Certification guide series ibm tivoli provisioning manager v5.1 sg247262

1. Front coverCertification Guide SeriesIBM Tivoli ProvisioningManager V5.1Helps you become a certified TivoliProvisioning Manager V5.1Explains the certification pathand prerequisites you requireIncludes best practicesfor Software Distribution Vasfi Gucer David CampbellMartin CaesarMarkus HelbigFabrizio SalustriPetra Unglaubibm.com/redbooks

2. International Technical Support OrganizationCertification Guide Series: IBM Tivoli ProvisioningManager V5.1January 2007 SG24-7262-00 3. Note: Before using this information and the product it supports, read the information in Notices on page xv.First Edition (January 2007)This edition applies to IBM Tivoli Provisioning Manager V5.1. Copyright International Business Machines Corporation 2007. All rights reserved.Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADPSchedule Contract with IBM Corp. 4. Contents Figures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi Examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvi Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii The team that wrote this redbook. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii Become a published author . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix Comments welcome. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix Chapter 1. Certification overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1 IBM Professional Certification Program . . . . . . . . . . . . . . . . . . . . . . . . . . . 21.1.1 Benefits of certification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31.1.2 Tivoli Software Professional Certification . . . . . . . . . . . . . . . . . . . . . . 4 1.2 Tivoli Provisioning Manager V5.1 Implementation certification . . . . . . . . . . 71.2.1 Test 898 objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81.2.2 How to get your 15% discount on the Tivoli Provisioning Manager V5.1 certification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 1.3 Recommended resources for study . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81.3.1 Courses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81.3.2 Publications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Chapter 2. Planning and architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 2.1 Tivoli Provisioning Manager V5.1 components . . . . . . . . . . . . . . . . . . . . . 12 2.2 Scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152.2.1 Scalable Distribution Infrastructure for Tivoli Provisioning Manager v.5.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 2.3 Supported Platforms for Tivoli Provisioning Manager version 5.1. . . . . . . 21 2.4 Infrastructure deployment considerations . . . . . . . . . . . . . . . . . . . . . . . . . 222.4.1 Demo installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232.4.2 Small Data Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232.4.3 Small branch office . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242.4.4 Large data center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242.4.5 Large branch office . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252.4.6 System management across firewalls. . . . . . . . . . . . . . . . . . . . . . . . 25 Copyright IBM Corp. 2007. All rights reserved. iii 5. 2.4.7 Ports used by Scalable Distribution Infrastructure components . . . . 26Chapter 3. Installing Tivoli Provisioning Manager V5.1 . . . . . . . . . . . . . . . 293.1 Installation methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 3.1.1 Regular installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 3.1.2 Silent installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 3.1.3 Fast Start installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303.2 Topology Installer Launcher . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313.3 Supported installation topologies and operating system versions. . . . . . . 31 3.3.1 AIX and Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 3.3.2 Solaris (Sun SPARC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 3.3.3 Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363.4 Account required by the installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393.5 Preinstallation checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 3.5.1 Topology Installer Launcher requirements . . . . . . . . . . . . . . . . . . . . 39 3.5.2 Tivoli Provisioning Manager server requirements . . . . . . . . . . . . . . . 40 3.5.3 Additional software requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 3.5.4 Prerequisite software versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413.6 Installing behind a firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423.7 Overview of the installation flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 3.7.1 Invoking the installer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 3.7.2 Installation phases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443.8 Installation log files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 3.8.1 Installer logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 3.8.2 Tivoli common directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 3.8.3 Directory containing output from the installation . . . . . . . . . . . . . . . . 473.9 Post installation steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 3.9.1 Changing default passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 3.9.2 Importing sample data. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493.10 Automation Package Developer Environment (APDE) installation . . . . . 50 3.10.1 Automation Package Developer Environmentinstallation requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 3.10.2 Installing the Automation Package Developer Environment . . . . . . 52 3.10.3 Configuring database connectivity . . . . . . . . . . . . . . . . . . . . . . . . . 53 3.10.4 Configuring deployment engine connectivity. . . . . . . . . . . . . . . . . . 58 3.10.5 Starting the Automation Package Developer Environment . . . . . . . 59 3.10.6 Configuring Automation Package DeveloperEnvironment preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 3.10.7 Automation Package Developer Environment views . . . . . . . . . . . 61Chapter 4. Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 634.1 Discovery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 4.1.1 Discovery scan types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64iv Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 6. 4.1.2 Tivoli Provisioning Manager Inventory Discovery . . . . . . . . . . . . . . . 65 4.1.3 Network discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 4.1.4 IBM discovery library reader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 4.1.5 Microsoft Active Directory discovery . . . . . . . . . . . . . . . . . . . . . . . . . 69 4.1.6 Run a discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 694.2 Service access points (SAP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 704.3 Credentials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 714.4 Groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 4.4.1 Creating a static group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 4.4.2 Creating a dynamic group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 744.5 Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 4.5.1 Creating a customer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 4.5.2 Creating a resource pool. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76 4.5.3 Creating an administrative domain . . . . . . . . . . . . . . . . . . . . . . . . . . 76 4.5.4 Creating a cluster domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 774.6 Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 784.7 Automation packages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 4.7.1 Install an automation package . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 4.7.2 Updating an automation package . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 4.7.3 Creating an automation package . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 4.7.4 Creating a workflow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 844.8 Software Package Editor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85Chapter 5. Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 895.1 Essentials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 5.1.1 Recording the symptoms of the problem . . . . . . . . . . . . . . . . . . . . . 90 5.1.2 Recreating the problem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 5.1.3 Eliminating possible causes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 915.2 Directory structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 915.3 Log Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 5.3.1 Log file types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 5.3.2 Subsystem messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 5.3.3 Setting log level. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 955.4 Workflow troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 5.4.1 Setting log level. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 5.4.2 Workflow execution logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1015.5 Agent installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 5.5.1 Time drift . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 5.5.2 RXA problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 5.5.3 Service access point (SAP) problems . . . . . . . . . . . . . . . . . . . . . . . 106 5.5.4 Communication issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1095.6 Depot issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1105.7 Performance tuning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112Contentsv 7. 5.7.1 Configuring maximum number of concurrent jobs . . . . . . . . . . . . . 1125.7.2 Workflow performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1135.7.3 Software Package Editor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114Chapter 6. Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1176.1 Accessing the console. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1186.2 Managing security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 6.2.1 Creating a security role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120 6.2.2 Creating an access group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 6.2.3 Creating a permission group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 6.2.4 Associate objects to an access group . . . . . . . . . . . . . . . . . . . . . . . 122 6.2.5 Adding a new user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 6.2.6 Assigning a security role to a user . . . . . . . . . . . . . . . . . . . . . . . . . 125 6.2.7 Associating access and permission groups to a user . . . . . . . . . . . 126 6.2.8 Enabling access control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1276.3 Network discovery and agent distribution . . . . . . . . . . . . . . . . . . . . . . . . 127 6.3.1 Preparing network discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 6.3.2 Discovery policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 6.3.3 Performing the discovery task . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 6.3.4 Installing Tivoli Common Agent. . . . . . . . . . . . . . . . . . . . . . . . . . . . 1326.4 Software Package Editor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 6.4.1 Using the Software Package Editor . . . . . . . . . . . . . . . . . . . . . . . . 134 6.4.2 Saving a software package . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1386.5 Compliance management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139 6.5.1 Adding software compliance check . . . . . . . . . . . . . . . . . . . . . . . . . 139 6.5.2 Adding security compliance check . . . . . . . . . . . . . . . . . . . . . . . . . 139 6.5.3 Running inventory scan and compliance check . . . . . . . . . . . . . . . 140 6.5.4 Handle recommendation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 6.5.5 Verifying changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1426.6 Software Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143 6.6.1 Software stack. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143 6.6.2 Software Catalog. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1456.7 Virtual servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146 6.7.1 Installing tcdriver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 6.7.2 Creating host platform server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148 6.7.3 Adding resource to host platform server . . . . . . . . . . . . . . . . . . . . . 148 6.7.4 Creating virtual server template . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 6.7.5 Adding resource requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 6.7.6 Allocating the virtual server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1516.8 Imaging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152 6.8.1 Installing a boot server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154 6.8.2 Capturing an image with Rembo Boot Server . . . . . . . . . . . . . . . . . 156 6.8.3 Deploying an image with Rembo Boot Server . . . . . . . . . . . . . . . . 160vi Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 8. 6.9 Software distribution and installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 6.9.1 Software distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 6.9.2 Software installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 6.9.3 Requirements on target endpoints . . . . . . . . . . . . . . . . . . . . . . . . . 163 6.9.4 User role for software distribution . . . . . . . . . . . . . . . . . . . . . . . . . . 1636.10 Web services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 6.10.1 Extensible Markup Language . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 6.10.2 Simple Object Access Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 6.10.3 Web services description language . . . . . . . . . . . . . . . . . . . . . . . 165 6.10.4 Web Services Resource Framework. . . . . . . . . . . . . . . . . . . . . . . 1666.11 Using Automation Package Development Environment . . . . . . . . . . . . 167 6.11.1 Creating automation packages . . . . . . . . . . . . . . . . . . . . . . . . . . . 169 6.11.2 Creating new workflow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169 6.11.3 Working with Workflows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170 6.11.4 Modify existing automation packages . . . . . . . . . . . . . . . . . . . . . . 170 6.11.5 Workflow syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172 6.11.6 Exporting created or modified workflows . . . . . . . . . . . . . . . . . . . 173Chapter 7. Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1757.1 The Data Center Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176 7.1.1 What is Data Center Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176 7.1.2 Data Center Model objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176 7.1.3 Customer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 7.1.4 Application tier. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 7.1.5 Resource pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 7.1.6 Management operations and Logical Device Operations . . . . . . . . 177 7.1.7 Workflows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 7.1.8 Device drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1787.2 Scalable Distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179 7.2.1 File repository . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179 7.2.2 Software Catalog, Software Products and Software Installables . . 179 7.2.3 Software stacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180 7.2.4 The dynamic content delivery service . . . . . . . . . . . . . . . . . . . . . . . 180 7.2.5 The dynamic content delivery service Management Center . . . . . . 181 7.2.6 Depot server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181 7.2.7 Regions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182 7.2.8 Zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182 7.2.9 Device Management Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 7.2.10 Peer-to-peer file sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185 7.2.11 Publishing to depots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185 7.2.12 Inside the distribution process. . . . . . . . . . . . . . . . . . . . . . . . . . . . 1857.3 Tivoli Common Agent Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186 7.3.1 Agent Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187Contents vii 9. 7.3.2 Resource manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1877.3.3 Tivoli Common Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 7.4 Software Life Cycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189 7.5 Security model. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1907.5.1 User authentication and accounts. . . . . . . . . . . . . . . . . . . . . . . . . . 1907.5.2 User authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1907.5.3 User roles and accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1907.5.4 Access groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1907.5.5 Permission groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1917.5.6 Access Permission group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191 Chapter 8. Sample questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193 8.1 Sample questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194 8.2 Answer Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198 Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 Online resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 How to get IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 Help from IBM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203viii Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 10. Figures 2-1 Tivoli Provisioning Manager architecture . . . . . . . . . . . . . . . . . . . . . . . . . 12 2-2 Tivoli Provisioning Manager Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3-1 One-node AIX topology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 3-2 Solaris 9 one-node topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 3-3 Solaris 9 or Solaris 10 two-node topology. . . . . . . . . . . . . . . . . . . . . . . . . 35 3-4 Windows one-node topology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 3-5 Windows two-node topology with Microsoft Active Directory . . . . . . . . . . 37 3-6 Windows two-node topology with Tivoli Directory Server . . . . . . . . . . . . . 38 3-7 APDE architecture. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 3-8 Automation Package view. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 4-1 Add service access point dialog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 4-2 Add credentials to service access point . . . . . . . . . . . . . . . . . . . . . . . . . . 71 4-3 Service access point (SAP) configured for common agent . . . . . . . . . . . . 72 4-4 Add static group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 4-5 Add dynamic group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 4-6 Web interface in Tivoli Provisioning Manager and Tivoli Provisioning Manager for Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 4-7 Open Software Package Editor in Eclipse . . . . . . . . . . . . . . . . . . . . . . . . 85 4-8 Software Package Editor settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86 4-9 Select file repository for software package block . . . . . . . . . . . . . . . . . . . 87 5-1 Stop workflow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 5-2 Workflow log details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 5-3 Workflow log timedrift . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 5-4 Disable simple file sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 5-5 SAP definition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108 5-6 Tivoli common agent install credentials . . . . . . . . . . . . . . . . . . . . . . . . . 108 5-7 RXA credentials for UNIX Tivoli common agent installation . . . . . . . . . . 109 6-1 Digital certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 6-2 Login screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 6-3 Add a new security role. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120 6-4 Add new access group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 6-5 Add new permission group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 6-6 New user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124 6-7 Assign user roles. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126 6-8 Discovery policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 6-9 Software Package Editor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134 6-10 Check Disk Space Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135 6-11 Example software package . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137 Copyright IBM Corp. 2007. All rights reserved.ix 11. 6-12 Add external software catalog. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1466-13 Add Boot Server Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1556-14 Starting the Rembo Toolkit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1566-15 Rembo Toolkit renamed to Tivoli Provisioning Manager for OSDeployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1576-16 Image capture on source computer . . . . . . . . . . . . . . . . . . . . . . . . . . . 1606-17 Workflow related components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1686-18 Import workflow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1717-1 Distribution process: high level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1867-2 Managed system life cycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189x Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 12. Tables 2-1 Supported platforms for Tivoli Provisioning Manager V5.1 and Tivoli common agent V1.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 2-2 Ports used by Scalable Distribution Infrastructure components . . . . . . . . 26 3-1 Supported topologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 3-2 Hardware and software requirements for the Topology Installer . . . . . . . 39 3-3 Prerequisite software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 3-4 Communication port used by Tivoli Provisioning Manager . . . . . . . . . . . . 42 3-5 Default user names and passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 4-1 Available report views . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 5-1 Tivoli Provisioning Manager directory structure . . . . . . . . . . . . . . . . . . . . 92 5-2 Logfile locations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 5-3 Subsystem codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 5-4 Tivoli common agent port requirements . . . . . . . . . . . . . . . . . . . . . . . . . 109 6-1 Rembo product integrated into IBM Tivoli software . . . . . . . . . . . . . . . . 153 Copyright IBM Corp. 2007. All rights reserved. xi 13. xii Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 14. Examples 3-1 Installation log files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 3-2 Registering the node and the database . . . . . . . . . . . . . . . . . . . . . . . . . . 54 3-3 .jar file location update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 3-4 .jar file location update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 4-1 Command listing automation packages . . . . . . . . . . . . . . . . . . . . . . . . . . 82 4-2 Workflow deletes target deviceID from data center model . . . . . . . . . . . . 85 4-3 Import server certificate to java keystore . . . . . . . . . . . . . . . . . . . . . . . . . 87 5-1 log4j.prop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 5-2 TImedrift error . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 5-3 Failing RXA access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 5-4 Missing SAP definition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 5-5 eclipse.ini . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 6-1 soapclient.cmd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 Copyright IBM Corp. 2007. All rights reserved.xiii 15. xiv Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 16. NoticesThis information was developed for products and services offered in the U.S.A.IBM may not offer the products, services, or features discussed in this document in other countries. Consultyour local IBM representative for information on the products and services currently available in your area.Any reference to an IBM product, program, or service is not intended to state or imply that only that IBMproduct, program, or service may be used. Any functionally equivalent product, program, or service thatdoes not infringe any IBM intellectual property right may be used instead. However, it is the usersresponsibility to evaluate and verify the operation of any non-IBM product, program, or service.IBM may have patents or pending patent applications covering subject matter described in this document.The furnishing of this document does not give you any license to these patents. You can send licenseinquiries, in writing, to:IBM Director of Licensing, IBM Corporation, North Castle Drive, Armonk, NY 10504-1785 U.S.A.The following paragraph does not apply to the United Kingdom or any other country where suchprovisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATIONPROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS ORIMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT,MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimerof express or implied warranties in certain transactions, therefore, this statement may not apply to you.This information could include technical inaccuracies or typographical errors. Changes are periodically madeto the information herein; these changes will be incorporated in new editions of the publication. IBM maymake improvements and/or changes in the product(s) and/or the program(s) described in this publication atany time without notice.Any references in this information to non-IBM Web sites are provided for convenience only and do not in anymanner serve as an endorsement of those Web sites. The materials at those Web sites are not part of thematerials for this IBM product and use of those Web sites is at your own risk.IBM may use or distribute any of the information you supply in any way it believes appropriate withoutincurring any obligation to you.Information concerning non-IBM products was obtained from the suppliers of those products, their publishedannouncements or other publicly available sources. IBM has not tested those products and cannot confirmthe accuracy of performance, compatibility or any other claims related to non-IBM products. Questions onthe capabilities of non-IBM products should be addressed to the suppliers of those products.This information contains examples of data and reports used in daily business operations. To illustrate themas completely as possible, the examples include the names of individuals, companies, brands, and products.All of these names are fictitious and any similarity to the names and addresses used by an actual businessenterprise is entirely coincidental.COPYRIGHT LICENSE:This information contains sample application programs in source language, which illustrate programmingtechniques on various operating platforms. You may copy, modify, and distribute these sample programs inany form without payment to IBM, for the purposes of developing, using, marketing or distributing applicationprograms conforming to the application programming interface for the operating platform for which thesample programs are written. These examples have not been thoroughly tested under all conditions. IBM,therefore, cannot guarantee or imply reliability, serviceability, or function of these programs. Copyright IBM Corp. 2007. All rights reserved.xv 17. TrademarksThe following terms are trademarks of the International Business Machines Corporation in the United States,other countries, or both:Redbooks (logo) AIXPowerPCibm.comCloudscape RedbookspSeriesDB2 Universal Database TivolixSeriesDB2WebSpherezSeriesIBMAIX 5L Library ReaderThe following terms are trademarks of other companies:Oracle, JD Edwards, PeopleSoft, and Siebel are registered trademarks of Oracle Corporation and/or itsaffiliates.SAP, and SAP logos are trademarks or registered trademarks of SAP AG in Germany and in several othercountries.and Oracle are registered trademarks of Oracle Corporation and/or its affiliates.Snapshot, and the Network Appliance logo are trademarks or registered trademarks of Network Appliance,Inc. in the U.S. and other countries.ITIL is a registered trademark, and a registered community trademark of the Office of GovernmentCommerce, and is registered in the U.S. Patent and Trademark Office.Java, JDBC, JRE, JVM, J2EE, Solaris, Sun, and all Java-based trademarks are trademarks of SunMicrosystems, Inc. in the United States, other countries, or both.Active Directory, Excel, Internet Explorer, Microsoft, Windows Server, Windows, and the Windows logo aretrademarks of Microsoft Corporation in the United States, other countries, or both.i386, Intel, Pentium, Intel logo, Intel Inside logo, and Intel Centrino logo are trademarks or registeredtrademarks of Intel Corporation or its subsidiaries in the United States, other countries, or both.UNIX is a registered trademark of The Open Group in the United States and other countries.Linux is a trademark of Linus Torvalds in the United States, other countries, or both.Other company, product, or service names may be trademarks or service marks of others.xvi Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 18. Preface IBM Tivoli Provisioning Manager, built on a service-oriented architecture (SOA), enhances usability for executing changes while keeping server and desktop software compliant. Tivoli Provisioning Manager helps organizations with provisioning, configuration and maintenance of servers and virtual servers, operating systems, middleware, applications, storage and network devices acting as routers, switches, firewalls, and load balancers. This IBM Redbook is a study guide for IBM Tivoli Provisioning Manager V5.1 and is aimed at the people who want to get an IBM Professional Certification for this product. The IBM Tivoli Provisioning Manager V5.1 Certification, offered through the Professional Certification Program from IBM, is designed to validate the skills required of technical professionals who work in the implementation of the IBM Tivoli Provisioning Manager V5.1 product. This book provides a combination of theory and practical experience needed for a general understanding of the subject matter. It also provides sample questions that will help in the evaluation of personal progress and provide familiarity with the types of questions that will be encountered in the exam. This publication does not replace practical experience, nor is it designed to be a stand-alone guide for any subject. Instead, it is an effective tool that, when combined with education activities and experience, can be a very useful preparation guide for the exam. For your convenience, we structure the chapters based on the sections of the Tivoli Provisioning Manager V5.1 Implementation Certification test, such as Planning, Installation, Administration, and so on, so studying each chapter will help you prepare for one section of the exam.The team that wrote this redbook This redbook was produced by a team of specialists from around the world working at the International Technical Support Organization, Poughkeepsie Center. Vasfi Gucer is an IBM Certified Consultant IT Specialist at the ITSO Austin Center. He has been with IBM Turkey for 10 years, and has worked at the ITSO since January 1999. He has more than 15 years of experience in teaching and implementing systems management, networking hardware, and distributed platform software. He actively presents at various Tivoli Technical User Copyright IBM Corp. 2007. All rights reserved. xvii 19. Conferences and User Group meetings. He has worked on various Tivoli clientprojects as a Systems Architect and Consultant. Vasfi is also a Certified TivoliConsultant.David Campbell is a Technical Consultant for the IBM Software Group Servicesfor Tivoli in the UK. He is a Senior IT Specialist and Tivoli Certified Consultantand has worked with Tivoli software both as a customer and within IBM foraround 10 years. He has used many Tivoli products and now specializes in TivoliConfiguration Manager. He has worked with many UK and internationalcustomers including several of the UKs largest financial institutions.Martin Caesar is an IT Specialist working for IBM Software Group Services forTivoli in Germany. He has worked with Tivoli products since 1999. He hasdesigned and implemented solutions in several projects based on the TivoliConfiguration Manager product. The experience he has includes installing andconfiguring the product for specific situations and requirements. He has an IBMCertified Deployment Professional certification and is ITIL Certified. He holds adiploma in Physics from the Technical University Berlin.Markus Helbig is an IBM Tivoli software support specialist since 1999. His skillsinclude IBM Tivoli Management Framework V 3.x & 4.x, IBM Tivoli Monitoring V5.x, 6.x, as well as Tivoli Configuration Manager 4.x.Fabrizio Salustri is a software support specialist working for Italy IMT in TivoliCustomer Support within IBM Global Services. He has worked for IBM since1996, and has extensive experience with the Tivoli products suite. Throughouthis career, Fabrizio has been involved in several projects implementing Tivolisolutions for important clients of IBM Italy. Before joining the Tivoli Support team,he worked as a Certified AIX System Administrator in AIX Technical Support. InMarch 2005, he got an IBM Tivoli Monitoring 5.1.1 Deployment ProfessionalCertification and an IBM Tivoli Monitoring 6.1 Deployment ProfessionalCertification in April 2006.Petra Unglaub-Lloyd is a Level 2 Software Engineer in Austin, Texas. She has10 years of experience in the Tivoli Support field. She holds a degree fromHardin-Simmons University and the University of Bayreuth, Germany. Her areasof expertise include Level 2 defect support for IBM Tivoli Framework and IBMTivoli Configuration Manager.Thanks to the following people for their contributions to this project:Arzu Gucer, Sarita PovaiahInternational Technical Support Organization, Poughkeepsie CenterKristin Wall Gibson, Elizabeth PurzerIBM USxviii Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 20. Become a published authorJoin us for a two- to six-week residency program! Help write an IBM Redbookdealing with specific products or solutions, while getting hands-on experiencewith leading-edge technologies. Youll have the opportunity to team with IBMtechnical professionals, Business Partners, and Clients.Your efforts will help increase product acceptance and customer satisfaction. Asa bonus, youll develop a network of contacts in IBM development labs, andincrease your productivity and marketability.Find out more about the residency program, browse the residency index, andapply online at:ibm.com/redbooks/residencies.htmlComments welcomeYour comments are important to us!We want our Redbooks to be as helpful as possible. Send us your commentsabout this or other Redbooks in one of the following ways: Use the online Contact us review redbook form found at: ibm.com/redbooks Send your comments in an email to: [email protected] Mail your comments to: IBM Corporation, International Technical Support Organization Dept. HYTD Mail Station P099 2455 South Road Poughkeepsie, NY 12601-5400 Preface xix 21. xx Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 22. 1Chapter 1. Certification overview This chapter provides an overview of the skill requirements to obtain an IBM Advanced Technical Expert certification. We designed the following sections to provide a comprehensive review of specific topics that are essential for obtaining the certification: IBM Professional Certification Program on page 2 Tivoli Provisioning Manager V5.1 Implementation certification on page 7 Recommended resources for study on page 8 Copyright IBM Corp. 2007. All rights reserved.1 23. 1.1 IBM Professional Certification ProgramHaving the right skills for the job is critical in the growing global marketplace. IBMProfessional Certification, designed to validate skill and proficiency in the latestIBM solution and product technology, can help provide that competitive edge.The IBM Professional Certification Program is available on the Web at:http://www.ibm.com/certify/index.shtmlThe Professional Certification Program from IBM offers a business solution forskilled technical professionals seeking to demonstrate their expertise to theworld.This program is designed to validate your skills and demonstrate your proficiencyin the latest IBM technology and solutions. In addition, professional certificationwill help you excel at your job by giving you and your employer the confidencethat your skills have been tested. You will be able to deliver higher levels ofservice and technical expertise than non-certified employees and move on afaster career track. Professional certification puts your career in your control.The certification requirements are difficult, however, they are not overwhelmingeither. It is a rigorous process that differentiates you from everyone else.The mission of IBM Professional Certification is to: Provide a reliable, valid, and fair method of assessing skills and knowledge. Provide IBM with a method of building and validating the skills of individuals and organizations. Develop a loyal community of highly-skilled certified professionals who recommend, sell, service, support, and use IBM products and solutions.The Professional Certification Program from IBM has developed certification rolenames to guide you in your professional development. The certification rolenames include IBM Certified Specialist, IBM Certified Solutions/Systems Expert,and IBM Certified Advanced Technical Expert for technical professionals whosell, service, and support IBM solutions. For technical professionals inapplication development, the certification roles include IBM Certified DeveloperAssociate and IBM Certified Developer. An IBM Certified Instructor certifies theprofessional instructor.The Professional Certification Program from IBM provides you with a structuredprogram leading to an internationally recognized qualification. The program isdesigned for flexibility by allowing you to select your role, prepare for and taketests at your own pace, and, in some cases, select from a choice of elective testsbest suited to your abilities and needs. Some roles also offer a shortcut by givingcredit for a certification obtained in other industry certification programs.2 Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 24. You can be a network administrator, systems integrator, network integrator,solution architect, solution developer, value-added reseller, technical coordinator,sales representative, or educational trainer. Regardless of your role, you canstart charting your course through the Professional Certification Program fromIBM today.1.1.1 Benefits of certificationCertification is a tool to help objectively measure the performance of aprofessional on a given job at a defined skill level. Therefore, it is beneficial forindividuals who want to validate their own skills and performance levels, theiremployees, or both. For optimum benefit, the certification tests must reflect thecritical tasks required for a job, the skill levels of each task, and the frequency bywhich a task needs to be performed. IBM prides itself in designingcomprehensive, documented processes that ensure that IBM certification testsremain relevant to the work environment of potential certification candidates.In addition to assessing job skills and performance levels, professionalcertification can also provide such benefits as: For employees: Promotes recognition as an IBM certified professional Helps to create advantages in interviews Assists in salary increases, corporate advancement, or both Increases self-esteem Provides continuing professional benefits For employers: Measures the effectiveness of training Reduces course redundancy and unnecessary expenses Provides objective benchmarks for validating skills Makes long-range planning easier Helps to manage professional development Aids as a hiring tool Contributes to competitive advantage Increases productivity Increases morale and loyalty For IBM Business Partners and consultants: Provides independent validation of technical skills Creates competitive advantage and business opportunities Enhances prestige of the team Contributes to IBM requirements for various IBM Business Partner programs Chapter 1. Certification overview 3 25. Specific benefits can vary by country (region) and role. In general, after youbecome certified, you should receive the following benefits: Industry recognition Certification may accelerate your career potential by validating your professional competency and increasing your ability to provide solid, capable technical support. Program credentials As a certified professional, you receive your certificate of completion and the certification mark associated with your role for use in advertisements and business literature through e-mail. You can also request a hardcopy certificate, which includes a wallet-size certificate. The Professional Certification Program from IBM acknowledges the individual as a technical professional. The certification mark is for the exclusive use of the certified individual. Ongoing technical vitality IBM Certified professionals are included in mailings from the Professional Certification Program from IBM.1.1.2 Tivoli Software Professional CertificationThe IBM Tivoli Professional Certification program offers certification testing thatsets the standard for qualified product consultants, administrators, architects,and partners.The program also offers an internationally recognized qualification for technicalprofessionals seeking to apply their expertise in todays complex businessenvironment. The program is designed for those who implement, buy, sell,service, and support IBM Tivoli solutions and want to deliver higher levels ofservice and technical expertise.Whether you are a Tivoli customer, partner, or technical professional wanting toput your career on the fast track, you can start on the road to becoming a TivoliCertified Professional today.Benefits of Tivoli certificationTivoli certification provides the following benefits: For the individual: IBM Certified certificate and use of logos on business cards4 Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 26. Note: Certificates are sent by e-mail. However, a paper copy of thecertificate along with a laminated wallet card can also be requested bysending an e-mail to the following address:mailto:[email protected] Recognition of your technical skills by your peers and management Enhanced career opportunities Focus for your professional development For the IBM Business Partner: Confidence in the skills of your employees Enhanced partnership benefits from the IBM Business Partner program Billing your employees out at higher rates Strengthens your proposals to customers Demonstrates the depth of technical skills available to prospective customers For the customer: Confidence in the services professionals handling your implementation Ease of hiring competent employees to manage your Tivoli environment Enhanced return on investment (ROI) through more thorough integration with Tivoli and third-party products Ease of selecting a Tivoli Business Partner that meets your specific needsCertification checklistHere is the certification checklist:1. Select the certification that you want to pursue.2. Determine which test or tests are required by reading the certification role description.3. Prepare for the test, using the following resources provided: Test objectives Recommended educational resources Sample/assessment test Other reference materials Opportunities for experience Chapter 1. Certification overview 5 27. Note: These resources are available from each certification description page, as well as from the Test information page.4. Register to take a test by contacting one of our worldwide testing vendors: Thomson Prometric Pearson Virtual University Enterprises (VUE) Note: When providing your name and address to the testing vendor, be sure to specify your name exactly as you want it to appear on your certificate.5. Take the test. Be sure to keep the Examination Score Report provided upon test completion as your record of taking the test. Note: After taking a test, your test results and demographic data (including name, address, e-mail, and phone number) are sent from the testing vendor to IBM for processing (allow two to three days for transmittal and processing). After all the tests required for a certification are passed and received by IBM, your certificate will be issued.6. Repeat steps 3 through 5 until all the required tests are successfully completed for the desired certification role. If additional requirements are needed (such as an other vendor certification or exam), follow the instructions on the certification description page to submit these requirements to IBM.7. After you complete your certification requirements, you will be sent an e-mail asking you to accept the terms of the IBM Certification Agreement before receiving the certificate.8. Upon acceptance of the terms of the IBM Certification Agreement, an e-mail will be sent containing the following electronic deliverables: A Certification Certificate in PDF format, which can be printed in either color or black and white A set of graphic files of the IBM Professional Certification mark associated with the certification achieved Guidelines for the use of the IBM Professional Certification mark9. To avoid unnecessary delay in receiving your certificate, ensure that we have your current e-mail on file by keeping your profile up-to-date. If you do not have an e-mail address on file, your certificate will be sent through postal mail.6 Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 28. After you receive a certificate by e-mail, you can also contact IBM to request that a hardcopy certificate be sent by postal mail by contacting: mailto:[email protected]: IBM reserves the right to change or delete any portion of the program,including the terms and conditions of the IBM Certification Agreement, at anytime without notice. Some certification roles offered through the IBMProfessional Certification Program require recertification.1.2 Tivoli Provisioning Manager V5.1 Implementationcertification We can categorize the certification process as follows:Job role description/target audience:A Tivoli Certified Consultant Tivoli Provisioning Manager V5.1 is a technicalprofessional responsible for planning, installation, configuration, operations,administration, and maintenance of an Tivoli Provisioning Manager V5.1solution. This individual will be expected to perform these tasks with limitedassistance from peers, product documentation, and support resources.To attain the IBM Certified Deployment Professional - Tivoli ProvisioningManager V5.1 Implementation certification, candidates must pass one test.Required prerequisites: Strong working knowledge of Tivoli Provisioning Manager V5.1infrastructure components Working knowledge of operating system and networking and firewallconcepts Basic knowledge of supported databases Basic knowledge of protocols, including HTTPCore requirement:In order to be certified, you must select Test 898 - Tivoli ProvisioningManager V5.1 Implementation: Test 898 objectives Test 898 sample test Test 898 recommended educational resources Number of questions: 84 Chapter 1. Certification overview 7 29. Duration in minutes: 105 Format: Multiple choice Required passing score: 55%1.2.1 Test 898 objectivesFor the most updated objectives of the Tivoli Provisioning ManagerV5.1Implementation certification test, go to the Tivoli Certification Web site andselect the Tivoli Provisioning Manager V5.1 Implementation certification test link:http://www-03.ibm.com/certify/tests/obj898.shtml1.2.2 How to get your 15% discount on the Tivoli ProvisioningManager V5.1 certificationYou can receive a 15% discount on the Tivoli Provisioning Manager V5.1certification, if taken at any Thomson Prometric testing center. Just remember touse the code 15T898.1.3 Recommended resources for studyCourses and publications are offered to help you prepare for the certificationtests. The courses are recommended, but not required, before taking acertification test. If you want to purchase Web-based training courses or areunable to locate a Web-based course or classroom course at the time andlocation you desire, contact one of our delivery management teams at: Americas: mailto:[email protected] EMEA: mailto:[email protected] AP: mailto:[email protected] Note: Course offerings are continuously being added and updated. If you do not see the courses listed in your geography, contact the delivery management team.1.3.1 CoursesCourse names and course numbers vary depending on the education deliveryarm used in each geography. Refer to the Tivoli software education Web site tofind the appropriate course and education delivery vendor for each geography.General training information is also available at IBM IT Training at:http://ibm.com/training8 Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 30. 1.3.2 Publications Before taking the test 898, Tivoli Provisioning Manager V5.1 Implementation, we recommend that you review Tivoli Provisioning Manager V5.1 guides and IBM Redbooks. For the online publications of Tivoli Provisioning Manager V5.1, refer to the following link: http://publib.boulder.ibm.com/infocenter/tivihelp/v13r1/index.jsp IBM Tivoli Provisioning Manager V5.1 redbooks You can refer to Deployment Guide Series: IBM Tivoli Provisioning Manager Version 5.1, SG24-7261. This book focuses on the planning and deployment of Tivoli Provisioning Manager V5.1 in production environments. The target audience for this book is IT specialists who will be working on new Tivoli Provisioning Manager V5.1 installations.Chapter 1. Certification overview 9 31. 10 Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 32. 2Chapter 2. Planning and architecture This chapter provides information about successfully planning a proper architecture for Tivoli Provisioning Manager version 5.1. It will summarize how components interact. In this chapter, the following topics are discussed. We will explore different scenarios based on the number of agents, network restrictions, hardware availability and supported operating systems. It will furthermore provide advise about the configuration that is to be chosen, depending on the size of the environment to be managed. This chapter includes the following sections: Tivoli Provisioning Manager V5.1 components on page 12 Scalability on page 15 Supported Platforms for Tivoli Provisioning Manager version 5.1 on page 21 Infrastructure deployment considerations on page 22 Copyright IBM Corp. 2007. All rights reserved. 11 33. 2.1 Tivoli Provisioning Manager V5.1 components Figure 2-1 shows the architecture of a Tivoli Provisioning Manager. Figure 2-1 Tivoli Provisioning Manager architecture If Tivoli Provisioning Manager is configured properly, it automates complex provisioning tasks across servers, applications, networks and storage to reduce IT workload. It reduces human error and increases resource utilization.12 Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 34. Tivoli Provisioning Manager includes the following main components: Provisioning server The provisioning server is the server on which Tivoli Provisioning Manager is installed. The provisioning server contains the following sub-components: Provisioning databaseThe provisioning database is the physical database for Tivoli ProvisioningManager. It holds the data center model. Data center modelThe data center model is a representation of all the physical and logicalassets that the Tivoli Provisioning Manager manages. It keeps track of thedata center hardware and associated allocations to applications, as wellas changes to configuration. When a workflow successfully completes arequested change, the data center model is updated to reflect the currentdata center infrastructure. AutomationAn automation package is a collection of workflows, scripts, othercommands and tools that apply to the operation of a specific type ofsoftware component or a physical device. The deployment enginemanages the deployment of workflows and associated components in anautomation package. Compliance and remediationCompliance management allows you to examine the software and securitysetup on a target computer in your managed infrastructure. If the desiredconfiguration does not match, noncompliance occurs andrecommendations on how to fix it are generated. ReportingReports allow you to retrieve current information about data centerinventory, activity, and system compliance. Tivoli Provisioning Managerreporting functionality includes: Several predefined reports. A Web-based query builder, which allows you to easily customizeexisting reports or create new reports. Easier access to information in the data model through more than 40high-performance views. Easier sharing of report definitions through enhanced import andexport capabilities in the Web interface. Charts and graphs. Chapter 2. Planning and architecture 13 35. The ability to schedule reports to run at a later time including repeatingintervals. E-mail report distribution and notification. Integration with third-party reporting software. DiscoveryDiscovery provides automated processes that allow you to find resources,as well as any changes to existing resources, within your managed ITinfrastructure. Tivoli Provisioning Manager provides the followingdiscovery technologies: Microsoft Active Directory discovery Tivoli Provisioning Manager Network discovery Tivoli Provisioning Manager Inventory discovery IBM Discovery library reader Deployment infrastructureTivoli Provisioning Manager supports reconfiguring and reallocation ofresources in your managed environment using two different deploymentinfrastructures: Scalable software distribution infrastructureThe scalable software distribution infrastructure is based onservice-oriented architecture (SOA). It provides standard services forperforming software distribution and compliance activities in a scalabletwo or three tiers implementation that includes branch officemanagement. Deployment engine infrastructureThe deployment engine infrastructure is responsible for automatedprovisioning.Web Services allow you to access the Tivoli Provisioning Manager datacenter model directly rather than launching the Web interface. By usingthe Web Services, you can access, manipulate, or change objects directlyin the data center model. Note: The computer you are using to access the Web interface must be on the same network as the provisioning server. You must use Microsoft Internet Explorer 6.0.29 or later or Firefox 1.5 or later.The command-line interface provides access to Tivoli ProvisioningManager features with SOAP. Administrators have the flexibility to performtasks such as creating scripts that run specific SOAP commands or settingup external tools to send SOAP commands in response to an event.14 Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 36. Operator and administrator consoleThe Web-based operator and administrator console allows you to interactwith the Tivoli Provisioning Manager server. The operator and administratorconsole provides a graphical representation of the data center, includeswizards to simplify configuration, and other features such as reporting andtask status tracking that are not available from the command-line interface.Automation Package Developer EnvironmentThe Automation Package Developer Environment (APDE) is anEclipse-based plug-in environment that automation package developers canuse to customize existing automation packages or create new automationpackages.IBM Open Process Automation LibraryThe IBM Open Process Automation Library (OPAL) is an IBM-managedshared library of process automation. It is a comprehensive online catalog,which contains over 500 IBM Tivoli and Business Partners Productextensions including: automation packages, integration adapters, agents,documentation, and supporting information.User directoryTivoli Provisioning Manager integrates with several directory servers, allowingyou to manage your user accounts and user authentication using a directoryserver of your choice.2.2 Scalability A distributed networking infrastructure inherits scalable characteristics by design. No single analysis of scalability and performance can determine the absolute hard limits of a distributed product. A distributed system in theory should extend to infinity. However, as distributed systems increase in scalability, performance loss may increase to an unsustainable boundary. Tivoli Provisioning Manager follows the basic scalable characteristic in this design. Adding hardware capacity in the form of remote depots (and remote Federating Agents, when the three-tier infrastructure for Device Management Service will be available) distributes the load and allows more connected agents. From a design point of view, Tivoli Provisioning Manager for Dynamic Content Delivery (providing the dynamic content delivery service component) has been embedded into Tivoli Provisioning Manager to provide a highly scalable and reliable infrastructure for software and patch distribution. Dynamic Content Delivery Service component has been, in fact, proven to be able to manage large infrastructure with optimal performance. The following features of DynamicChapter 2. Planning and architecture 15 37. Content Delivery Service component contributes efficiently to scalability and reliability of Tivoli Provisioning Manager V5.1 in the following ways: The Tivoli Provisioning Manager dynamic content delivery service enables the efficient distribution of files and bulk content to large numbers of targets using distributed depot servers and peer-to-peer services. Clients installed as subagents on all the managed systems or endpoints at the regional branch request to download files from depot servers or from other clients. Dynamic Content Delivery Service can be configured to be peer-based or hierarchical. In most client-based scenarios, for example, retail, the customer does not need a server-per-branch for distributions. Customers can potentially save money on hardware as they do not need per-branch servers. Dynamic Content Delivery Service supports a dynamic environment with roaming endpoints. When you take your mobile computer to another location, the dynamic content delivery service sub-agent searches for the nearest local distribution points based on subnets and domains or user-defined regions. There is no single point of failure if the environment is properly configured. Even if network connectivity to the Tivoli Provisioning Manager server is lost, distributions in process can continue.Note: When link to Tivoli Provisioning Manager server is lost, thedistribution will be completed, but Tivoli common agent will be able toreport the status after the connection is restored. Dynamic Content Delivery Service can handle large files. This may be important to customers in scenarios such as upgrading entire operating systems. It has an adaptive bandwidth control that works. This reduces performance problems related to network overload. Dynamic Content Delivery Service supports checkpoint or restarts in case of an interrupted distribution. In Tivoli Provisioning Manager V5.1, the Dynamic Content Delivery Service infrastructure can be configured to allow each endpoint to download a file from up to four servers simultaneously. This speeds up the file transfer and makes the process faster and easier for the user. From a scalability standpoint, the Dynamic Content Delivery Service component therefore plays a key role. Device Management Service components also has some configurable parameters that might impact the performance. For example, the polling mechanism for new jobs between agents and Tivoli Provisioning Manager has a16 Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 38. random time interval that is added to the polling frequency. Therefore, jobrequests coming from the agent do not all arrive at the same time. In some waythis mechanism allows the management of large software deployment andinventory scenarios. However, you have to be careful when setting this pollingtime to avoid having too much load on Device Management Service federatingagent.As the architect of a Tivoli Provisioning Manager implementation, consider thefollowing factors Number of physical systems and platform types to be managed Location of targets and available bandwidth Average size and frequency of packages to be distributed Geographical topology of the environment Network topology and firewall restrictions Estimated number of users and consoles2.2.1 Scalable Distribution Infrastructure for TivoliProvisioning Manager v.5.1The Scalable Distribution Infrastructure for Provisioning, also known as OAMPI(Operations, Administration, Maintenance and Provisioning Infrastructure)provides a scalable infrastructure for implementing software distribution activitiesinside Tivoli Provisioning Manager.It includes the following main components: Tivoli Common Agent Services It provides an infrastructure for managing the computer systems in your environment, enabling secure connections between managed systems and storing information about the managed systems and the software running on them. Dynamic Content Delivery Service It enables the efficient distribution of files and content to a large number of targets through intermediate depot components and peer-to-peer distributions between agents. Device Management Service It provides a solution for managing various devices by performing jobs, which can be targeted to individual Tivoli Common Agent devices or to groups of devices. Each of them can perform its management activity through specific subcomponents installed on the Tivoli Provisioning Manager server and on the managed systems. Chapter 2. Planning and architecture17 39. Device Management Service Federator A device manager federator is installed on the provisioning server at the enterprise and is configured to act as a federated server. The federator implements a job distribution policy that pushes incoming jobs to all of the regional branch office agents. Note: Currently, a two-tiered federated environment is supported. Clients are installed as device manager subagents on the endpoints at the branch and are used for receiving job tasks from and returning results to the agents. It is installed on the provisioning server and is configured to act as a federated server. It implements a job distribution policy that pushes incoming jobs to remote agents. Jobs are actually submitted into the Device Management Service Federator to be sent to device manager subagents (installed on targets as a part on the Tivoli Common Agent) via intermediate Federating Agent components. Results are returned in the reverse direction. Device Management Service Federating Agent It periodically polls the federator server for jobs (default interval is 10 minutes), and results are passed up at the same time. Currently, only a single federating agent is implemented on the Tivoli Provisioning Manager server, while the remote federating agent will be supported in next releases. Federating agents are also referred to as federated agents. Device manager subagent The device manager client component is implemented as a subagent of the Tivoli Common Agent and communicates with federating agents, polling for new jobs, with a default value of 60 minutes. They are installed on the target systems as part of the Tivoli Common Agent. Dynamic content delivery services management center It is the central component of the dynamic content delivery services and provides overall control of the other dynamic content delivery service components. In particular, it maintains a list of files stored on each depot server and replicates files between depots. It also authorizes clients to download files and creates download plans.18 Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 40. DepotA depot server is a system that stores files in a designated directory ready fordistribution to target systems. Depot servers can also replicate these files toother depot servers to optimize network traffic. Note: There must be at least one Upload Depot, which is also referred as Preferred Upload Server, that replicates files to the other depots. Since it is installed as a Tivoli Common Agent subagent and since Tivoli Common Agent is not supported on Tivoli Provisioning Management server, a Tivoli Provisioning Manager installation will always need at least two separated systems in the central management environment, one for Tivoli Provisioning server and the other for the preferred upload server.Chapter 2. Planning and architecture 19 41. Dynamic content delivery services subagent Clients are installed as Tivoli Common Agent subagents on all the target managed systems. They can request to download files from depot servers or from other clients (peers). In this case, they work as miniature depot servers, which means they can hold copies of distributed files in a cache and act as sources for these files during downloads by their neighbors. Dynamic content delivery services subagents are not shown in Figure 2-2 to avoid making it unreadable. Although this subagent downloads files from depot or peers, Figure 2-2 also shows a two-way connection between Tivoli Common Agent and Management Center. In fact, dynamic content delivery service subagent installed on Tivoli Common agent has to contact Management Center to request and receive download plans and notify it when download from depot or peers is done. Figure 2-2 Tivoli Provisioning Manager Server20 Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 42. Common Agent Services Agent Manager It is installed on provisioning server and provides functions that allow clients to get information about agents and resource managers. It also includes a registration service, which provides authentication and authorization services and maintains a registry of configuration information about the managed certificates, registration, tracking of common agents, resource managers, status collection and forwarding. Tivoli common agent Tivoli common agent installed on depot servers and on target systems, is a common container for all the subagents. It provides shared system resources and secure connectivity. Tivoli common agent subagents actually allow to use it as an agent for several Tivoli products.2.3 Supported Platforms for Tivoli ProvisioningManager version 5.1 The Table 2-1 shows the supported platforms for Tivoli Provisioning Manager V5.1 and Tivoli common agent V1.3.Table 2-1 Supported platforms for Tivoli Provisioning Manager V5.1 and Tivoli common agent V1.3 Operating SystemsTivoli Provisioning ManagerTivoli Common Agent 1.3server 5.1 IBM AIX5L v5.2 64 bit ML7 5L v5.1 (32 and 64 bit)5L v5.3 64 bit Power5 ML15L v5.2 (32 and 64 bit) 5L v5.3 (32 and 64 bit) Sun Solaris9 on Sun SPARC Server8 (32 and 64 bit)10 on Sun SPARC Server 9 (32 and 64 bit) 10(32 and 64 bit) HP-UX-11i (32 and 64 bit) Windows 2000-Professional SP2 Server SP4 Advanced Server SP2 Windows XP Professional SP1(fast start only)Professional SP1Professional SP2 (fast start only) Professional SP2 Windows Server 2003 Standard Edition SP1 Standard EditionEnterprise Edition SP1 Standard x64 Edition Enterprise Edition Enterprise x64 Edition Chapter 2. Planning and architecture 21 43. Operating SystemsTivoli Provisioning ManagerTivoli Common Agent 1.3server 5.1 Linux Intel Family RHEL 4.0 32 bit update 3 RHEL 3.0 32 bitSLES 9.0 32 bit SP3RHEL 4.0 32 bit SLES 8.0 32 bit SLES 9.0 32 bit Linux AMD64/EM64T-REHL 4.0 64 bit SLES 9.0 64 bit Linux i/p Series Family (64-bit) -RHEL 3.0 RHEL 4.0 SLES 8.0 SLES 9.0 Linux zSeries -SLES 8.0 31 bit SLES 9.0 64 bitNote: Since depot is implemented as a subagent, it is supported on the sameplatforms as Tivoli common agent.2.4 Infrastructure deployment considerationsIn the following section of this chapter, we will focus on implementation of thisscalable distribution infrastructure for Tivoli Provisioning Manager, which is oneof the main improvements in version 5.1 and provides powerful scalabilityfeatures.Deployment scenarios attempt to provide realistic understanding of architecturedesign. These scenarios should be used mainly for guidance to assist in theplanning and deployment strategy used for a production installation, since everydeployment strategy is unique and only proper planning can guarantee asuccessful implementation.In this paragraph, we cover five scenarios:Demo installationSmall data centerSmall branch officeLarge data centerLarge branch office22Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 44. The next paragraph adds information about the management of some of these scenarios when there are firewall restrictions limiting communications between Tivoli Provisioning Manager and systems to be managed. Tivoli Provisioning manager actually provides two different installation infrastructures:Fast Start installationIt installs the Light Stack Tivoli Provisioning Manager. It has the samecapabilities as the full installation, but is based on Lightweight Infrastructureacting as the application server, an embedded database server(Cloudscape) and utilizes OS-based authentication.Small footprint, about 1 GB of memory and 5 GB of diskspace is required. Note: Lightweight Infrastructure is only supported on Windows.Full Enterprise installationIt installs the Enterprise Stack Tivoli Provisioning Manager, based onWebSphere as application server, DB2 or Oracle as database server,and Tivoli Directory Server or Microsoft Active Directory for authentication.2.4.1 Demo installation For demonstration purposes, the Fast Start version of Tivoli Provisioning Manager V5.1 server can be installed on a single machine running Windows XP. In order to perform software deployment tasks, you will need a second system to be used as an upload depot. To minimize the number of involved systems, this second machine can act both as depot and as target. This should allow to demonstrate main SOA infrastructure capabilities using only two systems. The Light Stack Tivoli Provisioning Manager should only be used for Test and Proof of Concept (POC) environments. It is not recommended to run production environments on the Light Stack Tivoli Provisioning Manager.2.4.2 Small Data Center A small data center scenario consist of a single local area network (LAN) hosting a limited number of servers to be managed. It implies installation of Tivoli Provisioning Manager and Upload Depot in the same LAN where systems to be managed are placed. Each target will download files from the upload depot. AsChapter 2. Planning and architecture23 45. mentioned in previous sections, it will also need to connect to Tivoli Provisioning Manager to perform the following activities: Polling Device Manager Service Federating Agent for new jobs Requesting and receiving download plans from dynamic content delivery service management center Notifying completion of download to dynamic content delivery service management center2.4.3 Small branch office A small branch office scenario is part of a probably more complex scenario where Tivoli Provisioning Manager has to manage a large infrastructure, with systems spread across a geographic network. It typically applies to a company, for instance a bank, managing desktops in several branches spread in different towns across a country or a wider area with slow connections between the management center and the remote offices. Depending on the specific characteristics of the company, you may have a standard branch office environment with dozens of desktops, or a heterogeneous configuration where some branches are larger than others and you have to manage from one Tivoli Provisioning Manager branch office hosting dozens of systems together with other branch offices hosting hundreds of them. A small branch office scenario usually involves software deployment to a very limited number of systems (dozens of desktops instead of hundreds). In this configuration, it does not make sense to have a depot installed in the remote branch office, especially when you have to dedicate a system, most likely with a large disk space, to manage less then ten systems. A peer-to-peer configuration allows use of one of the managed systems as a peer, so that it performs the first download from the depot and the other ones can download the files from it. Note: Using the central depot server, and then taking advantage of peer-to-peer sharing is the main advantage of this configuration, thus having a single machine performing the download of large files across a slow link.2.4.4 Large data center A large data center environment involves managing a large number of servers spread across different networks, which are both local and remote. In this scenario, we suggest the installation of a Tivoli Provisioning Manager depot in the central management LAN. Depending on the number of systems to be managed in this local network, you can take into consideration a direct24 Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 46. connection between local servers and the upload depot, or a local depot hierarchy. Remote systems connected across slow links can be managed, depending on the size of the remote environment and on the available hardware, using peers or remote depots. Various combinations of the configuration can be explored depending on the specific environment to be managed.Note: Consideration of the customers network topology can aid in properlyplacing the depot servers.2.4.5 Large branch office A large branch office scenario involves interaction with a remote branch hosting a large number of systems to be managed (hundreds of desktop instead of dozens). The scenario in section Small branch office on page 24 has shown that, when managing few desktops, peering mechanism allows you to avoid depot installation in branches, assuring optimization of file transfer between upload depot and target systems. When managing large numbers of desktops for each branch, having a depot hierarchy with one or more depots per branch allows you to optimize software. A Tivoli Provisioning Manager server and an Upload Depot are installed in the central management environment. One or more depots are installed in each remote branch office, managing software downloads from the upload depot. Each target in the branch office will receive software from its branch depot or depots. In this case, take into consideration connections between each managed system in the branch (depot included) and Tivoli Provisioning Manager server.2.4.6 System management across firewalls Managing desktops or servers across firewalls is a common problem while performing software deployment. Typical requirements for a solution to manage systems across firewalls are:Port consolidation: opening as few ports as possible to minimize impact onfirewall configuration.Firewall transversal solution: implies capability to operate across multiplefirewall zones in such a way as to permit a more secure network securityconfiguration in which each firewall has all ports needed by the product open.Chapter 2. Planning and architecture 25 47. Note: The Tivoli Provisioning Manager V5.1, the version that is generally available does not provide port consolidation and firewall transversal solution to cross multiple firewalls. It is expected that this functionality will be added in Tivoli Provisioning Manager V5.1 fix pack 1, which is currently not available. In the following sections, we will discuss the options that manage agents across firewalls. In particular, Ports used by Scalable Distribution Infrastructure components on page 26 considers the solution available in Tivoli Provisioning Managed GA version. When requirements about port consolidation are loose and there is only one firewall, configuration described in this section can be a simpler alternative to the transversal solution that will be provided in the near future.2.4.7 Ports used by Scalable Distribution Infrastructure components Table 2-2 provides the ports used by Scalable Distribution Infrastructure components. Note: Simple Network Management Protocol (SNMP) requires port 161 to be opened for traffic from management servers to managed devices. Common Agent Services require 9511,9512 and 9513, SSH port 22, SMB port 139, while Web Client requires port 9045 and 9046 for such communications.Table 2-2 Ports used by Scalable Distribution Infrastructure components SourceSourceSource DestinationDestination DestinationConnection systemComponent port system component port security TivoliCDS AnyDepotCDS depot 2100 Secure SSL ProvisioningManagementserver Manager Center server Depot CDS depot AnyDepotCDS depot 2100 Secure SSL serverserver TivoliCDS AnyDepotCDS depot 2100 Secure SSL commonsubagentserver agent Depot CDS depot AnyTivoli CDS 9045 Secure SSL server Provisioning Management9046ManagerCenter26 Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 48. Source SourceSource DestinationDestinationDestinationConnectionsystem Component port system componentport securityTivoli DMS AnyTivoli DMS9045 Secure SSLcommon subagent Provisioning federated9046agent ManageragentTivoli CDS AnyTivoli CDS9010 Secure SSLcommon subagent Provisioning Management 9015agent ManagerCenterTivoli Agent AnyTivoli Tivoli 9510 Secure SSLProvisioning Managercommon commonManager agentagentTivoli Nonstop AnyTivoli Tivoli 9514 Unsecurecommon processcommon common 9515agent agentagentTivoli TivoliAnyTivoli Agent9511 Secure SSLcommon common Provisioning ManageragentagentManagerTivoli TivoliAnyTivoli Agent9512 Secure SSLcommon common Provisioning Manager with ClientagentagentManagerAuthenticatio nTivoli TivoliAnyTivoli Agent9513 Unsecurecommon common Provisioning ManageragentagentManagerChapter 2. Planning and architecture27 49. 28 Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 50. 3Chapter 3. Installing Tivoli Provisioning Manager V5.1 This chapter describes the Tivoli Provisioning Manager 5.1 installation process. We both cover UNIX and Windows operating systems to show the differences of these two platforms. The chapter contains the following sections: Installation methods on page 30 Topology Installer Launcher on page 31 Supported installation topologies and operating system versions on page 31 Account required by the installation on page 39 Preinstallation checklist on page 39 Installing behind a firewall on page 42 Overview of the installation flow on page 43 Installation log files on page 46 Post installation steps on page 47 Automation Package Developer Environment (APDE) installation on page 50 Copyright IBM Corp. 2007. All rights reserved. 29 51. 3.1 Installation methods There are several methods that you can use for installation: Regular installation through the Topology Installer Launcher Silent installation Fast Start installation We provide more details about these methods in the following section.3.1.1 Regular installation A regular installation provides greater scalability and flexible deployment options: Install all components on a single node, or install the directory server on a separate node. Choose the middleware that you want to use for Tivoli Provisioning Manager, including more powerful database, application server, and authentication server options. Note: The availability of these installation options varies by operating system. Refer to the Installation Guide for your operating system for more details. This installation uses the Topology Installer Launcher that has been introduced with Tivoli Provisioning Manager V5.1. Refer to 3.2, Topology Installer Launcher on page 31 for details.3.1.2 Silent installation A silent installation provides you with the ability to predefine the settings for a regular installation and then run an unattended installation. It is useful for deploying the same installation to multiple environments.3.1.3 Fast Start installation A basic installation for a single server Windows environment without clustering, and without centralized administration of multiple server instances. A Fast Start installation uses a lightweight database, authentication server, and application server to support Tivoli Provisioning Manager.30 Certification Guide Series: IBM Tivoli Provisioning Manager V5.1 52. You can also install a demo server which is a single server installation that uses the internal database and user directory that come with Tivoli Provisioning Manager.3.2 Topology Installer Launcher The Topology Installer Launcher introduces an important enhancement regarding the installation mechanism. It is mainly a unified installer that allows you to install Tivoli Provisioning Manager and the required prerequisite software on multiple computers in a distributed topology. The Topology Installer Launcher is a wizard that prompts you for all the information required for the installation. It can install and configure the following prerequisite software:DB2 Universal DatabaseCygwin (for Windows operating system only)WebSphere Application ServerTivoli Directory ServerThe following core components are also installed on the Tivoli ProvisioningManager server: Tivoli Provisioning Manager for Dynamic Content Delivery Tivoli Common Agent Services, such as Agent Manager Job Management Service (DMS Federator) The Topology Installer Launcher can also configure an existing installation of Microsoft Active Directory in a Windows topology or Oracle Database in a Solaris topology. When you install software to multiple nodes, the Topology Installer Launcher can perform installation on each node in parallel.3.3 Supported installation to

Technology

Certification guide series ibm tivoli provisioning manager v5.1 sg247262