Requirements for using Remote Execution and Access (RXA)

WebSphere® Application Server Network Deployment provides new management features, such as initiating installations of product packages and maintenance for distributed platforms from the administrative console. To provide this new functionality, the product uses the Tivoli Remote Execution and Access (RXA) toolkit to access your remote workstations. For this facility to work, you must complete target-specific requirements.

Windows target requirements

Many RXA operations require access to resources that are not generally accessible by standard user accounts. Therefore, the account names that you use to log onto remote Windows targets must have administrative privileges.

Simple file sharing

Windows XP system targets must have simple file sharing disabled for RXA to work. Simple networking requires that you log in as guest. A guest login does not have the authorization necessary for RXA to function correctly.

To disable Simple File Sharing, open Windows Explorer and click Tools > Folder Options > View > Use Simple File Sharing. Clear the Use Simple File Sharing check box. Click Apply and OK.

Firewalls

Windows XP systems include a built-in firewall called the Internet Connection Firewall (ICF), which is disabled by default. For Windows XP Service Pack 2 systems, the Windows firewall is enabled by default. If either firewall is enabled on a Windows target workstation, RXA cannot access the target workstation. On Windows XP Service Pack 2, you can select the File and Printer Sharing check box in the Exceptions tab of the Windows Firewall configuration to allow access. Do not block port 445.

Administrative sharing

You must enable the remote registry administration, which is the default configuration, on the target workstation for RXA to run commands and scripts. To verify that the remote registry is enabled and started, click Start > Programs > Administrative Tools > Services. From Remote Registry, ensure the status of the service is started.

You must enable administrative sharing to successfully use RXA to connect to your Windows systems targets. Examples of the default administrative disk share are C$ and D$ . If you disable sharing, RXA considers directories that are located within the drives as hidden. In this case, the following message is displayed:

XCIM0009E: Error connecting to remote target <host_name>. Exception: java.io.FileNotFoundException: CTGRI0003E The remote path name specified cannot be found: file_or_directory_path>. Cause: com.starla.smb.SMBException: The network name is incorrect.

Follow these steps to enable administrative sharing:

  1. Click My Computer.
  2. Right click the disk drive that you are enabling for administrative sharing.
  3. Click Sharing and Security.
  4. Select Share this folder.
  5. Specify the share name, such as C$ or D$, and click OK.

Linux and UNIX target requirements

The centralized installation manager, through RXA, uses SSH Version 2 to access UNIX and Linux target workstations. This usage requires the use of either OpenSSH 3.6.1 (or, if accessing AIX targets, OpenSSH 4.7), or Sun SSH 1.1 on the target hosts.

Note that OpenSSH 3.7.1, or higher, contains security enhancements not available in earlier releases, and is recommended.

Avoid trouble Avoid trouble: OpenSSH Version 4.7.0.5302 for IBM AIX Version 5.3 is not compatible with Remote Execution and Access Version 2.3. If your target systems are running AIX Version 5.3 with OpenSSH Version 4.7.0.5302 installed, the file transfer might stop in the middle of the transfer. To avoid this problem, revert the OpenSSH version from Version 4.7.0.5302 to Version 4.7.0.5301.gotcha

Using Secure Shell (SSH) protocol

Remote Execution and Access does not supply SSH code for UNIX operating systems. You must ensure SSH is installed and enabled on any target you want to access using CIM.

In all UNIX environments except Solaris, the Bourne shell (sh) is used as the target shell. On Solaris targets, the Korn shell (ksh) is used instead due to problems encountered with sh.

To communicate with Linux and other SSH targets using password authentication, you must edit the /etc/ssh/sshd_config file on the targets and set the following property:
PasswordAuthentication yes 

The default value for the PasswordAuthentication property is no.

After changing this setting, stop and restart the SSH daemon using the following commands:
/etc/init.d/sshd stop 
/etc/init.d/sshd start 

IBM i targets

Use of SSH public/private key authentication to IBM i targets is not supported.




Related tasks
Getting started with the centralized installation manager (CIM)
Concept topic Concept topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Feb 6, 2014 2:38:31 AM CST
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=compass&product=was-nd-iseries&topic=cins_cim_rxa_requirements
File name: cins_cim_rxa_requirements.html