IBM Systems IBM Systems Director Systems Management Guide Version 6.2.1 GC30-4176-06 IBM Systems IBM Systems Director Systems Management Guide Version 6.2.1 GC30-4176-06 Note Before using this information and the product it supports, read the information in “Notices” on page 677 © Copyright IBM Corporation 1999, 2010 US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp Contents About this publication ix Conventions and terminology ix Publications and related information ix Web resources xii How to send your comments xiv Terminology changes xv Chapter Overview of IBM Systems Director Accessibility License information IBM Systems Director technical overview IBM Systems Director components Manageable resource types Manageable systems and system types User interfaces Base function and extensible plug-ins Upward integration I'm a 5.20 user How I use 6.x? Why am I starting at the Welcome page? What can I with the rest of the interface? How I discover my systems? How I view my systems and groups? How I view my inventory? Where are my tasks? How I start tasks? How I create a hardware event action plan? 1 9 11 11 19 19 20 32 34 37 52 54 55 55 Chapter Using the IBM Systems Director Web interface 59 Logging into IBM Systems Director Server Logging out of IBM Systems Director Server Enabling multisession support Navigating the Web interface The Web interface Customizing the Web interface Managing and closing open pages in the Web interface Viewing help in the Web interface Navigating IBM Systems Director by way of the Welcome page IBM Systems Director Welcome page System severity states Starting work in IBM Systems Director Learning about the product Checking IBM Systems Director readiness Viewing updates Viewing tutorials Viewing the IBM Systems Director Server summary Finding and navigating resources Resource views Finding systems and other resources © Copyright IBM Corp 1999, 2010 59 60 60 60 60 62 63 64 64 64 72 72 73 73 74 74 75 76 77 88 Viewing resources in the topology perspective Working with tables Working with topology maps Working with properties Setting navigation preferences Renaming a resource Removing a resource Managing groups Groups Creating a criteria-based dynamic group Creating a static group Editing a group Deleting a group Adding a resource to an existing group Exporting a group Importing a group Finding and starting tasks Launched tasks and the IBM Systems Director Launched Tasks program Finding a task Starting tasks Starting the IBM Systems Director Launched Tasks program Using External Application Launch Using Advanced External Application Launch Scheduling tasks Noninteractive tasks Jobs and job instances Scheduling a task Scheduling a task from a selected system Viewing active and scheduled job information Viewing information about scheduled jobs Determining target systems that are affected by a job Viewing job-instance records Viewing job-instance logs Copying a scheduled job Editing a scheduled job Running a scheduled job immediately Suspending and resuming a scheduled job Canceling a running job Deleting a job Managing auditing Audit records Setting server-auditing preferences Viewing the audit log Deleting the audit log Encrypting interprocess communication Encryption Enabling encryption Disabling encryption Changing the encryption algorithm Resending the encryption key to systems Creating a new encryption key 89 91 99 106 107 109 109 110 110 115 117 118 119 119 120 120 121 121 122 122 123 135 151 152 152 152 152 154 155 156 157 157 158 159 159 160 160 160 161 161 162 164 165 165 165 165 167 167 167 168 168 iii Chapter Discovering systems and collecting inventory data 169 Discovery Getting started discovery System discovery Discovery protocols Choosing which discovery to use Viewing the discovery manager summary Renaming discovered systems automatically Performing getting started discovery Discovering systems with system discovery Performing a system discovery Discovering systems that use a mirrored image Viewing system discovery results Managing discovery profiles Creating a discovery profile Editing, copying, and deleting discovery profiles Permanently excluding IP addresses from discovery Collecting and viewing inventory data Inventory data and collection profiles Creating an inventory collection profile Managing inventory collection profiles Collecting inventory Viewing inventory Exporting inventory data Connecting to IT Registry and Context Menu Service databases External connections with IT Registry and Context Menu Service databases 169 169 170 176 177 179 181 182 183 183 185 188 190 191 191 192 194 194 195 196 197 199 200 200 202 Chapter Configuring systems 203 Configuration settings Configuration templates Predefined configuration template Configuration plans The Automatically deploy feature Predefined configuration plans Configuration-setting license entitlement Monitoring the deployment of configuration plans and configuration templates Managing system configuration Viewing configuration settings Editing configuration settings Saving configuration settings as configuration templates Saving configuration settings to a configuration plan Managing configuration templates Creating configuration templates Creating a configuration template from an existing one Viewing configuration templates Editing configuration templates Adding configuration templates to a configuration plan Deploying configuration templates Viewing deployed targets Exporting a configuration template Importing a configuration template iv IBM Systems Director Systems Management Guide 203 203 205 205 205 206 206 207 208 208 208 209 210 210 210 211 212 213 214 214 215 215 216 Deleting configuration templates Managing configuration plans Creating configuration plans Creating a configuration plan from one Deploying configuration plans Viewing configuration plans Viewing deployment history Editing configuration plans Exporting a configuration plan Importing a configuration plan Deleting configuration plans an existing 216 216 217 218 218 219 219 220 220 221 221 Chapter Monitoring system status and health 223 System status and health Viewing the status manager summary Viewing the performance summary Using the Health Summary task to view the status of your environment Scoreboard Dashboard Health summary Using the scoreboard to identify issues Adding a graphical monitor to the dashboard Removing a graphical monitor from the dashboard Adding systems to the health summary Removing a group from the health summary Using Resource Explorer to view the status of a specific resource Scenarios: Using custom monitor views, thresholds, and event automation plans Scenario: Using a custom monitor view in an event automation plan to report disk data by using drive letter names Scenario: Using a custom monitor view in an event automation plan to report cluster drive data using drive letter names Monitors and thresholds Monitor views AIX Monitors view All Monitors view Column Management Monitors view Common CIM Monitors view Common Monitors view SNMP Monitors view VIOS Monitors view Virtualization Monitors view Managing monitors Viewing a monitor Creating a monitor view Editing a monitor view Deleting a monitor view Graphing a monitor Managing thresholds Viewing a threshold Creating a threshold Editing a threshold Activating a threshold Deactivating a threshold 223 225 226 227 228 229 229 229 232 232 233 235 235 235 236 238 241 242 242 245 245 245 247 248 248 251 256 256 257 258 259 259 260 260 260 261 261 262 Deleting a threshold Managing status set entries Viewing a specific status set entry Viewing status set entries for a specific resource Viewing status set entries for a group of resources Activating a status set entry Deactivating a status set entry Deleting a status set entry Managing the event log Viewing events Deleting an event Changing event log preferences Creating an event filter from an event Viewing SNMP device attributes Managing MIB files Compiling a MIB file Loading MIB files into memory Managing process monitors Viewing process monitors Creating and configuring a process monitor Removing process monitors Recording resource-monitor statistics lsresmonrec mkresmonrec rmresmonrec stopresmonrec 262 262 263 264 264 265 265 266 267 267 268 268 269 269 270 270 271 271 271 271 272 272 272 272 272 273 Chapter Automating tasks 275 Events, filters, and actions in event automation plans Events Event filters Event actions Monitoring operating-system specific events Viewing the automation manager summary Managing event automation plans Copying an event automation plan Creating an event automation plan Deactivating and activating an event automation plan Deleting an event automation plan Editing an event automation plan Suspending and resuming event automation plans Viewing event automation plans associated with a resource Viewing event automation plan properties Managing event actions Creating an event action Editing an event action Copying an event action Testing an event action Deleting an event action Saving and not saving an event-action history Viewing an event-action history Refreshing entries in an event-action history log Deleting entries from an event-action history log Viewing event action properties Event-data-substitution variables Managing event filters 276 276 277 280 292 293 294 294 295 304 305 305 306 306 307 307 307 308 308 309 309 310 310 312 312 313 313 316 Creating, editing, or copying an event filter Editing an event filter Copying an event filter Viewing event filter properties Viewing predefined filter criteria Deleting an event filter Exporting and importing event automation plans, event filters, and event actions Using command automation Creating or editing a command definition Running a command definition Restricting anonymous command execution Chapter Updating systems 317 320 320 321 321 322 322 323 323 324 325 327 Planning to update systems Supported update tasks Supported updates and systems Version considerations for updating IBM Director and IBM Systems Director Update considerations for specific operating systems and platforms Determining the installed IBM Systems Director version Starting to monitor and update systems Configuring update manager Getting started with updates Changing update settings Updating IBM Systems Director Using advanced actions for updating IBM Systems Director Downloading IBM Systems Director updates without an Internet connection Acquiring and installing updates Acquiring and installing updates with the IBM Systems Director Web interface Acquiring and installing updates with the installneeded command Keeping systems in compliance Compliance policies Adding updates to a compliance policy Changing compliance policies Identifying systems that are out of compliance Resolving compliance issues 328 328 329 331 332 339 339 340 341 342 345 346 347 348 348 375 378 379 379 380 381 382 Chapter Remotely accessing systems and resources 383 Remote access facilities Distributed Command File management Hardware command line Launch Web browser Remote Command Line Remote control tasks Remote Xen Console Serial Console Running remote access functions Using the Distributed Shell Managing files on a remote system Using the hardware command line 383 383 384 384 384 384 385 386 386 387 387 390 390 Contents v Establishing command-line access to a remote system Launching a Web browser Configuring Microsoft Windows Remote Desktop Connection Establishing Remote Desktop Connection Establishing Virtual Network Computing communications Establishing IBM BladeCenter or RSA communication Launching the Hyper-V Virtual Machine Connection Tool Launching a VMware ESX or ESXi hypervisor virtual machine connection Establishing a remote Xen console session Using the serial console 391 392 393 393 394 394 394 395 395 395 Chapter Managing agents 399 Common agent services Resource manager Agent manager Common agent Logging Platform Agent Importing agent packages Installing agents using the Agent Installation Wizard Restarting agents Restarting Common Agent Restarting Platform Agent Setting the agent manager for IBM Systems Director Server Viewing the agent manager properties Adding a new agent manager Setting the active agent manager Deleting an agent manager Using a remote agent manager with IBM Systems Director Managing the agent manager used by a Common Agent Viewing the agent manager configuration Securing Common Agent managed systems Changing the agent registration password Migrating common agents to a different agent manager Binding Platform Agent to specific IP addresses Disabling IBM Systems Director agents 399 399 400 401 402 408 409 412 412 413 415 415 415 417 417 418 420 423 424 424 427 427 428 Chapter 10 Managing IBM BladeCenter and System x systems 429 Supported IBM BladeCenter products Service processor communication In-band communication requirements Out-of-band communication requirements Out-of-band communication and the standard TCP Command Mode protocol Out-of-band communication and the secure TCP Command Mode protocol Out-of-band communication and the standard CIM protocol Out-of-band alert-forwarding strategies vi IBM Systems Director Systems Management Guide 429 429 429 430 432 433 434 434 Service processors and resource types Viewing the IBM BladeCenter and System x management summary Downloading and activating BladeCenter I/O module plug-ins Configuring integrated management modules Integrated management module task support and features Changing the integrated management module IP address by way of the Server resource Changing the network port on an integrated management module Configuring integrated management module security Configuring the Try DHCP setting for integrated management module Enabling Secure Sockets Layer after discovery Enabling Secure Sockets Layer before discovery Discovering scalable systems that have multiple nodes Discovering a scalable BladeCenter system with multiple nodes Discovering a scalable System x system Changing the password for the Remote Supervisor Adapter or management module Managing power state settings on IBM BladeCenter and System x servers Power On/Off task support using out-of-band communication Power On/Off task support using Wake on LAN technology on System x Power On/Off task support by way of the operating system on System x and blade servers Changing the power state on System x and IBM BladeCenter hardware Enabling collection of SNMP-based inventory by way of management modules Using hardware-log information from System x service processors and IBM BladeCenter products Hardware-log information using out-of-band and in-band communication Viewing hardware-log information Refreshing hardware-log information Clearing the hardware-log information Providing hardware-log information Using locator LED settings on IBM BladeCenter and System x servers Locator LEDs and out-of-band and in-band communication Identifying hardware with the locator LED Solving hardware problems using light-path-diagnostic LEDs on IBM BladeCenter and System x servers Light-path-diagnostic LED information Viewing light-path-diagnostics status Viewing detailed light-path-diagnostics information Changing the resource for viewing light-path-diagnostics LED information Configuring templates 435 436 437 438 439 440 440 440 441 441 442 442 442 443 443 444 444 445 445 446 446 447 447 448 449 449 450 450 451 451 452 452 454 455 455 455 Password security levels for IBM BladeCenter management modules and System x service processors Configuring the boot sequence for a blade server in an IBM BladeCenter chassis Configuring an IBM BladeCenter management module Configuring network resources for IBM BladeCenter blade servers Configuring SNMP agent community information Configuring the IP address pool for IBM BladeCenter systems and System x servers Configuring System x service processors Configuring switch protocol information Configuring switch virtual LAN information Configuring users and passwords for an IBM BladeCenter chassis Managing network-configuration information Managing system-account information Setting asset information 456 458 459 474 475 476 477 488 492 495 495 497 500 Chapter 11 Managing IBM Power Systems 505 New terms for Power Systems users in IBM Systems Director Managing Power Systems running AIX Managing Power Systems running IBM i Managing systems controlled by HMC and IVM Viewing the Power Systems Management summary Monitoring for IBM i message queue events Managing power state settings on IBM Power systems Power On/Off task support by way of the operating system on IBM Power systems Changing the power state on IBM Power systems 505 507 507 508 509 510 512 512 513 Chapter 12 Managing IBM System z systems 515 System z virtualization Basics about the z/VM operating system z/VM manageability access point and agent Viewing the System z Management summary page Discovering systems and collecting inventory data for System z Managing power state settings for Linux on System z servers Power On/Off task support by way of the operating system on System z servers Changing the power state on System z servers 515 515 518 519 520 521 521 521 Chapter 13 Managing and configuring storage 523 Storage management in real time and using configuration templates Managing SMI-S providers SMI-S providers for IBM Systems Director Installing SMI-S Providers Configuring SMI-S providers 523 523 523 527 532 Discovering and collecting inventory for storage devices Running Discovery and unlocking storage devices using SMI-S providers Running Direct Connection discovery and unlocking storage devices using SMI-S providers Running System Discovery for multiple SMI-S providers using multicast and broadcast Working with external storage applications Installing and configuring external storage applications Launching an external storage management application IBM Systems Director Storage Control 4.2.1 Viewing storage devices Storage Management Summary Viewing storage systems using storage groups Displaying attached storage for a given system Viewing storage volumes Viewing the health and status of storage devices Storage topology perspective Managing storage in real-time Creating storage system pools Managing IBM BladeCenter and System x storage devices Adding IBM BladeCenter Integrated Storage devices to a server Provisioning storage from an existing storage subsystem Managing storage volumes in real time Configuring iSCSI components in real time Configuring IBM BladeCenter SAS zone connectivity in real time Managing storage with configuration templates Viewing storage configuration templates Changing storage configuration templates Creating a configuration template for a storage volume Managing IBM BladeCenter SAN configuration mapping Configuring iSCSI components using configuration template Managing IBM BladeCenter SAS zone configuration 535 536 536 537 539 539 542 545 545 545 548 548 549 549 550 551 551 551 555 556 556 560 564 566 566 567 567 567 571 576 Chapter 14 Managing virtual environments 581 Virtual systems Platform managers Virtual farms Hosts Virtual servers Guest-operating-systems Virtualization groups Viewing the Virtualization Management summary Viewing resources in virtualization perspectives In the Virtualization Basic perspective In the Virtualization Common perspective In the Virtualization Detail perspective Contents 581 581 582 583 584 585 585 586 586 586 586 586 vii Viewing resources in the Platform Managers and Members view Viewing resources in the Virtual Servers and Hosts view Viewing virtualization properties Configuring virtual resources Configuring Power Systems platform managers Configuring storage resources Managing host systems Entering maintenance mode Exiting from maintenance mode Starting the virtualization service on a host Stopping the virtualization service on a host Managing virtual farms Adding a host to a virtual farm Creating a virtual farm Deleting a virtual farm from IBM Systems Director and VMware VirtualCenter Removing a virtual farm from IBM Systems Director Editing a virtual farm Removing a host from a virtual farm Starting the virtualization service on a farm Stopping the virtualization service on a farm Viewing virtual farms Managing virtual servers Connecting to a platform manager Disconnecting from a platform manager Creating virtual servers Creating a virtual disk for Xen Deleting a virtual server permanently Editing host resources Editing virtual servers Accessing the Xen remote console Managing power operations on virtual servers Relocating virtual servers Launch VMware ESX Manager User Interface Launch VMware VirtualCenter Console Launch VMware Infrastructure Client Launch Microsoft Virtual Server Console 587 587 588 589 589 594 596 596 596 596 597 597 597 597 599 599 600 600 600 601 601 602 602 602 603 617 617 618 618 620 620 623 631 631 632 632 Chapter 15 Security 633 Authenticating users to IBM Systems Director User authentication Users and user groups in IBM Systems Director Authenticating IBM Systems Director users stored in the local operating system Authenticating IBM Systems Director users stored in the Microsoft Active Directory domain viii IBM Systems Director Systems Management Guide 634 634 635 636 637 Authenticating IBM Systems Director users stored in LDAP Editing user properties Authorizing users to IBM Systems Director User authorization Roles Permissions and roles required to run smcli commands Authorizing users to manage resources Assigning a role to a user or user group Copying a role to another user Creating a role Managing roles Ending the session for another user Changing the time interval between consecutive resynchronize calls Managing user groups in IBM Systems Director Managing credentials in IBM Systems Director Managing shared credentials Managing mappings Configuring the authentication registry Managing targeted credentials Managing access Accessing a secured system with request access Accessing a secured system with configure access Configuring access to CIM using X509 certificates Revoking access to a secured system Managing access to agentless managed systems Accessing a managed system with configure system credentials Communication protocols and supported encryption algorithms Encrypting passwords for database configuration 638 641 641 641 642 644 648 648 649 649 650 651 652 652 653 654 659 661 662 666 666 667 668 669 669 669 670 670 Appendix Accessibility features for IBM Systems Director 673 Accessibility options in IBM Systems Director 673 Keyboard navigation in IBM Systems Director 674 Using a screen reader with IBM Systems Director 675 Notices 677 Trademarks 678 Glossary 681 680 IBM Systems Director Systems Management Guide Glossary This glossary includes terms and definitions for IBM Systems Director information about the common agents and resource managers in a user's environment To view glossaries for other IBM products, go to www.ibm.com/software/globalization/ terminology/ A Advanced Encryption Standard (AES) A data encryption technique that improved upon and officially replaced the Data Encryption Standard (DES) AES is sometimes referred to as Rijndael, which is the algorithm on which the standard is based Advanced System Management interconnect (ASM interconnect) A feature of IBM service processors that enables users to connect up to 24 servers to one service processor, thus eliminating the need for multiple modems, telephones, and LAN ports It provides such out-of-band management functions as system power control, service-processor event-log management, firmware updates, alert notification, and user profile configuration Advanced System Management processor (ASM processor) A service processor built into the mid-range Netfinity® and early xSeries servers IBM Director can connect out-of-band to an ASM processor located on an ASM interconnect; an ASM PCI adapter, a Remote Supervisor Adapter, or a Remote Supervisor II must serve as the gateway service processor AES See Advanced Encryption Standard agentless Pertaining to a type of data collection that is accomplished without installing additional agents Data is obtained by using software that is already installed on the computer agent manager A network service that provides authentication and authorization and that maintains a registry of configuration © Copyright IBM Corp 1999, 2010 Agentless-managed system A system that does not have an agent installed but can be discovered by IBM Systems Director using Secure Shell (SSH), Distributed Component Object Model (DCOM), or Simple Network Management Protocol (SNMP) The function available to Agentless-managed systems is limited to the following tasks, and varies based on operating system and hardware: discover systems, collect limited operating-system inventory data, remotely deploy and install Common Agent and Platform Agent, perform limited remote access, and perform limited restart capabilities alert A message or other indication that signals an event or an impending event alert forwarding A function that ensures that alerts are sent, even if a managed system experiences a catastrophic failure, such as an operating-system failure Alert Standard Format (ASF) A protocol for the remote management of systems in environments without operating systems ASM interconnect See Advanced System Management interconnect ASM processor See Advanced System Management processor Auto-Logical Drive Transfer See auto volume transfer/auto disk transfer auto volume transfer/auto disk transfer (AVT/ADT) A function that provides automatic failover in case of controller failure on a storage subsystem 681 name, network protocols, and static IP addresses If Remote Deployment Manager (RDM) is installed on the management server, the chassis detect-and-deploy profile also can include deployment policies AVT/ADT See auto volume transfer/auto disk transfer B Basic Input/Output System (BIOS) The code that controls basic hardware operations, such as interactions with diskette drives, hard disk drives, and the keyboard CIM cloning In z/VM, a copying technique that preserves the characteristics of the original but personalizes instance-specific data The result of a cloning operation is new instance of an entity (for example, of a virtual disk, a virtual computer system, or an operating system) rather than a backup of the original Bash shell An sh-compatible shell that incorporates the positive aspects of Korn shell and C shell It serves as the GNU operating system's command language interpreter See Basic Input/Output System BIOS Blade slot connection The connection between the SAS connectivity module and a BladeCenter server blade Basic Zone Permission Table A table on the Manage Fabric page Use it to map zone groups with hosts to zone groups that have storage that you want those hosts to have access to BladeCenter chassis A BladeCenter unit that acts as an enclosure This 7-U modular chassis can contain up to 14 blade servers It enables the individual blade servers to share resources, such as the management, switch, power, and blower modules blade server A high-throughput, two-way, Intel Xeon-based server on a card that supports symmetric multiprocessors (SMPs) browser system A system that connects to the IBM Systems Director Web interface on the management server through a Web browser C chassis The metal frame in which various electronic components are mounted chassis detect-and-deploy profile A profile that IBM Director automatically applies to all new BladeCenter chassis when they are discovered The profile settings include management module 682 IBM Systems Director Systems Management Guide See Common Information Model cluster A collection of complete systems that work together to provide a single, unified computing capability Common Agent Common Agent provides a rich set of security, deployment, and management function The function available for Common-Agent managed systems varies based on operating system and hardware, and includes the following tasks: discover systems; collect comprehensive platform and operating system inventory data; monitor health and status; manage alerts; remotely deploy and install Common Agent; perform remote access, including transferring files; perform power management function; additional event support; monitor processes and resources, and set critical thresholds that send notifications when triggered; manage operating system resources and processes Common Agent-managed system An IBM or non-IBM server, desktop computer, workstation, or mobile computer that has Common Agent installed The function of a Common Agent-managed system varies depending on the operating system and hardware Common Information Model (CIM) An implementation-neutral, object-oriented schema for describing network management information The Distributed Management Task Force (DMTF) develops and maintains CIM specifications include disk spaces from multiple physical disks A disk pool corresponds to a z/VM Directory Maintenance Facility allocation group configuration plan A set of configuration templates used to configure a system configuration setting Realtime definition of a system or device, which can be saved as a configuration template You can save configuration settings from a system and turn then into configuration templates, or you can create configuration setting from scratch configuration template A version of configuration settings that are not on a given system, but are stored for future deployment You can deploy a configuration template on a system without having it as a member of a configuration plan distributed component object model (DCOM) An extension of the Microsoft Component Object Model (COM) to support objects distributed across a network Domain A group of IP addresses that corresponds to a specific site, group, university, company, or other organization DSA Dword A sequence of four contiguous bytes or characters which, together, are considered one unit When discussing the bits that are transmitted over a physical link, dword represents four characters (or 40 bits) When discussing the contents of a frame after 10b8b decoding, dword represents four bytes (or 32 bits) D database The database that contains the data stored by IBM Systems Director Server database server The server on which the database application and database are installed Data Encryption Standard (DES) A cryptographic algorithm designed to encrypt and decrypt data using a private key DES See digital signature algorithm Dword sync Dword synchronization Detection of an incoming stream of dwords from a physical link by a PHY E ECM See Data Encryption Standard Expander connection manager An object within an expander that manages routing Diffie-Hellman key exchange A public, key-exchange algorithm that is used for securely establishing a shared secret over an insecure channel enclosure A unit that houses the components of a storage subsystem, such as a control unit, disk drives, and power source digital signature algorithm (DSA) A security protocol that uses a pair of keys (one public and one private) and a one-way encryption algorithm to provide a robust way of authenticating users and systems If a public key can successfully decrypt a digital signature, a user can be sure that the signature was encrypted using the private key endpoint The system that is the origin or destination of a session discovery The process of finding resources within an enterprise, including finding the new location of monitored resources that were moved disk pool In z/VM Center, a logical grouping of contiguous disk spaces A disk pool can event An occurrence of significance to a task or system Events can include completion or failure of an operation, a user action, or the change in state of a process event action The action that IBM Director takes in response to a specific event or events event-automation plan A user-defined plan that determines how IBM Systems Director will manage certain events An event action plan comprises one or more event filters and one or more customized event actions Glossary 683 event filter A filter that specifies the event criteria for an event action plan Events must meet the criteria specified in the event filter in order to be processed by the event action plan to which the filter is assigned Expander A device that enables quick aggregation of several disk drives in a single SAS domain An expander can connect multiple hosts to multiple targets A SAS connectivity module is an expander Extensible Markup Language (XML) A standard metalanguage for defining markup languages that is based on Standard Generalized Markup Language (SGML) host bus adapters (HBAs) that the cluster has detected on the storage area network (SAN) host system A system that contains resources from which virtual servers are constructed HT See Hyper-Threading Hyper-Threading (HT) A technology with which a single processor can function as two virtual processors and execute two threads simultaneously hypervisor A program or a portion of Licensed Internal Code (LIC) that allows multiple instances of operating systems to run simultaneously on the same hardware F fabric A complex network using hubs, switches, and gateways Fibre channel uses a fabric to connect devices field-replaceable unit (FRU) An assembly that is replaced in its entirety when any one of its components fails File Transfer Protocol (FTP) In TCP/IP, an application layer protocol that uses TCP and Telnet services to transfer bulk-data files between machines or hosts FRU See field-replaceable unit G gateway gigabyte (GB) In decimal notation, 073 741 824 when referring to memory capacity; in all other cases, it is defined as 000 000 000 group A logical set of managed objects Groups can be dynamic, static, or task-based H HBA Host bus adapter It plugs into a host so that it can communicate with a SCSI device host object A logical object that groups one or more worldwide port names (WWPNs) of the 684 IBM Systems Director Systems Management Guide I IBM Systems Director environment The complex, heterogeneous environment managed by IBM Director It includes systems, BladeCenter chassis, software, and SNMP devices IBM Systems Director plug-ins A tool that extends the functionality of IBM Systems Director (for example, Electronic Service Agent) IBM Systems Director Server The main component of IBM Director software When installed on the management server, it provides basic functions such as discovery of the managed systems, persistent storage of configuration and management data, an inventory database, event listening, security and authentication, management console support, and administrative tasks IBM Systems Director Server service A service that runs automatically on the management server, and provides the server engine and application logic for IBM Systems Director IBM Director service account The Windows operating-system account associated with the IBM Director Server service image A bootable operating system and additional software in the form of a single raw image file You can store, copy, and customize system images to reuse them for creating virtual servers image repository A part of a local or shared file system that is used to store system images inband communication Pertaining to events that are transmitted between IBM Systems Director Server and service processors in systems that are running the required IBM Systems Director agent Initiator A SCSI device that asks another SCSI device (the target) to perform an operation Usually, a host computer acts as an initiator and a peripheral device acts as a target With SAS zoning, initiators and targets can see only parts of a domain These parts are called zone groups instance An individual realization of the operating system with a particular version, configuration, physical location, and identifier In object-oriented programming, an object of a particular class integrated system management processor (ISMP) A service processor built into some xSeries servers ISMP is the successor to the Advanced System Management (ASM) processor Intelligent Peripheral Management Interface (IPMI) A standard for controlling intelligent devices that monitor a system It provides for dynamic discovery of sensors in the system and the ability to monitor the sensors and be informed when the sensor's values change or go outside certain boundaries interprocess communication (IPC) The process by which programs send messages to each other Sockets, semaphores, signals, and internal message queues are common methods of interprocess communication A mechanism of an operating system that allows processes to communicate with each other within the same computer or over a network IPC See interprocess communication ISMP See integrated system management processor iso image A disk image for an ISO 9660 file system, containing the installable files for a particular update or upgrade inventory data Information about physical, logical, and virtual hardware (such as virtual systems, virtual servers, and farms), software applications, operating systems, middleware, firmware and BIOS, diagnostics, and network J job A separately runnable unit of work job instance A specific occurrence of a job that is running or has completed running K keystore In security, a storage object, either a file or a hardware cryptographic card, where identities and private keys are stored, for authentication and encryption purposes Some keystores also contain trusted, or public, keys L launched task Tasks that start outside of the IBM Systems Director Web interface light path diagnostics A technology that provides a lighted path to failed or failing components to expedite hardware repairs logical unit number (LUN) In the Small Computer System Interface (SCSI) standard, a unique identifier used to differentiate devices, each of which is a logical unit (LU) Loss dword sync An error that occurs when a PHY stops detecting an incoming stream of dwords LUN See logical unit number Glossary 685 M MAC address See Media Access Control address management module The BladeCenter component that handles system-management functions It configures the chassis and switch modules, communicates with the blade servers and all I/O modules, multiplexes the keyboard/video/mouse (KVM), and monitors critical information about the chassis and blade servers MD5 A type of message algorithm that converts a message of arbitrary length into a 128-bit message digest This algorithm is used for digital signature applications where a large message must be compressed in a secure manner management server The server on which IBM Director Server is installed Media Access Control address (MAC address) In a local area network, the protocol that determines which device has access to the transmission medium at a given time megabyte (MB) For processor storage, real and virtual storage, and channel volume, to the 20th power or 048 576 bytes For disk storage capacity and communications volume, 000 000 bytes N network interface card A printed circuit board that plugs into a personal computer, server, or workstation It controls the exchange of data over a network and provides the electronic functions for the data-link protocol or access method, such as token ring or Ethernet network interface controller (NIC) Hardware that provides the interface control between system main storage and external high-speed link (HSL) ports Network News Transfer Protocol (NNTP) A protocol that is used to post messages in, distribute messages to, and retrieve messages from news groups and to transfer articles between news servers 686 IBM Systems Director Systems Management Guide nonvolatile random access memory (NVRAM) Random access memory (storage) that retains its contents after the electrical power to the machine is shut off NVRAM See nonvolatile random access memory O out-of-band communication Pertaining to events that are transmitted between the service processor and IBM Systems Director Server over a shared connection The type of service processor present in a server determines which paths out-of-band communication can take These types of communication are known as out-of-band communication because they take place independent of an operating system P PCI See Peripheral Component Interconnect See also Peripheral Component Interconnect-X PCI-X See Peripheral Component Interconnect-X See also Peripheral Component Interconnect Peripheral Component Interconnect (PCI) A local bus that provides a high-speed data path between the processor and attached devices See also Peripheral Component Interconnect-X Peripheral Component Interconnect-X (PCI-X) An enhancement to the Peripheral Component Interconnect (PCI) architecture PCI-X enhances the Peripheral Component Interconnect (PCI) standard by doubling the throughput capability and providing additional adapter-performance options while maintaining backward compatibility with PCI adapters See also Peripheral Component Interconnect persistent Pertaining to data that is maintained across session boundaries, usually in nonvolatile storage such as a database system or a directory PFA See Predictive Failure Analysis PHY Physical layer A PHY is responsible for the transmission of signals between computers The function of each zone group is determined by how you configure each PHY port on an expander PHY reset Any of several problems that can arise during a PHY reset sequence that can cause the sequence to fail physical platform An IBM Director managed object that represents a single physical chassis or server that has been discovered through the use of the Service Location Protocol (SLP) Platform Agent Platform Agent provides a lighter footprint and fewer management functions than the Common Agent The function available for Platform-Agent managed systems is limited to the following tasks, and varies based on operating system and hardware: discover systems, collect limited platform inventory data, monitor health and status, manage alerts, remotely deploy and install Common Agent, perform limited remote access, and perform limited restart capabilities Platform Agent-managed system An IBM or non-IBM server, desktop computer, workstation, or mobile computer that has Platform Agent installed Platform manager Software that manages one or more host systems and their associated virtual servers and operating systems Platform managers can be started from the IBM Systems Director Web interface For example, BladeCenter Management Module, IBM Hardware Management Console (HMC), IBM Integrated Virtualization Manager (IVM), and VMware VirtualCenter are platform managers Predictive Failure Analysis (PFA) A scheduled evaluation of system data that detects and signals parametric degradation which might lead to functional failures private key In secure communication, an algorithmic pattern used to encrypt messages that only the corresponding public key can decrypt The private key is also used to decrypt messages that were encrypted by the corresponding public key The private key is kept on the user's system and is protected by a password See also public key public key In secure communication, an algorithmic pattern used to decrypt messages that were encrypted by the corresponding private key A public key is also used to encrypt messages that can be decrypted only by the corresponding private key Users broadcast their public keys to everyone with whom they must exchange encrypted messages See also private key Q R remote I/O enclosure An expansion enclosure of Peripheral Component Interconnect-X (PCI-X) slots, for example, an RXE-100 Remote Expansion Enclosure The enclosure consists of one or two expansion kits Remote Supervisor Adapter An IBM service processor It is built into some xSeries servers and available as an optional adapter for use with others When used as a gateway service processor, the Remote Supervisor Adapter can communicate with all service processors on the Advanced System Management (ASM) interconnect POST See power-on self-test resource A generic term for anything that IBM Systems Director can manage For example, systems, groups, and updates are all resources power-on self-test (POST) A series of internal diagnostic tests activated each time the system power is turned on resource manager In the Tivoli common agent services , the server of a management application that directly interacts with a managed plug-in A software module that adds function to an existing program or application Glossary 687 memory space and access to all associated adapters A scalable partition is the logical equivalent of a physical platform Scalable partitions are associated with scalable systems and comprise only the scalable nodes from their associated scalable systems resource For example, a resource manager installs bundles on the agent and starts and stops a subagent resource-monitor threshold The point at which a resource monitor generates an event root user In Linux and UNIX operating systems, a user who has superuser authority and root privileges A root user's user identifier (UID) is A system user who operates without restrictions A root user has the special rights and privileges needed to perform administrative tasks RSA See Remote Supervisor Adapter S SAN Storage area network A network that attaches computer storage devices to servers (A disk array controller is an example of a computer storage device.) SAS Serial attached SCSI A mechanism for accessing computer peripheral devices SAS employs a serial (one bit at a time) means of digital data transfer over thin cables SAS domain The I/O system that can also serve as a SCSI domain Also known as a service delivery subsystem SATA Serial advanced technology attachment A way to connect hard disk drives to computer systems SATA is based on serial signaling technology, unlike current Integrated Drive Electronics (IDE) hard disk drives that use parallel signaling scalable node A physical platform that has at least one SMP Expansion Module Additional attributes are assigned to a physical platform when it is a scalable node These additional attributes record the number of SMP Expansion Modules, SMP Expansion Ports, and RXE Expansion ports on the physical chassis scalable partition An IBM Director managed object that defines the scalable nodes that can run a single image of the operating system A scalable partition has a single, continuous 688 IBM Systems Director Systems Management Guide scalable system An IBM Director managed object that consists of scalable nodes and the scalable partitions that are composed of the scalable nodes in the scalable system When a scalable system contains two or more scalable nodes, the servers that they represent must be interconnected through their SMP Expansion Modules to make a multinode configuration, for example, a 16-way xSeries 455 server made from four scalable nodes SCSI Small computer systems interface A high-speed communications protocol that allows your computer to communicate with peripheral hardware SCSI domain An I/O system that consists of a set of SCSI devices that communicate with each other through a service delivery subsystem secure copy (SCP) A means of securely transferring computer files between a local and a remote host or between two remote hosts using secure shell (ssh) Secure Hash Algorithm (SHA) An encryption method in which data is encrypted in a way that is mathematically impossible to reverse Different data can possibly produce the same hash value, but there is no way to use the hash value to determine the original data Secure Sockets Layer (SSL) A security protocol that provides communication privacy With SSL, client/server applications can communicate in a way that is designed to prevent eavesdropping, tampering, and message forgery secure shell (ssh) A Unix-based command interface and protocol for securely getting access to a remote computer data When installed on a managed system, this feature enables SNMP-based managers to poll the managed system and receive its alerts If System Health Monitoring is installed on the managed system also, hardware alerts can be forwarded as SNMP traps server farm A group of network servers that are housed in one location Service delivery subsystem A SAS domain Service Location Protocol (SLP) An Internet protocol that identifies and uses network hosts without having to designate a specific network host name service processor A generic term for Remote Supervisor Adapters, Advanced System Management processors, Advanced System Management PCI adapters, integrated management modules, and integrated system management processors (ISMPs) These hardware-based management processors used in IBM Netfinity and xSeries servers work with IBM Director to provide hardware status and alert notification Simple Object Access Protocol (SOAP) A lightweight, XML-based protocol for exchanging information in a decentralized, distributed environment SOAP can be used to query and return information and invoke services across the Internet SLP See Service Location Protocol SMBIOS See system management BIOS SMP SCSI management protocol Used to manage SAS point-to-point topology SMP Expansion Module An IBM xSeries hardware option It is a single module that contains microprocessors, disk cache, random access memory, and three SMP Expansion Port connections Two SMP Expansion Modules can fit in a chassis snap-in A registered user exit program that is defined to be called from mail server framework user exit points The mail server framework user exit points are referred to as ports by the mail server framework Systems will snap-in the programs that are needed to operate SNMP Access and Trap Forwarding An IBM Director Agent feature that enables SNMP to access managed-system SNMP device An embedded device that uses SNMP to monitor network-attached devices, printers, or computers for conditions that require system-management attention SOAP See Simple Object Access Protocol SQL See Structured Query Language SSL See Secure Sockets Layer SSP Serial SCSI protocol Used to communicate with SAS devices and SCSI software static partition A view-only scalable partition Storage Management Initiative Specification (SMI-S) A design specification developed by the Storage Networking Industry Association (SNIA) that specifies a secure and reliable interface with which storage management systems (SMSs) can identify, classify, monitor, and control physical and logical resources in a storage area network (SAN) The interface integrates the various devices to be managed in a storage area network (SAN) and the tools used to manage them storage pool Containers of virtual disks that reside on the Virtual I/O Server storage subsystem A storage control and its attached storage devices storage volume A representation of a volume from the standpoint of the storage system that contains the volume STP SCSI tunneling protocol Used to identify and communicate with SATA devices Structured Query Language (SQL) A standardized language for defining and manipulating data in a relational database Glossary 689 Subtractive routing attribute The attribute of an expander PHY that indicates that it can be used by the ECM to route connection requests to an attached expander device Subtractive routing method The method the ECM uses to route connection requests to an expander device switch module The BladeCenter component that provides network connectivity for the BladeCenter chassis and blade servers It also provides interconnectivity between the management module and blade servers system Operating-system-based or hardware-based endpoint that has an IP address and host name and can be discovered and managed by IBM Systems Director For example, storage devices, network devices, physical servers, virtual servers, and operating systems are systems system management BIOS (SMBIOS) A specification that extends BIOS to support the retrieval of management data system variable A user-defined keyword and value pair that can be used to test and track the status of network resources System variables can be referred to wherever event-data substitution is allowed T Target Another SCSI device that communicates with the originating SCSI device target system A managed system on which an IBM Systems Director task is performed terabyte (TB) For processor storage, real and virtual storage, and channel volume, to the 40th power or 099 511 627 776 bytes For disk storage capacity and communications volume, 000 000 000 000 bytes Topology The geometric configuration of a computer network, or how the network is physically laid out Common topologies 690 IBM Systems Director Systems Management Guide are star (centralized), bus (decentralized), and ring (decentralized) triple Data Encryption Standard (triple DES) A block cipher algorithm that can be used to encrypt data transmitted between managed systems and the management server Triple DES is a security enhancement of DES that employs three successive DES block operations triple DES See triple Data Encryption Standard Trivial File Transfer Protocol (TFTP) In Internet communications, a set of conventions that transfers files between hosts using minimal protocol trustore In security, a storage object, either a file or a hardware cryptographic card, where public keys are stored in the form of trusted certificates, for authentication purposes in Web transactions In some applications, these trusted certificates are moved into the application keystore to reside with the private keys U Universally Unique Identifier (UUID) The 128-bit numerical identifier that is used to ensure that two components not have the same identifier undoable disk A type of virtual disk that saves changes to a temporary file instead of to the virtual disk itself Changes can be committed when the virtual machine is powered off UUID See Universal Unique Identifier V viewport In the GDDM® function, a rectangular area within the picture space that defines where the output of the current page appears on the work station In GL, the last transformation in the graphics pipeline, which is used to map from normalized device coordinates to device coordinates The viewport maps the unit cube x/w = +/-1, y/w = +/-1, z/w = +/-1 to the screen space, as measured in pixels That portion of a partition or usable area defined for display of data to the operator The viewport has a predefined size and position on the screen and is related to a presentation space through a specified window In BMS, that part of a screen that is allocated to a partition virtual farm A collection of host systems and their associated virtual servers Virtual farms can represent farms that are defined in VMware VirtualCenter Virtual farms can also be a collection of hosts in other supported virtualization environments virtualization environment Describes all of the components associated with a managed system and its virtualized resources The associated components can include a platform manager, host systems, virtual farms, virtual servers, and guest operating systems The following are examples of virtualization environments: Microsoft Virtual Server Power Systems that are under the control of a Hardware Management Console (HMC) Power Systems that are under the control of an Integrated Virtualization Manager (IVM) VMware ESX Server VMware VirtualCenter Xen Virtualization virtual server A system composed of partitioned, shared, or virtualized resources presented from a host system An operating system and other software can be installed on a virtual server Terms also used for this concept are Virtual Machine, Hosted Computer, Child Partition, Logical Partition, Domain Guest, Guest Domain, or domU vital product data (VPD) Information that uniquely defines system, hardware, software, and microcode elements of a processing system other data recording medium that supports some form of identifier and parameter list, such as a volume label or input/output control VPD See vital product data W Wake on LAN A technology that enables a user to remotely turn on systems for off-hours maintenance A result of the Intel-IBM Advanced Manageability Alliance and part of the Wired for Management Baseline Specification, users of this technology can remotely turn on a server and control it across the network, thus saving time on automated software installations, upgrades, disk backups, and virus scans walk An SNMP operation that is used to discover all object instances of management information implemented in the SNMP agent that can be accessed by the SNMP manager Web Services Description Language (WSDL) An XML-based specification for describing networked services as a set of endpoints operating on messages containing either document-oriented or procedure-oriented information Windows Management Instrumentation (WMI) An application programming interface (API) in the Windows operating system that enables devices and systems in a network to be configured and managed WMI uses the Common Information Model (CIM) to enable network administrators to access and share management information WMI See Windows Management Instrumentation WMI Query Language (WQL) A subset of the Structured Query Language (SQL) with minor semantic changes to support Windows Management Instrumentation (WMI) WQL See WMI Query Language WSDL See Web Services Description Language volume A discrete unit of storage on disk, tape, or Glossary 691 X XML See Extensible Markup Language Y Z z/VM 692 An IBM System z and zSeries® operating system that acts as virtualization software z/VM can virtualize all system resources, including processors, memory, storage devices, and communication devices z/VM supports the concurrent operation of hundreds of operating system instances IBM Systems Director Systems Management Guide Zone configuration A collection of information that describes the zoning for a SAS domain Zone group A part of a domain whose properties and limits you specify on the Basic Zone Permission Table This table is on the Manage Fabric page Symbols and Numerics 10b8b decoding Decoding a 10-bit character (a control or data character) into an 8-bit byte (a control or data byte) Printed in USA GC30-4176-06 ... to IBM Systems Director xii IBM Systems Director Systems Management Guide Web sites v IBM Systems Director www .ibm. com /systems/ management /director/ View the IBM Systems Director Web site on ibm. com®... code IBM Systems Director, IBM Systems Director plug-ins, and IBM Systems Director upward integration modules v IBM Systems Director Documentation and Resources www .ibm. com /systems/ management /director/ resources/... currently supported versions of IBM Systems Director v IBM Systems Director Downloads www .ibm. com /systems/ management /director/ downloads/ View the IBM Systems Director Downloads Web site on ibm. com which