UPDATE SERVER (Update a server defined for server-to-server communications)

Use this command to update a server definition.

Restriction: If this server is a source server for a virtual volume operation, changing any of these values can affect the ability of the source server to access and manage the data that is stored on the corresponding target server. Changing the server name by using the SET SERVERNAME command might have additional implications, varying by operating system. The following are some examples:
  • Passwords might be invalidated
  • Device information might be affected
  • Registry information about Windows operating systems might change

Privilege class

To issue this command, you must have system privilege.

Syntax for:

  • Enterprise configuration
  • Enterprise event logging
  • Command routing
  • Storage agent
  • Node replication source and target servers
  • Linux operating systemsAIX operating systemsz/OS® media server
  • Object client data operations
Read syntax diagramSkip visual syntax diagram UPDate SERver server_name SERVERPAssword=passwordHLAddress=ip_addressLLAddress=tcp_portCOMMmethod=TCPIPURL=urlALLOWReplace=YesNoDESCription=descriptionFORCESync=YesNo1VALIdateprotocol=NoAllSSL=NoYesSESSIONSECurity=TRANSitionalSESSIONSECurity=STRictTRANSitionalTRANSFERMethod=TcpipTRANSFERMethod=TcpipFasp2
Notes:
  • 1 The VALIDATEPROTOCOL parameter is deprecated and applies only to storage agent definitions.
  • 2 The TRANSFERMETHOD parameter is available only on Linux® x86_64 operating systems.

Syntax for virtual volumes

Read syntax diagramSkip visual syntax diagramUPDateSERverserver_name PAssword=passwordHLAddress=ip_addressLLAddress=tcp_portCOMMmethod=TCPIPURL=urlDELgraceperiod=daysNODEName=node_nameSSL=YesSESSIONSECurity=TRANSitionalSESSIONSECurity=STRictTRANSitionalFORCESync=YesNoDESCription=description

Syntax for object agents

Read syntax diagramSkip visual syntax diagram UPDate SERver server_name HLAddress=ip_addressLLAddress=tcp_portCOMMmethod=TCPIPURL=urlDESCription=description

Parameters

server_name (Required)
Specifies the name of the server to be updated. This parameter is required.
PAssword
Specifies the password that is used to sign on to the target server for virtual volumes. This parameter is optional. If you specify a password, the minimum length of the password is 8 characters unless a different value is specified by using the SET MINPWLENGTH command. The maximum length of the password is 64 characters.
SERVERPAssword
Specifies the server password, which is used for enterprise configuration, command routing, and server-to-server event logging functions. The password must match the server password that is set by the SET SERVERPASSWORD command. This parameter is optional. The minimum length of the password is 8 characters unless a different value is specified by using the SET MINPWLENGTH command. The maximum length of the password is 64 characters.
HLAddress
Specifies the IP address (in dotted decimal format) of the server. This parameter is optional.
Tip: If you previously set up an object agent and change this parameter, the following actions occur:
  • The existing object agent configuration file is updated with the new information.
  • A new object agent certificate is generated. All object clients backing up to the object agent must import the new certificate.
LLAddress
Specifies the low-level address of the server. This address is usually the same as the address in the TCPPORT server option of the target server. When SSL=YES, the port must already be designated for SSL communications on the target server. The range of values is 1 - 32767.
Tip: If you previously set up an object agent and change this parameter, the existing object agent configuration file is updated with the new information.
COMMmethod
Specifies the communication method that is used to connect to the server. This parameter is optional.
URL
Specifies the URL address that is used to access this server from the Administration Center. The parameter is optional.
DELgraceperiod
Specifies a number of days that an object remains on the target server after it was marked for deletion. You can specify a value 0 - 9999. The default is 5. This parameter is optional.
NODEName
Specifies a node name to be used by the server to connect to the target server. This parameter is optional.
DESCription
Specifies a description of the server. This parameter is optional. The description can be up to 255 characters. Enclose the description in quotation marks if it contains blank characters. To remove an existing description, specify a null string ('').
FORCESync
Specifies whether to reset the server verification key when the source server next signs on to the target server. A valid verification key enables a source server to put objects on the target server, manage the grace deletion period value, and update the password, if the current password is known and the verification key matches. The parameter is optional. You can specify one of the following values:
Yes
Specifies that a new verification key will be sent to and accepted by the target server if a valid password is received.
No
Specifies that a new verification key will not be sent to the target server.
VALIdateprotocol (deprecated)
Specifies whether a cyclic redundancy check validates the data sent between the storage agent and the IBM Spectrum® Protect server. The parameter is optional. The default is NO.
Important: Beginning with IBM Spectrum Protect Version 8.1.2 and Tivoli® Storage Manager Version 7.1.8, validation that is enabled by this parameter is replaced by the TLS protocol, which is enforced by the SESSIONSECURITY parameter. The VALIDATEPROTOCOL parameter is ignored. Update your configuration to use the SESSIONSECURITY parameter.
ALLOWReplace
Specifies whether a server definition that was defined by a managed server can be replaced with a definition from the configuration manager. This parameter is optional. You can specify one of the following values:
Yes
Specifies that a server definition can be replaced by a definition from the configuration manager.
No
Specifies that a server definition cannot be replaced by the definition from the configuration manager.
SSL
Specifies the communication mode of the server.
Important: Beginning with IBM Spectrum Protect V8.1.2 and Tivoli Storage Manager V7.1.8, SSL is used to encrypt some communication with the specified server even when you specify NO.
The following conditions and considerations apply when you specify the SSL parameter:
  • Before starting the servers, self-signed certificates of the partner servers must be in the key database file (cert.kdb) of each of the servers.
  • You can define multiple server names with different parameters for the same target server.

You can specify one of the following values:

No
Specifies an SSL session for all communication with the specified server, except when the server is sending or receiving object data. Object data is sent and received by using TCP/IP. By choosing not to encrypt the object data, server performance is similar to communication over a TCP/IP session and the session is secure.
Yes
Specifies an SSL session for all communication with the specified server, even when the server is sending and receiving object data.
SESSIONSECurity
Specifies whether the server that you are defining must use the most secure settings to communicate with an IBM Spectrum Protect server. This parameter is optional.
Restriction: This parameter does not apply to object agent definitions.

You can specify one of the following values:

STRict
Specifies that the strictest security settings are enforced for the server that you are defining. The TLS protocol is used for SSL sessions between the specified server and an IBM Spectrum Protect server.
To use the STRICT value, the following requirements must be met to ensure that the specified server can authenticate with the IBM Spectrum Protect server:
  • Both the server that you are defining and the IBM Spectrum Protect server must be using IBM Spectrum Protect software that supports the SESSIONSECURITY parameter.
  • The server that you are defining must be configured to use TLS Version 1.2 or later for SSL sessions between itself and the IBM Spectrum Protect server.
Servers set to STRICT that do not meet these requirements are unable to authenticate with the IBM Spectrum Protect server.
TRANSitional
Specifies that the existing security settings are enforced for the server. This is the default value. This value is intended to be used temporarily while you update your security settings to meet the requirements for the STRICT value.

If SESSIONSECURITY=TRANSITIONAL and the server has never met the requirements for the STRICT value, the server will continue to authenticate by using the TRANSITIONAL value. However, after a server meets the requirements for the STRICT value, the SESSIONSECURITY parameter value automatically updates from TRANSITIONAL to STRICT. Then, the server can no longer authenticate by using a version of the client or an SSL/TLS protocol that does not meet the requirements for STRICT. In addition, after a server successfully authenticates by using a more secure communication protocol, the server can no longer authenticate by using a less secure protocol. For example, if a server that is not using SSL is updated and successfully authenticates by using TLS 1.2, the server can no longer authenticate by using no SSL protocol or TLS 1.1. This restriction also applies when you use functions such as virtual volumes, command routing, or server-to-server export, when a node or administrator authenticates to the IBM Spectrum Protect server as a node or administrator from another server.

Linux operating systemsTRANSFERMethod
Linux operating systemsSpecifies the method that is used for server-to-server data transfer. This parameter is optional. You can specify one of the following values:
Tcpip
Specifies that TCP/IP is used to transfer data. This is the default.
Fasp
Specifies that IBM® Aspera® Fast Adaptive Secure Protocol (FASP®) technology is used to transfer data. Aspera FASP technology can help you optimize data transfer in a wide area network (WAN).
Restrictions:
  • Before you enable Aspera FASP technology, determine whether the technology is appropriate for your system environment and install the appropriate licenses. For instructions, see Determining whether Aspera FASP technology can optimize data transfer in your system environment. If the licenses are missing or expired, data transfer operations fail.
  • If WAN performance meets your business needs, do not enable Aspera FASP technology.
  • If you specify TRANSFERMETHOD=FASP on the PROTECT STGPOOL or REPLICATE NODE command, that value overrides the TRANSFERMETHOD parameter on the DEFINE SERVER and UPDATE SERVER commands.

Example: Update a deletion grace period for a server

Update the definition of SERVER2 to specify that objects remain on the target server for 10 days after they were marked for deletion.
update server server2 delgraceperiod=10

Example: Update the URL for a server

Update the definition of NEWSERVER to specify its URL address to be http://newserver:1580/.
update server newserver url=http://newserver:1580/

Example: Update all servers to communicate with an IBM Spectrum Protect server by using strict session security

Update the definition of all servers to use the strictest security settings to authenticate with the IBM Spectrum Protect server.
update server * sessionsecurity=strict

Related commands

Table 1. Commands related to UPDATE SERVER
Command Description
DEFINE DEVCLASS Defines a device class.
DEFINE SERVER Defines a server for server-to-server communications.
DELETE DEVCLASS Deletes a device class.
DELETE FILESPACE Deletes data associated with client file spaces. If a file space is part of a collocation group and you remove the file space from a node, the file space is removed from the collocation group.
DELETE SERVER Deletes the definition of a server.
QUERY NODE Displays partial or complete information about one or more clients.
QUERY SERVER Displays information about servers.
RECONCILE VOLUMES Reconciles source server virtual volume definitions and target server archive objects.
REGISTER NODE Defines a client node to the server and sets options for that user.
REMOVE NODE Removes a client from the list of registered nodes for a specific policy domain.
UPDATE DEVCLASS Changes the attributes of a device class.
UPDATE NODE Changes the attributes that are associated with a client node.