A secure proxy administrative agent provides a single interface
to administer multiple secure proxy servers.
About this task
An administrative agent can monitor and control multiple
servers on one or more nodes. By using a single interface to administer
your servers, you reduce the overhead of running administrative services
in every server.
Use the WebSphere Customization Toolbox or
the zpmt command and the customization jobs that
they generate to configure a secure proxy administrative agent on
z/OS. The secure proxy administrative agent does not run an administrative
console application; instead, it accepts commands through scripting
or from a job manager with which it is registered. The administrative
agent must run on the same z/OS system as the secure proxy servers
that it manages, and it must use the same SAF configuration group
as the servers to be managed.
After the administrative agent
is up and running, you can use the following commands to register
and unregister a secure proxy server node with the administrative
agent:
- registerNode
Run the registerNode command
to register a node with the administrative agent. When you run the
command, the standalone node is converted into a node that the administrative
agent manages. The administrative agent and the node being registered
must be on the same system. You can only run the command on an unfederated
node. If the command is run on a federated node, the command exits
with an error.
Any node registered with the administrative agent
automatically becomes eligible to register with the job manager.
- deregisterNode
Use the deregisterNode command
to deregister a node from an administrative agent so that you can
use the node standalone or register the node with another administrative
agent. The node must have been previously registered with the administrative
agent. When you deregister a node, the node configuration is retained
but is marked as not registered with the administrative agent.
An administrative agent can register any of the profiles
that it manages with a job manager.
For more information, read
the Administering nodes using the administrative agent article
in the information center.
Restrictions: If
global security is enabled, the following restrictions apply to the
administrative agent:
- - From the administrative console:
- You will not see the status of the proxy servers.
- You will not be able to start or stop the proxy servers. Use the
command-line tools instead.
- You cannot use runtime tabs to make changes to the running proxy
servers.
- From scripting, you will not be able to use the AdminControl scripting
object to make changes to the proxy servers.
Caution: Keep your environment secure. Do not disable
administrative security to work around the restrictions.