Beruflich Dokumente
Kultur Dokumente
HP recommends that you use a remote database on a separate computer with the following hardware:
x86-64 compatible dual-core processor 8 GB of physical memory High-performance hard drives connected through a storage area network (SAN) Low latency, high bandwidth (Gbit/s) network connection between the management server and the database server
HPOM requires hotfix KB981314 for Windows Server 2008 R2 (see http://support.microsoft.com/kb/981314).
HP recommends that you install the HPOM management server on a computer with a new, unused operating system instance. Furthermore, you cannot install an HPOM management server on a computer that already runs the HP Operations agent software, or the HP Performance Agent software. Internet Information Services (IIS) 7.0. HPOM uses Internet Information Services (IIS) and requires several role services. To increase security, you may want to install only the roles services that HPOM requires. NOTE: For more details about IIS, see the documentation that Microsoft provides. Check the Microsoft web site for security updates, and install any that apply to your environment. On Windows Server 2008 R2, in Server Manager, install the role Web Server (IIS) with the following role services: Common HTTP Features: Static Content Default Document HTTP Errors Application Development: ASP.NET ASP Security: Basic Authentication Windows Authentication Management Tools: IIS Management Console IIS 6 Management Compatibility: IIS 6 Metabase Compatibility IIS 6 Management Console Microsoft .NET Framework 3.5
Before you install HPOM, make sure that you install the Microsoft .NET Framework 3.5.1 feature on the computer.
On computers with Windows Server 2008 R2, you can install the .NET Framework 3.5.1 feature using the Server Manager. Adobe Acrobat Reader 7.0 (or higher) for viewing some documentation. HPOM provides a web console, which enables you to complete many tasks in HPOM from a web browser. HP supports use of the HPOM web console in the following web browsers: Internet Explorer 8.0 or higher Firefox 3.5 or higher
If you are installing HPOM into an Active Directory domain, configure the domain to meet the following requirements. Active Directory Domain Requirements
The domain controller must be hosted on one of the following operating systems: Windows 2000 SP4 or higher Windows Server 2003 SP1 or higher Windows Server 2003 R2 or higher Windows Server 2008 or higher Windows Server 2008 R2 or higher The domain functional level must be set to one of the following: Windows 2000 native Windows Server 2003 Windows Server 2008 Windows Server 2008 R2
Domain Name System Requirements The management server and all managed nodes must be able to resolve each other's hostnames and IP addresses. In a managed environment with computers that use Domain Name System (DNS) servers to resolve hostnames and IP addresses, make sure that the DNS servers provide correct host (A) and pointer (PTR) records for the management server and all managed nodes. The management server must have a static IP address. If some nodes in your environment use a different DNS server to others, make sure that all the DNS servers provide correct host and pointer records for the management server. If your managed environment includes more than one Active Directory domain, make sure that the management server can resolve the unqualified hostname of every domain controller. You may need to add the DNS suffix of each domain to the computer's TCP/IP settings. To check that a computer can correctly resolve the hostname of another computer, open a command prompt, and then type the following command: n s l o o k u p< f u l l yq u a l i f i e dd o m a i nn a m e > The command should return the correct IP address of the specified computer. To check that a computer can correct resolve the IP address of another computer, open a command prompt, and then type the following command: n s l o o k u p< I Pa d d r e s s > The command should return the correct IP address of the specified computer. DNS Discovery Requirements HPOM can automatically discover nodes in your environment using data from DNS servers. If you want HPOM to discover nodes using data from a DNS server, the DNS server must meet the following requirements: The DNS server must enable clients to perform forward lookups and reverse lookups.
The DNS server must provide correct host (A) and pointer (PTR) records for the management server and all managed nodes.
The DNS server must allow zone transfers. If the DNS server and Active Directory domain names are different, the DNS server must include a zone that matches the Active Directory domain name. You can also add secondary DNS servers to the name servers list so that they can be searched by HPOM.
For details on how to configure your DNS server to meet these requirements, see the documentation that your DNS server provides. Microsoft Windows Network Discovery Requirements HPOM can automatically discover nodes in your Microsoft Windows Network. If you want HPOM to discover nodes in your Microsoft Windows Network, make sure that the Computer Browser service is running on the computer on which you intend to install the HPOM management server. Domain Membership and Primary DNS Suffix Before you install an HPOM management server on a computer in an Active Directory domain, make sure that the computer is a member of the correct Active Directory domain. NOTE: HP does not support installing the HPOM management server on the same computer as an Active Directory domain controller. Make sure that the computer's full computer name is correct. The full computer name consists of the computer name and the computer's primary DNS suffix. You can check the primary DNS suffix in Windows Server 2008 as follows:
1. Click Start Server Manager. Computer Information.
3. Click Change System Properties. The System Properties dialog box opens. 4. In the Computer Name tab, click Change.... The Computer Name/Domain Changes dialog box opens. 5. Click More.... The DNS Suffix and NetBIOS Computer Name dialog box opens. 6. Check that Primary DNS suffix of this computer contains the correct value.
All managed nodes use the full computer name to communicate with the management server. Although you can change the management server's full computer name later, you would have to update all currently managed nodes. Therefore, HP strongly recommends that you set the full computer name to its final value before you install an HPOM management server.
the installer drops the existing database. You need to keep the existing database, so that you can use the old management server for subsequent migration steps. The SQL Server installation wizard provides the option to install several different components. The only component that HPOM requires is called SQL Server Database Services.
The SQL Server instance can use any collation except binary collation. The SQL Server instance can use Windows Authentication Mode or Mixed Mode. Both authentication modes allow HPOM to connect to the database using Windows accounts. For read-only access to the HPOM database, you can use the db_datareader user role. This user role is a standard SQL Server user role, which has the permission to perform SELECT operations on all tables and views in the HPOM database. Either the SQL Server Browser service must be running, and reachable over the network, or the SQL Server instance must use a fixed port. NOTE: Unless this guide specifies otherwise, the default SQL Server settings are acceptable. The HPOM installation wizard requires you to specify a folder for the HPOM database files. The folder that contains the HPOM database files must not be on a compressed drive.
CAUTION: HP recommends that you plan your user account setup carefully before you install the HPOM management server to avoid subsequent changes. In particular, if you install the HPOM management server on a computer in a Windows workgroup, you can only move the management server to an Active Directory domain by migrating the management server. HP-OVE-User and HP-OVE-Deleg-User HP-OVE-User and HP-OVE-Deleg-User are user accounts. HPOM can create them during the installation with a password that you specify. NOTE: The installation wizard enables you to specify different user logon names for these users. The user logon names can be up to 20 characters long. If you want user logon names that are longer than 20 characters, you can create the users yourself in Active Directory before you start the installation. However, all Active Directory users have a preWindows 2000 user logon name, which is a maximum of 20 characters long. HPOM uses the preWindows 2000 user logon name.
The users are local users if you are installing HPOM in a Windows workgroup environment. If you are installing HPOM on a standalone computer in an Active Directory domain, the users can be local or domain users. If you are installing HPOM in a failover cluster, they must be domain users. HP-OVE-User The HP-OVE-User user is a member of the HP-OVE-ADMINS and Users groups. It is the account under which the HPOM management server processes run, with the exception of the policy management and deployment process. This account is a local account if HPOM is
installed in a Windows workgroup environment. If HPOM is installed in an Active Directory domain, the account can be a domain account. HP-OVE-Deleg-User In HPOM 9.00 for Windows, the policy management and deployment process (ovpmad) runs under the HP-OVE-Deleg-User user account. During the installation, you can specify whether you want HPOM to set up this user with delegation rights or not. The HP-OVE-Deleg-User user is a member of the HP-OVE-ADMINS group. The delegation right enables the policy management and deployment process to use the credentials of the logged on user for delegation on a target node. Delegation rights are necessary if you plan to deploy HTTPS agents to nodes with a Windows operating system from a remote console using the Impersonate user option. HP-OVE-ADMINS and HP-OVE-OPERATORS The HP-OVE-ADMINS and HP-OVE-OPERATORS are group accounts. The HPOM installation can create these groups for you, or you can create these groups yourself before or during the installation. The groups are local groups if you are installing HPOM in a Windows workgroup environment. If you are installing HPOM on a standalone computer in an Active Directory domain, the groups can be local or domain groups. If you are installing HPOM in a failover cluster, they must be domain groups. If you decide to create the groups yourself in Active Directory, set the group scope to global, and the group type to security. The groups are used to identify valid users of the HPOM product. Windows users who are members of these groups are allowed to perform the tasks associated with these groups: HP-OVE-ADMINS Windows users who are members of the HP-OVE-ADMINS group are considered HPOM administrators, and can perform administrative tasks (for example, adding nodes, or configuring and deploying policies). An HPOM administrator is not the same as a Windows domain administrator. Note that the HPOM administrator must be a trusted user because it has (by way of the agent) near administrative capabilities on all managed nodes.
CAUTION: In HPOM 9.00 for Windows, local administrators of the management server system are no longer automatically added to the HP-OVE-ADMINS group, which means that they are no longer automatically HPOM administrators.
After installing the management server, the installing user is always an HPOM administrator, even if you remove the installing user from the HP-OVE-ADMINS group. You can remove the installing user's HPOM administrator permissions as follows:
a. Configure an alternative HPOM administrator by adding at least one other user to
OVE-ADMINS group.
c. In the console, launch the tool Tools
HP-OVE-OPERATORS Members of the HP-OVE-OPERATORS group are operators in HPOM, and perform tasks such as monitoring the console, in particular the message browser, and responding to messages. You can further refine the responsibilities of each HPOM user by giving the user one or more user roles. For more information about user roles, see the online help topics under Configuring HPOM Configuring user roles.
TIP: Do not confuse the HP-OVE-User and HP-OVE-Deleg-User user accounts with the HP-OVEADMINS and HP-OVE-OPERATORS group accounts. The HP-OVE-User and HP-OVE-Deleg-User user accounts are used by management server processes at runtime and for deployment purposes respectively. The HP-OVE-ADMINS and HP-OVE-OPERATORS group accounts are used to identify valid users of the HPOM product. You should not add the same user to both groups. Privileges Required for Installation During installation, HPOM attempts to perform the following tasks: Create user and group accounts If the HPOM user and group accounts are not already created in the selected domain, HPOM attempts to create them. In order to succeed, the Windows user running the HPOM management server installation must have sufficient privileges on the domain controller to create user and group accounts, and to set the delegation right for the HP-OVE-Deleg-User account, if the user already exists but the delegation right has not been granted yet. If you are planning to create these accounts in the parent ADS domain, the installing user may not have sufficient privileges, even if you are domain administrator to your Resource or Child Domain (administrative trust is typically not transitive or one-way). If you have such a requirement, create the HPOM user and group accounts manually on the appropriate level before installing the HPOM management server. Administer the database To install an HPOM management server that uses an instance of SQL Server Standard or Enterprise Edition, the installing user must have permission to perform the following actions: Create, alter, and drop databases. Create, alter, and drop logins. Read the master database. Alter settings at server-level. Administer the database server To install an HPOM management server that uses a remote instance of SQL Server, the installation wizard uses WMI functionality to connect to the server and create a folder for the HPOM database files. To complete this task, the installing user must have administrative permissions on the computer that hosts the SQL Server instance. Read and write to the migration data folder During the download and upload of migration data, the following users must have permission to read and write to the migration data folder: user who starts the installation wizard HP-OVE-User HP-OVE-Deleg-User
There are three use cases for the HPOM Windows user accounts migration. Since the first one overlaps with the other two, it is possible that several use cases apply to your configuration:
Some of the HPOM Windows user accounts are local users on the old management server.
Local user accounts cannot be migrated to another Windows installation. For every local account, a new Windows account has to be created. Then, this account has to be assigned to the operator or administrator group, respectively. The new accounts can be either domain accounts, or local accounts on the new management server. Note that the new accounts must be domain accounts if the new management server runs on a cluster, as the HPOM Windows user groups must be domain groups in such a setup.
The new management server will continue to use the old management server user groups. This is possible if the old management server already used domain groups, and the new management server will use the same domain and domain user groups for the HPOM administrators and operators.
In this case no action is required. The existing Windows domain user groups and users will be used by the new HPOM management server if you specify the same users and groups during the installation. The HPOM internal user roles and permissions definitions are migrated by the HPOM configuration download and upload tools.
The new management server does not reuse the old management server user groups. This is always the case if the old groups were local groups or domain groups in a different domain. But you can also decide to create new user groups in the domain for the new management server.
Local groups cannot be migrated to another Windows installation, so all users have to be migrated to the new groups. The new groups can be local to the new management server, or they can be domain groups. In case of a clustered HPOM for Windows, they must be domain groups.
server.
2. Uninstall the HP SiteScope Adapter on the old management server.
For more details, see the online help topic Adapters and Integrations HP SiteScope Adapter Installing the HP SiteScope Adapter Uninstalling the HP SiteScope Adapter. For more details, see the online help topic HP SiteScope Adapter SiteScope Adapter Uninstalling the HP SiteScope Adapter. Installing the HP
CAUTION: Use an installation patch only if it applies to HPOM 9.00. Do not use installation patches for any other versions of HPOM. Start the installation wizard using the latest installation patch instead of the original installation media. Read the instructions that accompany the installation patch, and follow any special instructions.
2. The installation may require prerequisites such as Microsoft .NET Framework and Microsoft
Visual C++ 2005 Redistributable. These prerequisites are installed first, before the installation of the HPOM software begins.
3. When the Migration page opens, select Export migration data . 4. Specify the destination folder for the exported configuration data, and then click Next. NOTE: The folder must already exist. You must specify a folder on a local drive on the management server.
The following users must have permission to read and write to the folder that contains the migration data:
user who starts the installation wizard HP-OVE-User HP-OVE-Deleg-User
5. When the Ready to Download page opens, click Download. 6. After the download of migration data is successful, click Complete to close the installation
wizard. CAUTION: The exported migration data contains everything needed to create a management server that can manage existing nodes. Store this data securely.
NOTE: Use an installation patch only if it applies to HPOM 9.00. Do not use installation patches for any other versions of HPOM. Start the installation wizard using the latest installation patch instead of the original installation media. Read the instructions that accompany the installation patch, and follow any special instructions. The installer may require prerequisites such as Microsoft .NET Framework and Microsoft Visual C++ 2005 Redistributable. These prerequisites are installed first, before the installation of the HPOM software begins.
default.
2. Select the option Upload migration data from , specify the folder that contains the migration
All errors must be resolved before installation can continue. If the prerequisite check displays warnings, evaluate them and decide whether they apply to your environment. If a warning does not apply to your environment, you can continue the installation. If no errors were detected, click Next to continue.
A dialog box opens, which informs you that map views are not available on 64-bit operating systems. However, the latest patch for management servers and remote consoles now provides support for map views on computers that have a 64-bit operating system. Install the latest patches when you reach the step in this procedure that instructs you to do so. Click OK.
This wizard page only appears on systems that have an English version of a Microsoft Windows operating system, including systems that have a Multilingual User Interface (MUI). The installer uses the language that you select here for creating the default tools, policies, and other objects that HPOM provides. You cannot change this language setting later. The language that you select here also determines the language that the management server uses at runtime (for example for error messages that the management server generates). On a system with an MUI, the users language setting in Windows automatically determines the language that appears in the HPOM console and online help. (The language that you select here does not affect the language that appears in the HPOM console and online help.)
By default, the installation includes policies in English, and also in the language that you chose for the management server (if different). You can specify additional languages to install policies in those languages.
The Browse buttons in the Destination Folders page are only available for the first HP BTO Software product installations (HPOM, HP Reporter, or HP Performance Manager). If other HP BTO Software products are already installed, the Browse buttons are disabled.
2. In the Browse for Folder dialog box, specify the folder you want and click OK. If you have
insufficient disk space, you see a message here when you click OK.
3. In the Destination folders page, click Next to proceed.
NOTE: The folders for application and data files must not be on a network drive, or in an encrypted file system. The destination folders that you specify here will be used as the default folder for other HP BTO Software products you are installing from this DVD and cannot be changed for subsequent installations. The first installed HP BTO Software application dictates the installation directory for HPOM and other HP BTO Software products such as HP Reporter and HP Performance Agent Software. NOTE: The folders' paths can contain only English alphanumeric characters and
symbols.
If the user account already exists in Active Directory, specify the pre-Windows 2000 user logon name.
2. Use the same password that you used when setting the deployment user in the previous screen. After entering and confirming your password, click Next.
If the user account already exists in Active Directory, specify the pre-Windows 2000 user logon name. Once established, this account information is used by other products you install from the installation media.
For a list of available SQL Server instances, click Get List. NOTE: If the list does not contain the SQL Server instance that you want to use, you can type the
hostname and instance in Instance . If the installation wizard cannot connect to the instance you may need to troubleshoot the connection. You can specify the instance name in the following formats: < h o s t n a m e > To specify a default SQL Server instance on a remote computer, type the hostname of the computer (for example, d b s e r v e r ). < h o s t n a m e > \ < i n s t a n c e > To specify a named SQL server instance, type the hostname of the computer and the name of the SQL Server instance (for example, d b s e r v e r \ O V O P S ). If you configured the SQL Server instance to listen on a specific port, add the port to Instance , preceded by a comma (for example d b s e r v e r , 5 5 5 5or d b s e r v e r \ O V O P S , 5 5 5 5 ). For example, you may need to configure a specific port for the SQL Server instance if there is a firewall between the management server and the SQL Server instance. If the folder that you specify for the database files does not yet exist on the SQL Server system, the HPOM installer creates it automatically. If the SQL Server instance is part of a cluster, the folder that you specify must be on the instance's shared disk. The instance that you specify must exist. HPOM checks whether the instance already contains an HPOM database (called "openview"). If the instance does not contain an HPOM database, the installer creates it. You can specify an SQL Server instance that already contains an HPOM database (called "openview"). However, the installer drops the existing database and then recreates it. If you want to preserve your existing data you must use the migration functionality. NOTE: Make sure that enough disk space is available for the database files. The size of the database files depends on the environment that you manage.
In the Ready to install page, review the installation settings, and then click Install to begin the installation.
NOTE: If there are already SQL Server components (for example, Client tools) installed on the HPOM management server, you may see the following message in a dialog box during the installation: "Warning 28213. Warning: SQL Server Setup cannot install this feature because a different edition of this feature is already installed. For more information, see 'Version and Edition Upgrades' in SQL Server Books Online." Acknowledge this message to continue the HPOM installation.
To see details of the completed installation, select the View the results log file check box. You are encouraged to view the basic training tutorial presented at the conclusion of the install program. Click Launch Tutorial in the Installation complete page. The tutorial introduces you to HPOM features, provides a product overview, and details configuration and deployment steps you need to perform before you can begin working in HPOM.
o v cs t o po v t o m c a t B
2. Delete the component's registration, so that it does not start if you restart the management
server: o v c r e gd e lo v t o m c a t B
If you ever decide to configure any of the integrations in the future, you can re-enable the Tomcat servlet container using the following commands:
1. o v c r e ga d d" % O v D a t a D i r % \ c o n f \ t o m c a t \ b \ o v t o m c a t B . x m l " 2. o v cs t a r to v t o m c a t B
management server:
< d a t a _ d i r > \ c o n f \ O v O W C e r t i f i c a t e s \ c e r t i f i c a t e s . g e n e r a l . e x p o r t < d a t a _ d i r > \ c o n f \ O v O W c e r t i f i c a t e s \ c e r t i f i c a t e s . s e r v e r . e x p o r t 2. On the old management server, open a command prompt and navigate to the folder that
b. In the details pane, double-click Update trusted certificates. A dialog box opens, which lists nodes and services. c. Select all the Nodes that you plan to migrate to the new server, and that have an HTTPS agent. d. Click Launch.... The Tool Status dialog appears and shows progress.
1. In the console tree on the old management server, under Policy management
Agent policies grouped by type , right-click Flexible Management, and then click New Policy. The flexible management policy editor opens.
2. Copy the following text to the new flexible management policy. R E S P M G R C O N F I G S R E S P M G R C O N F I GD E S C R I P T I O N" E n a b l en e wm a n a g e m e n ts e r v e rt oc o n t r o la g e n t s " S E C O N D A R Y M A N A G E R S S E C O N D A R Y M A N A G E RN O D EI P0 . 0 . 0 . 0" o l d . e x a m p l e . c o m " S E C O N D A R Y M A N A G E RN O D EI P0 . 0 . 0 . 0" n e w . e x a m p l e . c o m " A C T I O N A L L O W M A N A G E R S A C T I O N A L L O W M A N A G E RN O D EI P0 . 0 . 0 . 0" o l d . e x a m p l e . c o m " A C T I O N A L L O W M A N A G E RN O D EI P0 . 0 . 0 . 0" n e w . e x a m p l e . c o m " 3. Modify the flexible management policy as follows: a. Replace both instances of o l d . e x a m p l e . c o mwith the hostname of the old
management server.
b. Replace both instances of n e w . e x a m p l e . c o mwith the hostname of the new
management server. After the hostname of the new management server, add the keyword I D followed by the new management server's core ID. To get the new management server's core ID, open a command prompt on the new management server, and then type the following command: o v c o n f g e to v r gs e r v e rs e c . c o r eC O R E _ I D For example, if your new management server is called h p o m . e x a m p l e . c o m , and its core ID is 8 9 a e a 6 6 2 b 9 e 6 7 5 2 7 1 4 8 d 8 a 6 1 2 e 0 8 3 f 2 3replace both instances of the following line:
N O D EI P0 . 0 . 0 . 0" n e w . e x a m p l e . c o m "
Use fully qualified domain names. Leave the IP address as 0.0.0.0 so that the IP address is resolved from the DNS.
3. Save the modified policy and deploy it to managed nodes that have an HTTPS agent. The
HTTPS agent appears in a node's package inventory with a version number 8.xx.
4. Optional. If you have managed nodes that have a DCE agent (agent package version 7.xx),
create a copy of the flexible management policy. Remove the I Dkeywords and core IDs, and then save the policy. Deploy this policy to the managed nodes that have the DCE agent.
HP Operations Manager
Tools.
2. In the details pane, right-click the tool Switch Management Server, and then click All Tasks
then click Launch. The Tool Status dialog box opens and shows the results of the tool execution.
4. After the tool successfully switches the management server for each node, the Status column shows "Succeeded". The nodes then report to the new management server.
1. In the console tree on the new management server, expand Tools Certificate Management.
2. Right-click Switch Agent's Certificate Server, and then click All Tasks Parameters dialog box opens.
3. Select all managed nodes that have an HTTPS agent, and then click Launch.... The Tool Status dialog box opens and shows the results of the tool execution. 4. After the tool successfully switches each node's certificate server, the Status column shows
"Succeeded".
% O v S h a r e D i r % c o n f \ M i g r a t i o n \ U p l o a d I n v e n t o r y . v b s This script requires the following parameters: U p l o a d I n v e n t o r y . v b s< i n v e n t o r yf i l e >< p r i m a r yn o d en a m e > < i n v e n t o r yf i l e > Replace < i n v e n t o r yf i l e >with the path of a text file that specifies the policy inventory that you want to upload. The new management server includes the following inventory file for the old management server: % O v S h a r e D i r % c o n f \ M i g r a t i o n \ < p r i m a r y _ n o d e _ n a m e > . i n v e n t o r y You can edit an inventory file using a text editor. Each line of an inventory file has the following format: < p o l i c yt y p e > | < p o l i c yn a m e > | < p o l i c yv e r s i o nI D > | < e n a b l e d > The value of < e n a b l e d >is 0to disable the policy, or 1to enable the policy. For example: L o g f i l eE n t r y| E x a m p l eP o l i c y| 0 9 D 1 D 7 E D 4 0 6 D 4 4 E 7 9 6 D 2 C 3 B 1 8 0 D C 5 9 A C | < p r i m a r yn o d en a m e > Replace < p r i m a r yn o d en a m e >with the primary node name of the new management server. For example, if the primary node name of the both the old and new management servers is manager1.example.com, upload the policy inventory from the old management server as follows:
1. Open a command prompt on the new management server, and then type:
c d% O v S h a r e D i r % c o n f \ M i g r a t i o n
2. Type the following command:
c s c r i p tU p l o a d I n v e n t o r y . v b sm a n a g e r 1 . e x a m p l e . c o m . i n v e n t o r y m a n a g e r 1 . e x a m p l e . c o m