IBM: Test 898: IBM Tivoli Provisioning Manager V5.1 Implementation

Professional Certification
About the program
About the member site
Certifications
	By product
	Test information
	Updates and revisions
Policy
Process
News
Contact

Related links
	Member site sign in
	Mastery tests
	Training
	Linux certification
	Business Partner Training and certification
	IBM Press
	CEIS

Professional certification

Certifications

Test information

	Test 898: IBM Tivoli Provisioning Manager V5.1 Implementation

Overview

Objectives

Test Preparation

Section 1 - Planning

Given the need to review customer’s network environment, determine the placement of IBM Tivoli Provisioning Manager V5.1 (TPM) depots, so that the software deployment management infrastructure can be determined.

Study the customer’s network diagram and interview the network operational personnel.
Document the network locations and devices which need ‘service’ from the management servers.
Document the network bandwidth and connectivity from the management servers to the managed devices.
Determine the managed devices which have low bandwidth connectivity from the management servers.
Determine the strategic placement for TPM Depots in locations which have a low bandwidth connectivity.
The number of depots required depends on the following factors:

Given the need to determine firewall requirements and communication ports, define the communication protocols and services to be used, so that firewall communication ports are determined.

Determine the communication protocols and services to be used between the management servers and the managed devices.

Common Agent Services requires ports 9511, 9512 and 9513 to be opened for traffic from management servers to managed devices.
SMB requires port 139 to be opened for traffic from management servers to managed devices.
SNMP requires port 161, to be opened for traffic from management servers to managed devices.
SSH requires port 22 to be opened for traffic from management servers to managed devices.
DHCP requires port 67 to be opened for traffic from managed devices to management servers and port 68 from management servers to managed devices.
Web Client requires ports 9045 and 9046 to be opened for traffic from management servers to managed devices.
Boot Server operation requires ports 69, 4011, 4012, 4015 and 4025 to be opened for traffic from managed devices to management servers and ports 8500 and 10000 from management servers to managed devices. Some of these ports can be re-configured for a different address.

Given the need to deploy TPM V5.1, determine TPM architecture to deploy , so that the design decision for the TPM topology and architecture have been determined.

One node installations for TPM 5.1 on windows with ITDS, Solaris 9 with DB2, Linux, AIX, and TPM Fast Start.
Two node installations for TPM 5.1 on windows with Active Directory and Solaris 10 with Oracle.
What is the standard / required architecture for the site TPM is being deployed in.
What are the standard / required operating system platforms in the site.
How large of an infrastructure will it support. How large will the database need to be.
Existing infrastructure that could be utilized in the deployment. Existing databases, active Directory or LDAP environments.
Is hardware readily available that meets the TPM hardware requirements and your capacity specifications.

Given a documented environment, determine the software management topology so that application software can be provisioned to all necessary targets.

Identify problem areas in the environment: firewalls, slow links, roaming users.
Determine which TPM software provisioning technologies will be needed: SPB, Automation Packages, shared workflow.

Given the technologies chosen, determine management protocols/technologies (TCA, SSH, RXA).

Determine the location of depots, proxies, and file repositories for the environment.

Given the need to plan for a TPM V5.1 installation, determine the installation requirements, so that the TPM V5.1 installation can be planned.

Document the software products that need to be deployed. For each software product, gather the following requirements.
Determine the format to store the binaries (zip or tar or msi etc.) of each software module.
Determine the file repository to house the software binaries. For each module, document the name and the path on the file repository where the binaries are stored.
Determine and document the configuration parameters required for deploying the software module. These parameters will be used to build the software configuration templates in TPM.
Determine and document the existing scripts or any other existing automation to deploy each of the software module. This will assist in building workflows for software deployment.
Determine and document the operating systems that the software product needs to be installed on.

Given the need to perform bare metal installation or machine OS refresh in a Linux/Windows x86 environment, verify the environment (both server and targets) is compatible with Rembo, so that the enterprise will be ready to deploy a Rembo infrastructure.

The Rembo server (Rembo Toolkit 4.0) can be installed on the following platforms:

In order to use Rembo as the boot server software, the following requirements must first be met:

Target computers or clients must consider the following:

Given a customer’s environment, determine inventory and compliance requirements, so that a comprehensive plan has been developed to deploy and configure inventory and compliance regulations.

Identify operating systems. Identify whether the operating systems are supported by TPM 5.1.
Determine hardware configurations. Identify peripheral, proprietary components.
Identify and determine compliance regulations as well as “Golden Standards”.
Determine software holdings.
Identify proprietary software.
Determine standard software configurations.

Section 2 - Installation

Given IBM Tivoli Provisioning Manager 5.1 (TPM) documentation and Release Notes, determine if all hardware pre-requisites have been met, so that TPM is ready to be installed.

Review TPM hardware pre-requisites for platform:

Review Installer requirements for each platform:

Review operating system and patch pre-requisites for platform:

Review application pre-requisites for platform:

Review TPM supported installation methods:

Review supported installation methods on each platform:

Review TPM 5.1 Installation Guide, Installing Behind a Firewall, to ensure all ports are available for a TPM remote installation. The RXA protocol is also used by Tivoli Provisioning Manager. It makes connections using standard SSH or SMB protocols and does not require a separate port.
Review additional installation requirements:

Obtain operating system, patches and application pre-requisites.
Install operating system, patches and application pre-requisites.
Configure application pre-requisites. Components configured: DNS configuration on Installer and TPM server, Cygwin (Windows) on Installer, SSH RSA credentials, WebSphere ports.
Review TPM 5.1 Installation Guide, Preparing installation images to get more information regarding CD installation versus creating an installation depot.
If using existing Tivoli Directory Server installation, make sure database instance is started ibmdirctl -D cn=root -w password status where password is password for the cn=root.
Make sure /etc/hosts file on Red Hat Advanced Server 4.0, example of how the /etc/hosts file should look: 12@.1 localhost.
If you have manually installed the WebSphere Application Server 6.0, then you must stop the WebSphere Application Server 6.0 profile be fore you can begin the installation.
TPM 5.1 pre-requisite check complete Servers are ready for TPM 5.1 installation.

Given the IBM Tivoli Provisioning Manager (TPM) 5.1 media, installation guide and release notes, run the installer and provide necessary configuration parameters so that TPM is installed

Obtain installation media
Log on as root on AIX, Solaris and Linux. Log on as Administrator on Windows
Mount installation media and run mount_point/setupaix.bin on AIX, mount_point/setupsolarisSparc.bin -W options.permanent="True" on Solaris, mount_point/setuplinux.bin on Linux and clicking Start->Run. Type setupwin32.exe in the box and click OK on Windows. Additional installation parameters exist for enabling language selection and specifying temporary directory.
On the Welcome panel, read the information and then click Next to continue with the installation.
On the Software License Agreement panel, accept IBM Terms by clicking on Accept and click Next.
On the Server Deployment Configuration panel, specify the topology for this installation, and then click Next. Single server configuration installs all product components are on the same computer. Two server configuration installs directory server on one computer, and all other product components on another computer.
On the Configure the Target Servers panel, specify credentials for the target server or target servers of each prerequisite application and Tivoli Provisioning Manager. When you have specified all the information, click Next.
Provide input for TPM, DB, LDAP, and Agent Manager installation. Note: TPM for DCD does not require input. For more information on all configurable installation options, reference TPM 5.1 Installation Guide, Chapter 2, Task #10. Click Next to continue.
The installer validates the settings you have specified, available disk space, and available memory on the target servers, and then displays results on the Validation summary panel. After reviewing results, click Next to continue.
Monitor installation progress by viewing installation detail and application log files.
TPM 5.1 installation is complete.

Given the decision to provide a TPM 5.1 workflow authoring environment, install and customize Automation Package Development Environment (APDE) and dependent tools, so that an operational and functional packaging environment is available.

System running APDE requires 256 MB RAM, plus additional RAM for compiling workflows. For multi-user APDE environments, allocate 400 MB RAM per running instance.
Install required IBM Java runtime environment (JRE), Version 1.4.2 or later. If you have more than one JRE installed, update system PATH variable to make sure the IBM JRE is the first java executable in your path. Testing for correct java version using java –version will display the following: java version "1.4.2" Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2) Classic VM (build 1.4.2, J2RE 1.4.2 IBM Windows 32 build cn1420-20040626 (JIT enabled: jitc).
If running APDE on a computer other than the TPM server, the computer must be running a version of Windows or Linux supported by Eclipse 3.1.2 or later. An Eclipse installation is included in $TIO_HOME/eclipse. The latest version of eclipse may also be downloaded at http://www.eclipse.org/downloads/index.php.
If running APDE on a computer other than the TPM server, create a directory where APDE will be installed. Extract eclipse installation files into APDE_HOME. Obtain apde.zip and extract into APDE_HOME.
If running APDE on a computer other than the TPM server, copy the following files from $TIO_HOME/config on TPM server to APDE_HOME

If running APDE on a computer other than the TPM server, install and configure database client to communicate with TPM 5.1 database. Current clients include DB2 and Oracle based on the database installed with TPM @Reference TPM 5.1 Installation Guide, Appendix A, Configuring Database Connectivity for more details.
If APDE installed remotely, Tivoli Provisioning Manager must be running in development mode. To start the server in development mode, run TPM startup script with the -dev option. Commands include tio.sh –dev on AIX, Solaris and Linux and tio.cmd –dev on Windows.

Given a network architecture diagram, create a Data Center Model (DCM) XML file and import it into IBM Tivoli Provisioning Manager, in order to populate network topology.

Evaluate existing DCM XML file. Sample DCM data may be found at $TIO_HOME/xml/venice.xml on AIX, Solaris and Linux or %TIO_HOME%\xml\venice.xml.
Determine data center objects to add to DCM.
Create DCM XML file adding desired system/network components.
Validate completed XML document against DTD found in $TIO_HOME/xml/xmlimport.dtd on AIX, Solaris and Linux and %TIO_HOME%\xml\xmlimport.dtd on Windows.
Import DCM XML file using $TIO_HOME/tools/xmlimport.sh file:// on UNIX and %TIO_HOME%/xmlimport.cmd file:// on Windows.
Verify DCM objects.

Given that TPM is installed and the environment is ready, navigate to the correct section and deploy the Common Agent to a target, so that the Common Agent has been deployed.

Navigate to Software Management Install Common Agent.
Insert Task Name for common agent deployment task.
Select TCA_Stack in the Select Agent section.
Select the target computer(s) by group or individually in the Select Computers section.
Ensure that the create credentials check box is clear.
Select now or the desired time in the Schedule Section
Click submit.

Given that TPM is installed, a region exists, and the environment is ready, navigate to the correct section and deploy and configure a software depot, so that the software depot has been installed and configured.

Navigate to Inventory, Infrastructure Management, Depots. Select Edit Add Depot.
Enter FQDN, and the description of the new depot.
Select the Region the depot server will be assigned to.
Do not edit the default port for depot communication.
Select the Preferred upload server box to designate if applicable.
Define Adaptive, Static, or No Bandwidth control for Depot Transfer Rate.
Define Maximum connection.
Define Target Server to be setup as Depot.
Define the repository directory of the depot server.
Specify the size limit of the Data Directory.
Save.

Given that TPM is installed and the environment is ready, navigate to the Add Boot Server wizard, determine the Provisioning method to be used, enter the required information, so that the IBM Boot Server has been created and configured.

Ensure that a supported OS is defined on the target server.
Navigate to Software Management Manage Software Catalog Software Products.
Navigate to the Software Definition page by selecting Rembo Toolkit.
Edit the correct Software Template for the Rembo Toolkit.
Verify all logging details are correct for the Rembo Server.
Navigate to Inventory Infrastructure Management Boot Servers.
Launch the Add Boot Server Wizard.
Define Rembo and select Next.
Select the target boot server and select Next.
Enter Rembo Admin Password and define the Rembo Key file.
Enter task name and either define schedule or select now and submit.
Verify the selections and select Finish.

Section 3 - Configuration

Given there are Windows computers to be discovered in an environment, verify the configuration of the potential Windows targets, so that they can be discovered via SMB (server message block).

Make sure SMB is enabled in the environment by checking the Solution Design Document.
The targets must have remote registry administration enabled. Navigate to Start ? Control Panel ? Administrative Tools ? Services ? Remote Registry and ensure that it is enabled.
The default hidden administrative disk shares (such as C$ and D$) are required on the targets.
Both ports 135 (RPC) and 139 (NetBIOS over TCP/IP) must be enabled on the targets to ensure successful communication through RXA.
For Windows XP only, Simple File Sharing must be disabled for remote execution and access (RXA) on the targets. Open My Computer ? Tools ? Folder Options and then click on the View tab and disable the option for Simple File Sharing.
For Windows XP SP2 and higher, check on the targets if the firewall is enabled and blocking port access.
Verify the configuration, by running “net use l:\\hostname\C$/user:Administrator” from another Windows machine.

Given that TPM is installed and the environment is ready, navigate to the Add Discovery Configuration wizard, determine the discovery method to be used and enter the required information for SMB or SSH discovery, so that a discovery configuration has been created.

Open the Inventory section Manage Discovery and click on Discovery Configurations.
Choose the Edit menu button and the select Add Discovery Configuration.
Provide a Name and Description, select the discovery type of Devices, then select the Discovery Method of Discover Windows Computers using SMB or Discover Computers using SSH. Click Next.
Enter the IP range and/or Enter the subnet address and mask as defined in the Solution Design Document and click the associated Add button after each entry. Repeat until all ranges have been entered.
Enter Credentials (User ID, Password, and Confirm Password) and click the associated Add button after each entry. Repeat until all ranges have been entered.
Change Credentials Search Key and/or IP Address Response Timeout in Milliseconds as required. Click Finish.

Given that TPM is installed and the environment is ready and there is a properly generated Discovery Book, navigate to the Add Discovery Configuration wizard, determine the discovery type to be used and enter the required information for IBM Discovery Library Reader discovery, so that a discovery configuration has been created.

Open the Inventory section Manage Discovery and click on Discovery Configurations.
Choose the Edit menu button and the select Add Discovery Configuration.
Provide a Name and Description, select the discovery type of Devices or Software, then select the Discovery Method of IBM Discovery Library Reader. Click Next.
Make sure the book to be read is stored locally

Properly fill in book.source.name. An example syntax is “ibm-cdm:///CDM-managementSoftwareSystem/Hostname=cvtint12.unknown,

Properly fill in drift.repository.dir, drift.save.elements, and repository.dir on the same screen. It should be noted that the “dir” values specified need have proper read (repository.dir) and write (drift.repository.dir) permissions based on the TPM user (the id used to install/run TPM). Click Finish.

Given that TPM is installed, the environment is ready, and Microsoft Active Directory is installed on the target, navigate to the Add Discovery Configuration wizard, determine the discovery method to be used, enter the required information so that a run able Microsoft Active Directory discovery configuration has been created.

Open the Inventory section ?Manage Discovery and click on Discovery Configurations.
Choose the Edit menu button and the select Add Discovery Configuration.
Provide a Name and Description, select the discovery type of Devices, then select the Discovery Method of Microsoft Active Directory Discovery. Click Next.
Enter the Server Name, Base Distinguished Name, User ID, and Password for the Active Directory server.
Select the Default Access Group.
Select Filters for the scan among: User defined search command, Filter LDAP attributes, Discover groups, Discover organizational units, Gateway IP, and Subnet Mask.
Enter the flag for filtering Dynamic IPs (true or false) and click Finish.

Given that TPM is installed, the environment is ready, and SNMP is enabled on targets, navigate to the Add Discovery Configuration wizard, determine the discovery method to be used, enter the required information so that a run able SNMP discovery configuration has been created.

Open the Inventory section ?Manage Discovery and click on Discovery Configurations.
Choose the Edit menu button and the select Add Discovery Configuration.
Provide a Name and Description, select the discovery type of Devices, then select the Discovery Method of Discover Devices (computers, switches, routers) using SNMP. Click Next.
Enter the IP range and/or Enter the subnet address and mask as defined in the Solution Design Document and click the associated Add button after each entry. Repeat until all ranges have been entered.
Enter SNMP communities and click the associated Add button after each entry. Repeat until all ranges have been entered.
Change Credentials Search Key and/or IP Address Response Timeout in Milliseconds as required. Click Finish.

Given that TPM is installed and the proper SAP (service access point) information is available, create a new SAP with credentials for a selected computer, so that the SAP is available to allow communication between the target computer and the TPM server.

Navigate to the computer to add a new SAP to by using the “Find” function or by going to Inventory->Manage Inventory -> Computers and selecting the appropriate machine.
Select the Credentials tab.
From the Edit menu, choose “Add Service Access Point”.
Add a Name, choose a Type, and select a Role. Optionally, add Other Type, Domain, and Context, change the Port and Locale, and select Authentication and/or Use Logical Device Operation. Click Save.
Add credentials using the menu on the newly created SAP. The options here vary depending on the type of SAP created. What is important at this step is to know that at least one set of credentials must be created for the SAP to be usable.

Given that TPM is installed and the proper credential information is available, create a new set of credentials for a selected computer, so that those credentials are available to allow communication between the target computer and the TPM server.

Navigate to the computer to add a new standard set of credentials to by using the “Find” function or by going to Inventory->Manage Inventory -> Computers and selecting the appropriate machine.
Select the Credentials tab.
From the Edit menu, choose “Add Credentials” to bring up the “Quick Credentials Wizard”.
From the Select Credential Pair Type panel select “SSH and SCP”, “Telnet and FTP”, or “RXA”. Click Next.
On the Enter Authentication Information panel, if “SSH and SCP” was previously chosen, enter User ID and Search Key along with either the Password or Passphrase from the Solution Design Document.
On the Enter Authentication Information panel, if “Telnet and FTP” or “RXA” was previously chosen, enter User ID, Search Key and Password from the Solution Design Document.
On the Summary panel, review the information and click Finish.

Given TPM is installed, create a dynamic group, so that items in the DCM will be grouped automatically based on the selected group criteria.

From the TPM Web UI, navigate to Inventory->Manage Inventory->Groups.
From the Edit menu, select “Add Group”.
Enter a Name and Description and choose a Type (based on the Solution Design Document).
For Group Members, choose “Select a report to populate group members” enabling the Report Category and Available Reports drop-down menus.
Select the Report Category (such as Audit, Inventory, Compliance, et. al.) and corresponding Available Reports entry that will satisfy the query needed to populate the group with the type of item designated in the Solution Design Document.

Given that TPM is installed and the environment is ready, navigate to the Add Role wizard, enter the required information so that a new security role has been created.

Open the System Management section and click on Security Roles.

Select Add Role from the Edit menu.
Enter the LDAP ID, Name, and Description of the role. Assign permissions to the role by selecting from the Available Permissions list and clicking Add.
Click Save.

Given that TPM is installed, navigate to the New User wizard, enter the required information so that a new TPM user has been created.

Expand the System Management section and click on Manage Users.
Choose the Edit menu button and the select Add User.
Enter the following information into the form: User ID, E-mail,+# Given Name, Family Name, Address Work, Home, and Mobile Telephone Numbers, New Password, Confirm Password.
Select the Default Access Group, Notification Language, and Notification Method from drop down menus. Check the Superuser box if this user is to be a superuser. Click Save.

Given TPM is installed a tier application has been defined for management, create a resource pool and add computers to that pool, create a customer, application, and application tiers and add resource pools to each tier, so that a tiered application is modeled in the DCM for potential capacity on demand management.

In the TPM Web user interface, navigate to Applications->Resource Pools.
From the Edit menu, select Add Resource Pool.
Enter a Name, Server Template, and Locale from the Solution Design Document.
Add a computer (as designated in the Solution Design Document) to the newly created tier by using the Find function to select the desired computer.
Once selected, choose Properties from the Edit menu. Select the newly created tier from the Belongs to option. Click Save.
From the TPM Web User Interface, navigate to Applications->Customers.
From the Edit menu, select Add customer.
Enter the name for the Customer from the Solution Design Document.
Select the newly created Customer and from the Edit menu, select Add application.
Enter the Name for the application from the Solution Design Document. Optionally, select a Locale and SLA Service Plan and choose Capacity On Demand or Ignored by the Resource Broker if necessary. Click Save.
Select the newly created Application and from the Edit menu, select Add Tier.
Enter a Name for the tier from the Solution Design Document. Enter the Tier Number, Overflow Servers (min and max), and Server Template. Choose the Resource Pool to serve the tier. Optionally, choose Ignored by the Resource Broker, Local, and Cluster Domain. Click Save.

Given that TPM is installed, navigate to the Add a Report wizard, enter the required information so that a new report has been created.

Expand the Reports section ? and click on a report category. From the Edit menu, select Add a Report.
Enter the Name, Description, and Type of report. Select the report Category and Access Group. Click Next.
From the Available Views list on the Report Constraints page, select the Assigned Views for the report.
From the Available Fields list on the Report Constraints page, highlight a field, assign an operator and value (if operator requires a value), and add it to the list with the AND button. Repeat until all desired fields are assigned using AND or OR buttons as necessary. Click Next.
From the Available Fields under the Select Fields section on the Report Layout page, select the fields to be included in the report display and click Add. Highlight fields in the Assigned Fields list that need to be moved in the order, and use the up and down arrows to set the field's position. Highlight fields in the Assigned Fields list that require calculations and select a calculation method from the Apply a calculation to the selected field menu.
From the Available Fields under the Order Fields section on the Report Layout page, select the fields to be ordered (sorted) in the report display and click Add. Highlight fields in the Assigned Fields list and use the up and down arrows to set the ordering (sort) priority.
From the Available Fields under the Group Fields section on the Report Layout page, select the fields to be grouped in the report display and click Add. Highlight fields in the Assigned Fields list and use the up and down arrows to set the group priority.
Select the report output type (HTML, PDF, XML, or CSV) and Drill Down Field (if available) and click Next.
On the Report Summary page, edit the report query if the generated parameters need adjustment. Click Verify to confirm syntax.
On the Report Summary page, select schedule and notification options and click Finish.

Given TPM is installed and an automation package is available, install or update the automation package in the DCM, so that it is available for use by TPM.

From the TPM server, save the automation package in %TIO_HOME%\drivers (Windows) or $TIO_HOME/drivers (Unix/Linux).
Open a command prompt on the TPM server and change directories to %TIO_HOME%\tools (Windows) or $TIO_HOME/tools (Unix/Linux).
Use the tc-driver-manager.cmd (Windows) or the tc-driver-manager.sh (Unix/Linux) command to install/update the driver. The following are sample syntaxes: tc-driver-manager.sh i will install the driver tc-driver-manager.sh fid will force the installation of a driver (this is good for updates). Be sure to NOT use the .tcdriver extension when entering , this will result in a failure.

Given a non-compliant computer, perform remediation tasks so that the computer is compliant with software and security policies.

Click on the Recommendations tab.
Select the check box for each open recommendation and click Approve. The recommendations will be moved to the Approved state.
Select the check boxes for the approved recommendations, and then click Run.
Run the task that gets created by clicking Submit.
Perform any manual recommendations necessary.
Re-run the compliance scan by clicking on the Compliance tab and selecting Run Inventory Scan from the Run menu.
Re-run the compliance check by selecting Run Compliance Check from the Run menu.
Automate manual remediation tasks by downloading automation packages from OPAL or writing workflows that implement ComplianceRecommendation.Remediate.

Given that TPM is installed and the environment is ready, navigate to the New Access Permission Group wizard, enter the required information so that a new permission group has been created.

Open the System Management section and click on Permission Groups.
Select Add Permission Group from the Edit menu.
Enter the Name and Description of the new permission group. Select desired permissions from the list of Available Permissions and click Add.
Click Save.

Section 4 - Performance Tuning and Problem Determination

Given TPM 5.1 installation is complete, review the purpose of the directories installed by Tivoli Provisioning Manager, so that the purpose of the various directories are understood.

Using UNIX and TPM default installation directory /opt/ibm/tivoli/tpm, environment source script can be found at: /opt/ibm/tivoli/tpm/.Tcprofile.
The following TPM directories are defined: TIO_HOME: TPM installation home directory; TIO_LOGS: TPM log file directory.

Using UNIX default account ldapinst created during the DB2 configuration, file ~ldapinst/sqllib/db2profile contains environment variables necessary for DB2 database instance for Tivoli Directory Server (TDS).
Using UNIX default account db2inst1 created during the WebSphere configuration, file ~db2inst1/sqllib/db2profile contains environment variables necessary for DB2 database instance for TPM.
Important TPM directories defined in %TIO_HOME% on Windows or $TIO_HOME on UNIX contains all TPM configuration data.

Given the directory structure and log files, review the log files to determine problems encountered in IBM Tivoli Provisioning Manager, so that the user is able to determine the source of the TPM problem.

WebSphere Application Server (WAS) is central to TPM and its components. All components, DB2 Universal Database, IBM Tivoli Directory Server, SOAP, user interface, deployment engine, policy engine, command line tools, interact with WAS. If you do not know where to start with a problem that you have encountered, start with WAS. Review the SystemOut.log file for errors. The log file is located in the following directory: Windows: %WAS_HOME%\logs\ UNIX: $WAS_HOME/logs/
Review other WAS logs files, also located at Windows: %WAS_HOME%\logs\ UNIX: $WAS_HOME/logs/

open for e-business.

--stopServer.log This log file contains errors that occur during the shutdown of the WebSphere Application Server. Look for the following output for a successful shutdown: Server stop completed.

Review TPM-specific log files in UNIX: $TIO_LOGS (UNIX) directory, Windows: %TIO_LOGS% (Windows) folder

--tio_start.log: This is the log file of the most recent startup of the Tivoli Provisioning Manager server. This log is overwritten each time the server is started.

--tio_stop.log: This is the log file of the most recent shutdown of the Tivoli Provisioning Manager server.

Subdirectories are organized by component:

--j2ee: WebSphere JVM, $TIO_LOGS/j2ee

--deploymentengine: Deployment Engine JVM $TIO_LOGS/deploymentengine

--policyengine: Policy Engine JVM $TIO_LOGS/policyengine

--tcdrivermanager: Workflows $TIO_LOGS/tcdrivermanager

--install: Installation $TIO_LOGS/install

--uninstall: Uninstall process $TIO_LOGS/uninstall

--agentshellserver: Agent Shell Server $TIO_LOGS/agentshellserver

--wswb: WebSphere Studio WorkBench (WSWB) $TIO_LOGS/wswb

Each Tivoli Provisioning Manager JVM directory includes the following log files:

--console.log Stores all event logs including messages, traces, and debugging information.

--msg.log Stores the globalized event messages so the user can understand a problem and take action to try and resolve the problem.

--trace.log Stores errors that are reviewed by IBM Tivoli Support.

--cbe.log Stores all error messages in Common Base Event format.
messa

Review TPM and WAS logs containing message IDs as follows: COPYYY###Z

which contains 10 alphanumeric characters uniquely identifying the message. Each message ID includes: a 3-character product identifier; a 3-character component or subsystem identifier; a 3-digit serial or message number; a 1-character type code indicating the severity of the message.
More information regarding message ID details may be found at the TPM 5.1 Problem and Determination Guide, Log File Types, Message ID Format.

Log data in Tivoli Provisioning Manager is managed by log4j, an established open source logging tool. Updating logging level can be performed by editing log4j.prop to change log level. The log4j.prop file, shown below, defines the default configuration for message, trace, and Common Base Event logs. File log4j.prop is found in the following location: Windows: %TIO_HOME%\config UNIX: $TIO_HOME/config. The initial log4j log level configuration for each log file is set to info. Available log levels are error, warn, info, debug. Each log file is set to a unique log level for Tivoli Provisioning Manager using the

log4j.appender.filename.threshold= parameter
The following is a list of the default logging levels for each of the log file types:

--console.log info If you want more log information for troubleshooting purposes, set the log level to debug.

--trace.log error

--msg.log MSG_INFO#com.thinkdynamics.kanaha.util.logging.MessageLevel

--cbe.log error
Make desired changes to file log4j.prop and save.

Given that TPM is installed and the environment is ready, navigate to the workflow status section and select your deployment id, so that the workflow log can be reviewed.

Open the Automation section and click on Workflow status.
Set the different selection options on top of the panel – workflow name, status, date range and/or deployment id as required and then click Search.
A list of workflow logs which match the above selection criteria will be displayed. Click on the deployment id on the extreme left of the workflow log you want to look at. This opens up the detailed workflow log.
Page through the workflow details and read the different information and error messages in the log.
If the workflow has failed, you can click the ‘More’ button on the extreme right hand side of the workflow name and ‘error’ to get a detailed error message of the workflow failure.

Given that TPM is installed and the environment is ready, understand the common reasons for the common agent installation failures.

The installation of common agent from the TPM console might fail due to one of the following problems.
A firewall is blocking port 9511, 9512 or 9513 between the agent manager and the target server.
When an agent starts up on the target server and tries to register with an agent manager, it will fail if the time difference between the target server time and the agent manager server time is more than 2 hours.
An absence of name resolution between the TPM Agent Manager server and the target server endpoint will also cause failure of the common agent installation/registration.
The installation of common agent will also fail if the target endpoint has a SAP defined in the credentials section while its operating system is not defined in the data center model.
The installation of common agent will fail on Windows if the tasks/subtasks included in 3.1 are not done.

Given a failed depot, perform diagnostic steps, so that the depot problem has been identified.

To check if depot is active from the TPM /CDS MC server:

To enable logging and tracing, set the server.logger.message.logging property to true in the cdsLog.properties file on the depot.
Logging levels can also be specified with the server.logger.level entry by setting it to any of the following:

Look for suspicious entries in log files located in /var/ibm/tivoli/common/ctgde/logs on the management center server. Logging options for the management center server are stored in: /opt/IBM/tivoli/cds/manager/logprop.
Steps for troubleshooting distributions:

Given that TPM is installed and the environment is ready, review performance tips in TPM, so that TPM performance can be improved.

Setting Concurrency Level : Many tasks such as software installation can perform deployments on multiple targets. If a task is created to install a patch on 50 computers and the “concurrency level” is set to 5, then TPM performs 5 installations at a time. By default the concurrency level is set to 1. This will need to be tuned to attain optimum performance in the environment. The appropriate concurrency level depends on:

Tuning software package editor : Any operation launched from the Software Package Editor hangs if the software package being processed is too large. To correct the problem, tune the " mx100m " value in the speditor.bat file. Increase the value gradually by small increments until you find the optimal value for your environment. For example, replace " mx150m " with " mx200m " and then continue to increase this value until the machine performance improves.
Workflow development : The way a workflow is written can have a significant impact on performance of the TPM system when it is executed. For example, while trying to execute multiple commands on a target system, using a scriptlet offers better performance then multiple Device.Execute command statements.

Section 5 - Administration

Given that TPM is installed and a Service Access Point has been added, create and configure the software catalog and configure software installation options, so that the software catalog has been created and configured and the additional software is ready to be deployed.

Click Infrastructure Management File Repositories. Click Edit Add File Repository. Specify server name and IP address. Specify path where software is stored. Click Save.
Click Infrastructure Management External Software Catalogs. Click Edit Add Software Catalogs. On Create Software Catalog page, specify catalog information. Assign the device driver that provides automation for the external software catalog.
Click Software Management Manage Software Catalog Software Products. Click Edit Import Software Package. Follow the instructions in the wizard to add the software package.
Click Software Management Manage Software Catalog either: Software Products, Operating Systems, or Patches. Click Edit either: Add Software Product, Add Operating System, or Add Software Patch. Specify information as appropriate and Click Save.
Click Software Management Manage Software Catalog. Select appropriate type of software. Click Edit Add Installable. Specify file details. Click Save.
Click Software Management Manage Software Catalog. Select appropriate type of software. Click Edit Add Requirement. Specify file details. Click Save
Build software configuration templates.
Define software stacks.

Launch Software package editor. Select the software package icon, Click Edit > Properties. Specify the name of the software package in the Package name text box of the General properties page. Enter a short description of the software package. Add action by Click Edit > Insert.
Select the System Action tab and Click the Check Disk Space icon. In the Caption text box, enter a descriptive name for the program to be installed. In the Drive text box, specify the drive to be checked On UNIX systems, the check disk space action searches for the file system beginning with the final token of the path specified, and moves to the previous token, until it finds the file system. In the Volume text box, enter the disk space requirement as an integer and specify the appropriate units of measure in the adjacent list box. Click Add to add the action to the list. You can add more than one check disk space action to the same list. To remove a check disk space action from the list, click Condition to display the Condition Editor dialog, select it then click Remove. Click Ok to return to the Software Package Editor.
Select the appropriate software package icon in the left pane. Select the Add object tab from the right toolbar and click the Directory icon. The Add Directory Properties dialog is displayed. Enter the following information in the Source group box. In the Destination group box, you find the same information you entered in the Source group box. The destination represents where the specified directory is created on the target system. Delete c:\Appsample in the Location text box and use a variable to render this operation more generic for use on different operating systems. Right double-click the Location text box to display the Variable List Editor. Define a new variable and assign a default value. Click OK to return to the Add directory properties dialog. Set the check boxes in the Add Directory Properties dialog. Click Advanced to specify platform-specific file system attributes. The Add File System Objects Properties - Advanced notebook is displayed. Leave the Create directories check box selected to create directories if they do not already exist on the target system. If you know that the directory already exists, clear this check box so that during an install the directory is not created and during an undo operation the directory is not removed. Leave the Remove empty directories check box selected to remove empty directories when performing a subsequent remove operation of this software package. Select the Descend directories check box to add the entire directory tree to the software package. If it is not selected, only the files listed below the top-level directory are added. Select the Rename if locked check box to temporarily rename files that are in use by another application. For Windows platforms, during an install an attempt is made to replace or rename the file under the same directory as the locked file and the distribution completes successfully without having to wait for a reboot of the system. The temporary file is removed during the next system reboot. During a remove operation, the locked file is removed during the next system reboot. Click OK to confirm the file system object properties selected. Click OK to add this action to the software package. Select the software package icon in Software Package Editor window to display the Add directory object action.
Select the appropriate software package icon in the left pane of the Software Package Editor window. Click Container on the tabbed toolbar and select the Generic container icon. The Generic Container Properties dialog is displayed. In the Name text box, enter a descriptive string such as Windows platform actions. Before you add this container to the software package, you must set a condition on the entire container. Click Condition to display the Condition Editor. Enter the following expression to satisfy all Windows actions that will be added to this container: $(os_name) LIKE ‘Win*’ then click OK. Click OK to add the generic container to the software package. An exclamation mark in the right pane indicates that a condition has been set on the generic container.
Select the appropriate platform actions icon in the left pane, then from the Add object tab, click the Text file icon on the toolbar. The Add Text File Properties dialog is displayed. Express part of the file name using a built-in variable. Right double-click the File name text box and select the $(system_drive) variable from the Variable List Editor dialog. Click OK to add the variable to the text box, then complete the file name as follows: $(system_drive)\config.sys. Click OK to add the text file object to the software package. The Software Package Editor window displays the text file object contained in the software package. To add a text line to the config.sys file, select the text file icon in the left pane, then select the Line icon from the Add Object tab on the toolbar. The Add Text File Line Properties dialog is displayed. In the Text text box enter the following line of text to be added to the config.sys file: REM - BEGIN TIVOLI APPSAMPLE SECTION. Indicate that the line should be placed at the end of the text file by selecting End from the Position drop-down list. Click OK to add the text line action to the text file object. The Software Package Editor displays the text file line action. To add a token to the text file, select the text file icon in the left pane, then select the Token icon from the Add Object tab on the toolbar. The Add Text File Token Properties dialog is displayed. In the Text text box, specify the token value to be added to the SET PATH key. Use the variable $(target_dir), defined in "Adding Directories and Files", then complete the entry in the Text text box to read $(target_dir)\bin. In the Key text box, enter SET PATH. This value instructs the operating system to include $(target_dir)\bin in its search. A semicolon is automatically inserted before this value. Use the End default value in the Position box to specify that the token will be inserted at the end of the corresponding line of the config.sys file.In the Token separator text box, enter the character to use as the token separator. The default value is semicolon (;). Click OK to add the token action to the software package. The Software Package Editor displays the add token action. Add a second token that adds a directory to the LIBPATH key. The operating system will include the directory in its search when loading dynamic link libraries. Select the text file object in the left pane, then select the Token icon from the Add object tab on the toolbar. The Add Text File Properties dialog is displayed. In the Text text box, enter $(target_dir)\dll. In the Key text box, enter LIBPATH. Use the End default value in the Position box and click OK to add the second token to the text file. The Software Package Editor displays the two tokens in the right pane. Next, add a driver to the DEVICE command. Select the text file icon in the left pane and select the Command line icon from the Add object tab on the toolbar. The Add Text File Command Line Properties dialog is displayed. In the Text text box, enter DEVICE=$(target_dir)\sys\Appsamp.sys, which is the line of text to be added to the config.sys file that contains the path to the driver file. Use the $(target_dir) variable defined in "Adding Directories and Files" to express part of the text. In the Key text box, enter the file name of the driver file. Enter Appsamp.sys in the text box. In the Command text box, enter DEVICE. In the Position text box, use the End default value to add this command to the end of the config.sys file. Click OK to add the command line action to the text line action. The Software Package Editor displays the command line action.
Select the software package icon in the left pane and click the Program tab. Select the Execute program icon to display the Execute Program Properties dialog. In this dialog, configure the software package to execute the user program log_aft.exe after the install operation is complete. In the Caption text box, enter a program name. If you do not specify a name, the default value is the file name entered in the Path text box. With the Install tab selected, enter the pathname to the executable file in the Path text box. Use the $(temp_dir) built-in variable to express a portion of the path name. Right double-click the Path text box and select the $(temp_dir) variable from the Variable List Editor dialog. Click OK to add the variable to the Path text box. Complete the pathname as follows: $(temp_dir)\log_aft.exe. Select Bootable to manage programs that can execute a reboot. Specify the maximum number of times the program must be re-executed after it reboots in the Retry text box.
In the Co requisite Files box, click Add to specify one or more files or directories that must be downloaded together with the program during execution. After execution, these files are deleted. The exit code settings control the execution of the subsequent action in the software package. In the Exit Code box, the range of program completion codes are specified as a minimum and maximum value in hexadecimal format. The minimum and maximum values can range from 0 to 65535 (0x0, 0xffff). For a SUCCESS exit code, the default is 0. To set the minimum and maximum range, click the text box in the Min or Max column and type a valid hexadecimal value. To set an exit code, click the text box in the Exit Code column and select an option from the scrolling list. To add an exit code to the list, click Add. Ensure the minimum and maximum range is set to an available interval between 0 and 65535. Click OK to add the execute program action to the software package. The Software Package Editor displays the program action.

Select the appropriate software package icon in the left pane. Click the System action tab from the right toolbar, then click the Restart icon. The Restart Properties dialog is displayed. In the Restart Properties dialog, you can select an option in one of the operation group boxes or select options from all three group boxes. For example, in the Restart during install box, you select None so that the target system is not restarted during an install operation. You select After to perform the restart after the execution of the last action contained in the software package. Select Immediately to perform the restart action immediately, the remaining sequential actions contained in the software package are executed after the restart action is complete. Keep the default selection and click OK to return to the Restart Properties dialog. Select the Force check box to specify that the reboot action on the endpoint must be forced. This option is valid only on Windows systems. Click OK to add the restart action to the software package.

Given the that TPM is installed and available and a Rembo Boot Server has been deployed in the environment, clone and deploy an operating system to other targets, so that the operating system is available on the target system.

Define operating system for capture.
Find target computer and click computer name Click Software tab Click Edit Add Software Installation. In Name field, type name. In Software Definition list, select software definition that matches the operating system install on the source computer. Click Save.
On Windows image source computer, Click Start Control Panel Network Connections. Select TCP/IP and click Properties. Enable Obtain an IP address automatically and Obtain DNS server address automatically. Click OK. For Linux, configure system to use DHCP for both DNS and IP address. IP address obtained from DHCP Server.
Navigate to Inventory Manage Discovery Discovery Configurations. Next to Windows Configuration Discovery, click Run. Specify a unique name for this discovery. Display target computer list By Computer and select image capture computer. Specify task execution timing. Click Submit.
Navigate to Inventory Manage Discovery Discovery configurations. Next to Windows Local Users Discovery, Click Run. Specify a unique name for this task. Display the target computer list By Computer and select the image source computer. Click Submit.
Search for the image source computer and click on the computer name. Click the Software tab and click the name of the operation system to open the Software Installation page. In the Local Users section, beside the Administrator, Click Update DCM Password and insert the Administrator credentials.
Run CHKDSK /f selecting Y (for Yes) for running CHKDSK on reboot.
Expand Inventory Manage Inventory Computers. Select image source computer. On the General tab, Click Edit Capture Image. Select image source computer and Click Next. Select Golden Master image type and the Rembo server used to capture the image and Click Next. Specify name and description and Click Next. Specify task execution timing and Click Next. Verify choices on the Summary page and Click Finish.
Verify captured image by navigating to Software Management Manage Software Catalog Images and search for image name.
Verify image captured by clicking Software Management Manage Software Catalog Images and search for recently created image name.
Expand Inventory and click Manage Discovery Discovery Configurations click Edit Add Discovery Configuration and type Name and Description, and select Devices. In the Discovery Method field, select Rembo Hardware Discovery and select the discovery parameters and click Finish.
Find newly created Rembo hardware discovery and Click Run. Start discovery immediately by Clicking Submit. Reboot target computer. Monitor the Rembo_Client_Discover workflow process for progress. Find the target computer and Click on the computer name to view discovered hardware resources.
Navigate to Software Management Install Images. Specify name for the image install task. Select the image for installation. Schedule task to run. Click Advanced. Change various settings according to preferences. In the Change Storage settings section change the partition sizes. Click Submit.
Log into the imaged target computer using the Administrator credentials specified earlier.

Given that TPM is installed, create a software stack, so that software can be deployed at the same time and in sequence.

Click Software Management Manage Software Catalog Software Stacks.
Click Edit Add Software Stack.
Specify software stack information: Fill out name and description for software stack, associate software patch with locale if applicable and click Save.
Add the following information to the new software stack: software definitions, patches, and reusable software stacks.
Select the appropriate software configuration templates for the software selected in objective 4 above.
Add installable files to the software stack.
Add pre-requisites and capabilities.
Add software configuration templates.
Specify workflows required.

Given that TPM is installed and the environment is ready, navigate to software management and select the software and target systems, so that the software product can be installed.

Navigate to Software Management Install Software Products in the TPM console.
Give the task a name, select the software to be installed from the list and then select the target computers or groups from the list provided. The target systems could be filtered based on the systems matching the requirements of the software selected or systems missing the software selected.
Click on the Advanced button to bring up the software configuration template of the software select. Make appropriate changes to the template and click the ‘Submit’ button.
Monitor the task which gets launched for completion and success.

Given that TPM is installed and the environment is ready, navigate to the Add Discovery Configuration wizard, determine the discovery method to be used and enter the required information for Inventory or Security Compliance discovery, so that a run able TPM Inventory or Security Compliance Scan configuration can be created.

Open the Inventory section Manage Discovery and click on Discovery Configurations.
Choose the Edit menu button and the select Add Discovery Configuration.
Provide a Name and Description, select the discovery type of Devices, then select the Discovery Method of Tivoli Provisioning Manager Inventory Discovery or Tivoli Provisioning Manager Compliance Scan. Click Next.
Select the Discovery Scope as Hardware and Software. Under software, you can select the discovery method to be used from : (1) use the registry, (2) use software signatures and (3) use selected signatures as required. Click Finish.

Given that TPM is installed and the environment is ready, navigate to the Manage Templates section and create or edit a computer template, so that a usable computer template is created for a resource pool or application tier.

Open the Inventory section Manage Templates and click on Computer Templates.
Choose the Edit menu button and the select Add Computer Template.
Provide a Name and select the resource pool or application tier to be associated with this template from the drop down list. Click Save. The template gets created.
Click on the template to open it up. You will have an option to define network routes, network interface cards software definitions and storage templates.
Choose the Edit menu button and select Associate software definition. Then select the software definition from the drop down list and click save. You can down this task as often as required till you have all the required components in the computer template.

Given that TPM is installed and the environment is ready, navigate to Manage Security, create a new access group and assign it a permission group and DCM objects, so that an access group is ready to be assigned to a TPM user.

Open the System Management section Manage Security and click on Access Groups.
An access group is a logical organization of data center model objects, devices, and software over which a user is granted access.
Choose the Edit menu button and the select Add Access Group.
Provide a Name and Description and select the parent group if required. Click Save.
Click the access group you just created and open its contents.
Choose the Edit menu and either Assign an existing permission group or Create a new permission group as required.
Navigate to the DCM objects which you want to add to the newly created access group.
Choose the Edit menu and select “Add to Access Group”. Select the newly created access group from the drop down list and click ‘Save’.
Navigate back to System Management Manage Security Access Groups and select the access group you just created. Open the access group to ensure the objects you added in the step above are listed in this access group.
Given that TPM and Automation Package Development Environment are installed and the environment is ready, create and save a workflow in Eclipse, so that a workflow is developed for use by TPM.

Start up the Eclipse application. Ensure the APDE environment is initialized by validating the workflows listed in the workspace.
Click on the Navigator pane and select File Open Other. Open the Automation Package group and select ‘workflow’ from the dialog box which pops up. Click Next.
Provide a Name for the workflow and select the LDO which the workflow is supposed to implement. Eg. Software Installable. Install Click Finish.
Review the workflow template which gets created for the input and output parameters. In this case, input parameters are (1) DeviceID, (2) SoftwareID and (3) SoftwareResourceTemplateID, while the output parameters are SoftwareResourceID.
Build the logic in the workflow as appropriate to install the required software.
Highlight the workflow from the Navigator pane and select File Save to save the workflow in the Eclipse workspace.
Highlight the workflow from the Navigator pane and select Workflow Compile workflow to save the workflow in the TPM database.

Given that TPM is installed, modify and save a workflow using the Workflow Editor in the TPM GUI, so that the modified workflow is ready for use by TPM.

Navigate to Automation Workflows in the TPM console. Enter the workflow name that you want to modify and click Search.
Click on the workflow brought back by the Search result, to open up the workflow in the Workflow Editor.
Make the desired changes in the workflow and give the workflow a new name. (Using the same name might error out, since by default every workflow developed has the ‘editable’ property set to ‘false’.)
Select Compile compile to save the workflow in the TPM database.

Given a provisioned resource within a policy-driven, managed environment, create a security or software compliance check for a computer, so that a security or software compliance is added to a target computer.

Search for the computer involved with this activity. Click Compliance Tab. Click Edit > Add Security Compliance Checks or Add Software Compliance Checks. Search for a specific security compliance check. Select the compliance checks in the dialog and click Save.
Configure security compliance checks in the Security Compliance Checks table. Verify if a security compliance check has the value No or Unknown in the Compliant column. Click Save.
Click Edit > Add Software Compliance Checks. Search for specific software, software stack, software patch, or group of software to add. Verify that a result of search exists in the Available Software field. Select the software products and groups in the dialog and click Save. Select a software compliance check for configuration. Verify if a software compliance check for the value of no or Unknown in the Compliant column. Click Save.

Given that TPM is installed, configure the compliance checks, so that it can discover systems that are not compliant.

In the Compliance page, click Add Security Compliance Checks.
Select the security compliance desired and click Save.
Click the compliance check.
Configure the values as indicated in the diagram.
Click Save.
In the Compliance page, click the software, software group, software patch, or software stack to navigate to the Edit Software Compliance Check page for the software application.
Fill in the fields as necessary.
Click save.
Search for the computer or group to work with.
Click the Compliance tab.
Click Edit > Add User Notification.
Select the user for notification.
Click Save.

Given that TPM is installed and the environment is ready, create and configure a host platform, so that a virtual server can be created.

Navigate to the Inventory section and click on computers.
Choose the Edit menu button and the select Add Host Platform Server.
Provide a Name, select the appropriate resource pool and locale and then click Save. The host platform object is created.
Click on the host platform just created to open up the detailed view. Add NIC and interfaces objects as appropriate to this host platform.
Go to $TIO_HOME/tools directory in the CLI interface. Add the ‘vmware-4.tcdriver’ or ‘pSeries-Server.tcdriver’ as appropriate to your environment. The command to install the tcdriver is ./tc-driver-manager.cmd/sh installDriver /.
Within the TPM console, navigate to Inventory section Computers and select the host platform you just create. Click the workflows tab and select Edit Assign Device Driver. Select pSeries Host Platform or vmware-4 from the drop down list.
You now need to either manually define the hardware resources available on the host platform or run an appropriate discovery to populate the hardware resources on the host platform.
Now navigate to Inventory Manage computer templates Virtual Server templates. Click on Edit and select Add a server template.
Provide a name and click Save. Now click on the newly created virtual server template and select Edit Add a resource requirement. Add all the CPU, memory, disk, network requirements for a virtual machine to be created using this template.

Given TPM is installed and running, use various command line tools, so that common administrative tasks are performed without using the TPM GUI.

Make sure TIO_HOME/tools is in the PATH variable, or make sure the current working directory is TIO_HOME/tools. (Note the .cmd/sh notation to imply .cmd on Windows and .sh for Unix/Linux environments).
Exporting a workflow log: workflowLogExport.cmd/sh -n [workflow name] or -r [request id]) -f [output file name] -i [input file name]. Example: workflowLogExport.cmd -r 12345 -f c:/myDirectory/myOutput.xml If outputFilename is not specified, the default output file is: "C:\Program Files\IBM\tivoli\common\COP\logs\workflowLogExport.xml" ).
Ping the agent manager: ping-agent-manager.cmd/sh
Check the status of TPM: tioStatus.cmd/sh
Cancel all currently running deployment requests: cancel-all-in-progress.cmd/sh
Clean up deployment requests in the queue: clean-up-deployment-requests.cmd/sh
Clean up the task history: clean-up-tasks-history.cmd/sh
Retrieve details on a particular device in the DCM:

[-i ]*

Query/update the DCM from the command line. When you write your query, it should follow this pattern: The first line contains the command type: insert, update, or delete; the second line contains the query for the parent object. Type 1 for a null parent object; the remaining lines contain the XML data for the query. They are not required for the delete operation. The following is an example input file:

insert
-1
[acl name=”acl-1 New”]
[rule position=’1’ target=’permit’ protocol=’xxx’ source-subnet= »10.1.8.0 » destination-subnet= »10.1.0.32 » options=’log’/]
[rule position=’2’ target=’permit’ protocol=’xxx’ source-subnet= »10.1.8.32 » destination-subnet= »10.1.8.0 » options=’log’/]
[/acl]
Run the query: dcmQueryCommand.cmd/sh

Import elements (VLANs, computers, load balancers, et. al.) into the DCM described in xml format: xmlimport.cmd/sh file_URL [file_URL]*

Example: xmlimport.cmd file:/c:/myDirectory/myInput.xml.

Export the entire DCM: dcmexport.cmd/sh [-d filename]

If you do not specify a file name, a file called dcmExport.xml is created in the current directory.

Given that the Tivoli Common Agent (TCA) is installed on an endpoint, run simple administrative commands to perform basic management of the TCA.

Change directories to where the Tivoli Common Agent (TCA) was installed. Like other tasks, the extension .cmd/sh implies .cmd for Windows and .sh for Linux/Unix.
Verify that the agent is running: agentcli.cmd/sh connector alive
List all known installed bundles for the agent: agentcli.cmd/sh deployer list bundles
To obtain usage information: agentcli.cmd/sh -help
To view a list of services: agentcli.cmd/sh cli list
To view help for a specific service: agentcli.cmd/sh help

Given TPM is installed and running, run simple SOAP commands on the command line to perform basic administration of the TPM server and Data Center Model (DCM).

Make sure that you are logged in to the TPM server as a TPM administrator. Change directories to TIO_HOME/soapclient/tpmlteSoap.

The general command syntax for Windows/Unix/Linux: soapcli.cmd/sh

= Your TPM user name; =Your TPM password; =The Web address for the WSDL (Web Services Definition Language) file; =The WSDL operation that you want to run; =The parameters for the specified method or operation.

The general command syntax for bash environment on a Windows server:

soapcli_bash4win.sh
Where: = Your TPM user name; =Your TPM password; =The Web address for the WSDL (Web Services Definition Language) file; =The WSDL operation that you want to run; =The parameters for the specified method or operation.

The syntax for a WSDL web address: http://hostname:port/ws/pid/wsdlservicename?wsdl

The Web address includes the following parameters: =the fully qualified domain name of the TPM server; =the port number (the default is 8777); =the name of the WSDL Service. The following are some of the WSDL services that are supported in TPM 5.1:

-- TpmLiteSoapService

-- CredentialsManagerService

-- SPOfferingService

-- SPSubscriptionService

-- EffectiveModeService

-- OperationsModeService

-- FaultManagementService

-- RecommendationsSerivice

-- ResourceInformationService

Given that a SSH, SMB, SNMP, MSAD (Microsoft Active Directory), or IBM Discovery Library Reader discovery configuration has been created and configured, set additional discovery information and run the desired discovery, so that newly discovered resources will be available in the DCM.

In the TPM Web UI, navigate to InventoryManage DiscoveryDiscovery Configurations.
If running an IBM Discovery Library Reader discovery configuration, verify the discovery policy for handling newly discovered items for that configuration is set by choosing (clicking) the configuration.
Under the General tab, there is a Discovery Policy section. Add/remove any additional discovery policies. To add a discovery policy, click the Add button in the Discovery Policy section. Choose the Policy Type, New Policy, Update Policy, and Remove Policy. Click Save.
To delete a discovery policy, from the specific policy’s menu, choose Delete.
To run any of these discoveries, navigate to the Discovery Configurations page (see section 5.18.a).
From the menu for the desired discovery configuration, choose Run.
Verify/change the Task Name, set the Schedule, and set any Notification. Add additional notification recipients by selecting the More Options link in the Notification section.
Choose whether or not to Save as favorite task and click Submit.

Given that TPM is installed, validate the TPM components state, so that TPM can be started.

Log into the TPM server as the TPM admin – tioadmin by default.
Start the TPM database. For DB2, you need to ‘su’ to the db2 administrator id and start db2. su – db2inst1 db2start.
Start the TPM LDAP server. For Tivoli Directory Server, you need to run the following command as root: su – root ibmdirctl –D –w start
Ensure that the WebSphere Application Server is stopped. As tioadmin, navigate to $WAS_HOME/bin/ and run the following command:

–password

As tioadmin, navigate to the $TIO_HOME/tools directory and run the following command to start TPM:

./tio.sh start

Monitor the TPM log files to ensure there are no errors and TPM starts up successfully.

Given that software needs to be installed on a provisioned system, build a software configuration template that identifies software resources and associated configuration details to represent in the TPM data center model, so that software configuration template is available.

Click Software Management Manage Software Catalog. Select software types: Operating Systems, Software Products, Patches, or Software Stacks. Click Edit Define Software Resource Template. Complete the fields and click Save.
Click Software Management Manage Software Catalog. Select software types: Operating Systems, Software Products, Patches, or Software Stacks. Select the software configuration template you want to configure in the Configure Templates section. Next to the template click the Actions button Add requirement. Click Save.
Click Software Management Manage Software Catalog. Select software types: Operating Systems, Software Products, Patches, or Software Stacks. Select the software configuration template you want to configure in the Configure Templates section. Next to the template click the Actions button Add capability. Click Save.

Section 6 - Concepts

Given the need to define the relationships between DCM components, define those relationships so that they have been defined.

A device driver, also referred to as a device model, is a group of workflows that can be a applied to a data center asset. The device driver maps workflows that are specific to an asset to the associated generic commands, or logical device operations.
Common actions, such as adding an IP address to a server are represented in a generic form by a logical device operations. Each data center asset is associated with one or more device operations that represent the common actions that you can perform with it. The generic device operations are then mapped to workflows that perform the specific actions required by the data center asset.
Workflows can run scripts or commands on a target computer. If a simple script is specific to a workflow, you can also embed it in the workflow instead.
Java methods: The Java class that contains the interface or the protocol code that interacts with the devices in the data center, including the service itself.
Data center model: Workflows can obtain information from the data center model by performing a query. Workflows can also use the query language to make changes to the data center model.
An automation package is an installation unit that consists of the scripts, workflows, documentation and Java files for a particular device or software package. An automation package has a .tcdriver extension and are centrally stored in the TIO_HOME\drivers directory of the server.

Given the need to utilize Content Delivery Service (CDS), Device Manager Service (DMS), or Common Agent Services (CAS) in an environment, describe how each works, so that an understanding of each components major concepts is demonstrated.

Using the Content Delivery Service (CDS), you can upload or publish files to a file repository called a depot server. The depot server then replicates the file to the depot servers specified in the publishing request. When an endpoint downloads a file, the endpoint opens connections to multiple depot servers, and simultaneously retrieves different segments of the file from different systems. The file segments are then reassembled on the endpoint. With this design, multiple endpoints can quickly download files with a minimal impact to your network infrastructure.

The Content Delivery Service component provides the following features:

The management center provides centralized control for the components of Content Delivery Service, including authentication of downloads, generation of download plans, and storage of data and statistics. It performs the following functions:

A depot server is a system that stores files for distribution. Files are uploaded to a depot server using a client or subagent. Uploaded files are stored in a directory that is specified when the depot server is installed. Depot servers can replicate uploaded files to other depot servers to optimize the efficiency of network traffic. Endpoints download the uploaded files and install them.
Regions are logical groupings of depot servers. You can use regions to group depot servers that are located near one another to optimize upload, replication, and download times. When you create a depot server, you associate it with a region. You can assign a depot server to only one region.
Zones can be used to define an IP range or domain, to logically group systems within a region. You can define one or more zones for each region.
Files that have been uploaded to depot servers can be downloaded by endpoints and installed. The file download using the distribution infrastructure includes the following processes:

The Device Management Service provides a flexible solution for online and offline device management, regardless of connection models or device capabilities. The Device Management Service mainly performs job management operations, but can also be used for device configuration, inventory data collection, and software distribution. The management features available for particular device types can be tailored based on device and operating system capabilities.
Management actions performed using the Device Management Service are called jobs. Jobs can be applied to or targeted to individual devices or device groups. You can also monitor the job progress on various devices. If applied to a specified device, a job is run when the device connects to the device manager server. The server maintains a history of job status for all jobs and all devices.
Currently, a two-tiered federated environment is supported, including the following elements:

Tivoli Common Agent Services consists of the following components:

The common agent is installed once on each endpoint. Once the common agent is installed on an endpoint, subsequent subagents can be deployed on the existing common agent. The common agent contacts the agent manager and reports its status and any configuration changes at the following times: when a common agent starts or stops; any time a bundle is installed, upgraded, or removed; after a configurable period of time.

Given a user wants to publish, unpublish, distribute, install, or uninstall software in the TPM managed enterprise, describe what each step in the software life cycle is used for, so that a software distribution related task has been performed in the TPM managed environment.

The Content Delivery Service Agent must be installed on the depot server before you can publish any files.
Publishing Software: To enable faster download and software distribution to target endpoints, you can publish software products or software patches to depot servers at the branch office, in advance of when they are needed on the endpoints. The files published on depot servers can then be downloaded by the endpoints.
Unpublishing Software: Distribution files can be unpublished from depot servers when they are no longer needed. You can unpublish software products and software patches from depot servers. Unpublished files are removed from all depot servers they have initially been published to.
Distributing Software: During distribution, selected target endpoints download the software products that have already been published to depot servers. If distribution is performed at a different time than installation, the endpoints download the files without installing them. If the software has not been distributed yet, one installation task performs both distribution and installation on endpoints. The software operator security role must be assigned to your user account to be able to distribute and install software. You can start distribution immediately or schedule it for a specified date and time.
Installing Software: If the software products have already been distributed, the installation task only installs the software. If the software products have not been distributed yet, the installation task performs both the distribution and the installation of the software on selected target endpoints. The software operator security role must be assigned to your user account to be able to distribute and install software.
Uninstalling Software: Software products, patches, and software stacks use different methods to remove themselves from a system. You can uninstall a piece of software from a system if a specific workflow is available to perform this action for the selected piece of software.

Given TPM 5.1, describe the security model so that, so that the TPM security model is understood.

User accounts identify individuals to TPM and allow TPM to determine access levels.
An access group is a logical organization of data center model objects, devices, and software over which a user is granted access. A data center model object can be defined into multiple access groups. Changing a group enables you to customize access permissions for all the users who belong to the group. You can nest access groups.
A permission group identifies a set of related resources and specifies the access privilege that applies to individual objects. It authorizes a group of users to perform particular actions on a group of Tivoli Provisioning Manager resources.
Access permissions represent the relationship between access groups and permission groups. It determines "who can do what command on which resources" in the data center model. Access permissions grant authorization to a user to perform particular actions on resources in a specific access group as specified by the permission group.
A security role comes with an implicit set of permissions. Tivoli Provisioning Manager provides you with predefined security roles that are ready to use, or you can customize them to suit your business needs. The Tivoli Provisioning Manager navigation is filtered based on security roles.

Test registration

Authorized Prometric test centers (worldwide testing)