How it Works
HP
Loading...
rx3600
User Manual
356 pgs10.02 Mb1
User Manual
22 pgs409.77 Kb0
User Manual
19 pgs322.25 Kb0
User Manual
39 pgs851.46 Kb0
Table of contents
Loading...

HP rx3600 User Manual

HP Insight Management WBEM Providers on Integrity Servers

User's Guide
Abstract
This guide is intended for individuals who are familiar with the configuration and operation of Microsoft® Windows®, Windows Server® 2008 R2, Windows Server® 2008 SP2, and Web-Based Enterprise Management Providers. Because of the risk of data loss, only individuals experienced with using this software should implement the procedures in this guide.
HP Part Number: T2369-96024 Published: April 2011 Edition: 5
© Copyright 2011 Hewlett-Packard Development Company, L.P.
Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. UNIX is a registered trademark of The Open Group.
Microsoft, Windows, Vista, and Windows Server are U.S. registered trademarks of Microsoft Corporation.

Contents

About This Document.....................................................................................4
HP Encourages Your Comments..................................................................................................4
1 Introduction...............................................................................................5
Overview................................................................................................................................5
Windows Management Instrumentation.......................................................................................5
Installing and Configuring the WBEM Providers............................................................................5
2 Security.....................................................................................................6
Implementation.........................................................................................................................6
Best Practices...........................................................................................................................6
Configuring Insight Provider Security for a User Account via the Windows® Command Line...............6
3 Microsoft Windows Server™ 2008 Firewall configuration................................8
Configuration...........................................................................................................................8
4 Insight Providers architecture......................................................................10
Data model...........................................................................................................................11
Insight Provider usage.............................................................................................................14
HP Insight Management Services..............................................................................................14
Additional documentation........................................................................................................15
5 Scripting examples...................................................................................16
Microsoft Visual Basic Scripting Edition examples........................................................................16
Other examples......................................................................................................................19
Scripting references.................................................................................................................19
6 Support and other resources......................................................................21
Operating system support........................................................................................................21
Hardware support..................................................................................................................21
Contacting HP........................................................................................................................21
Documentation feedback.........................................................................................................22
Typographic conventions.........................................................................................................22
Typographic Conventions....................................................................................................22
Contents 3

About This Document

HP Encourages Your Comments

4

1 Introduction

This document applies to the HP Insight Management Web-Based Enterprise Management (WBEM) Providers for Windows Server® 2008 R2 and Windows Server® 2008 SP2 on Integrity servers, version 7.1.0.0 (Insight Providers).
This release of the Insight Providers supports Integrity servers running Windows Server® 2008 R2 and Windows Server® 2008 SP2. For information regarding supported servers, options, and operating system versions, see Chapter 6 (page 21).

Overview

Many management products have been built on SNMP, a common network management technology. However, SNMP-based management solutions have a simple structure and weak security protocol relative to alternatives. These limitations prevent comprehensive, industry-standard, and secure system management.
In place of SNMP, SMASH and SMI-S are secure, robust standards endorsed by the DMTF and SNIA that are quickly gaining momentum. These standards provide the foundation for future server management infrastructures.
The Insight Providers are based on SMASH and SMI-S. The Insight Providers employ the set of base-level instrumentation provided by system management controllers and drivers, I/O controllers and drivers, and system firmware interfaces. These components deliver in-depth hardware management, including hardware inventory data, system state, and event notifications.
The data model implemented in the Insight Providers provides industry standard compliance by conforming to DMTF, SMASH, and SMI-S profiles. The data model implemented in the Insight Providers provides industry standard compliance by conforming to DMTF, SMASH, and SMI-S profiles.

Windows Management Instrumentation

WMI is the Microsoft® implementation of WBEM, a set of industry-standard technologies for accessing system information in a distributed management environment. WBEM and WMI use the CIM standard to represent systems, networks, applications, devices, and other managed components in an object-oriented manner. The WMI Providers extend CIM to make Integrity-specific management data and events available to system administrators, enabling administrative tasks to be automated.
For more information on WBEM and WMI, see the following websites:
WBEM (http://www.dmtf.org/standards/wbem/)
WMI (http://msdn.microsoft.com/library/en-us/wmisdk/wmi/wmi_start_page.asp)
About WMI (http://msdn.microsoft.com/library/en-us/wmisdk/wmi/about_wmi.asp)
CIM (http://www.dmtf.org/standards/cim)

Installing and Configuring the WBEM Providers

The WBEM Providers are installed by default when you install the Integrity Support Pack. For information on configuring the WBEM Providers, see the Windows Server™ 2008 R2 on HP
Integrity Servers Installation Guide and Windows Server™ 2008 SP2 on HP Integrity Servers Installation Guide.
Overview 5

2 Security

Security is a major concern and one of the primary reasons to switch from SNMP Agent-based server management to Insight Provider-based server management. The HP Insight Management WBEM Providers for Windows use Windows-based authentication for local and remote access to server management data.

Implementation

The Insight Providers for Windows are implemented as a set of Windows Management Instrumentation (WMI) providers. The access control is in the form of standard Windows account level access restrictions.
An administrator account has sufficient rights and security group memberships to access the Insight Provider management information for both local and remote access.
For a standard user account, there are two considerations for configuring security in order to access WMI information from the Insight Providers:
WMI namespace security
Distributed COM user group membership
A standard user account needs security configurations to remotely access the Insight Provider management information on a remote server. For more information, see the Windows Server™
2008 R2 on HP Integrity Servers Installation Guide and Windows Server™ 2008 SP2 on HP Integrity Servers Installation Guide.
WMI namespace security settings govern access to WMI information. Windows user accounts can be allowed or denied specific privileges per WMI namespace.
For more information on namespace security, see Access to WMI Namespaces (http://
msdn2.microsoft.com/en-us/library/aa822575.aspx).
Only standard users who belong to the Distributed COM Users group can remotely connect to WMI and access management information. Administrators are in this group by default. Non-administrator users must be added to the Distributed COM Users group for remote WMI connectivity. For more information on this topic, see Connecting to WMI on a Remote Computer (http://msdn2.microsoft.com/enus/ library/aa389290.aspx).

Best Practices

According to the principle of least privilege, HP recommends you use a low rights user account (nonadministrator) to perform most read-only management tasks. Use of certain Insight Provider functionality always requires an administrator level account. An example of this is a method to reboot the system. This user does not need to be an administrator of the managed system and does not need logon rights. HP recommends that the domain administrator creates a special purpose domain account.

Configuring Insight Provider Security for a User Account via the Windows® Command Line

The following procedure provides access rights to allow a standard user account to view most management information. However, you must use an administrator account to perform some management tasks, such as rebooting a server.
To configure a domain user or local user (non-administrator) account for remote management:
1. Open a Command Prompt window.
2. Change to the \Program Files\HPWBEM\Tools folder of the system drive.
6 Security
3. Invoke the EnableRWMI.exe program to configure the account security for remote WMI access:
EnableRWMI –a:localuser
Or
EnableRWMI –a:domain\user
Configuring Insight Provider Security for a User Account via the Windows® Command Line 7
Loading...
+ 15 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use