REGISTER NODE (Register a node)

Use this command to register a node to the server.

This command can create an administrative user ID with client owner authority over the node. You can use this administrative user ID to access the IBM Storage Protect backup-archive client GUI from remote locations through a web browser.

Tip:

In earlier product releases, the REGISTER NODE command automatically created an administrative user ID whose name matched the node name. Beginning with IBM Storage Protect 8.1, the REGISTER NODE command does not automatically create an administrative user ID that matches the node name.
If you issue the REGISTER NODE command without using the USERID parameter to specify an administrative user ID, you can later assign an administrator user ID for the node. For example, you might register the following new node:
```
register node mynewnode mypassword
```
The node MYNEWNODE is created, but an administrative user ID is not defined for the node.
To create an administrative user ID for a node that is already created, complete these steps:
1. Create an administrative user ID by using the REGISTER ADMIN command. For example,
```
register admin mynewadmin mypassword
```
2. Grant authority to the administrative user ID that you created in step 1 by issuing the GRANT AUTHORITY command. For example,
```
grant authority mynewadmin class=node auth=owner node=mynewnode
```
If you plan to use the LAN-free option with this node, you must register an administrative ID that matches the node name. To register the administrative ID, use the USERID parameter or manually register the administrator and grant owner authority to the node.

If a client requires a different policy domain than STANDARD, you must register the client node with this command or update the registered node.

Requirement: When you set sslrequired=serveronly in a REGISTER NODE command, the admin SSLREQUIRED setting reverts to YES. To use a non-SSL session with a storage agent, rename the admin with the identical name by issuing the RENAME ADMIN command.

For users of Lightweight Directory Access Protocol (LDAP) servers: The information in this documentation applies to the LDAP authentication method that is preferred for IBM Storage Protect 7.1.7 or later servers. For instructions about using the previous LDAP authentication method, see Managing passwords and logon procedures.

When you register or update a node, you can specify whether damaged files on the node can be recovered from a replication server. Files can be recovered only if all the following conditions are met:

Version 7.1.1 or later, is installed on the source and target replication servers.
The REPLRECOVERDAMAGED system parameter is set to ON. The system parameter can be set by using the SET REPLRECOVERDAMAGED command.
The source server includes at least one file that is marked as damaged in the node that is being replicated.
The node data was replicated before the damage occurred.

The following table describes how parameter settings affect the recovery of damaged, replicated files.

Table 1. Settings that affect the recovery of damaged files
Setting for the REPLRECOVERDAMAGED system parameter	Value of the RECOVERDAMAGED parameter on the REPLICATE NODE command	Value of the RECOVERDAMAGED parameter on the REGISTER NODE and UPDATE NODE commands	Result
OFF	YES, NO, or not specified	YES or NO	During node replication, standard replication occurs and damaged files are not recovered from the target replication server.
OFF	ONLY	YES or NO	An error message is displayed because files cannot be recovered when the REPLRECOVERDAMAGED system parameter is set to OFF.
ON	YES	YES or NO	During node replication, standard replication occurs and damaged files are recovered from the target replication server.
ON	NO	YES or NO	During node replication, standard replication occurs and damaged files are not recovered from the target replication server.
ON	ONLY	YES or NO	Damaged files are recovered from the target replication server, but standard node replication does not occur.
ON	Not specified	YES	During node replication, standard replication occurs and damaged files are recovered from the target replication server.
ON	Not specified	NO	During node replication, standard replication occurs and damaged files are not recovered from the target replication server.

Privilege class

To issue this command, you must have system privilege, unrestricted policy privilege, or restricted policy privilege for the policy domain to which the client node is assigned.

Tip: Users of IBM Storage Protect Plus and other object clients, see Syntax for object clients.

Syntax

Notes:

¹ The PASSEXP command does not apply to administrators who authenticate with a Lightweight Directory Access Protocol (LDAP) directory server.
² The VALIDATEPROTOCOL parameter is deprecated.
³ The BACKUPINITIATION parameter is ignored if the client node operating system is not supported.
⁴ You can specify the BKREPLRULEDEFAULT, ARREPLRULEDEFAULT, or SPREPLRULEDEFAULT parameter only if you specify the REPLSTATE parameter.
⁵ The default value can change if you issued the SET DEFAULTAUTHENTICATION command and specified LDAP.
⁶ The SSLREQUIRED parameter is deprecated.

Syntax for object clients

For sending data from IBM Storage Protect Plus and other object clients to IBM Storage Protect

Parameters

node_name (Required)

Specifies the name of the client node to be registered. The maximum length of the name is 64 characters.

You cannot specify a node name of NONE.

Do not use a single node to host an IBM Storage Protect backup-archive client and a data center (which includes one or more file spaces that represent virtual machines).

password

Specifies the client node password. The minimum length of the password is 15 characters unless a different value is specified by using the SET MINPWLENGTH command. The maximum length of the password is 64 characters.

Restriction: This parameter is not supported for object client nodes.

If you authenticate passwords locally with the IBM Storage Protect server, you must specify a password. The passwords are case-sensitive for the SESSIONSECURITY=STRICT client nodes and are case-insensitive for the client nodes that are in TRANSITIONAL state.

If you authenticate passwords with an LDAP server, do not specify a password on the REGISTER NODE command.

PASSExp

Specifies the number of days the password remains valid. You can set the password expiration period 0 - 9999 days. A value of 0 means that the password never expires. This parameter is optional. If you do not specify this parameter, the server common-password expiration period is used. The common password expiration period is 90 days unless changed by issuing the SET PASSEXP command.

You can change the password expiration period by using the UPDATE NODE or SET PASSEXP commands. You can issue the SET PASSEXP command to set a common expiration period for all administrators and client nodes. You can also use the command to selectively set password expiration periods. If you selectively set a password expiration period by using the REGISTER NODE command, the UPDATE NODE command, or the SET PASSEXP command, the expiration period is excluded from common password expiration periods that were created by using the SET PASSEXP command.

You can use the RESET PASSEXP command to reset the password expiration period to the common expiration period. The PASSEXP command does not apply to nodes that authenticate with an LDAP server.

Restriction: This parameter is not supported for object client nodes.

USerid

Specifies the administrative user ID with client owner authority. This parameter is optional. You can specify one of the following values:

NONE: Specifies that no administrative user ID is created. This is the default value.
user_id: Specifies that an administrative user ID is created with the specified name. You can use this parameter to grant client owner authority to an existing administrative user ID.

If you register a node that has the same name as an administrator, the administrator authentication method and SSLREQUIRED setting change to match the authentication method of the node. Passwords that are shared between same-named nodes and administrators are kept synchronized during an authentication change.

If you plan to use the LAN-free option with this node, use the USERID parameter to register an administrative ID that matches the node name.

For users of LDAP servers: If you plan to authenticate the node with an LDAP server, keep the default setting (USERID=NONE) or specify an administrative user ID that differs from the node name. If the administrative user ID matches the node name, you might see unexpected behavior because of automatic password changes that update the same password twice. As a result, the password might become unknown to the administrative user ID. Alternatively, the password update operation might fail.

CONtact

Specifies a text string of information that identifies the node. The parameter is optional. The maximum length of the text string is 255 characters. The contact information must be enclosed in quotation marks if it contains any blanks.

DOmain

Specifies the name of the policy domain to which the node is assigned. The parameter is optional. If you do not specify a policy domain name, the node is assigned to the default policy domain (STANDARD).

For users of IBM Storage Protect Plus and other object clients: You must specify an existing object domain.

When a source server is registered as a node, it is assigned to a policy domain. Data from the source server is stored in the storage pool that is specified in the archive copy group of the default management class of that domain.

COMPression

Specifies whether the client node compresses its files before it sends these files to the server for backup and archive. The parameter is optional. The default value is CLIENT.

Restriction: This parameter does not apply to nodes with a type of NAS or SERVER.

You can specify one of the following values:

Client: Specifies that the client determines whether to compress files.
Yes: Specifies that the client node compresses its files before it sends these files to the server for backup and archive.
No: Specifies that the client node does not compress its files before it sends these files to the server for backup and archive.

ARCHDELete

Specifies whether the client node can delete its own archive files from the server. The parameter is optional. The default value is YES. You can specify one of the following values:

Yes: Specifies that the client node can delete its own archive files from the server.
No: Specifies that the client node cannot delete its own archive files from the server.

BACKDELete

Specifies whether the client node can delete its own backup files from the server. The parameter is optional. The default value is NO. You can specify one of the following values:

No: Specifies that the client node cannot delete its own backup files from the server.
Yes: Specifies that the client node can delete its own backup files from the server.

CLOptset

Specifies the name of the option set to be used by the client. The parameter is optional.

FORCEPwreset

Specifies whether to force a client to change or reset the password. The parameter is optional. The default value is NO.

Restriction: This parameter is not supported for object client nodes.

You can specify one of the following values:

No: Specifies that the password expiration period is set by the SET PASSEXP command. The client does not need to change or reset the password while the client is logging on to the server.
Yes: Specifies that the client node password expires at the next logon. The client must change or reset the password then. If a password is not specified, you receive an error message.
Restriction: For nodes that authenticate with an LDAP server, password expiration is set by using LDAP server utilities. For this reason, do not specify FORCEPWRESET=YES if you specify AUTHENTICATION=LDAP.

Type

Specifies the type of node that is being registered. The parameter is optional. The default value is CLIENT. You can specify one of the following values:

Client: Specifies that the client node is a Backup-Archive Client, IBM Storage Protect for Space Management client, or application client.
NAS: Specifies that the node is a network-attached storage (NAS) file server whose data is protected by using NDMP operations. The node name cannot be SERVER.
Note: The name of the NAS node must be the same as the data mover. Therefore, the name cannot be changed after a corresponding data mover is defined.
Server: Specifies that the client node is a source server that is being registered on the target server.
OBJECTClient: Specifies that the client node is an object client. An object client node transfers data to the IBM Storage Protect server by using the S3 protocol for object storage. An object agent must be configured and running to back up data from an object client. To configure an IBM Storage Protect object agent, see the DEFINE SERVER command.
An access key ID and secret access key combination is generated when you issue the REGISTER NODE command. Authenticate object clients by using this key combination.

Restriction: If the file size from an object client node exceeds the MAXSIZE parameter that is set in the DEFINE STGPOOL command, file backup will fail even if the NEXTSTGPOOL parameter is set on the storage pool. Object client data will never be stored in the NEXTSTGPOOL of a directory-container storage pool.

Important: Each IBM Storage Protect Plus server must be registered as its own object-client node.

URL

Specifies the URL of the IBM Storage Protect web client that is configured on the client system. You can use the URL in a web browser and in the Operations Center to remotely manage the client node.

This parameter is optional. The URL must include the DNS name or IP address of the client system, and the port number that is defined on the client system for the IBM Storage Protect web client. For example, http://client.mycorp.com:1581

UTILITYUrl

Specifies the address of the IBM Storage Protect client management services that are configured on the client system. This URL is used by the Operations Center to access client log files so that you can remotely diagnose client issues from the Operations Center.

This parameter is optional. You can specify a URL of up to 200 characters in length. The URL must start with https. It includes the DNS name or IP address of the client system, and the port number that is defined on the client system for the IBM Storage Protect client management services. For example, https://client.mycorp.com:9028

If you omit the port number, the Operations Center uses the port number 9028, which is the default port number when you install the client management services on the client system.

MAXNUMMP

Specifies the maximum number of mount points a node is allowed to use on the server or storage agent only for operations such as backup, archive, and IBM Storage Protect for Space Management migration. The parameter is optional and only applies to nodes with a type of CLIENT. The default value is 1. You can specify an integer in the range 0 - 999. A value of 0 specifies that a node cannot acquire any mount point for a client data store operation. The MAXNUMMP value is not evaluated or enforced during client data read operations such as restore, retrieve, and IBM Storage Protect for Space Management recall. However, mount points in use for data read operations are evaluated against attempted concurrent data store operations for the same client node and might prevent the data store operations from being able to acquire mount points.

Restriction: This parameter does not apply to nodes with a type of NAS or SERVER.

For volumes in a storage pool that is associated with the FILE or CENTERA device type, the server can have multiple sessions to read and one process to write to the same volume concurrently. To increase concurrency and provide efficient access for nodes with data in FILE or CENTERA storage pools, increase the value of the MAXNUMMP parameter.

For nodes that store data into primary storage pools with the simultaneous-write function that is enabled, you must adjust the value of the MAXNUMMP parameter to specify the correct number of mount points for each client session. A client session requires one mount point for the primary storage pool and one mount point for each copy storage pool and each active-data pool.

For server-to-server backup, if one server is at a different version than the other server, set the number of mount points on the target server to a value higher than one. Otherwise, you receive an error.

A storage agent independently tracks the number of points that are used during a client session. If a node has a storage agent that is installed, it might exceed the MAXNUMMP value. The MAXNUMMP value might also be exceeded under conditions where the node does not have to wait for a mount point.

Note: The server might preempt a client operation for a higher priority operation and the client might lose a mount point if no other mount points are available.

KEEPMP

Specifies whether the client node keeps the mount point for the entire session. The parameter is optional. The default value is NO. You can specify one of the following values:

Yes: Specifies that the client node must retain the mount point during the entire session. If policy definitions cause data to be stored to a disk storage pool after the data is stored to a sequential access storage pool, any mount points that are held by the session will not be released.
No: Specifies that the client node releases the mount point during the session. If policy definitions cause data to be stored to a disk storage pool after the data is stored to a sequential access storage pool, any mount points that are held by the session will be released.

AUTOFSRename

Specify whether file spaces are automatically renamed when you upgrade the client system to support Unicode or specify whether file spaces are renamed by the client, if needed. The parameter is optional. The default is NO. Setting the parameter to YES enables automatic renaming, which occurs when the client runs one of the following operations: archive, selective backup, full incremental backup, or partial incremental backup. The automatic renaming changes the names of existing backed-up file spaces that are not in Unicode in server storage. Then, the file spaces are backed up in Unicode. You can use this parameter for Unicode-enabled IBM Storage Protect clients by using Windows, Macintosh OS X, and NetWare operating systems.

After the client with support for Unicode is installed, any new file spaces that the client backs up are stored in server storage by using the UTF-8 code page. UTF-8 is a byte-oriented encoding form that is specified by the Unicode Standard.

You can specify one of the following values:

Yes

Existing file spaces are automatically renamed when you upgrade to a client that supports Unicode and the client runs one of the following operations: archive, selective backup, full incremental backup, or partial incremental backup. The renaming occurs whether the client uses the graphical user interface, the command line, or the client scheduler.

For example, the server renames a drive as follows:

Original name: D_DRIVE
New name: D_DRIVE_OLD

The new name indicates that the file space is stored on the server in a format that is not Unicode.

No

Existing file spaces are not automatically renamed when the client system upgrades to a client that supports Unicode, and the client runs one of the following operations: archive, selective backup, full incremental backup, or partial incremental backup.

Client

The option AUTOFSRENAME in the client's option file determines whether file spaces are renamed.

By default, the client option is set to PROMPT. When the client system upgrades to a client that supports Unicode and the client runs an IBM Storage Protect operation with the graphical user interface or the command line, the program displays a one-time prompt to the user about whether to rename file spaces.

When the client scheduler runs an operation, the program does not prompt for a choice about renaming, and does not rename file spaces. Backups of existing file spaces are sent as before (not in Unicode).

VALIdateprotocol (deprecated)

Specifies whether IBM Storage Protect completes a cyclic redundancy check (CRC) to validate the data that is sent between the client and server. The parameter is optional. The default is NO.

Important: Beginning with IBM Storage Protect 8.1.2 and Tivoli Storage Manager 7.1.8, this parameter is deprecated. The validation that was enabled by this parameter is replaced by the TLS protocol version 1.2 or later, which is enforced by the SESSIONSECURITY parameter. The VALIDATEPROTOCOL parameter is ignored. Update your configuration to use the SESSIONSECURITY parameter.

However, if your environment includes an IBM Storage Protect backup-archive client that is earlier than version 7.1.8 or 8.1.2, and the client is connected to a server that is at version 7.1.8 or later, or 8.1.2 or later, communication errors can occur. On the client side, you might see error message ANS1029E. On the server side, you might see error message ANR8601E.

To avoid these errors, ensure that the VALIDATEPROTOCOL parameter is set to NO.

TXNGroupmax

Specifies the number of files per transaction commit that are transferred between a client and a server. The parameter is optional. Client performance might be improved by using a larger value for this option.

The default value is 0. Specifying 0 indicates that the node uses the server global value that is set in the server options file. To use a value other than the server global value, specify a value in the range 4 - 65000 for the TXNGROUPMAX parameter. The node value takes precedence over the server value.

Object client nodes have a server global value of 10004. When the default value of 0 is set for the TXNGROUPMAX parameter, an object client node uses the server global value of 10004. If you set a value for the TXNGROUPMAX parameter for an object client node, ensure that the value is equal to or greater than the expected number of parts in multipart objects uploaded by the object client.

Attention: Increasing the TXNGROUPMAX value increases the recovery log usage. Higher recovery log usage might increase the risk of running out of log space. Evaluate the performance of each node before you change the parameter.

DATAWritepath

Specifies the transfer path that is used when the client sends data to the server, storage agent, or both, during storage operations such as backup or archive. The parameter is optional. The default is ANY.

Note: If a path is unavailable, the node cannot send any data. For example, if you select the LAN-free option but a LAN-free path is not defined, the operation fails.

You can specify one of the following values:

ANY: Specifies that data is sent to the server, storage agent, or both, by any available path. A LAN-free path is used if one is available. If a LAN-free path is unavailable, the data is moved by using the LAN.
LAN: Specifies that data is sent by using the LAN.
LANFree: Specifies that data is sent by using a LAN-free path.

DATAReadpath

Specifies the transfer path that is used when the server, storage agent, or both read data for a client, during operations such as restore or retrieve. The parameter is optional. The default is ANY.

Note: If a path is unavailable, data cannot be read. For example, if you select the LAN-free option but a LAN-free path is not defined, the operation fails. The value for the transfer path also applies to failover connections. If the value is set to LANFree, failover cannot occur for the node on the failover server.

You can specify one of the following values:

ANY: Specifies that the server, storage agent, or both use any available path to read data. A LAN-free path is used if one is available. If a LAN-free path is unavailable, the data is read by using the LAN.
LAN: Specifies that data is read by using the LAN.
LANFree: Specifies that data is read by using a LAN-free path.

TARGETLevel

Specifies the client deployment package that is targeted for this node. The parameter applies only to nodes with a type of CLIENT. You can substitute an applicable release package for Version.Release.Modification.Fix (V.R.M.F) Level. For example: TARGETLevel=7.1.0.0.

You must specify each segment with a number that is applicable to a deployment package. You cannot use an asterisk in any field as a substitution for a valid number. The parameter is optional.

Restriction: The TARGETLEVEL parameter does not apply to nodes with a type of NAS or SERVER.

SESSIONINITiation

Controls whether the server or the client initiates sessions. The default is that the client initiates sessions. The parameter is optional.

Clientorserver

Specifies that the client might initiate sessions with the server by communicating on the TCP/IP port that is defined with the server option TCPPORT. Server-prompted scheduling might also be used to prompt the client to connect to the server.

SERVEROnly

Specifies that the server does not accept client requests for sessions. All sessions must be initiated by server-prompted scheduling on the port that is defined for the client with the REGISTER or UPDATE NODE commands. You cannot use the client acceptor, dsmcad, to start the scheduler when SESSIONINITIATION is set to SERVERONLY.

HLAddress

Specifies the client IP address that the server contacts to initiate scheduled events. This parameter must be used when SESSIONINITIATION is set to SERVERONLY, regardless of any addresses that are previously used by the client to contact the server.

The address can be specified either in numeric or host name format. If a numeric address is used, it is saved without verification by a domain name server. If the address is not correct, it can cause failures when the server attempts to contact the client. Host name format addresses are verified with a domain name server. Verified names are saved and resolved with Domain Name Services when the server contacts the client.

LLAddress

Specifies the client port number on which the client listens for sessions from the server. This parameter must be used when SESSIONINITIATION is set to SERVERONLY, regardless of any addresses that are previously used by the client to contact the server.

The value for this parameter must match the value of client option TCPCLIENTPORT. The default value is 1501.

EMAILADdress

This parameter is used for more contact information. The parameter is optional. The information that is specified by this parameter is not acted upon by IBM Storage Protect.

DEDUPlication

Specifies where data deduplication can occur for this node. The parameter is optional. You can specify one of the following values:

Clientorserver: Specifies that data that is stored by this node can be deduplicated on either the client or the server. This value is the default. For data deduplication to take place on the client, you must also specify a value of YES for the DEDUPLICATION client option. You can specify this option in the client option file or in the client option set on the IBM Storage Protect server.
SERVEROnly: Specifies that data that is stored by this node can be deduplicated on the server only.

BACKUPINITiation

Specifies whether the non-root user ID on the client node can back up files to the server. The parameter is optional. The default value is ALL, indicating that non-root user IDs can back up data to the server. You can select one of the following values:

All: Specifies that non-root user IDs can back up files to the server. ALL is the default if BACKUPINITIATION is not specified.
ROOT: Specifies that the root user ID can back up files to the server. If you are using the version 6.4 or later backup-archive client, authorized users have the same privileges as the root user ID.
Restriction: The attribute is ignored by the server if the backup-archive client connects from an operating system other than AIX®, Linux®, or Mac OS.

Remember: The application programming interface (API) is affected by the BACKUPINITIATION parameter on the server. By default, all API users are allowed to back up data. Setting the parameter to ROOT on an API node is not recommended.

REPLState

Specifies whether data that belongs to the client node is ready to be replicated. This parameter is optional. Specify this parameter only if you are issuing the REGISTER NODE command on a server that is configured to replicate data to a target replication server. If you register a client node on a source replication server and set up replication for the node, do not register the node on the target replication server. The client node is created automatically on the target server the first time that replication occurs.

You can select one of the following values:

ENabled: Specifies that the client node is configured for replication and is ready to replicate. When you specify this parameter, the replication mode in the client node definition on the source replication server is automatically set to SEND. This setting indicates that data that belongs to the client node is sent to a target server during replication.
When replication first occurs for the client node, the replication state of the node on the target replication server is automatically set to ENABLED. The replication mode on the target replication server is set to RECEIVE. This setting indicates that data that belongs to the client node is received from a source replication server. To determine the replication state and mode, issue the QUERY NODE command on a source or a target replication server.
DISabled: Specifies that the node is configured for replication but that replication does not occur until you enable it.

BKREPLRuledefault, ARREPLRuledefault, and SPREPLRuledefault

Specifies the replication rule that applies to a data type if the file space rules for the data type are set to DEFAULT.

Restriction: You can specify the BKREPLRULEDEFAULT, ARREPLRULEDEFAULT, or SPREPLRULEDEFAULT parameter only if you specify the REPLSTATE parameter.

BKREPLRuledefault: Specifies the replication rule for backup data.
ARREPLRuledefault: Specifies the replication rule for archive data.
SPREPLRuledefault: Specifies the replication rule for space-managed data.

If the file space rules for the data type are set to DEFAULT and you do not specify a rule for the BKREPLRULEDEFAULT, ARREPLRULEDEFAULT, or SPREPLRULEDEFAULT parameter, data is replicated according to the server rule for the data type.

You can specify normal-priority replication or high-priority replication rules. In a replication process that includes both normal and high-priority data, high-priority data is replicated first. Before you specify a rule, consider the order in which you want the data to be replicated.

You can specify the following rules:

ALL_DATA

Replicates active and inactive backup data, archive data, or space-managed data. The data is replicated with a normal priority.

ACTIVE_DATA

Replicates only active backup data. The data is replicated with a normal priority. This rule is valid only for BKREPLRULEDEFAULT.

Attention:

If you specify ACTIVE_DATA and one or more of the following conditions are true, inactive backup data on the target replication server is deleted, and inactive backup data on the source replication server is not replicated.

When a release version earlier than 7.1.1 is installed on either the source or target replication servers.
When you are using the REPLICATE NODE command with the FORCERECONCILE=YES parameter.
When you are running the initial replication of a file space after you configure replication, restore the database, or upgrade both the source and target replication servers from a release version earlier than 7.1.1.

If the previous conditions are not true, all new and changed files since the last replication are replicated, including inactive files, and files are deleted when they expire.

ALL_DATA_HIGH_PRIORITY

Replicates active and inactive backup data, archive data, or space-managed data. Data is replicated with a high priority.

ACTIVE_DATA_HIGH_PRIORITY

This rule is the same as the ACTIVE_DATA replication rule except data is replicated with a high priority. This rule is valid only for BKREPLRULEDEFAULT.

DEFAULT

Replicates data according to the server replication rule for backup data.

For example, suppose that you want to replicate the archive data in all the file spaces that belongs to a client node. Replication of the archive data is a high priority. One method to accomplish this task is to specify ARREPLRULEDEFAULT=DEFAULT. Ensure that the file space rules for archive data are also set to DEFAULT and that the server rule for archive data is set to ALL_DATA_HIGH_PRIORITY.

Restriction: If a node is configured for replication, the file space rules are set to DEFAULT after the node stores data on the source replication server.

NONE

Data of the specified type is not replicated.

For example, if you do not want to replicate space-managed data that belongs to a client node, specify SPREPLRULEDEFAULT=NONE

Tip: Do not confuse replication rules with replication storage rules. Replication rules are associated with the traditional method of node replication. You define a replication rule on the command line by using the REPLICATE NODE command. Replication storage rules are associated with a newer replication method that is more flexible and granular. You define replication storage rules by using the DEFINE STGRULE command. The BKREPLRuledefault, ARREPLRuledefault, and SPREPLRuledefault parameters apply to traditional replication rules.

RECOVERDamaged

Specifies whether damaged files can be recovered for this node from a target replication server. The parameter is optional. The default value is YES. You can specify one of the following values:

Yes: Specifies that recovery of damaged files from a target replication server is enabled for this node.
No: Specifies that recovery of damaged files from a target replication server is not enabled for this node.
Tip: The value of the RECOVERDAMAGED parameter is only one of several settings that determine whether damaged files are recovered. For information about how to specify the settings, see Settings that affect the recovery of damaged files.

ROLEOVERRIDE

Specifies whether to override the reported role of the client for processor value unit (PVU) estimation reporting. The default is USEREPORTED. The parameter is optional.

The role reported by the client is either client-device (for example, a workstation) or server-device (for example, file/print server, application server, database). By default, the client reports its role that is based on the client type and the operating system. All clients initially report their role as server-device, except for Backup-Archive Clients running Microsoft Windows workstation distributions (Windows Vista) and Macintosh OS X.

Specify one of the following values:

Client: Specifies a client-device.
Server: Specifies a server-device.
Other: Specifies that this node is not to be used for PVU estimation reporting. This value can be useful when multiple nodes are deployed for a physical system (for example, virtual environments, test nodes, retired nodes, and nodes not in production or clustering).
Usereported: Use the reported role that is provided by the client.

AUTHentication

This parameter specifies the password authentication method for the node. Specify one of the following values: LDAP or LOCAL. The parameter is optional and defaults to LOCAL. The default can change to LDAP if you use the SET DEFAULTAUTHENTICATION command and specify LDAP.

LOcal: Specifies that the local IBM Storage Protect server database is used.
LDap: Specifies that the node uses an LDAP server for password authentication.

SSLrequired (deprecated)

Specifies whether the node must use the Secure Sockets Layer (SSL) protocol to communicate with the IBM Storage Protect server. The parameter is optional. When you authenticate passwords with an LDAP directory server, you must protect the sessions by using SSL or another network security method.

Important: Beginning with IBM Storage Protect 8.1.2 software and Tivoli Storage Manager 7.1.8 software, this parameter is deprecated. The validation that was enabled by this parameter is replaced by the TLS protocol, which is enforced by the SESSIONSECURITY parameter. The SSLREQUIRED parameter is ignored. Update your configuration to use the SESSIONSECURITY parameter.

SESSIONSECurity

Specifies whether the node must use the most secure settings to communicate with an IBM Storage Protect server. This parameter is optional.

You can specify one of the following values:

STRict

Specifies that the strictest security settings are enforced for the node. . The TLS protocol is used for SSL sessions between the server and the node. To specify whether the server uses TLS for the entire session or only for authentication, see the SSL client option.

Beginning with IBM Storage Protect 8.1.11, you can enable the TLS 1.3 protocol to secure communications between servers, clients, and storage agents. To use TLS 1.3, both parties in the communication session must use TLS 1.3. If either party uses TLS 1.2, then both parties use TLS 1.2 by default.

To use the STRICT value, the following requirements must be met to ensure that the node can authenticate with the server:

Both the node and server must be using IBM Storage Protect software that supports the SESSIONSECURITY parameter.
The node must be configured to use TLS 1.2 or later for SSL sessions between the server and the node.

Nodes set to STRICT that do not meet these requirements are unable to authenticate with the server.

TRANSitional

Specifies that the existing security settings are enforced for the node. This is the default value. This value is intended to be used temporarily while you update your security settings to meet the requirements for the STRICT value.

If SESSIONSECURITY=TRANSITIONAL and the node has never met the requirements for the STRICT value, the node continues to authenticate by using the TRANSITIONAL value. However, after a node meets the requirements for the STRICT value, the SESSIONSECURITY parameter value automatically updates from TRANSITIONAL to STRICT. Then, the node can no longer authenticate by using a version of the client or an SSL/TLS protocol that does not meet the requirements for STRICT. In addition, after a node successfully authenticates by using a more secure communication protocol, the node can no longer authenticate on the same server by using a less secure protocol. For example, if a node that is not using SSL is updated and successfully authenticates by using TLS 1.2, the node can no longer authenticate by using no SSL protocol or by using TLS 1.1. This restriction also applies when you use functions such as virtual volumes, when the node authenticates to the IBM Storage Protect server as a node from another server.

SPLITLARGEObjects

Specifies whether large objects that are stored by this node are automatically split into smaller pieces, by the server, to optimize server processing. The parameter is optional. Specifying YES causes the server to split large objects (over 10 GB) into smaller pieces when stored by a client node. Specifying NO bypasses this process. Specify NO only if your primary concern is maximizing throughput of backups directly to tape. The default value is Yes.

MINIMUMExtentsize

Specifies the extent size that is used during data deduplication operations for cloud-container storage pools and directory-container storage pools on this node. In most system environments, the default value of 50 KB is appropriate. However, if you plan to deduplicate data from an Oracle or SAP database, and the average extent size is less than 100 KB, you can help optimize performance by specifying a larger extent size. Data in Oracle and SAP databases is typically deduplicated with extent sizes that are much smaller than the default average size of 256 KB. Small extent sizes can negatively affect the performance of backup and expiration operations and can result in unnecessary growth of the IBM Storage Protect server database.

Requirement: Before you specify an extent size other than the default, evaluate the storage environment and consider the tradeoffs:

Is data deduplicated efficiently? To find out, generate data deduplication statistics by using the GENERATE DEDUPSTATS command and view the statistics by using the QUERY DEDUPSTATS command. If the output of the QUERY DEDUPSTATS command shows a value of less than 15% in the Deduplication Percentage field, consider increasing the value of the MINIMUMEXTENTSIZE parameter to 750 KB. In this way, you can help to prevent unnecessary growth of the database and potentially improve performance.
Is the average extent size less than 100 KB? To find out, generate data deduplication statistics by using the GENERATE DEDUPSTATS command and view the statistics by using the QUERY DEDUPSTATS command. Based on the output, calculate the average extent size by using the following formula:
Total Protected Data/(Compressed Extent Count + Uncompressed Extent Count)
If the average extent size is less than 100 KB, consider increasing the value of the MINIMUMEXTENTSIZE parameter.
Can you accept a temporary reduction in the deduplication ratio? A larger extent size might initially reduce the efficacy of data deduplication because the new extent size does not match the previous extent size. However, data deduplication stabilizes after several backup operations are completed.
Can you accept a temporary increase in network traffic? A larger extent size might initially increase network traffic for backup operations that rely on client-side data deduplication because extents of the new size will not match extents of the previous size. Backup operations might require additional time until a steady state is achieved. A larger extent size can also temporarily increase network traffic for server-to-server replication operations, which might take longer until a steady state is achieved.
Can you accept temporary growth of the server database and temporary usage of more storage space?

Specify a larger extent size only if you are willing to accept the listed tradeoffs to achieve better performance of backup and expiration operations.

You can specify one of the following values:

50KB: Specifies that normal extent sizes are used for data deduplication. The normal minimum extent size is 50 KB with a target average size of 256 KB. This is the default value.
250KB: Specifies that a minimum extent size of 250 KB is used for data deduplication with a target average size of 1 MB. This value can be useful for large nodes in which the average extent size is much smaller than the default target size of 256 KB.
750KB: Specifies that a minimum extent size of 750 KB is used for data deduplication with a target average size of 2 MB.

Example: Register a client node that only the root user can back up

register node mete0rite KingK0ng
backupinit=root

Example: Register a client node and password and set compression on

Register the client node JOEOS2 with the password SECRETCODE and assign this node to the DOM1 policy domain. This node can delete its own backup and archive files from the server. All files are compressed by the client node before they are sent to the server. This command automatically creates a JOEOS2 administrative user ID with password SECRETCODE. In addition, the administrator now has client owner authority to the JOEOS2 node.

register node joeos2 secretcode domain=dom1
 archdelete=yes backdelete=yes
 compression=yes

Example: Grant client owner authority for an existing administrative user

Grant client owner authority to an existing administrative user ID, HELPADMIN, when you register the client node JAN. This step would not automatically create an administrator ID named JAN, but would grant client owner authority for this node to the HELPADMIN administrator.

register node jan pwd1safe userid=helpadmin

Example: Register a NAS file server node that uses NDMP operations

Register a node name of NAS1 for a NAS file server that is using NDMP operations. Assign this node to a special NAS domain.

register node nas1 pwd4nas1 domain=nasdom type=nas

Example: Register a node and specify the maximum number of files per transaction commit

register node ed pw459twx txngroupmax=1000

Example: Register a node and allow it to deduplicate data on the client system

register node jim jimspass deduplication=clientorserver

Example: Register a node name of ED and set the role as a server-device for PVU estimation reporting

register node ed pw459twx roleoverride=server

Example: Register a node on a source replication server

Define NODE1 to a source replication server. Specify a replication rule for the backup data that belongs to NODE1 so that active backup data is replicated with a high priority. Enable replication for the node.

register node node1 bkreplruledefault=active_data_high_priority replstate=enabled

Example: Register a node that authenticates with an LDAP server

register node node1pwd authentication=ldap

Tip: When you register a node in this way, an administrative user ID is not created.

Example: Register a node to communicate with a server by using strict session security

register node node4pwd sessionsecurity=strict

Example: Register a node and enable recovery of damaged files

Register a node name of PAYROLL. For the PAYROLL node, enable the recovery of damaged files from a target replication server.

register node payroll recoverdamaged=yes

Example: Register a node as an object client

register node oco10 type=objectclient domain=objclientdom

Related commands

Table 2. Commands related to REGISTER NODE
Command	Description
DEFINE ASSOCIATION	Associates clients with a schedule.
DEFINE DATAMOVER	Defines a data mover to the IBM Storage Protect server.
DEFINE MACHNODEASSOCIATION	Associates an IBM Storage Protect node with a machine.
DELETE FILESPACE	Deletes data associated with client file spaces. If a file space is part of a collocation group and you remove the file space from a node, the file space is removed from the collocation group.
DEFINE SERVER	Defines a server for server-to-server communications.
LOCK NODE	Prevents a client from accessing the server.
QUERY FILESPACE	Displays information about data in file spaces that belong to a client.
QUERY NODE	Displays partial or complete information about one or more clients.
QUERY PVUESTIMATE	Displays an estimate of the client-devices and server-devices being managed.
QUERY REPLNODE	Displays information about the replication status of a client node.
REGISTER ADMIN	Defines a new administrator.
REMOVE NODE	Removes a client from the list of registered nodes for a specific policy domain.
REMOVE REPLNODE	Removes a node from replication.
RENAME NODE	Changes the name for a client node.
REPLICATE NODE	Replicates data in file spaces that belong to a client node.
RESET PASSEXP	Resets the password expiration for nodes or administrators.
SET DEFAULTAUTHENTICATION	Specifies the default password authentication method for any REGISTER NODE or REGISTER ADMIN commands.
SET PASSEXP	Specifies the number of days after which a password is expired and must be changed.
SET CPUINFOREFRESH	Specifies the number of days between client scans for workstation information used for PVU estimates.
SET DEDUPVERIFICATIONLEVEL	Specifies the percentage of extents verified by the server during client-side deduplication.
SET REPLRECOVERDAMAGED	Specifies whether node replication is enabled to recover damaged files from a target replication server.
UNLOCK NODE	Enables a locked user in a specific policy domain to access the server.
UPDATE ADMIN	Changes the password or contact information associated with any administrator.
UPDATE FILESPACE	Changes file-space node-replication rules.
UPDATE NODE	Changes the attributes that are associated with a client node.