Applying the Patch:
1) Extract the patch:
Extract the contents into a scratch
directory. For the purpose of this release note, assume that the
symbol $PATCH points to this directory.
# cd $PATCH
# tar xvf 4.1.1-TMF-0104.tar
Use the following steps to install the patch using the Tivoli
GUI install mechanism.
NOTE: You must have the install_product
and super authorization
roles to successfully install
this patch.
a) Select the "Install
-> Install Patch..." option from the
"Desktop" menu
to display the "Install Patch" dialog.
b) Press the "Select Media..."
button to display the "File
Browser"
dialog.
c) Enter the path to the
directory containing the patch,
$PATCH
(4.1.1-TMF-0104), in the "Path Name:" field.
d) Press the "Set Media
& Close" button to return to the
"Install
Patch" dialog.
e) The patch install list
now contains the name of the patch. Select the patch by clicking
on it.
f) Select the clients to
install this patch on. This patch needs to be installed on the
TME server and on each
managed
node client.
Additional Installation Instructions:
After applying this patch, perform the following numbered
steps to restart the oservs on the TMR server and managed nodes / gateways.
1) From the TMR server, run the following command to
shut down all managed nodes / gateways:
odadmin shutdown clients
2) When the client oservs have all terminated, run the
following command to restart the TMR server:
odadmin reexec 1
3) Once the oserv on the TMR server has fully restarted,
then run the following command to restart the managed nodes / gateways:
odadmin start clients
A full Oracle client is necessary for RIM to function
correctly on Windows, AIX, HP-UX, Solaris, and Linux-ix86 platforms.
Note: The RIM agent runs as the user "nobody" on
AIX, Solaris, and
Linux, and as the user "tmersrvd" on HP-UX and Windows.
However,
recent versions of Oracle and DB2 have tightened the
security of
default file permissions
which locks out the nobody/tmersrvd user
from accessing important runtime libraries.
The solution to this
problem is to change the file permissions to allow the
nobody /
tmersrvd users access to the files.
Oracle:
1. Source the Oracle environment
2. chmod -R 755 $ORACLE_HOME
Applying the Patch:
1) Extract the patch On a Unix system:
Extract the contents into a scratch directory. For the purpose
of this release note, assume
that the symbol $PATCH points to
this directory.
cd $PATCH
tar xvf 4.1.1-LCF-0056.tar
Use the following steps to install the patch using the Tivoli
GUI install mechanism.
NOTE: You must have the install_product
and super authorization
roles to successfully install
this patch.
a) Select the "Install
-> Install Patch..." option from the
"Desktop" menu
to display the "Install Patch" dialog.
b) Press the "Select Media..."
button to display the "File
Browser"
dialog.
c) Enter the path to the
directory containing the patch,
$PATCH,
in the "Path Name:" field.
d) Press the "Set Media
& Close" button to return to the
"Install
Patch" dialog.
e) The patch install list
now contains the name of the patch. Select the patch by clicking
on it.
f) Select the clients to
install this patch on. This patch needs to be installed on the
TME server and on each
managed
node client.
Additional Installation Instructions:
This patch upgrades the endpoints from earlier versions
to version
41156. In order to upgrade your endpoints:
1) Make sure the endpoint has logged into the TMR.
2) Verify that the endpoint has logged in by using the
"wep ls"
command.
3) Before the upgrade, do:
wadminep <ep_name> view_version
The version number returned should
be a value less than 41156,
depending on which other patches affecting
endpoint code have
been applied.
4) For Framework 4.1 or 4.1.1, perform step 4a) below.
For Framework
3.7 or 3.7.1, perform step 4b) below.
4a) (Framework 4.1 / 4.1.1) From the
Tivoli region server or the
gateway that
the endpoint is logged into, enter the following
command:
wepupgd <ep_name>
NOTE: For Framework
4.1, the wepupgd command will upgrade the
endpoint to
the 4.1 binaries in lcf_bundle.41000 by default,
and not to
the 4.1.1 binaries in lcf_bundle.41100. To upgrade
an endpoint
to the 4.1.1 binaries in lcf_bundle.41100, the
path to the
lcf_bundle.41100 directory should be specified on
the wepupgd
command. For example,
wepupgd -p <path to lcf_bundle.41100> <ep_name>
5) After the upgrade, do:
wadminep <ep_name> view_version
It should return a 41156.
------------------------------------------------------------------
This patch contains the Windows library TivoliAP.dll.
Since
TivoliAP.dll may already be in use by Windows, the Windows
system
must be rebooted after an upgrade (or a new installation
where an
older version of TivoliAP.dll was in use) so that this
new version
of TivoliAP.dll will be loaded into memory. If you do
not reboot,
then Windows will continue to use the older TivoliAP.dll
that was
previously loaded.
(The TivoliAP.dll being replaced is used by the Windows
security
service. Due to this library being locked, we must follow
the
Microsoft solution for handling locked libraries. This
solution
dictates that we must reboot the Windows system to allow
the locked
library to be replaced at boot time.)
Note: The version of TivoliAP.dll supplied in this patch
is the same
as the version (28) supplied 4.1.1-LCF-0040LA except
for timestamp
information, but is different from all earlier endpoint
versions.
Thus, if you are upgrading from 4.1.1-LCF-0040LA (or
later) to this
patch, then it is not necessary for the Windows endpoints
to be
rebooted. For earlier endpoint versions, however, there
is no
problem in continuing to run with an older version of
TivoliAP.dll
on Windows except that certain fixes will not be available.
Thus,
this endpoint reboot does not have to be done when an
endpoint is
upgraded and can be deferred until a later time.
------------------------------------------------------------------
Installing Components using Software
Package Blocks (SPBs)
Before installing images from software package blocks,
the Software
Distribution version 4.1 (or later) component of IBM
Tivoli
Configuration Manager must be deployed. (Software Distribution
version 4.0 is not supported.) To install an image from
a software
package block (SPB) to an existing endpoint, perform
the following
steps:
1) From the Tivoli desktop, double-click the appropriate
policy
region icon to display the Policy
Region window.
2) In the Policy Region window, double-click the
appropriate
profile manager icon to display
the Profile Manager window.
3) Select Profile from the Create menu to display
the Create
Profile window.
4) Create a software package profile.
5) Right-click the new software package profile
and select Import
to display the Import window.
6) In the Location of Input File group box, select
Managed Node
from the drop-down list.
7) Click the Browse (...) button to display the
Select Input File
window.
8) In the Select Input File window, perform the
following steps:
a) In the Managed Node list,
select the machine where tar file
was extracted.
b) In the Input File Path list,
select the 411LCF56/SPB
directory.
c) Select the image to import.
d) Click Set File & Close to
return to the Import window.
9) In the Location of Source Host group box, perform
the following
steps:
a) Ensure that the Build check
box is selected.
b) In the Source Host Name text
box, type the source host name.
c) In the SPB Path text box,
type the path to the software
package block.
10) Click Import & Close to return to the Profile Manager
window.
11) Right-click the software package profile, and select
Install to
display the Install Software
Package window.
12) In the Available Subscribers list, select the endpoints
where
you want to install the image.
13) Click Install & Close to begin the installation.
The window
remains open until the operation
is submitted.
------------------------------------------------------------------
To install a new endpoint on an iSeries machine, run
the following
command from the gateway:
w4inslcf.pl -g gateway_name
-L 'log_threshold=3
lcs.machine_name=ep_name' \
iSeries-machine-name-or-IP-address
To install an iSeries endpoint with multiple network
cards from a
gateway that has multiple network cards, as shown by
the following
example of a desired configuration:
Gateway NIC to use
: 146.84.36.37
AS/400 TMA Network
card : 146.84.39.126
Endpoint HostName
: cheese (146.84.39.126)
Endpoint name is
: queso
AS/400 TMA local
port : 18752
Log threshold is
: 3
then the following command can be used to install that
endpoint:
w4inslcf.pl -L 'local_ip_interface=146.84.39.126
\
lcs.machine_name=queso
log_threshold=3' -l 18752 \
-g ibmtmp1+8752 -T
146.84.36.37 cheese
------------------------------------------------------------------
NOTE: The Linux endpoints do not support the following
monitors:
* Client RPC timeouts
* NFS bad calls
* RPC bad calls
* Jobs in print queues
* Total size queued
* Page -scans
Installation of an endpoint using the winstlcf command
with its
default options may fail or hang. This problem affects
Red Hat 6.2
(and higher). The default winstlcf endpoint installation
uses the
Linux rexecd daemon on both the source and the target
for
communication. On the Linux operating systems mentioned
above, the
rexecd daemon contains a defect which prevents Tivoli
endpoints from
installing. Because of security policy in Red Hat 6.2
(and higher),
root access via the rexecd has been disabled, which prevents
Tivoli
endpoints from installing.
Workaround: Install the endpoint using the winstlcf command
with the
-e Trusted Host option as follows:
Follow operating system instructions to configure the
target's
.rhosts file to allow trusted host root access for the
gateway from
which the installation is being performed. If configured
properly,
the following command executed from the gateway should
return
"hello":
rsh target_machine_name -l root echo
hello
If "Permission Denied" is returned, consult operating
system
documentation on how to correctly configure trusted host
access and
repeat the above test.
From the gateway in which you successfully ran the test
above,
install the target endpoint using the Trusted Host access
method as
follows:
winstlcf -e target_machine_name
Contact the appropriate vendor to obtain the following
service patch
which corrects rexec:
Red Hat 7.0: Patch "glibc-2.2-12" as described in Red
Hat Service
Advisory "RHSA-2001:001"
Turbolinux: Contact vendor to obtain a rexec fix or use
the
workaround.
Follow operating system instructions to properly enable
rexec to
allow root access to the target since, due to security
considerations, many operating system vendors disable
rexec by
default. Tivoli strongly recommends that once the Tivoli
installation is complete, rexec access to the target
be disabled or
restored to a configuration recommended by the operating
system
vendor.
Known Defects:
None.
