Monday, 5 September 2016

Management Centrel : Properties

Management Central server


Require password on endpoint systems
Specifies that the user profile used to sign on to the central system must have the same password on each endpoint system. Even if this box is not checked, the user profile used to sign on to the central system must exist on each endpoint system. Selecting this box sets only the value for the central system. Each endpoint system must be explicitly configured to require the password for Management Central functions.

Use Secure Sockets Layer (SSL)
Specifies the use of SSL to ensure secure transmissions between the central system and the endpoint systems. SSL provides the transport and authentication of public key system certificates as well as private connection and data encryption. An SSL connection can occur only between an SSL-enabled central system and an SSL-enabled endpoint system. An SSL-enabled system is a system on which the required administration and configuration tasks have been performed.

Authentication level
If Use Secure Sockets Layer (SSL) is selected, select an authentication level.

Maximum data transfer size (MB)
Specifies the maximum size in MB for a list of fixes sent from a source system to the endpoint system. The value specified must be less than or equal to 2048. This does not apply to sending files, folders, or packages to systems or groups. Limiting the size of the list effectively limits the length of time allowed to complete the data transfer.

Maximum connections
Specifies the maximum number of endpoint systems that the central system can connect to at the same time. For example, if 200 for Maximum connections specified and then connect to 202 endpoint systems, two connections fail.

Endpoint connection time-out (seconds)
Specifies the number of idle seconds that the central system waits before the attempt to connect to an endpoint system is ended.

IP address lookup frequency
Specifies how often the IP address must be verified when connecting to an endpoint system. Select Always or Never.
•If Always is selected connecting to an endpoint system takes longer, but the IP addresses are always correct.
•If Never is selected connecting to an endpoint system is quicker because the connection uses the IP address currently stored in Management Central. Run Discover Systems at any time to update the list of IP addresses stored in Management Central.
Refer to online help for which configuration options require the user to restart the MC server jobs.


Posted by at No comments:
Labels:

Configure Connection




In order to be designated as the Management Central system, the System i must be in the list under My Connections.

To see these windows:
1.Right-click My connections.
2.Select Connection to Servers.
3.Select Add Connection.

The final part of the process of adding a new connection is to verify the connection. It is useful to check that all components on the server are running. You can Verify Connection for an existing connection by right-clicking the server in the list of connections, then selecting Connection to Server>Verify Connection.



Posted by at No comments:
Labels:

basic and Extended Operation


Basic support Options

System i Navigator Base Support
•Many things are included here for underlying support such as common dll and jar files

Basic Operations
•Message actions
•Ability to view spooled files

Work Management
•Job actions for job and system monitor menus

Configuration and Services
•Ability to view inventory directly
•Directly launch graph history from management collection objects
Network
•View, start and stop servers such as Management Central

File Systems
•Ability to view and select items from the file system such as files and programs
Users and Groups
•Edit and send user profiles

Command
•Create command definitions and run across a set of endpoint systems
Packages and Products
•Ability to package object and files
•Create installable products and PTFs

Monitors
•System monitors
•Job monitors
•Message monitors

Posted by at No comments:
Labels:

Packing and Installation

Management Central is included as a component of System i Access for Windows at no additional cost.
The host System i function is integrated into base i. The client function is integrated into System i Navigator which ships as part of System i Access for Windows.
The connectivity general rule of thumb is that N-2 and N+2 releases are supported. It is recommended that your client and server be compatible as closely as possible. That would mean a V6R1 client connects to a V6R1 server.
Management Central is a subcomponent of System i Navigator and is not installed with a typical installation of System i Access for Windows. When installing, choose Custom Install. Expand the System i Navigator tree and select the appropriate components such as Monitors and Commands.

Posted by at No comments:
Labels:

Command and Graph Interface


System i Navigator is a powerful Graphical User Interface (GUI) that provides an explorer-like view of system resources. 
The integration of System i Navigator with the Windows client desktop is an advantage for administrators and operators as well as end users who do not have an extensive knowledge of Control Language (CL) commands.
System i Navigator has been available since V3R1M1 of Client Access for Windows 95. Continuous enhancements have been made to the application to support other 32-bit windows clients and also to include additional functions such as Database, File Systems and so on.
You need the System Configuration (known as Configuration and Services in the hierarchical tree of System i Navigator) to view a list of hardware (including the operational status) and software (installed product or supported product) on the system. 
Fixes (PTFs) management and Collection Services are also available under this category if the Management Central component is installed.
You use the Network function to work with the TCP/IP configuration as well as configure and manage new communication interfaces (PPP, SLIP) using wizards. It also allows you to work with both TCP/IP servers and System i Access host servers.


The Security function provides a security wizard that runs through a set of questions and generates a security recommendation based on your answers. 
You can also manipulate security and auditing system values.
Posted by at No comments:
Labels:

Wednesday, 24 August 2016

System Request


To prevent specific users from seeing the System Request menu, specify: GRTOBJAUT OBJ(QSYS/QGMNSYSR)OBJTYPE(*PNLGRP)  
USER(USERA)AUT(*EXCLUDE)

A user can use the system request function to suspend the current job and display the System Request Menu. The System Request Menu allows the user to send and display messages, transfer to a second job, or end the current job. This might represent a security exposure because the public authority to the System Request Menu is *USE when a system is shipped.
To call up the System Request menu:
1.Press the Sys Req key to show key an input line at the bottom of the display.
2.Press Enter to show the System Request Menu.
Each time the System Request key is pressed, the system automatically changes the current user profile of the job to the initial user profile of the job. This is done so that the user does not have any additional authority on the System Request menu or in the Presystem Request Program exit program. After the System Request function is completed, the current user profile of the job is returned to the value that it was before the System Request key was pressed.

From the System Request menu enter an option 1 to display the signon for a secondary job (Job B in this example). The original job (Job A in this example) is suspended during the time Job B is processed.
If the operator presses Sys Req and picks option 1, Job B is suspended and Job A is continued from the point it was suspended.
Thus, the operator can jump between two jobs, processing one while the other is suspended.
When the operator signs off one job (either one) the other job is given control to continue processing.

Restricting the use of system request menu options


Any of the options can be restricted by removing public

authority to the associated command.

You can prevent users from selecting specific options from the System Request Menu by restricting the authority to the associated commands


Posted by at No comments:
Labels:

System Request


To prevent specific users from seeing the System Request menu, specify: GRTOBJAUT OBJ(QSYS/QGMNSYSR)OBJTYPE(*PNLGRP)  
USER(USERA)AUT(*EXCLUDE)

A user can use the system request function to suspend the current job and display the System Request Menu. The System Request Menu allows the user to send and display messages, transfer to a second job, or end the current job. This might represent a security exposure because the public authority to the System Request Menu is *USE when a system is shipped.
To call up the System Request menu:
1.Press the Sys Req key to show key an input line at the bottom of the display.
2.Press Enter to show the System Request Menu.
Each time the System Request key is pressed, the system automatically changes the current user profile of the job to the initial user profile of the job. This is done so that the user does not have any additional authority on the System Request menu or in the Presystem Request Program exit program. After the System Request function is completed, the current user profile of the job is returned to the value that it was before the System Request key was pressed.


Posted by at No comments:
Labels:

Signon User


After the user enters a user ID and password, these steps are performed before a job is actually started on the system:
1.The user profile and password are verified.
2.The user’s authority to use the workstation is checked.
3.The system verifies authority for the values in the user profile and in the user’s job 
    description that are used to build the job structure, such as: job description, output queue, current library, libraries in library list.

After the job is started, these steps are performed before the user sees the first display or menu:
1.If the routing entry for the job specifies a user program, normal authority checking is done for the program, the program library, and any objects used by the program.
2.If the routing entry specifies the command processor (QCMD):
a.Authority checking is done for the QCMD processor program, the program library, and any objects used, as described in step 1
b.The user’s authority to the Attention-key-handling program and library is checked
c.Normal authority checking is done for the initial program (and its associated objects) specified in the user profile
d.Normal authority checking is done for the initial menu (and its associated objects) specified in the user profile


If the user has the capability, a keyed menu name overrides the menu name in the user profile. *SIGNOFF is a valid menu name. It causes the user to be signed off. Menu name may not be blank.


Posted by at No comments:
Labels:

Tuesday, 23 August 2016

Installed Software


Notes:
To see a listing of the IBM LPP’s (Licensed Program Products) installed on a system you can use both a 5250 green screen interface as well as System I Navigator.
To display this information using a 5250 emulation session issue the command ‘Go LICPGM’ then select option 10 – Display installed software. The command that is being called by this menu option is DSPSFWRSC (Display Software Resources).
To display this information using System i Navigator to view of all software installed on a system. You can display this by:
1.Expanding system folder under My Connections
2.Expanding Configuration and Service
3.Expanding Software

4.Clicking Installed Products
Posted by at No comments:
Labels:

Power Hypervisor





System i servers work with a different structure when compared to the previous technologies used with AS/400 and iSeries servers. 
Above the POWER5 technology-based hardware is a code layer called the POWER Hypervisor. 
This code is part of the firmware shipped with the System i hardware. 
The POWER Hypervisor resides in flash memory on the Service Processor. 
This firmware performs the initialization and configuration of the System i hardware, as well as the virtualization 
support required to run up to 254 partitions concurrently on the System i servers. 
Partition Licensed Internal Code (PLIC) allows for management of multiple partitions of the System i hardware
It is included as part of the POWER Hypervisor.

The layers above the POWER Hypervisor are different for each supported operating system. 
The layers of code supporting Linux and AIX 5L consist of System Firmware and Run-Time Abstraction 
Services (RTAS).
Posted by at No comments:
Labels:

Monday, 22 August 2016

Single Level Storage


All system storage (whether main storage or disk storage) is addressed in the same way. 
This single, device-independent addressing mechanism means that objects are referred to by name or name and library, never by disk location. 
All objects are created as if they reside in a 18,446,744,000,000,000,000 byte address space. That's 18.4 quintillion bytes!
The System i's virtual addressing is independent of an object's physical location, and the type, capacity, and number of disk units on the system.

What this means is that application programs do not require modification in order to take advantage of new storage technologies. 
Users can leave all storage management entirely to the machine. 
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)