Connectivity setup for Windows target systems

Verify that the framework server and WebSphere® Windows® target systems comply with network connectivity requirements.

Windows target requirements

Administrative privilege
Many RXA operations require access to resources that are not generally accessible by standard user accounts. Therefore, the account names that you use to log on to remote Windows target systems must have administrative privileges.
File and printer sharing
Enable file and printer sharing on Windows target systems. If file and printer sharing is disabled, RXA cannot access Windows target systems.
Use the File and Printer Sharing for Microsoft® Networks property to enable file and printer sharing.
On Windows XP, access this property by selecting Control Panel > Network Connections. Right-click Your_Network_Connection and select Properties to display the File and Printer Sharing for Microsoft Networks property.
Important: This requirement applies to all versions of Microsoft Windows.
Simple file sharing
Windows XP targets must have simple file sharing disabled for RXA to work. Simple networking requires that you log in as guest. A guest login does not have the authorization necessary for RXA to function correctly.
To disable Simple File Sharing, open Windows Explorer, and click Tools > Folder Options > View > Use Simple File Sharing. Clear the Use Simple File Sharing check box. Click Apply > OK.
On Windows Vista, file sharing must be enabled for the Guest or Everyone accounts, and password protected sharing must be disabled. To disable password protected sharing, perform the following steps:
  1. Click Control Panel > Network and Sharing Center > Sharing and Discovery.
  2. Expand Password protected sharing by clicking the down arrow on the far right.
  3. Select Turn off password protected sharing.
  4. Click Apply, and exit the control panel.
Firewalls
Windows XP targets include a built-in firewall called the Internet Connection Firewall (ICF), which is disabled by default.
For Windows XP Service Pack 2 systems, the Windows firewall is enabled by default. If either firewall is enabled on a Windows target workstation, RXA cannot access the target workstation. On Windows XP Service Pack 2, you can select the File and Printer Sharing check box on the Exceptions page of the Windows Firewall configuration to allow access. Do not block ports 445, 137, and 139.
NTLM (NT LAN Manager) Microsoft authentication protocol
RXA supports the original NTLM or NTLMv1 authentication protocol; NTLMv2 is not supported by RXA.
WebSphere target systems running on Windows must use the NTLMv1 authentication protocol.
To check the NTLM authentication protocol level, do the following:
  1. Select Control Panel > Administrative Tools > Local Security Policy > Security Settings > Local Policies > Security Options.
  2. Find Network security: LAN Manager authentication level.

    The security setting should be: Send LM & NTLM responses.

Administrative sharing
You must enable the remote registry administration, which is the default configuration, on the target workstation for RXA to run commands and scripts. To verify that the remote registry is enabled and started, click Start > Programs > Administrative Tools > Services. From Remote Registry, ensure the status of the service is started.
You must enable administrative sharing to use RXA to connect to Windows targets. Examples of the default administrative disk share are C$ and D$ . If you disable sharing, RXA considers directories that are located on the drives as hidden. In this case, a message similar to the following one is displayed:
XCIM0009E: Error connecting to remote target Exception: 
java.io.FileNotFoundException: CTGRI0003E The remote path name
specified cannot be found: file_or_directory_path>. 
Cause: com.starla.smb.SMBException: The network name is incorrect.
Follow these steps to enable administrative sharing:
  1. Double-click My Computer.
  2. Right-click the disk drive that you are enabling for administrative sharing.
  3. Click Sharing and Security.
  4. Select Share this folder.
  5. Specify the share name, such as C$ or D$, and click OK.
Connecting to Windows Vista and Windows Server 2008 targets
To connect to Windows Vista targets, use one of the following options. Before you begin, ensure that the Remote Registry in Windows Services is started, and ports 445, 137, and 139 are unblocked in the firewall.
  1. Configure both the framework server and the targets as members of a Windows domain. Use a user account in that domain, or in a trusted domain, when you connect to the target.
  2. Enable and use the built-in administrator account to connect to the target workstation. To enable the built-in administrator account perform the following steps:
    1. Select Control Panel > Administrative Tools > Local Security Policy > Security Settings > Local Policies > Security Options.
    2. Next, double-click Accounts: Administrator account status.
    3. Select Enable, and click OK.
  3. Disable the User Account Control that is enabled by default if you are using a different user account to connect to the target workstation. To disable User Account Control perform the following steps:
    1. Select Control Panel > Administrative Tools > Local Security Policy > Security Settings > Local Policies > Security Options.
    2. Next, double-click User Account Control: Run all administrators in Admin Approval Mode.
    3. Select Disable, and click OK.
Feedback