installs and configures network management reports if Tivoli Common Reporting is present on the system. If you do not have Tivoli Common Reporting installed when installing Network Manager, you can install Tivoli Common Reporting at a later date and configure the reports then. After installing Network Manager, configure the reports as described in “Configuring reports for existing installations” on page 239. IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Option Description Migrating Cognos content store from the default Derby database to DB2 The default content store database that is used by Cognos is suitable for demonstration purposes, but it is not to be used as the content store database in a production environment. You have the option of migrating the Cognos content store database from the default Derby database to DB2 as described in “Migrating the Cognos content store from Derby to DB2” on page 240. Upgrading to Tivoli Integrated Portal 2.2.0.11 You must have Tivoli Integrated Portal 2.2.0.11 or later to use Firefox 17 ESR. Network Manager 4.1 includes Tivoli Integrated Portal 2.2.0.9. To upgrade to 2.2.0.11: 1. Go to the Tivoli Integrated Portal support site at http://www933.ibm.com/support/fixcentral/swg/ selectFixes?parent=ibm~Tivoli &product=ibm/Tivoli/ Tivoli+Integrated+Portal&release=2.2.0.1 &platform=All&function=all 2. Download the 2.2.0.11 Fix Pack. 3. Follow the Fix Pack installation instructions to apply the Fix Pack. Increasing memory for Tivoli Integrated Portal Depending on your system and network size, you might need to increase the amount of memory available to the Tivoli Integrated Portal. To increase the amount of memory available to the Java Virtual Machine (JVM), follow the steps about increasing memory for the Java Virtual Machine in the IBM Tivoli Network Manager IP Edition Administration Guide. You can set the initial and the maximum amount of memory, in MB (heap size). The maximum amount of memory can be increased up to 2048 MB on UNIX systems. If you need to set up a topology database after installation for Network Manager. For details of how to create the database schemas manually after installation, see the tasks about creating topology database schemas in the IBM Tivoli Network Manager IP Edition Administration Guide. For any further configuration tasks, check topics in: Chapter 4, “Configuring Network Manager,” on page 151 After successfully installing and configuring Network Manager, see the getting started sections For more information, see the tasks in the IBM Tivoli Network Manager Getting Started Guide. Chapter 2. Installing 83 Related tasks: “Viewing the installation logs” Viewing the installation logs can be useful for troubleshooting purposes. Troubleshooting the installation Use this information to how to troubleshoot errors that might occur during the installation of Network Manager. The following topics describe the types of error messages that you might encounter during the installation process, and the actions you can take to resolve these issues. Viewing the installation logs Viewing the installation logs can be useful for troubleshooting purposes. Information about the success of the installation process is recorded in different log files. To view the installation log information, proceed as follows. For general settings of the Network Manager installation, such as information about the version of Network Manager installed, the home location of components, and database connection information, see the NCHOME/etc/itnm.cfg file. Note: The Network Manager installation process involves several components. This means that an unsuccessful installation might be caused by other component installers running into issues. The relevant log files contain information for the cause of the failure. Consult the appropriate installation log: Symptom Action For an overall idea about which part of the installation failed Examine NCHOME/log/install/Configuration.log first to check what part of the installation encountered problems. The Configuration.log file helps determine where you need to look next. Configuration.log also shows errors encountered by post-installation setup tasks, and contains other useful information such as the ports used by each product or component that was installed. You can also examine the InstallAnywhere log file for more details about any problems. To examine the InstallAnywhere log file: 1. Go to the home directory of the user who ran the installer. 2. Open the IA-ITNM-Install-NN.log file, where NN is a number. Typically the file is called IA-ITNM-Install00.log. The part of the installation that appears to have failed involves Tivoli Netcool/OMNIbus If there are problems with Tivoli Netcool/OMNIbus, examine the following files: v If the problem is an installation problem, go to the home directory of the user who ran the installer, and examine the IA-Netcool-OMNIbus-Core* file. v If the problem is a runtime or configuration problem, then review the files in OMNIHOME/log. 84 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Symptom Action The part of the installation that appears to have failed involves Network Manager components v For installation problems, check the files in NCHOME/log/install. The newest files in the directory are the ones that typically have errors in them. v If the problem is related to Composite Offering Installer (COI) or IBM Autonomic Deployment Engine (DE), check the files in TIPHOME/_uninst/ITNM/plan/install/logs/*/ logs and in the associated TIPHOME/_uninst/ITNM/plan/ install/MachinePlan_localhost directory. v If the problem appears to be specifically DE-related, look for further details in /usr/ibm/common/acsi/logs/root/ de_trace.log. You can locate these log files in the following locations: – If you are installing as root on UNIX, these will be in /usr/ibm/common/acsi/logs/root. – If you are installing as a non-root user on UNIX, these will be in ~/.acsi_$HOSTNAME/logs/$USER. v For runtime problems, check files in NCHOME/log/ precision/*. The part of the installation that appears to have failed involves the database v If the problem appears to be a DB2 installation problem, check the NCHOME/log/install/installDB2.log file. v The NCHOME/log/install/create_all_schemas.log file shows errors that occurred during the creation of the NCIM topology database. The part of the installation v For Tivoli Integrated Portal problems, check the which appears to have failed ~/TIPInstaller-00.log file and the files in TIPHOME/logs involves the Tivoli for installation problems, and the files in Integrated Portal or Web TIPHOME/profiles/TIPProfile/logs/server1 for runtime GUI problems. v For Web GUI problems, check the ~/OMNIbusWebGUI_Install-00.log file. v In either case, if the problem appears to be related to the COI or DE, examine the files in NCHOME/omnibus_webgui/ _uninst/OMNIbusWebgui740/plan/install/logs/*/logs and in the associated NCHOME/omnibus_webgui/_uninst/ OMNIbusWebgui740/plan/install/MachinePlan_localhost directory. v If the problem appears to be specifically DE-related, look for further details in /usr/ibm/common/acsi/logs/root/ de_trace.log (or ~/.acsi_$username/logs/$username/ de_trace.log ). Examine the log files in this directory: TIPHOME/profiles/ It looks like the Tivoli Integrated Portal server itself TIPProfile/logs/server1. These log files contain information about the Tivoli Integrated Portal server status. has failed to start up successfully, even though there were no errors in any of the above log files, The part of the installation which appears to have problems involves the BIRTExtension Examine the logs in TIP_components/BIRTExtension/logs. Note: The default location for TIP_components is /opt/IBM/tivoli/tipv2Components. Chapter 2. Installing 85 Symptom Action The part of the installation which appears to have problems involves the ESSServer Examine the logs in TIP_components/ESSServer/logs. Note: The default location for TIP_components is /opt/IBM/tivoli/tipv2Components. TIPProfile_create log Review the TIPProfile_create log when your installation ends in error. Purpose The TIPProfile_create log records the messages that result from the successful or failed completion of a task in the process of creating the Network Manager profile during installation. Sample This is a sample of the final records of a TIPProfile_create.log where errors were encountered. <record> <date>2008-05-19T01:20:43</date> <millis>1211185243859</millis> <sequence>1007</sequence> <logger>com.ibm.ws.profile.cli.WSProfileCLIModeInvoker</logger> <level>INFO</level> <class>com.ibm.ws.profile.cli.WSProfileCLIModeInvoker</class> <method>areCommandLineArgumentsValid</method> <thread>10</thread> <message>Validation Error for profilePath: The profile path is not valid. </message> </record> <record> <date>2008-05-19T01:20:43</date> <millis>1211185243859</millis> <sequence>1008</sequence> <logger>com.ibm.ws.profile.cli.WSProfileCLIModeInvoker</logger> <level>SEVERE</level> <class>com.ibm.ws.profile.cli.WSProfileCLIModeInvoker</class> <method>invokeWSProfile</method> <thread>10</thread> <message>Argument Validation Failed.</message> </record> <record> <date>2008-05-19T01:20:43</date> <millis>1211185243859</millis> <sequence>1009</sequence> <logger>com.ibm.ws.profile.cli.WSProfileCLIModeInvoker</logger> <level>INFO</level> <class>com.ibm.ws.profile.cli.WSProfileCLIModeInvoker</class> <method>invokeWSProfile</method> <thread>10</thread> <message>Returning with return code: INSTCONFFAILED</message> </record> <record> <date>2008-05-19T01:20:43</date> <millis>1211185243859</millis> <sequence>1010</sequence> <logger>com.ibm.wsspi.profile.WSProfileCLI</logger> <level>INFO</level> <class>com.ibm.wsspi.profile.WSProfileCLI</class> 86 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide <method>invokeWSProfile</method> <thread>10</thread> <message>Returning with return code: INSTCONFFAILED</message> </record> Log files Locate and review the logs and related files after an installation to confirm that the components were successfully installed. Here are the logs created during a Network Manager installation. The installer creates a log called IA-TIPInstall-xx.log, which is located in the user's home directory. This should be the first log reviewed. It shows the installation as it progresses, giving tracing information. Each step that is executed in the installation creates a log in the TIPHOME/logs directory. Administrative console createProfile.err createProfile.out createTIPService.err createTIPService.out deleteProfile.err (uninstall) deleteProfile.out enableAppSecurity.err enableAppSecurity.out extendJaveMemory.err extendJaveMemory.out modifyWASServiceName.err modifyWASServiceName.out removeTIPService.err (uninstall) removeTIPService.out Common Gateway Interface Server CGIServer.err CGIServer.out configureIAuthzShLib.err configureIAuthzShLib.out deployiAuthzEar.err deployiAuthzEar.out Enterprise Storage Server® deployESSApplication.err deployESSApplication.out ESSConfiguration.err ESSConfiguration.out osgiCfgInit.err osgiCfgInit.out IBM Tivoli Monitoring Web Service ITMWebServiceEAR.err ITMWebServiceEAR.out Charting assignChartAdminRole.err assignChartAdminRole.out TIPChartPortlet.err TIPChartPortlet.out Reporting Time Scheduling Services TipTssEar.err TipTssEar.out TipTssEWASScheduler.err TipTssEWASScheduler.out TipTssJDBC.err TipTssJDBC.out TipTssSharedLibraries.err TipTssSharedLibraries.out Chapter 2. Installing 87 Tivoli Common Reporting tcr.err tcr.out tcrConfigClient.err tcrConfigClient.out tcrsPostConfig.err tcrsPostConfig.out Tivoli Integrated Portal configureTIPTransformationShLib.err configureTIPTransformationShLib.out deployTIPChangePassdWar.err deployTIPChangePassdWar.out deployTIPRedirectorEar.err deployTIPRedirectorEar.out renameIdMgrRealm.err renameIdMgrRealm.out Virtual Member Manager VMM.err VMM.out VMM LDAP Configuration configureVMMLDAP.err configureVMMLDAP.out VMM ObjectServer Plugin VMMObjectServerPlugin.err VMMObjectServerPlugin.out WebSphere checkWAS.err checkWAS.out startWAS.err startWAS.out Checking login URL and default ports If you have trouble logging in, make sure you check the URL format and the ports you use after installation. URL format Check that your URL format entered is as follows (shows default ports): v https://localhost:16311/ibm/console (secure access). v http://localhost:16310/ibm/console (nonsecure access). Where localhost is the fully-qualified host name or IP address of the Tivoli Integrated Portal server. Default ports 16310 is the default nonsecure port number and 16311 is the default secure port number. If your environment was configured during installation with a port number other than the default, enter that number instead. 88 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Dependency error messages Dependency error messages are generated if the installation process cannot find a required Network Manager package or component. If a dependency error message is displayed, follow the prompts and install the required components. Running installation and maintenance procedures as root or non-root The installation must be run by the same operating system user each time. Whichever user installs the first Tivoli Network Management product on a given workstation must also install, uninstall, or modify every subsequent Tivoli Network Management product on that workstation. You can run the installation as a non-root user. However, certain Network Manager configuration actions must be performed by the root user. A wizard panel at the end of the installation wizard reminds you to log in as root and make these configurations manually. Related concepts: “Root and non-root installation” on page 213 On UNIX Network Manager can be installed as either the root user or a non-root user. Related tasks: “Configuring the core components to run as root” on page 214 On UNIX, if you installed Network Manager as a non-root user, you must perform additional configuration to run the core components as the root user. Not enough disk space to complete the installation If there is not enough disk space to complete the installation, an error message is displayed and the installation is aborted. The error message is as follows: There is not enough space in DIRECTORY to install the software Please free up some space and re-run the installation In this message, DIRECTORY refers to the specified root installation directory. If you encounter this error message, clear space on the disk, or select a root directory on a partition with more space, and run the installation process again. Console mode installation error When installing Network Manager in console mode on UNIX systems, you might receive an error due to the DISPLAY environment variable being set. If you receive the following error message when installing Network Manager in console mode on UNIX systems, you will need to remove the setting for the DISPLAY environment variable before starting the console mode installation: Chapter 2. Installing 89 Installing... Invocation of this Java Application has caused an InvocationTargetException. This application will now exit. Stack Trace: java.lang.NoClassDefFoundError: sun.awt.X11GraphicsEnvironment (initialization failure) at java.lang.J9VMIntervals.initialize(J9VMIntervals.java:140) at java.lang.Class.forNameImpl (Native Method) at java.lang.Class.forName(Class.java:136) Use the following command: unset DISPLAY; then start the console install again. Backing up and restoring the Deployment Engine Use the Deployment Engine (DE) backup script before installing additional components or other products that are based on the Tivoli Integrated Portal platform. If you need to recover the original configuration after a failure, you can then run the Deployment Engine restore script. The Deployment Engine performs the installation of new and upgraded products. It keeps track of the installed components and skips installing a given component if it is already present on the system. Perform the following steps to back up or restore the DE database. 1. From the command line, change to the acsi directory: Linux UNIX For Linux and UNIX-based systems, the path to the acsi directory varies depending on whether you are installing as root or as a non-root user, as follows: – Installing as a non-root user, the path is relative to the user's home directory: <non-root user home directory>/.asci_<user_name> – Installing as root, the path is as follows: /var/ibm/common/asci 2. Initialize the Deployment Engine environment from the command line: v Linux UNIX . setenv.sh v 3. Change to the bin directory: v Linux UNIX For Linux and UNIX-based systems, the path to the bin directory varies depending on whether you are installing as root or as a non-root user, as follows: – For a non-root user, change to the bin child directory, that is: <non-root user home directory>/.asci_<user_name>/bin – For root, the path is as follows: /usr/ibm/common/asci/bin 4. Run the backup script to back up the Deployment Engine database, as follows: Linux UNIX de_backupdb v 5. If you need to restore the Deployment Engine database, from the bin directory run the restore script: v Linux UNIX de_restoredb If you backed up the Deployment Engine database, you can run the installer now to add additional components or products. If you restored the Deployment Engine database, you can resume using the original installed environment. 90 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Harmless installation messages A review of the installation log might show error messages that are actually harmless. After installing Network Manager, you might encounter a reflection error when reviewing the installation logs. The installation is successful, but the log shows variations of this error: +++ Warning +++: IWAV0003E Could not reflect methods for com.ibm.sec.iauthz. InstanceAuthzServiceLocalHome because one of the methods references a type that could not be loaded. Exception: java.lang.NoClassDefFoundError: com.ibm.sec.iauthz.InstanceAuthorization +++ Warning +++: IWAV0002E Failed reflecting values +++ Warning +++: java.lang.NoClassDefFoundError: com.ibm.sec. iauthz.InstanceAuthorization This error can be safely ignored. Insufficient disk space for install Have enough space in the temporary directory for the installation or it will fail. Your product installation requires at least 500 MB of disk space for the temporary files that are used during installation. On Linux and UNIX, allocate enough space in the /tmp or /opt directory of the computer. Installation failure scenario Review the IA-TIPInstall-xx.log for any errors that might have occurred during installation. IA-TIPInstall-xx.log Typically, the installation process stops when a failure occurs. But it can also appear to complete successfully and then later, such as when attempting to log in, you find that there is a problem. Review the IA-TIPInstall-xx.log in your home directory to confirm that the installation was successful. For example, if you are logged in as Administrator on a Windows system, then you would look in C:\Documents and Settings\Administrator. Log review scenario In this example on a Windows system, the ESSServerConfig.xml step failed and IA-TIPInstall-xx.log as shown here appears to have a COI (Composite Offering Installer) failure at line 134. C:\IBM\tivoli\tip\_uninst\ITNM\plan\install\MachinePlan_localhost\ 0011_IAGLOBAL_COI_STEP_ESSServerConfig\IAGLOBAL_COI_STEP_ESSServerConfig.xml:134: xec returned: 105 Wed May 28 15:25:54.078 EDT 2008 : STDERR : at org.apache.tools.ant.ProjectHelper. addLocationToBuildException(ProjectHelper.java:539) Wed May 28 15:25:54.078 EDT 2008 : STDERR : at org.apache.tools.ant.taskdefs.Ant. execute(Ant.java:384) Wed May 28 15:25:54.078 EDT 2008 : STDERR : at org.apache.tools.ant.Task.perform (Task.java:364) Wed May 28 15:25:54.078 EDT 2008 : STDERR : at com.ibm.ac.coi.impl.utils. AntHelper.ant(AntHelper.java:88) Wed May 28 15:25:54.078 EDT 2008 : STDERR : ... 3 more Chapter 2. Installing 91 The log provides you with the full path to the location of the failing file. Navigate to that location, open the file indicated, and check the line that failed. In this example you would navigate to: C:\IBM\tivoli\tip\_uninst\ITNM\plan\install\MachinePlan_localhost\ 00011_IAGLOBAL_COI_STEP_ESSServerConfig\IAGLOBAL_COI_STEP_ESSServerConfig.xml and study line 134. At line 134 of target configureESS, the following command did not execute successfully <target name="configureESS" depends="setProperties"> <echo message="Start to configure Authentication Service..."/> <iaecho message="$ESSSERVER_CONFIGURING$"/> ...................... line134: <exec dir="${IAGLOBAL_installLocation}/bin" executable="${IAGLOBAL_installLocation}/bin/wsadmin${platform.script.ext}" failonerror="true"> <redirector output="${IAGLOBAL_installLocation}/logs/ ESSConfiguration.out" error="${IAGLOBAL_installLocation}/logs /ESSConfiguration.err"/> ... As you can see, the wsadmin call from Ant sends stdout to TIPHOME/logs/ ESSConfiguration.out and stderr to TIPHOME/logs/ESSConfiguration.err. A review of the ESSConfiguration.out file shows that the Tivoli Integrated Portal Server (WAS) might have a problem: WASX7209I: Connected to process "server1" on node TIPNode using SOAP connector; The type of process is: UnManagedProcess WASX7303I: The following options are passed to the scripting environment and are available as arguments that are stored in the argv variable: "[C:/IBM/tivoli/tip/logs/ltpaOutput.txt, 1ntegrate]" WASX7017E: Exception received while running file "C:\IBM\tivoli\tip\bin \configureESS.jacl"; exception information: com.ibm.bsf.BSFException: error while eval’ing Jacl expression: no accessible method "isESSConfigured" in class com.ibm.ws.scripting.adminCommand.AdminTask while executing "$AdminTask isESSConfigured" invoked from within "set essCheck [$AdminTask isESSConfigured]" Check the TIPHOME/profiles/TIPProfile/logs/server1/SystemOut.log for any exceptions that might be related to the Authentication Service. If you are not able to assess this, ask the resident Tivoli Integrated Portal Server expert or gather the Network Manager logs, including SystemOut.log, and contact IBM Support. Install fails after deployment engine upgrade Running the installer on a computer that has an existing Tivoli Integrated Portal environment can fail if the deployment engine (DE) was upgraded from a very early version. If you have an old version of the DE installed, the Tivoli Integrated Portal installer will upgrade it and continue with the installation. On rare occasions certain older versions of the DE might not be upgraded successfully. When this happens, the installation can fail. If you are aware that your product uses a very old version of the DE (such as Version 1.2), you can install on the same machine, but sign on to the portal with a different user name. If your old version of the DE was initially installed as root user on the Linux or UNIX operating system, consider uninstalling it if your new installation is failing after the DE upgrade. 92 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Uninstalling Network Manager You must use the scripts provided to uninstall the product. Important: You must always use the scripts to uninstall the product. Uninstalling the product by removing files and directories might result in problems reinstalling components. Removing reports If you uninstall Network Manager, you must also remove the Network Manager reports and the data sources for the reports. Follow these steps before uninstalling Network Manager to remove the Network Manager reports and their settings. To remove Network Manager reports and their data source settings: 1. Log in to the Network Manager GUI in a supported browser as a user with administrator permissions. 2. Click Common reporting in the navigation pane on the left side of the window. 3. Select the check box next to Network Manager. 4. Click the delete icon to remove the Network Manager reports. 5. Click the Launch menu in the upper right of the window. Click Cognos Administration from the list and click the Configuration tab. 6. Select the check boxes next to the following data sources: v IBM_TRAM v NCIM v NCMONITOR v NCPGUI v NCPOLLDATA v PARAMETERS 7. Click the delete icon to remove the selected data sources. Uninstalling on UNIX On UNIX operating systems, you must uninstall the product using the uninstall script. You can uninstall specific components or the entire product in a command line mode. Important: If you want to remove any products that are integrated with Network Manager on the same server, remove them using their own uninstallers before removing Network Manager. For example, make sure you remove Tivoli Common Reporting using its uninstaller before uninstalling Network Manager using the process discussed in this topic. Attention: Do not attempt to remove any product by deleting files or directories. This can cause problems reinstalling components. You must use the uninstall script provided with the product to uninstall Network Manager. To uninstall all or part of Network Manager: 1. If you used Network Manager reports, remove them as described in “Removing reports.” You can then remove Tivoli Common Reporting using its uninstaller. Chapter 2. Installing 93 2. Source the environment as follows: a. Go to the Netcool home directory. By default the Netcool home directory location is /opt/IBM/tivoli/netcool, so the default command is: cd /opt/IBM/tivoli/netcool b. Run the command to source the environment: .env.sh 3. Optional: Before attempting to uninstall a local DB2 database installed by Network Manager, it might be necessary to remove any customizations added after the Network Manager installation. For example, if the DB2 high availability option was set on the database, then the following two DB2 commands must be run before the installation can be uninstalled: DEACTIVATE DATABASE STOP HADR For information on DB2 commands, see Related information below for links to your DB2 Information Center. 4. Optional: If you are using a remote DB2 database for NCIM, or if you have been using reports, you must uncatalog the database when you uninstall and UNIX catalog it again if you reinstall. Use the following command: $NCHOME/precision/scripts/sql/db2/uncatalog_db2_database.sh database_name where database_name is the name of the NCIM database. 5. Optional: If you are using a DB2 database as the Tivoli Data Warehouse database, you must uncatalog the database when you uninstall and catalog it again if you reinstall. For instructions, see the IBM Tivoli Monitoring for Tivoli Network Manager IP User's Guide. 6. Run the uninstall script: $NCHOME/Uninstall_ITNM Note: Running Uninstall_ITNM command launches the $NCHOME/bin/ CleanSystem script. The uninstall script starts and displays the options you have. Table 10. Uninstall options 94 Option Description -p Shuts down all processes associated with the installation. -o Removes Tivoli Netcool/OMNIbus from the system. -i Removes the local topology database from the Network Manager installation. Note: This option can only remove the default database provided by Network Manager. -n Removes the Network Manager installation from the system. -t Removes Network Manager portlets and content from the Tivoli Integrated Portal server. Note: You must run this option on the server where the Tivoli Integrated Portal is installed. IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 10. Uninstall options (continued) Option Description -c Removes from the system the Tivoli Integrated Portal (including its associated component, Tivoli Netcool/OMNIbus Web GUI), the Composite Offering Installer (COI), and the IBM Autonomic Deployment Engine (DE) content. Note: The use of the -c and -a options to remove Tivoli Integrated Portal, the Composite Offering Installer (COI), and the IBM Autonomic Deployment Engine (DE) content can adversely impact other IBM Tivoli products installed on the system. For example, using option -c removes components that Tivoli Common Reporting requires to work. Ensure no other Tivoli products on the system require those components before using either option. -a Removes from the system all products and components that have files or data stored in NCHOME and TIPHOME, including core components, GUI components, Tivoli Netcool/OMNIbus, and database components. -h Use this option to specify the installation home directory if not using the default NCHOME. 7. Select the components that you want to remove by entering the appropriate option. You can enter more than one option. For example, to stop all processes and remove Tivoli Netcool/OMNIbus from the system, enter: ./Uninstall_ITNM -p -o Attention: Removing components can cause other products that rely on those components to fail. For example, removing Tivoli Netcool/OMNIbus causes IBM Tivoli Business Service Manager to fail. Removing the core components or the topology database causes errors in the Network Manager Web components. CAUTION: If you select the option to remove all components, the installation framework, and the Tivoli Integrated Portal, other products installed on the same server, such as Tivoli Netcool/OMNIbus, the Tivoli Netcool/OMNIbus Web GUI and IBM Tivoli Business Service Manager, might not function. Do not choose this option if you have any other Tivoli products installed on this server. 8. If you want to reinstall after removing Network Manager, always reinstall in a new shell window and not the one used to successfully uninstall any previous installation. Note: If portions of Network Manager are being uninstalled so that newer versions can be reinstalled, then the following directories must not exist after the appropriate Network Manager component has been removed. If these directories do still exist, then you must remove them before performing any reinstallation work: Chapter 2. Installing 95 v If a newer version of the Network Manager Web Applications is going to be reinstalled, then the following directories must not exist before the reinstallation occurs. – $NCHOME/precision/integrations – $NCHOME/precision/products – $NCHOME/precision/profiles – $NCHOME/precision/systemApps v If a newer version of the Network Manager core is going to be reinstalled. then the following directories must not exist before the reinstallation occurs: – $NCHOME/etc/precision – $NCHOME/precision/adapters – $NCHOME/precision/aoc – $NCHOME/precision/disco – $NCHOME/precision/eventGateway Related tasks: “Removing reports” on page 93 If you uninstall Network Manager, you must also remove the Network Manager reports and the data sources for the reports. Related information: IBM DB2 Version 10.1 Information Center For more information on DB2 10.1 HADR, search the IBM DB2 Version 10.1 Information Center. Suggested search terms inlcude "high availability". IBM DB2 Version 9.7 Information Center For more information on DB2 9.7 HADR, search the IBM DB2 Version 9.7 Information Center. Suggested search terms inlcude "high availability". Installing fix packs A fix pack involves moving from one minor release to another within a point version, for example, from 4.1.0.1 to 4.1.0.2. To identify the current version of any Network Manager process, run the process with the -version command line option. To install a fix pack, perform the following steps: 1. Go to the following site to download your fix pack: http://www-933.ibm.com/ support/fixcentral/. Search the site for your product and version to locate the fix pack for your installation. 2. Download and extract the fix pack installation image for your product. 3. Open the README.1ST file after extracting the fix pack installation image. The README.1ST file provides information on where to locate the INSTALL and README files. 4. For information about installing the fix pack, including prerequisites and installation steps, open the INSTALL file. Consider the preinstallation steps, requirements, restrictions, installation steps, and postinstallation steps. 5. For information about the fixes and enhancements included in the fix pack, and any known problems with the fix pack, open the README file. 6. Stop any running Network Manager processes. 7. Install the fix pack as described in the INSTALL file. 96 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide 8. Use the README file to check for any known problems with the fix pack and to make any changes necessary due to APARs. Chapter 2. Installing 97 98 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Chapter 3. Upgrading and migrating Read about upgrading your version of Network Manager and migrating existing installations. Note: The default ports for logging into the application server are different across versions. The nonsecure access redirects you to the secure port unless you configured it otherwise (see “Configuring access for HTTP and HTTPS” on page 196). The default ports for Network Manager versions 3.9 and later are as follows: v https://localhost:16311/ibm/console (secure access). v http://localhost:16310/ibm/console (nonsecure access). Attention: If you have multiple Tivoli products that use the Tivoli Integrated Portal framework, see the Cross Product Migration Reference at https:// www.ibm.com/developerworks/mydeveloperworks/wikis/home?lang=en#/wiki/ Tivoli%20Business%20Service%20Manager1/page/Migration for dependencies and considerations when upgrading and migrating. About upgrading and migrating Read about upgrading your version of Network Manager and migrating existing installations. Upgrade paths Network Manager V4.1 is supported only on Red Hat Enterprise Linux and DB2. Use this information to understand which upgrade paths are available to Network Manager V4.1. Only the following configurations are supported when upgrading to Network Manager V4.1 from V3.8 or V3.9, or when copying an existing V4.1 installation: v You can migrate from any Red Hat Enterprise Linux system to any other Red Hat Enterprise Linux system but migrating from other UNIX systems is not supported. v Migrating from Windows systems is not supported. v The source and target machines must use the same database type. The only exceptions are the following: – V3.8: migrating from the previously default MySQL source to the default DB2 in V4.1 on the target system is supported. – V3.9: migrating from the previously default Informix® source to the default DB2 in V4.1 on the target system is supported. v The source and target systems must both be either FIPS or non-FIPS installations. Migration from a FIPS installation to a non-FIPS installation, or the reverse, is not supported. The following table displays the supported upgrade paths. Note: Your source system must be patched up to the FixPack level indicated in the table. © Copyright IBM Corp. 2006, 2013 99 Table 11. Supported upgrade paths From source system To target system Version and FixPack Operating system V3.8 FixPack 6 Red Hat Enterprise Linux 4.0 or 5.0 V3.9 FixPack 3 V3.9 Refresh of full product image (release date: 2012 September 13 build 3.9.0.71)2 Database Version of Tivoli Integrated Portal Version and FixPack Operating system MySQL V1.x V4.1 Red Hat Enterprise Linux 5.0 or 6.01 DB2 Red Hat Enterprise Linux 5.0 or 6.0 Informix V2.1 DB2 V2.2 Red Hat Enterprise Linux 5.0 or 6.0 Informix Database DB2 9.7 DB2 10.x DB2 Table notes: 1. Tivoli Common Reporting V2.x is not supported on Red Hat Enterprise Linux 6.0. 2. Users of Netcool Network Management must use this upgrade path. Related information: IBM Netcool Network Management V9.2 Information Center The Netcool Network Management V9.2 solution consists of IBM Tivoli Netcool/OMNIbus V7.4, IBM Tivoli Network Manager IP Edition V3.9, and IBM Tivoli Netcool Configuration Manager V6.4. In this information center, you can find information about installing, configuring, integrating, and using the products that make up the solution. Upgrading from other products and versions If you have a version of Network Manager prior to 3.8, or if you have Tivoli NetView, and you want to upgrade to the latest version of Network Manager, then you must first upgrade to a later version. If you have a version of Network Manager prior to 3.8, then do the following: 1. Upgrade to version 3.8. For instructions on upgrading to version 3.8, go to http://publib.boulder.ibm.com/infocenter/tivihelp/v8r1/topic/ com.ibm.networkmanagerip.doc_3.8/welcome.htm. 2. Apply FixPacks to bring you up to V3.8 FixPack 6. 3. Follow the instructions at “Upgrading and migrating to latest Network Manager” on page 110. If you have Tivoli NetView, then do the following: 1. Migrate to version 3.9. For information on migrating from Tivoli NetView to version 3.9, go to http://publib.boulder.ibm.com/infocenter/tivihelp/v8r1/ topic/com.ibm.networkmanagerip.doc_3.9/itnm/ip/wip/install/task/ nmip_ins_migratingfromnetview.html. 2. Apply FixPacks to bring you up to V3.9 FixPack 3. 3. Follow the instructions “Upgrading and migrating to latest Network Manager” on page 110. 100 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide If you have Netcool Network Management V9.2 and you want to upgrade the Network Manager component to V4.1, then follow the instructions at “Upgrading and migrating to latest Network Manager” on page 110. Default locations for different product versions The different versions of Network Manager and related components use different directory structures and have configuration files in different locations. If you are looking for a file or other system component that you expected to find based on the location on your old system, use this table to determine where to find the item on Network Manager V4.1. The location changes are mainly due to changes in the framework over releases. For example, Network Manager V3.8 uses Tivoli Integrated Portal 1.1.x, and Network Manager V3.9 uses Tivoli Integrated Portal V2.1. As a reference, the following table contains an overview of how the default location of configuration files has changed over the releases. Table 12. Default locations of configuration files Item Location in version 3.8 Location in version 3.9 and version 4.1 NCHOME /opt/IBM/tivoli/netcool /opt/IBM/tivoli/netcool ITNMHOME Not applicable /opt/IBM/tivoli/netcool/ precision Note: By default, PRECISION_HOME is set to the same location as ITNMHOME, but is used by other parts of the product. TIPHOME /opt/IBM/tivoli/tip /opt/IBM/tivoli/tipv2 GUI properties files TIPHOME/profiles/ TIPProfile/etc/tnm ITNMHOME/profiles/ TIPProfile/etc/tnm Dynamic view templates TIPHOME/profiles/ TIPProfile/etc/tnm/ dynamictemplates ITNMHOME/profiles/ TIPProfile/etc/tnm/ dynamictemplates Right-click menu and tool definition files TIPHOME/profiles/ TIPProfile/etc/tnm/menus ITNMHOME/profiles/ TIPProfile/etc/tnm/menus TIPHOME/profiles/ TIPProfile/etc/tnm/tools ITNMHOME/profiles/ TIPProfile/etc/tnm/tools GUI icon files TIPHOME/profiles/ ITNMHOME/profiles/ TIPProfile/etc/tnm/resource TIPProfile/etc/tnm/resource WebTools configuration files TIPHOME/profiles/ TIPProfile/etc/tnm/tools ITNMHOME/profiles/ TIPProfile/etc/tnm/tools Chapter 3. Upgrading and migrating 101 Migrated files Network Manager is able to migrate a wide range of your customization and configuration changes. The upgrade process migrates both customization and configuration changes made on your previous system. Customization and configuration changes are defined as follows: Customization changes Coding and other deep system modifications that change the way Network Manager processes work. Configuration changes Custom settings for various Network Manager processes. Customization and configuration changes are held in a variety of files on your previous system, including the following: v Configuration files. These are files with filetype .cfg. v Agent definition files. These are files with filetype .agnt. v Files that classify network entities. These are files with filetype .aoc. v Stitcher files. These are files with filetype .stch. During an upgrade, these files are processed in one of the following ways. Table 13. Handling of files during the upgrade process How file is processed Result User action Automatically imported to the new system. The file is automatically copied into the appropriate directory on the new system, ready for use. No user action is required. Backup versions of the original installed files are saved in the original location and renamed as follows: Made available for user review. v Any agent *.agnt file: renamed filename.agnt_41file. v Any collector *.cfg file: renamed filename.cfg_41file. v Any collector *.drv file: renamed filename.drv_41file. The file is placed in a holding directory on the new system. During the upgrade procedure you are asked to check these files to determine if they are required on the new system, and if so, whether the user changes must be reimplemented. Examples include files that have changed due to both modifications in the product across releases and customizations made by users on the previous installation. Important: Files that are made available for user review are generally incompatible with migration and that their contents should only be migrated if you are certain that the contents of the file will not adversely affect the operation of Network Manager V4.1. Not imported if file already In most cases, the exists on the new system. file will exist on the new system, therefore these files will usually not be imported. If the user changes are required on the new system, then they must be reimplemented in the file that already exists on the new system. Backup versions of the files that were not imported are saved to the following locations: v Any device class *.aoc file: $NCHOME/precision/aoc/migration v Any stitcher *.stch file: $NCHOME/var/precision/export/disco/ stitchers v Any MIB *.mib file: $NCHOME/var/precision/export/mibs Not imported to the new system. 102 File is not available on the new system. Reasons for this include the following: the file is not typically modified by the user; the file is obsolete on the new version of the system. However, in certain cases, the file might be needed on the new system. IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Note: Files that are made available for user review are placed into the following directories: v Core changes: – Most files are made available for user review in the following location: $NCHOME/etc/precision/migration – Device class *.aoc files are made available for user review in the following location: : $NCHOME/precision/aoc/migration v GUI changes: $ITNMHOME/profiles/TIPProfiles/etc/tnm/migration . You must review and if necessary reimplement user changes in this file, prior to copying it to the correct location on the new system. Note: Domain-specific versions of all files are automatically imported to the new system, as long as there is no file with an identical filename on the new system. Files containing customization changes The upgrade process migrates certain customization changes made on your previous system. The following sections provide information on the configuration changes that are migrated. Process customization Discovery customization Event enrichment customization Network Manager GUI customization Service affected event plug-in customization Important: Files that are made available for user review are generally incompatible with migration and that their contents should only be migrated if you are certain that the contents of the file will not adversely affect the operation of Network Manager V4.1. Process customization The following table shows how each process customization file is handled by the upgrade process. All the files listed in the table are in the following directory path: $NCHOME/etc/precision. Table 14. Handling of process customization files File How this file is handled ClassSchema.cfg Not imported if file already exists on the new system. ConfigAgents.cfg Not imported if file already exists on the new system. ConfigSchema.cfg Not imported if file already exists on the new system. CtrlSchema.cfg Not imported if file already exists on the new system. DbLoginSchema.cfg Not imported if file already exists on the new system. Chapter 3. Upgrading and migrating 103 Table 14. Handling of process customization files (continued) File How this file is handled NcoConnectionSchema.cfg Not imported if file already exists on the new system. NcoLogin.cfg Not imported if file already exists on the new system. Precision.broker.cfg Not imported if file already exists on the new system. StoreSchema.cfg Not imported if file already exists on the new system. TelnetStackSchema.cfg Not imported if file already exists on the new system. TelnetStackPasswords.cfg Not imported if file already exists on the new system. WebToolSchema.cfg Made available for user review. Discovery customization Different aspects of the discovery can be customized. Device classification The following table shows how discovery customization files associated with device classification are handled by the upgrade process. Table 15. Handling of discovery customization files associated with device classification File How this file is handled $NCHOME/precision/aoc/* Handled in one of the following ways: v If the file already exists on the new system, it is made available for review in $NCHOME/precision/aoc/migration. v If the file does not exist on the new system, it is automatically imported. Discovery agents and stitchers The following table shows how discovery customization files associated with discovery agents and stitchers are handled by the upgrade process. Table 16. Handling of discovery customization files associated with discovery agents and stitchers File How this file is handled $NCHOME/precision/disco/agents/* Each file in the directory is handled in one of the following ways: v Made available for user review, if file already exists on the new system. v Automatically imported, if file does not exist on the new system. 104 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 16. Handling of discovery customization files associated with discovery agents and stitchers (continued) File How this file is handled $NCHOME/precision/disco/stitchers/* Each file in the directory is handled in one of the following ways: v Made available for user review, if file already exists on the new system. v Automatically imported, if file does not exist on the new system. Topology enrichment The following table shows how discovery customization files associated with topology enrichment are handled by the upgrade process. All the files listed in the table are in the following directory path: $NCHOME/etc/ precision. Table 17. Handling of discovery customization files associated with topology enrichment File How this file is handled DbEntityDetails.cfg Made available for user review. DiscoContrib.cfg Handled in one of the following ways: v Made available for user review, if file already exists on the new system. v Automatically imported, if file does not exist on the new system. ModelNcimDb.cfg Made available for user review. Collectors The following table shows how discovery customization files associated with collectors are handled by the upgrade process. The files listed in this table are in the following directory path: $NCHOME/etc/precision. Table 18. Handling of discovery customization files associated with device classification File How this file is handled DiscoCollectorFinderSchema.cfg Handled in one of the following ways: v Made available for user review, if file already exists on the new system. v Automatically imported, if file does not exist on the new system. DiscoCollectorFinderSeeds.cfg Made available for user review. $NCHOME/precision/collectors/* Automatically imported to the new system. If a V4.1 version of the file exists, it is backed up and named filename_41file. Event enrichment customization The following table shows how each event enrichment customization file is handled by the upgrade process. The files listed in this table are in the following directory path: $NCHOME/etc/precision. Chapter 3. Upgrading and migrating 105 Table 19. Handling of event enrichment customization files File How this file is handled EventGatewaySchema.cfg Handled in one of the following ways: v Made available for user review, if file already exists on the new system. v Automatically imported, if file does not exist on the new system. NcoGateInserts.cfg Made available for user review. $NCHOME/precision/eventGateway/ stitchers/* Each file in the directory is handled in one of the following ways: v Made available for user review, if file already exists on the new system. v Automatically imported, if file does not exist on the new system. $NCHOME/etc/rules/* Not imported to the new system. $NCHOME/probes/operating_system/ nco_p_ncpmonitor.rules Not imported to the new system. Network Manager GUI customization The following table shows how each GUI customization is handled by the upgrade process. All the files listed in the table are in the following directory path: $ITNMHOME/profiles/TIPProfile/etc/tnm. Note: Table 20. Handling of GUI customization files File How this file is handled autoprovision/* Automatically imported to the new system unless the file exists on the new system. dynamictemplates/* menus/* tools/* Made available for user review if the file exists on the new system. ncimMetaData.xml resource/* Service affected event plug-in customization The following table shows how the customization files for the Service affected event (SAE) plug-in to the Event gateway are handled by the upgrade process. All the files listed in the table are in the following directory path: $NCHOME/etc/precision. Table 21. Handling of SAE plug-in customization files 106 File How this file is handled SaeIPPath.cfg Not imported to the new system. SaeItnmService.cfg Not imported to the new system. SaeMplsVpn.cfg Not imported to the new system. SAESchema.cfg Not imported to the new system. IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Files containing configuration changes The upgrade process migrates certain configuration changes made on your previous system. Use this information to understand which configuration changes are migrated automatically and which require manual intervention. The following sections provide information on the configuration changes that are migrated. Process configuration Discovery configuration DLA configuration Polling configuration Network Manager GUI configuration Root-cause analysis configuration Important: Files that are made available for user review are generally incompatible with migration and that their contents should only be migrated if you are certain that the contents of the file will not adversely affect the operation of Network Manager V4.1. Process configuration The following table shows how each process configuration file is handled by the upgrade process. All the files listed in the table are in the following directory path: $NCHOME/etc/precision. Table 22. Handling of discovery configuration files File How this file is handled ConfigItnm.cfg Not imported if file already exists on the new system. CtrlServices.cfg Made available for user review. DbLogins.cfg Not imported. However, the upgrade process creates domain-specific DbLogins.cfg files on the new system to match domains exported from the previous system. You must edit these files to point to the new database on the target system. MibDbLogin.cfg Not imported. ModelSchema.cfg Not imported if file already exists on the new system. NcPollerSchema.cfg Not imported if file already exists on the new system. ServiceData.cfg Not imported. SnmpStackSchema.cfg Not imported if file already exists on the new system. TrapMuxSchema.cfg Not imported if file already exists on the new system. VirtualDomainSchema.cfg Not imported if file already exists on the new system. Chapter 3. Upgrading and migrating 107 Discovery configuration The following table shows how each discovery configuration file is handled by the upgrade process. Some of the files in this table are processed in the following way: "Processed with ncp_config to generate domain-specific inserts." ncp_config is the Network Manager GUI configuration file server and its function is to read from and write to schema files. In order to handle certain files the migration script calls ncp_config to read the schema configuration file and generate the corresponding insert configuration file. For example, ncp_config is called to read the file DiscoPingFinderSchema generate domain-specific versions of the DiscoPingFinderSeeds.cfg insert file. The files listed in the table are in the following directory path: $NCHOME/etc/precision. Table 23. Handling of discovery configuration files File How this file is handled DiscoAgents.cfg Made available for user review. DiscoARPHelperSchema.cfg Not imported if file already exists on the new system. DiscoConfig.cfg Made available for user review. DiscoDNSHelperSchema.cfg Not imported if file already exists on the new system. DiscoFileFinderParseRules.cfg Processed with ncp_config to generate domain-specific inserts. DiscoFileFinderSchema.cfg Processed with ncp_config to generate domain-specific inserts. DiscoHelperServerSchema.cfg Processed with ncp_config to generate domain-specific inserts. DiscoPingFinderSchema.cfg Processed with ncp_config to generate domain-specific inserts. DiscoPingFinderSeeds.cfg Processed with ncp_config to generate domain-specific inserts. DiscoPingHelperSchema.cfg Processed with ncp_config to generate domain-specific inserts. DiscoSchema.cfg Made available for user review. DiscoScope.cfg Migrating from V3.9 and later versions: automatically imported to the new system Migrating from V3.8: made available for user review. 108 DiscoSnmpHelperSchema.cfg Not imported if file already exists on the new system. DiscoTelnetHelperSchema.cfg Not imported if file already exists on the new system. DiscoXmlRpcHelperSchema.cfg Made available for user review. NATGateways.txt Made available for user review. NATTranslations.txt Made available for user review. IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 23. Handling of discovery configuration files (continued) File How this file is handled $NCHOME/precision/mibs/* Not imported if file already exists on the new system. SnmpStackSecurityInfo.cfg Processed with ncp_config to generate domain-specific inserts with encrypted passwords. TelnetStackPasswords.cfg Processed with ncp_config to generate domain-specific inserts with encrypted passwords. DLA configuration The following table shows how each DLA configuration file is handled by the upgrade process. Table 24. Handling of DLA configuration files File How this file is handled $NCHOME/precision/adapters/ncp_dla/ ncp_dla.properties* Automatically imported to the new system. Polling configuration The following table shows how each polling configuration file is handled by the upgrade process. Table 25. Handling of polling configuration files Files How this file is handled $NCHOME/var/precision/ MonitorPolicies*.xml These domain specific files are exported and used during the import process to populate the Polling engine (ncp_poller) tables with poll policies and poll definitions. Network Manager GUI configuration The following table shows how each Network Manager GUI configuration configuration file is handled by the upgrade process. Note: All the files listed in the table are in the following directory path: $ITNMHOME/profiles/TIPProfile/etc/tnm. Chapter 3. Upgrading and migrating 109 Table 26. Handling of GUI configuration files File How this file is handled discoconfig.properties Automatically imported to the new system unless the file exists on the new system. discofilterlibrary.xml discofilters.xml itnmgraphDefault.properties Made available for user review if the file exists on the new system. itnmgraph.properties monitorconfig.properties ncpolldata.properties nmdb.properties status.properties structurebrowser.properties tnm.properties topoviz.properties Root-cause analysis configuration The following table shows how each root-cause analysis (RCA) configuration file is handled by the upgrade process. Table 27. Handling of RCA configuration files File How this file is handled $NCHOME/etc/precision/RCASchema.cfg Not imported if file already exists on the new system. Upgrading and migrating to latest Network Manager You can upgrade to Network Manager V4.1 from versions 3.8 or 3.9. Upgrading and migrating to the latest version of Network Manager involves collecting data from your existing Network Manager installation, exporting the data, installing the new version of Network Manager, and importing the data to your new installation. Note: You must run the export-import scripts as the same user that installed the product. Upgrading to latest Network Manager: full side-by-side migration Follow this procedure to fully migrate all of the servers in your installation to new servers. 110 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Upgrading and migrating overview Use this information as a step-by-step guide to upgrading Network Manager and migrating existing settings to the upgraded version. Upgrading and migrating steps Moving to the latest version of Network Manager involves several steps. The process uses separate scripts for moving the core and the GUI component settings across to the new installation. To upgrade to Network Manager V4.1 from V3.8 or V3.9 and migrate your settings and customizations, perform the steps listed in the following table. Table 28. Upgrading and migrating tasks to Network Manager V4.1. Action Step 1. Install Network Manager V4.1. Chapter 2, “Installing,” on page 41 2. Install IBM Tivoli Netcool/OMNIbus You can install IBM Tivoli Netcool/OMNIbus as part of your Network Manager installation. For information about upgrading and migrating IBM Tivoli Netcool/OMNIbus, see the IBM Tivoli Netcool/OMNIbus Installation and Deployment Guide. Note: If you installed a new instance of IBM Tivoli Netcool/OMNIbus as part of the Network Manager installation, the ObjectServer name you provided during the installation is stored in NCHOME/etc/precision/ ConfigItnm.Network_Manager_Domain_Name.cfg 3. Prepare your existing system. “Preparing for upgrade” on page 112 4. Export core customization “Exporting core customization data” on page 114 data. 5. Export GUI configuration data. “Exporting GUI customization data” on page 115 6. Identify NCIM topology database customizations “Identifying NCIM topology database customizations” on page 117 7. Apply customizations from the source NCIM topology database “Applying customizations from the source database” on page 118 “Importing core customization data” on page 119 8. Import previous core configuration data into your Note: Any configuration files exported from your previous V3.8 installation and new installation. imported into Network Manager V3.9 that contain passwords or other strings originally encrypted using V3.8 encryption tools, will be reencrypted using FIPS 140–2 compliant encryption tools as part of this upgrade. Version 3.9 files that are replaced by migrated V3.8 files during the update process are backed up with the name filename_39, where filename is the name of the original version 3.9 file. “Importing core customization data - manual steps” on page 122 9. Due to changes in the product, some core configuration settings must be migrated manually to the new system. “Importing GUI customization data” on page 130 10. Import previous GUI configuration data into your new installation Chapter 3. Upgrading and migrating 111 Table 28. Upgrading and migrating tasks to Network Manager V4.1. (continued) Action Step 11. Due to changes in the “Importing GUI customization data - manual steps” on page 132 product, some GUI configuration settings must be migrated manually to the new system. 12. Stop and start Network Manager, including the Tivoli Integrated Portal. Starting and stopping Network Manager On your new installation, perform the following steps for each desired network domain. 13. Run a network discovery. For more information, see the IBM Tivoli Network Manager IP Edition Discovery Guide. 14. Reapply manually created topology to your discovered topology. “Reapplying manually created topology to your discovered topology” on page 134 15. Reapply managed status data to your discovered topology. “Reapplying managed status data to your discovered topology” on page 137 Preparing for upgrade Prepare your existing system for upgrade by copying over the files required for the upgrading and migrating process. The Network Manager installation package contains all files required. Once you have installed Network Manager V4.1 on your target machine and before proceeding with the upgrade, you must recreate all users from your previous installation on the target machine, in the appropriate repository (LDAP or ObjectServer). Users created using Tivoli Integrated Portal must also be created again. Prepare for the upgrade: 1. Go to the system where you installed the Web Applications (also referred to in the documentation as "GUI components") for Network Manager V4.1. v In a single server installation, this is the server where you installed Network Manager V4.1. v In a distributed installation, this is the Tivoli Integrated Portal server. 2. Optional: If you have installed fixpacks for third-party GUI packages, such as Tivoli Integrated Portal and Web GUI, and you want to these fix packs in the migrated package, then run the UpdatePlugins script on the system where you installed the Network Manager V4.1 Web Applications (this is required because the script uses TIPHOME): a. Go to the following location: $NCHOME/precision/install/scripts/. b. Run the following command: ./UpdatePlugins This script gathers together all of the latest upgrade packages. The UpdatePlugins script is run by default at installation time, and writes log messages to $NCHOME/log/install/Configuration.log in a section called Update Migration plugins. However, the script must be run again if a Tivoli Integrated Portal or Web GUI fixpack is subsequently installed. This enables the system to 112 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide gather the latest upgrade packages. The script produces the ExportPackage.tar archive package as output. The ExportPackage.tar archive is saved in $NCHOME/precision/install/data. Note: For the purposes of upgrade from a Network Manager V3.8 environment (Tivoli Integrated Portal 1.x), the ExportPackage.tar archive includes an archive called Preupgrade.tar. 3. Locate the following file: $NCHOME/precision/install/data/ExportPackage.tar. 4. Copy the compressed file to your existing Network Manager installation. If you have core and GUI components on more than one server, then copy the file to each of them. 5. Extract the file to a temporary location. Note: The temporary location must be a directory that is not the Netcool home directory $NCHOME and is not a subdirectory of $NCHOME. The files and utilities required for the upgrading and migrating process are available after extracting the compressed file. The main items that require attention are as follows: v The launchpad utility: Use this utility to start the launchpad GUI from where you can run a data collection on your previous installation. The data collected then can be exported for applying to new installations. An import utility is also provided for use on your new installation. You can use a GUI or command line to start and use this utility. Note: You can use the export utility to collect data on Network Manager versions 3.8, or 3.9 installations. v The Preupgrade.tar: Contains utilities for exporting previous GUI settings on Network Manager V3.8 and then importing them into your new installation. Note: This file is only needed for the export-import of V3.8 GUI component data. 6. Ensure that poll policy names and poll definition names are unique. In previous releases of Network Manager, a known limitation allowed duplicate poll policy names or duplicate poll definition names to be created. In Network Manager V4.1, duplicate poll policy names or poll definition names are not allowed. If you have created poll policies or poll definitions with the same name on your previous V3.8 installation, then you must rename one of each duplicate pair to make sure that each poll policy and each poll definition name is unique on your system. You must do this before performing any data export. Note: The poller must be running when you perform the rename operation. This is required for the names to be propagated appropriately to database fields requiring this information (for example, historical poll data when migrating from a V3.8 system). Chapter 3. Upgrading and migrating 113 Exporting core customization data You must collect and export your previous version's core customization data to make it available for importing to your Network Manager V4.1 installation. To use the launchpad, you need a supported browser installed on the server. Make UNIX ExportPackage.tar file from the Network sure you have copied the Manager V4.1 installation package to each server where your existing Network Manager installation has components. Note: The upgrade process does not migrate discovered topology between versions. It does, however, migrate the discovery configuration files from your previous installation. Once you have completed the upgrade process, run a new discovery to populate the NCIM database with topology data. To export core customization data, perform the following steps: 1. On each server where components of your previous version are installed, go to where you extracted ExportPackage, and run the data export script: v To run the script from the installer launchpad, start the launchpad by UNIX launchpad.sh script on UNIX, select the Preinstallation running the and Migration menu item, expand the Upgrading from an existing Network Manager section, and click Export Network Manager Data. v To run the script from the command line, run the on UNIX from the scripts subdirectory. UNIX nmExport script Note: You must run the script as the same user that installed the product. Restriction: The script does not export historical polling data. 2. Provide the answers to the prompts. Depending on the version of your previous Network Manager installation, the following data is extracted and saved into an export file in a location of your choice (.pkg on UNIX systems): v Discovery configuration data v Network views v Poll policies and poll definitions. Note: Only core component data is collected. To collect GUI component data, you must run another script, as described in “Exporting GUI customization data” on page 115. Note: The export process creates its own log files. If successful, all related log files are bundled into the .pkg export package file, making them available on the updated system. If the process fails, the package is not created and the logs are saved to the user's home directory: $HOME/itnmExportLogs. 3. If you are installing Network Manager V4.1 on a different server, copy all the exported data to that server, or servers, making the data available for importing to the new systems. 4. If you are also exporting Netcool/OMNIbus customization data, copy all the exported data to the server where you want to install Netcool/OMNIbus. Related reference: “Supported browsers for the installer launchpad” on page 36 To run the installer launchpad, you must have a supported browser installed. 114 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Exporting GUI customization data Run the GUI export script to export your previous version's GUI customization data. To use the launchpad, you need a supported browser installed on the server. Make UNIX ExportPackage.tar file from the Network sure you have copied the Manager V4.1 installation package to the server where your existing GUI components are installed. Only GUI customization data for the Network Manager GUI is migrated. Customization data for the other GUI components, Web GUI and Tivoli Common Reporting, is not migrated. Consult Web GUI and Tivoli Common Reporting information centers for instructions on migrating those GUI components. Important: If you are upgrading from Network Manager V3.8, then you must perform the following steps to exclude the migration of third-party GUI components, such as Web GUI and Tivoli Common Reporting: 1. On your Network Manager V3.8 system, edit the following file: $TIPHOME/profiles/TIPProfile/upgrade/plugins/ITNM.properties 2. In the ITNM.properties file, find the line that reads: # components included in this product The line that follows lists the GUI components that, in addition to the Network Manager GUI, will be exported by the GUI export script. 3. Update this line so that it contains no components. This ensures that no third-party components are migrated. 4. Save the ITNM.properties file. To export GUI customization data, perform the following steps: 1. On each server where GUI components of your previous system are installed, go to where you extracted ExportPackage. 2. Optional: If you are migrating from Network Manager V3.8, extract the UNIX Preupgrade.tar file to TIPHOME/profiles/TIPProfile. For example, on UNIX systems, type tar -xof Preupgrade.tar -C $TIPHOME/profiles/ TIPProfile. 3. Run the GUI data export script: v To run the script from the installer launchpad, start the launchpad by UNIX launchpad.sh script on UNIX, select the Preinstallation running the and Migration menu item, expand the Upgrading from an existing Network Manager section, and click Export Network Manager GUI Data. v To run the script from the command line, change to the scripts subdirectory of the location where you extracted ExportPackage and run the UNIX nmGuiExport: nmGuiExport -u TIP_admin -p TIP_pass -d TIP_location -n netcool_location [ -o webgui_location ] Where: – TIP_admin is the Tivoli Integrated Portal administrator user name. – TIP_pass is the Tivoli Integrated Portal administrator password. – TIP_location is the location of the Tivoli Integrated Portal installation to be migrated. – netcool_location is the location of the Netcool home directory. Chapter 3. Upgrading and migrating 115 – webgui_location is the location of the Web GUI home directory. Note: This value is optional. If no value is provided, then the script uses a default value of $NCHOME/omnibus_webgui. Note: If no values are provided, you are prompted to enter values. If the directory locations listed in the table below are not provided, then the environment variables shown in the table are used. In all cases, if the environment variable does not exist, then you are prompted to enter a location. Table 29. Directory locations required by script Directory location Environment variable Location of the Tivoli Integrated Portal installation to be migrated $TIPHOME Netcool home directory $NCHOME Location of the Tivoli Netcool/OMNIbus Web GUI home directory $NCHOME/omnibus_webgui Note: You must run the script as the same user that installed the product. The following data is extracted and saved into the TIPHOME/profiles/ TIPProfile/upgrade/data/upgradeData.zip export file: v User roles: The export saves the roles for users that existed in your source system, and applies the roles to the same user if the same user exists in V4.1. Note: Actual users defined for the V4.1 environment need to be created separately in the appropriate repository (LDAP or ObjectServer). Users created using Tivoli Integrated Portal must also be created again. v Custom Tivoli Integrated Portal Pages, Views, and Roles. The export process creates its own log files in the following directories: v TIPHOME/profiles/TIPProfile/upgrade/logs v TIPHOME/profiles/TIPProfile/logs 4. If you are installing Network Manager V4.1 GUI components on a different server, copy the upgradeData.zip export file to that server, making the data available for importing to the new system. If you are installing on separate servers, make sure you copy the relevant data to the server where you want to install the component. 116 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Related reference: “Harmless upgrade error messages” on page 149 The following error messages might appear during the upgrade but can be ignored. “Not all GUI components were exported” on page 149 During export of GUI component data, if customization data for any of the GUI components was not correctly exported then a warning is displayed. “Supported operating systems” on page 32 Network Manager is supported on the following operating systems. Related information: Tivoli Netcool/OMNIbus Web GUI V7.4 Information Center: Upgrading and migrating Click here for instructions on upgrading toWeb GUI 7.4. Tivoli Netcool/OMNIbus Web GUI V7.3.1 Information Center: Upgrading and migrating Click here for instructions on upgrading to Web GUI 7.3.1. Tivoli Common Reporting 2.1.1 Information Center: Upgrading Click here for instructions on upgrading to Tivoli Common Reporting 2.1.1. Identifying NCIM topology database customizations The upgrade scripts do not migrate customizations made to the NCIM topology database schema. However, Network Manager provides a tool to identify customizations you made on the NCIM topology database on your source Network Manager installation, so that you can recreate them in the database of the target installation. To migrate NCIM customizations, you must first use the ncp_ncim_diff.pl script to identify the differences between the NCIM topology database schema on your source installation and the default NCIM topology database schema on the source installation. These differences correspond to the cutomizations made to the NCIM topology database schema on your source system. Once the target installation is installed, you can then review the new V4.1 schema and manually update the new NCIM topology database schema with these modifications. To compare the topology database schemas: 1. Log in to your source Network Manager installation. 2. Perform the following steps: If you are migrating from V3.9: a. Change to the following directory: $NCHOME/precision/scripts/perl/ scripts b. Run the following command: ./ncp_ncim_diff.pl -domain DOMAIN -password NCIM_database_password If you are migrating from V3.8: a. Change to the following directory: ExportPackage_location/ncim Where ExportPackage_location is the location where you extracted the ExportPackage.tar archive. b. Run the following command: ./ncp_db2_ncim_diff.pl -domain DOMAIN -password NCIM_database_password -file ExportPackage_location/ncimOverview-ITNMIP3.8-FP6.xml Where: Chapter 3. Upgrading and migrating 117 v DOMAIN is the name of your source Network Manager installation's domain whose NCIM structure you want to compare to the default schema on the source installation. Ensure that the DbLogins.DOMAIN.cfg configuration file from your source installation is available so that the script has all the data it needs to connect to the source database. v ExportPackage_location//ncimOverview-ITNMIP3.8-FP6.xml is the path to the XML format file which describes the default structure of the NCIM database for the version and fixpack of your source system. This file can be found at the location where you extracted the ExportPackage.tar archive. Note: This XML file only needs to be explicitly specified if you are migrating from V3.8. The following is an example of the output of the command for a domain named NCOMS. 67 66 NCIM tables and views found in Domain NCOMS NCIM tables and views found in Default NCIM structure for ITNM v3.9 ********************************************************** Additional elements in Domain NCOMS Table CUSTOM ********************************************************** 1 differences found between for ITNM v3.9 Domain NCOMS and Default NCIM structure For more information on the ncp_ncim_diff.pl Perl script see IBM Tivoli Network Manager IP Edition Administration Guide. Related tasks: “Setting up a topology database” on page 44 You must configure an existing database or install and configure a new one to use as the topology database for Network Manager. Applying customizations from the source database If you have customized the NCIM database, you must manually update the new NCIM topology database schema with any customizations made. You must install the new database and run the Network Manager create database schema scripts to set up the tables and schemas. Before you run the ncp_ncim_diff.pl script, make sure that the DbLogins.DOMAIN.cfg files from the previous installation is available. The DbLogins.DOMAIN.cfg file contains the options for connecting to your NCIM database. Note: The migration process combined with a new discovery of the network populates the database. You only need to run ncp_ncim_diff.pl script if you have customized changes in your source database. You ran the ncp_ncim_diff.pl script to identify customizations on the source system's NCIM database as part of the task: “Identifying NCIM topology database customizations” on page 117. You must now manually apply these customizations to the NCIM topology database on the target system. 118 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide 1. Log in to your target Network Manager installation. 2. Examine the default NCIM schema on the target Network Manager installation. There might have been changes to the schema introduced between versions. For example, the default NCIM schema on Network Manager V4.1 has changed significantly from the default NCIM schema on Network Manager V3.9. If there have been changes between versions then you must take care when applying customizations to the new NCIM schema as table names and field names might have changed. For more information on the default Network Manager V4.1 NCIM topology database schema see the IBM Tivoli Network Manager IP Edition Discovery Guide. 3. Manually update the new NCIM topology database schema with the customizations reported by the script ncp_ncim_diff.pl in the task “Identifying NCIM topology database customizations” on page 117. Recreating custom pollers If custom pollers were configured on your previous system, then you must recreate these pollers manually on the target system before proceeding with the import. This ensures that all migrated poll policies are mapped to the correct poller. If the custom pollers are not present on the target system during the migration process, then the migrated poll policies will be mapped to the default poller and you would have to fix all the mappings following the migration. Note: If you need to recreate custom pollers on a non-default domain, then this domain will not yet exist on the target system. In this case first create the relevant domain and then add the custom poller to this domain. For information on how to create custom pollers, see IBM Tivoli Network Manager IP Edition Event Management Guide. Importing core customization data You can now import your previous version's core customization data. Before you can import core customization data, you must export the data from your previous installation and install version 4.1. Important: You must run ncp_mib if you have copied over custom MIBs as part of this data migration. If you do not do this then processes such as the SNMP helper, ncp_dh_snmp, will not start up when you start Network Manager. To import core customization data, perform the following tasks: 1. Log in to your previous installation as the same user that installed Network Manager. If you had a distributed setup, you must log in to each server containing components of your previous installation and repeat the following steps for each server. 2. Copy the export file (.pkg on UNIX systems) to the server where you installed Network Manager V4.1. You might have more than one export file depending on whether you had a distributed environment. 3. On your new installation, make sure that the Network Manager core components for each domain are running. To do this, use the following command on UNIX systems: itnm_start ncp -domain DOMAIN. For example, to start the NCOMS domain, type: itnm_start ncp -domain NCOMS . This ensures that Network Manager is fully initialized and the domain tables are populated. You must stop the core components again to do the import itself, as described in the next step. Chapter 3. Upgrading and migrating 119 4. Stop the Network Manager core components for each domain on your new installation using the following command on UNIX systems: itnm_stop ncp -domain DOMAIN. For example, to stop the NCOMS domain, type: itnm_stop ncp -domain NCOMS Note: If you do not specify a domain name with itnm_stop, it stops the default domain created at installation. 5. On your new installation, go to the location $NCHOME/precision/install/data/ and extract the package ExportPackage.tar. 6. Run the data import script using one of the following methods: v To run the script from the installer launchpad, start the launchpad by UNIX launchpad.sh script on UNIX, select the running the Postinstallation menu item, expand the Upgrading from an existing Network Manager section, and click Import Network Manager Data. Note: The launchpad can be found in the directory where you extracted the Network Manager installation package. v To run the script from the command line, run the on UNIX from the scripts subdirectory. UNIX nmImport script Note: You must run the script as the same user that installed the product. 7. When prompted, provide the path to the .pkg or .zip file that contains the customization data that you previously exported. 8. Answer the various other questions the import process asks. Note: The following question requires special attention: Allocate new entityIds during import [ N ] Each device in the system has an entityId. The import process can allocate new entityIds or preserve the existing entityIds. Preserving the existing entityIds is necessary when you have links to external systems that use Network Manager data, for example, Tivoli Data Warehouse. However, to preserve existing entityIds, the target system needs to be empty. If the target system is not empty (for example, due to a previous data import or discovery), preserving entityIds might become a complex operation due to potential clashes between existing entityIds and the entityIds being imported, and the results may be unpredictable. Therefore, merging of domain data is not supported. Attention: If you have a domain on the target system that has the same name as on your previous system, then make sure the domain on the target system does not contain data. Domain names cannot be changed during the migration process. Answer N[o] to this question to preserve entityIds or Y[es] to allocate new entityIds. v If you answer N[o], then the data import script performs a check to determine whether entity data already exists in the database. Data will exist in the database in the case of a previous data import or discovery. – If the check determines that entity data already exists in the database, then the script aborts with the message: System has entity data. Aborting. 120 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide If this happens, rerun the data import script and answer Y[es] to this question. This will ensure that new entityIds are allocated. – If the check determines that no entity data exists in the database, then each device in the new installation maintains the entityId from the previous installation. v If you answer Y[es], then devices are allocated new entityIds. The exported data is imported into the new installation. Your passwords are unencrypted, imported, and re-encrypted. Important: Core component data is imported, while GUI component data is imported as part of the process described in Importing GUI data. The import process creates its own log files. Logs from the import process are saved to NCHOME/log/precision: v ITNMDataImport.log v ITNMImportHistoricalData.log v get_policies.domain name.log v ITNMImportNetworkViews.log The export-import process automatically detects and recreates the domains from a previous install. The import script detects the potential domains from the previous system based on the data files. Using the domain_create.pl script, the process automatically creates domains on the new installation using the domain names from the previous system. After the domains have been created, the main topology and policy data are imported for each. The domain_create.pl script creates the discovery configuration files for the new domains in NCHOME/etc/precision using the values in the configuration files of the default domain. The import process saves the imported files in the NCHOME/etc/precision/migration directory as read-only files. You can use the imported files to manually update the newly created files in NCHOME/etc/precision. Attention: You might receive warning messages referencing deprecated data types. These warning messages indicate planned changes in data types between releases and can be ignored. The following is an example: Level: INFO Message: ncp_config command:- "/opt/IBM/tivoli/netcool/ precision/bin/ncp_config" -domain CC -read_schemas_from "/opt/IBM/tivoli/netcool/var/precision/export/importPending" -write_schemas_to "/opt/IBM/tivoli/netcool/etc/precision" -schema DiscoCollectorFinderSchema.cfg Sun Oct 3 05:48:30 2010 Warning: A generic non-fatal error has occurred found in file RivOQL.y at line 2552 - Deprecated type 'long' in OQL statement will be evaluated as type 'time' After importing your previous system data, you might need to perform manual settings on the new system. The export-import process provides guidance on what files require attention and manual editing to fully complete the upgrading and migrating process. Chapter 3. Upgrading and migrating 121 Importing core customization data - manual steps Some core customization data must be migrated manually. Migrating certain core configuration settings: Due to changes in the product and potential user customizations, you must manually migrate certain core configuration settings to the new system. Make sure you have performed a data collection and export on your previous system and have imported the data to your new installation. To perform manual migration steps: 1. Log in to your new installation. 2. Review the NCHOME/log/precision/ITNMCompareSystemsFinal.txt log file for information on what manual changes might be required. This log lists the file changes between the previous and new system, as described in the following table. Note: The following table highlights those files where editing changes are required; for example, where both the system and the user have modified the file, and hence customizations will need to be reapplied to the file. However, it is best practice to review all user modifications to check that these have been copied across correctly to the new system. In the table below, the following tagging is used. All file comparisons are performed using checksum operations: Different Following installation and execution of the migration scripts, the file present on the target system is different to the file present on the source system. Same Following installation and execution of the migration scripts, the file present on the target system is the same as the file present on the source system. System The default version of the file on the target system is different to the default version of the file on the source system. User On the source system, the file present is different to the default version of the same file. Table 30. File tagging within ITNMCompareSystemsFinal.txt Type of file change Example of file tagging in ITNMCompareSystemsFinal.txt Files that have Different,User,System,etc/precision/CtrlServices.cfg changed due to both modifications in the product across releases and customizations users have made on the previous installation. 122 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Action required? Action Yes Review these files. Any user customizations need to be reviewed and applied again manually. Table 30. File tagging within ITNMCompareSystemsFinal.txt (continued) Type of file change Example of file tagging in ITNMCompareSystemsFinal.txt Action required? Action Files that have changed due to customizations users have made on the previous installation. In addition following installation and execution of the migration scripts, the file present on the target system is different to the file present on the source system. Different,User, ,etc/precision/DbLogins.AUTO.cfg Yes Review these files. Any user customizations need to be reviewed and applied again manually. Some files are tagged this way due to the installation or migration process. For example: v DbLogins.*.cfg and ModelNcimDb.*.cfg files: Following the the V4.1 installation procedure these files are expected to have different database setting values from settings in the corresponding file on the source system. v SnmpStackSecurityInfo.*.cfg and TelnetStackPasswords.*.cfg files: As these files contain passwords, the passwords would have been deencrypted as part of the export process, and reencrypted as part of the import process. Best practice is to recreate the relevant passwords on Network Manager V4.1 and then encrypt them. This might be a system file from the previous release that was removed from the target system during the V4.1 installation process. Same, ,System, precision/aoc/BNTVirtualFabricSwitch.aoc Yes Review these files. If this is a valid file then copy it to the relevant directory on the target system. Files that existed on the old system, but that have not been migrated to the new system. Potentially Obsolete, , ,etc/precision/AmosSchema.cfg Yes Review these files. Files with this tag that are not discovery stitcher files, discovery agent files, or MIB files, might require manual migration. Files that have Different, ,System,precision/aoc/ changed only due to CiscoNonRoutingSwitch.aoc modifications within the product from one release to the next No File change is listed for information only. User modified files. Same,User, , etc/precision/DiscoScope.AUTO.cfg These files have been migrated. No File change is listed for information only. Files that have not changed. No File change is listed for information only. No File change is listed for information only. Note: Files tagged Potentially Obsolete require your attention: v These files include customized discovery stitcher files, discovery agent files, and MIB files, which are not supported by the upgrade procedure, and are consequently not imported. If you require these customizations, then you will need to implement them again later on your new system. v Files tagged Potentially Obsolete that are not discovery stitcher files, discovery agent files, or MIB files might require manual migration at this point. Check the ITNMDataImport.log for help in determining whether a file marked Potentially Obsolete requires manual migration. Same, , ,etc/precision/ClassSchema.cfg Files that did not New, , ,etc/precision/DiscoDNSHelperSchema.NCOMS.cfg exist on the previous system, but exist on the new installation. Chapter 3. Upgrading and migrating 123 Note: There are three CompareSystems files: v ITNMCompareSystemsTgt.log v ITNMCompareSystemsFinal.log v ITNMCompareSystemsFinal.txt The first two are work files and you can ignore them. The one that requires attention is only the third one, ITNMCompareSystemsFinal.txt, as described above. Tip: For a detailed report on the export-import migration process, see $NCHOME/log/precision/ITNMDataImport.log. This file is for debugging and support purposes. 3. Files from the previous installation that might require manual adjustments are archived to the locations show in the table below. Based on information in the ITNMCompareSystemsFinal.txt file, inspect and adjust settings in the following archived files as necessary: Table 31. Archived files and their locations File Location Any device class *.aoc file. Archived to: $NCHOME/precision/aoc/ migration Any stitcher *.stch file. Archived to: $NCHOME/var/precision/export/ disco/stitchers Any MIB *.mib file. Archived to: $NCHOME/var/precision/export/ mibs 124 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 31. Archived files and their locations (continued) File Location v SnmpStackSecurityInfo.DOMAIN.cfg All files archived to: $NCHOME/etc/precision/ migration v TelnetStackPasswords.DOMAIN.cfg v ModelNcimDb.DOMAIN.cfg v CtrlServices.DOMAIN.cfg Note: – If you have migrated CtrlServices.DOMAIN.cfg files that were used to configure failover, there might be a conflict between the -primaryDomain, -backupDomain, -virtualDomain, -backup, and -server command-line options in the CtrlServices.DOMAIN.cfg file, and the settings in the ConfigItnm.DOMAIN.cfg file. The command-line options in the CtrlServices.DOMAIN.cfg file take precedence, by default, and a warning will be logged. You can disable usage of a migrated CtrlServices.DOMAIN.cfg file by renaming it (for example, to CtrlServices.OLD.cfg), which causes the system to default to using the CtrlServices.cfg file. – If your migrated CtrlServices.DOMAIN.cfg file contains other customized settings for the defined processes (for example, -latency and -debug), you will need to reconfigure these settings in the default CtrlServices.cfg file. v NcoGateInserts.DOMAIN.cfg v NcoGateSchema.DOMAIN.cfg v VirtualDomainSchema.DOMAIN.cfg v DbEntityDetails.cfg Note: You must also recreate any new NCIM tables. v DiscoCollectorFinderSeeds.DOMAIN.cfg v DiscoFileFinderParseRules.DOMAIN.cfg v DiscoPingFinderSeeds.DOMAIN.cfg v DiscoScope.DOMAIN.cfg Note: If you are migrating from V3.8 then note that the DiscoSchema.DOMAIN.cfg was split into two files in Network Manager V3.9 and this remains the same in Network Manager V4.1. The insert statements in this file were moved to the new DiscoScope.DOMAIN.cfg file. This provides a way of separating any user customizations from the fixed schema definitions. 4. After you have edited the files and have made the necessary modifications, copy the files to the relevant location listed below: v Any device class *.aoc file: $NCHOME/precision/aoc/ v Any stitcher *.stch file: $NCHOME/precision/disco/stitchers/ v Any MIB *.mib file: $NCHOME/precision/mibs/ v Any of the .cfg files listed in Table 31 on page 124: $NCHOME/etc/precision If you are migrating from V3.8 then depending on your previous system setup, you might need to perform further manual tasks like adjusting multiple domain settings, copying DLA properties, manually applying poll and report settings, or reviewing event management settings and understanding the changes in the way event enrichment and correlation works in Network Manager V4.1. Chapter 3. Upgrading and migrating 125 Adding changes to the discovery database schema: The discovery schema has changed in Network Manager V4.1. You must make these changes manually. The following changes were made: v In the workingEntities database defined in DiscoSchema.cfg, a new table was added, named workingEntities.interfaceMapping. v In the translations database defined in DiscoSchema.cfg, a new field m_Name was added to the translations.ipToBaseName table. You must add these changes manually to each domain specific DiscoSchema.DOMAIN.cfg file. All DiscoSchema.DOMAIN.cfg files from the previous installation are archived to NCHOME/etc/precision/migration. You must then copy these configuration files to the parent directory, prior to restarting domains. Important: . To add these changes, perform the following steps for each domain-specific DiscoSchema.DOMAIN.cfg file in the NCHOME/etc/precision/migration directory. 1. Add the new workingEntities.interfaceMapping table by copying the following SQL statement to the correct location in the file: create table workingEntities.interfaceMapping ( m_Name text not null , // Unique name of an interface //on the network m_IfIndex int, // SNMP ifIndex m_InterfaceId text, // Interface identifier m_EntPhysIndex int, m_EntPhysName text, // // // // m_IfDescr text, // Interfaces RFC ifDescr m_IfName text, // Interfaces RFC ifName m_IfAlias text, // Interfaces RFC ifalias field m_IfType int, // Interfaces RFC ifType m_PhysAddress text, m_BaseName text not null, m_AddressSpace text // // // // // // // // // Entity MIB physical // Index if present Physical name to be populated in place of m_EntPhysIndex for those entities represented by non-ENTITY-MIB style data The MAC address for this entity if present The name of the "Base Entity" for this device The name of the address space this device is on for public it is simply null. ); create index we_interface_Index on workingEntities.interfaceMapping ( m_Name, m_PhysAddress, m_BaseName , m_IfDescr , m_IfName , m_IfAlias 2. Add the new m_Name field to the translations.ipToBaseName table within a domain specific DiscoSchema.DOMAIN.cfg file, perform the following steps: 126 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide ); a. Add the following field definition to the create table statement for the translations.ipToBaseName table: m_Name text // Name of interface with IP // if known b. Update the create index statement to the translations.ipToBaseName table so that it reads as follows: create index translations_ipToBaseName_Index on translations.ipToBaseName ( m_BaseName , m_BaseAddress , m_WorkAddress, m_Protocol, m_IpAddress , m_IsManagementIP, m_IsOutOfBand, m_Name); After you have finished importing configuration data and reconciling customizations manually, make sure you start your domains before using Network Manager. The default domain specified at installation is started when starting Network Manager, but if you have multiple domains, then start each using the itnm_start ncp -domain DOMAIN command. Migrating DLA properties: If you use the Discovery Library Adapter (DLA) to collect data on network resources and have DLA properties files that you set up on your previous system, the settings need to be migrated manually. To migrate DLA settings: 1. Log in to your new installation. 2. Go to NCHOME/var/precision/export and locate the DLA properties files the export-import process archived on your previous system and copied over. Each domain has an ncp_dla.properties.domain name file archived by the export-import process. 3. Use the archived DLA properties files for each domain to recreate the same DLA settings on your new installation: a. Go to NCHOME/precision/adapters/ncp_dla. b. Using the preconfigured ncp_dla.properties file, create an equivalent DLA properties file based on each previous domain's DLA file, naming the files after each domain, for example, ncp_dla.properties.NCOMS. c. Open the archived DLA properties file for each domain and make the same settings in the new respective domain-specific file as in the previous archived ncp_dla.properties.domain name file, thus recreating the DLA file for each respective domain on the new system. CAUTION: Do not copy-paste the previous file content as is into the new file, but copy over settings that have been modified on the previous system. The new file contains new parameters that did not exist in previous versions, and might not function properly if the content is overwritten. 4. Save and close each DLA properties file. Related tasks: “Configuring the DLA” on page 180 The Discovery Library Adapter (DLA) requires a configuration properties file in order to determine the data source to connect to, the domain to query, the target directory for Discovery Library books and logging parameters. Chapter 3. Upgrading and migrating 127 Migrating event handling customizations: If you are upgrading from V3.8 then note that event enrichment and correlation changed substantially in Network Manager V3.9. Event enrichment and correlation in Network Manager V4.1 works the same way that it works in Network Manager V3.9. If you made customizations to event management on a V3.8 installation, then you need to understand how event enrichment and correlation changed and re-implement your customizations in the new Network Manager V4.1 installation. To understand the changes and re-implement them: 1. Log in to your new installation. 2. Review the changes you made to the NcoGateSchema.DOMAIN.cfg and NcoGateInserts.DOMAIN.cfg files and make changes as necessary: a. Go to NCHOME/etc/precision/migration. b. Locate the NcoGateSchema.DOMAIN.cfg and NcoGateInserts.DOMAIN.cfg files for each domain you have made customizations. c. Understand the event tables to determine how to reapply any customizations to the config.precedence, config.eventMap, config.ncp2nco, and config.nco2ncp tables. For more information, see the IBM Tivoli Network Manager IP Edition Management Database Reference Note: The probe rules populate the NmosEventMap field of alerts.status for all Network Manager events raised by the poller. The config.precedence table entries are not required unless you wish to override the event map or change the default precedence value. 3. If you made customizations to the config.ncp2nco or config.nco2ncp tables, then read about the stitchers in the NCHOME/precision/eventGateway/stitchers directory and understand how they work in the current release in order to re-implement event enrichment customizations. For more information on stitchers, see the IBM Tivoli Network Manager IP Edition Event Management Guide Migrating poll settings: To use your previous polling customizations in version 4.1, you must define the scope for each poll policy manually after finishing the import. You do this by associating network views that contain the poll policy scope to the appropriate poll policy. Custom poll policies and poll definitions are moved to your new system by the export-import process. The scope of the poll policy (the network entities a policy is set to poll) is imported to a network view, which needs to be set manually for each policy following the migration. v In V3.8, the scope is defined by device class, device filter, and interface filter set in the poll policy. v In V3.9 and V4.1, the scope is defined by the network view it applies to and can be further refined by setting class and interface filters at the poll definition level. Poll policies can also have device filters set, but they are restricted to the mainNodeDetails table, and are aimed at providing device filtering to support the MIB Grapher and poll policies created through network views for right-click menus. In both cases, the export-import process creates network views based on your previous poll policy scopes and names the network views after the poll policy. You have to edit each poll policy and select the appropriate network view for each after 128 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide importing data to your new system. You can also select a device filter in the poll policy, or create an even more granular scope using the device class and interface filter settings of poll definitions. In V4.1, the primary method of setting a scope is by using a network view. You can assign one or more network views to a poll policy to define the device scope to be polled. To understand poll policies in V4.1, create new policies and set their scope using network views. Note: A poll policy can be associated with multiple poll definitions in V4.1, while in V3.8 you can only have one definition per policy. This can be useful, for example, when you want to poll information that is specific to the device vendor. In such cases you need to set up a poll definition for each vendor (as each vendor might have different MIBs), but have only one policy with all poll definitions added to get the data from across your network. To migrate poll settings, complete the following steps. 1. Use a Web browser to log into the Web applications on your new installation. 2. Make sure the network views exist for your system: click Availability > Network Availability > Network Views. 3. Click Administration > Network > Network Polling. 4. Select a policy that was available on your previous system by clicking the name of the poll policy. The Poll Policy Editor is displayed for the policy you selected and its settings are automatically loaded into the fields. 5. Go to the Network Views tab and select the network view with the same name as the policy. This sets the scope of the policy to the devices in the network view that is based on your previous system's settings. Note: The poll policies from your previous system that were set up for all devices will not have a network view. In such cases, make sure All Devices is selected in the Network Views tab. 6. Optional: You can further refine the scope of the policy by creating a more restricted filter in the Device Filter tab. Also, the poll definitions attached to the policy can contain more granular filtering based on device class and interface filters. Tip: If a class or interface filter was set up in your previous system for a poll policy, those settings are defined in the poll definitions in V4.1. The export-import process takes care of moving the device class settings over to the new installation by creating the device class filter setting from V3.8 at the poll definition level in V4.1. 7. Click Save. 8. Repeat the steps for each poll policy from your previous system. Chapter 3. Upgrading and migrating 129 Importing GUI customization data You can now import your previous version's GUI data. Before you can import GUI data, you must export the data from your previous installation and install version 4.1. The import of GUI data includes import of user role data. Important: Before importing GUI data, you must first create the users required for V4.1 in the appropriate repository (LDAP or ObjectServer), so that the users can be matched to the user role data that is imported as part of the GUI import. By default only GUI customization data for the Network Manager GUI is migrated. Customization data for the other GUI components, Web GUI and Tivoli Common Reporting, is not migrated. Consult Web GUI and Tivoli Common Reporting information centers for instructions on migrating those GUI components. To import GUI customization data, perform the following tasks: 1. Log in to the server where the GUI components of your previous system are installed. 2. Copy the TIPHOME/profiles/TIPProfile/upgrade/data/upgradeData.zip export file to the server where you installed Network Manager V4.1 GUI components. 3. On your new installation, go to where you placed your installation package. Note: The Tivoli Integrated Portal server must be running during the GUI data import. 4. Run the GUI data import script using one of the following methods: v To run the script from the installer launchpad, start the launchpad by UNIX launchpad.sh script on UNIX , select the running the Postinstallation menu item, expand the Upgrading from an existing Network Manager section, and click Import Network Manager GUI Data. v To run the script from the command line, change to the scripts subdirectory of the location where you extracted ExportPackage.tar, and depending on UNIX nmGuiImport as follows: your operating system, run the nmGuiImport -u TIP_admin -p TIP_pass -f path_to_zip -d TIP_location -n netcool_location [ -o webgui_location ] Where: – TIP_admin is the Tivoli Integrated Portal administrator user name. – TIP_pass is the Tivoli Integrated Portal administrator password. – path_to_zip is the path to the GUI data export.zip file. – TIP_location is the location of the Tivoli Integrated Portal installation to be migrated. – netcool_location is the location of the Netcool home directory. – webgui_location is the location of the Web GUI home directory. Note: This value is optional. If no value is provided, then the script uses a default value of $NCHOME/omnibus_webgui. Note: If no values are provided, you are prompted to enter values. If the directory locations listed in the table below are not provided, then the 130 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide environment variables shown in the table are used. In all cases, if the environment variable does not exist, then you are prompted to enter a location. Table 32. Directory locations required by script Directory location Environment variable Location of the Tivoli Integrated Portal installation to be migrated $TIPHOME Netcool home directory $NCHOME Location of the Tivoli Netcool/OMNIbus Web GUI home directory $NCHOME/omnibus_webgui Note: You must run the script as the same user that installed the product. The exported GUI data is imported into the new installation. The GUI data import process creates its own log files in the following directories: v TIPHOME/profiles/TIPProfile/logs/upgrade.log v TIPHOME/profiles/TIPProfile/logs/tipcli.log v NCHOME/log/install/itnm_gui_migration.log Note: The itnm_gui_migration.log is a migration report file, and provides information about files that are imported, backed up, and require manual reconciliation steps on the new system. After importing your previous GUI data, you must do the following: v The import of GUI data does not includes import of user group membership data. At this point you must manually add users to the appropriate user groups on your new V4.1 system. v You might need to perform manual settings on the new system. The export-import process provides guidance on what files require attention and manual editing to fully complete the upgrading and migrating process. Related reference: “Supported operating systems” on page 32 Network Manager is supported on the following operating systems. Related information: Tivoli Netcool/OMNIbus Web GUI V7.4 Information Center: Upgrading and migrating Click here for instructions on upgrading toWeb GUI 7.4. Tivoli Netcool/OMNIbus Web GUI V7.3.1 Information Center: Upgrading and migrating Click here for instructions on upgrading to Web GUI 7.3.1. Tivoli Common Reporting 2.1.1 Information Center: Upgrading Click here for instructions on upgrading to Tivoli Common Reporting 2.1.1. Chapter 3. Upgrading and migrating 131 Importing GUI customization data - manual steps Due to changes in the product, you must migrate some GUI configuration settings manually to the new system. Review the following tasks to determine what additional manual adjustments you need to make to your new system. Make sure you have performed the GUI data collection and export on your previous system and have imported the GUI data to your new installation. To ensure all GUI settings are migrated: 1. Log in to your new installation. 2. You must manually reconcile the Tivoli Integrated Portal files listed in ITNMHOME/profiles/TIPProfile/etc/tnm/migration and ITNMHOME/profiles/ TIPProfile/etc/tnm/*/migration. The archived files are saved by the export-import process. 3. Use the NCHOME/log/install/itnm_gui_migration.log migration report file to check what files require manual editing to be suitable for use on the new system. 4. Any customized WebTool under NCHOME/precision/scripts/webtools are not migrated. You must manually save them on your previous installation, and reimplement them on the new system. An example of such customization is the settings to launch into TADDM. 5. To preserve any new or customized reports from your previous installation, you must perform extra configuration steps. Related tasks: “Configuring Network Manager to start IBM Tivoli Application Dependency Discovery Manager” on page 192 Optional: To enable Network Operators to launch the IBM Tivoli Application Dependency Discovery Manager GUI from Network Manager, you must add the TADDM menu options to Network Manager. Migrating reports: If you have modified or created reports in Network Manager 3.8 or 3.9, you must migrate those reports manually. Before performing this task, you must first import the 3.8 or 3.9 GUI data, which includes the reports. The GUI data import script, nmGuiImport, puts all customized reports into the Tivoli Products > ITNM Reports report set. To migrate customized reports, complete the following steps: 1. Log in to Network Manager 4.1 and click Reporting > Common Reporting > Tivoli Products > ITNM Reports. v If this report set does not contain any new or customized reports, you do not need to do this task. You can delete the Tivoli Products > ITNM Reports report set. v If the report set does contain new or customized reports, choose which reports you want to migrate. 2. On the server where Tivoli Common Reporting is installed, navigate to the directory where the imported 3.8 or 3.9 custom report designs are located: NCHOME/../tipv2Components/TCRComponent/data/design. 3. To move a report to a 4.1 report group, run a command similar to the following: 132 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide NCHOME/../tipv2Components/TCRComponent/bin/trcmd.sh -import -design report_filename -reportSetBase destination_report_set -resourceDir ITNM41 -username admin_username -password admin_password Where v report_filename is the filename of the report to move. v destination_report_set is the 4.1 report set where you want the report to be moved to. Possible values are: – "/content/package[@name='Network Reports']" – "/content/package[@name='Network Status Reports']" – "/content/package[@name='Network Technology Reports']" – "/content/package[@name='Network Views Reports']" – "/content/package[@name='Network Reports']" Manager']/folder[@name='Asset Manager']/folder[@name='Current Manager']/folder[@name='Network Manager']/folder[@name='Network Manager']/folder[@name='Path View – "/content/package[@name='Network Manager']/ folder[@name='Performance Reports']" – "/content/package[@name='Network Manager']/folder[@name='Network Technology Reports']" – "/content/package[@name='Network Manager']/folder[@name='Summary Reports']" – "/content/package[@name='Network Manager']/ folder[@name='Troubleshooting Reports']" – "/content/package[@name='Network Manager']/folder[@name='Utility Reports']" v admin_username is the username of a Tivoli Integrated Portal administrator. v admin_password is the password for the administrative user. The following command moves a report called itnm_usa_vlan_summary to the Network Technology Reports report set: NCHOME/../tipv2Components/TCRComponent/bin/trcmd.sh -import -design itnm_usa_vlan_summary.rptdesign -reportSetBase "/content/ package[@name='Network Manager']/folder[@name='Network Technology Reports']" -resourceDir ITNM41 -username tipadmin -password netcool 4. Review the reports that you have moved into a 4.1 report set. If a report uses the ncmonitor or ncpolldata database, check the SQL commands against similar commands in the default 4.1 reports. The database schemas might have changed. Important: Any parameters that were saved with reports are not preserved. Chapter 3. Upgrading and migrating 133 Reapplying manually created topology to your discovered topology Once you have performed a network discovery for a given domain on your new installation, you must now reapply the manually created topology from that domain on your previous system to this newly discovered topology. In order to reapply manually created topology to your discovered topology, you must first retrieve files from the export process that contain details of the manually created topology. You must then reapply the changes to the network topology from your new discovery using the topology management wizards within the Network Hop View. For each discovery domain, perform the following steps: 1. On your new installation, navigate to the following location $NCHOME/var/precision/export/manualtopology. This directory contains XML files listing the devices and connections manually added to each domain on your previous system. There is one file for each domain. Each file is named as follows: ManualTopology.DOMAIN.xml Where DOMAIN is the name of relevant domain. 2. Open the XML file for the domain you want to update with manually created topology data. 3. Apply the changes to your new discovery using the topology management wizards within the Network Hop View. v You can manually add devices from any Network Hop View window. v To manually add connections, the best practice is to point the Network Hop View window to the a-end device (specified using the fromdevice attribute in the connection) and create a manual connection to the b-end device (specified using the todevice attribute). For more information on editing network topology using the topology management wizards, see the IBM Tivoli Network Manager IP Edition Network Visualization Setup Guide. The following example shows how to add a device and how to add a connection using an XML code snippet from an XML file produced by the import script. The XML code snippet below represents three manually added devices, and three manually added connections. Note: Tag entries for connections appear before entries for devices in the XML file. However, when reapplying the manual topology using the Topology Editor, you must first add all of the devices specified in the file, and subsequently add the connections. 134 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 33. XML code snippet from a manual topology file 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 <?xml version=’1.0’ standalone=’yes’?> <ManualTopology domain="DOMAIN_39" version="3.9" <Connection connectivity="Layer 3 Meshed Topology" fromdevice="aog.dom39.1" reason="reas" speed="1111" todevice="aog.dom39.2" / <Connection connectivity="Layer 3 Meshed Topology" fromdevice="aog.dom39.2" reason="" todevice="172.20.1.3" tointerface="[ GigabitEthernet0/1/0/1 ]" / <Connection connectivity="Layer 2 Topology" fromdevice="172.20.1.3" frominterface="[ Null0 ]" reason="" speed="2345" todevice="172.20.3.3" tointerface="[ Nu0 ]" / <Device entityname="aog.dom39.1" accessipaddress="192.168.11.1" accessprotocol="IPv4" classname="Cisco" description="aog.dom39.1 desc" displaylabel="aog.dom39.1" ipforwarding="forwarding" modelname="aog.dom39.1 modelname" reason="aog.dom39.1 reason" serialnumber="ser.123" syscontact="aog.dom39.1 syscont" sysdescr="aog.dom39.1 sysdesc" syslocation="aog.dom39.1 sysloc" sysname="aog.dom39.1 sysname" typename="Chassis" / <Device entityname="aog.dom39.2" accessipaddress="192.168.11.2" accessprotocol="IPv4" classname="Cisco" displaylabel="aog.dom39.2" reason="" typename="Chassis" / <Device entityname="aog.dom39.3" accessprotocol="IPv4" classname="Cisco" displaylabel="aog.dom39.3" reason="" typename="Chassis" /</ManualTopology The following table summarizes the elements and attributes in this XML code snippet: Table 34. Description of the XML code snippet from a manual topology file Line number Description 2 Domain to which this manual topology applies. 4-8 Manual connection between a manually added device "aog.dom39.1" and another manually added device "aog.dom39.2". Chapter 3. Upgrading and migrating 135 Table 34. Description of the XML code snippet from a manual topology file (continued) Line number Description 9 - 13 Manual connection between a manually added device "aog.dom39.2" and interface [ GigabitEthernet0/1/0/1 ] on discovered device 172.20.1.3. Note: The device 172.20.1.3 does not appear within a <Device> tag in this file; hence it is not a manually added device and therefore must be a discovered device. 14 - 20 Manual connection between interface [ Null0 ] on discovered device 72.20.1.3 to interface [ Nu0 ] on discovered device 172.20.3.3. Note: The device 172.20.3.3 does not appear within a <Device> tag in this file; hence it is not a manually added device and therefore must be a discovered device. 21 - 35 Manually added device aog.dom39.1. 36 -42 Manually added device aog.dom39.2. 43 - 48 Manually added device aog.dom39.3. Perform the following steps to use the topology management wizards to add the devices and connections in the example XML code snippet to the topology. 1. Click Network Availability > Network Hop View. 2. Select a network domain from the Domain drop-down list corresponding to line 2 in the example XML code above. 3. Add all the devices specified in the XML file by performing the following steps: a. Right click anywhere within Network Hop View and then click Topology Management > Add Device. b. In the Add Device wizard, add the device aog.dom39.1 by specifying the attributes listed in lines 21 to 35 of the XML file. Note: Be aware of the following: v Attributes in the XML file appear in alphabetical order. This is different to the order in which they are requested by the GUI. v The XML file might not show all attributes requested by the GUI for a given device or connection. Where attributes are missing, do not enter any values in the GUI. Complete all the wizard screens and click Finish, followed by Close. The device you added appears in the Network Hop View. For more information on editing network topology using the topology management wizards, see the IBM Tivoli Network Manager IP Edition Network Visualization Setup Guide c. Right click anywhere within Network Hop View, then click Topology Management > Add Device and add the device aog.dom39.2 by specifying the attributes listed in lines 36 to 42 of the XML file. Complete all the wizard screens and click Finish, followed by Close. The device you added appears in the Network Hop View. d. Right click anywhere within Network Hop View, then click Topology Management > Add Device and add the device aog.dom39.3 by specifying the attributes listed in lines 43 to 48 of the XML file. Complete all the wizard screens and click Finish, followed by Close. The device you added appears in the Network Hop View. 4. Add all the connections specified in the XML file by performing the following steps: 136 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide a. In the Network Hop View, navigate to a hop view that contains the device aog.dom39.1. For more information on finding device in the Network Hop View, see the IBM Tivoli Network Manager IP Edition Network Troubleshooting Guide b. Right click device aog.dom39.1 and click Topology Management > Add Connection. c. In the Add Connection wizard, add a connection from device aog.dom39.1 to device aog.dom39.2 by specifying the attributes listed in lines 4 to 8 of the XML file. Complete all the wizard screens and click Finish, followed by Recenter & Close. The connection you added appears in the Network Hop View. For more information on editing network topology using the topology management wizards, see the IBM Tivoli Network Manager IP Edition Network Visualization Setup Guide d. In the Network Hop View, ensure that you are in a hop view that contains the device aog.dom39.2, then right click device aog.dom39.2 and click Topology Management > Add Connection. Add a connection from device aog.dom39.2 to interface [ GigabitEthernet0/1/0/1 ] on device 172.20.1.3 by specifying the attributes listed in lines 9 to 13 of the XML file. Complete all the wizard screens and click Finish, followed by Recenter & Close. The connection you added appears in the Network Hop View. e. In the Network Hop View, ensure that you are in a hop view that contains the device 172.20.1.3, then right click device 172.20.1.3 and click Topology Management > Add Connection. Add a connection from interface [ Null0 ] on device 172.20.1.3 to interface [ Nu0 ] on device 172.20.3.3 by specifying the attributes listed in lines 14 to 20 of the XML file. Complete all the wizard screens and click Finish, followed by Recenter & Close. The connection you added appears in the Network Hop View. Reapplying managed status data to your discovered topology Once you have performed a network discovery for a given domain on your new installation, you must now reapply the managed status data from that domain on your previous system to this newly discovered topology. The managed status of a network entity indicates whether it is currently being managed by Network Manager; that is, whether the entity is polled by Network Manager and is considered for root-cause analysis. In order to reapply managed status data to your discovered topology, you must first retrieve files from the export process that contain details of the managed status data. You must then reapply the changes to the network topology from your new discovery using the ManageNode.pl Perl script. The following directory contains files from the export process with details of the managed status data, one file for each domain: $NCHOME/var/precision/export/managedstatus/ Each of these files contains a list of unmanaged entities, either main nodes or interfaces; these are entities that were placed into unmanaged status on your old system. The files are named using the following convention: UnmanagedEntities.DOMAIN.dat Where DOMAIN is the name of the relevant directory. For each discovery domain, perform the following steps: Chapter 3. Upgrading and migrating 137 1. On your new installation, change to the following directory: cd $NCHOME/precision/bin. 2. Run the ManageNode.pl script for the domain you want to update with managed status data. Use a command similar to the following, and point the script to the domain-specific file: ncp_perl UnmanageNode.pl -domain DOMAIN_NAME -user ncim -pwd password -noMainNodeLookup -file $NCHOME/var/precision/export/managedstatus/UnmanagedEntities.DOMAIN_NAME.dat Where: v DOMAIN_NAME is the domain you are updating with managed status data. v password is the password for the ncim user. For more information on the UnmanageNode script, see the IBM Tivoli Network Manager IP Edition Administration Guide. The script outputs the names of the main nodes and interfaces that were placed into unmanaged status. For example: ’aaa-11-12345.core.test.lab[ Lo0 ]’ unmanaged. ’bbb-22-12345.core.eu.test.lab’ unmanaged. Upgrading to latest Network Manager by reusing your existing Tivoli Integrated Portal environment Follow this procedure to reuse your existing Tivoli Integrated Portal server for the Network Manager GUI upgrades, and fully migrate all other servers in your installation to new servers. Important: You can only follow this procedure if the Tivoli Integrated Portal server on which you are performing the upgrade is on the latest supported version of Tivoli Integrated Portal. In Network Manager terms this means you can only follow this procedure if you are upgrading from Network Manager V3.9 Fixpack 3, which is certified on Tivoli Integrated Portal V2.2.0.9. Therefore if you want to follow this procedure, you must first ensure that: v You have upgraded your version of Network Manager V3.9 to Fixpack 3. v You have upgraded your version of Tivoli Integrated Portal to V2.2.0.9. Note: You cannot follow this procedure if you are upgrading from Network Manager V3.8. Reusing an existing Tivoli Integrated Portal environment: overview Use this information as a step-by-step guide to upgrading Network Manager and migrating existing settings to the upgraded version. Upgrading and migrating steps Moving to the latest version of Network Manager involves several steps. The process uses separate scripts for moving the core and the GUI component settings across to the new installation. Note: You can only perform this procedure on a distributed installation. The core components must be on a separate server to the Tivoli Integrated Portal server. Core components must be migrated side by side to a new server, while the GUI components can be migrated by reusing the existing Tivoli Integrated Portal server. 138 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide This procedure is divided into two parts: 1. Migrate core customization data from all servers other than the Tivoli Integrated Portal in your installation to new servers. This must be done using side-by-side migration. 2. Reuse your existing Tivoli Integrated Portal server and upgrade just the Network Manager GUI components on that server to V41. Use the steps in the tables below to guide you through the procedure. Note: Many of the links in the tables below take you to topics within the Full side-by-side migration section. Make sure to follow the sequence of steps in these tables rather than the sequence of topics in the Full side-by-side migration section. Migrating core customization data The following table lists the steps to perform to migrate core customization data from all servers other than the Tivoli Integrated Portal in your installation to new servers. Table 35. Migrating core customization data Action Step 1. Install Network Manager V4.1 core components only. Chapter 2, “Installing,” on page 41 2. Install IBM Tivoli Netcool/OMNIbus You can install IBM Tivoli Netcool/OMNIbus as part of your Network Manager installation. Follow the instructions in the installer launchpad to install the core components only. For information about upgrading and migrating IBM Tivoli Netcool/OMNIbus, see the IBM Tivoli Netcool/OMNIbus Installation and Deployment Guide. Note: If you installed a new instance of IBM Tivoli Netcool/OMNIbus as part of the Network Manager installation, the ObjectServer name you provided during the installation is stored in NCHOME/etc/precision/ ConfigItnm.Network_Manager_Domain_Name.cfg 3. Prepare your existing system. “Preparing for upgrade: core server” on page 141 4. Export core customization “Exporting core customization data” on page 114 data. 5. Identify NCIM topology database customizations “Identifying NCIM topology database customizations” on page 117 6. Apply customizations from the source NCIM topology database “Applying customizations from the source database” on page 118 7. Import previous core “Importing core customization data” on page 119 configuration data into your new installation. “Importing core customization data - manual steps” on page 122 8. Due to changes in the product, some core configuration settings must be migrated manually to the new system. Chapter 3. Upgrading and migrating 139 Table 35. Migrating core customization data (continued) Action Step 9. Stop and start Network Starting and stopping Network Manager Manager back end processes This enables validation of the back end Network Manager processes. Once you have started up the back end processes, check the core process log files at the following location to ensure that there are no conflicts between the migrated files and the new system. Core log files are located at: $NCHOME/log/precision Upgrading Network Manager GUI components on an existing Tivoli Integrated Portal server The following tables lists all the steps to perform to reuse your existing Tivoli Integrated Portal server and upgrade just the Network Manager GUI components on that server to V41. Table 36. Upgrading Network Manager GUI components on an existing Tivoli Integrated Portal server Action Step 1. Extract the Network Manager V41 installation package. “Extracting the installation file” on page 48 2. Prepare your existing system. “Preparing for upgrade: existing Tivoli Integrated Portal server” on page 142 3. Export GUI configuration data. “Exporting GUI customization data” on page 115 4. Uninstall Network Manager GUI components from the existing Tivoli Integrated Portal server. “Uninstalling on UNIX” on page 93 5. Install Network Manager GUI components. Specify the -t option when running the script. This removes all Network Manager portlet content from the Tivoli Integrated Portal server. “Installing Network Manager GUI components” on page 142 6. Import previous GUI “Importing GUI customization data” on page 130 configuration data into your new installation “Importing GUI customization data - manual steps” on page 132 7. Due to changes in the product, some GUI configuration settings must be migrated manually to the new system. Reapplying custom topology data The following tables lists all the steps to perform to reapply custom topology data. Perform the following steps for each desired network domain. Table 37. Reapplying custom topology data Action 1. Run a network discovery. Step For more information, see the IBM Tivoli Network Manager IP Edition Discovery Guide. 2. Reapply manually created “Reapplying manually created topology to your discovered topology” on page 134 topology to your discovered topology. 140 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 37. Reapplying custom topology data (continued) Action Step 3. Reapply managed status data to your discovered topology. “Reapplying managed status data to your discovered topology” on page 137 Preparing for upgrade: core server Prepare your existing core server for upgrade by copying over the files required for the upgrading and migrating process. The Network Manager installation package contains all files required. Prepare for the upgrade: 1. Go to the system where you installed the Web Applications (also referred to in the documentation as "GUI components") for Network Manager V4.1. v In a single server installation, this is the server where you installed Network Manager V4.1. v In a distributed installation, this is the Tivoli Integrated Portal server. 2. Locate the following file: $NCHOME/precision/install/data/ExportPackage.tar. 3. Copy the compressed file to the server on your existing Network Manager installation that contains the core components. 4. Extract the file to a temporary location. Note: The temporary location must be a directory that is not the Netcool home directory $NCHOME and is not a subdirectory of $NCHOME. The files and utilities required for the upgrading and migrating process are available after extracting the compressed file. The main items that require attention are as follows: v The launchpad utility: Use this utility to start the launchpad GUI from where you can run a data collection on your previous installation. The data collected then can be exported for applying to new installations. An import utility is also provided for use on your new installation. You can use a GUI or command line to start and use this utility. Note: You can use the export utility to collect data on Network Manager versions 3.8, or 3.9 installations. v The Preupgrade.tar: Contains utilities for exporting previous GUI settings on Network Manager V3.8 and then importing them into your new installation. Note: This file is only needed for the export-import of V3.8 GUI component data. 5. Ensure that poll policy names and poll definition names are unique. In previous releases of Network Manager, a known limitation allowed duplicate poll policy names or duplicate poll definition names to be created. In Network Manager V4.1, duplicate poll policy names or poll definition names are not allowed. If you have created poll policies or poll definitions with the same name on your previous V3.8 installation, then you must rename one of each duplicate pair to make sure that each poll policy and each poll definition name is unique on your system. You must do this before performing any data export. Chapter 3. Upgrading and migrating 141 Preparing for upgrade: existing Tivoli Integrated Portal server Prepare your existing system for upgrade by copying over the files required for the upgrading and migrating process. 1. On the Tivoli Integrated Portal server where you extracted the Network Manager V41 installation package, go to the directory where you extracted the package. 2. Run the UpdatePlugins script, as follows: ./UpdatePlugins -i location_of_extracted_install_package Where location_of_extracted_install_package is the directory where you extracted the Network Manager V41 installation package. 3. Locate the following file: $NCHOME/precision/install/data/ExportPackage.tar. 4. Extract the file to a temporary location. Installing Network Manager GUI components Install the Network Manager GUI components by running the launchpad.sh script and selecting the appropriate options 1. Go to the directory where you extracted the Network Manager V41 installation package 2. Start the installer wizard from the launchpad by running the launchpad.sh script. 3. Select the following options within the launchpad: a. In the Select Installation Location panel, set the Tivoli Network Manager installation location to the same value as in the V3.9 installation from which you are upgrading. The Tivoli Network Manager installation location on the previous system corresponds to the directory path $NCHOME/precision. b. In the Select Installation Options panel, select the following options: v Multi-server installation v Customize settings c. In the Select Components to Install panel, select the following option: Web Applications This option is another name for the Network Manager GUI components. d. In the Select Installation Directory for TIP panel, select the following option: Reuse an existing install folder, and select the directory path of an existing installation of the Tivoli Integrated Portal. e. In the Collect Tivoli Integrated Portal Reuse Details panel, specify required details for the existing Tivoli Integrated Portal server. 4. Complete the wizard panels and run the installation. Related reference: “Values for a custom installation” on page 56 Use this information to understand what values to enter in the wizard panels for a custom installation. 142 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Copying an existing V4.1 installation You can copy an existing V4.1 installation's customizations and data to another V4.1 installation. Using the export-import scripts provided with Network Manager you can make a copy of a V4.1 installation and use it recreate the same setup on a another system, restore settings later, or move from test system to a production environment. To copy an existing V4.1 installation: 1. Access the source system where you have the Network Manager installation you want to make a copy of. If you have a distributed setup, you need to access each system to collect all data. 2. Go to where you extracted the installation package. 3. Run the data export script using one of the following methods: v To run the script from the installer launchpad, start the launchpad by UNIX launchpad.sh script on UNIX, select the running the Preinstallation and Migration menu item, expand the Upgrading from an existing Network Manager section, and click Export Network Manager Data. v To run the script from the command line, run the on UNIX from the scripts subdirectory. UNIX nmExport script Note: You must run the script as the same user that installed the product. Provide the answers to the prompts. The export script extracts data and saves it to an export file in a location of your choice (.pkg on UNIX systems or .zip on Windows systems). Restriction: Historical polling data is not moved over when copying between V4.1 releases. 4. Run the GUI data export: Note: You must run the GUI data export as the same user that installed the product. v To run the script from the installer launchpad, start the launchpad by UNIX launchpad.sh script on UNIX, select the running the Preinstallation and Migration menu item, expand the Upgrading from an existing Network Manager section, and click Export Network Manager GUI Data. v To run the script from the command line, change to the scripts subdirectory of the location where you extracted ExportPackage and run the UNIX nmGuiExport: nmGuiExport -u TIP_admin -p TIP_pass -d TIP_location -n netcool_location [ -o webgui_location ] Where: – TIP_admin is the Tivoli Integrated Portal administrator user name. – TIP_pass is the Tivoli Integrated Portal administrator password. – TIP_location is the location of the Tivoli Integrated Portal installation to be migrated. – netcool_location is the location of the Netcool home directory. Chapter 3. Upgrading and migrating 143 – webgui_location is the location of the Web GUI home directory. Note: This value is optional. If no value is provided, then the script uses a default value of $NCHOME/omnibus_webgui. Note: If no values are provided, you are prompted to enter values. If the directory locations listed in the table below are not provided, then the environment variables shown in the table are used. In all cases, if the environment variable does not exist, then you are prompted to enter a location. Table 38. Directory locations required by script Directory location Environment variable Location of the Tivoli Integrated Portal installation to be migrated $TIPHOME Netcool home directory $NCHOME Location of the Tivoli Netcool/OMNIbus Web GUI home directory $NCHOME/omnibus_webgui Data is extracted to the $TIPHOME/profiles/TIPProfile/output/data.zip export file. 5. If you made customizations to your source NCIM topology database, then run the ncp_ncim_diff.pl Perl script to identify the customizations. For more information, see “Identifying NCIM topology database customizations” on page 117. 6. Log in to the Network Manager installation where you want to copy the setup. 7. On your new installation, make sure that the Network Manager core components for each domain are running. To do this, use the following command on UNIX systems: itnm_start ncp -domain DOMAIN. For example, to start the NCOMS domain, type: itnm_start ncp -domain NCOMS . This ensures that Network Manager is fully initialized and the domain tables are populated. You must stop the core components again to do the import itself, as described in the next step. 8. Stop the Network Manager core components for each domain on your new installation using the following command on UNIX systems: itnm_stop ncp -domain DOMAIN. For example, to stop the NCOMS domain, type: itnm_stop ncp -domain NCOMS Note: If you do not specify a domain name with itnm_stop, it stops the default domain created at installation. 9. If you made customizations to your source NCIM database, then manually update the new NCIM topology database schema with any customizations. For more information, see “Applying customizations from the source database” on page 118. 10. On your new installation, go to the location $NCHOME/precision/install/data/ and extract the package ExportPackage.tar. 11. Run the data import script using one of the following methods: v To run the script from the installer launchpad, start the launchpad by UNIX launchpad.sh script on UNIX, select the running the Postinstallation menu item, expand the Upgrading from an existing Network Manager section, and click Import Network Manager Data. 144 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Note: The launchpad can be found in the directory where you extracted the Network Manager installation package. v To run the script from the command line, run the on UNIX from the scripts subdirectory. UNIX nmImport script Note: You must run the script as the same user that installed the product. 12. When prompted, provide the path to the .pkg or .zip file that contains the customization data that you previously exported. 13. Answer the various other questions the import process asks to copy the data over. Note: The following question requires special attention: Allocate new entityIds during import [ N ] Each device in the system has an entityId. The import process can allocate new entityIds or preserve the existing entityIds. Preserving the existing entityIds is necessary when you have links to external systems that use Network Manager data, for example, Tivoli Data Warehouse. However, to preserve existing entityIds, the target system needs to be empty. If the target system is not empty (for example, due to a previous data import or discovery), preserving entityIds might become a complex operation due to potential clashes between existing entityIds and the entityIds being imported, and the results may be unpredictable. Therefore, merging of domain data is not supported. Attention: If you have a domain on the target system that has the same name as on your previous system, then make sure the domain on the target system does not contain data. Domain names cannot be changed during the migration process. Answer N[o] to this question to preserve entityIds or Y[es] to allocate new entityIds. v If you answer N[o], then the data import script performs a check to determine whether entity data already exists in the database. Data will exist in the database in the case of a previous data import or discovery. – If the check determines that entity data already exists in the database, then the script aborts with the message: System has entity data. Aborting. If this happens, rerun the data import script and answer Y[es] to this question. This will ensure that new entityIds are allocated. – If the check determines that no entity data exists in the database, then each device in the new installation maintains the entityId from the previous installation. v If you answer Y[es], then devices are allocated new entityIds. The import process creates its own log files. Logs from the import process are saved to NCHOME/log/precision: v ITNMDataImport.log v get_policies.domain name.log v ITNMImportNetworkViews.log The export-import process automatically detects and recreates the domains from a previous install. The import script detects the potential domains from Chapter 3. Upgrading and migrating 145 the previous system based on the data files. Using the domain_create.pl script, the process automatically creates domains on the new installation using the domain names from the previous system. After the domains have been created, the main topology and policy data are imported for each. The domain_create.pl script creates the discovery configuration files for the new domains in NCHOME/etc/precision using the values in the configuration files of the default domain. The import process saves the imported files in the NCHOME/etc/precision/migration directory as read-only files. You can use the imported files to manually update the newly created files in NCHOME/etc/precision. When copying from an existing V4.1 installation, the files can be copied directly into NCHOME/etc/precision, but they need to be given write permissions to be able to be edited from the Discovery Configuration GUI. 14. Check whether there are any files in the NCHOME/etc/precision/migration directory. Any user changes made in the files listed here might need to be reviewed and applied again manually. 15. Run the GUI data import: v To run the script from the installer launchpad, start the launchpad by UNIX launchpad.sh script on UNIX , select the running the Postinstallation menu item, expand the Upgrading from an existing Network Manager section, and click Import Network Manager GUI Data. v To run the script from the command line, change to the scripts subdirectory of the location where you extracted ExportPackage.tar, and UNIX nmGuiImport as depending on your operating system, run the follows: nmGuiImport -u TIP_admin -p TIP_pass -f path_to_zip -d TIP_location -n netcool_location [ -o webgui_location ] Where: – TIP_admin is the Tivoli Integrated Portal administrator user name. – TIP_pass is the Tivoli Integrated Portal administrator password. – path_to_zip is the path to the GUI data export.zip file. – TIP_location is the location of the Tivoli Integrated Portal installation to be migrated. – netcool_location is the location of the Netcool home directory. – webgui_location is the location of the Web GUI home directory. Note: This value is optional. If no value is provided, then the script uses a default value of $NCHOME/omnibus_webgui. Note: If no values are provided, you are prompted to enter values. If the directory locations listed in the table below are not provided, then the environment variables shown in the table are used. In all cases, if the environment variable does not exist, then you are prompted to enter a location. Table 39. Directory locations required by script 146 Directory location Environment variable Location of the Tivoli Integrated Portal installation to be migrated $TIPHOME Netcool home directory $NCHOME IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 39. Directory locations required by script (continued) Directory location Environment variable Location of the Tivoli Netcool/OMNIbus Web GUI home directory $NCHOME/omnibus_webgui Note: You must run the GUI data import as the same user that installed the product. The Tivoli Integrated Portal server must be running during the GUI data import. 16. You must manually reconcile the Tivoli Integrated Portal files listed in ITNMHOME/profiles/TIPProfile/etc/tnm/migration and ITNMHOME/profiles/ TIPProfile/etc/tnm/*/migration. The archived files are saved by the export-import process. 17. Use the NCHOME/log/install/itnm_gui_migration.log migration report file to check what files require manual editing to be suitable for use on the new system. 18. Stop and start Network Manager, including the Tivoli Integrated Portal, as described in Starting and stopping Network Manager. The default domain is started by the start process, but if you have multiple domains then start each using the itnm_start ncp -domain DOMAIN command. Troubleshooting the upgrade Use this information to how to troubleshoot errors that might occur during the installation of Network Manager. Viewing the upgrade logs Viewing the upgrade logs can be useful for troubleshooting purposes. Information about the success of the upgrade process is recorded in different log files. To view the upgrade log information, proceed as follows. Consult the appropriate upgrade log: Symptom Action The part of the upgrade that Examine the following logs on the source system: failed is the core data export. 1. Go to the home directory of the user that ran the script. For example, if the root user ran the script, then go to /root/itnmExportLogs/. 2. Examine the logs in this directory. These logs all provide information to support debugging of problems. v get_policies_DOMAIN_NAME.log v ITNMCompareSystems.log v ITNMDataExport.log v ITNMExportNetworkViews.log. This log also provides details of the network views that were exported. Chapter 3. Upgrading and migrating 147 Symptom Action The part of the upgrade that failed is the GUI data export. Examine the following logs on the source system: 1. Go to the directory $TIPHOME/profiles/TIPProfile/ logs/ 2. Examine the logs in this directory: These logs all provide information to support debugging of problems. v If upgrading from a V3.8 installation – preupgrade.log – tipExport.log v If upgrading from a V3.9 installation – tipcli.log The part of the upgrade that failed is the core data import. Examine the following logs on the target system: 1. Go to the directory $NCHOME/log/precision/. 2. Examine the logs in this directory. These logs all provide information to support debugging of problems. v get_policies_DOMAIN_NAME.log v ITNMDataImport.log v ITNMImportHistoricalData.log v ITNMImportNetworkViews.log This log also provides details of the network views that were imported. For information about core data files that might require manual modification following import to the target system. The part of the upgrade that failed is the GUI data import. Examine the following file on the target system: 1. Go to the directory $NCHOME/log/precision/. 2. Examine the following file in this directory. v ITNMCompareSystemsFinal.txt This file provides information on what manual changes might be required. Examine the following logs on the target system: 1. Go to the directory $TIPHOME/profiles/TIPProfile/ logs/. 2. Examine the following logs in this directory. These logs all provide information to support debugging of problems. v tipcli.log v upgrade.log For information about GUI data files that might require manual modification following import to the target system. 148 Examine the following file on the target system: 1. Go to the directory $NCHOME/log/install/. 2. Examine the following log in this directory. v itnm_gui_migration.log This file provides information about files that are imported, backed up, and require manual reconciliation steps on the new system. Use this file to check what files require manual editing to be suitable for use on the new system. IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Harmless upgrade error messages The following error messages might appear during the upgrade but can be ignored. Exporting GUI data The following error message occurs whenever exporting GUI data from a Tivoli Integrated Portal 2.X environment. This message can be ignored. SEVERE: An exception occurred when executing a remote binary. The executable /space/ats/tipv2/profiles/TIPProfile/upgrade/bin/exportLDAPconfig.sh /space/ats/tipv2 /space/ats/tipv2/profiles/TIPProfile/output/ConfigData returned the following code 1. Network views with duplicate names following import Following import you might find network views with duplicate names in the network view tree. When network views are migrated from a previous release, the views from the previous release are migrated, including domains with the same name. Consequently there might be multiple network view container views with the same name. You can delete duplicate views, or move sections of views into the existing views. Not all GUI components were exported During export of GUI component data, if customization data for any of the GUI components was not correctly exported then a warning is displayed. Symptoms During GUI component export, you might encounter the following combination of error and warning messages: ERROR: The TIP export of ITNMGUI did not complete successfully with error code : 5 ... Other lines of script output ... ... Other lines of script output ... ... Other lines of script output ... WARNING: The script did not export all components [ OMNIbusWebGUI ] successfully. Consult TIPHOME/profiles/TIPProfile/logs/tipcli.log for more details This means that the export of GUI components has been partially successful. The script exported all GUI components to the $TIPHOME/profiles/TIPProfile/ upgrade/data/upgradeData.zip export file, except for the component or components specified in the warning message. In the example above, all GUI components were successfully exported except for Web GUI. Causes A common causes of these errors is the following: a configuration file required by the export script is named incorrectly in the file system. Diagnosis and resolution: incorrect file name To check whether a configuration file required by the export script is named incorrectly in the file system, perform the following steps: Chapter 3. Upgrading and migrating 149 1. Review the log file $TIPHOME/profiles/TIPProfile/logs/tipcli.log and look for any messages indicating that a file was not found. For example, the following message indicates that the ITNMGUIConfiguration.properties file was not found. INFO: /space/ats/netcool/precision/integration/plugins/ITNMGUIConfiguration. properties (No such file or directory) Throwable occurred: java.io.FileNotFoundException: /space/ats/netcool/precision /integration/plugins/ITNMGUIConfiguration.properties (No such file or directory) The ITNMGUIConfiguration.properties file is required by the ITNM GUI component. In this scenario the ITNM GUI component is installed on the current server, so the expectation is that there is an error in file naming. 2. Check that the ITNMGUIConfiguration.properties file is named correctly on the filesystem. 3. If necessary, rename the file and run the GUI export script again. Poll definition classes not migrated correctly The custom data import also migrates custom poll definition data. However, some of the class settings associated with custom poll definitions might not have been migrated correctly. For example, a class might be enabled on the source system but is disabled on the target system. Symptoms Some of the class settings associated with custom poll definitions might not have been migrated correctly. For example, a class might be enabled on the source system but is disabled on the target system. Note: This is only a problem when upgrading from an earlier system to Network Manager V4.1. This problem does not occur when copying one Network Manager V4.1 to another Network Manager V4.1 system. Resolution On the target system, check the class settings for each migrated custom poll definition using the Network Polling GUI, and correct where necessary. 150 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Chapter 4. Configuring Network Manager After installing Network Manager, you must configure Network Manager for your environment and your requirements. If your environment or your requirements change at a later time, or if you want to integrate Network Manager with other products, you might need to perform additional configuration tasks. Click the following link to retrieve technotes about known configuration issues in version 3.9 of Network Manager: http://www-01.ibm.com/support/search.wss?word=ow &wfield=configure+configuration+configuring&rs=3118&tc=SSSHRK &atrn=SWVersion&atrv=3.9&ibm-go.x=18&ibm-go.y=12 Configuring integrations with other products You can set up Network Manager to work with a number of Tivoli® products. Read about necessary configuration tasks required to set up the available integrations. Related reference: “Requirements for other products” on page 30 Make sure that you meet the requirements for the products that are integrated with Network Manager. Configuring Tivoli Netcool/OMNIbus for use with Network Manager If you have installed Tivoli Netcool/OMNIbus not using the Network Manager installation, then you must perform a number of configuration tasks. Tivoli Netcool/OMNIbus handles events provided by Network Manager and other event sources, and can also be used as an authentication source. See Related information below for links to relevant topics. To use Tivoli Netcool/OMNIbus, you must modify a table in the ObjectServer. If you are running Network Manager in a FIPS 140–2 installation, you must make additional configuration to the Tivoli Netcool/OMNIbus JRE. For detailed information about Tivoli Netcool/OMNIbus, including post-installation configuration and FIPS 140–2 considerations, see the Tivoli Netcool/OMNIbus information centre at http://publib.boulder.ibm.com/ infocenter/tivihelp/v8r1/topic/com.ibm.tivoli.namomnibus.doc/welcome_ob.htm. For more information about Tivoli Netcool/OMNIbus, including post-installation configuration and FIPS 140–2 considerations, see the IBM Tivoli Netcool/OMNIbus Installation and Deployment Guide and the IBM Tivoli Netcool/OMNIbus Administration Guide. © Copyright IBM Corp. 2006, 2013 151 Related tasks: “Configuring VMM for the ObjectServer” on page 200 When your Tivoli Netcool/OMNIbus ObjectServer is in a federated repository, use the script provided with Tivoli Integrated Portal to configure the Virtual Member Manager adapter for the ObjectServer. “Configuring data source failover for the Tivoli Netcool/OMNIbus Web GUI” on page 267 If you have a failover pair of ObjectServers to which the Web GUI should connect, you can configure data source failover by using the ncwDataSourceDefinitions.xml data source configuration file in your Web GUI installation. Configuring automation for SAEs You must follow additional post-installation steps to set up the automation that supports the generation of service-affected events (SAEs). If you have a Tivoli Netcool/OMNIbus installation that is more complex than a single ObjectServer installed on the same server as Network Manager, ensure that Tivoli Netcool/OMNIbus is set up according to the Tivoli Netcool/OMNIbus Best Practices Guide, available from the Tivoli Netcool/OMNIbus Best Practices wiki. In particular, ensure that any SAE triggers only run on the acting primary aggregation ObjectServers and are disabled on all other ObjectServers. The default SAE triggers supplied with Network Manager are configured to run only on the primary aggregation Objectservers. Note: If you do not have a multi-tiered architecture, configure your single ObjectServer or ObjectServer pair for SAE following the instructions given here for aggregation layer ObjectServers. Use the following steps to set up the automation and the SAE plug-in in the Event Gateway (ncp_g_event): 1. Log into the host where Tivoli Netcool/OMNIbus is installed. Start the ObjectServers if they are not already running. 2. Stop the ncp processes, as described in Starting and stopping processes. 3. Do not configure the collection layer ObjectServers for SAE. 4. Configure the aggregation layer ObjectServers: a. Run the NCHOME/precision/scripts/drop_sae_automation.sql script to remove existing tables. To run the script, use a command line similar to the following: UNIX $NCHOME/omnibus/bin/nco_sql -server objectserver_name -user user_name -password password < $NCHOME/precision/scripts/drop_sae_automation.sql b. Ensure that the SAE automation runs only on the acting primary ObjectServer and not on the backup ObjectServer. Edit the create_sae_automation.sql file and verify or add the following line: WHEN get_prop_value(’ActingPrimary’) %= ’TRUE’ c. Run the NCHOME/precision/scripts/create_sae_automation.sql script to install the SAE trigger and add the tables, including the NmosDomainName column. To run the script, use a command line similar to the following: UNIX $NCHOME/omnibus/bin/nco_sql -server objectserver_name -user user_name -password password < $NCHOME/precision/scripts/create_sae_automation.sql d. Log on to the aggregation layer ObjectServers and enable the SAE triggers using the following command: 152 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide ALTER TRIGGER GROUP sae SET ENABLED TRUE; e. Optional: If you have an aggregation layer ObjectServer failover pair, update the mapping for the aggregation layer ObjectServers by editing the NCHOME/omnibus/etc/AGG_GATE.map file and adding CREATE statements for the tables that were just created by the create_sae_automation.sql script at the bottom of the file. For example, the CREATE statement might look like the following (note that the exact table definitions should be copied from the script to avoid errors): CREATE MAPPING EntityServiceMap ( ’NmosEntityId’ = ’@NmosEntityId’ ON INSERT ONLY, ’ServiceEntityId’ = ’@ServiceEntityId’ ON INSERT ONLY, ’NmosDomainName’ = ’@NmosDomainName’ ON INSERT ONLY ); CREATE MAPPING ServiceDetailsMap ( ’ServiceEntityId’ = ’@ServiceEntityId’ ON INSERT ONLY, ’Type’ = ’@Type’ ON INSERT ONLY, ’Name’ = ’@Name’ ON INSERT ONLY, ’Customer’ = ’@Customer’, ’NmosDomainName’ = ’@NmosDomainName’ ON INSERT ONLY ); f. Update the Gateway for the aggregation ObjectServers. Edit the NCHOME/omnibus/etc/AGG_GATE.tblrep.def file and add the following REPLICATE statements for the tables that were just created by the create_sae_automation.sql script to the bottom of the file. REPLICATE ALL FROM TABLE ’precision.entity_service’ USING MAP ’EntityServiceMap’ INTO ’precision.entity_service’; REPLICATE ALL FROM TABLE ’precision.service_details’ USING MAP ’ServiceDetailsMap’ INTO ’precision.service_details’; 5. Configure any display layer ObjectServers: a. Run the NCHOME/precision/scripts/drop_sae_automation.sql script to remove existing tables. To run the script, use a command line similar to the following: UNIX $NCHOME/omnibus/bin/nco_sql -server objectserver_name -user user_name -password password < $NCHOME/precision/scripts/drop_sae_automation.sql b. Run the NCHOME/precision/scripts/create_sae_automation.sql script to install the SAE trigger and add the tables, including the NmosDomainName column. To run the script, use a command line similar to the following: UNIX $NCHOME/omnibus/bin/nco_sql -server objectserver_name -user user_name -password password < $NCHOME/precision/scripts/create_sae_automation.sql c. Log on to the Display ObjectServers and disable the SAE triggers to prevent them running on the display layer using the following command: ALTER TRIGGER GROUP sae SET ENABLED FALSE; d. Ensure the precision.entity_service and precision.service_details tables in the display layer ObjectServer have the same schema as those in the aggregation layer ObjectServers. e. Optional: If you have a display layer ObjectServer failover pair, update the mapping for the display layer ObjectServers. Edit the NCHOME/omnibus/etc/ A_TO_D_GATE.map files and add CREATE statements for the tables that were just created by the create_sae_automation.sql script at the bottom of the Chapter 4. Configuring 153 file. This mapping must be identical to the mapping in the aggregation layer gateway. If you later change the mapping in the bi-directional gateway for the aggregation layer ObjectServers, you must replicate those changes here. CREATE MAPPING EntityServiceMap ( ’NmosEntityId’ = ’@NmosEntityId’ ON INSERT ONLY, ’ServiceEntityId’ = ’@ServiceEntityId’ ON INSERT ONLY, ’NmosDomainName’ = ’@NmosDomainName’ ON INSERT ONLY ); CREATE MAPPING ServiceDetailsMap ( ’ServiceEntityId’ = ’@ServiceEntityId’ ON INSERT ONLY, ’Type’ = ’@Type’ ON INSERT ONLY, ’Name’ = ’@Name’ ON INSERT ONLY, ’Customer’ = ’@Customer’, ’NmosDomainName’ = ’@NmosDomainName’ ON INSERT ONLY ); f. Update the Gateway for the display layer ObjectServers. Edit the NCHOME/omnibus/etc/A_TO_D_GATE.tblrep.def file and add the following REPLICATE statements for the tables that were just created by the create_sae_automation.sql script to the bottom of the file. This mapping must be identical to the mapping in the aggregation layer gateway. If you later change the mapping in the bi-directional gateway for the aggregation layer ObjectServers, you must replicate those changes here. REPLICATE ALL FROM TABLE ’precision.entity_service’ USING MAP ’EntityServiceMap’ INTO ’precision.entity_service’; REPLICATE ALL FROM TABLE ’precision.service_details’ USING MAP ’ServiceDetailsMap’ INTO ’precision.service_details’; 6. Delete all previous Network Manager events from the alerts.status table in the ObjectServers using the appropriate SQL command. 7. Restart the ObjectServer Gateways. 8. Restart the ncp processes, as described in Starting and stopping processes. Changing the Tivoli Netcool/OMNIbus Web GUI data source name To connect to a different Web GUI data source than the one specified during installation, change the data source name. To connect to a different data source than the one that you specified during installation: 1. Edit the NCHOME/etc/precision/ModelNcimDb.cfg file. 2. Change the WebTopDataSource property to the new data source name. 3. Restart the ncp_model process. 154 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Tivoli Netcool/OMNIbus Web GUI data sources: A data source is another term for an ObjectServer or ObjectServer failover pair used by the Web GUI for event information. The Tivoli Netcool/OMNIbus Web GUI was known as Netcool/Webtop in versions 2.2 and below. Some deployments contain many ObjectServers, and the Web GUI can contain events from several different ObjectServers. You can configure the Web GUI for one data source during installation. After installation, you might need to change this data source, or add new data sources. Data sources and network topology To display device status, the Network Views and the Hop View correlate the topology record for a device with any events on that device. To perform this correlation, the Web applications must have access to the name of each data source used by the Web GUI. Data sources and the NCIM database Information about the Web GUI data sources is held in the database table ncim.domainMgr in the NCIM topology database. For more information on configuring the Web GUI data sources, see the IBM Tivoli Netcool/OMNIbus Web GUI Administration and User's Guide. Configuring topology event types for the Active Event List (AEL) To integrate the topology views and filtered AEL views, the view name and type must match. If you change the defaults in the AEL, you must configure the name and type in Network Manager. In a filtered AEL view, you can configure the name and view type. If you change the view name and type from the default values of Default and global, then the AEL cannot communicate with the Network Views and right-click tools. If the default values have been changed, you must change the values on the Network Manager server to match. To edit the view name and type used for communicating with the AEL, complete the following steps: 1. Back up and edit the file topoviz.properties. 2. Change the values of the following properties: # AEL view descriptions. topoviz.webtop.view.name=Default topoviz.webtop.view.type=global Chapter 4. Configuring 155 Adding event fields To use Tivoli Netcool/OMNIbus version 7.1, you must add additional database fields to the alerts.status table and to any Tivoli Netcool/OMNIbus gateway map files. Tip: You do not need to perform this task if you are using Tivoli Netcool/OMNIbus version 7.2 or later. The required fields are as follows: NmosDomainName The name of the Network Manager domain that is managing the event. By default, this field is only populated for events which are generated by Network Manager polls. To populate this field for other event sources such as the ones from Tivoli Netcool/OMNIbus probes, you have to modify the rules files. NmosEntityId A unique numerical ID which identifies the topology entity that the event has been associated with. This field is similar to the NmosObjInst field, but contains more detailed information. For example, it can include the ID of an interface within a device. NmosManagedStatus The managed status of the network entity the event was raised for. When a network entity is unmanaged, the Network Manager polls are suspended, and events from other sources are tagged as unmanaged. This field allows you to filter out events from unmanaged entities. BSM_Identity The unique identifier of the resource from where the event originates, and is used to correlate the event to that resource in IBM Tivoli Business Service Manager (TBSM). NmosEventMap The event map name and optional precedence for the event, which indicates how Network Manager should process the event; for example, PrecisionMonitorEvent.910. The optional precedence number can be concatenated to the end of the value, following a period (.). If the precedence is not supplied, it is set to 0. Note: This value can be overridden by an explicit insertion into the Event Gateway config.precedence table, which provides the same data. To add the fields to the alert.status database table, run the following SQL script against each ObjectServer in your deployment: v UNIX $NCHOME/omnibus/bin/nco_sql -server objectserver_name -user username -password password < $NCHOME/precision/scripts/ncp_configure_omnibus.sql For more information about administering Tivoli Netcool/OMNIbus, see the IBM Tivoli Netcool/OMNIbus Administration Guide. 156 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Configuring the JRE for FIPS 140–2 mode (UNIX and Linux) To configure the Tivoli Netcool/OMNIbus JRE for FIPS 140–2 operation, change the configuration of the security properties file. You can also download and add policy files to use enhanced encryption algorithms. Configuration file changes Make the following configuration changes to the security properties file: 1. Open the $NCHOME/platform/arch/jre_1.6.7/jre/lib/security/java.security file for editing, where arch represents your operating system directory; for example, solaris2. 2. Edit the file as follows: v In the List of providers and their preference orders section, add the following lines: security.provider.1=com.ibm.fips.jsse.IBMJSSEFIPSProvider and security.provider.2=com.ibm.crypto.fips.provider.IBMJCEFIPS. For all other providers, increment the number by two, as shown in the following table, for your operating system: Operating system ® Required entries AIX and Linux security.provider.1=com.ibm.fips.jsse.IBMJSSEFIPSProvider security.provider.2=com.ibm.crypto.fips.provider.IBMJCEFIPS security.provider.3=com.ibm.jsse2.IBMJSSEProvider2 security.provider.4=com.ibm.crypto.provider.IBMJCE security.provider.5=com.ibm.security.jgss.IBMJGSSProvider security.provider.6=com.ibm.security.cert.IBMCertPath security.provider.7=com.ibm.security.sasl.IBMSASL security.provider.8=com.ibm.xml.crypto.IBMXMLCryptoProvider security.provider.9=com.ibm.xml.enc.IBMXMLEncProvider security.provider.10=org.apache.harmony.security.provider.PolicyProvider security.provider.11=com.ibm.security.jgss.mech.spnego.IBMSPNEGO security.provider.12=com.ibm.security.cmskeystore.CMSProvider Solaris and HP-UX security.provider.1=com.ibm.fips.jsse.IBMJSSEFIPSProvider security.provider.2=com.ibm.crypto.fips.provider.IBMJCEFIPS security.provider.3=com.ibm.security.jgss.IBMJGSSProvider security.provider.4=sun.security.provider.Sun security.provider.5=com.ibm.crypto.provider.IBMJCE security.provider.6=com.ibm.jsse2.IBMJSSEProvider2 security.provider.7=com.ibm.security.cert.IBMCertPath security.provider.8=com.ibm.security.sasl.IBMSASL security.provider.9=com.ibm.xml.crypto.IBMXMLCryptoProvider security.provider.10=com.ibm.xml.enc.IBMXMLEncProvider security.provider.11=com.ibm.security.jgss.mech.spnego.IBMSPNEGO security.provider.12=com.ibm.security.cmskeystore.CMSProvider v Set the default key and trust manager factory algorithms for the javax.net.ssl package: ssl.KeyManagerFactory.algorithm=IbmX509 ssl.TrustManagerFactory.algorithm=IbmX509 v Set the default SSLSocketFactory and SSLServerSocketFactory provider implementations for the javax.net.ssl package: ssl.SocketFactory.provider=com.ibm.jsse2.SSLSocketFactoryImpl ssl.ServerSocketFactory.provider=com.ibm.jsse2.SSLServerSocketFactoryImpl 3. Save and close the file. Chapter 4. Configuring 157 Enhanced encryption algorithms To enable strong encryption, you need to download and install policy files that allow this feature, from IBM developerWorks®. This involves acceptance of licensing terms. The steps to enable strong encryption are as follows: 1. Go to the developerWorks Java Technology Security Web page at http://www-106.ibm.com/developerworks/java/jdk/security/. 2. Click the Java SE 6 link. (The files are the same for JRE 1.5.n.) 3. Scroll down on the resulting page and click the IBM SDK Policy files link. 4. If you already have an IBM ID and password, click the Sign in link. Otherwise, click the Register here link to create an ID. 5. On the "Sign in" page, supply your IBM ID and password. This takes you to the "Unrestricted JCE policy files for SDK 1.4" page. 6. Select Unrestricted JCE Policy files for SDK for all newer versions and click Continue. 7. Scroll down to the License section of the resulting page and click the View license link to see the licensing terms for the download. 8. If the licensing terms are acceptable, select I agree and click the I confirm link. If the terms are not acceptable, you will not be able to enable strong encryption and should click I cancel. 9. Click the Download now link to download the unrestricted.zip file. 10. Extract the local_policy.jar and US_export_policy.jar files from the unrestricted.zip archive. 11. Save these two files to the $NCHOME/platform/arch/jre_1.6.7/jre/lib/ security directory, replacing the existing files of the same names. 12. Update the policy files on each computer, and optionally run tests. Installing and configuring probes If you did not install Tivoli Netcool/OMNIbus as part of the Network Manager installation, and you are using an existing Tivoli Netcool/OMNIbus installation, you must configure certain probes. To ensure that your Tivoli Netcool/OMNIbus installation receives events from the network, you must configure the relevant Tivoli Netcool/OMNIbus probes. At a minimum you must install and configure the SNMP probe (also known as the mttrapd probe). You can use the ConfigOMNI script, for more information, see “Configuring an existing Tivoli Netcool/OMNIbus installation on a remote server” on page 41. For more information about probe installation and configuration, see the relevant probe reference guide, available from the Information Center at http://publib.boulder.ibm.com/infocenter/tivihelp/v8r1/topic/ com.ibm.tivoli.namomnibus.doc/welcome_ptsm.htm. 158 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Installing the Knowledge Library If you did not install Tivoli Netcool/OMNIbus as part of the Network Manager installation, and you are using an existing Tivoli Netcool/OMNIbus installation, you must install the Netcool/OMNIbus Knowledge Library. The Netcool/OMNIbus Knowledge Library is a set of rules files written to a common standard and is available with your Tivoli Netcool/OMNIbus installation. You can use the ConfigOMNI script to install the library, see “ConfigOMNI command-line options” on page 43. For more information, see the Netcool/OMNIbus Knowledge Library Release Notes®. Tivoli Netcool/OMNIbus integration reference Read about settings for additional interaction between Network Manager and Tivoli Netcool/OMNIbus. Network Manager event categories: The events that are raised by Network Manager fall into two categories: events about the network being monitored and events about Network Manager processes. These events are stored in the Tivoli Netcool/OMNIbus ObjectServer. The Probe for Tivoli Netcool/OMNIbus (nco_p_ncpmonitor) is used to process and forward the event data to the alerts.status table in the ObjectServer. The following figure shows the flow of events from Network Manager to the ObjectServer. Chapter 4. Configuring 159 Event List Network events ObjectServer [alerts.status table] Probe for Tivoli Netcool/OMNIbus nco_p_ncpmonitor ncp_poller Web GUI Server Active Event List Network Manager status events Network Manager processes Network Figure 8. Flow of events from Network Manager to Tivoli Netcool/OMNIbus Network Manager network events: The Polling engine, ncp_poller, generates events about the state of the network. These events can be used to identify network problems, and are configurable by using the Network Polling GUI (go to Administration > Network > Network Polling). These events are known as network events and have the alerts.status AlertGroup field value of ITNM Monitor. Each network event is raised on a single entity, such as an interface or a chassis, and the event data is dependent on the type of poll. When network events are forwarded to the ObjectServer for insertion into the alerts.status table, they are allocated an AlertGroup value of ITNM Monitor. An unlimited set of event identifiers is available for network events. Events that are generated when an SNMP poll fails are specifically allocated an EventID value of NmosSnmpPollFail in the alerts.status table. Network events in the ObjectServer are pulled back into Network Manager through the Event Gateway to perform event enrichment, including root cause analysis. Related reference: “alerts.status fields used by Network Manager” on page 172 The alerts.status table in the ObjectServer contains status information about problems that have been detected by probes. 160 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Network Manager status events: Network Manager can generate events that show the status of various Network Manager processes. These events are known as Network Manager status events and have the alerts.status AlertGroup field value of ITNM Status. When these status events are forwarded to the ObjectServer for insertion into the alerts.status table, they are allocated an AlertGroup value of ITNM Status. Status event types A set of event identifiers is used to identify Network Manager status events by type. The following list identifies the EventId values that are inserted in the alerts.status table, and describes how each associated status event is generated. ItnmDatabaseConnection This type of event is generated to indicate loss of connection to NCIM. This event is generated by the managed status polling thread in the ncp_model process. The raising of this event depends on the time period configured in the managed status polling interval in model. A problem event is raised if the connection is lost, and a corresponding resolution event is raised if the connection is restored, or at startup to clear any failures from a previous operation. This event type allows the backup domain to take over when failover is configured. The virtual domain process reacts to this event as defined in the filter for NCIM in the NCHOME/etc/precision/VirtualDomainSchema.cfg file. ItnmDiscoAgentStatus This type of event is generated by ncp_disco when a discovery agent transitions to a new state. At the end of a discovery, an information event is forwarded to the ObjectServer, for each agent that was used during the discovery. You can use this information to identify the state of each agent. In the alerts.status table, the LocalPriObj field is used to store the name of the agent. Discovery agent events in the ObjectServer are overwritten when a subsequent discovery is run. ItnmDiscoFinderStatus This type of event is generated by ncp_disco when a discovery finder transitions to a new state. At the end of a discovery, an information event is forwarded to the ObjectServer, for each finder that was used during the discovery. You can use this information to identify which finders are running and their state. In the alerts.status table, the LocalPriObj field is used to store the name of the finder. Discovery finder events in the ObjectServer are overwritten when a subsequent discovery is run. ItnmDiscoPhase This type of event is generated by ncp_disco when the discovery process transitions to a new phase. At the end of the discovery, five information events should be present in the ObjectServer, to show the looped transitions from phase 0 (standby) to phases 1, 2, and 3 (data collection) to phase -1 (data processing). An event is raised for each of the following phase changes in a single discovery: Chapter 4. Configuring 161 v v v v v 0 to 1 1 to 2 2 to 3 3 to -1 -1 to 0 You can use this information to determine the length of each phase. In the alerts.status table, the LocalPriObj field is used to store the phase to which the discovery is transitioning, and the LocalSecObj field stores the previous phase of the discovery. Tip: The string values for the phases are also shown in the discovery log file when the ncp_disco process is run in debug mode. Discovery phase events in the ObjectServer are overwritten when a subsequent discovery is run. ItnmDiscoStitcherStatus The discovery process is made up of a data collection stage and a data processing stage, during which the topology is created. ItnmDiscoStitcherStatus events are generated by the Discovery engine, ncp_disco, when a major phase is reached in the data processing stage. At the end of the discovery, an information event is forwarded to the ObjectServer, for each major discovery stitcher that was used during the discovery. You can use this information to identify what phase in the data processing stage the discovery is in. In the alerts.status table, the LocalPriObj field is used to store the name of the stitcher corresponding to this phase. ItnmDiscoStitcherStatus events are raised when the following stitchers begin executing: v BuildFinalEntityTable v BuildContainment v BuildLayers v MergeLayers v PostLayerProcessing Subsequently events are raised during the topology creation phase when the following stitchers are run. v If ncp_disco is using the dNCIM database: – PopulateDNCIM Discovery stitcher events in the ObjectServer are overwritten when a subsequent discovery is run. ItnmEntityCreation If configured in the $NCHOME/etc/precision/ModelSchema.cfg file, this type of information event is generated by ncp_model, for each new chassis or IP interface entity (EntityType = 1) that is inserted into the NCIM database. You can configure ModelSchema.cfg by setting the value of the RaiseEntityEvent column to 1 in the INSERT statement for the model.config table. For example: create table model.config ( LingerTime int not null primary key, RaiseEntityEvent int type boolean not null, DiscoveryUpdateMode int not null, 162 // default value 3 (discoveries) // default value 0 ( off ) // default value 0 - full discovery, IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide // 1 - partial unique(LingerTime) ); insert into model.config values (3, 1, 0); Note: For the configuration changes to take effect and enable the events, the ncp_model process must be restarted. The process reads the configuration settings at start-up. ItnmEntityDeletion If configured in the $NCHOME/etc/precision/ModelSchema.cfg file, this type of information event is generated by ncp_model, for each chassis or IP interface entity (EntityType = 1) that is deleted from the NCIM database. You can configure ModelSchema.cfg by setting the value of the RaiseEntityEvent column to 1 in the INSERT statement for the model.config table, as shown in the preceding description for the ItnmEntityCreation EventId. ItnmFailover This type of event is generated by ncp_virtualdomain when a Network Manager domain within a failover pair fails over or fails back. A problem event is generated when failover occurs and a resolution event is generated on failback. In the alerts.status table, the Summary field description indicates whether the domain is the primary or backup, and whether it is in an active or a standby mode. ItnmFailoverConnection This type of event is generated by ncp_virtualdomain to indicate when the backup domain in a failover pair connects to, or disconnects from, the primary domain. When Network Manager runs in failover mode, a resolution event is generated when the primary and backup domains set up their TCP socket connection. This socket connection is required to transfer the topology updates from the primary domain because the discovery process (ncp_disco) does not run in the backup domain. If the connection is subsequently lost, a problem event is generated. Note: The status of the connection does not determine whether failover is triggered. Failover is triggered only when health check events are transferred (via the ObjectServer) across domains, and provided a socket connection has, at some point, been established. ItnmHealthChk Health check events govern Network Manager failover. Each domain in the failover pair generates health check resolution events while that domain is healthy. Health check problem events for a domain can be generated in two ways: v By the local domain: The local domain detects a failure of one of its processes, as configured in the $NCHOME/etc/precision/ VirtualDomainSchema.cfg file. v By the remote domain: One domain detects that the other domain has not generated a health check resolution event in the configured amount of time, and generates a synthetic health check problem event on behalf of the remote domain. Chapter 4. Configuring 163 When a health check problem event is generated for the primary domain, failover is initiated, and the backup domain becomes active. Health check events were previously allocated an EventID value of NcpHealthChk. For compatibility with earlier versions of Network Manager, you can substitute NcpHealthChk in place of ItnmHealthChk in the probe rules file. Note: Health check events are handled by the Network Manager Event Gateway, which requires the Node value to be the domain to which the event refers. This need not be the domain raising the event, since one domain can raise failure events on behalf of the other. ItnmMaintenanceState If configured in the $NCHOME/etc/precision/ModelSchema.cfg file, this type of event is generated by the Topology manager, ncp_model, for maintenance status changes to a chassis or an IP interface. You can configure ModelSchema.cfg by setting the value of the RaiseEntityEvent column to 1 in the INSERT statement for the model.config table, as shown in the preceding description for the ItnmEntityCreation event. A problem event is generated when the chassis or IP interface entity is in maintenance, and a resolution event is generated when the entity is out of maintenance. Note: An individual interface event is sent only if the change does not apply at the chassis level; when a device changes, a chassis event and a series of interface events are not collectively generated. ItnmServiceState This type of event is generated when a process starts or ends, and signifies whether a process has failed to start or has stopped during runtime. (Note that process state events are not generated when processes are stopped at system shutdown.) A resolution event is generated when ncp_ctrl starts a process. If a process fails to start or if it stops during runtime, a problem event is generated. In the alerts.status table, the Summary field description includes the process name, the PID, and an indication of whether the process has: v Started (and successfully initialized) v Stopped (that is, it has been deleted from the ncp_ctrl database table named services.inTray) v Terminated (that is, it stopped, but will be restarted by ncp_ctrl) v Failed to start v Failed and will not be restarted (that is, it stopped and the number of retries configured for the process has been exceeded) ItnmTopologyUpdated This type of information event is generated by ncp_model when the update of the NCIM topology database is completed at the end of a discovery cycle. This information is useful if you intend to program scripts or procedures to run after the NCIM database is updated. Note: If the feedback option is on, or large subnets are pinged, there might be multiple discovery cycles and thus multiple events of this type, one 164 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide event for each discovery cycle. To determine if discovery has finally finished, the following OQL query can be made to the Ping Finder service: select * from pingFinder.status where m_Completed <> 1; This query looks for any subnets that the Ping finder is still pinging. If there are no outstanding ping sweeps and the discovery is in phase 0, this means that the discovery is complete. Related concepts: “About failover” on page 241 In your Network Manager environment, a failover architecture can be used to configure your system for high availability, minimizing the impact of computer or network failure. Related tasks: “Enabling failover” on page 241 You can enable failover in your Network Manager environment to ensure that the different components are kept running and available. Related reference: “alerts.status fields used by Network Manager” on page 172 The alerts.status table in the ObjectServer contains status information about problems that have been detected by probes. Configuration of the Probe for Tivoli Netcool/OMNIbus: The Probe for Tivoli Netcool/OMNIbus (nco_p_ncpmonitor) acquires and processes the events that are generated by Network Manager polls and processes, and forwards these events to the ObjectServer. The Probe for Tivoli Netcool/OMNIbus is installed in the $NCHOME/probes/arch directory, where arch represents an operating system directory. You can configure the probe by using its configuration files, which are as follows: v Properties file: nco_p_ncpmonitor.props v Rules file: nco_p_ncpmonitor.rules Note: The executable file (or nco_p_ncpmonitor command) for the probe is also installed in the $NCHOME/probes/arch directory. The probe is, however, configured to run under the domain process controller CTRL, by default, and the nco_p_ncpmonitor command should be run manually only for troubleshooting purposes. The events raised in Network Manager are domain-specific. When Network Manager runs in failover mode, the probe uses the virtual domain name by default, provided the name is configured in the $NCHOME/etc/precision/ ConfigItnm.cfg file. For more information about probe concepts, see the IBM Tivoli Netcool/OMNIbus Probe and Gateway Guide in the Tivoli Netcool/OMNIbus information centre at http://publib.boulder.ibm.com/infocenter/tivihelp/v8r1/topic/ com.ibm.tivoli.nam.doc/welcome_ob.htm. Chapter 4. Configuring 165 Related tasks: “Configuring failover using the ConfigItnm.cfg file” on page 270 When you use the $NCHOME/etc/precision/ConfigItnm.DOMAIN.cfg file to configure failover, the Network Manager processes will read the file on startup to identify whether they are running in the primary or backup domain. About the nco_p_ncpmonitor.props file: The $NCHOME/probes/arch/nco_p_ncpmonitor.props file defines the environment in which the Probe for Tivoli Netcool/OMNIbus runs. The properties file is formed of name-value pairs that are separated by a colon. The default properties file lists a subset of the properties that the probe supports; these properties are commented out with a number sign (#) at the beginning of the line. The standard set of common probe properties, which are applicable for the version of Tivoli Netcool/OMNIbus being run, can be specified for the Probe for Tivoli Netcool/OMNIbus, where relevant. A suggested practice for changing the default values of the properties is that you add a name-value line for each required property at the bottom of the file. To specify a property, ensure that the line is uncommented and then modify the value as required. String values must be enclosed in quotation marks; other values do not require quotation marks. For example: Server RulesFile Buffering BufferSize : : : : "VIRTUAL" "$NCHOME/probes/solaris2/nco_p_ncpmonitor.rules" 1 15 For troubleshooting purposes, you can alternatively configure probe properties from the command line by running the nco_p_ncpmonitor command with the relevant command-line options. For information about the properties that are common to probes, see the IBM Tivoli Netcool/OMNIbus Probe and Gateway Guide in the Tivoli Netcool/OMNIbus information centre at http://publib.boulder.ibm.com/infocenter/tivihelp/v8r1/ topic/com.ibm.tivoli.nam.doc/welcome_ob.htm. About the nco_p_ncpmonitor.rules file: The $NCHOME/probes/arch/nco_p_ncpmonitor.rules file defines how the Probe for Tivoli Netcool/OMNIbus should process Network Manager event data to create a meaningful Tivoli Netcool/OMNIbus event. nco_p_ncpmonitor.rules configuration reference: The rules file maps Network Manager event data to ObjectServer fields, and can be used to customize the behavior of the probe. Knowledge of the Tivoli Netcool/OMNIbus probe rules syntax is required for rules file configuration. The probe uses tokens and elements, and applies rules, to transform Network Manager event source data into a format that the ObjectServer can recognize. The raw event source data is converted to tokens, which are then parsed into elements. The rules file is used to perform conditional processing on the elements, and to map them to ObjectServer alerts.status fields. In the rules file, elements are 166 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide identified by the $ symbol and alerts.status fields are identified by the @ symbol. The rules file configuration maps elements to fields, as shown in the following sample code: @Summary=$Description In this example, @Summary identifies the alerts.status field, and $Description identifies the Network Manager input field. Where the Network Manager ExtraInfo field is used with nested fields to store additional data on entities (for example, ExtraInfo->ifIndex), these fields are available in the following format in the rules file: $ExtraInfo_variable Where variable represents a Management Information Base (MIB) variable (for example, ifIndex), or other data (for example, column names in NCIM tables). MIB variables are specified in mixed case characters, and other data, in uppercase characters. For example: $ExtraInfo_ifIndex $ExtraInfo_MONITOREDENTITYID To configure the rules file for the Probe for Tivoli Netcool/OMNIbus, it is necessary to have an understanding of: v The Network Manager event source data that is available for use in the probe rules file v The set of alerts.status fields that can be populated with event data from Network Manager v The data mapping between the Network Manager and alerts.status fields For information about the syntax used in probe rules files, see the IBM Tivoli Netcool/OMNIbus Probe and Gateway Guide in the Tivoli Netcool/OMNIbus information centre at http://publib.boulder.ibm.com/infocenter/tivihelp/v8r1/ topic/com.ibm.tivoli.nam.doc/welcome_ob.htm. Example of rules file processing: This example shows how source data from Network Manager is processed by the rules file to generate the output data that is inserted in the alerts.status table. The following sample code shows a Network Manager event data record that is passed to the Probe for Tivoli Netcool/OMNIbus for processing. In this record, a resolution event was created when ncp_ctrl started the ncp_store process. { EventName=’ItnmServiceState’; Severity=1; EntityName=’BACKUP’; Description=’ncp_store process [15299] has started’; ExtraInfo={ EVENTTYPE=2; SOURCE=’ncp_ctrl’; ALERTGROUP=’ITNM Status’; EVENTMAP=’ItnmStatus’; SERVICE=’ncp_store’; PID=15299; }; } Chapter 4. Configuring 167 The following excerpt from the probe rules file shows the syntax used to process and map these input fields to alerts.status fields: ... # # populate some standard fields # @Severity = $Severity @Summary = $Description @EventId = $EventName @Type = $ExtraInfo_EVENTTYPE @AlertGroup = $ExtraInfo_ALERTGROUP @NmosEventMap = $ExtraInfo_EVENTMAP @Agent = $ExtraInfo_SOURCE if (exists($ExtraInfo_ACCESSIPADDRESS)) { @Node = $ExtraInfo_ACCESSIPADDRESS } else { @Node = $EntityName } # # Stamp the event with the name of its originating domain # @NmosDomainName = $Domain @Manager = "ITNM" @Class = 8000 # # populate fields for RCA # @LocalNodeAlias = @Node ... # # Now set the AlertKey and Identifier # if (match(@AlertGroup, "ITNM Status")) { switch ($EventName) { case ... ... case "ItnmServiceState": @LocalPriObj = $ExtraInfo_SERVICE ... case ... .... } } # # Both the Identifier and the AlertKey contain the domain name. This ensures # that in a multi-domain setup, events are handled on a per-domain basis # # # Include the LocalPriObj in the AlertKey or the link-downs on # all interfaces will cleared by a link-up on any interface # @AlertKey = $EntityName + @LocalPriObj + "->" + $EventName + @NmosDomainName # # Set up deduplication identifier and include the LocalPriObj # so we can correctly handle de-duplication of events raised on interfaces # @Identifier = $EntityName + @LocalPriObj + "->" + $EventName + @Type + @NmosDomainName } When rules file processing is complete, the output data that is forwarded to the ObjectServer takes the following form: 168 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide CMonitorProbeApp::ProcessStatusEvent { AlertGroup=’ITNM Status’; EventId=’ItnmServiceState’; Type=2; Severity=1; Summary=’ncp_store process [15299] has started’; Node=’BACKUP’; NmosDomainName=’PRIMARY’; LocalNodeAlias=’BACKUP’; LocalPriObj=’ncp_store’; LocalRootObj=’’; RemoteNodeAlias=’’; AlertKey=’BACKUPncp_store->ItnmServiceStateVIRTUAL’; Identifier=’BACKUPncp_store->ItnmServiceState2VIRTUAL’; Class=8000; Agent=’ncp_ctrl’; LastOccurrence=1267122089; } Based on the rules file processing in this example, it can be seen that the Network Manager input fields map to the alerts.status fields as follows: Network Manager field alerts.status field EventName EventId Severity Severity EntityName Node Description Summary ExtraInfo->EVENTTYPE Type ExtraInfo->SOURCE Agent ExtraInfo->ALERTGROUP AlertGroup ExtraInfo->EVENTMAP NmosEventMap ExtraInfo->SERVICE LocalPriObj Related reference: “alerts.status fields used by Network Manager” on page 172 The alerts.status table in the ObjectServer contains status information about problems that have been detected by probes. Network Manager event data fields: When events are generated in Network Manager, the event data is inserted into a number of fields (or columns) in the Network Manager tables. Although each event uses only a subset of the possible fields, a number of fields are common to all event types. The following table lists all the Network Manager field names that are available for use in the probe rules file, and describes the event data stored in each field. The table also identifies which of the Network Manager fields are common to all events, and therefore always available in the rules file. Table 40. Network Manager fields that populate events Network Manager field name Field content Always available? Description A brief description of the event. Yes Chapter 4. Configuring 169 Table 40. Network Manager fields that populate events (continued) Network Manager field name Field content Always available? Domain The current domain. Yes (provided the map file is not modified) If Network Manager is configured for failover mode, this will be the primary domain. EntityName For network events, this is the entityName field from the NCIM entityData table for the entity against which the event is raised. Yes For status events, this is always the name of the domain about which the event is generated. EventName The event identifier. For example, ItnmDiscoPhase. Yes ExtraInfo_ACCESSIPADDRESS If the main node or interface entity identified No by the EntityName input field has a directly-accessible IP address (the accessIPAddress field from the NCIM interface or chassis tables), then it is supplied here. Applicable to network events only. ExtraInfo_AGENT The agent responsible for a discovery agent (ItnmDiscoAgentStatus) event. Yes (for ItnmDiscoAgentStatus events) ExtraInfo_ALERTGROUP The alert group of the event. For Network Manager status events, the alert group is ITNM Status, and for network events, the value is ITNM Monitor. Yes ExtraInfo_ENTITYCLASS The name of class assigned to the entity, as identified the NCIM entityClass and classMembers tables. Yes (for network and ItnmEntityCreation events) ExtraInfo_ENTITYTYPE The type of the entity, as defined in the NCIM entityType table. Yes (for network events) ExtraInfo_LocalPriObj Provides a value for the LocalPriObj field in the alerts.status record. This field has the same value as the deprecated ExtraInfo_EventSnmpIndex field, except that it is prefixed by an identifier for the MIB entity being polled; for example ifEntry, bgpPeerEntry. Yes (for network events) ExtraInfo_EVENTTYPE The type of the event raised by Network Manager. The values are as follows: Yes v 1: Problem v 2: Resolution v 13: Information ExtraInfo_FINDER The finder responsible for a discovery finder (ItnmDiscoFinderStatus) event. ExtraInfo_ifIndex For events raised against an interface with No an ifIndex value in the NCIM interface table, that value is given here. Applicable only to network events against interfaces. 170 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Yes (for ItnmDiscoFinderStatus events) Table 40. Network Manager fields that populate events (continued) Network Manager field name Field content Always available? ExtraInfo_IFALIAS For events raised against interfaces, this field No contains the ifAlias value, if known. Applicable only to network interface polls. ExtraInfo_IFDESCR For events raised against interfaces, this field No contains the ifDescr value, if known. Applicable only to network interface polls. ExtraInfo_IFNAME For events raised against interfaces, this field No contains the ifName value, if known. Applicable only to network interface polls. ExtraInfo_IFTYPESTRING For events raised against interfaces, this field No contains the string representation of the ifType value. Applicable only to network interface polls. ExtraInfo_MAINNODEADDRESS The management interface of the main node containing the entity, as identified by the accessIPAddress field of the NCIM chassis table. Applicable only to network and ItnmEntityCreation events. Yes (for network events) ExtraInfo_MAINNODEENTITYID The entityId field from the NCIM entityData table for the main node, as identified by the accessIPAddress field of the NCIM chassis table. Applicable only to network events. Yes (for network events) ExtraInfo_MAINNODEENTITYNAME The entityName field from the NCIM entityData table for the main node, as identified in NCIM. Applicable only to network events. Yes (for network events) ExtraInfo_MONITOREDENTITYID The entityId field from the NCIM entityData No table for the entity against which the event is raised. Applicable only to network and ItnmEntityCreation events. ExtraInfo_MONITOREDINSTID A record in the ncpolldata.monitoredInstance No table. ExtraInfo_NEWPHASE The discovery phase that has started. Applicable only to discovery phase (ItnmDiscoPhase) events. Yes (for discovery phase events) ExtraInfo_OLDPHASE The discovery phase that has completed. Applicable only to discovery phase (ItnmDiscoPhase) events. Yes (for discovery phase events) ExtraInfo_POLICYNAME The name of the polling policy that resulted in the event. Yes (for network events) ExtraInfo_PID The process ID of the affected Network Manager service. Applicable only to ItnmServiceState events. Yes (for service state events) ExtraInfo_REMOTEDOMAIN The name of the remote domain. Applicable only to ItnmFailoverConnection events. Yes (for failover connection events) ExtraInfo_sysContact If available, the sysContact value is given for No ItnmEntityCreation events only. ExtraInfo_sysLocation If available, the sysLocation value is given for ItnmEntityCreation events only No Chapter 4. Configuring 171 Table 40. Network Manager fields that populate events (continued) Network Manager field name Field content Always available? ExtraInfo_sysObjectId If available, the sysObjectId value is given for ItnmEntityCreation events only No ExtraInfo_SERVICE The name of the affected Network Manager service. Applicable only to ItnmServiceState events. Yes (for service state events) ExtraInfo_SNMPSTATUS A numerical SNMP status code. Yes (for NmosSnmpPollFail events) ExtraInfo_SNMPSTATUSSTRING A human-readable indication of the SNMP failure state. Yes (for NmosSnmpPollFail events) ExtraInfo_SOURCE The name of the process from which the event originated. Yes ExtraInfo_STITCHER The stitcher responsible for a discovery stitcher (ItnmDiscoStitcherStatus) event. Yes (for ItnmDiscoStitcherStatus events) Severity The severity level of the event. The severity is a non-zero value. Yes Related reference: “Network Manager network events” on page 160 The Polling engine, ncp_poller, generates events about the state of the network. These events can be used to identify network problems, and are configurable by using the Network Polling GUI (go to Administration > Network > Network Polling). These events are known as network events and have the alerts.status AlertGroup field value of ITNM Monitor. “Network Manager status events” on page 161 Network Manager can generate events that show the status of various Network Manager processes. These events are known as Network Manager status events and have the alerts.status AlertGroup field value of ITNM Status. alerts.status fields used by Network Manager: The alerts.status table in the ObjectServer contains status information about problems that have been detected by probes. A subset of the standard alerts.status fields is populated with Network Manager event data. Additionally, a set of dedicated alerts.status fields are reserved to hold data that is specific to Network Manager. The dedicated alerts.status field names are identifiable by the prefix Nmos. The following table describes the alerts.status fields that are populated by Network Manager fields. Some of these alerts.status fields are allocated default values from within the probe rules file. (Avoid modifying these default values.) 172 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 41. alerts.status fields used by Network Manager Network Manager field name/Default value in rules file alerts.status field Data type Description Agent varchar(64) The name of the process that generated the event. You can use this field to filter an AEL to display only events of a specific type; for example, only discovery events (with a value of ncp_disco). ExtraInfo_SOURCE AlertGroup varchar(255) Used to group events by type. Values supplied by default from Network Manager events are either ITNM Monitor for network events, or ITNM Status for status events. ExtraInfo_ALERTGROUP AlertKey varchar(255) A text string concatenating several elements relating to the event. Elements can include the event ID, domain, phase, and process name. Allows problem and resolution events to be matched. This value is generated from the input to ensure appropriate matching of problem and resolution events within the ObjectServer. Class integer The alert class asigned to the Probe for A value of 8000 is reserved for Tivoli Netcool/OMNIbus. events generated by Network Manager. EventId varchar(255) EventName The type of event (for example, SNMPTRAP-linkDown). The Event Gateway uses this value to look up the event map, and to determine the precedence of events. ExpireTime integer The expiry time of the event in the database. Not currently used by Network Manager. FirstOccurrence time A timestamp indicating when the event first occurred. Identifier varchar(255) A unique value for each type of event on a given entity (for example, a LinkDown event on a specific device interface). This identifier controls deduplication. LastOccurrence time A timestamp indicating when the event last occurred. LocalNodeAlias varchar(64) For network events, this field is set The IP or DNS address of the device. This value usually refers to the chassis, to the same value as the Node field. but for pingFails only, can correspond No value is set for status events, to to the interface. ensure that they are not fed back into Network Manager through the Event Gateway. This value is generated from the input to ensure appropriate deduplication of events in the ObjectServer. In the rules file, the identifier is constructed as a concatenation of field values. Chapter 4. Configuring 173 Table 41. alerts.status fields used by Network Manager (continued) alerts.status field Data type Description LocalPriObj varchar(255) The specific entity for which the event is generated; for example, the ifIndex, ifDescr, or ifPhysAddress field value. Network Manager field name/Default value in rules file ExtraInfo_AGENT or ExtraInfo_FINDER or ExtraInfo_ifIndex or ExtraInfo_NEWPHASE or ExtraInfo_SERVICE or ExtraInfo_STITCHER The ExtraInfo_ifIndex value is shown using the syntax ifEntry.<ifIndex>; for example, ifEntry.12. LocalRootObj varchar(255) The container of the entity referenced in the LocalPriObj field. This need not be the chassis, but could, for example, be slot in a chassis. The chassis can still be identified using LocalNodeAlias. LocalSecObj varchar(255) The secondary object referenced by the ExtraInfo_OLDPHASE event. Manager varchar(64) A descriptive name that identifies the system that forwarded the events. A value of ITNM is used for events generated by Network Manager V3.8, or later. A value of Omnibus is used in earlier versions. NmosCauseType integer The event state. Populated by the NMOS gateway. The possible values are as follows: v 0: Unknown v 1: Root Cause v 2: Symptom NmosDomainName varchar(64) The name of the Network Manager network domain that raised the event. The name of the primary domain is used in failover mode. By default, this field is populated only for events that are generated by Network Manager. To populate this field for other event sources, such as those from other probes, you must modify the rules files for those probes. This field is populated by the Event Gateway if an event is matched to an entity in a domain. 174 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Domain Table 41. alerts.status fields used by Network Manager (continued) Network Manager field name/Default value in rules file alerts.status field Data type Description NmosEntityId integer ExtraInfo_MONITOREDENTITYID The unique Object ID that identifies the topology entity with which the event is associated. This field is similar to the NmosObjInst field but contains more detailed information. For example, this field can include the ID of an interface within a device. For events generated by the Polling engine, the NmosEntityId field is populated in the probe rules file. For all other events, this field is populated by the gateway when the entity is identified. NmosEventMap varchar(64) The event map name and optional precedence for the event, which indicates how Network Manager should process the event; for example, PrecisionMonitorEvent.910. The optional precedence number can be concatenated to the end of the value, following a period (.). If the precedence is not supplied, it is set to 0. Note: This value can be overridden by an explicit insertion into the Event Gateway config.precedence table, which provides the same data. NmosManagedStatus integer The managed status of the network entity for which the event was raised. When a network entity is unmanaged, the Network Manager polls are suspended and events from other sources are tagged as unmanaged. This field allows you to filter out events from unmanaged entities. The possible values for this field are as follows: v 0: Managed v 1: Operator unmanaged v 2: System unmanaged v 3: Out of scope NmosObjInst integer The unique Object ID that identifies the containing topology chassis entity with which the event is associated. Populated by the NMOS gateway. Tip: This field can be used to detect whether the event has been passed for event enrichment. NmosSerial integer The serial number of the event that is suppressing the current event. Populated by the NMOS gateway. Chapter 4. Configuring 175 Table 41. alerts.status fields used by Network Manager (continued) Network Manager field name/Default value in rules file alerts.status field Data type Description Node varchar(64) The device from which the event originated. If an event is raised against an entity with an accessible IP address, the IP address is used. Otherwise, the entityName value from NCIM is used. By default, Node has the same value as LocalNodeAlias. ExtraInfo_ACCESSIPADDRESS or EntityName ExtraInfo_MAINNODEADDRESS NodeAlias varchar(64) The IP address of the main node, if available. RemoteNodeAlias varchar(64) The network address of a remote node, where relevant. For example: The EntityName value maps to the Node field only if the ExtraInfo_ACCESSIPADDRESS input field is empty. v A blank value (where an interface has gone down) v A neighbouring address (where a connected interface has gone down) v The polling station (for a ping failure event) Serial incr A unique ID per event per ObjectServer instance. Where primary and backup ObjectServers are configured, the ObjectServers will have different serial numbers for the same event. ServerName varchar(64) The name of the originating ObjectServer. ServerSerial integer The Serial number of the event in the originating ObjectServer. Where primary and backup ObjectServers are configured, the ObjectServers will have different serial numbers for the same event. If the event originated in the current ObjectServer, the ServerSerial value is the same as the Serial value. Severity integer The severity level of the event stored in the ObjectServer. The default values are as follows: Severity v 0: Clear (GREEN) v 1: Indeterminate (PURPLE) v 2: Warning (BLUE) v 3: Minor (YELLOW) v 4: Major (ORANGE) v 5: Critical (RED) StateChange time A timestamp indicating when the event was last modified. This field can be used to determine whether a process is modifying an event after it has been added to the ObjectServer. Summary varchar(255) A textual description of the event. 176 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Description Table 41. alerts.status fields used by Network Manager (continued) alerts.status field Data type Description Tally integer A count of the number of times that an event has occurred. This value is displayed in the Count column in the event list or AEL, and in the Occurred column in the mojo.events table. Type integer The type of the alert. The values of particular relevance to Network Manager are Network Manager field name/Default value in rules file ExtraInfo_EVENTTYPE v 1: Problem v 2: Resolution v 13: Information For more information about the alerts.status table, see the IBM Tivoli Netcool/OMNIbus Administration Guide in the Tivoli Netcool/OMNIbus information centre at http://publib.boulder.ibm.com/infocenter/tivihelp/v8r1/topic/ com.ibm.tivoli.nam.doc/welcome_ob.htm. Related reference: “Network Manager network events” on page 160 The Polling engine, ncp_poller, generates events about the state of the network. These events can be used to identify network problems, and are configurable by using the Network Polling GUI (go to Administration > Network > Network Polling). These events are known as network events and have the alerts.status AlertGroup field value of ITNM Monitor. “Network Manager status events” on page 161 Network Manager can generate events that show the status of various Network Manager processes. These events are known as Network Manager status events and have the alerts.status AlertGroup field value of ITNM Status. Tivoli Netcool/OMNIbus automations added by Network Manager: Network Manager provides a number of Tivoli Netcool/OMNIbus automations. Each automation performs different tasks within the Network Manager installation. To enable an automation, use the Tivoli Netcool/OMNIbus Administrator GUI. The following table describes the Tivoli Netcool/OMNIbus automations installed by Network Manager. Chapter 4. Configuring 177 Table 42. Tivoli Netcool/OMNIbus automations added by Network Manager Added during installation? Default status Yes Enabled Suppresses events from connected devices Yes where the connected device is in a different domain. This automation is triggered whenever an event is updated by the Event Gateway. Restriction: Network Manager only models connections across network domains in MPLS networks between provider-edge and customer edge devices and in BGP networks between BGP peers. Disabled Automation Description severity_from_ causetype Sets the severity of events in the ObjectServer alerts.status table based on the value of NmosCauseType, an enumerated field that contains the results of the Network Manager root cause analysis (RCA) calculations. Possible values for the NmosCauseType field are: v 0 - Unknown v 1 - Root Cause v 2 - Symptom suppress_cross_ domain_connections In order for the automation to work, the two network devices must be connected at layer 3 on a /30 subnet, that is, a subnet with only two hosts. Each device must also be discovered in a different network domain and the existence of its companion device must have been inferred during discovery. This means that in each domain an inferred customer-edge device or an inferred BGP peer entity must have been created. update_service_ affecting_events 178 No Generates service-affected events (SAEs) when it encounters network events on service-supporting entities. Following each discovery the SAE plugins to the Event Gateway analyse the updated topology and update the ObjectServer with the a list of entities that support services. This information enables the automation to generate service-affected events when it encounters network events on service-supporting entities. IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Not applicable Configuring integration with Netcool Configuration Manager To add network configuration and policy management capabilities to your network management solution, set up Network Manager and Tivoli Netcool/OMNIbus to work with IBM Tivoli Netcool Configuration Manager. You can configure integration between Network Manager, Tivoli Netcool/OMNIbus, and Netcool Configuration Manager. For more information, go to http://publib.boulder.ibm.com/infocenter/tivihelp/v8r1/topic/ com.ibm.tivoli.ncm.doc/welcome_itncm.htm, select your Netcool Configuration Manager version, and see the Integrating Netcool Configuration Manager with Network Manager and Tivoli Netcool/OMNIbus topics. Alternatively, you can download the PDF version, titled IBM Tivoli Netcool Configuration Manager Integration Guide. Exporting discovery data to CCMDB, TADDM, and TBSM Configure and use the Discovery Library Adapter (DLA) to collect data on network resources and relationships from Network Manager for import into other systems. The DLA collects data from Network Manager and creates XML Discovery Library books (also known as Identity Markup Language, or IdML books) that contain data on the discovered resources and their relationships known to the system. The books conform to the Tivoli Common Data Model (CDM) version 2.10.10. For more information on the Tivoli CDM, go to http://www.redbooks.ibm.com/abstracts/ redp4389.html. The Discovery Library books can be imported into other systems for which a Discovery Library Reader exists. The DLA supports both IPv4 and IPv6. Note: To load Discovery Library (IdML) books containing information about virtual machines into TADDM, you must have TADDM 7.2.1 Fix Pack 1 or later. The DLA is installed by default with Network Manager on the GUI server. It is installed into the following directory: $NCHOME/precision/adapters/ncp_dla. Prerequisites for use Before you configure and use the Discovery Library Adapter (DLA), make sure the prerequisites are met. v A successful Network Manager network discovery has been performed and the Network Connectivity and Inventory Model (NCIM) database has been populated. v The DLA uses the GUI server connection pool by default. If you want to use a different NCIM database than the one provided during installation, then you must have the access credentials for that NCIM database. v You must have a working knowledge of how the product you want to integrate with is deployed. – For more information about IBM Tivoli Application Dependency Discovery Manager, see the Information Center at the following Web address: http://publib.boulder.ibm.com/infocenter/tivihelp/v10r1/index.jsp?topic= %2Fcom.ibm.taddm.doc_7.2%2Fwelcome_page%2Fwelcome.html – For more information about IBM Tivoli Business Service Manager, see the Information Center at the following Web address: http://publib.boulder.ibm.com/infocenter/tivihelp/v3r1/topic/ com.ibm.tivoli.itbsm.doc/welcome.htm Chapter 4. Configuring 179 – For more information about IBM Tivoli Change and Configuration Management Database, see the Information Center at the following Web address: http://publib.boulder.ibm.com/infocenter/tivihelp/v10r1/index.jsp?topic=/ com.ibm.ccmdb.doc_7.1.1/ccmdb_welcome.htm Configuring the DLA The Discovery Library Adapter (DLA) requires a configuration properties file in order to determine the data source to connect to, the domain to query, the target directory for Discovery Library books and logging parameters. You need to configure the DLA properties if you have a separate GUI server or if you want to use the DLA with a different NCIM instance than the default provided during installation. A preconfigured ncp_dla.properties configuration file is provided in the DLA installation directory at $NCHOME/precision/adapters/ncp_dla. The presence of 'XXXXXX' or <'word'> in the configuration file indicates that the parameter should be specified by the user. The configuration file provides useful defaults for most options but make sure to replace them with values appropriate for your environment. Note: By default, the NCIM access parameters required to use the DLA are derived from the Network Manager GUI access pool. This setting is specified by the ncp.dla.datasource.autoConnect parameter, where the default value is “true”. If you change this value to “false,” you must specify values for the parameters listed in step 6 on page 181. Setting how to connect to the NCIM database manually is useful when the connection pool cannot be accessed or if you want to use a different NCIM instance than the default provided during installation. 1. Go to $NCHOME/precision/adapters/ncp_dla and copy the ncp_dla.properties file to a domain-specific version by appending the name of the file with the domain name, for example, ncp_dla.properties.NCOMS. 2. Specify the Network Manager domain name by assigning a value to the ncp.dla.precisionDomain property. The default domain name is “NCOMS.” 3. Optional: You can set the path to a temporary directory the DLA should use while generating the output if you do not want it to use the operating system's default temporary directory. Use the ncp.dla.scratchDirectory parameter to set the full path to a writable temporary directory, for example ncp.dla.scratchDirectory=/opt/space/temp. 4. Optional: You can set what CDM objects you want to have data generated for. Use the ncp.dla.generationFilter parameter to specify the values in a comma-separated list. The possible values are as follows: v ComputerSystem - generates the following data for devices: – ComputerSystem – SnmpSystemGroup – OperatingSystem – IpInterface for IpDevice, devices with no SNMP access – Router – Bridge v Networking - generates the following data for networks: – L2Interface – IpInterface 180 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide – IpV4Address – IpV6Address – IpNetwork v Physical - generates the following data for physical classes: – PowerSupply – Fan – Chassis – Sensor – PhysicalPackage – Card For example, to generate system and network connectivity-related data, add the following values to the parameter: ncp_dla.generationFilter=ComputerSystem,Networking 5. Optional: You can define the URL to use for the contextual launching into other systems. Set the ncp.dla.contextualLaunchURL parameter to the topology value you want to launch into, and specify the host name and port for the Topoviz topology server. The default is to launch into the Hop View. For example, to set up the contextual launch into the Structure Browser: ncp.dla.contextualLaunchURL=https://hostname:16316/ibm/console/ ncp_structureview/Launch.do?entityId= 6. Optional: If you change the value of the ncp.dla.datasource.autoConnect to “false,” specify the RDBMS access details by editing the following parameters that define the database that the DLA connects to for generating Discovery Library books: ncp.dla.datasource.type Specify the RDBMS type, the default is DB2: v DB2 DB2 ncp.dla.datasource.driver Specify the JDBC driver to use: v DB2 com.ibm.db2.jcc.DB2Driver ncp.dla.datasource.url Specify the JDBC URL for connecting to the NCIM database: v DB2 jdbc:db2://host_name:port_number/database_name ncp.dla.datasource.schema The database schema name, typically “ncim” ncp.dla.datasource.username The database username, typically “ncim” ncp.dla.datasource.password The database user password ncp.dla.datasource.encrypted Whether the database password is encrypted [true|false] If set to true, you must specify a valid value for ncp.dla.datasource.keyFile, and you must use the encrypted password referenced in your ITNMHOME/profiles/TIPProfile/etc/tnm/ tnm.properties file. Chapter 4. Configuring 181 ncp.dla.datasource.keyFile Specify the full path and name of the cryptographic key file that is used in the ITNMHOME/profiles/TIPProfile/etc/tnm/tnm.properties file. ncp.dla.datasource.loginTimeout The login timeout, default 5 seconds 7. Optional: You can limit the scope of data collection to one or more network views by setting the ncp.dla.network.view parameter to filter the data of selected network views only. Using standard SQL operators, define an SQL segment that is appended to the networkView.name field during the DLA query. The parameter must have a value starting with one of the following SQL operators: v = v <> v != v IN v NOT IN v LIKE v NOT LIKE For example, the following defines the scope to use only the BGP Networks network view for the scope of the data collection: ncp.dla.network.view==’BGP Networks’ Note: The DLA does not support double quotation marks. Everything after the initial equal sign in the previous example is part of the value defined, even the second equal (=) sign. Another example is the following where the scope for the data collection is defined as any network view containing the name Cisco (notice the standard SQL wildcard character % used): ncp.dla.network.view=LIKE ’Cisco%’ 8. Specify how the Discovery Library books generated by the DLA should be transferred by specifying the following parameter: ncp.dla.datasink.type How Discovery Library books are transferred. Options are as follows: FILE The Discovery Library books are locally copied to the target directory /opt/IBM/tivoli/netcool/var/precision/ccmdb. If you specify this option, skip step 9 and proceed to step 10 on page 183. FTP The Discovery Library books are transferred to a remote server by FTP. If you specify this option, you must complete step 9 ncp.dla.datasink.targetDirectory The target directory for Discovery Library book files Note: If you are running the DLA on a server other than the GUI server and want to place the generated books that server, you can specify the connection parameters in the ncp_dla.properties file by uncommenting and editing the parameters around ncp.dla.datasink.targetDirectory. 9. Optional: If you specified the option FTP for the ncp.dla.datasink.type property, specify the following additional parameters: 182 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide ncp.dla.datasink.server The IP address or hostname of the remote FTP server. ncp.dla.datasink.port The TCP port to use, default 21 ncp.dla.datasink.binary Whether binary FTP transfers should be used [true|false] ncp.dla.datasink.passive Whether passive FTP transfers should be made [true|false] ncp.dla.datasink.username The FTP username to use ncp.dla.datasink.password The FTP user password to use ncp.dla.datasink.encrypted Whether or not the FTP password is encrypted [true|false] ncp.dla.datasink.keyFile Specify the full path and name of the cryptographic key file that is used in the $ITNMHOME/profiles/TIPProfile/etc/tnm/tnm.properties file. 10. Specify the debug level of the DLA by specifying a value for the log4j.rootLogger property. The following values are permitted; the default value is FATAL: v DEBUG v INFO v WARN v ERROR v FATAL 11. Specify the full path and name of the DLA log file by specifying a value for the log4j.appender.FILE.file property. The default is dla.log. The log file is written to the DLA installation directory. 12. Optional: The deprecated ncp.dla.validateComputerSystemFqdn property defines whether to validate the names of entities discovered by Network Manager as fully-qualified domain-names. CAUTION: Do not change value. This property has been deprecated and is no longer used in Network Manager versions 3.9 and later. This property can take one of the following values: True This is the default value. Entity names are validated. The DLA adds Fqdn attributes to ComputerSystem instances only if the device name is a valid fully-qualified domain-name. No validation takes place. The DLA adds Fqdn attributes to ComputerSystem instances irrespective of whether the device name is a valid fully-qualified domain-name. 13. Create a copy of the edited configuration file, giving the file a name of your choice. 14. Create a copy of the configuration for each Network Manager domain for which you want to create Discovery Library books. False Chapter 4. Configuring 183 Remember: Create a configuration file for each Network Manager domain you want to generate Discovery Library books for, and append the name of the configuration file with the domain name (for example, ncp_dla.properties.NCOMS). If you want to start the IBM Tivoli Application Dependency Discovery Manager GUIs from the Network Manager, complete the additional configuration tasks to add a menu option to the Network Manager GUIs, and add the Network Manager JSP inventory report to TADDM. Related reference: “Network Manager status events” on page 161 Network Manager can generate events that show the status of various Network Manager processes. These events are known as Network Manager status events and have the alerts.status AlertGroup field value of ITNM Status. Creating a Discovery Library book To create a Discovery Library book, run the Discovery Library Adapter (DLA) with the appropriate DLA properties file. Before you can run the DLA, the DLA properties file must have been configured correctly The DLA has two modes of operation: Primary mode Generates Discovery Library books by querying the Network Connectivity and Inventory Model (NCIM) database for the domain identified in the specified configuration file. Import mode Provides a means of importing IBM Tivoli Application Dependency Discovery Manager GUIDs back into the NCIM database, so that the TADDM UI can be opened from Network Manager. 1. Change to the DLA installation directory on the Network Manager GUI components server; the default is $NCHOME/precision/adapters/ncp_dla. 2. Run the Discovery Library Adapter (DLA) and reference the appropriate DLA properties file for your domain to create a Discovery Library book: v UNIX ./ncp_dla.sh ncp_dla.properties.domain_name See “Example” for an example of running the command and the system response. Example The following example shows how to run the DLA, and the system response: [[email protected]]# ./ncp_dla.sh ncp_dla.properties.NCOMS ncp_DLA ( IBM Tivoli Network Manager IP Edition - Discovery Library Adapter ) Copyright (C) 1997 - 2013 By IBM Corporation. All Rights Reserved. See product license for details. [IDML Generation Mode] Initializing... WARNING: user.install.root not defined, using /opt/IBM/tivoli/netcool /precision/profiles/TIPProfile Loading properties from /opt/IBM/tivoli/netcool/precision/profiles /TIPProfile/etc/tnm/tnm.properties FINE: database.type = db2 FINE: database.dbname = ITNM 184 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide FINE: database.jdbc.url = null FINE: database.host = abc.test.ibm.com FINE: database.port = 50000 FINE: database.username = ncim FINE: database.connection.defaultFetchSize = null FINE: database.connection.propertiesFile = null FINE: Getting encrypted password Jun 3, 2013 9:15:09 AM DbConnectionPool getJdbcURL FINE: JDBC URL = jdbc:db2://abc.test.ibm.com:50000/ITNM INFO: HNMXB0006I=JDBC Driver: com.ibm.db2.jcc.DB2Driver INFO: HNMXB0007I=JDBC URL : jdbc:db2://abc.test.ibm.com:50000/ITNM INFO: HNMXB0007I=JDBC URL : jdbc:db2://abc.test.ibm.com:50000/ITNM Jun 3, 2013 9:15:10 AM DbConnectionPool getConnection FINEST: Connection Pool READ has size 0 Working on ITNM domain ’NCOMS’... Processing 142 ComputerSystem(s)... % Complete: 0...10...20...30...40...50...60...70...80...90...100 Writing IDML Book to ’/tmp/dla/ITNMIP39.9.42.16.62.2013-06-03T13.15.11.579Z. refresh.xml’... Shutting down... Finished. Related tasks: “Loading Discovery Library books and enabling bidirectional launch” on page 190 You need to load the Discovery Library (IdML) book into TADDM to make the book information available to TADDM. Importing the book also enables bidirectional contextual launch. Fine-tuning the data export To provide a more consumable set of resources and relationships to other systems from Network Manager, you can fine-tune the DLA data collection and export. Fine-tuning of the Network Manager data export allows TADDM and other Discovery Library (IdML) book consumers to import only the resources and relationships needed to build the appropriate linkage between commonly managed resources. Also, having only the required data can significantly expedite the export-import process. To set up a more fine-tuned data collection and export, perform the following steps: 1. Discover the network using Network Manager, as described in Discovering the network. 2. Run the itnmTagNetworkEdgeEntities.pl tagging utility to identify network edge entities, as described in “Identifying network edge entities” on page 186. 3. Create a filtered network view that only displays the edge of the network, as described in “Creating a filtered network view for the edge of the network” on page 187. 4. Edit the DLA properties file ncp_dla.properties.domain_name to include the name of the filtered network view you created, and to ensure you have set the ncp.dla.generationFilter parameter as described in “Editing the DLA properties file for edge entities” on page 188. 5. Run the adaptor to create the Discovery Library book, as described in “Creating a Discovery Library book for network edge data” on page 189. Chapter 4. Configuring 185 Identifying network edge entities: Use the itnmTagNetworkEdgeEntities.pl utility to tag discovered entities such as ports and interfaces as being on the edge of the network. For most cases, you can run the utility to automatically tag entities considered to be on the network edge, which then identifies end-nodes such as hosts and servers that provide or consume services. Ensure Network Manager has successfully discovered your network. End-nodes must be discovered before you can use the -autoEndNodeTags option with the itnmTagNetworkEdgeEntities.pl utility. To run the utility to automatically tag the entities considered as being on the edge of the network in a domain: 1. Go to NHCOME/precision/scripts/perl/scripts. 2. Run itnmTagNetworkEdgeEntities.pl with the -autoEndNodeTags command-line option for the domain in which you want entities to be tagged. This automatically includes end-nodes and the routers and switches directly connected to end-nodes. For example, to automatically tag interfaces considered to be on the edge of the network in the domain called NCOMS, enter: v UNIX $NCHOME/precision/bin/ncp_perl itnmTagNetworkEdgeEntities.pl -domain NCOMS -autoEndNodeTags 3. Optional: You can use the -includeNextHop option with the -autoEndNodeTags option to go one hop further from the edge entities. Using the -includeNextHop option automatically includes the edge entities that are included when using only the -autoEndNodeTags, plus any routers or switches directly connected to the edge entities. For example, to automatically tag such interfaces, enter: v UNIX $NCHOME/precision/bin/ncp_perl itnmTagNetworkEdgeEntities.pl -domain NCOMS -autoEndNodeTags -includeNextHop 4. Optional: You can also determine what devices you want the utility to consider as a network edge device based on the number of connections the device has. Use the -autoDegreeTags option to tag devices as being on the network edge if they have a certain number of connections. If you only use the -autoDegreeTags option on its own, the default is to consider all devices with one connection as being on the network edge. If you want to specify a larger connection number, use the -autoDegreeTags option and the -degree n option together, where n is the maximum number of connections. For example, running the following setting tags all devices with less than or equal to 2 connections: v UNIX $NCHOME/precision/bin/ncp_perl itnmTagNetworkEdgeEntities.pl -domain NCOMS -autoDegreeTags -degree 2 Note: The -autoDegreeTags option cannot be used in conjunction with the -autoEndNodeTags option. The -autoDegreeTags option mode allows you to include devices as part of the edge of the network that are not considered end-node devices by the -autoEndNodeTags option. It also provides the flexibility to filter out and identify devices that have up to a specific number of connections. 5. Optional: You can further refine the tagging by setting a number of options, such as excluding or including specific devices from being tagged or including devices that have no SNMP access but have Layer 2 connections. For further information on all the options available, view the utility help by typing: 186 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide v UNIX $NCHOME/precision/bin/ncp_perl itnmTagNetworkEdgeEntities.pl -help The utility adds an entityDetails->NetworkEdge=1 attribute in the ncimCache.entityData database. Now, you can create a filtered network view that only displays the edge of your network. Creating a filtered network view for the edge of the network: Create a filtered network view that only displays the edge of the network in the domain based on the tagging performed by the itnmTagNetworkEdgeEntities.pl utility. Tip: You can also use this filtered network view to visualize and monitor the edge of your network, and to see what data is exported using the DLA. To create a filtered view of the edge of your network: 1. Click Availability > Network Availability > Network Views > Libraries. Click . New View 2. Complete the General tab as follows: Name Type a name for the network view, dynamic view, or network view container. Important: It is best practice to use network view names containing Latin characters only. Network views names containing non-Latin characters (for example Cyrillic characters) are not supported as they cannot be imported and exported when migrating to a new version of Network Manager. Parent Select the node under which the view appears in the hierarchy in the Navigation Tree. To display the view on the top level, select NONE. Type Select Filtered. Layout Select Orthogonal, Circular, Symmetric, Hierarchical, or Tabular layout. Map Icon If you want a different icon than the default icon to represent the view, click Browse to browse for an icon. Tree Icon If you want a different icon than the default icon to represent the view, click Browse to browse for an icon. Background Image Click Browse for the view. to browse for an image to use as the background Chapter 4. Configuring 187 Background Style Specify whether the background image is to be centered or tiled. Line Status Specify how the lines that represent the links between devices should be rendered. You can choose not to display any status, or to display the system default. Alternatively, lines can be colored based on the associated AEL event with the highest severity, and can appear with an additional severity icon. 3. Set up the filter as follows: a. Click the Filter tab. b. From the Domain list, select the domain where you ran the tagging utility. c. In the Table column, select the entityDetails attribute d. In the Filter column, type keyName = 'NetworkEdge' and keyValue = '1'. 4. Set End Nodes to Include 5. Set Connectivity to Layer 2. 6. Click Ok and then Save. You now need to include the name of this network view in the DLA properties file for the domain. Editing the DLA properties file for edge entities: Edit the ncp_dla.properties file for the domain to include the name of the filtered network view you created and to make sure you have set up the right data generation parameters. To edit the file: 1. Go to the default ncp_dla.properties configuration file in the DLA installation directory at $NCHOME/precision/adapters/ncp_dla, or to where your DLA properties file for the domain is. 2. Open the ncp_dla.properties.domain_name file. 3. Locate the ncp.dla.network.view parameter and add the name of the filtered network view you created. For example, the filtered view called “Edge” would need to be added to this property as follows: ncp.dla.network.view==’Edge’ Note: The use of the double equality sign (==) as relational operator is intentional. 4. Set the ncp.dla.generationFilter parameter to ComputerSystem and Networking. Specify the values in a comma-separated list as follows: ncp_dla.generationFilter=ComputerSystem,Networking 5. Save and close the file. Now, you can run the DLA with the updated DLA properties file to export a subset of the Network Manager network data. Related tasks: “Configuring the DLA” on page 180 The Discovery Library Adapter (DLA) requires a configuration properties file in order to determine the data source to connect to, the domain to query, the target directory for Discovery Library books and logging parameters. 188 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Creating a Discovery Library book for network edge data: You can use the Discovery Library Adapter (DLA) to create the Discovery Library book containing only the data for your network edge entities. Make sure you have edited the ncp_dla.properties file for the domain to include the name of the filtered network view containing the network edge entities. To create a DLA book containing network edge data: 1. Change to the DLA installation directory on the Network Manager GUI components server; the default is $NCHOME/precision/adapters/ncp_dla. 2. Run the Discovery Library Adapter (DLA) to generate the book XML file with data on the tagged network edge entities: v UNIX ./ncp_dla.sh ncp_dla.properties.domain_name For example, to run the adaptor for the domain called NCOMS, enter the following: ./ncp_dla.sh ncp_dla.properties.NCOMS The following example shows the system response for running the adaptor for the NCOMS domain: ncp_DLA ( IBM Tivoli Network Manager IP Edition - Discovery Library Adapter ) Copyright (C) 1997 - 2011 By IBM Corporation. All Rights Reserved. See product license for details. [IDML Generation Mode] Initializing... Will use the following Network View(s) filter : =’FILTER’ Working on ITNM domain ’NCOMS’... Processing 1148 IP Network(s)... % Complete: 0...10...20...30...40...50...60...70...80...90...100 Processing 772 ComputerSystem(s)... % Complete: 0...10...20...30...40...50...60...70...80...90...100 Processing 1 Topology(s)... Processing 2535 Connection(s)... % Complete: 0...10...20...30...40...50...60...70...80...90...100 Writing IDML Book to ’/opt/netcool/itnm39017/netcool/var/precision/ccmdb /ITNMIP39.9.180.209.195.2010-10-05T13.33.37.314Z.refresh.xml’... Shutting down... Finished. The result is an XML file that contains the devices participating in the filtered network view previously created and specified in the ncp_dla.properties file for the domain. The content of the XML file depends on the configuration of the DLA properties file. The XML file contains Common Data Model (CDM) Segments that describe how devices are connected from the perspective of a given Network Manager port or interface. The process removes duplicates and normalizes connection details. For more information on Segments, please refer to the Tivoli Common Data Model (CDM) documentation available at http://www.redbooks.ibm.com/abstracts/ redp4389.html. The following examples show parts of the XML file output. The interface chosen to be the segment identity is highlighted in bold, including each instance it is referenced. v Example of a point-to-multipoint connection from the perspective of the interface chosen to be the starting point for a segment: Chapter 4. Configuring 189 <cdm:net.Segment id="SegmentVia_359525_L2Interface" > <cdm:Name>Layer 2 Segment via 359525_L2Interface</cdm:Name> <cdm:ManagedSystemName>itnmSgmnt:359525_L2Interface </cdm:ManagedSystemName> </cdm:net.Segment> <cdm:networks source="SegmentVia_359525_L2Interface" target="359525_L2Interface" /> <cdm:networks source="SegmentVia_359525_L2Interface" target="358156_L2Interface" /> <cdm:networks source="SegmentVia_359525_L2Interface" target="404607_L2Interface" /> <cdm:networks source="SegmentVia_359525_L2Interface" target="358221_L2Interface" /> <cdm:networks source="SegmentVia_359525_L2Interface" target="358185_L2Interface" /> <cdm:networks source="SegmentVia_359525_L2Interface" target="404595_L2Interface" /> <cdm:networks source="SegmentVia_359525_L2Interface" target="358107_L2Interface" /> <cdm:networks source="SegmentVia_359525_L2Interface" target="357775_L2Interface" /> <cdm:networks source="SegmentVia_359525_L2Interface" target="358232_L2Interface" /> <cdm:networks source="SegmentVia_359525_L2Interface" target="404589_L2Interface" /> <cdm:networks source="SegmentVia_359525_L2Interface" target="358300_L2Interface" /> v Example of a simple point-to-point connection: <cdm:net.Segment id="SegmentVia_355664_L2Interface" > <cdm:Name>Layer 2 Segment via 355664_L2Interface</cdm:Name> <cdm:ManagedSystemName>itnmSgmnt:355664_L2Interface </cdm:ManagedSystemName> </cdm:net.Segment> <cdm:networks source="SegmentVia_355664_L2Interface" target="355664_L2Interface" /> <cdm:networks source="SegmentVia_355664_L2Interface" target="357336_L2Interface" /> Loading Discovery Library books and enabling bidirectional launch You need to load the Discovery Library (IdML) book into TADDM to make the book information available to TADDM. Importing the book also enables bidirectional contextual launch. As well as being able to launch the IBM Tivoli Application Dependency Discovery Manager GUI from Network Manager, you can also configure TADDM to launch the Network Manager GUI. To load Discovery Library books into TADDM and set up bidirectional contextual launch: 1. Create a Discovery Library book. 2. If required, transfer the Discovery Library book file to your TADDM server. 3. As the TADDM user, run the bulk load process to import the Discovery Library book. For example: user@host% cd $COLLATION_HOME/bin user@host% ./loadidml.sh -x -f full path to and full name of discovery library book file Attention: You must include the full path to the discovery library book file, together with the full file name only if the book is in a different directory. 190 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide 4. Import the TADDM GUIDs into the NCIM database (see related tasks later in this section). Related tasks: “Creating a Discovery Library book” on page 184 To create a Discovery Library book, run the Discovery Library Adapter (DLA) with the appropriate DLA properties file. “Importing IBM Tivoli Application Dependency Discovery Manager GUIDs into the NCIM database” on page 193 Optional: To enable users to open the IBM Tivoli Application Dependency Discovery Manager UI from Network Manager, import the TADDM GUIDs into the entityGUIDCache table of the Network Connectivity and Inventory Model (NCIM) database. Configuring IBM Tivoli Application Dependency Discovery Manager to start Network Manager Optional: To view a summary of the resources that Network Manager exports to IBM Tivoli Application Dependency Discovery Manager and, from there, open Network Manager, you must add a JSP report. Important: If you are using an earlier version of TADDM than 7.2.1 Fix Pack 1, follow these instructions to install and configure the JSP report. However, if you are using version 7.2.1 Fix Pack 1 or later, ignore these steps. In version 7.2.1 Fix Pack 1 and later the report to show Network Manager inventory and provide the launch in context to Network Manager is installed (or updated if already exists) by the TADDM installation. For more information, see the TADDM documentation at http://publib.boulder.ibm.com/infocenter/tivihelp/v46r1/topic/ com.ibm.taddm.doc_721fp1/welcome_page/welcome.html. The JSP report is provided; to use the report, the files must be copied to the correct location on your TADDM server. 1. Log in to the TADDM server. 2. Ensure the $COLLATION_HOME environment variable is set appropriately. 3. Copy the dla_install_directory/integration/itnm_inventory.jsp file from the Network Manager GUI components server to the $COLLATION_HOME/deploytomcat/reports/WEB-INF/view directory on the TADDM server. 4. Copy the two GIF files (tivoli.gif and ibm_logo.gif) in dla_install_directory/integration/itnm_images directory from the Network Manager GUI components server to the $COLLATION_HOME/deploy-tomcat/ images directory on the TADDM server. 5. Stop your TADDM server. 6. Edit the $COLLATION_HOME/etc/cdm/xml/reports.xml file by adding the following section before the closing </beans> tag: <bean class="com.collation.cdm.reports.viewer.JspReportViewer" id="ITNMInventoryReport"> <property name="reportGroup"> <value>Inventory Reports </value> </property> <property name="reportName"> <value>ITNM IP Inventory Report </value> </property> <!-- START NON-TRANSLATABLE --> <property name="jsp"> Chapter 4. Configuring 191 <value>/WEB-INF/view/itnm_inventory.jsp</value> </property> <!-- END NON-TRANSLATABLE --> </bean> 7. Restart your TADDM server. The Network Manager Inventory Report is displayed in the TADDM Domain Manager console. The report has the following sections: v Server Summary: Provides information about the installed instances of the Network Manager product, including the Network Manager versions installed, the host addresses of the servers where Network Manager is installed, and the URLs to access the Network Manager GUI. v Resource Summary: Lists all Network Manager resources that have a relationship to a ComputerSystem, including information on their IP address, manufacturer, type of resource (for example, router), and unique identifier in the Network Manager database. Configuring Network Manager to start IBM Tivoli Application Dependency Discovery Manager Optional: To enable Network Operators to launch the IBM Tivoli Application Dependency Discovery Manager GUI from Network Manager, you must add the TADDM menu options to Network Manager. The following steps assume that the Discovery Library Adapter (DLA) is installed on the same server as Tivoli Integrated Portal and the Network Manager GUI components. If the DLA is installed elsewhere, you must copy the DLA installation directory and its content to the server where the Tivoli Integrated Portal and the Network Manager GUI components are installed. For more information about the relationship between IBM Tivoli Application Dependency Discovery Manager and IBM Tivoli Change and Configuration Management Database, see the Information Center at the following Web address and search for "CCMDB overview": http://publib.boulder.ibm.com/infocenter/ tivihelp/v10r1/index.jsp?topic=/com.ibm.ccmdb.doc_7.1.1/ccmdb_welcome.htm 1. Configure the launch points from the menu to the TADDM installation: a. Change to the ITNMHOME/profiles/TIPProfile/etc/tnm/tools/ directory. b. Edit the following files: v ncp_wt_ccmdb_details.xml v ncp_wt_ccmdb_history.xml c. Specify the following parameters: TADDM_HOST The IP address or host name of your TADDM server. TADDM_PORT The TCP port on which your TADDM server is listening. The default is 9430, and this value only needs to be changed if a different port number was provided when installing TADDM. TADDM_USER The user name to use to access your TADDM server. TADDM_PASSWORD The password associated with the TADDM_USER parameter. d. Optional: To configure TADDM to start in the same window as Network Manager, edit the target field of the url property in each tool definition 192 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide file. By default, TADDM starts in a new window. For example, to display the CCMDB details in the same window, edit the property in the ncp_wt_ccmdb_details.xml file as follows: target="ccmdbDetails’" 2. Verify that the TADDM submenu was added to Network Manager: a. Log into Network Manager. b. Click Network Availability > Network Views c. Select a network view and right-click a device. In the context menu, the following TADDM menu items should be displayed under Launch To... > TADDM/CCDMB: View Details View History Note: It can take several minutes for the changes to take effect. If changes have not taken effect after 5 minutes, log off, restart your browser, and log in again. You now need to import the TADDM GUIDs into the NCIM database. Related tasks: “Importing IBM Tivoli Application Dependency Discovery Manager GUIDs into the NCIM database” Optional: To enable users to open the IBM Tivoli Application Dependency Discovery Manager UI from Network Manager, import the TADDM GUIDs into the entityGUIDCache table of the Network Connectivity and Inventory Model (NCIM) database. Importing IBM Tivoli Application Dependency Discovery Manager GUIDs into the NCIM database Optional: To enable users to open the IBM Tivoli Application Dependency Discovery Manager UI from Network Manager, import the TADDM GUIDs into the entityGUIDCache table of the Network Connectivity and Inventory Model (NCIM) database. 1. Run the DLA so that the Network Manager resources and relationships are imported into TADDM. 2. Log in to the server where your Network Manager GUI components are installed, and copy the DLA integration directory and content in ITNMHOME/adapters/ncp_dla/integration to your TADDM server (for example, $COLLATION_HOME/sdk/dla/integration). Ensure that permissions are set so that the TADDM user can access the files. 3. On the TADDM server, change to the directory where you copied the files to. 4. As the TADDM user, use the TADDM API to query the CCMDB for ComputerSystem data and pipe the results to an XML file called itnm_guids.xml. For example: user@host% $COLLATION_HOME/sdk/bin/api.sh -u user_name -p password find ComputerSystem > itnm_guids.xml 5. Make sure the itnm_guids.xsl and the itnm_guids.xml files exist in the current directory. 6. As the TADDM user, use the XLST processor to extract the entityId's and GUIDs, and pipe them to a CSV file called itnm_guids.csv. For example: user@host% $COLLATION_HOME/sdk/bin/xslt.sh -XSL $COLLATION_HOME/sdk/dla/ integration ./itnm_guids.xsl > itnm_guids.csv 7. Copy the itnm_guids.csv file back to the Network Manager GUI server into the home directory or the ITNMHOME/adapters/ncp_dla directory. Chapter 4. Configuring 193 8. Run the DLA in import mode to import the CSVs into the Network Manager NCIM database. See “Example” for an example of how to run in import mode, and the system response. Example The following example shows how to run the DLA in import mode, and how the system responds. user@host% cd /opt/IBM/DiscoveryLibrary/ITNM user@host% [./ncp_dla.sh | ncp_dla.bat ] -import -file integration/itnm_guids.csv ncp_dla.properties.DB2 ncp_DLA ( IBM Tivoli Network Manager IP Edition - Discovery Library Adapter ) Copyright (C) 1997 - 2007 By IBM Corporation. All Rights Reserved. See product license for details. [GUID Import Mode] Initializing... Importing GUIDs from ’integration/itnm_guids.csv’ Imported 15 GUID(s) into NCIM. Shutting down... Finished. user@host% Related tasks: “Loading Discovery Library books and enabling bidirectional launch” on page 190 You need to load the Discovery Library (IdML) book into TADDM to make the book information available to TADDM. Importing the book also enables bidirectional contextual launch. Integration with TBSM Network Manager is integrated with IBM Tivoli Business Service Manager by default using the Probe for Tivoli Netcool/OMNIbus (nco_p_ncpmonitor). The probe provides IBM Tivoli Business Service Manager with BSM_Identity tokens for Network Manager. You must have both IBM Tivoli Network Manager IP Edition and IBM Tivoli Business Service Manager installed and configured. The BSM_Identity token is used by default by TBSM to associate events with resources. Using the Network Manager DLA, TBSM becomes aware of the Network Manager resources. Network Manager events will have the BSM_Identity field added based on the following setting in the $NCHOME/probes/arch/ nco_p_ncpmonitor.rules file: @BSM_Identity = "ITNMIP:" + $ExtraInfo_MONITOREDENTITYID + "&domain=" + $Domain Related reference: “Prerequisites for use” on page 179 Before you configure and use the Discovery Library Adapter (DLA), make sure the prerequisites are met. 194 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Configuring the Tivoli Integrated Portal After installation, you might need to configure Tivoli Integrated Portal security or single sign-on. Single sign-on The single sign-on (SSO) capability in Tivoli products means that you can log on to one Tivoli application and then launch to other Tivoli Web-based or Web-enabled applications without having to re-enter your user credentials. The repository for the user IDs can be the Tivoli Netcool/OMNIbus ObjectServer or a Lightweight Directory Access Protocol (LDAP) registry. A user logs on to one of the participating applications, at which time their credentials are authenticated at a central repository. With the credentials authenticated to a central location, the user can then launch from one application to another to view related data or perform actions. Single sign-on can be achieved between applications deployed to Tivoli Integrated Portal servers on multiple machines. Single sign-on capabilities require that the participating products use Lightweight Third Party Authentication (LTPA) as the authentication mechanism. When SSO is enabled, a cookie is created containing the LTPA token and inserted into the HTTP response. When the user accesses other Web resources (portlets) in any other application server process in the same Domain Name Service (DNS) domain, the cookie is sent with the request. The LTPA token is then extracted from the cookie and validated. If the request is between different cells of application servers, you must share the LTPA keys and the user registry between the cells for SSO to work. The realm names on each system in the SSO domain are case sensitive and must match exactly. See Managing LTPA keys from multiple WebSphere Application Server cells on the WebSphere Application Server Information Center. Configuring single sign-on: Use these instructions to establish single sign-on support and configure a federated repository. Configuring SSO is a prerequisite to integrating products that are deployed on multiple servers. All Tivoli Integrated Portal Server instances must point to the central user registry (such as a Lightweight Directory Access Protocol server). Attention: ITM single sign on (SSO) support is only available with ITM Version 6.2 Fix Pack 1 or higher. To 1. 2. 3. configure the WebSphere federated repositories functionality for LDAP: Log in to the administrative console. In the Authentication area, expand Web security and click Single sign-on. Click the Enabled option if SSO is disabled. 4. Click Requires SSL if all of the requests are expected to use HTTPS. 5. Enter the fully-qualified domain names in the Domain name field where SSO is effective. If the domain name is not fully qualified, the Tivoli Integrated Portal Server does not set a domain name value for the LtpaToken cookie and SSO is valid only for the server that created the cookie. For SSO to work across Tivoli applications, their application servers must be installed in same domain (use the same domain name). Chapter 4. Configuring 195 6. Optional: Enable the Interoperability Mode option if you want to support SSO connections in WebSphere Application Server version 5.1.1 or later to interoperate with previous versions of the application server. 7. Optional: Enable the Web inbound security attribute propagation option if you want information added during the login at a specific Tivoli Enterprise Portal Server to propagate to other application server instances. 8. After clicking OK to save your changes, stop and restart all the Tivoli Integrated Portal Server instances. Note: When you launch Network Manager, you must use a URL in the format protocol://host.domain:port /*. If you do not use a fully-qualified domain name, Network Manager cannot use SSO between Tivoli products. Protecting the vault key file To keep the encryption key for the administrator password secure, establish strict read-only access to the vault key file. The Tivoli Integrated Portal administrator ID (default is tipadmin) that was created during the installation needs access to the vault key file for Tivoli Integrated Portal applications to work properly. The vault key is an encryption key that is used to encrypt the administrator password that was provided during installation and is stored locally for Tivoli Integrated Portal applications. Use these steps to restrict access to the file. 1. On the computer where the application server is installed, open the TIPHOME/_uninst/ITNM directory. 2. Use the method provided by your operating system to ensure that the .vault.key file has read-only access. On Windows, for example, the attributes for the ITNM directory are already set to read-only; those for the .vault.key file are set to read-only and hidden. Configuring access for HTTP and HTTPS By default, the application server requires HTTPS (Hypertext Transfer Protocol Secure) access. If you want some users to be able to log in and use the console with no encryption of transferred data, including user ID and password, configure the environment to support both HTTP and HTTPS modes. After installing Network Manager and before beginning this procedure, log in to the portal to ensure that it has connectivity and can start successfully. Configuring for HTTP and HTTPS console access involves editing the web.xml file of Web components. Use this procedure to identify and edit the appropriate Web XML files. 1. Change to the following directory: TIPHOME/profiles/TIPProfile/config/ cells/TIPCell/applications. 2. From this location, locate the web.xml files in the following directories: v For the Integrated Solutions Console Web application archive: isclite.ear/deployments/isclite/isclite.war/WEB-INF v For the Tivoli Common Reporting: tcr.ear/deployments/tcr/ rptviewer_v1.2.0.war/WEB-INF v For the Tivoli Common Reporting Web application archive: isclite.ear/deployments/isclite/rptwebui_v1.2.0.war/WEB-INF 196 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide 3. 4. 5. 6. 7. v For the Tivoli Integrated Portal Charts Web application archive: isclite.ear/deployments/isclite/TIPChartPortlet.war/WEB-INF v For the Tivoli Integrated Portal Change Password Web application archive: isclite.ear/deployments/isclite/TIPChangePasswd.war/WEB-INF Open one of the web.xml files using a text editor. Find the <transport-guarantee> element. The initial value of all <transport-guarantee> elements is CONFIDENTIAL, meaning that secure access is always required. Change the setting to NONE to enable both HTTP and HTTPS requests. The element now reads: <transport-guarantee>NONE</transport-guarantee>. Save the file, and then repeat these steps for the other web.xml deployment files. Stop and restart the application server. The following example is a section of the web.xml file for TIPChangePasswd where the transport-guarantee parameter is set to NONE: <security-constraint> <display-name> ChangePasswdControllerServletConstraint</display-name> <web-resource-collection> <web-resource-name>ChangePasswdControllerServlet</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <description>Roles</description> <role-name>administrator</role-name> <role-name>operator</role-name> <role-name>configurator</role-name> <role-name>monitor</role-name> <role-name>iscadmins</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> Users must now specify a different port, depending on the mode of access. The default port numbers are as follows: http://<host_name>:16310/ibm/console Use the HTTP port for logging in to the Tivoli Integrated Portal on the HTTP port . https://<host_name>:16311/ibm/console Use the HTTPS secure port for logging in to the Tivoli Integrated Portal. Note: If you want to use single sign-on (SSO) then you must use the fully qualified domain name of the Tivoli Integrated Portal host. Chapter 4. Configuring 197 Enabling FIPS You can configure the Tivoli Integrated Portal Server to use Federal Information Processing Standard Java Secure Socket Extension files. Follow these steps to enable FIPS 140–2 for the Tivoli Integrated Portal Server. 1. Configure the application server to use FIPS. a. In the portal, click Security > SSL certificate and key management. b. Select the Use the United States Federal Information Processing Standard (FIPS) algorithms option and click Apply. This option makes IBMJSSE2 and IBMJCEFIPS the active providers. 2. Configure the application server to use FIPS algorithms for Java clients that must access enterprise beans: a. Open the install_dir/profiles/TIPProfile/properties/ssl.client.props file in a text editor. b. Change the com.ibm.security.useFIPS property value from false to true. 3. Configure the application server to use FIPS algorithms for SOAP-based administrative clients that must access enterprise beans: a. Open the install_dir/profiles/TIPProfile/properties/soap.client.props file in a text editor. b. Add this line:com.ibm.ssl.contextProvider=IBMJSSEFIPS. 4. Configure java.security to enable IBMJCEFIPS: a. Open the install_dir/java/jre/lib/security/java.security file in a text editor. b. Insert the IBMJCEFIPS provider (com.ibm.crypto.fips.provider.IBMJCEFIPS) before the IBMJCE provider, and also renumber the other providers in the provider list. The IBMJCEFIPS provider must be in the java.security file provider list. See the example at the end of this topic. 5. Enable your browser to use Transport Layer Security (TLS) 1.0: a. Microsoft Internet Explorer: Open the Internet Explorer and click Tools > Internet Options. On the Advanced tab, select the Use TLS 1.0 option. b. Firefox: TLS 1.0 is enabled by default. 6. Export Lightweight Third Party Authentication keys so applications that use these LTPA keys can be reconfigured. a. In the navigation pane, click Settings > Websphere Admin Console and click Launch Websphere Admin Console. b. In the WebSphere Application Server administrative console, select Settings > Global security. c. In the Global security page, from the Authentication area, click the LTPA link. d. Under Cross-cell single sign-on, specify a key file and provide a filename and password for the file that will contain the exported LTPA keys. e. Click Export keys. 7. Reconfigure any applications that use Tivoli Integrated Portal Server LTPA keys: To reconfigure the Tivoli SSO service with the updated LTPA keys, run this script: TIPHOME/profiles/TIPProfile/bin/setAuthnSvcLTPAKeys.jacl. a. Change directory to TIPHOME/profiles/TIPProfile/bin/ b. Start the Tivoli Integrated Portal Server: UNIX Linux startServer.sh server1 v c. Run the following command: 198 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide wsadmin -username tipadmin -password tipadmin_password -f setAuthnSvcLTPAKeys.jacl exported_key_path key_password Where: exported_key_path is name and full path to the key file that was exported. key_password is the password that was used to export the key. 8. For SSO, enable FIPS for any other application servers, then import the updated LTPA keys from the first server into these servers: a. Copy the LTPA key file from step 4 above to another application server computer. b. In the navigation pane, click Settings > Websphere Admin Console and click Launch Websphere Admin Console. c. In the WebSphere Application Server administrative console, select Settings > Global security. d. In the Global security page, from the Authentication area, click the LTPA link. e. Under Cross-cell single sign-on, provide the filename and password from above for the file that contains the exported LTPA keys. f. Click Import keys. 9. Run the ConfigureCLI command: Linux UNIX TIPHOME/bin/tipcli.sh ConfigureCLI --useFIPS true The IBM SDK TIPHOME/java/jre/lib/security/java.security file looks like this when IBMJCEFIPS is enabled. security.provider.1=com.ibm.crypto.fips.provider.IBMJCEFIPS security.provider.2=com.ibm.crypto.provider.IBMJCE security.provider.3=com.ibm.jsse.IBMJSSEProvider security.provider.4=com.ibm.jsse2.IBMJSSEProvider2 security.provider.5=com.ibm.security.jgss.IBMJGSSProvider security.provider.6=com.ibm.security.cert.IBMCertPath security.provider.7=com.ibm.crypto.pkcs11.provider.IBMPKCS11 security.provider.8=com.ibm.security.cmskeystore.CMSProvider security.provider.9=com.ibm.security.jgss.mech.spnego.IBMSPNEGO Configuring the LPTA token timeout value You can configure the Lightweight Third Party Authentication (LTPA) token timeout value for Tivoli Integrated Portal in the WebSphere Application Server console. Tivoli Integrated Portal is enabled for single sign-on. The default timeout for an LTPA token is 120 minutes. An LTPA timeout causes you to be logged out from Tivoli Integrated Portal and can also cause an authentication popup message, if the first request after the timeout is an AJAX request from a portlet. To configure the LTPA token timeout: 1. In the Tivoli Integrated Portal navigation pane, click Settings > WebSphere Admin Console. 2. Click Launch WebSphere Admin Console to start the WebSphere Application Server console. 3. In the WebSphere Application Server console navigation pane, click Security > Global security. 4. In the Authentication area of the Global security page, click the LTPA link. 5. In the LTPA timeout area of the LTPA page, edit the value for the LTPA timeout and click OK. Chapter 4. Configuring 199 6. In the Messages area at the top of the Global security page, click the Save link and log out of the WebSphere Application Server console. In a load balanced environment, you must set the LTPA token timeout value on each of the Tivoli Integrated Portal Server instances. Configuring VMM for the ObjectServer If you installed Tivoli Netcool/OMNIbus using the Network Manager installer and selected to use the ObjectServer for user authentication, the installer configures the Virtual Member Manager (VMM) adapter for the ObjectServer. Otherwise, you must configure VMM manually if you want to use the ObjectServer for user authentication. Have the following ObjectServer information at hand: administrator name and password, IP address, and port number. If you have a second ObjectServer for failover support, you need the IP address and port number. The ObjectServer must be running at the time of installing Network Manager, as the installation process attempts to connect to the ObjectServer. The script assumes that the tip installation directory is the parent directory and that the profile and cell names are TIPProfile and TIPCell. Run the VMM configuration script on every computer where the application server is installed. 1. Change to the TIPHOME/bin directory. The directory contains a script to run: v Linux confvmm4ncos.sh UNIX confvmm4ncos.sh v 2. Enter the following command at the command line: confvmm4ncos user password address port [address2 port2]where a. user is the ID of a user with administrative privileges for this ObjectServer b. password is the password for the user ID c. address is the IP address of the ObjectServer d. port is the port number used by the ObjectServer e. Optional: address2 and port2, if there is a failover server, is the IP address and port number of the failover ObjectServer The VMM adapter is configured for the ObjectServer. Thereafter, whenever the user registry needs to be accessed, the VMM adapter is called for this information. Changing the default security registry The default security registry can be set at install time. Use this procedure to change the default registry after installation. These steps require that your user ID has the Administrator role and that you know the base entry value of your repository. For LDAP or Microsoft Active Directory, this is usually a string like ou=company,dc=country,dc=region. For the ObjectServer, the base entry is o=netcoolObjectServerRepository. If you did not select a default user registry during installation or you would like to change the default to a different registry, complete these steps. 1. If you are not already logged in to the administrative console, log in now. Your ID must have the Administrator role. 2. Click Security > Secure administration, applications, and infrastructure. 3. In the User account repositories area, select Federated repositories from the Available realm definitions, then click Configure. 200 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide 4. Click Supported entity types under Additional Properties. 5. Click the entity type, then edit the Base entry for the default parent and Relative Distinguished Name properties. 6. After you click OK to save your changes, repeat the previous step to configure the other entity types. For Microsoft Active Directory, the entity types (PersonAccount, Group, and OrgContainer) must be configured with a base DN and the RDN® for PersonAccount should be cn instead of uid. 7. Stop and restart the Tivoli Integrated Portal Server: a. In the TIPHOME/profiles/TIPProfile/bin directory, depending on your operating system, enter one of the following commands: v UNIX Linux stopServer.sh server1 Note: On UNIX and Linux systems, you are prompted to provide an administrator username and password. b. In the TIPHOME/profiles/TIPProfile/bin directory, depending on your operating system, enter one of the following commands: v UNIX Linux startServer.sh server1 Integrating with IBM Tivoli Monitoring You can install IBM Tivoli Monitoring for IBM Tivoli Network Manager IP Edition to monitor the health of your Network Manager installation. IBM Tivoli Monitoring is included in the Network Manager package. You must have installed Network Manager before installing IBM Tivoli Monitoring for IBM Tivoli Network Manager IP Edition. UNIX The launchpad opens xterm windows to run the shell Restriction: scripts for migration and installation of IBM Tivoli Monitoring for IBM Tivoli Network Manager IP Edition. If you want to paste non-ASCII characters between the xterm windows started by the installer and other windows, you must set your locale to one that ends with UTF-8 before running the launchpad. Use a command similar to this example: export LANG=fr_FR.UTF-8. To install IBM Tivoli Monitoring for IBM Tivoli Network Manager IP Edition, perform the following tasks: 1. On the server where Network Manager core components are installed, run the IBM Tivoli Monitoring for IBM Tivoli Network Manager IP Edition installation script. v To run the installation script using the launchpad, start the launchpad using the launchpad.sh script on UNIX , and click Postinstallation > Install the Monitoring Agent > Start ITM Agent Installation. v To run the installation script using the command line, run the ITMagent/install.sh script on UNIX from the scripts directory of the installation media. 2. For more installation steps, refer to the IBM Tivoli Monitoring for IBM Tivoli Network Manager IP Edition User's Guide. 3. Ensure you have IBM Tivoli Monitoring version 6.2.3 Fix Pack 3 or later installed. For example, to upgrade to Fix Pack 3, go to the following site: http://www-01.ibm.com/support/docview.wss?uid=swg24033803 Chapter 4. Configuring 201 Configuring integration with IBM Systems Director You can set up Network Manager to work with IBM Systems Director. After setting up the integration, you can launch IBM Systems Director from the Network Manager GUI and perform various tasks on the selected device in IBM Systems Director. Overview of integration with IBM Systems Director IBM Systems Director provides consolidated views of your managed systems and a set of tasks for system management including discovery, inventory, configuration, system health, monitoring, updates, event notification and automation across managed systems. After setting up the integration, you can open IBM Systems Director tasks from the Network Manager GUI using the right-click menu. You can launch IBM Systems Director to manage resources in your network by right-clicking a device in any Network Manager topology view and selecting the Launch to > Director menu option, followed by selecting the task you want to open in IBM Systems Director. The IBM Systems Director features you can launch for a device from within Network Manager depend on the information shared about the discovered device in both products. The following list identifies all IBM Systems Director tasks available when launching from Network Manager: v Active Status v Configure Access v Current Configuration v Create Group v Compliance Issues v v v v v v v Configuration Manager Configuration Plans Compliance Policy Configuration Templates Distributed Command Deployment History Event Log v File Management v Network Diagnostics v v v v v Navigate Resource: Basic Topology Navigate Resources: Virtualization Topology Performance Summary Request Access Remote Command Line v Verify Connection v View and Collect Inventory v Navigate Resources: Properties View Note: The list of features available to launch from the Network Manager right-click menu will vary and might be a subset of the previous list. 202 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide For more information about the features opened in IBM Systems Director and assistance using them, click the help button on the opened IBM Systems Director page. Alternatively, go to the IBM Systems Director information center at http://publib.boulder.ibm.com/infocenter/director/v6r2x/index.jsp?topic=/ com.ibm.director.main.helps.doc/fqm0_main.html and search for the name you clicked on in the right-click menu option (for example, search for "Configure Access"). Integration architecture The integration between Network Manager and IBM Systems Director requires a Java adapter process to run based on settings defined in the itnmSystemsDirector.properties configuration file. The configuration file is installed by default with Network Manager on the GUI server, and it can be found in the NCHOME/precision/adapters/ itnm_systemsDirectorLiC directory. The Java adapter process communicates with the IBM Systems Director server using HTTPS to associate IBM Systems Director resources and launch-points with devices discovered by Network Manager for the domain defined in the properties file. The adapter determines the set of IBM Systems Director launch points related to a Network Manager device, and stores them in the LiCmapping NCIM table. The LiCmapping table describes the IBM Systems Director resource, launch-point URL, and menu name for each task you can run against a Network Manager device. Restriction: For the integration to be successful, both Network Manager and IBM Systems Director must discover and manage the same resources. Downloading and installing the IBM Systems Director You must have an IBM Systems Director installation running before configuring integration with Network Manager. To obtain IBM Systems Director, perform the following steps: 1. Go to http://www.ibm.com/systems/management/director/downloads/ 2. Go to the Management servers tab and download IBM Systems Director version 6.2 or later. 3. Go to the IBM Systems Director information center at http:// publib.boulder.ibm.com/infocenter/director/v6r2x/index.jsp?topic=/ com.ibm.director.main.helps.doc/fqm0_main.html, expand "IBM Systems Director V6.2.1", and then go to the "Planning" and "Installing" topic collections. 4. Follow the instructions provided to plan the installation and complete the installation of IBM Systems Director. Chapter 4. Configuring 203 Setting up integration with the IBM Systems Director Perform the following tasks to set up the integration between Network Manager and IBM Systems Director. Preparing the properties file: To set up the integration, you must create a copy of the itnmSystemsDirector.properties file for each Network Manager domain you want to run IBM Systems Director tasks against. Create a copy of the properties file for the domain against which you intend to run the adapter: 1. Go to the NCHOME/precision/adapters/itnm_systemsDirectorLiC directory. The configuration file is installed by default with Network Manager on the GUI server. 2. Make a copy of the itnmSystemsDirector.properties file and append the file name with the name of the domain you want to set up integration for. For example, to create a copy of the properties file for the domain NCOMS, enter the following command on UNIX operating systems: cp itnmSystemsDirector.properties itnmSystemsDirector.properties.NCOMS This creates a copy of the properties file and adds NCOMS to the end of the file. 3. Use the copy of the file to set up the integration as described in the following tasks. Exporting and importing the SSL certificate: The Java adapter process that communicates between Network Manager and IBM Systems Director requires the setup of a secure connection. You must import the SSL certificate from the IBM Systems Director server into the trust store used by the Network Manager Java process running the adapter. To obtain the certificate, you must export it from IBM Systems Director and then import it into Network Manager: 1. Log into the IBM Systems Director server. 2. Export the certificate using the keytool -export command: /opt/ibm/director/jre/bin/keytool -export -alias lwiks -keystore /opt/ibm/director/lwi/security/keystore/ibmjsse2.jks -file directorcert.arm 3. Copy the directorcert.arm file to the Network Manager server where the adapter will run. For example, /tmp/directorcert.arm. 4. Import the directorcert.arm file into the local trust store using the keytool -import command: keytool -import -alias directorcert -file /path to file/directorcert.arm -keystore TIPHOME/java/jre/lib/security/cacerts Note: The default password is changeit. The following shows an example of importing the certificate: /opt/IBM/tivoli/tip/java/bin/keytool -import -alias directorcert -file /tmp/directorcert.arm -keystore /opt/IBM/tivoli/tip/java/jre/lib/ security/cacerts 204 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Configuring connection properties: Edit the copy of the itnmSystemsDirector.properties file to specify the connection properties for the adapter linking Network Manager and IBM Systems Director. Make sure you have created a copy of the itnmSystemsDirector.properties file and appended the file name with the name of the domain for which you want to set up the integration with IBM Systems Director; for example itnmSystemsDirector.properties.NCOMS. To configure the connection properties: 1. Open the properties file itnmSystemsDirector.properties.name of domain. 2. Edit the following values to set up the connection: a. Set the itnm.integration.ibm.SystemsDirector.cryptographicKeyFile parameter to reference the Network Manager cryptographic key file or a key file you generated using the ./itnm_systemsDirectorLiC.sh -generate -keyfile file name option. For example, set the path as follows to use the default key file: itnm.integration.ibm.SystemsDirector.cryptographicKeyFile=/opt/IBM/ tivoli/netcool/precision/profiles/TIPProfile/etc/tnm/ encryption/keys/crypt.key b. Set the itnm.integration.ibm.SystemsDirector.server parameter to reference the IP address or host name of the IBM Systems Director server. For example: itnm.integration.ibm.SystemsDirector.server=192.0.2.24 c. Set the itnm.integration.ibm.SystemsDirector.port parameter to the port number on which the IBM Systems Director server is listening on. For example: itnm.integration.ibm.SystemsDirector.port=4495 Note: The default port is 8422. d. Set the itnm.integration.ibm.SystemsDirector.userName parameter to reference the IBM Systems Director user name. For example: itnm.integration.ibm.SystemsDirector.userName=root 3. Encrypt and set the password for the IBM Systems Director user: a. Go to the NCHOME/precision/adapters/itnm_systemsDirectorLiC directory. b. Run the following command using the password for the IBM Systems Director user set in the itnm.integration.ibm.SystemsDirector.userName parameter: ./itnm_systemsDirectorLiC.sh -encrypt password -keyfile /full path to cryptographic key file/cryptographic key file name.key. This will create an encrypted text string for the password. For example, to encrypt the password Network1 using the default key file, enter: ./itnm_systemsDirectorLiC.sh -encrypt Network1 -keyfile /opt/IBM/tivoli/netcool/precision/profiles/TIPProfile/etc/tnm/ encryption/keys/crypt.key An example output of the encryption process is jR/ CjUmgRaYRF64Dsf37FGJvxDxqmxcE3XybALZ7THo=. c. Set the itnm.integration.ibm.SystemsDirector.password parameter to reference the encrypted password of the user. For example, to use the encrypted password from the previous step, enter: Chapter 4. Configuring 205 itnm.integration.ibm.SystemsDirector.password= jR/CjUmgRaYRF64Dsf37FGJvxDxqmxcE3XybALZ7THo= 4. Set the itnm.integration.ibm.SystemsDirector.jreKeyStoreFile parameter to reference the location of the Network Manager keystore you imported the SSL certificate into. For example: itnm.integration.ibm.SystemsDirector.jreKeyStoreFile=/opt/IBM/tivoli/tip/ java/jre/lib/security/cacerts 5. Encrypt and set the password for the keystore file: a. Go to the NCHOME/precision/adapters/itnm_systemsDirectorLiC directory. b. Run the following command using the password for the keystore file: ./itnm_systemsDirectorLiC.sh -encrypt password -keyfile /full path to cryptographic key file/cryptographic key file name.key. This will create an encrypted text string for the password. For example, to encrypt the password Crypto1 using the default key file, enter: ./itnm_systemsDirectorLiC.sh -encrypt Crypto1 -keyfile /opt/IBM/tivoli/netcool/precision/profiles/TIPProfile/etc/tnm/ encryption/keys/crypt.key An example output of the encryption process is i/y7aYCV5looIK3eRoYEPWJvxDxqmxcE3XybALZ7THo=. c. Set the itnm.integration.ibm.SystemsDirector.jreKeyStorePassword parameter to reference the encrypted password for the keystore file. For example, to use the encrypted password from the previous step, enter: itnm.integration.ibm.SystemsDirector.jreKeyStorePassword= i/y7aYCV5looIK3eRoYEPWJvxDxqmxcE3XybALZ7THo= 6. Save the properties file. You can specify additional optional settings in the itnmSystemsDirector.properties file for the adapter. Related tasks: “Additional adapter settings” on page 208 Apart from setting the connection properties, you can modify the default parameters that control additional behavior and logging characteristics of the adapter. Edit the copy of the itnmSystemsDirector.properties file for the adapter linking the Network Manager domain and IBM Systems Director. Configuring connection to NCIM: You can configure the connection settings to the NCIM database where the adapter populates the LiCmapping table with data from IBM Systems Director. If the itnm.integration.ibm.SystemsDirector.itnmDatabaseUseConnectionPool is set to true, then the default settings to NCIM are used, and you do not need to configure the database properties. The only mandatory parameter is itnmDomain which must be specified (see first step). To set the connection properties for the NCIM database: 1. In the itnm.integration.ibm.SystemsDirector.itnmDomain property, specify the Network Manager domain against which the adapter runs. For example: itnm.integration.ibm.SystemsDirector.itnmDomain=NCOMS 206 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide 2. Optional: If you do not want to use the default settings and have itnm.integration.ibm.SystemsDirector.itnmDatabaseUseConnectionPool set to false, you can specify alternative database properties for the adapter to use: a. Remove the hash from the beginning of the line and set the itnm.integration.ibm.SystemsDirector.itnmDatabaseType property to the database type you want to use. The supported values are DB2. b. Remove the hash from the beginning of the line and set the itnm.integration.ibm.SystemsDirector.itnmDatabaseDriver property to the JDBC driver URL that specifies the type of JDBC driver to use. Use one of the following values based on your selected database: v For DB2: com.ibm.db2.jcc.DB2Driver c. Remove the hash from the beginning of the line and set the itnm.integration.ibm.SystemsDirector.itnmDatabaseURL property to the JDBC URL for connecting to the NCIM database. Use one of the following syntax based on your selected database: v For DB2: jdbc:db2://host_name:port_number/database_name Tip: This setting depends on the database you use. Refer to ITNMHOME/profiles/TIPProfile/etc/tnm/tnm.properties for information about the database used and help with completing the platform-specific URL. The following example shows the settings for a DB2 database: itnm.integration.ibm.SystemsDirector.itnmDatabaseType=DB2 itnm.integration.ibm.SystemsDirector.itnmDatabaseDriver= com.ibm.db2.jcc.DB2Driver itnm.integration.ibm.SystemsDirector.itnmDatabaseURL= jdbc:db2://abc123.ibm.com:50000/NCIM 3. Optional: Set the itnm.integration.ibm.SystemsDirector.itnmDatabaseUserName property to reference the NCIM database user name. For example: itnm.integration.ibm.SystemsDirector.itnmDatabaseUserName=root 4. Optional: Encrypt and set the password for the NCIM user: a. Go to the NCHOME/precision/adapters/itnm_systemsDirectorLiC directory. b. Run the following command using the password for the NCIM user set in the itnm.integration.ibm.SystemsDirector.itnmDatabaseUserName property: ./itnm_systemsDirectorLiC.sh -encrypt password -keyfile /full path to cryptographic key file/cryptographic key file name.key. This will create an encrypted text string for the password. For example, to encrypt the password Database1 using the default key file, enter: ./itnm_systemsDirectorLiC.sh -encrypt Database1 -keyfile /opt/IBM/tivoli/netcool/precision/profiles/TIPProfile/etc/tnm/ encryption/keys/crypt.key An example output of the encryption process is DvDlWqoRzRHAD9WpYzkI0mJvxDxqmxcE3XybALZ7THo=. c. Set the itnm.integration.ibm.SystemsDirector.itnmDatabasePassword property to reference the encrypted password. For example: itnm.integration.ibm.SystemsDirector.itnmDatabasePassword= DvDlWqoRzRHAD9WpYzkI0mJvxDxqmxcE3XybALZ7THo= 5. Save the properties file. Chapter 4. Configuring 207 Additional adapter settings: Apart from setting the connection properties, you can modify the default parameters that control additional behavior and logging characteristics of the adapter. Edit the copy of the itnmSystemsDirector.properties file for the adapter linking the Network Manager domain and IBM Systems Director. Make sure you edit the copy of the itnmSystemsDirector.properties file for the domain you set up the integration for. The configuration file is installed by default with Network Manager on the GUI server, and it can be found in the NCHOME/precision/adapters/ itnm_systemsDirectorLiC directory. To modify additional characteristics of the adapter: 1. Open the properties file itnmSystemsDirector.properties.name of domain. 2. Edit the following values: a. Set the itnm.integration.ibm.SystemsDirector.connectTimeout parameter to the amount of time during which the adapter attempts to connect to the IBM Systems Director server. If the adapter cannot connect after the specified time elapses, it produces an error. The value is in milliseconds and the default is 60000 (60 seconds). b. Set the itnm.integration.ibm.SystemsDirector.readTimeout parameter to the amount of time the adapter waits to read data from the IBM Systems Director server after connecting to it. If the adapter cannot read any data after the specified time elapses, it produces an error. The value is in milliseconds and the default is 60000 (60 seconds). c. Use the itnm.integration.ibm.SystemsDirector.verifySSLHostNames parameter to set whether or not the adapter verifies the name of the IBM Systems Director server stored in the certificate. Verification is performed if set to true, while no verification is performed if set to false. d. Use the itnm.integration.ibm.SystemsDirector.usePasswordAuthentication parameter to set whether or not password authentication is used. Password authentication turned on if set to true, while authentication is turned off if set to false. e. Use the itnm.integration.ibm.SystemsDirector.ignoreIPAddress.n parameter to instruct the adapter to ignore specific IP addresses in IBM Systems Director. Specify more than one IP address by repeating this parameter and incrementing n by 1 each time. For example, to set adapter to ignore IP addresses 192.0.2.12 and 192.0.2.24, add the following lines: itnm.integration.ibm.SystemsDirector.ignoreIPAddress.1=192.0.2.12 itnm.integration.ibm.SystemsDirector.ignoreIPAddress.2=192.0.2.24 f. Use the itnm.integration.ibm.SystemsDirector.ignoreHostName.n parameter to instruct the adapter to ignore specific host names. Specify more than one host name by repeating this parameter and incrementing n by 1 each time. For example, to set adapter to ignore host names mymachine and ball.company.com, add the following lines: itnm.integration.ibm.SystemsDirector.ignoreHostName.1=mymachine itnm.integration.ibm.SystemsDirector.ignoreHostName.2=ball.company.com 208 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide g. The adapter creates a table in NCIM associating IBM Systems Director resources with devices discovered by Network Manager for the domain defined in the properties file. You can override the individual IBM Systems Director resource to Network Manager device mapping by manually specifying which IBM Systems Director OID corresponds to what Network Manager main node IP address or host name. Use the itnm.integration.ibm.SystemsDirector. mapOIDtoITNMIPAddressOrHostName.n parameter to instruct the adapter to override the automatic resource association. Specify more than one resource by repeating this parameter and incrementing n by 1 each time. The format is mapOIDtoITNMIPAddressOrHostName.n=oid:ipaddress or mapOIDtoITNMIPAddressOrHostName.n+1=oid:hostname. For example, to set adapter to take the OID 2292 and associate it with IP address 192.0.2.12, and take OID 2286 and associate it with host name mymachine, add the following lines: itnm.integration.ibm.SystemsDirector.mapOIDtoITNMIPAddressOrHostName.1= 2292:192.0.2.12 itnm.integration.ibm.SystemsDirector.mapOIDtoITNMIPAddressOrHostName.1= 2286:mymachine h. You can set the adapter to ignore specific IBM Systems Director tasks. Use the itnm.integration.ibm.SystemsDirector.ignoreTask.n parameter to set tasks that are ignored by the adapter and are not available to run on a device. Specify more than one task by repeating this parameter and incrementing n by 1 each time. For example, to set adapter to ignore the Network Diagnostics task, add the following line: itnm.integration.ibm.SystemsDirector.ignoreTask.1=Network Diagnostics 3. Save the properties file. You can also set the logging properties for the adapter process. Related tasks: “Setting logging properties for adapter” You can specify logging properties for the adapter used to link IBM Systems Director and Network Manager. Setting logging properties for adapter: You can specify logging properties for the adapter used to link IBM Systems Director and Network Manager. Make sure you edit the copy of the itnmSystemsDirector.properties file for the domain you set up the integration for. To set the logging properties for the adapter: 1. Open the properties file itnmSystemsDirector.properties.name of domain. 2. Edit the following values: a. Set the overall logging level using the .level parameter. The default is WARNING and the following levels can be set: v CONFIG: Logs all events up to and including configuration changes. v INFO: Logs only system state changes. This is the default setting. v WARNING: Chapter 4. Configuring 209 v v v v Logs recoverable system errors. SEVERE: Logs unrecoverable system errors. FINE: Minimum level of tracing. The majority of stack traces appear at this level already and are written to the trace file. The trace file also includes all log messages. FINER: Medium level of tracing that provides more detailed debug messages. FINEST: Maximum level of tracing that produces very detailed technical information. b. Set the logging level for the file handler using the java.util.logging.FileHandler.level parameter. The possible levels are the same as for the .level parameter. c. If used, set the logging level for the console handler using the java.util.logging.ConsoleHandler.level parameter. The possible levels are the same as for the .level parameter. d. Modify where the log file is saved to using the java.util.logging.FileHandler.pattern parameter. 3. Save the properties file. Logging for the adapter process uses the same logic as other logging in Network Manager. Check the log files to pinpoint any potential issues. Running the adapter to populate NCIM After setting the adapter properties, you can run the adapter to populate the NCIM database with information on the resources that can be managed in IBM Systems Director for the Network Manager domain defined in the properties file. Make sure you have set all the required parameters in the adapter properties file for the domain. To run the adapter: 1. Change to the NCHOME/precision/adapters/itnm_systemsDirectorLiC directory. 2. Run the adapter using the ./itnm_systemsDirectorLiC.sh command and reference the properties file for the domain you set up the adapter for. For example, to run the adapter for the NCOMS domain, enter the following command: ./itnm_systemsDirectorLiC.sh itnmSystemsDirector.properties.NCOMS Based on the settings in the properties file, the adapter populates the LiCmapping table in the NCIM database with launch-point information from IBM Systems Director. 3. Right-click devices in any Network Manager topology view after running the adapter. A set of IBM Systems Director tasks are available to be launched from Network Manager for the device if the device is managed by both products. The following list identifies all IBM Systems Director tasks available when launching from Network Manager: v Active Status v Configure Access 210 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide v v v v v Current Configuration Create Group Compliance Issues Configuration Manager Configuration Plans v v v v v v v Compliance Policy Configuration Templates Distributed Command Deployment History Event Log File Management Network Diagnostics v v v v v v Navigate Resource: Basic Topology Navigate Resources: Virtualization Topology Performance Summary Request Access Remote Command Line Verify Connection v View and Collect Inventory v Navigate Resources: Properties View Note: The list of features available to launch from the Network Manager right-click menu will vary and might be a subset of the previous list. Troubleshooting the integration with IBM Systems Director If the launch in context from Network Manager to IBM Systems Director does not work, you might need to check your IBM Systems Director integration settings. If the integration with IBM Systems Director does not work, it is likely that the adapter did not run and populate the launch-point data in the LiCmapping table. To check the integration settings: 1. The first step when an error occurs is to check all of the configuration settings and check that both Network Manager and IBM Systems Director are managing the same set of resources. 2. Check the following items: Option Description The SSL certificate was not imported from IBM Systems Director into Network Manager. Export the certificate and then import it into Network Manager as described in “Exporting and importing the SSL certificate” on page 204. The IBM Systems Director configuration is not correct. Make sure you set the connection properties to the IBM Systems Director properly, as described in “Configuring connection properties” on page 205. The Network Manager NCIM database configuration is not correct. Check the NCIM settings as described in “Configuring connection to NCIM” on page 206. Chapter 4. Configuring 211 Option Description There is a firewall blocking access to the IBM Systems Director API. Check your firewall settings and allow access to the IBM Systems Director host. The specified Network Manager domain does not have devices managed by IBM Systems Director. Make sure that the same devices are discovered by both products. The IBM Systems Director server is not running. Make sure the IBM Systems Director server is running and you can log on. For more information about IBM Systems Director, see the information center at http://publib.boulder.ibm.com/infocenter/ director/v6r1x/index.jsp?topic=/ director_6.1/fqm0_main.html and search for "Management server and agent commands." The Network Manager NCIM database is not running. Make sure all processes are running in Network Manager, as described in . The specified passwords have been encrypted using a different cryptographic key file to the one specified in the properties file. Make sure you encrypt the passwords with the file you reference in the adapter properties file, as described in “Configuring connection properties” on page 205. 3. If the error requires more detailed information to understand its cause, set the logging level to FINEST and examine the log file for error messages. Related tasks: “Setting logging properties for adapter” on page 209 You can specify logging properties for the adapter used to link IBM Systems Director and Network Manager. Accessing discovery data from dNCIM You can take advantage of post-discovery dNCIM broadcasts to retrieve updates to the network topology after each discovery completes. Internal Network Manager processes read this information on completion of a discovery. You can also configure third-party systems (Tivoli-based or external) to access this topology data so that they have the latest topology updates. Examples of such third-party systems that you might want to configure to read dNCIM data include the following: v TADDM can use this data in order to feed its application discovery. The data from dNCIM tells TADDM which hosts are present on the network, which is a first step to discovering the applications on those hosts. v IBM Director can use this data to support the discovery of storage devices v An asset database can use this data to upload its asset information. v A security system can use the data to identify possible intrusions. Getting data from dNCIM rather than using the DLA differs in the following ways. v The data is in a different format to the DLA. v The dNCIM data has not yet been sent to the Topology Manager, ncp_model, so the data is not consolidated with previous discoveries: v The data is lighter weight than the data that can be retrieved using the DLA. v The dNCIM broadcasts have the same format as the NCIM broadcasts transmitted by ncp_model, and the NCIM cache files. 212 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide To configure third-party systems to access discovery data from dNCIM, you must write a script to configure the Java or Perl API to listen for messages with the DNCIM2NCIM subject on the message bus. For information on the format of dNCIM broadcasts, see the IBM Tivoli Network Manager Topology Database Guide. By default DNCIM is set up so that the solidDB® database that is s embedded in the Discovery engine, ncp_disco, is accessible only from the local machine. If you want to query this database, you might need to change the configuration so that the database is accessible from other machines. Perform the following steps to configure the database so that is accessible from other machines 1. Edit the following file: $ITNMHOME/embeddedDb/solid/ncp_disco.DOMAIN/ solid.ini. 2. Change the following line: Listen=tcpip -i127.0.0.1 port_number ; __DB_PORT_NUM__ Where port_number is a TCP/IP port number to read. 3. Restart Discovery engine, ncp_disco. Configuring Network Manager for UNIX operating systems On UNIX systems, you might need to perform extra configuration tasks before using the product. Configuring root/non-root permissions On UNIX, if you installed Network Manager as a non-root user, you must perform additional configuration. Certain components of Network Manager require root permissions to run. You must perform different actions depending on whether you want to run Network Manager as a root user or a non-root user. Root and non-root installation On UNIX Network Manager can be installed as either the root user or a non-root user. If you have installed any other IBM Tivoli products into the same installation directory, you must install Network Manager as the same user that installed the other products. The Network Manager web applications must always be run as the user who installed the product. After installation, you can configure the Network Manager core components to be run as a different user. For example, if you installed as the root user, you can configure the core components to be run as a non-root user. Restriction: When Network Manager is installed and run as root, scripts are installed that restart Network Manager and Tivoli Netcool/OMNIbus processes when the server is rebooted. When Network Manager is installed and run as a non-root user, Network Manager and Tivoli Netcool/OMNIbus processes are not restarted automatically when the server is rebooted. However, as a post-installation Chapter 4. Configuring 213 task for non-root installations, you can configure the processes to start automatically when your system is rebooted, as described in “Non-root installation: Configuring processes to start automatically” on page 215. Restriction: IBM Tivoli Business Service Manager must run as non-root. When installing Network Manager and IBM Tivoli Business Service Manager on the same server, make sure you install and run both as a non-root user. Configuring the core components to run as root On UNIX, if you installed Network Manager as a non-root user, you must perform additional configuration to run the core components as the root user. The Network Manager Web applications must always be run as the user who installed the product. You must run a script that updates file permissions to ensure that the root user has access to all necessary files. If you installed Network Manager as the root user, you do not need to perform any configuration in order to run the core components as the root user. 1. Log in to the server where the Network Manager core components are installed. Log in as the root user. 2. Run the script either from the installer launchpad or the command line: Option Description From the launchpad 1. Go to the directory where you extracted the Network Manager installation package. 2. Start the launchpad as root using the ./launchpad.sh command. 3. Select the Postinstallation menu. 4. Expand Non-root postinstallation tasks (UNIX only) and click Run IBM Tivoli Network Manager IP Edition 3.9 as root. From the command line 1. Go to the NCHOME/precision/scripts directory. 2. Run the setup_run_as_root.sh script. Configuring the core components to run as non-root On UNIX, if you installed Network Manager as a non-root user, and you want to allow that user permissions to run the core components, you must log in as root and perform additional configuration. Attention: Only install and run as a non-root user on servers where trusted users are the only users who can log in. The Network Manager Web applications must always be run as the user who installed the product. To give a non-root user these permissions, you must run a script. It is not possible to install and run Network Manager without ever logging in as the root user. At a minimum you must log in as root temporarily to run this script. 214 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Complete the following configuration steps in order to run the core components as a non-root user: 1. Log in as the root user. 2. Run the script either from the installer launchpad or the command line: Option Description From the launchpad 1. Go to the directory where you extracted the Network Manager installation package. 2. Start the launchpad as root using the ./launchpad.sh command. 3. Select the Postinstallation menu. 4. Expand Non-root postinstallation tasks (UNIX only) and click Run IBM Tivoli Network Manager IP Edition 4.1 as installing user. From the command line 1. Go to the NCHOME/precision/scripts directory. 2. Run the following script: setup_run_as_setuid_root.sh. 3. Optional: If you want to run the mttrapd probe (also known as the SNMP probe) as non-root, perform additional configuration: v Configure the probe to run as a non-root user using the instructions on Running the mttrapd probe as suid root in the IBM Tivoli Netcool/OMNIbus Probe for SNMP Reference Guide. After this script has completed, the user who performed the Network Manager installation can log in and run the Network Manager core components. Non-root installation: Configuring processes to start automatically On UNIX systems, as a post-installation task for non-root installations you can configure your Network Manager processes to start automatically when your system is started or restarted. Your Network Manager installation must have completed successfully before performing the following steps. Note: You do not need to configure this if you installed Network Manager as the root user. The automatic restart is set up as part of a root installation without the need for this post-installation step. To configure the Network Manager processes to start automatically: 1. Log in to the server where the Network Manager core components are installed. Log in as the root user. 2. Run the script to set the processes either from the installer launchpad or the command line: Chapter 4. Configuring 215 Option Description From the launchpad 1. Go to the directory where you extracted the Network Manager installation package. 2. Start the launchpad as root using the ./launchpad.sh command. 3. Select the Postinstallation menu. 4. Expand Non-root postinstallation tasks (UNIX only) and click Start Network Manager processes on system start/restart. From the command line 1. Go to the NCHOME/precision/install/ scripts directory. 2. Run the create_all_control.sh -auto_only script. Installing and configuring DB2 after a non-root installation DB2 can only be installed by the root user. If you installed Network Manager as non-root and you also selected DB2 to be installed on the same server to use as your topology database, you must log in as root after completing the Network Manager installation and complete the DB2 installation on the system. Make sure the Network Manager installation has completed successfully. Check the installation log files for information on the post-installation work required for the database installation. To set up DB2 after a non-root installation: 1. Log in as root. 2. You can use the GUI (launchpad) or the command line interface: Option Description Configuring DB2 using the GUI (launchpad) 1. Go to the directory where you extracted the Network Manager installation package. 2. Start the launchpad as root using the ./launchpad.sh command. 3. Select the Postinstallation menu. 4. Expand Non-root postinstallation tasks (UNIX only) and click Finish installing DB2 as topology database. 5. Provide the location where you installed Network Manager (the $NCHOME environment variable value), and wait for the command window to complete. This might take a few minutes. Configuring DB2 using the command line interface 1. Go to NCHOME/precision/install/ scripts 2. Run the installDB2.sh command as follows: ./installDB2.sh -f db2.properties 3. Wait for the script to complete. 216 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Note: To start and stop your DB2 database, log in as the DB2 database administrator and run the db2stop command to stop the DB2 database, and the db2start command to start the database. For more information, go to the IBM DB2 10.1 Information Center at http://pic.dhe.ibm.com/infocenter/db2luw/v10r1/index.jsp. Related tasks: “Viewing the installation logs” on page 84 Viewing the installation logs can be useful for troubleshooting purposes. Configuring connection to existing DB2 You must install a DB2 runtime client when using an existing DB2 server for your topology database, regardless of whether the database is on the same server as Network Manager or an a different server. You must install the DB2 runtime client on the server where Network Manager core components are installed. The runtime client is required to set up communication between Network Manager and the database. You do not need to install a DB2 runtime client if you installed the DB2 server using the Network Manager installer. To configure the connection to an existing DB2 database: 1. Log in to the server as root where you installed the core components. 2. Install the DB2 runtime client using the GUI (launchpad) or the command line interface: Option Description Install DB2 runtime client using the GUI (launchpad) 1. Go to the directory where you extracted the Network Manager installation package. 2. Start the launchpad as root using the ./launchpad.sh command. 3. Select the Postinstallation menu. 4. Expand Non-root postinstallation tasks (UNIX only) and click Install DB2 runtime client. 5. Provide the location where you installed Network Manager (the $NCHOME environment variable value), and wait for the command window to complete. This might take a few minutes. Install DB2 runtime client using the command line interface 1. Go to NCHOME/precision/install/ scripts 2. Run the installDB2.sh command as follows: ./installDB2.sh -f db2.properties 3. Wait for the script to complete. Chapter 4. Configuring 217 Configuring GUIs You can change the appearance and functionality of the Hop Views; update MIB information; and configure the presentation of events from unmanaged devices. Administering the TopoViz client You can customize the operations of the TopoViz client. This includes the display settings, for example device icons, the frequency of topology updates, and alert settings. Changing Tivoli Integrated Portal timeouts When you are working in the Tivoli Integrated Portal, your GUI session is subject to timeouts. You can change the timeout settings. The Tivoli Integrated Portal provides the following default timeout settings: Invalidation timeout If a user is logged into Network Manager using Tivoli Integrated Portal and closes the Tivoli Integrated Portal window, then the user session automatically times out after 30 minutes. Lightweight Third Party Authentication (LTPA) timeout After a user is logged in for 24 hours, the Tivoli Integrated Portal login session is automatically closed down and the user is forced to log in again. Changing the invalidation timeout setting: If a user is logged into Network Manager using Tivoli Integrated Portal and closes the Tivoli Integrated Portal window, then, by default, the user session automatically times out after 30 minutes. This is known as the invalidation timeout. You can modify the invalidation timeout setting. To change the invalidation timeout setting: 1. Log in to the server where the Network Manager GUI components are installed and edit the following file: v UNIX $TIPHOME/profiles/TIPProfile/config/cells/TIPCell/ applications/isclite.ear/deployments/isclite/deployment.xml 2. Within this file find the invalidationTimeout value. By default, this value is set to 30 minutes. 3. Set the invalidationTimeout to the required value in minutes. 4. Save the deployment.xml file. 5. Restart the Tivoli Integrated Portal. Changing the Lightweight Third Party Authentication (LTPA) timeout setting: After a user is logged in for a certain amount of time, by default 24 hours, the Tivoli Integrated Portal login session is automatically closed down and the user is forced to log in again. This is known as the Lightweight Third Party Authentication (LTPA) timeout. You can modify the LTPA timeout setting. To change the LTPA timeout setting: 1. Click Security > Secure administration, applications, and infrastructure. 2. In the Secure administration, applications, and infrastructure window, click Authentication mechanisms and expiration. 218 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide 3. Set the Timeout value for forwarded credentials between servers value as required. The default value is 1440 minutes (24 hours). 4. Click OK. 5. Restart the Tivoli Integrated Portal. Features of the TopoViz client Use this information to understand the features of the TopoViz client that can be customized. TopoViz icons: In a topology map, icons represent types of device or network elements. You can customize these icons. The following icons can be customized: v Device icons v Tree and map icons The following figure shows a representation of the tree and map icons: 1 2 Figure 9. Tree and map icons 1 Tree icon Used to represent views in the Navigation Panel. The default tree and map icons take the form of a cloud. Network operators can customize these icons when defining a new network view in the Network Views GUI. To do this, they choose from a list of predefined icons. 2 Map icons Used to represent views in the Topology Display Panel. Chapter 4. Configuring 219 Related tasks: “Adding icons” on page 221 Make extra, custom icons available for network operators to choose from if they want to change the icons that they use in the Network Views and Network Hop View GUIs. Related reference: “Configuring the display of extra information associated with a device” on page 226 Information such as alert status and maintenance state of a device is displayed in a colored border around the device. You can configure the colors, icons, and positioning of the elements used to display this information. Device class types: All device class are automatically categorized by class type. In topology maps, each class type is represented by a different icon, whereas each device class is not. Class types are stored in the NCIM topology database, in the classType field of the entityType table. The following class types apply: v Core v End Node v Network Device v Router v Switch All the class types consist of device classes. For example, the Network Device class type contains the Alcatel and Cisco device classes. Device ToolTips: Device ToolTips appear when you roll your mouse over devices in topology maps. Device ToolTips are defined by HTML entries in the ITNMHOME/profiles/ TIPProfile/etc/tnm/topoviz.properties configuration file on the server where the Network Manager GUI components are installed. You can specify the content of ToolTips associated with devices, subnets and links. By default, the domain of a device is displayed in the ToolTip. The topoviz.properties file is monitored every 60 seconds for changes, so that any changes are automatically detected by Topoviz. Entries in the topoviz.properties file that control device ToolTips The default settings for controlling device ToolTips are as follows: topoviz.tooltip.map_item.entityType=HTML_statement Where: map_item Takes one of the following values: v device: For a chassis (main node device) or subnet ToolTip 220 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide v link: for a link ToolTip entityType Is the entityType number for a device, subnet, or link. It takes one of the following values: v 1: For a chassis (main node device) ToolTip v 15: For a subnet ToolTip v 2: For a link ToolTip HTML_statement Is any valid HTML code that is used to define the content and format of the ToolTip. To insert the value from an NCIM topology database field use the following syntax: {table.field} Example The following example statement defines a chassis ToolTip: topoviz.tooltip.device.1=<b>{entityData.displayLabel}</b><br><b>sysDescr:</b> &nbsp;{chassis.sysDescr}<br><b>sysContact:</b>&nbsp;{chassis.sysContact} <br><b>sysLocation:</b> &nbsp;{chassis.sysLocation}<br><b>{i18n.netview_props.domain}</b>&nbsp; {mainNodeDetails.domainName} Note: The {i18n.netview_props.domain} entry will be replaced with the appropriate language version at runtime, read from the i18n properties file. Changing icons in the Network Views and Network Hop View GUIs You can change the icons that represent device classes, class types, trees, and maps to make them more recognizable to users when users view topology maps within the Network Views and the Network Hop View. Adding icons: Make extra, custom icons available for network operators to choose from if they want to change the icons that they use in the Network Views and Network Hop View GUIs. To make custom tree and map icons available to network operators: 1. Create your icon. For best results, use the following formats: v For the tree icon: 16 by 16 pixel PNG, GIF, or JPG image v For the map icon: PNG, GIF, JPG, or SVG image of any size You need only supply one image, because Topoviz scales the icon as appropriate. 2. Copy your icon to the ITNMHOME/profiles/TIPProfile/etc/tnm/resource/ directory on the server where the Web Applications are installed. Related concepts: “TopoViz icons” on page 219 In a topology map, icons represent types of device or network elements. You can customize these icons. Chapter 4. Configuring 221 Assigning icons to devices: You can change the icons for devices and other entities used in topology maps displayed within the Network Views and Network Hop View GUIs.. Assigning icons to device classes: To represent different device classes with different icons, assign each device class its own icon. This helps operators distinguish between device classes in topology maps, for example between Cisco and Alcatel devices. Make custom icons available by adding icons as described in the related link. To assign a custom icon to a device class: 1. Assign the icon prepared earlier to a class type by modifying the line that describes the icon to the topoviz.properties file, as follows: a. Edit the ITNMHOME/profiles/TIPProfile/etc/tnm/topoviz.properties file. b. Find the section that specifies icon names for device types. c. Modify the relevant line of code as follows: topoviz.deviceicon.classname=iconname.extension Where v classname is the name of the device class. This must correspond to the active object parameter within the AOC file that defines the class. AOC files are contained in the ITNMHOME/precision/aoc/ directory. v iconname is the name of your icon. v extension is the file extension. 2. Save the topoviz.properties file. Related tasks: “Adding icons” on page 221 Make extra, custom icons available for network operators to choose from if they want to change the icons that they use in the Network Views and Network Hop View GUIs. Assigning icons to entity types: Some network entities that display in the GUI are not devices and therefore do not have an associated class name. In order to be able to display an icon for these entities in the GUI, you can associate an icon to the related entity type to an icon. Make custom icons available by adding icons as described in the related link. To assign a custom icon to an entity type: 1. Assign the icon prepared earlier to a class type by adding a line that describes the icon to the topoviz.properties file, as follows: a. Edit the ITNMHOME/profiles/TIPProfile/etc/tnm/topoviz.properties file. b. Find the section that specifies icon names for device types. c. Add the relevant line of code as follows: topoviz.image.entitytype=iconname.extension Where 222 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide v entitytype is the entity type. This must exactly match the entity type name as listed in the NCIM entityType table. For more information on the entityType table, see the IBM Tivoli Network Manager IP Edition Topology Database Reference. v iconname is the name of your icon. v extension is the file extension. 2. Save the topoviz.properties file. RAN GSM Cell An example of a network entity that displays in the GUI but is not a device and therefore does not have an associated class name is the entity type 130: RAN GSM Cell. A RAN GSM Cell is a collection of elements, but does not have a class type or class name. To associate the cloud icon for the RAN GSM cell in the GUI, the following line was added to the topoviz.properties file: topoviz.image.RAN\ GSM\ Cell=cloud.svg Note: The spaces in the entity name RAN GSM Cellmust be escaped with a backslash (\). Related tasks: “Adding icons” on page 221 Make extra, custom icons available for network operators to choose from if they want to change the icons that they use in the Network Views and Network Hop View GUIs. Assigning icons to class types: Change the icons that are used to represent class types to make it easier for network operators to identify the class types in topology maps. Class types group together more than one class. For example, you might want a single icon that represents the class type CiscoSwitch, where the CiscoSwitch class type groups together multiple Cisco switch class icons. Make custom icons available by adding icons as described in the related link. To assign a custom icon to a class type: 1. Identify the classes that make up your class type. For example, if you want a single icon for all Cisco switches (the Cisco switch class type), then identify each of the AOC files that represent individual Cisco switch classes. 2. Go to the directory that contains the active object class (AOC) files. AOC files define the device classes. cd $NCHOME/precision/aoc/ 3. For each AOC file in your class type, modify the visual_icon parameter as follows: visual_icon = classtype; For example, in each Cisco switch AOC file, modify the visual_icon parameter as follows: visual_icon = CiscoSwitch; 4. Assign the icon prepared earlier to a class type. For example, if you want to use a single icon for all Cisco switches (the Cisco switch class type), then edit Chapter 4. Configuring 223 the ITNMHOME/profiles/TIPProfile/etc/tnm/topoviz.properties file, find the section that specifies icon names for device types and modify the relevant line of code as follows: topoviz.image.CiscoSwitch=my_icon.svg Where my_icon is the name of your custom icon file for the Cisco switch class type. 5. Save the topoviz.properties file. Assigning an icon for the RAN transmitter class type An existing example is the class type for radio area network (RAN) transmitters. A number of RAN device classes fall into the transmitter type. For example, the RANBaseStation and RANNodeB classes both fall into the transmitter class type and are represented by a single transmitter icon. This is implemented using the following file settings: AOC file for RANBaseStation In this file, the visual_icon parameter is set to the generic class type Transmitter. //************************************************************* // // File : RANBaseStation.aoc // //************************************************************* active object ’RANBaseStation’ { super_class = ’NetworkDevice’; instantiate_rule = "ExtraInfo->ranBaseStation != NULL"; visual_icon = ’Transmitter’; }; AOC file for RANNodeB In this file, the visual_icon parameter is also set to the generic class type Transmitter. //************************************************************* // // File : RANNodeB.aoc // //************************************************************* active object RANNodeB { super_class = ’NetworkDevice’; instantiate_rule = "ExtraInfo->ranNodeB != NULL"; visual_icon = ’Transmitter’; }; topoviz.properties file In this file, the icon transmitter.svg is assigned to any class that has the visual_icon = ’Transmitter’; setting in its AOC file. topoviz.image.Transmitter = transmitter.svg 224 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Related tasks: “Adding icons” on page 221 Make extra, custom icons available for network operators to choose from if they want to change the icons that they use in the Network Views and Network Hop View GUIs. Configuring topology map updates and appearance You can change the way devices and alert status are displayed in the topology maps. You can also modify frequency of updates to topology and alert status. Appearance of nodes and lines in topology maps: By default nodes, representing, for example, devices, and other network entities, always appear before the lines showing connections between the nodes. You can change this default setting, but this can make it difficult to view and interact with the nodes. By default nodes overlay lines in a topology map. The setting that controls this option can be found in the following file: ITNMHOME/profiles/TIPProfile/etc/tnm/ topoviz.properties. To locate this settings, search for the relevant section that begins with the comment # Specifies whether nodes are drawn before edges. # Specifies whether nodes are drawn before edges # true => Edges overlay nodes # false => Nodes overlay edges topoviz.graph.nodesBeforeEdges=false By default the setting topoviz.graph.nodesBeforeEdges is set to false, which means that nodes always overlay lines in a topology map. Changing the frequency of topology update checks: TopoViz checks at regular intervals whether the topology shown in a network view has been updated. To change this frequency, change the topoviz.topologyupdateperiod value of the topoviz.properties file. Any new nodes appear automatically in the topology maps; the new nodes are highlighted using handles. The default frequency is 3600 seconds (60 minutes). You can change this to any value in seconds. If you set the topoviz.topologyupdateperiod value to 0, Topoviz stops checking for updates to the topology. To change the check frequency: 1. Open the ITNMHOME/profiles/TIPProfile/etc/tnm/topoviz.properties configuration file and identify the following line: topoviz.topologyupdateperiod=3600 2. Change the frequency to the required value in seconds. Save and close the topoviz.properties file. Chapter 4. Configuring 225 Configuring the display of extra information associated with a device: Information such as alert status and maintenance state of a device is displayed in a colored border around the device. You can configure the colors, icons, and positioning of the elements used to display this information. You control the display of extra information associated with a device using the settings in the following files: v ITNMHOME/profiles/TIPProfile/etc/tnm/topoviz.properties v ITNMHOME/profiles/TIPProfile/etc/tnm/status.properties The settings that you can configure using these files include the following: Managed status of device Icons that displays unmanaged and partially unmanaged status, position, and size of the icons. Manually added device indication Icon to indicate that this is a manually added device, position, and size of the icon. Alert status of device Whether to display an alert status icon, and if displayed, position of the alert status icon. Frame around the device Roundness of the corners of the frame around the device, height and width of the frame. Device label text Typeface, font size and font style of the device label text. Example The following figure shows a representation of a device display, showing a manually added device in unmanaged mode. 1 2 manually_added Figure 10. Representation of a device display, showing a manually added device in unmanaged mode 226 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Configure the settings for the unmanaged status and manually added device icons as follows: 1 Unmanaged status icon, position, and size The settings are specified in the topoviz.properties file. To locate these settings, search for the relevant section that begins with the comment # Overlay definitions.. 1] 2] 3] 4] 5] 6] 7] # Overlay definitions. topoviz.overlay.image.UNMANAGED=unmanaged.svg topoviz.overlay.position.UNMANAGED=C topoviz.overlay.size.UNMANAGED=25 topoviz.overlay.image.PARTIALMANAGED=partial_managed.svg topoviz.overlay.position.PARTIALMANAGED=C topoviz.overlay.size.PARTIALMANAGED=25 Table 43. Description of settings for the unmanaged status icons Line Description 2 Specifies the icon to use to indicate unmanaged status. 3 Specifies the position of the unmanaged status icon. The letter C means centered. 4 Specifies the size of the unmanaged status icon. The number is a relative value. 5 Specifies the icon to use to indicate partially unmanaged status. 6 Specifies the position of the partially unmanaged status icon. The letter C indicated centered. 7 Specifies the size of the partially unmanaged status icon. The number is a relative value. 2 Manually added device icon, position, and size The settings are specified in the topoviz.properties file. To locate these settings, search for the relevant section that begins with the comment # Overlay definitions.. 1] 2] 3] 4] 5] # Overlay definitions - Manual device topoviz.overlay.image.MANUAL=manualoverlay.svg topoviz.overlay.position.MANUAL=E topoviz.overlay.size.MANUAL=10 topoviz.overlay.xoffset.MANUAL=-2 Table 44. Description of settings for the manually added device status icon Line Description 2 Specifies the icon to use to indicate a manually added device. 3 Specifies the position of the manually added device icon. The letter E means east of center. 4 Specifies the size of the manually added device icon. The number is a relative value. 5 Specifies x-axis offset of the icon. The East of center positioning in line 2 would place the icon so that it is touching the frame surrounding the device. The -2 offset value moves the icon slightly to the left, so that it is positioned just inside the frame. Example The following figure shows a representation of a device display, showing an associated critical alert. Chapter 4. Configuring 227 1 2 tacoma-cr-2800t.... 3 Figure 11. Representation of a device display, showing an associated critical alert Configure the settings for the alert status icon, the device frame, and device label text as follows: 1 Alert status icon The settings that control whether and where to display alert status icons in topology maps are as follows. Some settings are in the topoviz.properties file and others are in the status.properties file. Whether to display alert status icons in the topology maps The setting in the status.properties file that instructs the system to display alert status is status.enabled=true. Position The setting in the topoviz.properties file that specifies the position of the alert status icon.is topoviz.status.position=NE. This instructs the system to place the alert status icon in the north east (top right) corner of the frame containing the device. 2 Device frame The settings are specified in the topoviz.properties file. To locate these settings, search for the sections that begins with the comment # Node dimensions and # Corner arc. 1] 2] 3] 4] 5] 6] 7] 8] 9] 10] 11] # Node dimensions (not used in legacy mode). topoviz.node.height=60 topoviz.node.width=100 # Node resizability # Options: LOCKED (Fixed height and width) # TIGHT_HEIGHT (Fixed height, variable width) topoviz.node.resizeability=TIGHT_HEIGHT # Corner arc (not used in legacy mode). topoviz.node.arc=10 Table 45. Description of settings for the device frame Line Description 228 2 Specifies the height of the frame. 3 Specifies the width of the frame. Note: There is no wrapping of text for the device label, so if you want to show all of the device label text you must either increase this width value or decrease the text font size using the topoviz.node.fontsize setting. IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 45. Description of settings for the device frame (continued) Line Description 8 Specifies how the topoviz.node.height and topoviz.node.width settings are handled. The default is TIGHT_HEIGHT. Using LOCKED means the values set in the topoviz.node.height and topoviz.node.width parameters are used for the device frame. Using TIGHT_HEIGHT maintains the topoviz.node.height setting, but does not maintain the topoviz.node.width setting, which means the device frame is automatically widened as necessary to accommodate the device label while keeping the width to the minimum. 11 Specifies the roundness of the corners of the frame. The higher the value, the more rounded the corners. 3 Device label The settings are specified in the topoviz.properties file. To locate these settings, search for the relevant section that begins with the comment # Font settings. 1] 2] 3] 4] # Font settings topoviz.node.font=Arial,Helvetica topoviz.node.fontsize=10 topoviz.node.fontstyle=0 Table 46. Description of settings for the device label text Line Description 2 Specifies the typeface to use for the device label text. 3 Specifies the font size to use for the device label text. 4 Specifies the font style to use for the device label text. Related concepts: “TopoViz icons” on page 219 In a topology map, icons represent types of device or network elements. You can customize these icons. Related tasks: “Changing alert settings” on page 230 If required, you can change the settings for alerts. You can change the frequency of updates to alert severity information, replace the default icons that represent alert severity, configure how alert status is retrieved, and configure other alert settings. Configuring position of nodes in Network Views after rediscovery: You can configure how newly discovered and existing nodes are positioned in the network views after a rediscovery of the network. By default, the TopoViz client changes the layout of a network view map as newly discovered nodes are added to the map. The position of existing nodes is not guaranteed when the map layout is updated because the layout is governed by factors such as connectivity information obtained during the discovery. To change the default behavior and configure Network Manager to maintain the position of existing nodes and visually separate new nodes from nodes already present in the network views, edit the following parameters. Chapter 4. Configuring 229 Note: This behavior works best with the Symmetric Layout. Other layout options take other factors into account which can affect the position of existing nodes. For example, the Circular Layout places greater emphasis on presenting nodes in a circular layout than maintaining node positions, while the Hierarchical and Orthogonal layouts place greater emphasis on routing the connections between nodes using orthogonal lines than maintaining exact node positions. 1. Go to NCHOME/precision/profiles/TIPProfile/etc/tnm and open the topoviz.properties file. 2. Locate the topoviz.node.freezeold parameter and change the value to true (the default value is false). The true setting maintains the position of existing nodes, while new nodes are placed in a row at the top of the map, clearly separating the new nodes from nodes not added during the last rediscovery. The new nodes are placed in one or more rows at the top of the map with a horizontal and vertical spacing of 20 pixels by default. 3. Log out of the Network Manager GUI and restart the browser. This is required for the true setting to take effect. 4. Optional: You can further adjust the positioning of new nodes using the following parameters in the topoviz.properties: v You can set whether the new nodes are placed at the top or bottom of the map using the topoviz.node.new.placement parameter. The default setting is top, change it to bottom to have the new nodes placed at the bottom of the network view map. v You can set the horizontal spacing between new nodes in pixels using the topoviz.node.new.spacing.horizontal parameter. The default setting is 20 pixels, change it to a different pixel count to position each new node closer to each other or further apart horizontally. v You can set the vertical spacing between new nodes in pixels using the topoviz.node.new.spacing.vertical parameter. The default setting is 20 pixels, change it to a different pixel count to position each new node closer to each other or further apart vertically. Note: All additional settings discussed in this step only take effect if the topoviz.node.freezeold is set to true. Changing alert settings: If required, you can change the settings for alerts. You can change the frequency of updates to alert severity information, replace the default icons that represent alert severity, configure how alert status is retrieved, and configure other alert settings. Related reference: “Configuring the display of extra information associated with a device” on page 226 Information such as alert status and maintenance state of a device is displayed in a colored border around the device. You can configure the colors, icons, and positioning of the elements used to display this information. 230 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Changing the frequency of alert severity updates: If required, change how often the alert severity information is updated from the Tivoli Netcool/OMNIbus Web GUI. To change the frequency with which the alert severity is updated: 1. On the server where the Web Applications are installed, open the ITNMHOME/profiles/TIPProfile/etc/tnm/status.properties file. 2. Make the following changes: v To change the frequency of alert severity updates in the network view tree, change the value of the status.tree.updateperiod property. The value is in seconds. For example: status.tree.updateperiod=60 v To change the frequency of alert severity updates in the topology map, change the value of the status.map.updateperiod property. The value is in seconds. For example: status.map.updateperiod=60 3. Save and close the file. Changing the icons for alert severity levels: You can change the alert status icons used to represent alert severity levels in the Network Views GUI. Changing icons for alert severity levels in the network views: If you want different alert status icons to represent alert severity levels in the Network View GUI, replace the default icons. The required formats for replacement icons are as follows: v For the network view tree: GIF or PNG files. v For the topology map: GIF, PNG, or SVG files. GIF or SVG files. To replace a default icon: 1. Create the image for the security icon that you want to replace and copy the image to ITNMHOME/profiles/TIPProfile/etc/tnm/resource/. 2. Open the ITNMHOME/profiles/TIPProfile/etc/tnm/status.properties file and make the following changes. a. In the Tree status images section of the files, point the property for the required severity to the new image. For example, to replace the default critical.gif file for severity level 5 with your own new image: status.tree.image.5=status/<filename for new critical icon>.gif b. In the Map status images section of the files, point the property for the required severity to the new image. For example, to replace the default critical.gif file for severity level 5 with your own new image: status.map.image.5=status/<filename for new critical icon>.gif 3. Repeat the steps for each default icon that you want to replace. 4. Save and close the file. Chapter 4. Configuring 231 Changing icons for alert severity levels in topology map tabular layout: If you want different alert status icons to represent alert severity levels in the topology map tabular layout option, replace the default icons. The required formats for replacement icons for the topology map table view are GIF or PNG files. To replace a default icon: 1. Create the image for the security icon that you want to replace and copy the image to ITNMHOME/profiles/TIPProfile/etc/tnm/resource/. 2. Open the ITNMHOME/profiles/TIPProfile/etc/tnm/status.properties file and in the Net View Table status images section of the files, point the property for the required severity to the new image. For example, to replace the default ac16_critical04_24.gif file for severity level 5 with your own new image: status.table.image.5=status/<filename for new critical icon>.gif 3. Repeat the steps for each default icon that you want to replace. 4. Save and close the file. Configuring on-demand AEL filters for the Network View tree: When you click on an alert status icon in the Network View tree, a filtered AEL is displayed. You can configure the Network View tree to define these filters on demand, which uses less memory. Configuring AEL filters to be defined for all Network Views in the Network View Tree uses a large amount of heap memory, especially with deep, highly structured navigation trees with a large number of parent views, and might cause performance issues. You can configure the Network View tree to define AEL filters for only the Network View that is currently displayed. Defining filters on demand uses less memory. By default, on-demand filtering is disabled and filters are created for all views when the Network View tree is displayed. Filters are always created for the leaf nodes in the Network View Tree. Leaf nodes are Network Views (not containers) that do not themselves contain other Network Views. Aggregated alert status is shown for all nodes in the Network View tree regardless of whether on-demand AEL filters are enabled or not. To configure on-demand AEL filters in the Network View tree, complete the following steps: 1. On the server where the Web Applications are installed, back up and edit the ITNMHOME/profiles/TIPProfile/etc/tnm/status.properties file. 2. Make the following changes: v To enable on-demand AEL filters in the Network View tree, change the value of the status.tree.filterael property to false. AEL filters are created only when you open a Network View. When you open an AEL from a parent Network View in the Network View tree that has not been opened in the topology display pane, the AEL shows events for all devices. If you click on the Network View, and then launch an AEL from that view, the AEL is filtered to show events on only those devices in that view. v To disable on-demand AEL filters in the Network View tree, change the value of the status.tree.filterael property to true. AEL filters are created for 232 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide every view in advance. When you open an AEL from any Network View, the AEL is filtered to show events on only those devices in that view. 3. Save and close the file. Alert status settings: The alert status settings control whether and how devices are displayed in topology maps, and the frequency with which the settings are updated. The alert status settings are contained in the ITNMHOME/profiles/TIPProfile/etc/ tnm/status.properties file. You can control the following settings: Table 47. Alert status settings Setting Description status.color. background. severity Specifies background status color for each alert severity level. status.color. foreground. severity Specifies the color of the device label text for each alert severity level. status. globalfilter Filters out certain types of alerts from being displayed in the status of devices in the topology maps. For example status.globalfilter=’NmosPingFail’ would prevent ping fail events from affecting the displayed status of devices in the topology views. This property filters on the alerts.status ObjectServer table. status. hopview. linestyle Indicates whether to display the alert status on links between nodes in the Hop View. status.map. updateperiod Specifies how often the system updates the alerts status settings in the topology maps. status.map. maxnodes Indicates the maximum number of nodes for which alert status can be displayed in a single topology map. status.map. image.severity Specifies the icons that are used to represent device alert status in the topology map. To customize these icons, create a GIF or SVG icon with the relevant name and save it to the following location: ITNMHOME/profiles/TIPProfile/etc/tnm/resource/. status.map. image.size. severity Specifies the size of the icons to use to represent device alert status in topology maps. status.map. image.xoffset. severity Specifies x-axis and y-axis offset of the icon. The NE (northeast) positioning specified in the ITNMHOME/profiles/TIPProfile/etc/tnm/topoviz.properties file would place the icon so that it is touching the frame surrounding the device. The offset values moves the icon slightly down and to the left, so that it is positioned just inside the frame. status.map. image.yoffset. severity Chapter 4. Configuring 233 Table 47. Alert status settings (continued) Setting Description status.map. topcolor. saturation. severity Specify saturation and brightness adjustment controls that control the gradient of the background status color for each alert severity level. status.map. bottomcolor. saturation. severity status.map. topcolor. brightness. severity status.map. bottomcolor. brightness. severity status.netview. linestyle Indicates whether to display the alert status on links between nodes in the Network Views. status.none. enabled Indicates whether the none status for a device is represented in the same way as the clear status. Tip: none status means that no events have been received for the device. clear status means that earlier events of severity level 1 or more have now been cleared on the device. status. registration. devicealert Set this property to true to include alerts from devices in the alert status of views that are based on device components. For example, if you have an MPLS view that includes only interfaces, you might want to exclude alerts from the chassis of the devices containing those interfaces. To exclude alerts from the main nodes, set this property to false. status. registration. threadscalefactor Defines how many threads are used to register alert status. For example, if the status.registration.threadlimit property is set to 200 (the default), then one extra thread is used for each additional 200 views that a user has. This setting applies to all users. Increase the default setting if alert status takes a long time to appear on maps and in the Network View tree. More threads use more resources. Ensure that you have enough resources on the server to run the extra threads, based on your total number of users and views. Threads are increased up to the maximum defined by the status.registration.threadlimit property. status. registration. threadlimit The upper limit of the number of threads allowed per user to register alert status. Sets a limit for the scaling of threads defined by the status.registration.threadlimit property. status.table. image.severity Specifies the icons that are used to represent device alert status in the topology map tabular layout. To customize these icons, create a GIF or SVG icon with the relevant name and save it to the following location: ITNMHOME/profiles/TIPProfile/etc/tnm/resource/. status.table. image.sortUp Specify how to sort alert severity icons in the topology map tabular layout. status.table. image.sort Down status.tree. bookmarks. enabled Specifies whether device status is displayed in the Network View Bookmark tree. Set to true to enable and false to disable. status.tree. libraries. enabled Specifies whether device status is displayed in the Network View Library tree. Set to true to enable and false to disable. 234 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Table 47. Alert status settings (continued) Setting Description status.tree. maxviews Specifies the maximum number of views that a Network View tree can contain and still display alert status. status.tree. registration. ondemand To enable on-demand AEL filters in the Network View tree, change the value of the status.tree.registration.ondemand property to true. When you open an AEL from a parent Network View in the Network View tree that has not been opened in the topology display pane, the AEL shows events for all devices. If you click on the Network View, and then launch an AEL from that view, the AEL is filtered to show events on only those devices in that view. Enabling on-demand filters uses less heap memory. To disable on-demand AEL filters in the Network View tree, change the value of the status.tree.registration.ondemand property to false. When you open an AEL from any Network View, the AEL is filtered to show events on only those devices in that view. status.tree. updateperiod Specifies how often the system updates the alerts status settings in the Network Views and Structure Browser Navigation Panel. status.tree. image.severity Specifies the icons that are used to represent device alert status in the network view tree. To customize these icons, create a GIF or SVG icon with the relevant name and save it to the following location: ITNMHOME/profiles/TIPProfile/etc/tnm/resource/. Where severity is a string or number specifying alert status severity status.view. enabled Specifies whether device status is displayed in Network Views and in table views. Set to true to enable and false to disable. Configuring visual differentiation between manually added and discovered devices: You can configure the topology views to highlight manually added devices in the topology map using an overlay icon. To configure the system to highlight manually added devices: 1. Edit the following file: ITNMHOME/profiles/TIPProfile/etc/tnm/ topoviz.properties. 2. Within this file check the topoviz.topologymanagement.differentiate_manual value. v topoviz.topologymanagement.differentiate_manual=true: configures manually added devices and connections to be differentiated from discovered devices and connections. v topoviz.topologymanagement.differentiate_manual=false: manually added devices and connections are not differentiated from discovered devices and connections. By default, this value is set to true. 3. If the setting is topoviz.topologymanagement.differentiate_manual=true, then check the overlay image configuration for differentiation of manually added nodes. # Overlay definitions - Manual device topoviz.overlay.image.MANUAL=manualoverlay.svg topoviz.overlay.position.MANUAL=E topoviz.overlay.size.MANUAL=10 topoviz.overlay.xoffset.MANUAL=-2 This configuration snippet contains the following settings: Chapter 4. Configuring 235 v The overlay image used for is called manualoverlay.svg. This file is located at ITNMHOME/profiles/TIPProfile/etc/tnm/resource/. You can change the overlay image used by copying a different .svg icon to ITNMHOME/profiles/ TIPProfile/etc/tnm/resource/manualoverlay.svg. v By default, the icon appears to the right (E stands for east) of the manually added device. Other options are N, S, W, NE, NW, SW, SEand C, where C means centred on the device. 4. Save the topoviz.properties file. Switching to V3.8 visualization mode: Topology icons and the way they are presented have changed from previous versions. Use this information if you want to switch back to the V3.8 mode of topology presentation. To switch back to the V3.8 mode of topology presentation you must edit the following configuration files: v ITNMHOME/profiles/TIPProfile/etc/tnm/topoviz.properties v ITNMHOME/profiles/TIPProfile/etc/tnm/status.properties 1. Open the file ITNMHOME/profiles/TIPProfile/etc/tnm/topoviz.properties. 2. Search for the text legacy. 3. Each time the text legacy is found, follow the instructions in the comments. 4. Save the ITNMHOME/profiles/TIPProfile/etc/tnm/topoviz.properties file. 5. Open the file ITNMHOME/profiles/TIPProfile/etc/tnm/status.properties. 6. Search for the text legacy. 7. Each time the text legacy is found, follow the instructions in the comments. 8. Save the ITNMHOME/profiles/TIPProfile/etc/tnm/status.properties file. Configuring the AEL in composite topology views You can configure the type of Active Event List (AEL) view that is opened when a network node is clicked in one of the default views that combine network views and AELs. The Network Health View and the Fault-Finding View are composite topology views, that is, they combine a network views and an AEL. When you click a node in the network view or a node in the network view tree, the AEL refreshes to show any events for that node. You can configure the type of AEL that is displayed. You might want to configure the type of AEL if you want to display an AEL view that contains a subset of columns. You can also use this procedure to troubleshoot errors with AELs not appearing in composite views, if the error states that a particular AEL view cannot be found. To configure the AEL view, complete the following steps: 1. Back up and edit the ITNMHOME/profiles/TIPProfile/etc/tnm/ topoviz.properties configuration file and identify the following section: # AEL view descriptions. topoviz.webtop.view.name=Default topoviz.webtop.view.type=global 2. Change the values to correspond to the type and name of the AEL that you want to use. 3. Save and close the file. 236 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Loading updated MIB information To ensure that the MIB browser reflects the most up-to-date MIB information, load updated MIB information by running the ncp_mib command-line application. You need to run the ncp_mib command-line application only when new MIBs are added to the NCHOME/precision/mibs directory. It is run once during installation, so if you do not add new MIBs, you do not need run it again. Important: All MIBs must be valid in order to be parsed correctly. The ncp_mib command is case-sensitive and expects a suffix of .mib (not .MIB). The prefix can be a combination of upper or lower case. When run, ncp_mib populates the ncmib schema in the NCIM database to provide a central store of all MIB information that Network Manager can query. The ncmib schema within the NCIM database is defined in NCHOME/etc/precision/ MibDbLogin.cfg; the default value is MIB. There is only one ncp_mib process for all domains. So, there is no -domain option for ncp_mib. There are also no process dependencies for this command. In a distributed installation, ncp_mib is installed on the Tivoli Integrated Portal server, that is, on the same server as the Network Manager Web applications. If your MIB database gets corrupted or if you want to import a new MIB that conflicts with one that was imported previously, note the various command-line options by running ncp_mib -help. Tip: If you are uncertain what the result will be of running ncp_mib, run it with the -dryrun option. You can see the results, but the database will not be altered. To update the MIB information, complete the following steps on the server where the Tivoli Integrated Portal is installed. 1. Copy any new MIB files to the NCHOME/precision/mibss directory. 2. Ensure that the database login credentials are correct. The only configuration parameters required for the ncp_mib command-line application are the database login credentials for the ncim database. These are stored in a configuration file, NCHOME/etc/precision/MibDbLogin.cfg. Note that because ncp_mib is domain-independent, this file does not have domain-specific variants as other configuration files do. 3. Start the ncp_mib process by issuing the ncp_mib command. To verify that a MIB has successfully loaded, query the database table ncmib.mib_modules by entering the following command from the NCIM database prompt (this example assumes that NCIM is running on DB2): select * from ncmib.mib_modules where moduleName =’RFC1213-MIB’; If the MIB loaded, a table is displayed containing a moduleName of RFC1213-MIB. You can also verify that MIBs are loaded by running the ncp_mib command with the -messagelevel info option. A message similar to the following informs you that the MIBs are being processed: 09/10/08 12:41:08: Information: I-MIB-001-013: [1096571552t] Resolving references for module ’RFC1213-MIB’ Chapter 4. Configuring 237 When processing completes, a message states that the MIBs have been committed to the database. Tip: For information on using the SNMP MIB Browser and graphing MIB variables, see the IBM Tivoli Network Manager IP Edition Network Troubleshooting Guide. Configuring the presentation of events from unmanaged devices You can configure the way events from unmanaged devices (devices that are not polled by Network Manager) are presented to network operators. You can configure Network Manager to present unmanaged events in the AEL in the following ways: v Filtering out the unmanaged events so that they do not appear at all in the AEL, or tagging these events in the AEL so that you know that they come from unmanaged devices. v Tagging these events in the AEL so that the network operator knows that they come from unmanaged devices. In this case, the NmosManagedStatus field associated with an unmanaged event in the AEL displays the value 1 (Operator unmanaged) or 2 (System unmanaged). Tivoli Netcool/OMNIbus probes and event sources from other network management systems can generate events on devices or interfaces that have been marked as Unmanaged in Network Manager. An unmanaged device is usually marked Unmanaged because it is undergoing maintenance and may therefore generate unnecessary network events. The following topics describe how to manage network events from an unmanaged device. Remember: Unmanaged devices are shown in the network map with an overlaid double-ended wrench icon. Partially unmanaged devices (devices in which only certain interfaces are unmanaged) are shown in the network map using an overlaid single-ended wrench icon. Filtering out events from unmanaged devices You can filter events from unmanaged devices so that they do not appear in the AEL. 1. In the AEL, select the Filter Builder. 2. Create a new filter or edit the existing filter to filter out all events where the NmosManagedStatus field is equal to 1 (Operator unmanaged) or 2 (System unmanaged). Once you have completed this operation and applied the filter to the AEL, events from unmanaged devices no longer appear in the AEL. 238 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Tagging events from unmanaged devices You can tag events in the AEL so that you know that these events come from unmanaged devices. 1. In the AEL, select the View Builder. 2. Create a new view or edit the existing view to display the NmosManagedStatus field associated with an event. This field displays the managed status of the device or interface the event was raised for. For unmanaged devices, this field displays the value 1 (Operator unmanaged) or 2 (System unmanaged). Once you have completed this operation and applied the view to the AEL, each event in the AEL will display the managed status of the associated network device or interface. Configuring reports for existing installations You can configure the network management reports provided by Network Manager to use with Tivoli Common Reporting. To enable network management reports, you must have Tivoli Common Reporting installed. If you installed Network Manager GUI components on a machine where Tivoli Common Reporting was already present, then you do not need to complete these steps. To configure network management reports: 1. Log into the machine where you have Network Manager GUI components and Tivoli Common Reporting installed. 2. Run the script to configure network management reports either from the installer launchpad or the command line: Option Description From the launchpad 1. Go to the directory where you extracted the Network Manager installation package. 2. Start the launchpad as the user that installed Network Manager by entering the ./launchpad.sh command. 3. Select the Postinstallation menu. 4. Expand Install Network Manager reports to use with TCR and click Install Network Manager reports. From the command line 1. Go to the NCHOME/precision/products/ tnm/bin directory. 2. Run the configTCR.sh -d NCIM_database_password -p TIP_administrator_password -i install script. Chapter 4. Configuring 239 Migrating the Cognos content store from Derby to DB2 The default content store database that is used by Cognos is suitable for demonstration purposes, but it is not to be used as the content store database in a production environment. If you use network management reports with Tivoli Common Reporting, you have the option of migrating the content store database from the default Derby database to DB2. Network Manager uses the database set up in Tivoli Common Reporting for the Cognos content store. If you have already changed your Tivoli Common Reporting setup to use another database other than the default Derby database, you might not need to perform this task. For more information about the default Derby database and the alternative content store databases for Tivoli Common Reporting, see the following technote: http://www-01.ibm.com/support/docview.wss?uid=swg21609287. You need to perform the following steps to switch to DB2 for the Cognos content store regardless of whether you are installing Network Manager on a server with an existing Tivoli Common Reporting installation, or you are installing Tivoli Common Reporting on a server with existing Network Manager GUI and Tivoli Integrated Portal components already installed. This is because any installation of Tivoli Common Reporting uses Derby by default, and you need to change to DB2 manually. To migrate the Cognos content store from the default Derby database to DB2: 1. Log in to the Network Manager GUI as the itnmadmin user and export the content store data as described in http://publib.boulder.ibm.com/infocenter/ c8bi/v8r4m0/index.jsp?topic=/com.ibm.swg.im.cognos.inst_cr_winux.8.4.1.doc/ inst_cr_winux_id3024c8bi_CreateAnExportDeploymentSpecif.html. Note: When clicking Select the entire content store to export the entire content store, ensure you select to include user account information. 2. Log in as the user that created the Network Manager database. In this example 'db2inst1': su - db2inst1 3. Source the DB2 environment variables: . sqllib/db2profile 4. Create the Cognos database using the following Network Manager script, calling out the database user, in this case 'ncim': a. Go to $NCHOME/precision/scripts/sql/db2. b. Type ./create_db2_cognos_database.sh database_name user_name, where database_name is the required name of the Cognos content store database, and user_name is the DB2 user that is used to connect to the database. For example, to create a database called ITNMCM for the DB2 user ncim, type ./create_db2_cognos_database.sh ITNMCM ncim. Note: If your DB2 database is on a different server to Network Manager, then copy the script to the server where your database is located and run the script there. 5. As the user who installed Network Manager, configure the content store data source access using the following Network Manager script: a. Source the environment variables: . /opt/IBM/tivoli/netcool/env.sh b. Go to $NCHOME/precision/products/tnm/bin. 240 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide c. Type ./modify_cognos_cm -filename full path to file -dbname database_name -dbport port_number -dbhost host_name -dbtype db2 -username user_name -password password . For example, use a command line similar to the following: UNIX $NCHOME/precision/products/tnm/bin/modify_cognos_cm -filename TCR_installation_directory/cognos/configuration/cogstartup.xml -dbname ITNMCM -dbport 50000 -dbhost abc -dbtype db2 -username db2inst1 -password password 6. As the user who installed Network Manager, restart the Tivoli Integrated Portal server: go to $NCHOME/precision/bin and issue itnm_stop tip and then itnm_start tip. Note: If your environment variables are set, you can run the stop / start command from any directory. 7. Import the content store as described in http://publib.boulder.ibm.com/ infocenter/c8bi/v8r4m0/index.jsp?topic=/ com.ibm.swg.im.cognos.ug_cra.8.4.1.doc/ug_cra_i_ImportData.html Note the following for the import procedure: a. In the Deployment archive box, select the archive you previously created during the export procedure. b. When selecting the options you want, ensure you select Reports should be upgraded for your conflict resolution choice. 8. After migrating the Cognos content store from Derby to DB2, uninstall the Derby content database as described in the 'Uninstall Cognos Content Database' topic in the IBM Cognos 8 Business Intelligence Installation and Configuration Guide 8.4.0 on the IBM Cognos information center: http://publib.boulder.ibm.com/infocenter/c8bi/v8r4m0/index.jsp?topic=/ com.ibm.swg.im.cognos.inst_cr_winux.8.4.0.doc/ inst_cr_winux_id7376UninstallCognosContentDatabase.html Important: Note the following for the Derby uninstall procedure: When using Tivoli Common Reporting the cmd is tcr_cogconfig.sh (instead of cogconfig.sh). Enabling failover You can enable failover in your Network Manager environment to ensure that the different components are kept running and available. About failover In your Network Manager environment, a failover architecture can be used to configure your system for high availability, minimizing the impact of computer or network failure. Failover can be implemented for each of the following products and components, which can be installed when you run the Network Manager installer: v The Network Manager core components, including the Polling engine and Event Gateway (which embeds the root cause analysis component) v The NCIM topology database v Tivoli Netcool/OMNIbus, including the ObjectServer (for event management) v The Tivoli Netcool/OMNIbus Web GUI, which is installed within the Tivoli Integrated Portal server framework Chapter 4. Configuring 241 Restriction: Network Manager does not support the Tivoli Integrated Portal load balancing feature that the Tivoli Netcool/OMNIbus Web GUI does. You must decide for which components you want to implement failover, and the number of computers required for high availability. About NCIM topology database high availability Network Manager allows you to configure the NCIM topology database for high availability, minimizing the impact of computer or network failure. The following sections provide an overview of NCIM topology database high availability and explain how to configure it. High availability refers to a computing environment in which the hardware and software components remain operational during planned outages (for example, regular maintenance operations) and unplanned outages (for example, unexpected hardware, network, and software failures). One component that needs to be operational all of the time is the NCIM topology database. Note: In previous Network Manager releases, users could include an NCIM topology database failover configuration by using NCIM replication (also referred to as NCIM topology database replication). The NCIM replication feature has been replaced by an NCIM topology database high availability feature that is provided by the supported database. For example, DB2 provides a feature called high availability disaster recovery (HADR) that you use to configure a failover configuration for the NCIM topology database. To configure a failover configuration for the NCIM topology database and thus provide users a high availability environment for running database applications and accessing information stored in the NCIM topology database, you need to become familiar with the following background topics and tasks: v High availability strategies provided by the database, in this case DB2 v Failover architecture for NCIM topology database and Network Manager core processes v Tasks associated with installing the database, in this case DB2 Note: DB2 provides the tools necessary for installing and configuring the NCIM topology database (and core processes) to use the DB2 HADR feature. For information on how to install and configure DB2, see Related information below for links to your DB2 Information Center. High availability strategies that DB2 provides DB2 provides a number of strategies for improving the availability of your database solution, including: v Redundancy — An important strategy for maintaining high availability is having redundant components. If a component fails, a secondary or backup copy of that component can take over, enabling the database to remain available to user applications. You can create redundancy at the database level, by having two databases: a primary database that normally processes all or most of the application workload; and a secondary database that can take over the workload if the primary database fails. In a DB2 High Availability Disaster Recover (HADR) environment, this secondary database is called the standby database. v Failover — Failover is the transfer of workload from a primary system to a secondary system in the event of a failure on the primary system. When 242 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide workload has been transferred like this, the secondary system is said to have taken over the workload of the failed primary system. v Clustering — A cluster is a group of connected machines that work together as a single system. When one machine in a cluster fails, cluster managing software transfers the workload of the failed machine onto other machines. The DB2 High Availability Feature enables integration between IBM DB2 server and cluster managing software. The DB2 documentation provides information and examples on each of these strategies. See Related information below for links to your DB2 Iinformation Center. Failover architecture for NCIM topology database and Network Manager core processes Failover of the Network Manager core processes can be implemented by setting up primary and backup Network Manager installations that run on different servers and domains. Both installations can either connect to a single Tivoli Netcool/OMNIbus ObjectServer or to a virtual pair of ObjectServers. Network Manager failover can be implemented with NCIM topology database high availability or without NCIM topology database high availability. If you choose to implement failover with NCIM topology database high availability, you will do so through the high availability feature that is provided by the supported database. For example, DB2 provides the High Availability Disaster Recover (HADR) feature that you use to configure a failover configuration for the NCIM topology database. Tasks associated with installing the DB2 database To use an existing DB2 database as the NCIM topology database on UNIX, you must install DB2, configure an instance, and create a database before Network Manager is installed. Chapter 4. Configuring 243 Related concepts: “Network Manager failover architecture (core processes)” on page 247 Failover of the Network Manager core processes can be implemented by setting up primary and backup Network Manager installations that run on different servers and domains. Both installations can either connect to a single Tivoli Netcool/OMNIbus ObjectServer or to a virtual pair of ObjectServers. “Example failover hosting with NCIM topology database high availability” on page 253 This is an example of failover hosting where the failover configuration includes a copy of the NCIM topology database on the backup installation. Related tasks: “Setting up existing DB2 databases on UNIX” on page 44 To use an existing DB2 database as the topology database on UNIX, you must install DB2, configure an instance, and create a database before Network Manager is installed. Related information: IBM DB2 Version 10.1 Information Center For more information on DB2 10.1 HADR, search the IBM DB2 Version 10.1 Information Center. Suggested search terms inlcude "high availability". IBM DB2 Version 9.7 Information Center For more information on DB2 9.7 HADR, search the IBM DB2 Version 9.7 Information Center. Suggested search terms inlcude "high availability". Failover architectures Network Manager failover is implemented independently of failover in the products and components with which it integrates. Before configuring failover, you must understand the failover architectures that can be implemented to help ensure high availability of your Network Manager installation. A Network Manager failover installation contains a primary and a backup Network Manager server on which the core components are installed. If the primary server fails due to problems with the hardware or software, the backup server assumes the role of the primary server. For a more robust environment, you can additionally include one or more of the following failover configurations: v A primary and a backup Tivoli Netcool/OMNIbus ObjectServer v Tivoli Netcool/OMNIbus Web GUI data source failover v An NCIM topology database high availability configuration Note: In previous Network Manager releases, users could include an NCIM topology database failover configuration by using NCIM replication (also referred to as NCIM topology database replication). The NCIM replication feature has been replaced by an NCIM topology database high availability feature that is provided by the supported database. For example, DB2 provides a feature called high availability disaster recovery (HADR) that you use to configure a failover configuration for the NCIM topology database. This NCIM topology database high availability configuration ensures that network polling can continue on the backup installation, and topology views replicated. To accommodate either hardware or software failure, and for optimum performance of your environment, implement your failover solution on more than one computer. 244 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Related information: IBM DB2 Version 10.1 Information Center For more information on DB2 10.1 HADR, search the IBM DB2 Version 10.1 Information Center. Suggested search terms inlcude "high availability". IBM DB2 Version 9.7 Information Center For more information on DB2 9.7 HADR, search the IBM DB2 Version 9.7 Information Center. Suggested search terms inlcude "high availability". ObjectServer failover architecture You can deploy Tivoli Netcool/OMNIbus by using a scalable multitiered architecture, so that the system can continue to operate to full capacity (and with minimal event loss) in the event of ObjectServer, ObjectServer Gateway, or proxy server failure. The components in the architecture sit within three tiers (or layers): collection, aggregation, and display. The basic failover configuration consists of a primary ObjectServer and a backup ObjectServer that are connected by a bidirectional ObjectServer Gateway in the aggregation layer, with no collection or display layers connected. The modular design of the multitiered architecture means that any system can start with a single pair of aggregation ObjectServers, and then have collection or display components added at any time in the future. The following figure shows an example of the basic failover configuration in the aggregation layer. Chapter 4. Configuring 245 Web GUI client Helpdesk/CRM (Gateway client) RDBMS (Gateway client) Other Gateway Other Gateway ObjectServer AGG_P Desktop client AGG_GATE ObjectServer AGG_B Aggregation layer (AGG_V) Probes Probes ObjectServer Unidirectional Gateway Host Computer Bidirectional Gateway Figure 12. ObjectServer failover architecture To minimize the impact of computer failure, the primary ObjectServer (AGG_P) and backup ObjectServer (AGG_B) run on two separate computers. The bidirectional ObjectServer Gateway (AGG_GATE) runs on the backup ObjectServer computer, and synchronizes the ObjectServers. The primary and backup ObjectServers are configured as a virtual aggregation pair (AGG_V) to which probes, and other clients such as the Event Gateway, can directly connect. The concept of a virtual pair helps to facilitate seamless fail over to the backup ObjectServer if the primary ObjectServer becomes unavailable, and fail back when the primary ObjectServer is active again. In the figure, example targets to which alerts can be forwarded from the aggregation layer are also shown. For full information about setting up ObjectServer failover in the collection, aggregation, and display layers of the multitiered architecture, see the IBM Tivoli Netcool/OMNIbus Installation and Deployment Guide at http:// publib.boulder.ibm.com/infocenter/tivihelp/v8r1/topic/com.ibm.tivoli.nam.doc/ welcome_ob.htm. 246 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Related concepts: “Network Manager failover architecture (core processes)” Failover of the Network Manager core processes can be implemented by setting up primary and backup Network Manager installations that run on different servers and domains. Both installations can either connect to a single Tivoli Netcool/OMNIbus ObjectServer or to a virtual pair of ObjectServers. Related tasks: “Configuring ObjectServer failover” on page 263 The way in which you configure ObjectServer failover is dependent on the Tivoli Netcool/OMNIbus version. About the Tivoli Netcool/OMNIbus failover configuration files: Tivoli Netcool/OMNIbus V7.3 or later, provides a set of configuration files that you can apply to ObjectServers and ObjectServer Gateways in order to implement the multitiered architecture. These files are available in the $NCHOME/omnibus/extensions/multitier directory, and include: v SQL import files that can be applied to each ObjectServer, in order to update the database schema with the required configuration; for example, additional columns, conversions, and automations v ObjectServer Gateway files that can be used to configure the gateways in the architecture Important: v When using the configuration files supplied in Tivoli Netcool/OMNIbus V7.3 or later, you must adhere to the defined naming convention for the components in each layer of the multitiered architecture. To implement failover in the aggregation layer, use the naming conventions depicted in Figure 12 on page 246; that is, AGG_P for the primary ObjectServer, AGG_B for the backup ObjectServer, AGG_V for the virtual pair, and AGG_GATE for the bidirectional ObjectServer Gateway. v In earlier versions of Tivoli Netcool/OMNIbus, no configuration files are provided, and it is not mandatory to comply with these naming conventions. For further information about the multitiered configuration files, and the naming conventions for the components in the multitiered architecture, see the IBM Tivoli Netcool/OMNIbus Installation and Deployment Guide at http:// publib.boulder.ibm.com/infocenter/tivihelp/v8r1/topic/com.ibm.tivoli.nam.doc/ welcome_ob.htm. Network Manager failover architecture (core processes) Failover of the Network Manager core processes can be implemented by setting up primary and backup Network Manager installations that run on different servers and domains. Both installations can either connect to a single Tivoli Netcool/OMNIbus ObjectServer or to a virtual pair of ObjectServers. When you connect to a Network Manager server, the associated domain under which the processes run needs to be identified. Network Manager provides a virtual domain that can be used when running in failover mode. Any connection to this virtual domain is routed to the Network Manager installation that is running as the primary server in the failover architecture. This routing capability is provided by the Virtual Domain component. Chapter 4. Configuring 247 The following figure shows the high-level failover architecture for the primary and backup Network Manager core processes, which are set up in two separate domains. ObjectServer AGG_P AGG_GATE Aggregation layer (AGG_V) Event Gateway ObjectServer AGG_B Event Gateway nco_p_ncpmonitor nco_p_ncpmonitor TCP connection Virtual Domain Primary Network Manager installation Virtual Domain Backup Network Manager installation Figure 13. Network Manager failover architecture In the figure, both the primary and backup installations connect to a virtual pair of ObjectServers. In each domain: v The Virtual Domain component (ncp_virtualdomain) manages failover, and raises health check events to indicate whether the domain is healthy. v The Probe for Tivoli Netcool/OMNIbus (nco_p_ncpmonitor) connects to the virtual ObjectServer pair, and forwards the health check events. v The Event Gateway (ncp_g_event) connects to the virtual ObjectServer pair, reads in all health check events, and then passes the events to the Virtual Domain component. These health check events are used to trigger failover. A TCP socket connection is required between the Virtual Domain processes, to copy data from the primary domain to the backup domain. This ensures that the topology is in sync when failover occurs. Note: If you implement failover, then you must ensure that both the primary and backup installations are using identical encryption keys. If the encryption keys are not identical, then the backup poller does not function correctly during failover. To ensure that both the primary and backup installations are using identical encryption keys, copy the following file from the primary server to the same location on the backup server: $NCHOME/etc/security/keys/conf.key. If you enter all SNMP community strings on the command line and do not encrypt them, you do not need to do this task. For more information on changing the encryption key, see the IBM Tivoli Network Manager IP Edition Administration Guide. 248 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide NCIM implementations for failover Network Manager failover can be implemented with the following options: v Without NCIM topology database high availability: In this failover configuration, a single NCIM topology database is shared by the two Network Manager domains. v With NCIM topology database high availability: This failover configuration protects against data loss by replicating data changes from the source NCIM topology database in the primary Network Manager domain to one or more target NCIM topology databases in the backup Network Manager domain. The source NCIM topology database is referred to as the primary database and the target NCIM topology database is referred to as the standby database. This approach removes the single point of failure because both the primary and backup Network Manager domains connect to whichever database is acting as the primary database. Note: In previous Network Manager releases, users could include an NCIM topology database failover configuration by using NCIM replication (also referred to as NCIM topology database replication). The NCIM replication feature has been replaced by an NCIM topology database high availability feature that is provided by the supported database. For example, DB2 provides a feature called high availability disaster recovery (HADR) that you use to configure a failover configuration for the NCIM topology database. In either of these cases, all entities in the topology are stored under the primary domain name, and all poll policies are configured for the primary domain. There is no entry in the domainMgr table for the backup domain. As a result, the NmosDomainName field for an event in the alerts.status table will always be populated with the primary domain name when failover is configured. Note: To configure NCIM topology database high availability using DB2 HADR, you set up the HADR environment by following the instructions provided in the DB2 documentation. See Related information below for links to your DB2 Information Center. You also perform tasks to configure Network Manager to work with DB2 HADR. Chapter 4. Configuring 249 Related concepts: “ObjectServer failover architecture” on page 245 You can deploy Tivoli Netcool/OMNIbus by using a scalable multitiered architecture, so that the system can continue to operate to full capacity (and with minimal event loss) in the event of ObjectServer, ObjectServer Gateway, or proxy server failure. “Failover on the backup installation” on page 258 All processes on the backup installation point to the NCIM topology database on the primary installation and the NCIM topology database on the primary can be a stand alone database or one configured for high availability. “About NCIM topology database high availability” on page 242 Network Manager allows you to configure the NCIM topology database for high availability, minimizing the impact of computer or network failure. The following sections provide an overview of NCIM topology database high availability and explain how to configure it. “Example failover hosting with NCIM topology database high availability” on page 253 This is an example of failover hosting where the failover configuration includes a copy of the NCIM topology database on the backup installation. Related tasks: “Configuring failover of the Network Manager core processes” on page 270 You can configure failover of the Network Manager core processes by using the $NCHOME/etc/precision/ConfigItnm.cfg file to enable failover. “Setting up existing DB2 databases on UNIX” on page 44 To use an existing DB2 database as the topology database on UNIX, you must install DB2, configure an instance, and create a database before Network Manager is installed. “Configuring Network Manager to work with DB2 HADR” on page 274 You can configure Network Manager core processes to use the DB2 catalog and the Network Manager GUI to operate in the DB2 HADR (high availability disaster recovery) environment by editing several properties and configuration related files. Related information: IBM DB2 Version 10.1 Information Center For more information on DB2 10.1 HADR, search the IBM DB2 Version 10.1 Information Center. Suggested search terms inlcude "high availability". IBM DB2 Version 9.7 Information Center For more information on DB2 9.7 HADR, search the IBM DB2 Version 9.7 Information Center. Suggested search terms inlcude "high availability". Tivoli Netcool/OMNIbus Web GUI data source failover The Web GUI implements data source failover. If a primary and a backup ObjectServer are available, you can set up connections to both ObjectServers so that if the primary ObjectServer fails, the Web GUI will fail over and use the backup ObjectServer as the source of its events. 250 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Related concepts: “Tivoli Netcool/OMNIbus Web GUI data sources” on page 155 A data source is another term for an ObjectServer or ObjectServer failover pair used by the Web GUI for event information. Related tasks: “Configuring data source failover for the Tivoli Netcool/OMNIbus Web GUI” on page 267 If you have a failover pair of ObjectServers to which the Web GUI should connect, you can configure data source failover by using the ncwDataSourceDefinitions.xml data source configuration file in your Web GUI installation. Server allocation for failover Any primary system must be installed on a separate host to a backup system, so that if the primary host fails, the backup host is unaffected. Ideally, the primary ObjectServer, backup ObjectServer, primary Network Manager server, backup Network Manager server and Tivoli Integrated Portal server would each be installed on separate hosts. However, this might not be practical. Related reference: “Constraints for installing and starting components” on page 14 Some components must be installed and started before others. Use this information as well as the installation examples to understand the order in which you must install and start components. Example failover hosting without NCIM topology database high availability: This is an example of failover hosting where the failover configuration does not include a copy of the NCIM topology database on the backup installation. Note: In previous Network Manager releases, users could include an NCIM topology database failover configuration by using NCIM replication (also referred to as NCIM topology database replication). The NCIM replication feature has been replaced by an NCIM topology database high availability feature that is provided by the supported database. For example, DB2 provides a feature called high availability disaster recovery (HADR) that you use to configure a failover configuration for the NCIM topology database. The following figure shows an example of hosting ObjectServer and Network Manager failover using four host machines. Chapter 4. Configuring 251 Host Machine 1 Backup ObjectServer Host Machine 2 Primary Network Manager Backup Network Manager Primary ObjectServer Host Machine 3 Host Machine 4 Tivoli Integrated Portal NCIM topology database Figure 14. Example failover hosting For performance reasons, the NCIM topology database requires a high bandwidth connection to the Tivoli Integrated Portal server. If host machine 3 has multiple CPUs and sufficient memory, you can install NCIM on host machine 3. Install the core components on both host machines 1 and 2, and install the Web applications on host machine 3. Install the NCIM topology database on host machine 4. Note: If you implement failover, then you must ensure that both the primary and backup installations are using identical encryption keys. If the encryption keys are not identical, then the backup poller does not function correctly during failover. To ensure that both the primary and backup installations are using identical encryption keys, copy the following file from the primary server to the same location on the backup server: $NCHOME/etc/security/keys/conf.key. If you enter all SNMP community strings on the command line and do not encrypt them, you do not need to do this task. For more information on changing the encryption key, see the IBM Tivoli Network Manager IP Edition Administration Guide. Related concepts: “About NCIM topology database high availability” on page 242 Network Manager allows you to configure the NCIM topology database for high availability, minimizing the impact of computer or network failure. The following sections provide an overview of NCIM topology database high availability and explain how to configure it. “Example failover hosting with NCIM topology database high availability” on page 253 This is an example of failover hosting where the failover configuration includes a copy of the NCIM topology database on the backup installation. 252 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Example failover hosting with NCIM topology database high availability: This is an example of failover hosting where the failover configuration includes a copy of the NCIM topology database on the backup installation. Note: In previous Network Manager releases, users could include an NCIM topology database failover configuration by using NCIM replication (also referred to as NCIM topology database replication). The NCIM replication feature has been replaced by an NCIM topology database high availability feature that is provided by the supported database. For example, DB2 provides a feature called high availability disaster recovery (HADR) that you use to configure a failover configuration for the NCIM topology database. The following figure shows an example of hosting ObjectServer and Network Manager failover using five host machines. Host Machine 2 Host Machine 1 Backup ObjectServer Backup Network Manager Primary Network Manager Primary ObjectServer Host Machine 4 Host Machine 3 Host Machine 5 NCIM topology database Tivoli Integrated Portal NCIM topology database Figure 15. Example failover hosting with backup NCIM topology database For performance reasons, the NCIM topology database requires a high bandwidth connection to the Tivoli Integrated Portal server. If host machine 3 has multiple CPUs and sufficient memory, you can install the primary NCIM on host machine 3. Install the core components on both host machines 1 and 2, and install the Web applications on host machine 3. Install the primary NCIM topology database on host machine 4 and the backup NCIM topology database on host machine 5. Chapter 4. Configuring 253 Related concepts: “Failover on the backup installation” on page 258 All processes on the backup installation point to the NCIM topology database on the primary installation and the NCIM topology database on the primary can be a stand alone database or one configured for high availability. “Example failover hosting without NCIM topology database high availability” on page 251 This is an example of failover hosting where the failover configuration does not include a copy of the NCIM topology database on the backup installation. “Network Manager failover architecture (core processes)” on page 247 Failover of the Network Manager core processes can be implemented by setting up primary and backup Network Manager installations that run on different servers and domains. Both installations can either connect to a single Tivoli Netcool/OMNIbus ObjectServer or to a virtual pair of ObjectServers. “About NCIM topology database high availability” on page 242 Network Manager allows you to configure the NCIM topology database for high availability, minimizing the impact of computer or network failure. The following sections provide an overview of NCIM topology database high availability and explain how to configure it. Failover operation of the Network Manager core processes Failover of the Network Manager core processes is managed by the Virtual Domain process, ncp_virtualdomain. Use this information to understand how Network Manager failover and failback are triggered. Health check events and failover Failover is governed by health checks, which are configured to run periodically to assess the health of the primary and backup Network Manager domains. In the failover environment, all the processes in the primary and backup domains are started by the master process controller, ncp_ctrl. In each domain, ncp_ctrl also regularly monitors the processes that are under its control, and stores their status in the state.services table. The Virtual Domain process applies filters (which are defined in the state.filters table) against the status records of some of the processes, and generates health check events to indicate whether a domain is healthy. The filters are applied to: v ncp_poller, the Polling engine Multiple filters can be defined for the Polling engine, one for each poller defined in the CtrlServices.cfg file. v ncp_g_event, the Event Gateway v ncp_model, the topology manager Health check events are generated locally within each domain, and can also be generated remotely by one domain on behalf of the other: v Local domain: If every status record passes the filters, the Network Manager server is deemed healthy, and Virtual Domain generates a health check resolution event for that domain. Each domain indicates to the other that it is healthy, by sending a resolution event, which is routed via the ObjectServer. A domain expects to receive a resolution event at an interval configured in the Virtual Domain process schema file ($NCHOME/etc/precision/ VirtualDomainSchema.cfg). 254 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide If one or more filters fail, indicating the failure of one or more local processes, Virtual Domain generates a health check problem event, and additionally routes the problem event to the other domain. v Remote domain: If a local domain detects that its remote counterpart has not generated a health check resolution event in the configured interval, the local domain generates a synthetic health check problem event for the remote domain. For example, if the backup domain does not receive a health check resolution event from the primary domain, the backup domain generates a health check problem event for the primary domain. Health check events are also generated when connectivity to the NCIM database is lost. Health check events have the event identifier "ItnmHealthChk" in the EventId field of the alerts.status table. Related concepts: “Network Manager failover and failback” on page 257 Failover can be initiated by either the primary or backup domain, and is triggered when a health check problem event is generated for the primary domain. Failback is triggered by a subsequent health check resolution event for the primary domain. Related tasks: “Configuring parameters for health checks” on page 277 If required, you can configure preferred conditions under which health check events are generated, by specifying identical OQL inserts to the Virtual Domain process schema file (VirtualDomainSchema.cfg) on both the primary and backup servers. Related reference: “Network Manager status events” on page 161 Network Manager can generate events that show the status of various Network Manager processes. These events are known as Network Manager status events and have the alerts.status AlertGroup field value of ITNM Status. Process flow for health check events: Health check resolution events are generated by each Network Manager server to indicate that it is in good health. A health check problem event is one of the triggers for Network Manager failover. The following figure shows the progression through the system of a health check event that is generated by the primary Network Manager server. Chapter 4. Configuring 255 ObjectServer AGG_P AGG_GATE Aggregation layer (AGG_V) 4 ObjectServer AGG_B 4 8 8 3 7 Event Gateway 9 Event Gateway 9 nco_p_ncpmonitor 2 nco_p_ncpmonitor 5 Virtual Domain 6 5 Virtual Domain 1 Primary Network Manager installation Backup Network Manager installation Figure 16. Process flow of a health check event 1 Status report The ncp_ctrl process reports on the status of its managed services. 2 Health diagnosis The Virtual Domain process uses its filters to perform a health check diagnosis: v If the system is in good health, Virtual Domain generates a health check resolution event and sends it to the Probe for Tivoli Netcool/OMNIbus. By default, health check events are sent to the probe every 60 seconds. v If the system is in poor health, Virtual Domain generates a health check problem event and sends it to the Probe for Tivoli Netcool/OMNIbus. 3 Health check event forwarded to the ObjectServer The Probe for Tivoli Netcool/OMNIbus forwards the health check event to the ObjectServer. 4 Health check event forwarded to the primary and backup Event Gateway The ObjectServer sends the health check event to the Event Gateway of the primary and backup servers. 5 Health check event sent back to the primary and backup Virtual Domain The primary Event Gateway sends the health check event back to the Virtual Domain on the primary server. The backup Event Gateway also sends the health check event to the Virtual Domain on the backup server. For a health check resolution event, Virtual Domain checks the time stamp on the event to ensure the event is not older than 5 minutes, and updates its state.domains table to show that the primary server is in good health. 256 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide (The Event Gateway also listens for health check events from the backup server. The state.domains table records the current state of both primary and backup servers.) For a health check problem event, Virtual Domain updates its state.domains table to show that the primary server is in poor health. Virtual Domain switches the backup server to active mode, and the primary server goes on standby. 6 Health check failure generated on behalf of primary domain If the backup server does not receive a health check resolution event from the primary server within the configured interval of 5 minutes, this indicates that the primary server is not functioning properly or not communicating properly with the ObjectServer. The backup Virtual Domain sends a health check problem event to the Probe for Tivoli Netcool/OMNIbus on behalf of the primary server. Virtual Domain updates its state.domains table to show that the primary server is in poor health. 7, 8, and 9 Failover triggered The probe sends the health check problem event to the ObjectServer, which then forwards the health check problem event to the Event Gateway on both the primary and backup Network Manager servers: v The Event Gateway on the backup server sends the health check problem event to the Virtual Domain, which then switches the backup server to active mode. v If the primary Event Gateway is operational, it forwards the health check problem event to the primary Virtual Domain. If Virtual Domain is operational, it switches the primary server to standby mode. When the backup server generates a health check resolution event, the process flow is identical to that for the primary server. Regularly-updated health check resolution events for both primary and backup servers are held in the ObjectServer and can be viewed using, for example, the Active Event List (AEL). If the health check problem event is generated by the backup server to indicate that the backup server is in poor health, the same processes apply, except that the primary server is not put on standby, and the backup server is not switched to active mode. The health check problem event for the backup server is present in the ObjectServer and can be viewed using, for example, the Active Event List. Note: The Probe for Tivoli Netcool/OMNIbus and Event Gateway in both domains must be configured to access the same ObjectServer, in order for health check events to be successfully routed around the system. Network Manager failover and failback Failover can be initiated by either the primary or backup domain, and is triggered when a health check problem event is generated for the primary domain. Failback is triggered by a subsequent health check resolution event for the primary domain. An ItnmFailover event is generated by ncp_virtualdomain when a Network Manager domain fails over or fails back. Failing over When failover occurs, the primary Network Manager domain goes into standby mode (if it is still running), and the backup domain becomes active. Chapter 4. Configuring 257 The following changes occur when the backup domain becomes active: v The Event Gateway synchronizes the events with the ObjectServer. v The ncp_poller process resumes polling. v The Event Gateway switches from the standby filter (StandbyEventFilter) to the incoming event filter (EventFilter). v Network Manager continues to monitor the network and perform RCA. However, network discovery is not performed, and the network topology remains static. When a primary Network Manager server goes into standby mode, the following changes occur: v The Event Gateway switches from the incoming event filter (EventFilter) to the standby filter (StandbyEventFilter). v The ncp_poller process suspends all polls. For further information about the standby filter and incoming event filter, see the IBM Tivoli Network Manager IP Edition Event Management Guide. Failing back When a primary Network Manager server in standby mode resumes normal operation, it generates a health check resolution event. The health check resolution event passes through the system, and the recovered Network Manager server becomes active again. When the Virtual Domain process on the backup Network Manager server receives the health check resolution event, Virtual Domain switches the backup server back to standby mode. The GenericClear automation in the ObjectServer is triggered by the health check resolution event, and clears the existing health check problem event. Related concepts: “Health check events and failover” on page 254 Failover is governed by health checks, which are configured to run periodically to assess the health of the primary and backup Network Manager domains. Failover on the backup installation: All processes on the backup installation point to the NCIM topology database on the primary installation and the NCIM topology database on the primary can be a stand alone database or one configured for high availability. Note: In previous Network Manager releases, users could include an NCIM topology database failover configuration by using NCIM replication (also referred to as NCIM topology database replication). The NCIM replication feature has been replaced by an NCIM topology database high availability feature that is provided by the supported database. For example, DB2 provides a feature called high availability disaster recovery (HADR) that you use to configure a failover configuration for the NCIM topology database. The following figure shows an example Network Manager failover architecture, where the NCIM topology database is configured for high availability. 258 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide ObjectServer AGG_P AGG_GATE Aggregation layer (AGG_V) Event Gateway Failover plug-in and other plug-ins ObjectServer AGG_B Failover Event plug-in Gateway and other plug-ins nco_p_ncpmonitor Probes nco_p_ncpmonitor TCP connection Virtual Domain Virtual Domain Network ncp_ctrl ncp_ctrl ncp_disco ncp_model Primary Network Manager installation ncp_model NCIM database Primary NCIM database Backup NCIM database Backup Network Manager installation Figure 17. Example failover architecture with NCIM high availability The following figure differs from the previous one in that the NCIM topology database is not configured for high availability. Chapter 4. Configuring 259 ObjectServer AGG_P AGG_GATE Aggregation layer (AGG_V) Event Gateway Failover plug-in and other plug-ins Probes nco_p_ncpmonitor ObjectServer AGG_B Failover Event plug-in Gateway and other plug-ins nco_p_ncpmonitor TCP connection Virtual Domain Virtual Domain Network ncp_ctrl ncp_ctrl ncp_disco ncp_model ncp_model NCIM database Primary Network Manager installation Backup Network Manager installation Figure 18. Example failover architecture without NCIM high availability Discovery Although the Discovery engine (ncp_disco) and the SNMP Helper Server (ncp_d_helpserv) are run, the backup Network Manager server is not used for network discovery. When the backup domain is active, the topology does not change. NCIM The backup ncp_model process does not update the NCIM topology database. However, the ncp_model process continues to provide topology services to processes such as the Event Gateway. The NCIM topology database used by the Network Views and the Hop View continues to hold the most current version of the network topology until the primary Network Manager server is restored and the system fails back. Polling When the backup domain is in standby mode, the Polling engine runs, but with polls suspended. When the backup domain becomes active, its ncp_poller process starts polling, and uses the SNMP target details and poll policies from the primary domain. The ncp_poller process reads the SNMP configuration directly from its configuration file rather than relying on the discovery SNMP helper to read this file. 260 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Virtual Domain The Virtual Domain component opens a socket connection to the Virtual Domain of the primary Network Manager server. The topology data and any subsequent topology updates are copied from the ncp_model process on the primary server to the ncp_model process on the backup server. Event Gateway When the backup domain is in standby mode, the Event Gateway does not perform event enrichment on the ObjectServer. When the backup domain becomes active, the Event Gateway switches from the standby filter (StandbyEventFilter) to the incoming event filter (EventFilter). Related concepts: “Network Manager failover architecture (core processes)” on page 247 Failover of the Network Manager core processes can be implemented by setting up primary and backup Network Manager installations that run on different servers and domains. Both installations can either connect to a single Tivoli Netcool/OMNIbus ObjectServer or to a virtual pair of ObjectServers. “About NCIM topology database high availability” on page 242 Network Manager allows you to configure the NCIM topology database for high availability, minimizing the impact of computer or network failure. The following sections provide an overview of NCIM topology database high availability and explain how to configure it. “Example failover hosting with NCIM topology database high availability” on page 253 This is an example of failover hosting where the failover configuration includes a copy of the NCIM topology database on the backup installation. Related reference: “Limitations of the Network Manager failover process” A number of limitations apply for the failover process. Limitations of the Network Manager failover process A number of limitations apply for the failover process. The discovery process (ncp_disco) performs network discovery only in the primary domain; the backup domain is not used for network discovery. The Network Manager Web applications do not implement failover. When the backup domain becomes active during failover, the Web applications do not automatically connect to it. You can configure the Web applications to access the NCIM topology database on the backup domain as follows: 1. On the Tivoli Integrated Portal server where the Network Manager Web applications are installed, click Administration > Network > Database Access Configuration. 2. From the Configure NCIM Database Access portlet, enter the host, port, and authentication credentials for the NCIM topology database on the backup domain. Restrictions: When the backup domain is active (with NCIM topology database high availability): v Do not attempt to configure discovery. v Do not create or modify any polls or network views. v Do not attempt to manage or unmanage network devices. Chapter 4. Configuring 261 Restriction: Network Manager does not support the Tivoli Integrated Portal load balancing feature that the Tivoli Netcool/OMNIbus Web GUI does. If you are running more than one Tivoli Integrated Portal server, they each run independently. If one of the Tivoli Integrated Portal servers fails, any remaining servers continue to run as individual entities. To minimize the effect of a server failing: v Set up each Tivoli Integrated Portal server with its own unique URL for authentication. v Ensure that each of the servers is configured with the same set of users, roles, groups, preference profiles, and resources such as pages, views, portlets, and reports. v Configure the servers to whatever the database high availability requires. For example, for DB2 you would configure the servers according the requirements of the DB2 HADR feature. Note: Failover is not supported for the ITM monitoring agents in the Network Manager failover architecture. Related tasks: “Configuring failover of the Network Manager core processes” on page 270 You can configure failover of the Network Manager core processes by using the $NCHOME/etc/precision/ConfigItnm.cfg file to enable failover. Related information: IBM DB2 Version 10.1 Information Center For more information on DB2 10.1 HADR, search the IBM DB2 Version 10.1 Information Center. Suggested search terms inlcude "high availability". IBM DB2 Version 9.7 Information Center For more information on DB2 9.7 HADR, search the IBM DB2 Version 9.7 Information Center. Suggested search terms inlcude "high availability". Configuring failover Use this information to configure failover in your primary and backup Network Manager installations. Guidelines are also provided to optionally configure failover of the integrating products and components. You must use the documentation for these products and components as the first point of reference. Before you begin to configure failover, determine whether you want to implement a complete failover solution for all the components, or failover for Network Manager and a subset of components. Also decide on the number of computers and the deployment options. As a prerequisite to configuring failover: v You must have installed and configured IBM Tivoli Netcool/OMNIbus. If you intend to run a primary and backup ObjectServer in failover mode, you require two ObjectServer installations. Tip: If you are using IBM Tivoli Netcool/OMNIbus V7.3 or later, with the supplied failover configuration files, be sure to adhere to the naming conventions for your ObjectServers and ObjectServer Gateways. v You must have installed a topology database. For NCIM topology database high availability, you require two topology databases. 262 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Note: In previous Network Manager releases, users could include an NCIM topology database failover configuration by using NCIM replication (also referred to as NCIM topology database replication). The NCIM replication feature has been replaced by an NCIM topology database high availability feature that is provided by the supported database. For example, DB2 provides a feature called high availability disaster recovery (HADR) that you use to configure a failover configuration for the NCIM topology database. v You must have installed and configured the Web GUI and the Network Manager Web applications within the Tivoli Integrated Portal server framework. v You must have installed the Network Manager core processes on the designated primary and backup servers, under two separate domains. Related concepts: “About the Tivoli Netcool/OMNIbus failover configuration files” on page 247 Tivoli Netcool/OMNIbus V7.3 or later, provides a set of configuration files that you can apply to ObjectServers and ObjectServer Gateways in order to implement the multitiered architecture. Related reference: “Constraints for installing and starting components” on page 14 Some components must be installed and started before others. Use this information as well as the installation examples to understand the order in which you must install and start components. Configuring ObjectServer failover The way in which you configure ObjectServer failover is dependent on the Tivoli Netcool/OMNIbus version. In a Tivoli Netcool/OMNIbus installation, each computer on which the Tivoli Netcool/OMNIbus components run must be configured with server communication information that enables the components in the architecture to run and communicate with one another. Configure the connections data file with all the component details, as follows: v Update the communication information for all the Tivoli Netcool/OMNIbus server components in your deployment by manually editing the connections data file $NCHOME/etc/omni.dat, which is used to create the interfaces file. UNIX Linux A suggested good practice is to add all the components in the entire deployment to a single omni.dat file, which can then be distributed to the $NCHOME/etc directory in all the computers in the deployment. You can then generate the interfaces file from each computer by running the $NCHOME/bin/nco_igen command. (Interfaces files are named $NCHOME/etc/interfaces.arch, where arch is the operating system name.) Sample configuration for the basic failover architecture (aggregation layer only) The following sample configuration shows the server communications details for the basic failover architecture in the $NCHOME/etc/omni.dat file, where: v AGG_P is the name of the primary ObjectServer. v AGG_B is the name of the backup ObjectServer. v AGG_V is the name of the virtual ObjectServer pair. v AGG_GATE is the name of the birdirectional ObjectServer Gateway. v NCO_PA represents the default name for the process agent. (If you have configured process agents to manage the Tivoli Netcool/OMNIbus processes and Chapter 4. Configuring 263 run external procedures, each uniquely-named process agent must be added with the appropriate host name and port number.) v NCO_PROXY represents the default name for the proxy server. (If you have configured one or more proxy servers to reduce the number of direct probe connections to the ObjectServers, each uniquely-named proxy server must be added with the appropriate host name and port number.) [AGG_P] { Primary: primary_host.ibm.com 4100 } [AGG_B] { Primary: backup_host.ibm.com 4150 } [AGG_V] { Primary: primary_host.ibm.com 4100 Backup: backup_host.ibm.com 4150 } [AGG_GATE] { Primary: backup_host.ibm.com 4105 } [NCO_PA] { Primary: primary_host.ibm.com 4200 } [NCO_PROXY] { Primary: primary_host.ibm.com 4400 } For further details about configuring server communication information, process agents, and proxy servers, see the Tivoli Netcool/OMNIbus documentation at http://publib.boulder.ibm.com/infocenter/tivihelp/v8r1/topic/ com.ibm.tivoli.nam.doc/welcome_ob.htm. Related concepts: “ObjectServer failover architecture” on page 245 You can deploy Tivoli Netcool/OMNIbus by using a scalable multitiered architecture, so that the system can continue to operate to full capacity (and with minimal event loss) in the event of ObjectServer, ObjectServer Gateway, or proxy server failure. Configuring ObjectServers and gateways for failover: The following procedures provide guidance for setting up ObjectServer failover in Tivoli Netcool/OMNIbus. “Tivoli Netcool/OMNIbus V7.3 or later” on page 265: Configuring failover “Tivoli Netcool/OMNIbus V7.2.1 or earlier” on page 265: Configuring failover For the most recent and complete information about ObjectServer failover, see the Tivoli Netcool/OMNIbus documentation at http://publib.boulder.ibm.com/ infocenter/tivihelp/v8r1/topic/com.ibm.tivoli.namomnibus.doc/welcome_ob.htm. The Tivoli Netcool/OMNIbus documentation should always be the first point of 264 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide reference, and takes precedence over the information shown in the Network Manager documentation. Tivoli Netcool/OMNIbus V7.3 or later: To configure failover: 1. If not yet done, create the primary aggregation ObjectServer AGG_P on the designated computer, and apply the SQL customization by running the nco_dbinit command with the supplied aggregation.sql import file: $NCHOME/omnibus/bin/nco_dbinit -server AGG_P -customconfigfile $NCHOME/omnibus/extensions/multitier/objectserver/aggregation.sql If the ObjectServer is already installed and running, apply the aggregation.sql import file against the ObjectServer, as follows: $NCHOME/omnibus/bin/nco_sql -server AGG_P -user user_name –password password < $NCHOME/omnibus/extensions/multitier/ objectserver/aggregation.sql UNIX Linux 2. Start the primary ObjectServer (if necessary): $NCHOME/omnibus/bin/nco_objserv -name AGG_P & If you installed Tivoli Netcool/OMNIbus using the Network Manager installer, you can, as an alternative, run the itnm_start command in the $NCHOME/precision/bin directory: itnm_start nco 3. Create (or update) the backup aggregation ObjectServer AGG_B on another computer, and apply the SQL customization, as described in step 1. When you apply the SQL customization, the BackupObjectServer property is automatically set to TRUE and the automations required by the backup ObjectServer are enabled. 4. Start the backup ObjectServer (if necessary), as described in step 2. UNIX Linux 5. On the computer where the backup ObjectServer is installed, configure the bidirectional aggregation ObjectServer Gateway AGG_GATE: a. Copy the multitiered property files for the gateway from the $NCHOME/omnibus/extensions/multitier/gateway location, to the default location ($NCHOME/omnibus/etc) where configuration and properties files are held: v AGG_GATE.map v AGG_GATE.props v AGG_GATE.tblrep.def b. Start the gateway AGG_GATE: $NCHOME/omnibus/bin/nco_g_objserv_bi -propsfile $NCHOME/omnibus/etc/ AGG_GATE.props & Tivoli Netcool/OMNIbus V7.2.1 or earlier: To configure failover: 1. If not yet done, create the primary ObjectServer on the designated computer by running the nco_dbinit command: $NCHOME/omnibus/bin/nco_dbinit -server server_name Where server_name is the designated name; for example, NETCOOLPRI. 2. Start the primary ObjectServer (if necessary): $NCHOME/omnibus/bin/nco_objserv -name server_name & 3. If not yet done, create the backup ObjectServer on another computer, as described in step 1. Chapter 4. Configuring 265 4. Configure the backup ObjectServer by editing its properties file ($NCHOME/omnibus/etc/server_name.props), and set the BackupObjectServer property to True. 5. Start the backup ObjectServer, as described in step 2 on page 265. 6. On the computer where the backup ObjectServer is installed, configure the bidirectional ObjectServer Gateway to exchange alert data between the primary and backup ObjectServers: a. Create the directory $NCHOME/omnibus/gates/gateway_name, for the gateway configuration files. b. Copy all of the files in $NCHOME/omnibus/gates/objserv_bi to the $NCHOME/omnibus/gates/gateway_name directory. c. Rename the $NCHOME/omnibus/gates/gateway_name/objserv_bi.map file to gateway_name.map. d. Rename the $NCHOME/omnibus/gates/gateway_name/objserv_bi.props file to gateway_name.props. e. Edit the following entries in the gateway_name.props file: # Common Netcool/OMNIbus Properties. MessageLog : ’$OMNIHOME/log/gateway_name.log’ # Common Gateway Properties. Gate.MapFile : ’$OMNIHOME/gates/gateway_name/gateway_name.map’ Gate.StartupCmdFile : ’$OMNIHOME/gates/gateway_name/objserv_bi.startup.cmd’ # Bidirectional ObjectServer Gateway Properties. Gate.ObjectServerA.Server : ’primary_ObjectServer’ Gate.ObjectServerA.Username : ’user_name’ Gate.ObjectServerA.Password : ’password’ Gate.ObjectServerA.TblReplicateDefFile: ’$OMNIHOME/gates/gateway_name/objserv_bi.objectservera.tblrep.def’ Gate.ObjectServerB.Server : ’backup_ObjectServer’ Gate.ObjectServerB.Username : ’user_name’ Gate.ObjectServerB.Password : ’password’ Gate.ObjectServerB.TblReplicateDefFile: ’$OMNIHOME/gates/gateway_name/objserv_bi.objectserverb.tblrep.def’ Substitute gateway_name with the name assigned to the gateway, primary_ObjectServer and backup_ObjectServer with the ObjectServer names, and specify the user name and password for connecting to the ObjectServers. f. Copy the $NCHOME/omnibus/gates/gateway_name/gateway_name.props file to $NCHOME/omnibus/etc/gateway_name.props. g. Start the gateway: $NCHOME/omnibus/bin/nco_g_objserv_bi & Connecting to an ObjectServer failover pair Each Network Manager installation that connects to an ObjectServer needs a copy of the Tivoli Netcool/OMNIbus interfaces file (on UNIX or Linux), or connections data file (on Windows). Assuming that server communication information has been configured in your Tivoli Netcool/OMNIbus installations, the $NCHOME/etc/interfaces.arch file (where arch represents the operating system name), or %NCHOME%\ini\sql.ini file should be available in the NCHOME installation location. 266 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide To ensure that Network Manager processes can connect to an ObjectServer failover pair, perform either of the following steps on the primary and backup Network Manager servers: v If Network Manager and Tivoli Netcool/OMNIbus are installed on the same computer, but in different NCHOME locations, copy the $NCHOME/etc/ interfaces.arch file or %NCHOME%\ini\sql.ini file from the Tivoli Netcool/OMNIbus NCHOME location to the NCHOME installation location for Network Manager. If the two products are installed in the same NCHOME location, no action needs to be taken. v If Network Manager and Tivoli Netcool/OMNIbus are installed on different computers, copy the $NCHOME/etc/interfaces.arch file or %NCHOME%\ini\sql.ini file from the Tivoli Netcool/OMNIbus NCHOME location to the NCHOME installation location on the computer where Network Manager is installed. For more information about configuring server communication information and generating the Tivoli Netcool/OMNIbus interfaces.arch file or sql.ini file, see the Tivoli Netcool/OMNIbus documentation at http://publib.boulder.ibm.com/ infocenter/tivihelp/v8r1/topic/com.ibm.tivoli.namomnibus.doc/ welcome_ob.htm. Note: The name of the virtual ObjectServer pair should be specified in the ConfigItnm.cfg file. Related tasks: “Configuring ObjectServer failover” on page 263 The way in which you configure ObjectServer failover is dependent on the Tivoli Netcool/OMNIbus version. “Configuring failover using the ConfigItnm.cfg file” on page 270 When you use the $NCHOME/etc/precision/ConfigItnm.DOMAIN.cfg file to configure failover, the Network Manager processes will read the file on startup to identify whether they are running in the primary or backup domain. Configuring data source failover for the Tivoli Netcool/OMNIbus Web GUI If you have a failover pair of ObjectServers to which the Web GUI should connect, you can configure data source failover by using the ncwDataSourceDefinitions.xml data source configuration file in your Web GUI installation. This file is located in webgui_home_dir/etc/datasources, where webgui_home_dir is the installation directory for the Web GUI V7.3.1; for example, $NCHOME/omnibus_webgui. To configure data source failover: 1. On the Tivoli Integrated Portal server where the Web GUI is installed, edit the data source configuration file as follows: a. Use the name attribute of the <ncwDataSourceEntry> element to specify a label for the failover pair of ObjectServers; for example, VirtualObjectServerPair. b. Define the connection details for the primary and backup ObjectServers by using the <ncwDataSourceDefinition> element and its child elements. Note: The name attribute values of both the <ncwDataSourceEntry> and <ncwDataSourceDefinition> elements must be identical. You must also define the ObjectServer connections by using the ObjectServer host names and port numbers, rather than the ObjectServer names that are configured in the omni.dat or sql.ini file. Chapter 4. Configuring 267 For an example of the configuration required, see the sample code in “Sample ncwDataSourceDefinitions.xml configuration for data source failover” on page 269. c. Restart the Tivoli Integrated Portal server for the changes to take effect. Use one of the following commands or methods: v UNIX Linux itnm_start tip UNIX Linux startServer.sh server1 v For the most recent and complete information about configuring data source failover in the Web GUI, see the Tivoli Netcool/OMNIbus Web GUI documentation at http://publib.boulder.ibm.com/infocenter/tivihelp/v8r1/ topic/com.ibm.tivoli.namomnibus.doc/welcome_ob.htm. The Web GUI documentation should always be the first point of reference, and takes precedence over the information shown in the Network Manager documentation. 2. You must also set WebTopDataSource value in ModelNcimDb.domain_name.cfg file to the same value as the <ncwDataSourceEntry> is set to in the ncwDataSourceDefinitions.xml file. Using the settings in the “Sample ncwDataSourceDefinitions.xml configuration for data source failover” on page 269, the following example shows what changes you need to make: a. Go to NCHOME/etc/precision/ModelNcimDb.domain_name.cfg file and open it for editing. b. Find the insert that defines the WebTopDataSource: insert into dbModel.access ( EnumGroupFilter, TransactionLength, ValidateCacheFile, WebTopDataSource ) values ( "enumGroup in (’ifAdminStatus’, ’ifOperStatus’, ’sysServices’, ’ifType’, ’cefcFRUPowerAdminStatus’, ’cefcFRUPowerOperStatus’, ’TruthValue’, ’entSensorType’, ’entSensorScale’, ’entSensorStatus’, ’cefcModuleAdminStatus’, ’cefcModuleOperStatus’, ’ipForwarding’, ’cefcPowerRedundancyMode’, ’EntityType’, ’ospfIfState’, ’ospfIfType’, ’dot3StatsDuplexStatus’, ’accessProtocol’)", 500, 0, "OS" ); c. Change the WebTopDataSource value in the following insert query to match the data source configured in the <ncwDataSourceEntry> (in this case, change the value OS to VirtualObjectServerPair): insert into dbModel.access ( EnumGroupFilter, TransactionLength, ValidateCacheFile, WebTopDataSource ) values ( "enumGroup in (’ifAdminStatus’, ’ifOperStatus’, ’sysServices’, ’ifType’, ’cefcFRUPowerAdminStatus’, ’cefcFRUPowerOperStatus’, ’TruthValue’, ’entSensorType’, ’entSensorScale’, ’entSensorStatus’, ’cefcModuleAdminStatus’, ’cefcModuleOperStatus’, ’ipForwarding’, ’cefcPowerRedundancyMode’, ’EntityType’, ’ospfIfState’, ’ospfIfType’, 268 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide ’dot3StatsDuplexStatus’, ’accessProtocol’)", 500, 0, "VirtualObjectServerPair" ); Note: The Web GUI data source name is the name for the connection, and it has to be the same as what is set in the Web GUI. The name might not always be the same as the ObjectServer name. d. Make this change on both the primary and backup core Network Manager servers. e. Restart ncp_ctrl. Sample ncwDataSourceDefinitions.xml configuration for data source failover In the following sample code, the bold text identifies the values that are applicable to data source failover. <ncwDefaultDataSourceList> <ncwDataSourceEntry name="VirtualObjectServerPair"/> </ncwDefaultDataSourceList> ... <ncwDataSourceDefinition type="singleServerOSDataSource" name="VirtualObjectServerPair" enabled="true"> <ncwFailOverPairDefinition> <!-! The primary ObjectServer to connect to. ! - host : The hostname or IP address of the server the ObjectServer is installed on. ! - port : The port number the ObjectServer is listening on. ! - ssl : Enables SSL connection to the ObjectServer. [false|true] ! - minPoolSize : Specifies the minimum number of connections that will be added to the connection pool. Default value is 5. ! - maxPoolSize : Specifies the maximum number of connections that will be added to the connection pool. Default value is 10. !--> <ncwPrimaryServer> <ncwOSConnection host="AGG_P_hostname" port="AGG_P_port" ssl="false" minPoolSize="5" maxPoolSize="10"/> </ncwPrimaryServer> <!-! The optional failover ObjectServer to connect to. !--> <ncwBackUpServer> <ncwOSConnection host="AGG_B_hostname" port="AGG_B_port" ssl="false" minPoolSize="5" maxPoolSize="10"/> </ncwBackUpServer> </ncwFailOverPairDefinition> </ncwDataSourceDefinition> Configuring ObjectServer authentication If you are using an ObjectServer as the central user registry for user management and authentication, and you want the ObjectServer to be in a federated repository, you must use the script provided with Tivoli Integrated Portal to configure the Virtual Member Manager adapter for the ObjectServer. Configure the adapter for both of the ObjectServers in the failover pair. On each Tivoli Integrated Portal server where the Network Manager Web applications and the Web GUI are installed: 1. Go to the tip_home_dir/bin directory. 2. Enter the following command at the command line: confvmm4ncos user password address port address2 port2 Where: v user is the ID of a user with administrative privileges for the ObjectServers. v password is the password for the user ID. v address is the IP address of the primary ObjectServer. v port is the port number used by the primary ObjectServer. Chapter 4. Configuring 269 v address2 is the IP address of the backup ObjectServer. v port2 is the port number used by the backup ObjectServer. 3. Restart the Tivoli Integrated Portal server by using one of the following commands or methods: v UNIX Linux itnm_start tip v UNIX Linux startServer.sh server1 Configuring failover of the Network Manager core processes You can configure failover of the Network Manager core processes by using the $NCHOME/etc/precision/ConfigItnm.cfg file to enable failover. You must also use the $NCHOME/etc/precision/ServiceData.cfg file to set up a TCP socket connection between the primary and backup Network Manager domains. Related concepts: “Network Manager failover architecture (core processes)” on page 247 Failover of the Network Manager core processes can be implemented by setting up primary and backup Network Manager installations that run on different servers and domains. Both installations can either connect to a single Tivoli Netcool/OMNIbus ObjectServer or to a virtual pair of ObjectServers. Configuring failover using the ConfigItnm.cfg file: When you use the $NCHOME/etc/precision/ConfigItnm.DOMAIN.cfg file to configure failover, the Network Manager processes will read the file on startup to identify whether they are running in the primary or backup domain. The ConfigItnm.DOMAIN.cfg file contents must be identical on both the primary and backup domain servers. To configure failover by using the ConfigItnm.DOMAIN.cfg file: 1. On the primary Network Manager server, edit the $NCHOME/etc/precision/ ConfigItnm.PRIMARY_DOMAIN.cfg file as follows: a. Enable failover and specify the primary, backup, and virtual domain names for the Network Manager processes. You can insert the required values in the itnmDomain.failover table by editing the following section in the file: insert into itnmDomain.failover ( FailoverEnabled, PrimaryDomainName, BackupDomainName, VirtualDomainName ) values ( 0, "NCOMS_P", "NCOMS_B", "NCOMS_V" ); Complete the values section as follows, in the order listed: 270 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Column Required value FailoverEnabled Specify 1 to enable failover for the defined primary and backup domains. The default value of 0 means that failover is disabled. PrimaryDomainName Replace NCOMS_P with the actual name of the Network Manager primary domain in the failover pair. BackupDomainName Replace NCOMS_B with the actual name of the Network Manager backup domain in the failover pair. VirtualDomainName Replace NCOMS_V with a designated name for the Network Manager virtual domain in the failover pair. b. Specify the name of the ObjectServer to which the Probe for Tivoli Netcool/OMNIbus and the Event Gateway will connect. Insert the required value in the itnmDomain.objectServer table by editing the following section in the file: insert into itnmDomain.objectServer ( ServerName ) values ( "NCOMS" ); Complete the values section as follows: Column Required value ServerName If you are using Tivoli Netcool/OMNIbus V7.3 or later, and have configured ObjectServer failover using the supplied multitiered configuration files and naming conventions for the multitiered configuration, specify AGG_V as the name of the virtual aggregation pair. The initial value shown is either the name of the ObjectServer that was installed by the Network Manager installer, or NCOMS if no ObjectServer was installed. For earlier versions of Tivoli Netcool/OMNIbus, specify the alternative name defined for the ObjectServer virtual pair. If ObjectServer failover is not configured, specify the name of the single ObjectServer being used. Note: No additional failover configuration is required in the probe properties file. The default probe property settings provide adequate support for failover when the probe runs. 2. Save the file. 3. Copy the entire contents of the $NCHOME/etc/precision/ ConfigItnm.PRIMARY_DOMAIN.cfg file on the primary server to the $NCHOME/etc/precision/ConfigItnm.BACKUP_DOMAIN.cfg file on the backup server. Chapter 4. Configuring 271 Configuring the TCP socket connection between the domains: A TCP socket connection is required between the Virtual Domain processes in the primary and backup domains so that the topology data and topology updates can be copied to the backup domain. To configure the TCP connection: 1. On the primary Network Manager server, manually start the ncp_virtualdomain process from the $NCHOME/precision/bin directory: ncp_virtualdomain -domain PRIMARYDOMAIN_NAME When the ncp_virtualdomain process starts for the first time, it writes a line to the $NCHOME/etc/precision/ServiceData.cfg file, which lists TCP and multicast connection information for Network Manager processes. This line references ncp_virtualdomain, and includes the port on which the Virtual Domain component on the primary server accepts TCP connections from the backup server. For example: SERVICE: ncp_virtualdomain DOMAIN: VIRTUAL ADDRESS: 127.123.209.55 PORT: 1234 SERVERNAME: myhostname DYNAMIC: NO Tip: The DYNAMIC:NO setting forces the ncp_virtualdomain process to use the same address and port the next time that it starts. 2. Save the file. 3. Stop the ncp_virtualdomain process. 4. Copy the SERVICE: ncp_virtualdomain DOMAIN: VIRTUAL ... line from the $NCHOME/etc/precision/ServiceData.cfg file on the primary server into the $NCHOME/etc/precision/ServiceData.cfg file on the backup server. Ensure that only a single SERVICE: ncp_virtualdomain DOMAIN: VIRTUAL ... line is present in the file. Important: The SERVICE: ncp_virtualdomain DOMAIN: VIRTUAL ... line must be identical in the $NCHOME/etc/precision/ServiceData.cfg file in both domains. For further information about inter-process communication and the ServiceData.cfg file, see the IBM Tivoli Network Manager IP Edition Administration Guide. Related tasks: “Defining a fixed port for the TCP socket connection” To avoid firewall issues or port conflicts, you can define a fixed port for the TCP socket connection that enables the Virtual Domain process on the backup server to connect to the process on the primary server. Defining a fixed port for the TCP socket connection: To avoid firewall issues or port conflicts, you can define a fixed port for the TCP socket connection that enables the Virtual Domain process on the backup server to connect to the process on the primary server. On initial startup, the ncp_virtualdomain process on the primary server adds a line to the NCHOME/etc/precision/ServiceData.cfg file, with information about its connection details, including the port number. To define a fixed port, you must replace the initial port number with your required value. To configure a fixed port for failover: 272 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide 1. Edit the $NCHOME/etc/precision/ServiceData.cfg file on the primary server as follows: a. Locate the line that references ncp_virtualdomain. For example: SERVICE: ncp_virtualdomain DOMAIN: VIRTUAL ADDRESS: 127.123.209.55 PORT: 1234 SERVERNAME: myhostname DYNAMIC: NO In this example, the primary ncp_virtualdomain process accepts connections from the backup on port 1234. b. Change the PORT setting to the required value. c. Make a note of the port number, and save and close the ServiceData.cfg file. 2. On the backup server, edit the $NCHOME/etc/precision/ServiceData.cfg file by updating the port number specified on the line that references ncp_virtualdomain. Important: This line must be identical in the $NCHOME/etc/precision/ ServiceData.cfg file in both domains. For further information about the ServiceData.cfg file, see the IBM Tivoli Network Manager IP Edition Administration Guide. Related tasks: “Configuring the TCP socket connection between the domains” on page 272 A TCP socket connection is required between the Virtual Domain processes in the primary and backup domains so that the topology data and topology updates can be copied to the backup domain. Switching to failover configuration with NCIM topology database high availability: You can modify an existing failover architecture to include NCIM topology database high availability. Note: In previous Network Manager releases, users could include an NCIM topology database failover configuration by using NCIM replication (also referred to as NCIM topology database replication). The NCIM replication feature has been replaced by an NCIM topology database high availability feature that is provided by the supported database. For example, DB2 provides a feature called high availability disaster recovery (HADR) that you use to configure a failover configuration for the NCIM topology database. To configure NCIM topology database high availability: 1. Set up NCIM topology database high availability by using the high availability feature that is provided by the supported database. In the case of DB2, you follow the procedures described in the DB2 documentation to configure a failover configuration for the NCIM topology database using the HADR feature. See Related information below for links to your DB2 Information Center. 2. Configure Network Manager to work with the supported database. For example, perform the configuration tasks required to configure Network Manager to work with DB2 HADR. Chapter 4. Configuring 273 Related concepts: “About NCIM topology database high availability” on page 242 Network Manager allows you to configure the NCIM topology database for high availability, minimizing the impact of computer or network failure. The following sections provide an overview of NCIM topology database high availability and explain how to configure it. Related tasks: “Configuring failover using the ConfigItnm.cfg file” on page 270 When you use the $NCHOME/etc/precision/ConfigItnm.DOMAIN.cfg file to configure failover, the Network Manager processes will read the file on startup to identify whether they are running in the primary or backup domain. “Configuring Network Manager to work with DB2 HADR” You can configure Network Manager core processes to use the DB2 catalog and the Network Manager GUI to operate in the DB2 HADR (high availability disaster recovery) environment by editing several properties and configuration related files. Related information: IBM DB2 Version 10.1 Information Center For more information on DB2 10.1 HADR, search the IBM DB2 Version 10.1 Information Center. Suggested search terms inlcude "high availability". IBM DB2 Version 9.7 Information Center For more information on DB2 9.7 HADR, search the IBM DB2 Version 9.7 Information Center. Suggested search terms inlcude "high availability". Configuring Network Manager to work with DB2 HADR You can configure Network Manager core processes to use the DB2 catalog and the Network Manager GUI to operate in the DB2 HADR (high availability disaster recovery) environment by editing several properties and configuration related files. Related concepts: “About NCIM topology database high availability” on page 242 Network Manager allows you to configure the NCIM topology database for high availability, minimizing the impact of computer or network failure. The following sections provide an overview of NCIM topology database high availability and explain how to configure it. “Network Manager failover architecture (core processes)” on page 247 Failover of the Network Manager core processes can be implemented by setting up primary and backup Network Manager installations that run on different servers and domains. Both installations can either connect to a single Tivoli Netcool/OMNIbus ObjectServer or to a virtual pair of ObjectServers. Related information: IBM DB2 Version 10.1 Information Center For more information on DB2 10.1 HADR, search the IBM DB2 Version 10.1 Information Center. Suggested search terms inlcude "high availability". IBM DB2 Version 9.7 Information Center For more information on DB2 9.7 HADR, search the IBM DB2 Version 9.7 Information Center. Suggested search terms inlcude "high availability". 274 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Forcing Network Manager core processes to use the DB2 catalog: Use this information to force the Network Manager core processes to use the DB2 catalog. The Network Manager core processes need to use the DB2 catalog to obtain information about the alternate DB2 server. To force the Network Manager core processes to use the DB2 catalog, you edit two configuration files and run the DB2 UPDATE ALTERNATE SERVER FOR DATABASE command. For information on DB2 commands, see Related information below for links to your DB2 Information Center. The two properties files — DbLogins.Domaincfg and MibDbLogin.cfg — that you need to edit are part of the Network Manager core installation. Thus, these configuration files reside on the server on which Network Manager is installed. If you have Network Manager failover configured, then you would edit these configuration files on the primary and backup Network Manager servers. You run the UPDATE ALTERNATE SERVER FOR DATABASE command from the primary and secondary servers on which DB2 is installed. For details on this command, including the authorities required to run it, see Related information below for links to your DB2 Information Center. 1. On the Network Manager primary server, open the $NCHOME/etc/precision/ DbLogins.Domaincfg file for editing and do the following: a. Search for the attribute called m_PortNum. b. Set the value of the m_PortNum attribute to the value 0 (zero). c. Write and quit the configuration file. Perform the same steps on the Network Manager secondary server, if necessary. 2. On the Network Manager primary server, open the $NCHOME/etc/precision/ MibDbLogin.cfg file for editing and do the following: a. Search for the attribute called m_PortNum. b. Set the value of the m_PortNum attribute to the value 0 (zero). c. Write and quit the configuration file. Perform the same steps on the Network Manager secondary server, if necessary. 3. On the primary DB2 server, run the UPDATE ALTERNATE SERVER FOR DATABASE command to update the alternate DB2 server as follows: db2 update alternate server for database database-alias using hostname hostname port port-number where: v database-alias — Specifies the alias of the database where the alternate server is to be updated. v hostname — Specifies a fully qualified host name or the IP address of the node where the alternate server for the database resides. v port — Specifies the port number of the alternate server of the database manager instance. Perform the same steps on the secondary DB2 server. The following example shows the UPDATE ALTERNATE SERVER FOR DATABASE command executed on the primary DB2 server: db2 update alternate server for database TAURUS using hostname co110002 port 50000 Chapter 4. Configuring 275 The following example shows the UPDATE ALTERNATE SERVER FOR DATABASE command executed on the secondary DB2 server: db2 update alternate server for database TAURUS using hostname co110004 port 50000 Related tasks: “Setting a custom connection URL to identify the DB2 servers” Use this information to set a custom connection URL to identify the primary and secondary DB2 servers. This connection will allow the Network Manager GUI to work in the DB2 HADR environment. Related information: IBM DB2 Version 10.1 Information Center For more information on DB2 10.1 HADR, search the IBM DB2 Version 10.1 Information Center. Suggested search terms inlcude "high availability". IBM DB2 Version 9.7 Information Center For more information on DB2 9.7 HADR, search the IBM DB2 Version 9.7 Information Center. Suggested search terms inlcude "high availability". Setting a custom connection URL to identify the DB2 servers: Use this information to set a custom connection URL to identify the primary and secondary DB2 servers. This connection will allow the Network Manager GUI to work in the DB2 HADR environment. To set a custom connection URL to identify the primary and secondary DB2 servers, you edit three properties files and specify the URL connection to the primary and secondary DB2 servers. You specify the same URL connection in each of the properties files. Two of the properties files — $NCHOME/precision/profiles/ TIPProfile/etc/tnm/tnm.properties and $NCHOME/precision/profiles/ TIPProfile/etc/tnm/ncpolldata.properties — are applicable to the Network Manager GUI . The $NCHOME/precision/platform/java/lib/ncp_topoviz/etc/tnm/ tnm.properties file is part of the Network Manager core installation. The following is an example URL connection setting that applies to both tnm.properties files: tnm.database.jdbc.url=jdbc:db2://<primary_db2_server>:<primary_db2_port_number>/ <dbname>:clientRerouteAlternateServerName=<secondary_db2_server>; clientRerouteAlternatePortNumber=<secondary_db2_port>; The following is an example URL connection setting that applies to the ncpolldata.properties file: ncpolldata.database.jdbc.url=jdbc:db2://<primary_db2_server>:<primary_db2_port_number>/ <dbname>:clientRerouteAlternateServerName=<secondary_db2_server>; clientRerouteAlternatePortNumber=<secondary_db2_port>; where: v primary_db2_server — Specifies the name of the primary server on which the DB2 database is running. v primary_db2_port_number — Specifies the port number of the primary server on which the DB2 database is running. v secondary_db2_server — Specifies the name of the secondary server on which the DB2 database is running. v secondary_db2_port — Specifies the port number of the secondary server on which the DB2 database is running. 276 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide 1. Open the $NCHOME/precision/profiles/TIPProfile/etc/tnm/tnm.properties file for editing and do the following: a. Specify the URL connection to the primary and secondary DB2 servers. Use the example as a guide to specifying the syntax for the URL connection. b. Write and quit the properties file. 2. Open the $NCHOME/precision/profiles/TIPProfile/etc/tnm/ ncpolldata.properties file for editing and do the following: a. Specify the URL connection to the primary and secondary DB2 servers. Use the example as a guide to specifying the syntax for the URL connection. b. Write and quit the properties file. 3. Open the $NCHOME/precision/platform/java/lib/ncp_topoviz/etc/tnm/ tnm.properties file for editing and do the following: a. Specify the URL connection to the primary and secondary DB2 servers. Use the example as a guide to specifying the syntax for the URL connection. b. Write and quit the properties file. Related tasks: “Forcing Network Manager core processes to use the DB2 catalog” on page 275 Use this information to force the Network Manager core processes to use the DB2 catalog. Related information: IBM DB2 Version 10.1 Information Center For more information on DB2 10.1 HADR, search the IBM DB2 Version 10.1 Information Center. Suggested search terms inlcude "high availability". IBM DB2 Version 9.7 Information Center For more information on DB2 9.7 HADR, search the IBM DB2 Version 9.7 Information Center. Suggested search terms inlcude "high availability". Configuring parameters for health checks If required, you can configure preferred conditions under which health check events are generated, by specifying identical OQL inserts to the Virtual Domain process schema file (VirtualDomainSchema.cfg) on both the primary and backup servers. The Virtual Domain component uses two database tables (config and state) in the ncp_virtualdomain database to support Network Manager failover. The health check status records and filters are stored in these tables, which can be updated using the VirtualDomainSchema.cfg file. For further information about the config and state database tables, see the IBM Tivoli Network Manager IP Edition Management Database Reference. To change the default settings for the health check parameters: 1. On the primary Network Manager server, edit the $NCHOME/etc/precision/ VirtualDomainSchema.cfg file by specifying the following OQL inserts: v Update the column values in the config.defaults table to specify different time periods for the failover health checks. For example, you can use the m_HealthCheckPeriod column to change the time interval between each health check. Or you can use the m_FailoverTime column to change the interval after which failover is triggered by the backup domain, when the primary domain is deemed to be in poor health. The default settings are as follows: Chapter 4. Configuring 277 insert into config.defaults ( m_HealthCheckPeriod, m_FailoverTime, m_AutoTopologyDownload ) values ( 60, 300, 1 ); v If required, update the state.filters table to define individual filters for each poller configured in the $NCHOME/etc/precision/CtrlServices.cfg file. For example, for an additionally configured poller, PingPoller: insert into state.filters ( m_ServiceName, m_Filter, m_Description ) values ( "PingPoller", "m_ChangeTime > eval(time,’$TIME - 300’) and m_CtrlState <> 7", "The Poller has been running within the last 300 seconds" ); 2. Save and close the file. 3. Make identical changes to the $NCHOME/etc/precision/ VirtualDomainSchema.cfg file on the backup server. Related concepts: “Health check events and failover” on page 254 Failover is governed by health checks, which are configured to run periodically to assess the health of the primary and backup Network Manager domains. Configuring process dependencies for failover When running Network Manager in failover mode, you must start the Network Manager processes by using the ncp_ctrl process. The order in which the processes start is important, and is defined by the process dependencies that are configured in the $NCHOME/etc/precision/CtrlServices.cfg file. The Virtual Domain component (ncp_virtualdomain), which manages failover, depends on all the processes it is monitoring because it cannot correctly determine their health until the processes are running. In the CtrlServices.cfg file in both the primary and backup domains, the entry for the ncp_virtualdomain process has the following default configuration: dependsOn=[ "ncp_poller(default)", "ncp_g_event" ]; No further configuration is needed to set the process dependencies for failover, provided this default setting is retained. For further information about managing process dependencies, see the IBM Tivoli Network Manager IP Edition Administration Guide. 278 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Troubleshooting failover Review this information for help in resolving issues you might encounter with failover. Verifying the failover setup of the Tivoli Netcool/OMNIbus ObjectServers If ObjectServer failover is configured, you might find it useful to verify the failover setup of the ObjectServers. 1. After starting both ObjectServers, check that events forwarded to the primary ObjectServer are being displayed in the Active Event List. 2. Stop the primary ObjectServer and check the ObjectServer log file ($NCHOME/omnibus/log/PRIMARY_NAME.log) for failover messages. 3. Check the Active Event List to confirm that events forwarded to the backup ObjectServer are being displayed. 4. Restore the primary ObjectServer to a running state and verify that failback has occurred by checking its log file. For information about using the Tivoli Netcool/OMNIbus commands to start and stop the ObjectServer, see the Tivoli Netcool/OMNIbus documentation at http://publib.boulder.ibm.com/infocenter/tivihelp/v8r1/topic/ com.ibm.tivoli.nam.doc/welcome_ob.htm. For information about starting and stopping the ObjectServer using Network Manager commands, see the IBM Tivoli Network Manager IP Edition Administration Guide. Tracking failover of the Network Manager core processes You can perform a number of actions and checks to verify whether failover of the Network Manager core processes is operating as expected. Tracking failover on startup To ensure that the primary domain starts running as the active domain, start the primary domain and its Virtual Domain process before starting the backup domain. If the backup domain is started before the primary Virtual Domain process has started, the backup domain can become active, start polling the network, and raise health check problem events about the primary domain. This issue, however, resolves itself after the primary Virtual Domain starts and health check events are transmitted between the domains. At startup, the topology and policies are copied from the primary domain to the backup domain. The backup domain, however, cannot become active (on failover) until it has initialized its topology. To verify that the topology has been initialized: v Check for a non-zero size topology cache file (Store.Cache.ncimCache.entityData.domain) in the $NCHOME/var/precision directory in the backup domain, where domain is the name of the current domain. Event generation for startup: Monitor the Active Event List for ItnmServiceState and ItnmFailoverConnection Network Manager events, to verify that the Virtual Domain processes are running, and that the TCP socket connection has been established: v After each local ncp_virtualdomain process starts, the ncp_ctrl process generates an ItnmServiceState resolution event. v When a TCP connection is established between the Virtual Domain processes, an ItnmFailoverConnection resolution event is generated. Chapter 4. Configuring 279 Tracking failover when the system is in a steady state Normal, steady-state failover behavior can be achieved only after the Virtual Domain processes in the primary and backup domains have started and connected. Steady-state behavior can be defined as follows: v The primary domain is active, and operating as if it is the sole domain. The discovery process discovers the network, which is monitored by the poller, and events are enriched by the Event Gateway. v The backup domain is in standby mode. Discovery is not initiated, and the poller keeps track of the policies configured in the primary domain, but does not poll any devices. The Event Gateway also does not update events in the ObjectServer. You can run OQL queries on each domain to check on the status of processes: v You can check the status of individual Network Manager processes by querying the database of the ncp_ctrl process. All processes that are running without issue should have the setting serviceState = 4 in the services.inTray database table, to indicate that the service is “alive and running”. v The ncp_poller and ncp_g_event processes each have an associated config.failover database table, which identifies their current failover state. When running successfully in a steady state, these processes have the setting FailedOver = 0 in the config.failover OQL table in both domains. (The Virtual Domain process periodically updates the FailedOver field.) Tip: The config database schema is defined in the following files: $NCHOME/etc/precision/NcPollerSchema.cfg and $NCHOME/etc/precision/ EventGatewaySchema.cfg. For further information about running OQL queries, see the IBM Tivoli Network Manager IP Edition Language Reference. For further information about how to identify which processes are running, see the IBM Tivoli Network Manager IP Edition Administration Guide. Event generation while in a steady state: Each domain generates events about its state, based on the filters in the $NCHOME/etc/precision/VirtualDomainSchema.cfg file. These events are generated at an interval configured in the m_HealthCheckInterval field. Monitor the Active Event List for ItnmHealthChk and ItnmDatabaseConnection Network Manager events to check whether the primary and backup domains are in good health: v Each domain generates ItnmHealthChk resolution events while it is healthy. v The primary domain generates an ItnmDatabaseConnection problem event if connection to the primary NCIM database is lost. If the connection is not re-established within the time interval defined for the NCIM state.filters entry in the VirtualDomainSchema.cfg file, the primary domain generates an ItnmHealthChk problem event, about the primary domain. v If the backup domain does not receive an ItnmHealthChk resolution event from the primary domain within the configured m_FailoverTime interval, the backup domain generates a synthetic ItnmHealthChk problem event on behalf of the primary domain. If either the primary or backup domain generates an ItnmHealthChk problem event for the primary domain, failover is triggered, and the backup domain becomes active. If the primary domain is still running, it goes into standby mode. 280 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Tip: For health check events, the Node field identifies the domain for which the health check event is generated. Tracking failover and failback When failover occurs, the backup domain becomes active, the backup poller monitors the network, and the Event Gateway updates ObjectServer events. You can run OQL queries to check on the status of the ncp_poller and ncp_g_event processes. These processes each have an associated config.failover database table, which identifies their current failover state. When the backup domain is active, these processes have the setting FailedOver = 1 in the config.failover table, to indicate that they are in a failover state. (If the primary domain is still running, the associated processes are also assigned the value of FailedOver = 1.) When failback occurs, the backup domain goes into standby, and the primary domain becomes active again. This is analogous to startup. Event generation on failover and failback: Monitor the Active Event List for ItnmHealthChk and ItnmFailover Network Manager events, to confirm failover and failback behavior: v An ItnmHealthChk problem event about the primary domain indicates that failover has been triggered. A subsequent ItnmHealthChk resolution event about the primary domain indicates that failback has been triggered. v ItnmFailover events are generated to indicate when a Network Manager domain fails over or fails back. The event description states whether the domain is the primary or backup, and whether it has become active or gone into standby mode. Related reference: “Network Manager status events” on page 161 Network Manager can generate events that show the status of various Network Manager processes. These events are known as Network Manager status events and have the alerts.status AlertGroup field value of ITNM Status. Investigating why failover occurred Because failover can be initiated by either the primary or the backup domain, it is important to identify which domain initiated failover. Perform either of the following actions: v Review the Virtual Domain log file ($NCHOME/log/precision/ ncp_virtualdomain.DOMAIN.log) and the Event Gateway log file ($NCHOME/log/precision/ncp_g_event.DOMAIN.log). v Review the ItnmHealthChk and ItnmFailover events in the Active Event List. (This is the simpler approach.) If the primary domain initiated failover, this indicates a failure of one of the primary domain processes. You can check the status of the processes by querying the database of the ncp_ctrl process. The serviceState field in the services.inTray database table shows the current operational state for each of the processes. For further information about how to identify which processes are running, see the IBM Tivoli Network Manager IP Edition Administration Guide. If the backup domain initiated failover, this indicates a failure to route health check events through the system due to one of the following reasons: Chapter 4. Configuring 281 v The primary domain did not raise a health check event (for example, because the primary server was down). v The Probe for Tivoli Netcool/OMNIbus or Event Gateway processes in both domains are not configured to access the same ObjectServer. v The Event Gateway Failover plug-in is not enabled. v The Probe for Tivoli Netcool/OMNIbus rules file has been modified such that the health check event does not contain the required information. v The backup Event Gateway is not letting health check events through the nco2ncp filter. For further information about enabling the Failover plug-in and about event filters, see the IBM Tivoli Network Manager IP Edition Event Management Guide. Also ensure that Virtual Domain is configured (in the $NCHOME/etc/precision/ CtrlServices.cfg file) to have a dependency on all processes listed in the $NCHOME/etc/precision/VirtualDomainSchema.cfg file. Related tasks: “Configuring failover using the ConfigItnm.cfg file” on page 270 When you use the $NCHOME/etc/precision/ConfigItnm.DOMAIN.cfg file to configure failover, the Network Manager processes will read the file on startup to identify whether they are running in the primary or backup domain. Related reference: “Network Manager status events” on page 161 Network Manager can generate events that show the status of various Network Manager processes. These events are known as Network Manager status events and have the alerts.status AlertGroup field value of ITNM Status. Investigating TCP connection issues A TCP socket connection is required between the Virtual Domain processes in the primary and backup domains so that the topology data and topology updates can be copied from the primary domain to the backup domain. If the TCP connection is lost: v Check that Virtual Domain is configured (in $NCHOME/etc/precision/ CtrlServices.cfg) to have a dependency on all processes listed in the $NCHOME/etc/precision/VirtualDomainSchema.cfg file. v Check that the ncp_config process is running. You can check the status of ncp_config by querying the database of the ncp_ctrl process. If running without issue, ncp_config should have the setting serviceState = 4 in the services.inTray database table. For further information about how to identify which processes are running, see the IBM Tivoli Network Manager IP Edition Administration Guide. If the TCP connection is not being established: v Check that the $NCHOME/etc/precision/ServiceData.cfg files in both domains have the same entry for the Virtual Domain process. v Check that boundary firewalls between the domains allow the TCP connection on the defined server port. v Check that the defined port is available for use on the primary domain. 282 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Related tasks: “Configuring process dependencies for failover” on page 278 When running Network Manager in failover mode, you must start the Network Manager processes by using the ncp_ctrl process. The order in which the processes start is important, and is defined by the process dependencies that are configured in the $NCHOME/etc/precision/CtrlServices.cfg file. “Configuring the TCP socket connection between the domains” on page 272 A TCP socket connection is required between the Virtual Domain processes in the primary and backup domains so that the topology data and topology updates can be copied to the backup domain. Sequence for restarting the server processes in a failover configuration Use this information as a guide for restarting the server processes if your Network Manager failover environment requires a reboot of all the servers. Start the processes in the following order: 1. Start the primary ObjectServer. Depending on your installation and configuration setup, you can use one of the following methods: v Tivoli Netcool/OMNIbus process control on UNIX, Linux, and Windows v Services on Windows v The Tivoli Netcool/OMNIbus nco_objserv command v The Network Manager itnm_start command For information about using the Tivoli Netcool/OMNIbus commands to start the ObjectServer, see the Tivoli Netcool/OMNIbus documentation at http://publib.boulder.ibm.com/infocenter/tivihelp/v8r1/topic/ com.ibm.tivoli.nam.doc/welcome_ob.htm. For information about starting the ObjectServer using Network Manager commands, see the IBM Tivoli Network Manager IP Edition Administration Guide. 2. Start the backup ObjectServer. 3. Start the topology database if not already running. 4. Start the primary Network Manager server on which the core processes are installed, by using the itnm_start command or by starting the master process controller, ncp_ctrl. Also verify that the Virtual Domain process in the primary domain has started, by running the itnm_status command in the $NCHOME/precision/bin directory. For information about starting the Network Manager server and processes, see the IBM Tivoli Network Manager IP Edition Administration Guide. 5. Start the backup Network Manager server on which the core processes are installed. Tip: The Tivoli Integrated Portal server, on which the Network Manager Web applications and the Tivoli Netcool/OMNIbus Web GUI are installed, starts automatically whenever the computer is started. Chapter 4. Configuring 283 Changing the IP address and hostname of the Network Manager installation If you change the IP address and hostname of the server where any of the components of Network Manager or integrated products are installed, you must configure Network Manager and associated components and products. Changing the IP address and hostname for Network Manager If you want to change the IP address and hostname for the server where the Network Manager core components are installed, you must perform some configuration tasks. Complete the following steps to change the IP address and hostname on the Network Manager server. 1. Change to the following directory: NCHOME/etc/. 2. Edit the configuration file: itnm.cfg. 3. Change the following parameter: ncp. Update this to the new hostname of the Network Manager server; for example: ncp=myhost 4. 5. 6. 7. Save the itnm.cfg file. Change to the following directory: NCHOME/etc/precision/. Edit the file: ServiceData.cfg. Change the following line: SERVICE: ncp_config DOMAIN: NCOMS ADDRESS: Network_Manager_server_IP_address PORT: port_number SERVERNAME: Network_Manager_server_hostname DYNAMIC: NO Where: v Network_Manager_server_IP_address is the new IP address of the Network Manager server. v Network_Manager_server_hostname is the new hostname of the Network Manager server. 8. Save the ServiceData.cfg file. Changing the IP address and hostname on the Tivoli Netcool/OMNIbus server If you want to change the IP address and hostname on the Tivoli Netcool/OMNIbus server, you must perform some configuration tasks. Complete the following steps to change the IP address and hostname on the Tivoli Netcool/OMNIbus server: 1. Change to the following directory: NCHOME/etc/. 2. Edit the file: omni.dat. 3. Look for lines containing the Tivoli Netcool/OMNIbus server. These lines might be similar to the following lines: [NCOMS] { Primary: OMNIbus_server_hostname 4100 } [NCO_PA] { Primary: OMNIbus_server_hostname 4200 } 284 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Where: v OMNIbus_server_hostname is the hostname of the Tivoli Netcool/OMNIbus server. Change the Tivoli Netcool/OMNIbus server hostname in each of these lines. 4. Run the NCHOME/bin/nco_igen utility to apply the changes. 5. Repeat the previous steps on each of the hosts that connect to the Tivoli Netcool/OMNIbus server; for example, make these changes on connected probes, gateways, and ObjectServers. Updating Network Manager for a new Tivoli Netcool/OMNIbus IP address and hostname If you update the IP address and hostname for the Tivoli Netcool/OMNIbus server, you must configure Network Manager to use the new IP address and hostname. Complete the following steps to update Network Manager to make it aware of the changes to the Tivoli Netcool/OMNIbus server hostname: 1. Update the Network Manager core components by editing the configuration file: NCHOME/etc/itnm.cfg. 2. Change the following parameter:nco. Update this to the new hostname of the Tivoli Netcool/OMNIbus server; for example:nco=omnihost. 3. Save the itnm.cfg file. 4. Update the Network Manager GUI components by editing the file webgui_home_dir/etc/datasources, where webgui_home_dir is the installation directory for the Web GUI; for example, $NCHOME/omnibus_webgui. 5. Update the Network Manager web applications to configure them to use the changed Tivoli Netcool/OMNIbus server hostname: a. Edit the following file: NCHOME/omnibus_webgui/etc/datasources/ncwDataSourceDefinitions.xml b. Change the host and port values in the following sections to match your updated configuration: v <ncwPrimaryServer> v <ncwBackUpServer> Note: Only change this section if a backup Tivoli Netcool/OMNIbus ObjectServer is configured. c. Save the modified ncwDataSourceDefinitions.xml file. d. Restart the Tivoli Integrated Portal server to apply the changes. Updating the Tivoli Integrated Portal for a new Tivoli Netcool/OMNIbus IP address and hostname If the Tivoli Integrated Portal server was originally configured to use the Tivoli Netcool/OMNIbus ObjectServer as its primary user repository, and you update the IP address and hostname for the Tivoli Netcool/OMNIbus server, you must configure the Tivoli Integrated Portal to use the new IP address and hostname. Complete the following steps to configure the Tivoli Integrated Portal to use the new Tivoli Netcool/OMNIbus server hostname: 1. Edit the following file: Chapter 4. Configuring 285 TIPHOME/profiles/TIPProfile/config/cells/TIPCell/wim/config/ wimconfig.xml 2. Change the host1 and port1 properties to match your updated configuration in the following file: config:repositories adapterClassName= "com.ibm.tivoli.tip.vmm4ncos.ObjectServerAdapter" 3. Save the modified wimconfig.xml file. 4. Restart the Tivoli Integrated Portal server to apply the changes. Changing the IP address and hostname on the Tivoli Integrated Portal server If you want to change the IP address and hostname of the Tivoli Integrated Portal, you must configure the Tivoli Integrated Portal. Follow these steps to change the IP address and hostname on the Tivoli Integrated Portal server: 1. Change to the following directory: TIPHOME/profiles/TIPProfile/bin/. 2. Use the wsadmin command to change the Tivoli Integrated Portal server hostname and IP address: wsadmin.sh -user tipadmin -password password -c "\$AdminTask changeHostName {-hostName new_hostname -nodeName new_node}" -c "\$AdminConfig save" This provides output similar to the following: WASX7209I: Connected to process "server1" on node TIPNode using SOAP connector;The type of process is: UnManagedProcess 3. Restart the Tivoli Integrated Portal server. Updating Network Manager for changed hostname of the Tivoli Integrated Portal server If you change the hostname of the Tivoli Integrated Portal server, you must configure Network Manager to use the new hostname. To configure Network Manager to use the new hostname, complete the following steps: 1. Update the Network Manager core components by editing the configuration file: NCHOME/etc/itnm.cfg. 2. Change the following parameter: tip Update this to the new hostname of the Tivoli Integrated Portal server; for example: tip=tiphost 3. Save the itnm.cfg file. 286 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Changing the IP address and hostname on the Deployment Engine server If you have changed the IP address and hostname on servers where components of Network Manager are installed, you must reconfigure the IP address and hostname for the IBM Autonomic Deployment Engine (DE). The Deployment Engine is present on any host where Network Manager components (GUI or core) are installed. If you have more than one host with Network Manager components installed, and you change the IP address or hostname of any of those servers, ensure you update the Deployment Engine settings on each host that changes. Follow these steps to change the IP address and hostname for IBM Autonomic Deployment Engine (DE): 1. Change to the following directory: $DE_HOME/bin/, where DE_HOME is as follows: v /usr/ibm/common/acsi/ for a root installation. v $HOME/.acsi_$LOGNAME/ for a non-root installation. 2. Use the de_chghostname command to change the DE server hostname: ./de_chghostname.sh -name DE_server_hostname Where DE_server_hostname is the new hostname of the DE server. Changing the IP address for Tivoli Common Reporting If you want to change the IP address and hostname on the Tivoli Common Reporting server, you must perform some configuration tasks. Follow these steps to change the IP address and hostname on the Tivoli Common Reporting server: 1. On the server where Tivoli Common Reporting is installed, Export the Tivoli Common Reporting configuration using the following command: $TCR_HOME/cognos/bin/tcr_cogconfig -e cogstartup.xml.exported 2. Update the file cogstartup.xml.exported by changing all instances of the old hostname with new hostname. 3. Replace the original $TCR_HOME/cognos/configuration/cogstartup.xml file with the cogstartup.xml.exported file. 4. Update the file $TCR_HOME/cognos/configuration/cogconfig.prefs by changing all instances of old hostname with new hostname. 5. Update the connection string by first changing to the directory /opt/IBM/tivoli/tipv2Components/TCRComponent/bin/ and then issuing the following command: ./trcmd.sh -user user -password password -datasource -add servletInventory -connectionName servletInventory -dbType database_type -connectionString connection_string -force Where: v user is the database user name. v password is the database user password v database_type is the database type. v connection_string is the connection string to use, including the new hostname. For example: Chapter 4. Configuring 287 ./trcmd.sh -user tipadmin -password passw0rd -datasource -add servletInventory -connectionName servletInventory -dbType XML -connectionString "http://abc.xyz.com:16310/tarf/servlet/inventory#’?search=%2f %2f%2a’ + ’&CAMpassport=’ + CAMPassport() #" -force 6. Restart the Tivoli Integrated Portal server and the Tivoli Common Reporting server. Configuring Network Manager for a changed IP address of the DB2 NCIM server If you change the IP address or hostname of the DB2 server hosting the NCIM topology database, you must configure Network Manager to use the new details. 1. On the server where the Network Manager are installed, edit the following file: NCHOME/etc/precision/DbLogins.DOMAIN.cfg 2. Change the hostname settings in this file and save the file. 3. Edit the following file: NCHOME/etc/precision/MibDbLogins.cfg 4. Change the hostname settings in this file and save the file. 5. On the server where the Network Manager web applications are installed, edit the following file: NCHOME/precision/profiles/TIPProfile/etc/tnm/tnm.properties 6. Change the hostname settings in this file and save the file. 7. Edit the following file: NCHOME/precision/profiles/TIPProfile/etc/tnm/ncpolldata.properties 8. Change the hostname settings in this file and save the file. Setting environment variables Before starting any components or working with any configuration files, set the Network Manager environment variables by running the environment script. The environment script sets the following required environment variables. Other environment variables are set automatically when necessary by Network Manager components. NCHOME The Netcool home location that defaults to netcool directory under the installation directory: v UNIX /opt/IBM/tivoli/netcool ITNMHOME and PRECISION_HOME The Network Manager home location that defaults to NCHOME/precision directory under the installation directory: v UNIX /opt/IBM/tivoli/netcool/precision Note: The script also sets PRECISION_HOME. By default, PRECISION_HOME is set to the same location as ITNMHOME, but is used by other parts of the product. TIPHOME The Tivoli Integrated Portal home location that defaults to the tip directory under the installation directory: v 288 UNIX /opt/IBM/tivoli/tipv2 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide To set the environment variables, run the appropriate script for your operating system. UNIX Run the Installation directory/netcool/env.sh script. After you have set the environment variables, start Network Manager and make sure it is running correctly. Default directory structure Use this information to understand the Network Manager directory structure. Top level directory structure Within the directory that Network Manager is installed into, the following subdirectories are created: netcool, tipv2, and tipv2Components. v The netcool directory contains Network Manager configuration files. v The tipv2 directory contains WebSphere Application Server and Tivoli Integrated Portal customizations. The tipv2 directory is the default directory suggested by the installer for the Tivoli Integrated Portal and can be set independently to the Network Manager installation directory. If you are installing Network Manager into an existing installation of the Tivoli Integrated Portal, the Tivoli Integrated Portal files are installed into the existing Tivoli Integrated Portal directory. v The tipv2Components directory contains Enterprise Storage Server (ESS) server, Business Intelligence and Reporting Tools (BIRT) extensions, and Tivoli Common Reporting files. For information about the installation directories for Tivoli Netcool/OMNIbus and Tivoli Netcool/OMNIbus Web GUI, see the IBM Tivoli Netcool/OMNIbus Installation and Deployment Guide. Directories used by the installer The installer installs files in NCHOME, TIPHOME, and in other directories, depending on the operating system being installed on and the user performing the installation. The following table lists the extra directories used by the installer. Table 48. Directories used by the installer Installation Directories used for installation files UNIX UNIX operating systems, root user /usr/ibm/common/acsi UNIX UNIX operating systems, non-root user /var/ibm/common/acsi ~/.acsi_$HOSTNAME ~/tivoli ~/.cit (that is, in the user's home directory) C:\Program Files (x86)\IBM\Common\acsi C:\Program Files\IBM\Common\acsi Chapter 4. Configuring 289 Contents of the netcool directory The following table describes the contents of the netcool directory. All paths are shown relative to NCHOME. In this table, arch denotes an operating system directory. The name of this directory varies according to the operating system on which the software is installed: v Linux – linux2x86 v Windows – win32 If you have installed other IBM Tivoli products, such as IBM Tivoli Business Service Manager, on the same server as Network Manager, there might be extra directories and files present. See the documentation for any other products you have installed for more information on their directories and files. Table 49. Directories in NCHOME 290 Directory Description bin Contains wrapper scripts that set the environment and execute/run the binary files for product or components supplied with Network Manager. etc Contains configuration files for products or components supplied with Network Manager. etc/precision Configuration files for all the Network Manager components. ini Only on Windows operating systems. Contains files specific to IBM Tivoli Netcool/OMNIbus. install Contains files used by the installation process. You should not need to alter the contents of this directory. license Contains the text of the product license agreement in various languages. locales Only on Windows operating systems. Contains lookup files for internationalization of various components. log Contains log files. log/install Contains log files for the installation. log/precision Contains log files created by Network Manager processes. omnibus If present, contains IBM Tivoli Netcool/OMNIbus files. omnibus_webgui If present, contains Tivoli Netcool/OMNIbus Web GUI files. PD/precision Contains FFDC scripts. platform/arch Contains the Java Development Kit (JDK) and Java Runtime Environment (JRE) used by the Tivoli Integrated Portal. precision Contains files for Network Manager. See later in this topic. probes Contains files for the Probe for IBM Tivoli Netcool/OMNIbus, the nco_p_ncpmonitor process. _uninst Contains files for uninstallation. var Contains persistent application data. var/install Contains database files for the installation process. var/precision Used by the ncp_store process to hold cached information that can be used to restore the databases should a process terminate unexpectedly. IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Contents of the precision directory The following table describes the contents of the NCHOME/precision directory. All paths are shown relative to NCHOME/precision. In this table, arch denotes an operating system directory. The name of this directory varies according to the operating system on which the software is installed: v Linux – linux2x86 v Windows – win32 Note: NCHOME/precision is the path set by default for PRECISION_HOME and ITNMHOME. Table 50. Directories in NCHOME/precision Directory Description adapters/ncp_dla Contains files for the library adapter used for integration with products such as IBM Tivoli Application Dependency Discovery Manager. adapters/ itnm_systemsDirector LiC Contains files for integration with IBM Systems Director. aoc Contains the Active Object Class (AOC) files used by the dynamic class management and distribution system, CLASS. bin Contains wrapper scripts for all executable files. The executable files are held at the following location:platform/arch/bin collectors/ perlCollectors Contains files for Element Management System integrations. contrib Contains unsupported utilities for managing Network Manager. Also used by the Netcool for Asset Management solution to contain example SQL*Plus reports. cshrc Only on UNIX operating systems. Used for setting up the environment for your C shell. disco Contains files used by DISCO. Contains the agent definition files, discovery agents, finder, helper files, and the stitchers. embeddedDb Contains files for dNCIM. eventGateway Contains stitchers for event gateway and RCA. integration Contains files for component GUI integration. install Contains files used by the installation process. java_api Contains the JAVA API for developing Java applications that integrate with Network Manager components. locales Only on Windows operating systems. Contains lookup files for internationalization of various components. mibs Contains Management Information Base (MIB) files. PD Any core files generated by Network Manager are written into subdirectories of the PD directory. The core files can be used to help diagnose the cause of a problem. perl Contains perl files used in Network Manager. platform/arch Contains subdirectories particular to the operating system on which you installed Network Manager. Chapter 4. Configuring 291 Table 50. Directories in NCHOME/precision (continued) Directory Description platform/arch/bin Contains executable files for the Network Manager components. The files are appended to your PATH environment. Wrapper scripts for all of these executable files are held in the following location: NCHOME/precision/bin. platform/arch/jre Contains the JAVA Run-Time Environment used by Network Manager. platform/arch/lib Contains the object libraries used by all Network Manager components. platform/java/lib The Monitor Configuration GUI installation. The User Configuration Tool installation. products Contains GUI files for integrated products. profile Only on UNIX operating systems. Used for setting up the environment for your Bash shell. profiles Contains GUI-related files. Note: All Network Manager-specific files previously located in TIPHOME/profiles are now located in ITNMHOME/profiles. scripts Contains scripts supplied with the Network Manager products. It is advisable to keep any user-defined scripts in this directory so that they can easily be managed. system Contains files for product operation. systemApps Contains files for Web applications. Related reference: “Installation directory requirements” on page 37 The directory where you install Network Manager must fulfill certain requirements. Configuring Juniper PE Devices One of the device polls enabled by default is the Juniper Remote Ping poll. To ensure that this poll is able to retrieve data, you must configure each Juniper PE device to provide access to certain tables within the device. Remote ping poll operations on Juniper devices require access to the pingCtlTable and jnxPingCtlTable tables in the Juniper PE devices. This is achieved using the SNMP View-Based Access Control Model (VACM) for view PrecisionIP. Make sure you set up each Juniper PE device to provide access to these tables for view PrecisionIP before enabling the Juniper Remote Ping poll policy. The following example shows how a Juniper PE device can be configured to provide access for view PrecisionIP to the tables required for remote ping polling. Setting Up Access using VACM To provide access to the pingCtlTable and jnxPingCtlTable tables for view PrecisionIP on a Juniper PE device, do the following: 1. Use the telnet command to log into the PE device. 2. Enter configure to launch the editing command line. 292 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Type Type Type Type Type 3. 4. 5. 6. 7. edit snmp and press Enter. edit view PrecisionIP and press Enter. set oid 1.3.6.1.2.1.80 include and press Enter. set oid 1.3.6.1.4.1.2636.3.7 include and press Enter. up and press Enter. 8. Type edit community watermelon and press Enter, where watermelon is the new write community string. 9. Type set view PrecisionIP and press Enter. 10. Type set authorization read-write and press Enter. 11. Type commit and press Enter. 12. Type exit and press Enter. New entries are created for view PrecisionIP in the vacmViewTreeFamilyTable MIB table on the PE device. To view the summary of the inserted section, you can type show configuration snmp and press Enter. The following screen is displayed: view PrecisionIP { oid 1.3.6.1.2.1.80 include; oid 1.3.6.1.4.1.2636.3.7 include; } community watermelon { view PrecisionIP; authorization read-write; } The settings above provide access to the tables required for remote ping poll operations using the community string watermelon. Providing support for legacy devices in a FIPS 140-2 installation If you have installed a FIPS 140-2 installation, you can still install non-FIPS 140–2 compliant algorithms such as DES and MD5 to enable you to access legacy equipment on your network. 1. Go to the directory where you extracted the Network Manager installation package. 2. Change to the following subdirectory of the extracted installation package: COI/PackageSteps/Non-FIPS_back_end/FILES 3. Depending on your operating system, verify that the following file is present: v UNIX Non-FIPS_back_end-arch-v.r.f.m.tar.gz where: v v.r.f.m is the version number. v arch is the name of the operating system architecture on which the product is installed, for example, solaris2. 4. Depending on your operating system, perform the following step: v UNIX On UNIX systems, run the following command: tar -xzvf Non-FIPS_back_end-arch-v.r.f.m.tar.gz -C $NCHOME *libNCP* As a result, you should have the two shared libraries in the right location, for example: v UNIX On UNIX systems: – $NCHOME/precision/platform/solaris2/lib/libNcpSnmpPrivDES.so – $NCHOME/precision/platform/solaris2/lib/libNcpSnmpAuthMD5.so Chapter 4. Configuring 293 These libraries allow the Network Manager Polling engine, ncp_poller, to use the DES and MD5 encryption algorithms. 5. Edit the following configuration file: ITNMHOME/profiles/TIPProfile/etc/tnm/ tnm.properties 6. Change the following property to false: tnm.fips.mode=false This allows configuration of the DES and MD5 encryption algorithms for SNMPv3 using the Discovery Configuration GUI. Related tasks: “Extracting the installation file” on page 48 If you have downloaded the installation file, you must extract the installation package before installing the product. Creating and configuring extra network domains If your deployment requires additional network domains, you must configure process control for the domains and register the domains with the NCIM topology database. You can also migrate the configuration and network polls from an existing domain to the new domains. You must use one instance of ncp_ctrl to run and manage each domain. The ncp_ctrl process must be running on a domain, otherwise that domain cannot be configured from the GUI. You can run the domain_create.pl script to copy configuration data from an existing domain. The script does not migrate the topology from the original domain.For guidelines on the number of network domains required for a given deployment, see the IBM Tivoli Network Manager IP Edition Product Overview. To set up a Network Manager domain: 1. Back up the NCHOME\etc\precision\CtrlServices.cfg file for the domain you set up during installation. 2. Make a domain-specific CtrlServices.cfg file: a. Make a copy of the CtrlServices.cfg file. b. Rename the file to CtrlServices.domain_name.cfg where domain_name is the required domain. For example, CtrlServices.MASTER.cfg. Restriction: Only alphanumeric characters and the underscore (_) character may be used for domain names. Any other characters, for example the hyphen (-) are forbidden. 3. Optional: Edit the copied and appended file. 4. Optional: Configure discovery for the domain by making changes to the discovery configuration files: a. Back up the configuration file that you want to change. b. Rename the file by appending the name of the domain. For example DiscoPingFinderSeeds.MASTER.cfg c. Make the required changes and save the file. 5. Make a domain-specific ConfigItnm.cfg file: a. Make a copy of the ConfigItnm.cfg file. b. Rename the file to ConfigItnm.domain_name.cfg where domain_name is the required domain. For example, ConfigItnm.MASTER.cfg. c. Edit the file and add the ObjectServer connection details. 294 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide 6. Register the new domain with the NCIM topology database, and migrate the configuration and network polls from an existing domain: a. Back up the DbLogins.cfg file, and create a domain-specific version of the file. For example, DbLogins.MASTER.cfg b. Edit the domain-specific DbLogins.cfg file to provide the database connection details. Restriction: For the SolidDB (dNCIM) database, the port number must be unique. c. Run the domain_create.pl script, as shown in the following example: UNIX $NCHOME/precision/bin/ncp_perl NCHOME/precision/scripts/perl/scripts/domain_create.pl -domain newdomain -password password -help Where: newdomain Is the name of the domain you have created, for example MASTER. password Is the password for the domain. - help Is an optional argument that provides further options. 7. Start the Network Manager processes on the domain using a command line similar to the following: itnm_start ncp -domain MASTER 8. Repeat the steps to set up all the required domains. After ncp_ctrl to is started on the domain, you can configure the domain. For example, you can configure the discovery by using the Network Discovery GUI or the configuration files, or configure network polling. You select the required domain before you start configuring the discovery or poll. Because network discovery is a resource-intensive process, discoveries are usually run one domain at a time. If you want to run discoveries for more than one domain at the same time, ensure that you have enough resources available. For example, ensure that enough database connections are configured, and that network devices are not overloaded with traffic. Check the memory usage of Network Manager processes to ensure that enough memory is available on the server to run the discoveries efficiently. For more information about configuring discovery, see the IBM Tivoli Network Manager IP Edition Discovery Guide. For more information about configuring network polling, see the IBM Tivoli Network Manager IP Edition Event Management Guide. Related concepts: “Network domains” on page 20 Before installing, you need to consider whether to partition your network into domains, or have a single domain for the entire network. A network domain is a collection of network entities to be discovered and managed. Chapter 4. Configuring 295 Configuring OQL Service Provider authentication Queries against Network Manager component databases can be run from the command line using the OQL Service Provider process, ncp_oql. You can configure ncp_oql to authenticate against the NCIM database or against the Tivoli Netcool/OMNIbus ObjectServer. Alternatively you can configure ncp_oql to allow queries to run without authentication. The OQL Service Provider authentication engine, ncp_auth is no longer used in Network Manager versions 3.9 and later. By default, there is no authentication for ncp_oql queries from the command line. You can configure the OQL Service Provider to authenticate against the NCIM database or against the ObjectServer, as follows: v Authentication against the NCIM database: this forces the OQL Service Provider to authenticate using the username and password of the NCIM database, as specified at installation time and configured in the DbLogins.cfg configuration file. v Authentication against the ObjectServer: this forces the OQL Service Provider to authenticate using the administrator account name and password of Tivoli Netcool/OMNIbus, as specified at installation time. OQL Service Provider authentication is controlled by the value of the m_OQLAuthenticationMode within the config.settings table. The field takes the following values: v 0: No authentication. Username and password are not required, and if specified in the command line, are ignored. v 1: Authentication against NCIM database. v 2: Authentication against the Tivoli Netcool/OMNIbus ObjectServer. To set up OQL Service Provider authentication: 1. Edit the ncp_config configuration file, $NCHOME/etc/precision/ ConfigSchema.cfg. 2. Configure one of the following inserts to the config.settings table: v Configure authentication against the NCIM database. insert into config.settings ( m_OQLAuthenticationMode, ) values ( 1, ); v Configure authentication against the ObjectServer. insert into config.settings ( m_OQLAuthenticationMode, ) values ( 2, ); 296 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Configuring the SNMP Helper The SNMP Helper is used by discovery and polling to issue SNMP requests to network devices. You can configure how the SNMP Helper issues SNMP requests and how it processes the results of SNMP requests. For information on where the SNMP Helper is used in discovery and polling, see the following guides: v For discovery, see the IBM Tivoli Network Manager IP Edition Discovery Guide. v For polling, see the IBM Tivoli Network Manager IP Edition Event Management Guide. Configuring SNMP Helper throttling You can activate throttling in the SNMP Helper. Activating throttling increases the delay between Network Manager SNMP requests to a network device. This decreases the load on the network device. By default, throttling is switched off in the SNMP Helper. About SNMP Helper throttling Throttling the SNMP Helper establishes a delay between SNMP requests sent by the SNMP Helper using a formula that uses the GeneralSlowdown, GetNextBoundary, and GetNextSlowdown parameters. Here is how the SNMP Helper sends requests without throttling (default) and with throttling: v When throttling is inactivate, then SNMP GetNext operations work as follows: the SNMP Helper sends the first SNMP Get request and once Network Manager obtains a response then the SNMP Helper immediately sends the GetNext request. v When throttling is activated, a delay is introduced between GetNext requests. The delay can be a shorter, generally defined delay or a longer delay. The system keeps track of the number of GetNext requests being sent to a network device and once that number exceeds a certain value, then the longer delay is applied; otherwise the shorter delay is applied. The system uses the GeneralSlowdown, GetNextBoundary, and GetNextSlowdown parameters defined in the snmpStack.accessParameters database table to determine which delay to apply. For more information on the snmpStack.accessParameters database table, see the IBM Tivoli Network Manager IP Edition Discovery Guide. Activating SNMP Helper throttling You can activate SNMP Helper throttling. To activate SNMP Helper throttling, perform the following steps: 1. Edit the following configuration file: NCHOME/etc/precision/ NcPollerSchema.cfg. Note: You can make the NcPollerSchema.cfg file domain specific by copying it to NCHOME/etc/precision/NcPollerSchema.DOMAIN_NAME.cfg, where DOMAIN_NAME is the name of the domain. 2. Add the following line at the end of the file: update config.properties set EnableThrottling = 1; 3. Save the file NCHOME/etc/precision/NcPollerSchema.cfg. 4. Activate the changes by performing one or both of the following: Chapter 4. Configuring 297 v Start or schedule a new full discovery. Discovery will now make use of throttling. v Restart the Polling engine, ncp_poller, with the -readsnmpconfig command-line option specified. Configuring GetBulk support for SNMP v2 and v3 You can configure the SNMP Helper to use the GetBulk operation when SNMP v2 or v3 is used. Use of the GetBulk operation improves discovery speed and polling efficiency. By default, the SNMP helper does not use GetBulk. About GetBulk The SNMP v2 and SNMP v3 GetBulk command enables more efficient data transfer. When the SNMP Helper is enabled to use GetBulk, this decreases the time taken for the discovery data collection phases. Use of GetBulk also increases polling efficiency. Configuring the SNMP Helper to use GetBulk reduces the resource footprint of Network Manager in the following ways: v It reduces the impact on management network because fewer SNMP packets are exchanged. v It reduces the impact on managed devices because fewer SNMP packets are processed. v It reduces the CPU time required by the Network Manager processes such as the Discovery engine, ncp_disco, and the Polling engine, ncp_poller, due to reduced overheads. Use of GetBulk decreases the time taken for the discovery data collection phases as a large percentage of the time required for data collection is taken up waiting for packets to traverse the network. This significantly reduces the time taken to collect data for large tables, such as interface and routing tables. Configuring Network Manager to use GetBulk You can configure the SNMP Helper to use GetBulk. You can also exclude specific devices from GetBulk support. If you configure the SNMP Helper to use GetBulk, then this will apply to all pollers in the current domain. The SNMP Helper will also use GetBulk for all devices in the domain accessed using SNMP v2 or SNMP v3, unless you exclude specific devices as described in the following steps. Note: When GetBulk is enabled, then for each GetBulk-capable device, a GetBulk request is always sent instead of a GetNext request. To configure the SNMP Helper to use GetBulk, perform the following steps. 1. Edit the following configuration file: NCHOME/etc/precision/ NcPollerSchema.cfg. Note: You can make the NcPollerSchema.cfg file domain specific by copying it to NCHOME/etc/precision/NcPollerSchema.DOMAIN_NAME.cfg, where DOMAIN_NAME is the name of the domain. 2. Find the insert into the config.properties database and set the value for the UseGetBulk property to 1. 3. Save the file NCHOME/etc/precision/NcPollerSchema.cfg. 298 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide 4. Optional: If you have network devices that do not support GetBulk, then you can exclude these network devices on a device-by-device basis by performing the following steps: a. Edit the following configuration file: NCHOME/etc/precision/ SnmpStackSecurityInfo.cfg. Note: You can make the SnmpStackSecurityInfo.cfg file domain-specific by copying it to NCHOME/etc/precision/ SnmpStackSecurityInfo.DOMAIN_NAME.cfg, where DOMAIN_NAME is the name of the domain. b. For each device that you want to exclude from GetBulk support, add an insert into the SnmpStackSecurityInfo.cfg configuration file, similar to the following example. The following example insert excludes the device 10.0.13.74 from GetBulk support. insert into snmpStack.accessParameters ( m_NetAddress, m_UseGetBulk ) values ( ’10.0.13.74’, 0 ); c. Once you have added inserts for each of the devices to exclude, save the file NCHOME/etc/precision/ SnmpStackSecurityInfo.cfg. 5. Activate the changes by performing one or both of the following: v Start or schedule a new full discovery. Discovery will now make use of GetBulk. v Restart the Polling engine, ncp_poller, with the -readsnmpconfig command-line option specified. Configuring maximum number of repetitions for GetBulk requests The GetBulk command is used to retrieve all the rows of a table from a network resource, for example, to retrieve all the rows in a routing table from a router. The max-repetitions parameter indicates how many rows of the table are to be retrieved in a single GetBulk operation. You can adjust the GetBulk configuration settings to minimize the number of packets exchanged as part of the GetBulk operation. The SNMP Helper determines the value of the maximum number of repetitions for GetBulk requests (the max-repetitions parameter) based on the following calculation: max-repetitions = DefaultGetBulkMaxReps / #varbinds Where: v The DefaultGetBulkMaxReps property is defined in the $NCHOME/etc/precision/ NcPollerSchema.cfg file. The default value is 20. This property defines the number assigned to the max-repetitions field in GetBulk requests issued by Network Manager processes. The value 20 is used when the GetBulk request contains a single varbind. If multiple varbinds are included, then the value is adjusted accordingly (divided by the number of varbinds), so that responses always contain a similar number of varbinds. v #varbinds is the number of variable bindings being requested. In the SNMP Helper, this value is usually 1. However, the value can vary depending on where the SNMP Helper is being deployed and on the following factors: – In the Discovery engine, ncp_disco, the #varbinds value can vary depending on the code in the discovery agent. Chapter 4. Configuring 299 – In the Polling engine, ncp_poller, the #varbinds value can vary depending on which MIB objects are included in the poll definition. 1. Edit the following configuration file: $NCHOME/etc/precision/ NcPollerSchema.cfg. 2. 3. 4. 5. Note: You can make the NcPollerSchema.cfg file domain specific by copying it to $NCHOME/etc/precision/NcPollerSchema.DOMAIN_NAME.cfg, where DOMAIN_NAME is the name of the domain. Find the line that defines the value of the DefaultGetBulkMaxReps property. Change the value assignment for the DefaultGetBulkMaxReps property. Save the file $NCHOME/etc/precision/NcPollerSchema.cfg. Restart the Polling engine, ncp_poller to activate the configuration changes. Configuring SSO between Charting and Tivoli Monitoring The instructions below describe how to configure IBM Tivoli Monitoring and Charting for single sign on (SSO) using the ITMWebService. At the bottom are also instructions for how to configure Tivoli Integrated Portal to communicate with a remote Tivoli Monitoring Web Service, which only works in an SSO environment. v Install Tivoli Monitoring 6.2.2. You must configure Tivoli Monitoring Tivoli Enterprise Portal Server to use LDAP and SSO during the configuration step. Refer to Tivoli Monitoring documentation, but essentially you need to do the following: – During the Tivoli Enterprise Portal Server configuration, check the LDAP and SSO check boxes. Enter the information to connect to LDAP. – When the SSO configuration is displayed, enter TIPRealm for the realm name and your network domain for your domain name (for example, raleigh.ibm.com). – Export the LTPA keys to disk. For more information, see: http://publib.boulder.ibm.com/infocenter/wasinfo/v7r0/topic/ com.ibm.websphere.express.doc/info/exp/ae/tsec_altpaexp.html. – Take a note of the password. – Copy the \ibm\itm\cnps\sqllib\kfwtipewas.properties file to the \ibm\itm\cnps directory and run reconfigure for the Tivoli Enterprise Portal Server. Once the reconfigure is complete, the web service feature is activated. v Install and configure Tivoli Integrated Portal to include the charting component. To configure SSO for the charting component and Tivoli Monitoring: 1. Configure Lightweight Directory Access Protocol (LDAP) security in Tivoli Integrated Portal: a. Add and configure an LDAP repository. b. Configure Tivoli Integrated Portal to allow you to manage LDAP users in the portal. 2. Configure Tivoli Integrated Portal for SSO. Make sure both Tivoli Monitoring and the embedded application server for Tivoli Integrated Portal use the same LTPA keys (import the LTPA keys you exported from Tivoli Monitoring), Realm names, and exchange SSL certificates. For more information, see: http://publib.boulder.ibm.com/infocenter/wasinfo/v7r0/topic/ com.ibm.websphere.express.doc/info/exp/ae/tsec_altpaimp.html 3. On the Tivoli Integrated Portal Server, change to tip_home_dir/profiles/ TIPProfile/bin and run the following command to configure Tivoli Integrated Portal to use SSO when communication with Tivoli Monitoring: 300 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Linux UNIX tipcli.sh ITMLogin -hostname <TEPS_hostname> -port 1920 4. Stop and restart the Tivoli Integrated Portal Server: a. In the TIPHOME/profiles/TIPProfile/bin directory, depending on your operating system, enter one of the following commands: v UNIX Linux stopServer.sh server1 Note: On UNIX and Linux systems, you are prompted to provide an administrator username and password. b. In the TIPHOME/profiles/TIPProfile/bin directory, depending on your operating system, enter one of the following commands: UNIX Linux startServer.sh server1 v 5. Create the users in Tivoli Integrated Portal and assign them to a role that has privileges to view the charts from Tivoli Monitoring, such as chartAdministrator. 6. Associate the same users that you created with a Tivoli Enterprise Portal user. a. Log into the Tivoli Enterprise Portal and associate that same user from LDAP with a Tivoli Enterprise Portal user. b. In Tivoli Enterprise Portal, select Edit --> Manage Users. c. Click the button to create a new user and enterr the user ID and user name. To be consistent, you can use the same user ID as in Tivoli Integrated Portal. d. Enter the distinguised name. You can get this from the Tivoli Integrated Portal Manage Users panel. You may be able to find it using the Find button in the Tivoli Enterprise Portal. If you do not locate it with the Find button, copy and paste it from the Tivoli Integrated Portal Manage Users panel. It should look like this: uid=userID,o=IBM,c=US e. Give the user Workspace Administration Mode permission. Note: When you log into the Tivoli Integrated Portal, you cannot use sysadmin which is the default Tivoli Monitoring user or tipadmin which is the default Tivoli Integrated Portal user because neither of these users are in stored in the LDAP. 7. When you have finished, follow these steps to test the configuration: a. Log into he Tivoli Integrated Portal as one of the users that you created with chart access. b. Create a new page using Settings > Page Management > New Page. c. Select the Charting portlet and click OK. d. Give the page a name and save it. e. Navigate to the charting portlet and select Tivoli Charts. f. In the table toolbar, click New to create a new connection and provide the necessary information to connect to the remote Tivoli Monitoring web service and click OK. For example: v Name: ITM v Protocol: http. This can be later changed to https if required but for testing purposes http is sufficient. v Hostname: TEPS_server_name.raleigh.ibm.com. This is the hostname of the Tivoli Enterprise Portal server, for example, tiv-isc09.ibm.com. v Port: 15200. If you use https, the default port is 15201. Chapter 4. Configuring 301 v Service name: TIPWebServiceHttpRouter. g. Select one of these groups. It will populate the table with the charts and tables from that Tivoli Monitoring workspace. h. Select a chart and click Finish. The chart is imported, which can take some time initially. When processing is complete, the chart is rendered in the portlet. If you do not see the chart, review any error messages and make sure you followed these steps correctly. Related tasks: “Configuring single sign-on” on page 195 Use these instructions to establish single sign-on support and configure a federated repository. The IBM Support Assistant (ISA) The IBM Support Assistant is a tool which helps you to search and find product support and education information. If a Problem Management Record (PMR) needs to be opened, IBM Support Assistant can save you time by automatically gathering support information. The IBM Support Assistant provides the following services: v Improved access to IBM support information, IBM newsgroups, and other resources through a federated search interface (one search across multiple resources) v Easy access to IBM educational materials and product education roadmaps v Easy access to IBM product home pages, product support pages, and product forums or newsgroups through convenient links v Improved PMR time to resolution by collecting key system information and sending the data to IBM through electronic creation of a PMR A Network Manager plug-in is available for the IBM Support Assistant. The plug-in is needed by the IBM Support Assistant so that it can diagnose Network Manager problems. For more information about the IBM Support Assistant, refer to the following IBM Web site: http://www.ibm.com/software/support/isa Installing the IBM Support Assistant Lite collector The IBM Support Assistant (ISA) Lite collector for Network Manager provides automated data collection on systems where Network Manager is installed. It can collect the information about logs, rules files, configuration data, and so on. To install the ISA Lite collector, perform the following steps: 1. Install Network Manager. 2. Open the following technote: http://www.ibm.com/support/ docview.wss?uid=swg27010612 3. Follow the steps in the technote to set up and use the ISA Lite collector for Network Manager. 302 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Appendix. Network Manager glossary Use this information to understand terminology relevant to the Network Manager product. The following list provides explanations for Network Manager terminology. AOC files Files used by the Active Object Class manager, ncp_class to classify network devices following a discovery. Device classification is defined in AOC files by using a set of filters on the object ID and other device MIB parameters. active object class (AOC) An element in the predefined hierarchical topology of network devices used by the Active Object Class manager, ncp_class, to classify discovered devices following a discovery. agent See, discovery agent. bookmark See, network view bookmark. class hierarchy Predefined hierarchical topology of network devices used by the Active Object Class manager, ncp_class, to classify discovered devices following a discovery. configuration files Each Network Manager process has one or more configuration files used to control process behaviour by setting values in the process databases. Configuration files can also be made domain-specific. discovery agent Piece of code that runs during a discovery and retrieves detailed information from discovered devices. Discovery Configuration GUI GUI used to configure discovery parameters. Discovery engine (ncp_disco) Network Manager process that performs network discovery. discovery phase A network discovery is divided into four phases: Interrogating devices, Resolving addresses, Downloading connections, and Correlating connectivity. discovery seed One or more devices from which the discovery starts. discovery scope The boundaries of a discovery, expressed as one or more subnets and netmasks. Discovery Status GUI GUI used to launch and monitor a running discovery. discovery stitcher Piece of code used during the discovery process. There are various © Copyright IBM Corp. 2006, 2013 303 discovery stitchers, and they can be grouped into two types: data collection stitchers, which transfer data between databases during the data collection phases of a discovery, and data processing stitchers, which build the network topology during the data processing phase. dNCIM database The dNCIM is a relational database embedded into the Discovery engine, ncp_disco, and it stores the containment model that is derived from the fullTopology database (and created by stitchers). This is the version of the topology that is sent to the Topology manager, ncp_model. The dNCIM database performs the same function as the scratchTopology database did in previous versions of Network Manager. domain See, network domain. entity A topology database concept. All devices and device components discovered by Network Manager are entities. Also device collections such as VPNs and VLANs, as well as pieces of topology that form a complex connection, are entities. event enrichment The process of adding topology information to the event. Event Gateway (ncp_g_event) Network Manager process that performs event enrichment. Event Gateway stitcher Stitchers that perform topology lookup as part of the event enrichment process. failover In your Network Manager environment, a failover architecture can be used to configure your system for high availability, minimizing the impact of computer or network failure. Failover plug-in Receives Network Manager health check events from the Event Gateway and passes these events to the Virtual Domain process, which decides whether or not to initiate failover based on the event. Fault Finding View Composite GUI view consisting of an Active Event List (AEL) portlet above and a Network Hop View portlet below. Use the Fault Finding View to monitor network events. full discovery A discovery run with a large scope, intended to discover all of the network devices that you want to manage. Full discoveries are usually just called discoveries, unless they are being contrasted with partial discoveries. See also, partial discovery. message broker Component that manages communication between Network Manager processes. The message broker used byNetwork Manager is called Really Small Message Broker. To ensure correct operation of Network Manager, Really Small Message Broker must be running at all times. NCIM database Relational database that stores topology data, as well as administrative data such as data associated with poll policies and definitions, and performance data from devices. 304 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide ncp_disco See, Discovery engine. ncp_g_event See, Event Gateway. ncp_model See, Topology manager. ncp_poller See, Polling engine. network domain A collection of network entities to be discovered and managed. A single Network Manager installation can manage multiple network domains. Network Health View Composite GUI view consisting of a Network Views portlet above and an Active Event List (AEL) portlet below. Use the Network Health View to display events on network devices. Network Hop View Network visualization GUI. Use the Network Hop View to search the network for a specific device and display a specified network device. You can also use the Network Hop View as a starting point for network troubleshooting. Formerly known as the Hop View. Network Polling GUI Administrator GUI. Enables definition of poll policies and poll definitions. Network Views Network visualization GUI that shows hierarchically organized views of a discovered network. Use the Network Views to view the results of a discovery and to troubleshoot network problems. network view bookmark Network view bookmarks group together just those network views that you or your team need to monitor. Create new bookmarks or change existing bookmarks to help network operators visualize just those devices that they need to monitor. OQL databases Network Manager processes store configuration, management and operational information in OQL databases. OQL language Version of the Structured Query Language (SQL) that has been designed for use in Network Manager. Network Manager processes create and interact with their databases using OQL. partial discovery A subsequent rediscovery of a section of the previously discovered network. The section of the network is usually defined using a discovery scope consisting of either an address range, a single device, or a group of devices. A partial discovery relies on the results of the last full discovery, and can only be run if the Discovery engine, ncp_disco, has not been stopped since the last full discovery. See also, full discovery. Path Views Network visualization GUI that displays devices and links that make up a Appendix. Network Manager glossary 305 network path between two selected devices. Create new path views or change existing path views to help network operators visualize network paths. performance data Performance data can be gathered using performance reports. These reports allow you to view any historical performance data that has been collected by the monitoring system for diagnostic purposes. Polling engine (ncp_poller) Network Manager process that polls target devices and interfaces. The Polling engine also collects performance data from polled devices. poll definition Defines how to poll a network device or interface and further filter the target devices or interfaces. poll policy Defines which devices to poll. Also defines other attributes of a poll such as poll frequency. Probe for Tivoli Netcool/OMNIbus (nco_p_ncpmonitor) Acquires and processes the events that are generated by Network Manager polls and processes, and forwards these events to the ObjectServer. RCA plug-in Based on data in the event and based on the discovered topology, attempts to identify events that are caused by or cause other events using rules coded in RCA stitchers. RCA stitcher Stitchers that process a trigger event as it passes through the RCA plug-in. root-cause analysis (RCA) The process of determining the root cause of one or more device alerts. SNMP MIB Browser GUI that retrieves MIB variable information from network devices to support diagnosis of network problems. SNMP MIB Grapher GUI that displays a real-time graph of MIB variables for a device and usse the graph for fault analysis and resolution of network problems. stitcher Code used in the following processes: discovery, event enrichment, and root-cause analysis. See also, discovery stitcher, Event Gateway stitcher, and RCA stitcher. Structure Browser GUI that enables you to investigate the health of device components in order to isolate faults within a network device. Topology Manager (ncp_model) Stores the topology data following a discovery and sends the topology data to the NCIM topology database where it can be queried using SQL. WebTools Specialized data retrieval tools that retrieve data from network devices and can be launched from the network visualization GUIs, Network Views and Network Hop View, or by specifying a URL in a web browser. 306 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Notices This information applies to the PDF documentation set for IBM Tivoli Network Manager IP Edition. This information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not grant you any license to these patents. You can send license inquiries, in writing, to: IBM Director of Licensing IBM Corporation North Castle Drive Armonk, NY 10504-1785 U.S.A. For license inquiries regarding double-byte character set (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to: Intellectual Property Licensing Legal and Intellectual Property Law IBM Japan, Ltd. 19-21, Nihonbashi-Hakozakicho, Chuo-ku Tokyo 103-8510, Japan The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web © Copyright IBM Corp. 2006, 2013 307 sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk. IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you. Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact: IBM Corporation 958/NH04 IBM Centre, St Leonards 601 Pacific Hwy St Leonards, NSW, 2069 Australia IBM Corporation 896471/H128B 76 Upper Ground London SE1 9PZ United Kingdom IBM Corporation JBF1/SOM1 294 Route 100 Somers, NY, 10589-0100 United States of America Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee. The licensed program described in this document and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement or any equivalent agreement between us. Any performance data contained herein was determined in a controlled environment. Therefore, the results obtained in other operating environments may vary significantly. Some measurements may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurements may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment. Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the 308 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. COPYRIGHT LICENSE: This information contains sample application programs in source language, which illustrate programming techniques on various operating platforms. You may copy, modify, and distribute these sample programs in any form without payment to IBM, for the purposes of developing, using, marketing or distributing application programs conforming to the application programming interface for the operating platform for which the sample programs are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of these programs. Trademarks The terms in Table 51 are trademarks of International Business Machines Corporation in the United States, other countries, or both: Table 51. IBM trademarks AIX Informix BNT ClearQuest iSeries ® Lotus ® ® RDN solidDB System p Cognos Netcool System z® DB2 NetView Tivoli DB2 Universal Database Notes WebSphere developerWorks OMEGAMON z/OS® DS8000 PowerPC z/VM® Enterprise Storage Server PowerVM® zSeries IBM PR/SM™ Intel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. Java and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates. Notices 309 Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. UNIX is a registered trademark of The Open Group in the United States and other countries. Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. Privacy policy considerations IBM Software products, including software as a service solutions, ("Software Offerings") may use cookies or other technologies to collect product usage information, to help improve the end user experience, to tailor interactions with the end user or for other purposes. In many cases no personally identifiable information is collected by the Software Offerings. Some of our Software Offerings can help enable you to collect personally identifiable information. If this Software Offering uses cookies to collect personally identifiable information, specific information about this offering's use of cookies is set forth below. This Software Offering may collect IP addresses, user names and passwords for the purpose of performing network discovery. Failure to enable the collection of this information would likely eliminate important functionality provided by this Software Offering. You as customer should seek your own legal advice about any laws applicable to such data collection, including any requirements for notice and consent. For more information about the use of various technologies, including cookies, for these purposes, See IBM's Privacy Policy at http://www.ibm.com/privacy and IBM's Online Privacy Statement at http://www.ibm.com/privacy/details the section entitled "Cookies, Web Beacons and Other Technologies" and the "IBM Software Products and Software-as-a-Service Privacy Statement" at http://www.ibm.com/software/info/product-privacy. 310 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Index Numerics 3.8 visualization mode switching back to 236 A about DNCIM 39 accessibility ix activating SNMP Helper throttling 297 AEL configuring default view 236 configuring topology event types troubleshooting 236 alert status associated with a device configuring display of 226 alert status settings 233 alerts.status table fields used for Network Manager 172 application server FIPS enablement 198 architecture failover 247 large deployment 17 simple deployment 15 audience v 155 B base charting bidirectional browsers supported supported BSM_Identity 38 190 for installer launchpad 36 for Web applications 34 token 194 C charting SSO and ITM 300 class types assigning icons for 223 classes assigning icons for 222 cloning 143 Common Data Model (CDM) 179 compatibility 31 ConfigItnm.cfg file 270 ConfigOMNI options 43 configuring GetBulk for SNMP v2 and v3 298 JRE for FIPS 140-2 157 maximum number of repetitions for GetBulk requests 299 Network Manager to use GetBulk 298 probes 158 © Copyright IBM Corp. 2006, 2013 configuring (continued) SNMP Helper 297 SNMP Helper throttling 297 topology map appearance 225 topology map updates 225 configuring automation for SAEs 152 configuring existing DB2 217 configuring reports 239 configuring VMM 200 contextual launch 190 conventions, typeface xi copying existing installation 143 customization data importing 119 D data source changing, Web GUI 154 data sources NCIM database 155 network topology 155 database additional fields, Tivoli Netcool/OMNIbus 156 database setup 44 DB2 on UNIX 44 databases topology data 32 DB2 configuring 216 configuring connection to existing instance 217 root and non-root 216 DB2 HADR configuring Network Manager to work with 274 deployment domain requirements 20 large, architecture 17 simple architecture 15 Deployment Engine managing 90 DES 293 devices highlighting manually added 235 Juniper PE 292 directory installation requirements 37 directory structure default 289 discovery bandwidth requirements 29 memory requirements 29 discovery data accessing from dNCIM 212 Discovery Library Adapter configuration 191, 192, 193 network edge data 189 running 184 Discovery Library Adapter (DLA) configuration 180 default installation location 179 prerequisites 179 Discovery Library book 184 disk space events and interfaces 28 DLA fine-tuning data export 185 DLA properties for filtered view 188 dNCIM accessing discovery data from 212 DNCIM 39 DNS prerequisites 36 domains additional 294 multiple per ObjectServer 22 partition 20 single per ObjectServer 21 viewing multiple 23 E education see Tivoli technical training ix entity types assigning icons for 222 environment variables 288 environment variables, notation xi event categories 159 event fields 169 events filtering unmanaged devices 238 health check 254 health check problem 255 health check resolution 255 network 160 status information 161 tagging unmanaged devices 239 unmanaged devices 238 existing DB2 setup 217 exporting discovery data 179 exporting GUI customization data 115 extra information associated with a device configuring display of 226 F failover architectures 244 configuring ConfigItnm.cfg file 270 configuring health check parameters 277 configuring Network Manager 270 configuring Network Manager to work with DB2 HADR 274 311 failover (continued) configuring ObjectServers 263, 264 configuring process dependencies 278 configuring Tivoli Integrated Portal servers 261 failing back 257 failing over 257 fixed port for TCP connections 272 health check events 254 health check problem events 255 health check resolution events 255 Network Manager architecture 247 ObjectServer 245 ObjectServer pair connection 262, 266 overview 241 restrictions 261 server allocation 251 TCP connection 272 Tivoli Netcool/OMNIbus configuration files 247 tracking 279 virtual domains 247 Web GUI 251, 267 federated repositories VMM for ObjectServer 200 field mappings Network Manager to alerts.status 172 filtered network view for edge of network 187 filtered views 155 FIPS 140-2 installation 51 legacy devices. support 293 non-compliant algorithms 293 FIPS 140-2 configuration 157 FIPS support 198 fix pack installation 96 G GetBulk about 298 configuring for SNMP v2 and v3 298 configuring for use by SNMP Helper 298 GetBulk requests configuring maximum number of repetitions 299 glossary 303 H handling multibyte characters 47 health check events 254 configuring parameters 277 health check problem events 255 health check resolution events 255 HTTP and HTTPS 196 I IBM Support Assistant 312 302 IBM Support Assistant Lite installation 302 IBM Systems Director adapter logging 209 connection properties 205 database configuration 206 download 203 install 203 optional adapter settings 208 properties file 204 running adapter 210 SSL certificate 204 troubleshooting 211 IBM Systems Director overview 202 IBM Tivoli Application Dependency Discovery Manager access parameters 180 configuration NCIM database 193 properties file 180 GUIs Network Manager context menus 192 TADDM UI 191 Information Center 179 prerequisites 179 IBM Tivoli Change and Configuration Management Database Information Center 179 integration with Network Manager 179 prerequisites 179 IBM Tivoli Monitoring installation 201 IBM Tivoli Netcool/OMNIbus Knowledge Library installing 159 icons assigning by class 219 assigning to class types 223 assigning to classes 222 assigning to entity types 222 changing, alert severity 231 IdML 179 importing customization data 119 installation bandwidth, discovery process 29 basic, values 52 browsers for installer launchpad 36 browsers for Web applications 34 configure auto start 215 console mode 72 core components installation requirements 26 custom, values 56 database setup 44 DB2 database, UNIX 44 default and custom 50 deployment engine failure after upgrade 92 directory 37 disk space, events and interfaces 28 distributed deployment 14 errors 91 failover, server allocation 251 failure after DE upgrade 92 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide installation (continued) file, uncompressing 48 FIPS 140-2 51 fix pack 96 for single sign-on 195 GUI components 27 hardware, core components 26 hardware, topology database 27 harmless messages 91 IBM Support Assistant 302 IBM Support Assistant Lite 302 IBM Tivoli Monitoring 201 launchpad 51 log files 91 logs 84 memory, discovery process 29 non-root user, additional configuration 214 operating system tools 36 operating systems 32 order of components 14 prerequisite check 48 processor requirements 25 requirements for installer 25 root user, additional configuration 214 root/non-root user, UNIX 213 silent mode 73 silent mode, parameters 75 software requirements, other products 30 supported topology databases 32 swap space 28 Tivoli Integrated Portal 27 topology database installation requirements 27 topology database setup 44 troubleshooting console mode error 89 dependency error messages 89 disk space 89 installation errors 91 root/non-root users 89 uninstalling overview 93 UNIX user restrictions 37 upgrading 110 wizard 51 installation prerequisites DNS 36 installation requirements file handles 38 installing IBM Tivoli Netcool/OMNIbus Knowledge Library 159 postinstallation tasks 81 preinstallation tasks 41 configuring OMNIbus 41 probes 158 Tivoli Common Reporting 47 upgrading polling files 128 integrating with Netcool Configuration Manager 179 integration 31, 151 Netcool/OMNIbus 151 additional database fields 156 J JRE configuration FIPS 140-2 157 Juniper PE device configuration 292 K Knowledge Library 159 L launchpad supported browsers 36 legacy devices FIPS 140-2 293 legacy V3.8 visualization mode switching back to 236 lines appearance of in topology maps 225 Linux disable SELinux 49 loading Discovery Library into TADDM 190 loading MIB information 237 log TIPProfile_create 86 log files 87 login configure for HTTP and HTTPS 196 M maintenance state associated with a device configuring display of 226 manually added devices highlighting 235 manuals vi maximum number of repetitions for GetBulk requests configuring 299 MD5 293 MIB information how to load new information 237 updating with ncp_mib 237 migrating 111, 138 copying same version 143 core configuration settings 122 DLA properties 127 event enrichment and correlation 128 exporting GUI customization data 115 GUI configuration settings 132 reports, 3.8 132 topology database customizations 117 migrating Cognos content store to DB2 240 multibyte characters handling in the NCIM database 47 N NCHOME NCIM database handling multibyte characters 47 NCIM topology database overview of high availability method for 242 nco_p_ncpmonitor probe for TBSM 194 ncp_mib loading 237 ncp_oql authentication configuring for OQL Service Provider 296 configuring authentication 296 configuring authentication for OQL Service Provider 296 Netcool Configuration Manager 179 network domains additional 294 network edge identification 186 network events 160 Network Manager event categories 159 Network Manager event fields 169 Network Manager glossary 303 Network Manager to alerts.status mappings 172 network maps appearance of nodes and lines 225 network views 229 nodes appearance of in topology maps 225 number of repetitions for GetBulk requests configuring maximum 299 O Objectserver multitier 152 SEA 152 ObjectServer 200 aggregation 21 collection 21 failover 245 multiple domains 22 single domain 21 viewing multiple domains 23 virtual pair 245 OMNIbus probes 158 online publications vi operating system tools 36 operating systems installation 32 OQL Service Provider configuring authentication 296 ordering publications vi overlay icon for manually added devices 235 P partition domains 20 password encryption 196 permissions root/non-root, UNIX 213 poll Juniper Remote Ping 292 position of nodes 229 postinstallation 81 prerequisite automated check 48 Probe for Tivoli Netcool/OMNIbus configuring 165 properties file 166 rules file 166 probes configuring 158 installing 158 processes events generated 161 publications vi R rediscovery 229 registry default security 200 removing reporting 93 reports 93 repetitions for GetBulk requests configuring maximum number 299 reporting migrate Cognos content store to DB2 240 reports configuring 239 rules file processing example 167 S SAE configuring automation for 152 scripts ConfigOMNI 43 security default registry 200 vault key 196 service x service management connect x service-affected events configuring automation for 152 settings in the status.properties file 233 silent mode creating file with launchpad 74 editing sample file 75 example parameters 73 installation 73 response file parameters 75 single sign-on 195 configuring 195 SMC x SNMP Helper activating throttling 297 configuring 297 configuring throttling 297 configuring to use GetBulk 298 288 Index 313 SNMP v2 and v3 configuring GetBulk 298 SSL certificate 204 status information events 161 status.properties settings 233 support x IBM Support Assistant 302 support information x swap space, requirements 28 switching to legacy V3.8 topology visualization mode 236 T TBSM events 194 TCP connection Virtual Domain 272 throttling activating on SNMP Helper 297 TIPHOME 288 TIPProfile_create.log 86 Tivoli Common Reporting 47 Tivoli Integrated Portal configuration 195 installation requirements 27 Tivoli Netcool/OMNIbus additional database fields 156 configuration 151 UNIX 157 Tivoli Netcool/OMNIbus probes 158 Tivoli software information center vi Tivoli technical training ix topology database setup 44 topology map appearance configuring 225 topology map updates configuring 225 topology maps appearance of nodes and lines 225 topology views configuring default type 155 topology visualization switching to legacy V3.8 mode 236 topoviz.node.freezeold 229 topoviz.node.new.placement 229 topoviz.node.new.spacing.horizontal 229 topoviz.node.new.spacing.vertical 229 tracking failover 279 training, Tivoli technical ix troubleshooting console mode error 89 default ports 88 dependency error messages 89 disk space 89 root/non-root users 89 troubleshooting installation 84 typeface conventions xi uninstalling (continued) reports 93 UNIX DB2 database 44 directory requirements 37 root/non-root permissions 213 root/non-root user installation 213 user restrictions, installation 37 unset DISPLAY 89 upgrade logs 147 upgrading 111, 138 exporting core customization data 114 exporting customization GUI data 115 importing customization data 119 importing GUI customization data 130 installation 110 preparing for 112 user registry default 200 V V3.8 visualization mode switching back to 236 VACM access for Juniper Remote Ping poll 292 variables, notation for xi vault key file 196 viewing edge of network 187 visualization switching to legacy V3.8 mode 236 VMM for ObjectServer 200 W Web GUI data source failover 251, 267 Windows directory requirements 37 U uninstalling on UNIX 93 overview 93 reporting 93 314 IBM Tivoli Network Manager IP Edition: Installation and Configuration Guide Printed in the Republic of Ireland
advertisement
Key Features
- Network Discovery
- Device Monitoring
- Topology Visualization
- Root Cause Analysis
- Customizable Configuration
- Extensive Reporting
- Integration with other IBM products
- Failover Capabilities
- Network Domain Management
Frequently Answers and Questions
What are the hardware requirements for installing IBM Network Manager IP Edition?
The hardware requirements for IBM Network Manager IP Edition depend on the size and complexity of your network. The guide provides detailed information on processor selection guidelines, memory requirements, and disk space recommendations for events, interfaces, and swap space. It also outlines the required bandwidth for discovery and the memory needed for discovery operations.
What software is required for IBM Network Manager IP Edition?
The guide outlines the specific software requirements for IBM Network Manager IP Edition, including the supported topology databases, operating systems, web browsers for both the installer and web applications, and necessary operating system tools. It also discusses the required Domain Name Service (DNS) settings and any restrictions that may apply to UNIX users.
How do I configure the integration of IBM Network Manager IP Edition with other IBM products?
The guide provides detailed steps on configuring integrations with other IBM products such as Tivoli Netcool/OMNIbus, Netcool Configuration Manager, Tivoli Integrated Portal, IBM Tivoli Monitoring and IBM System Director. It also explains how to access discovery data from dNCIM.