IBM Tivoli Monitoring, Version 6.3

Requirements for the tacmd createNode command

This section contains the requirements for the tacmd createNode command.

Before you can use the tacmd createNode command to deploy OS agents, ensure the following requirements are met:

The createNode command no longer has to be executed locally to the Tivoli® Enterprise Monitoring Server.
On both Windows, Linux, and UNIX, you must issue a tacmd login command prior to executing the tacmd createNode command.
The user ID that you specify using the -u parameter must have administrator privileges on the target computer.
You must specify the "root" user ID using the -u parameter and the root password using the -p parameter for the tacmd createNode command to execute correctly.
No other user ID may be specified.
Any computer to which you want to deploy the OS agent must have a supported protocol installed.
Security in your environment must be configured to permit createNode to pass through the firewall, using the protocol that you specify in the command parameters.
On Windows computers:
- SMB requires that the default, hidden, and administrative shares be available on the drive being accessed and on the drive that hosts the System temporary directory.
- SMB signing is not supported when connecting using SMB. The computer to which you are deploying an OS agent cannot require SMB signing.
- For Windows XP, disable Simple File Sharing. Simple File Sharing requires that all users authenticate with guest privileges, which createNode does not support. To disable Simple File Sharing, perform the following steps:
  1. Open the Windows Explorer.
  2. Click Tools → Folder Options.
  3. Click the View tab.
  4. Scroll through the list of settings to Use Simple File Sharing.
  5. Clear the check box next to Use Simple File Sharing and click OK.
- For Windows XP computers with Service Pack 2, disable the Internet Connection Firewall.
- For Windows XP computers, set Network Access Sharing and Security to Classic - local users authenticate as themselves. Use the following steps:
  1. From the Control Panel, double-click Administrative Tools.
  2. Double-click Local Security Policy.
  3. Expand Local Policies and click Security Options.
  4. Right-click Network access: Sharing and security for local accounts and click Properties.
  5. Select Classic - local users authenticate as themselves from the list and click OK.
- For all Windows computers, enable remote registry administration. (This is enabled by default.)
On UNIX systems, if you are using the RSH protocol, run the tacmd createNode command as root on the monitoring server.
If you are deploying the OS agent to a UNIX or Linux computer, that computer must have the ksh shell. Only the Korn shell is supported for the execution of the installation and runtime scripts.
If you are using SSH V2 (for either Windows or UNIX), configure SSH on the target computers to permit the use of password authentication. To permit this, do the following:
1. Edit the /etc/ss/sshd_config file on the target computer.
2. Locate the following line:
```
PasswordAuthentication no
```
3. Change the no to yes and save the file.
4. Restart the daemon.
Note: If you are using private key authentication in your environment, you do not need to set SSH to permit password authentication.

For more information see Remote Execution and Access.

Feedback