A secure proxy administrative agent provides a single interface
to administer multiple secure proxy servers.
About this task
An administrative agent can monitor and control multiple
servers on one or more nodes. By using a single interface to administer
your servers, you reduce the overhead of running administrative services
in every server.
Use the WebSphere Customization Tools or the zpmt command
and the customization jobs that they generate to configure a secure
proxy administrative agent on z/OS. The secure proxy administrative
agent does not run an administrative console application; instead,
it accepts commands through scripting or from a job manager with which
it is registered. The administrative agent must run on the same z/OS
system as the secure proxy servers that it manages, and it must use
the same SAF configuration group as the servers to be managed.
After
the administrative agent is up and running, you can use the following
commands to register and unregister a secure proxy server node with
the administrative agent:
- registerNode
Run the registerNode command
to register a node with the administrative agent. When you run the
command, the standalone node is converted into a node that the administrative
agent manages. The administrative agent and the node being registered
must be on the same system. You can only run the command on an unfederated
node. If the command is run on a federated node, the command exits
with an error.
Any node registered with the administrative agent
automatically becomes eligible to register with the job manager.
- deregisterNode
Use the deregisterNode command
to deregister a node from an administrative agent so that you can
use the node standalone or register the node with another administrative
agent. The node must have been previously registered with the administrative
agent. When you deregister a node, the node configuration is retained
but is marked as not registered with the administrative agent.
An administrative agent can register any of the profiles
that it manages with a job manager.
For more information, read
the "Administering nodes using the administrative agent" article in
the information center.
Restrictions: If
global security is enabled, the following restrictions apply to the
administrative agent:
-
- From the administrative console:
- You will not see the status of the proxy servers.
- You will not be able to start or stop the proxy servers. Use the
command-line tools instead.
- You cannot use runtime tabs to make changes to the running proxy
servers.
- From scripting, you will not be able to use the AdminControl scripting
object to make changes to the proxy servers.
Caution: Keep your environment secure. Do not disable
administrative security to work around the restrictions.