UPDATE SERVER (Update a server defined for server-to-server communications)
Use this command to update a server definition.
- Passwords might be invalidated
- Device information might be affected
- Registry information about Windows operating systems might change
Privilege class
To issue this command, you must have system privilege.
Syntax for:
- Enterprise configuration
- Enterprise event logging
- Command routing
- Storage agent
- Node replication source and target servers
- z/OS® media server
- Object client data operations
Syntax for virtual volumes
Syntax for object agents
Parameters
- server_name (Required)
- Specifies the name of the server to be updated. This parameter is required.
- PAssword
- Specifies the password that is used to sign on to the target server for virtual volumes. This parameter is optional. If you specify a password, the minimum length of the password is 8 characters unless a different value is specified by using the SET MINPWLENGTH command. The maximum length of the password is 64 characters.
- SERVERPAssword
- Specifies the server password, which is used for enterprise configuration, command routing, and server-to-server event logging functions. The password must match the server password that is set by the SET SERVERPASSWORD command. This parameter is optional. The minimum length of the password is 8 characters unless a different value is specified by using the SET MINPWLENGTH command. The maximum length of the password is 64 characters.
- HLAddress
- Specifies the IP address (in dotted decimal format) of the server. This parameter is
optional.Tip: If you previously set up an object agent and change this parameter, the following actions occur:
- The existing object agent configuration file is updated with the new information.
- A new object agent certificate is generated. All object clients backing up to the object agent must import the new certificate.
- LLAddress
- Specifies the low-level address of the server. This address is usually the same as the address
in the TCPPORT server option of the target server. When
SSL=YES, the port must already be designated for SSL communications on the
target server. The range of values is 1 - 32767.Tip: If you previously set up an object agent and change this parameter, the existing object agent configuration file is updated with the new information.
- COMMmethod
- Specifies the communication method that is used to connect to the server. This parameter is optional.
- URL
- Specifies the URL address that is used to access this server from the Administration Center. The parameter is optional.
- DELgraceperiod
- Specifies a number of days that an object remains on the target server after it was marked for deletion. You can specify a value 0 - 9999. The default is 5. This parameter is optional.
- NODEName
- Specifies a node name to be used by the server to connect to the target server. This parameter is optional.
- DESCription
- Specifies a description of the server. This parameter is optional. The description can be up to 255 characters. Enclose the description in quotation marks if it contains blank characters. To remove an existing description, specify a null string ('').
- FORCESync
- Specifies whether to reset the server verification key when the
source server next signs on to the target server. A valid verification
key enables a source server to put objects on the target server, manage
the grace deletion period value, and update the password, if the current
password is known and the verification key matches. The parameter
is optional. You can specify one of the following values:
- Yes
- Specifies that a new verification key will be sent to and accepted by the target server if a valid password is received.
- No
- Specifies that a new verification key will not be sent to the target server.
- VALIdateprotocol (deprecated)
- Specifies whether a cyclic redundancy check validates the data sent between the storage agent
and the IBM Spectrum® Protect server. The parameter is optional.
The default is NO. Important: Beginning with IBM Spectrum Protect Version 8.1.2 and Tivoli® Storage Manager Version 7.1.8, validation that is enabled by this parameter is replaced by the TLS protocol, which is enforced by the SESSIONSECURITY parameter. The VALIDATEPROTOCOL parameter is ignored. Update your configuration to use the SESSIONSECURITY parameter.
- ALLOWReplace
- Specifies whether a server definition that was defined by a managed
server can be replaced with a definition from the configuration manager.
This parameter is optional. You can specify one of the following values:
- Yes
- Specifies that a server definition can be replaced by a definition from the configuration manager.
- No
- Specifies that a server definition cannot be replaced by the definition from the configuration manager.
- SSL
- Specifies the communication mode of the server. Important: Beginning with IBM Spectrum Protect V8.1.2 and Tivoli Storage Manager V7.1.8, SSL is used to encrypt some communication with the specified server even when you specify NO.The following conditions and considerations apply when you specify the SSL parameter:
- Before starting the servers, self-signed certificates of the partner servers must be in the key database file (cert.kdb) of each of the servers.
- You can define multiple server names with different parameters for the same target server.
You can specify one of the following values:
- No
- Specifies an SSL session for all communication with the specified server, except when the server is sending or receiving object data. Object data is sent and received by using TCP/IP. By choosing not to encrypt the object data, server performance is similar to communication over a TCP/IP session and the session is secure.
- Yes
- Specifies an SSL session for all communication with the specified server, even when the server is sending and receiving object data.
- SESSIONSECurity
- Specifies whether the server that you are defining must use the most secure settings to
communicate with an IBM Spectrum Protect server. This parameter
is optional. Restriction: This parameter does not apply to object agent definitions.
You can specify one of the following values:
- STRict
- Specifies that the strictest security settings are enforced for the server that you are defining. The TLS protocol is used for SSL sessions between the specified server and an IBM Spectrum Protect server.
- TRANSitional
- Specifies that the existing security settings are enforced for the server. This is the default
value. This value is intended to be used temporarily while you update your security settings to meet
the requirements for the STRICT value.
If SESSIONSECURITY=TRANSITIONAL and the server has never met the requirements for the STRICT value, the server will continue to authenticate by using the TRANSITIONAL value. However, after a server meets the requirements for the STRICT value, the SESSIONSECURITY parameter value automatically updates from TRANSITIONAL to STRICT. Then, the server can no longer authenticate by using a version of the client or an SSL/TLS protocol that does not meet the requirements for STRICT. In addition, after a server successfully authenticates by using a more secure communication protocol, the server can no longer authenticate by using a less secure protocol. For example, if a server that is not using SSL is updated and successfully authenticates by using TLS 1.2, the server can no longer authenticate by using no SSL protocol or TLS 1.1. This restriction also applies when you use functions such as virtual volumes, command routing, or server-to-server export, when a node or administrator authenticates to the IBM Spectrum Protect server as a node or administrator from another server.
- TRANSFERMethod
- Specifies the method that is used for server-to-server data transfer. This parameter is optional. You can specify one of the following values:
- Tcpip
- Specifies that TCP/IP is used to transfer data. This is the default.
- Fasp
- Specifies that IBM®
Aspera® Fast Adaptive Secure Protocol (FASP®) technology is used to transfer data. Aspera
FASP technology can help you optimize data transfer in a wide
area network (WAN). Restrictions:
- Before you enable Aspera FASP technology, determine whether the technology is appropriate for your system environment and install the appropriate licenses. For instructions, see Determining whether Aspera FASP technology can optimize data transfer in your system environment. If the licenses are missing or expired, data transfer operations fail.
- If WAN performance meets your business needs, do not enable Aspera FASP technology.
- If you specify TRANSFERMETHOD=FASP on the PROTECT STGPOOL or REPLICATE NODE command, that value overrides the TRANSFERMETHOD parameter on the DEFINE SERVER and UPDATE SERVER commands.
Example: Update a deletion grace period for a server
Update the definition of SERVER2 to specify that objects remain on the target server for 10 days after they were marked for deletion.update server server2 delgraceperiod=10
Example: Update the URL for a server
Update the definition of NEWSERVER to specify its URL address to be http://newserver:1580/.update server newserver url=http://newserver:1580/
Example: Update all servers to communicate with an IBM Spectrum Protect server by using strict session security
Update the definition of all servers to use the strictest security settings to authenticate with the IBM Spectrum Protect server.update server * sessionsecurity=strict
Related commands
Command | Description |
---|---|
DEFINE DEVCLASS | Defines a device class. |
DEFINE SERVER | Defines a server for server-to-server communications. |
DELETE DEVCLASS | Deletes a device class. |
DELETE FILESPACE | Deletes data associated with client file spaces. If a file space is part of a collocation group and you remove the file space from a node, the file space is removed from the collocation group. |
DELETE SERVER | Deletes the definition of a server. |
QUERY NODE | Displays partial or complete information about one or more clients. |
QUERY SERVER | Displays information about servers. |
RECONCILE VOLUMES | Reconciles source server virtual volume definitions and target server archive objects. |
REGISTER NODE | Defines a client node to the server and sets options for that user. |
REMOVE NODE | Removes a client from the list of registered nodes for a specific policy domain. |
UPDATE DEVCLASS | Changes the attributes of a device class. |
UPDATE NODE | Changes the attributes that are associated with a client node. |