Authentication
HP Systems Insight Manager (HP SIM) was running fine, but
now I receive error messages in the console, such as authentication
failure and error accessing database, when
trying to run HP SIM.
Solution: To resolve this issue, be sure that
the DNS server correctly associates the network address used by HP SIM with
the host name of the CMS. If it you are using a DHCP server to assign the central management server
(CMS) IP address, statically allocate the IP address. You cannot change
the host name of the HP SIM.
Automatic Event Handling
Some of my Automatic Event Handling messages
appear garbled.
Solution: If you are running an old version
of the Microsoft Exchange Server (for example, 5.5) and have problems opening
an HTML e-mail message sent from the HP SIM event handler, then the Microsoft
Exchange Server must be updated to support the CP1252 character set and map
CP1252 to US-ASCII. See http://support.microsoft.com/default.aspx?scid=kb;en-us;184772 for
more information.
Browser
When I try to browse to the System Management Homepage on the
same Linux system on which HP SIM is installed, I receive multiple browser warning
messages.
Solution:
Open a terminal window. At the command prompt, enter:
cp /etc/opt/hp/sslshare/* /opt/hp/sslshare
Press the Enter key. At the command prompt, enter:
service hpsmhd restart
Press the Enter key.
When browsing into a Linux or HP-UX CMS
on which the HP Insight Management Agents are installed, a Security Alert dialog
box appears when I click an Insight Management Agent.
Solution: The Management HTTP server certificate
has not been overwritten with the HP SIM certificate because OpenSSL is
not configured correctly. On Linux, OpenSSL should be installed in the /usr/bin/ directory.
On HP-UX, OpenSSL should be installed in the /opt/apache/ssl/bin/ directory.
Install OpenSSL to the correct directory, and then create a new HP SIM certificate
to resolve this issue.
I am receiving security alert dialog boxes on
the System Page when I click a system link to the Insight Management Agents
that reside on the HP SIM Server that I am logged into.
Solution 1: If the security alert states that
the name on the certificate does not match the name of the site, you can change
settings in HP SIM so that links to systems use the same format as the names in
the system certificate. Select Options Security System Link Configuration. The Systems
Link Configuration page appears. Select one of the available options. View the system's certificate
to see the name format it is using. Click [OK].
If your system certificates use a name format that does not resolve
correctly on your network, then select a link format that does. In
this case, you continue to see this name mismatch alert even if you have imported
the system certificate into the browser trusted list. This condition can be avoided
by disabling the check in Internet Explorer. To do this, select Tools Internet Options, and select the Advanced tab.
Under Security settings, deselect Warn about
invalid site certificates. However, HP does not recommend using this procedure, and it should be considered carefully in accordance with your own security policies
and guidelines. Disabling the Warn about invalid site certificates setting
in your browser reduces your ability to properly identify the HP SIM server
or managed system you are browsing to and any external or internal internet
sites having nothing to do with Web-based management products.
Solution 2: If the security alert is for another
reason, such as an untrusted or invalid certificate, refer to "Browser" for
more information.
When accessing HP SIM after installation
is complete, I receive a message stating that the host name in the certificate
does not match the URL.
Solution: Create a new certificate after installation
with the IP address in the CN field. Refer to "Creating a Server Certificate" more
information. After the new certificate is created, restart the HP SIM service.
I receive a security
alert when accessing a system.
Solution: Be sure that you have the system
server certificate imported into your browser and that you browse to the
system using the same name as specified in the certificate. For example, having Browsing
to localhost set in Internet Options is most likely the cause for this security alert.
I receive the following error message when
browsing to different pages within HP SIM:
This window contains both secure and non-secure
items
Solution: Several conditions could cause the
browser to display this warning message: Improper version of Internet Explorer
There is a known problem in Internet Explorer 6.0 that causes this warning
message to be erroneously displayed. Pages within HP SIM that are likely
to experience the problem include the Home page and the Task
Results page, though this problem is not limited to those pages. To resolve this problem with the browser, ensure that you have at least
version 5.50.4522.1800 by examining the Version string
in the browser About box. For more information on the problem with Internet Explorer, refer to
Microsoft Knowledge Base article Q269682. For more information on how to determine
which browser version you have installed, refer to Microsoft Knowledge Base
article Q164539. Navigating to a system that does not support SSL
If you navigate to a HP SIM System Page for a
system that does not support SSL, system links to the system specify the usage
of HTTP, a non-secure protocol, rather than HTTPS. This condition would cause the browser
to display both secure items from HP SIM and non-secure items from the system,
thus prompting the warning. There might be newer versions of the HP Insight Management Agent for your system that support
SSL. If there are not or you want to view the system now, click [Yes] to
display the non-secure items, or you will not be able to view the system.
All data between the browser and the managed system continues to be encrypted
using SSL, and data between the browser and the system is not encrypted using
SSL. The sign in applet for older HP Insight Management Agent takes special care to separately
encode your sign in credentials so that you can securely sign in, but all
other data is not encrypted. An error page displayed in browser
The browser might be attempting to display an error page, in which case
it displays this warning message. For more information, refer to Microsoft
Knowledge Base article Q184960.
When browsing to Insight Management Agent on the HP SIM Server
itself, multiple security alerts appear while browsing the agent.
Solution: This condition occurs under the following
conditions: Browsing to Insight Management Agent on the same system as the HP SIM Server.
For example, the HP SIM Server is named DAMON, and while browsing to HP SIM,
you navigate to the System Page for DAMON and select
one of the Web-based management links such as System Management
Homepage. Both certificates for the Insight Management Agent and HP SIM are not imported
into the browser.
Even though HP SIM and the Insight Management Agent are both running on the same system,
they are not the same SSL Web server and do not have the same certificate. To stop the security alert windows from displaying, import both certificate
for HP SIM and the Web-based Management Agent into the browser. Refer to Server Certificates - Importing a Server Certificate for
more information. The information provided there can also be applied to importing
the Web-based Management Agent certificate as well. If the security alert is caused by a name mismatch between the name
on the certificate and the name on the address, importing the certificates
does not resolve the problem. Instead, browse to HP SIM or the Management
Agent using the name in the certificate, or browse to one using the certificate
name and the other not using the certificate name. For example, browse to HP SIM using
the IP address and to the Management Agent using the system name, or browse
to HP SIM using the system name and to the Management Agent using the IP
address. Using two different names helps separate the two domains in the browser,
preventing confusion with different certificates for the same domain. Refer
to remaining security problems for more information. Starting with HP SIM attempts to synchronize its certificate and private
key with the local HTTP server for the Insight Management Agent to alleviate this problem. If
synchronization has occurred, the system should be restarted to ensure both HP SIM and
the HTTP server restart with the synchronized certificate. Refer to Server Certificates - Synchronizing Certificates for more details.
I am receiving a Page not found error when accessing a managed system.
Solution: The browser message will vary based on the browser. Internet Explorer displays page cannot be displayed and Mozilla displays <system> could not be found. Ensure the browser can navigate to the managed system using the name shown in the URL. The URL for the managed system might be only part of what is shown in the browser address bar. To change the format of the name used by HP SIM, modify the System Link Configuration setting:
From the HP SIM CMS, select Options Security System Link Configuration. The System Link Configuration page appears.
Select one of the following options:
Use the system name. Used to specify the short name. Use the system IP address. Used to specify the IP address. Use the system's full DNS name. Used to specify the full DNS name.
Click [OK]. Your setting is saved.
CLI
From the command line, I entered mxmib
-f SHIPPING CFGs not preloaded.txt
,
and I received the error The following is an invalid argument
value: CFGs.
Solution: The command mxmib cannot
handle spaces. Place the file name in quotes, for example, enter mxmib
-f "SHIPPING CFGs not preloaded.txt".
The command mxagentconfig -a cms_name -p password
fails with
Unknown hostname: 'cms_name'
.
Solution: For verification purposes, use nslookup cms_name
to test the network name resolution on the managed system. To
correct the problem, set up a network name resolution properly on the managed
system by adding CMS information to the managed system /etc/hosts file.
The command mxnode -a system_name
or mxnode -r system_name
fails with: Unknown host: ‘system_name’ System
ignored.
Verification: Use nslookup system_name
to test the network name resolution on the CMS.
Solution: Set up network name resolution properly
on the CMS.
I am receiving a message, Another
user is currently using mxmib, please try again. How do I
resolve this?
Solution: This behavior is expected. Run mxmib
-r to clear the interlock.
MXMIB enables me to compile a MIB with a different
file name, but the same internal module name already exists and is a compiled
MIB, which is causing inconsistency in the database.
Solution: The module name and file name must
be consistent. If the file names do not match, the files might become corrupt. If attempting to compile a MIB that already exists in the database,
the CLI message states that it is importing even though it is actually updating.
I am a member of an existing HP SIM user
group, but when I try to run commands from the CLI, I receive an error
message, stating There was a problem connecting to the HP SIM server.
Be sure that:
Your user name has been added to HP SIM.
Do this by signing into the HP SIM GUI at least one time.
Your username and password, if specified,
are correctly spelled.
HP SIM is running.
You used '--' for any long options and
double quotes if your username include s a domain. For example, <commandname>
--user "mydomain\myusername" --pass mypassword.
I ran the command mxnodesecurity
-r -p protocol –n <non-full-DNS-name> and received a message that
the system was removed. However, the system still exists in the
mxnodesecurity list.
Solution: To delete a system from the mxnodesecurity
list using the command mxnodesecurity -r –p protocol –n
<hostname>, use the fully qualified domain name in place
of <hostname>.
I am a full-configuration-rights user. However,
I receive an exception when trying to run the CLI commands.
Solution for mxnodesecurity: On
a Linux system, the command must be executed by the root user.
Solution for all CLI commands:
If you are a member of an HP SIM user group, sign in to the HP SIM GUI at least one time. After that, you will
be in the list of authorized users and will be able to run commands from the
CLI. On a Windows system, you must be a member of the Windows
Administrators group to execute CLI commands.
CIMOM
I have a common information model object manager (CIMOM) on a discovered network, but I do not receive
any information from the port.
Solution: Try one of the following solutions: If the CIMOM is installed and listening on a Secure Sockets
Layer (SSL) port other than the default port 5989, the new port number must
be specified in the config/identification/wbemportlist.xml file.
For example:
<port id="5991" protocol="https">
<interopnamespace name="root" />
<interopnamespace name="interop" />
</port>
|
Verify that the interop namespace for your WBEM provider exists
in a port element in the config/identification/wbemportlist.xml file.
If it does not exist, add it to a port element
as an interopnamespace element, and restart HP SIM.
Cluster
A cluster is not identified as a cluster.
Solution: If a cluster is not defined
as a cluster or any of its nodes are not identified correctly, be sure
all the Cluster Management Agents are installed (if necessary, reinstall)
on every cluster node of that cluster.
After manually adding a system as a cluster,
the system type does not change, even if the system is not a cluster.
Solution: If you manually add a system as
a cluster, the system type might not change even if the system was not a cluster
originally. To reset the system type, delete the system and run discovery.
Clusters or cluster nodes are not identified
correctly.
Solution: Clusters or cluster nodes might
not be found for the following reasons: Starting with SmartStart version 6.30, one of the cluster
agents is not installed correctly. The executable is installed on the cluster
node, but the Windows registry must be updated. Access the Windows registry (click Start Run and enter regedit.) Create the following key: Key: HKEY_LOCAL_MACHINE,"SOFTWARE\Compaq\CompaqCommonClusterAgent\CurrentVersion"
Value: Pathname,%REG_EXPAND_SZ%,"%SystemRoot%\System32\svrclu.dll"
This update is available starting with SmartStart CD 7.4. Be sure the IP ranges in automatic discovery are set to include
the cluster and cluster nodes (and not exclude them). If the name of the cluster or its node has changed,
be sure the DNS servers being used by the cluster and HP SIM both have the
new name. The cluster node might be down. The cluster node has Insight Agents older than version 4.22. The Insight Agents are not running on the cluster node. The SNMP Agents are not running on the cluster node. The network traffic is conjesting the network for a significant
time. SNMP community string might not be matching with that of the HP SIM settings.
Verify the following prerequisites are met: The Cluster Management Agents must be running on all the cluster
nodes. The system must be identified as a server or cluster for cluster
identification to run against that system during discovery.
The cluster node is not identified properly
by discovery.
Solution: The cluster node name for the DHCP
server might be different than its Windows NT name. The remedy is to explicitly
place the Windows NT computer names into the LMHOSTS file
on each cluster node, and then run discovery again. Also, be sure the registry
key for the svrclu.dll has been created. Refer to the
previous issue for information on the registry key.
A cluster or cluster node is not displayed
in the Cluster Monitor cluster or node resource settings.
Solution: This issue can result from specific HP Insight Management Agent
for those Cluster Monitor Resources that were not running at the time discovery was
run. Ensure that the correct agents are running on the clusters
and cluster nodes, and then run discovery again.
Cluster Monitor is not displaying properly.
Solution: Ensure that your browser is configured
to use Small Fonts as the Font Size.
The list boxes under Cluster Monitor within
Settings are not working properly.
Solution: It takes a few seconds for the down
arrows to appear on the list boxes. If there is more than one list box, select an option from the first box, and wait a few seconds to select an option from the second box and each subsequent box. If you make a selection too
soon, the list boxes might not work properly.
The cluster nodes are not discovered when
the cluster alias is used as the system in manual discovery.
Solution: In manual discovery, add the cluster
alias and each node separately to ensure they are entered into the database.
Alternatively, include the cluster alias and the node IP addresses in the
IP range.
What should I expect when running HP SIM on
a cluster?
Solution: HP SIM is not a cluster-aware application.
If each node of the cluster has an instance of HP SIM installed, each node
has a different certificate with the name of the node, not the name of the
cluster, unless you have created your own certificates using a certificate
server or other certification authority. When browsing to the cluster, if
your browser is configured to Warn about invalid site certificates,
the browser should display a security alert, warning you the name you have
browsed to does not match the name in the certificate. If you have not imported
the certificate into the browser or the certificate has not been issued by
a trusted certification authority, the security alert also informs you of
the untrusted origin of the certificate. Verify the certificate is correct
and continue. During a failover, one node fails and the other node becomes active.
Because HP SIM is not cluster-aware, any browsers open to HP SIM must be
closed, and you must browse to the cluster again. You might again be presented
with another security alert, using the certificate of the other node as previously
described. If so, verify the certificate and continue. Any managed system that establishes a trust relationship with the HP SIM server
(for example, for Single Login support, Replicate Agents, Update Software,
and so on) should trust all nodes of the cluster because any node could be
active and issue the desired command to the system. Refer to Trusted Certificates - Setting Up Trust Relationships for
more information on setting up trust relationships.
I am having problems identifying clusters.
Solution: If you notice that the cluster name
or cluster member name is the IP address of the system and not the host name,
download the new HP Insight Management Agent for Windows 2000/Server 2003 for each cluster member of
the cluster. Go to http://www.hp.com, and click Support
& Drivers.
On the Support & Drivers page, under Or
Select a product category, click Servers.
Click ProLiant and Pentium/Xeon servers. Click Compaq ProLiant Servers. Select the appropriate ProLiant series, for example, Compaq
ProSignia 720 server series. Select the appropriate server, for example, Compaq
ProSignia 720 server 3/350-512. In the tasks for your selected products box,
click download drivers and software. In the select operating system list, select
the appropriate operating system ,for example, Microsoft Widows
2000. In the select a category list, select Software
- System Management. Click HP Insight Management Agent for Windows 2000/Server 2003.
The agents are installed.
Collection
While trying to create a duplicate collection
name in a Shared or Private section, an error message is generated.
Solution: Duplicate collection names are not
allowed in Shared or Private sections. You can have the same collection in
the Shared section as you do in a Private section, but not two collections
by the same name in one section.
After deleting a system, the product name
or web agent criteria are not removed.
Solution: After a product name or Web agent
is discovered, that search criteria remains in the database until the database
is reinstalled, which enables you to search on criteria that was present once
and might be present again in the future (for example, base tasks on a collection
with these criteria, and set it to run when new systems or events meet the
search criteria).
Machine names that have spaces within their
name are truncated at the space character in a collection.
Solution: When HP SIM writes a discovered
system to the SQL database, SQL truncates the name if a space occurs in the
machine name. Rename the system without a space.
When trying to sort a collection, it sometimes
requires multiple clicks for the column to sort.
Solution: Quick mouse movements inhibit the
applet from reading mouse clicks. Hold the mouse absolutely still while clicking
the column to sort.
When sorting a search by IP address, the
addresses are not listed in numerical order.
Solution: The IP addresses are listed in numerical
order, which implies an order like 122.22.22.15, 122.22.22.152, 122.22.22.155,
122.22.22.17, 122.22.22.171, 122.22.22.18. HP is investigating the possibility
of providing a fix in a later release
Custom Command
My custom command fails with the following
error:
C:\Program Files\OpenSSH\bin\switch.exe:
*** cańt create title mutex ´Global\cy gwin1S3-2003-11-04 16:46.title_mutex.0´,
Win32 error 0
Solution: The user who is trying to run the
custom command is not in the Administrators group. Add the user to the Administrators
group.
I cannot find custom commands that I have
created.
Solution: New custom tools are added to the
All Tools toolbox. You might not have authorization to use that toolbox.
To view the tool under Tools Custom Commands, add the tool to your authorized toolbox which is
present under Command Line Tools. Refer to Toolboxes - Editing Toolboxes for
more information.
Database
When trying to reinstall HP SIM on a Windows
system from which I previously uninstalled HP SIM, I receive Unable
to Create Database. I receive this error during the database
creation process.
Solution: This problem is a result of not
deleting or renaming the HP SIM database files from MSDE or Microsoft SQL
Server after uninstalling HP SIM. Manually delete or rename the
database files, and then run the HP SIM installation again.
Discovery
A system that has had a new IP address assigned
to it is discovered as a new system in HP SIM instead of having the existing
system in HP SIM updated with the new IP address. The original system shows
a Critical status.
Solution: This issue results when DNS is not
configured on the network. HP SIM tries to use system names from DNS
to match previously discovered systems with new systems of the same name.
Be sure that DNS is configured on the HP SIM server, and ensure that the
DNS server itself is properly configured for the systems in question. Both
forward DNS lookups and reverse lookups must resolve to the same system. On
Windows, nslookup <address or name> can be used
to help diagnose the problem.
There is a mismatch between the system table
view and the picture view.
Solution: Delete all the systems that are
in the affected rack, which includes all the servers, iLOs, enclosures, and
switches in that rack, and run discovery on those deleted systems.
After upgrading from HP SIM 4.1 to HP SIM 4.2,
my ProLiant BL40p server blade to enclosure associations are displayed as
"server in iLO" instead of "server in Enclosure."
Solution: Delete the affected server blades
from the database and run discovery again. The server blade to enclosure association
will now be displayed correctly.
After running discovery, I noticed that a
system was discovered but not identified as a WMI/WBEM device. Why wasn't
this system discovered properly?
Solution: A system might not be discovered properly for several possible reasons, including: The user credentials were incorrect. The provider encounters a problem responding to the WBEM
requests. The system names can only contain alphabet (A-Z), digits
(0-9), minus sign (-), and period (.). However, the system name cannot start
with a digit, and the last character must not be a minus sign (-) or period
(.). On HP-UX or Linux CMS's, no WMIMapper was specified. Therefore,
no Windows systems can be identified as WBEM enabled systems. There is no provider installed on the target HP-UX or Linux
system.
I am trying to delete an HP-UX system, but
I receive an error message stating that I cannot delete an HP-UX system that
includes a management processor.
Solution: Currently, HP Systems Insight Manager
cannot make an association of management processor to server if the system
is based on PA-RISC.
Event/SNMP Trap
Why am I not receiving notification when
there is a SNMP Authentication trap received?
Solution: The default setting for Enabling
Trap Handling in SNMP Extensions is Disabled (Not Processed) because typically, a system can be set up with an incorrect community
string or an incorrect community string is set in HP SIM. This error results in
an Authentication Failure trap to be sent to the management server each time
a request is made to the system, which results in many traps being logged.
To change this setting to Processed (Enabled), complete the following steps: Open HP SIM (http://machinename:280). Sign in as a user with full-configuration-rights. Select Options Events SNMP
Trap Settings. In the Mib Name field, select rfc1215.mib. In the Trap Name field, select authenticationFailure if
it is not already selected. In the Enable Trap Handling field, select Yes. Click [OK].
These steps set the Authentication Failure Trap to
be processed, and you are notified of all failures.
After creating a trap forwarding task, specifying
several destination servers, and then running the task, only one destination
server receives all of the traps.
Solution: Verify that the server sending the
traps is also discovered in HP Systems Insight Manager. If it is not, discover
the system and then run the task again. All destination servers should receive
traps. This problem can happen on a Windows, HP-UX, or Linux server.
Firmware Upgrade
When upgrading my switch firmware, I receive
the following error in the log file when I click the succeeded link
in the Task Results page:
Processed command line: /v 1.1.1 /s /l c:\hpsim_switchfw_logs\
587_11a.wbem.com.log /c /i 170.50.2.3 /f /a swfwupgrade.ini
Usage: swfwupdate [/c SNMPcommunityString
[/i IPaddr [- IPaddr] ... ]]
[/v FWversion | /b BootVersion] [/m 1 | 2]
[/t TFTPport] [/d] [/l logfile]
[/x IPaddr [IPaddr...]] [/s[ilent]] [/f[orce]]
The /s option requires that /i, /c, and /v also
be specified and implies /f.
The /s option deletes all database entries
prior to discovery.
|
Solution: Verify that the SNMP write community
string is set properly for the switch on the Global Protocol Settings page.
Generic
The keyboard does not always respond the
way I expect.
Solution: If you are used to the Windows operating
system, you anticipate the behavior of certain keys, such as the Tab, Enter,
or Alt keys. However, in Java applets and Web applications
in general, the Windows style is not necessarily used. Therefore, you might
need to use the mouse to return focus to a specific page. For example, if
you enter an invalid entry for a system IP address or time, the Criteria or
Schedule page is refocused, but the keyboard access might not be restored
on the last entry field. This situation typically happens after several attempts. To
return the focus, use the mouse to click the page you want to use.
User names are not listed in alphabetical
order.
Solution: User names are grouped by authorization
level (full-configuration-rights, limited-configuration-rights,
and none). Within the groupings, the users are listed in the order they were
created.
HP SIM
I receive a message regarding memory address
violation when I close the browser.
Solution: You might need to reinstall the
SNMP Agent after installing Windows NT 4.0 SP3. If you install Windows NT
4.0 SP4, you must install the SNMP hot fix. The SNMP service has a memory
leak and consumes your system resources if you do not install the SNMP hot
fix.
After creating a user with full-configuration-rights,
the user name is shown in the user list generated from the SQL Analyzer. However,
after editing the UserID file, exiting HP SIM, and restarting HP SIM, the
user is not listed when selecting Options Security Users and Authorizations Users, although the user name is listed in the database.
Solution: Any attempt to manually modify the
UserID file or any user information hash file causes the user account to
be removed from HP SIM. Therefore, the user can no longer access HP SIM.
Database connection is lost while using the
MIB installer tool, command line MIB Manager, or command line System Type Manager,
but the tools indicate successful completion.
Solution: If you lose accessibility to the
database when running these command line tools outside HP SIM, you can potentially
corrupt the operation you were performing, and predictable results and recovery
are not guaranteed.
The Home and Sign
Out links are missing in the banner area.
Solution: Click the Refresh button
at the top of the browser window.
I receive JavaScript errors when the banner
attempts to refresh.
I am receiving an HTTP 404 error when launching
the Partition Manager through HP SIM.
Solution: If you have reconfigured the secure
port for HP SIM, the port must be modified in the /var/opt/mx/tools/parmgr-web-tools.xml file.
To do this: Edit /var/opt/mx/tools/parmgr-web-tools.xml. Modify the port from 50000 to whatever you have configured the
secure port to be. Run /opt/bin/mxtool -m -f /var/opt/mx/tools/parmgr-web-tools.xml from
the command line.
The HP SIM service fails to start on a
Windows-based operating system. Failures are shown in the NT application log
but do not state an explicit error.
Solution: Search the root directory for a
folder or file named Program. If this file exists, delete
it. If this folder exists, rename it or delete it if the folder is empty.
After signing into HP SIM, no systems,
events, or tools are displayed in the console. In some cases, HP SIM might
not start correctly or display the Sign In page.
Solution: To resolve this issue, run the
database integrity check command (mxconfigrepo) from the CLI to verify that
dependent items in HP SIM are properly defined in the database.
mxconfigrepo -c
If errors are reported after running this command: Stop the HP SIM service. From the CLI, run mxconfigrepo -f.
Caution: If the HP SIM dependent
items are not properly defined, running this command (mxconfigrepo
-f) deletes errant records, which can cause minimal data loss. Start the HP SIM service.
If no errors or reported, call the HP support center.
HP SIM will not start.
Solution: Set the SNMP Trap Service to Manual instead
of Disabled. In Windows, select Start Control Panel Administrative Tools Services SNMP Trap Services. Under the General tab, change Startup
type to Manual. Click [OK].
HTTP Event
After creating a new HTTP category, it is
not listed in the criteria box on the Advanced Search page
when searching for new event types.
Solution: To search for new event types generated
by HTTP events, select events by Event Catgory Selection, and then select the
event type from the and type is list.
Identification
After running discovery and Identification,
the serial number is missing for ProLiant BL p-Class and e-Class switches
on the System Page Identity tab and in the Data Collection report.
Solution: To obtain the serial number for
these switches requires support in the firmware of the switches. At this
time, this firmware is not available. However, this support is being planned
in future versions of the ProLiant BL p-Class switches. There currently is
no firmware upgrades being planned for existing switches.
Integrated Lights-Out (iLO)
How do I associate an iLO with a server?
Solution: To associate an iLO with a server, The
Level of Data Returned must be set to Enabled> on
the iLO itself. Refer to License Manager - System License Information Reporting for more information.
Internet Explorer
Hot keys or other keys, such as Tab and Enter, might
not work as expected in the browser.
Solution: Use the mouse to ensure expected
results.
During the installation, the system reboots,
and then the installation launches the browser. Internet Explorer displays
a message saying that it could not establish a connection with the local host.
The browser is being launched before the service has had time to start.
Solution: Try to access the URL again by placing
the cursor in the URL field and pressing the Enter key.
Keep trying until the application loads in the browser.
Sometimes the browser [Back] button
does not take me back to a previous window.
Solution: In Internet Explorer, when the framesets
are changed, the browser history is lost. Navigate back through the HP SIM header
that is present at all times.
Clicking the browser [Back] button
while viewing a collection returns me to the appropriate system or event overview
page.
Solution: This functionality is correct. The
browser history is not being updated because of frameset updates. Click the
system or event collection to navigate back to the table view page.
I cannot drill down on a collection or an agent link on the System Page.
Solution: When two browsers are open on the
same system and they are each pointed to a different HP SIM Management server,
unexpected results can occur. Some inconsistencies include not being able
to open a collection or not being able to drill down on an agent (for example,
Configuration History Reports (Survey Utility).
I cannot access HP SIM on the local system
at http://localhost:280/.
Solution 1: Verify proxy server configuration
in Internet Explorer. An invalid proxy server address prevents Internet Explorer
from browsing to any addresses, including the local system.
Solution 2: Some systems might not be able
to resolve the name localhost. If this is the case,
use http://127.0.0.1:280/ or http://machine_name:280,
where machine_name is the system on which HP SIM is
installed.
When the All Systems window
sits idle for an extended period and I launch a new browser window, the All
Systems window turns white and Internet Explorer hangs. I am forced
to end the task. How can I avoid hanging up in Internet Explorer?
Solution: Avoid leaving Internet Explorer
open for extended periods with the All Systems collection
displayed. Sign out of HP SIM before leaving your monitor to prevent this situation and for security reasons.
I am experiencing unexpected or odd behavior
while browsing HP SIM using Internet Explorer.
Solution: This behavior can be caused by a third-party
browser extension. Disable these extensions to verify that it alleviates the
problem. In the Internet Explorer menu, select Tools Internet Options Advanced, disable Enable third-party browser extensions,
and restart all running copies of Internet Explorer.
Installation
I cannot load HP SIM on Windows NT
3.51 or Windows NT 4.0.
Solution: Windows NT 3.51 and Windows NT 4.0
are not supported platforms.
I receive the error Database
Connection Error during the Java-based database installation
portion of HP SIM installation.
Solution: Verify that the target Microsoft
SQL Server service (MSSQL) is running (select Control
Panel Services MSSQLSERVER).
Global Unique Identifiers are the same for
all systems when using Disk Imaging software on servers.
Solution 1: If the disk image has not been
taken, perform the following: Uninstall all Insight Management Agents from one of the systems. Use the Disk Imaging software to copy the configuration from the
system without the Insight Management Agent installed. Use the disk image from step 2 to copy to the target systems. Reinstall the HP Insight Management Agents on all the systems.
Solution 2: If the disk image has already
been deployed, perform the following to remove the image from each target
system. The following information is divided by network operating systems. The Globally Unique Identifier information is stored in a 16-byte file
on the sys:\system subdirectory of the NetWare server.
This file is created and populated with the Globally Unique Identifier when HP SIM performs
an SNMP SET command to the NetWare server. To remove the permanence of the Globally Unique Identifier, delete the
file \system\cpqbssa.cfg in the NetWare SYS volume. After the file is deleted, restart the Insight Management Agent and a new Globally Unique
Identifier is assigned by HP SIM when the system is discovered. The Management Agents create the Globally Unique Identifier information
in an entry in the Windows NT registry. To remove permanence of the Globally Unique Identifier, remove the entry: HKEY_LOCAL_MACHINE\SOFTWARE\Compaq Insight Agent\hostGUID After the entry is removed, restart the Insight Management Agent services. A new Globally
Unique Identifier is automatically generated. The Globally Unique Identifier information is stored in a file that
is created and populated with the Globally Unique Identifier when HP SIM performs
an SNMP SET command to the UnixWare server. To remove the permanence of the Globally Unique Identifier, delete the
following file from the UnixWare system.
/var/spool/Compaq/foundation/registry/cpqhoguid.dat
After this file has been deleted, restart the Management Agents. A new Globally Unique Identifier is assigned by HP SIM when the system is
discovered.
When installing HP SIM on a Linux or HP-UX
system with long host names, the installation fails.
Solution: HP SIM 4.2 supports discovery and
management of systems with long host names on Linux and HP-UX (up to 256 characters)
but does not yet support being installed on systems with long host names.
On a Windows XP SP2 machine, I receive an
error message and the installation does not complete.
Solution: If Simple File Sharing
is enabled, it must be disabled. Go to Start My Computer Tools Folder Options View. Scroll to the bottom of the list of advanced settings, and deselect Use
Simple File Sharing (Recommended). Click [OK].
On an HP-UX system, the mxinitconfig
-a command fails at step 8, and the following error appears in the /var/opt/mx/logs/initconfig.logfile: ...8. Database Configuration Connecting to database...- Failed HP Systems
Insight Manager shutting down: Lost connection to database. org.postgresql.util.PSQLException:
Connection refused.Check that the host name and port are correct and that the
postmaster is accepting TCP/IP connections. for db loaded from database.props
Solution: Try the following solutions: Ensure that the semmni and semmns kernel
parameters are set to the minimum values (1024 for semmni and
2048 for semmns.) The subdirectory /var/opt/iexpress/postgresql exists
because the PostgreSQL product is not installed or was installed and uninstalled
incorrectly. Uninstall PostgreSQL if it is installed, delete the /var/opt/iexpress/postgresql directory,
and then reinstall PostgreSQL.
IP Address
When systems change IP addresses on the
network, the information in the database becomes unreliable. For example,
the system name comes from one system, and the description comes from the
new system that took that address.
Solution: After systems have been discovered,
they can never be "un-discovered." Systems that are no longer reachable must
be deleted through a collection (signed in with full-configuration-rights).
Systems that HP SIM can no longer communicate with change to Critical status. Systems
can be deleted by selecting systems in the collection and clicking [Delete].
OpenSSH
After installing OpenSSH on a managed system,
I cannot find the .ssh directory.
Solution: The .ssh directory
is not created by the SSH installer. Run mxagentconfig on the CMS, and
enter the target system name (such as, hpsystem)
and credentials.
I am receiving errors when running OpenSSH,
such as %1 is not a valid Win32 application.
Solution: Search the root directory for a
folder or file named Program. If this file exists, delete
it. If this folder exists, rename it or delete it if the folder is empty.
Operating System
When the operating system changes on a system
and system discovery restarts, HP SIM still discovers an instance of the
system running the old operating system with no items in the system links
section. HP SIM also discovers the system with the new operating system and
with the correct system links.
Solution: After systems have been discovered,
they can never be "un-discovered." Systems that are no longer active (the
management server can communicate with the system) change to Critical status
and can be deleted.
My Evo Workstation 6000 system does not
show the correct operating system when it is running Windows XP.
Solution: The root problem is that the SNMP
Agent does not correctly recognize this version of Windows. Stop the SNMP
service, set it to a manual startup, and run Data Collection from HP SIM again to
get the correct information.
Paging Notification
On an upgraded version of HP SIM, which
has a paging user upgrade, I am receiving an error, indicating that the user
does not exist!, but I can see the user on the Users page.
Why do I get this message?
Solution: A user with full-configuration-rights
must delete the existing paging user and create a new paging user with the
same details as the original paging user. To resolve: Select Options Security Users and Authorizations Users. Find the paging user in the Pager Configured column. Yes appears
if the user is a paging user. Select the user account to delete. Click [New]. Create a new paging user account. Click [OK].
Ping
I am not able to ping discovered systems.
Solution: If you manage more than 1,000 systems
in HP SIM, tune the kernel parameters by adding the following entries to the /etc/sysctl.conf file:
net.ipv4.neigh.default.gc_thresh3 = 4096
net.ipv6.neigh.default.gc_thresh3 = 4096
After adding the entries, reboot the system.
Printing
When printing a container view page that
includes a Rack Display, the display does not print correctly.
Solution: In Internet Explorer, select Tools Internet Options,
then select the Advanced tab. Select Printing Print background colors and images. The system
Details page should now print the Rack Display correctly, showing all details
of the rack.
When trying to print In Internet Explorer,
I am receiving a message, stating that my printer is not configured. In Mozilla,
the print dialog box appears to print to a file.
Solution: The printer must be installed before
trying to print in both Internet Explorer and Mozilla.
When printing lists or reports in HP SIM,
selecting Landscape as the paper orientation is not changing
the printout to landscape.
Solution: From Control
Panel Printers, set the orientation
to Landscape.
Property Pages
I receive the following error message on
the Property pages:
Error: Cannot connect
to target system using WBEM. Check WBEM protocol settings for this system
under Options Protocol Settings Global
Protocol Settings.
Solution: The target system has been identified
as WBEM enabled, but the credentials are failing for the target system. Verify
the credentials, and identify the target system again.
I receive the following error message on
the Property pages:
Unknown WBEM error.
Solution: An unanticipated WBEM error has
occurred. Contact HP Support.
I receive the following error message on
the Property pages:
Communication has been
lost. Close the window and relaunch Properties for this system.
Solution: The Property pages
are subject to the Web server default tim-out (20 minutes). If the Property pages
time out, this message appears. Close the window, and relaunch the Property pages
against the target system.
I receive the following error message on
the Property pages:
Property pages are
unavailable because this system acts as a WBEM storage proxy.
Solution: The target system contains a WBEM
installation (CIMOM) that is a storage proxy CIMOM. There is not a WBEM CIMOM
that models the target system. Therefore, the Property pages
do not have an agent that collects system-specific information. Install a server
WBEM CIMOM to enable WBEM manageability for the target system.
Protocol
When adding a client to the CMS, the WBEM
protocol is not displayed under management protocols, and none of the WBEM
properties are listed on the System Page for the client.
Solution: The password might be incorrect
on the System Protocol Settings page (Options Protocol Settings Global Protocol Settings).
I receive the error message <<<CANNOT
BE BLANK, and the [Schedule] and [Run
Now] buttons are disabled.
Solution: If a field is left blank on the System
Protocol Settings page, this message appears. Fill in the blank
fields, and the buttons will be enabled.
Replicate Agent Settings
When running a Replicate Agent Settings task
with the Wake target systems from low power mode before configuring option selected,
I receive the following error on the Task Results page in the Task Details
section: Failed to power up system.
Solution:
Release and renew the IP address of the system. In Internet Explorer, click Start Settings Network and Dial-up Connections. Double-click Local Area Connection Status.
The Local Area Connection Status window appears. Click Properties. The Local
Area Connection Properties window appears. Select Internet Protocol (TCP/IP), and
click [Properties]. The Internet Protocol (TCP/IP)
Properties window appears. Update the IP address accordingly.
Delete the system from the database, and rediscover the system.
Refer to Discovery and Identification - Configuring Automatic Discovery for more information on running discovery. Run the Replicate Agents Settings task. Refer to Replicate Agent Settings - Creating a Replicate Agent Settings Task for more information.
When running a Replicate Agent Settings task, I receive the
following error on the Task Results page in the Task Details section: No
is not true: Wrong compaq.cimom.supported.
Solution: This message indicates that the
system does not have any Web Agent that supports being configured by way of Replicate Agent Settings.
It is possible that the Replicate Agent Settings, such as System Management Homepage, were not running during discovery
or were not installed on the target system. Verify that there is a System Management Homepage link
on the system page in HP SIM. If there is no System Management Homepage link, try to deploy one
by using the Initial ProLiant Support Pack installation.
Response
It takes five minutes or more to load when
https:// is entered in the URL address.
Solution: The URL address should be entered
http://, without the "s." When https:// is entered in the URL, an SSL message
is sent to the server, causing delay.
When browsing to the Web Agents or to System
Management Homepage on a remote system from HP SIM, the browser displays Page
Note Found.
Solution: There are several possible solutions: It might be that the Web Agents or the System Management
Homepage is no longer running on the remote system. They must be started
to be accessible. It might be that the remote system is not reachable from
your browser. If the HP SIM server is managing systems on two networks and
your browser client is only on one network and the remote system is on the
other network, then it will be unreachable. It might be that the address of the target system is
not correctly resolving to the proper IP address. There might be a problem
in the DNS configuration of your network. If so, and it is beyond your realm
of control, you can alleviate the problem by adding the remote system name
and its real IP address to the hosts file on the HP SIM server, the browser
system, or both. Another solution is to modify the Options Security System Link Configuration settings in HP SIM, and select Use the system IP
address.
Search
When searching for systems on which the operating
system is the single version of HP-UX 11.11, two criteria are displayed in
the operating system collection. If I select HP/HP-UX 11.11,
the CMS appears. If I select HP-UX/HP-UX B.11.11 U,
all of the HP-UX systems are displayed except the CMS.
Solution: Instead of selecting is in
the comparison selection box, select contains, and
then enter HP-UX 11.11.
Security
Executing a tool on a managed system results
in the error: Authentication failure: The central management server (CMS) and
managed system time clocks might not be synchronized, or a communication
time limit might have been exceeded.
Solution: The CMS and managed systems must
be time-synchronized to prevent authentication failures. The communication
time limit is 20 minutes, and exceeding this limit causes authentication failures.
Use the command xntpd(1m) to configure the time synchronization.
I am unable to Single Login or set the trust
status to Linux agents.
Solution: To resolve this issue,
configure the System Link Configuration setting to IP address or full DNS
name. To configure the System Link Configuration setting: From the HP SIM CMS, select Options Security System Link Configuration. The System Link Configuration page appears. Select one of the following options:
Use the system IP address to
specify IP address
Use the system's full DNS name to
specify full DNS name
Click [OK]. Your setting is saved.
Serviceguard Manager
When upgrading from SCM 3.0 with Serviceguard
Manager installed to HP SIM 4.1, Serviceguard Manager no longer runs.
Solution: When HP SIM is upgraded, some of
the files that Serviceguard Manager installs are replaced so that it
appears that Serviceguard Manager is not installed. Reinstall Serviceguard
Manager.
When I launch Serviceguard Manager, I am asked to download a jnlp file. The following scenarios
might appear when installing Serviceguard Manager.
Scenario 1: Java Web start not installed.
Solution: Download and Install Java Web start.
Scenario 2: Java Web start is installed,
but you are still being asked to download the .jnlp file.
Refer to one of the operating systems in the following list for the solution.
Windows 2003 IE Browser Solution:
Download the .jnlp file. Right-click the .jnlp file. Select [Open with…and Choose Program].
Click [Browse]. Navigate to and open C:\Program Files\Java Web Start\javaws.exe. Select [Always use this program to open these files].
Click [OK].
Linux Mozilla Browser Solution:
Click [Launch Serviceguard Manager]. Select [Open with…and Choose Program].
Click [Choose]. Navigate to /usr/java/j2re1.4.2/javaws/javaws . Select [Always perform this action]. Click [OK].
HP-UX Mozilla Browser Solution:: Click [Launch Serviceguard Manager]. Select [Open with…and Choose Program].
Click [Choose]. Navigate to/opt/java1.4/jre/javaws/javaws.
Select [Always perform this action]. Click [OK].
I received an HTTP 404 error when I tried
to launch Serviceguard Manager.
Solution: After installing HP SIM, Serviceguard
Manager must be installed on the CMS platform (Windows, Linux, HP-UX).
At this time, SGM is registered with HP SIM. If, at a later time, you uninstall
Serviceguard Manager, you will receive an HTTP 404 error if you try to launch
it. Because the Serviceguard Manager uninstall application deletes the directory sgmgr under
the HP SIM webapps directory, which is located at /opt/hpwebadmin/webapps on HP-UX and Linux and at \Program Files\HP\Systems Insight Manager\hpwebadmin\webapps on Windows.
To avoid the HTTP 404 error in the future, remove the tool from HP SIM using
the following command:
mxtool -r -f sgmw-web-tools.xml
If Serviceguard Manager is reinstalled in the future, add the tool
to HP SIM again, using the following command:
mxtool -a -f sgmw-web-tools.xml
Sign In
I cannot sign in to HP SIM on Windows
XP using a blank password.
Solution 1: Use a non-blank password, which
provides better security. Have an administrator reconfigure the Windows User
Accounts to specify a non-blank password.
Solution 2: If you must use a blank password,
disable the following Security Policy on the Windows
XP machine: Accounts: Limit local account use of blank passwords
to console login only. On a Windows system, to limit local account use of blank passwords to
console sign in only, complete the following procedure: Open Local Security Settings MMC Application by selecting Programs Administrative Tools Local
Security Policy. Open the Local Security Policies folder,
and then open the Security Options subfolder. Disable the policy.
I cannot to sign in to HP SIM on Windows
XP.
Solution: If using a blank password, refer
to the preceding problem. Otherwise, change the following Local Security Policy
on the Windows XP machine: Network Access: Sharing and security
model for local accounts from Guest Only to Classic. To change the setting: Open Local Security Settings MMC Application by selecting Programs Administrative Tools Local
Security Policy. Open the Local Security Policies folder,
and then open the Security Options subfolder. Change the setting from Guest Only to Classic.
If Guest Only is the preferred policy setting, perform the preceding
steps, sign in to HP SIM, and then add domain accounts (not local accounts)
or the local Guest account as accounts to HP SIM. Restore the local policy
setting back to Classic when done.
Single Login fails on cluster systems.
Solution: Single Login does not work on a
virtual cluster system. It works on the physical systems that comprise the
cluster.
By using a proxy server, you might inadvertently
or intentionally bypass IP address login restrictions configured for the user.
Solution: A proxy server can be used to bypass
specific IP exclusions, if the proxy server IP address is not included in
the IP exclusion ranges on the Login IP Address Restrictions page.
Likewise, the possibility that a valid proxy server is included in the IP
exclusion ranges would prevent a valid user from signing in through that particular
proxy server. Ensure valid proxy servers are within a valid Inclusion ranges, and
make the Inclusion ranges as small as possible. Using IP inclusion ranges
is more effective than using IP exclusion ranges because Inclusion ranges
exclude all addresses not specified in the IP inclusion range.
I cannot sign in to HP SIM or to managed
systems browsing from HP SIM using Internet Explorer 6.0.
Reason 1: Internet Explorer has a problem
with underscores in system names, which prevents the authentication cookie
from working properly.
Solution 1A: For HP SIM, if you are using
Internet Explorer 6.0 and your HP SIM server has an underscore in the name,
use the IP address of the HP SIM server instead of the name in the Internet
Explorer address field.
Solution 1B: For managed systems, if the names
of the systems have an underscore, use the IP address of the system. Configure HP SIM to
create links to the system using the IP address instead of the name: Browse and sign in to HP SIM. Select Options Security System Link Configuration. The System
Link Configuration page appears Select Use the system IP address. Click [OK].
Note: By using IP addresses instead
of names, you might encounter security alerts, if the name in the managed
system certificate does not match the name in the link. The default certificate
for managed systems uses the system name, not the IP address.
Reason 2: For managed systems, the privacy
policy setting in Internet Explorer 6.0 is blocking the authentication cookies
from the managed systems.
Solution 2A: Change the browser privacy security
policy setting. From the Internet Explorer browser menu, select Tools Internet Options, and select the Privacy tab.
The privacy setting can be modified in one of the following ways: Set the privacy setting to Accept all Cookies by
sliding the slider bar to the bottom. This setting allows a browser to accept
all cookies for both first-party and third-party sites. When browsing to HP SIM or
directly to a managed system, it is considered a first-party site. When navigating
to a managed system through HP SIM, the system is considered a third-party
site.
Customize the handling of cookies by clicking Advanced and
enabling Override automatic cookie handling. Then select
the appropriate radio buttons for first-party and third-party cookies to Accept or Prompt.
If you select Prompt, the browser prompts you on how
to handle a cookie each time a cookie is received. You can choose to block
or allow the cookie each time or for every time. Enabling Always
allow session cookies does not resolve the problem because the
Web Agents do not use session cookies.
Individually specify the handling of cookies for each system.
Click [Edit] in the websites section
and add the address of the system in the specified field. Click [Allow] to
always allow cookies to that system. Repeat this for all systems.
Solution 2B: Remove the systems from the Internet
Zone. The privacy policy only affects systems in the browser Internet Zone,
so by removing systems from that zone, you prevent the privacy policy from
affecting those systems. This configuration can be accomplished in one of the following
ways: Browsing to systems by IP address instead of by name can cause
the browser to consider those systems to be in the Internet Zone. Instead,
browse by name. You can configure HP SIM to use system names when creating
links to systems by selecting Options Security System Link Configuration and selecting Use
the system name. If your browser is configured to use a proxy server, you can
configure your browser to bypass the proxy server for specific systems, which
removes those systems from the browser Internet Zone.
From the browser menu, select Tools Internet Options, and select the Connections tab. Click LAN
Settings, and if you are configured to use a proxy server, click Advanced.
In the Exceptions list, you can specify a list of addresses
that should bypass the proxy server. These addresses are no longer in the Internet
Zone and are not affected by the privacy settings policy.
Selecting a link that opens a new browser
window requires another sign in.
Solution: If you are browsing using the Internet
Explorer link from within Windows Explorer, you must instead start Internet
Explorer as a separate process. Start Internet Explorer by selecting it from
the Windows Start menu or using the desktop icon.
I cannot sign in to the HP SIM server from
Windows NT, Windows 2000, or Windows XP.
Solution: The Windows accounts used to access HP SIM must
have the access this computer from the network right
selected. In Windows NT 4, open the User Manager by selecting Start Programs Administrative Tools. In the Policies menu, select User
Rights. In the Rights dropdown list, select access
this computer from network, and ensure the HP SIM users are
granted full-configuration-rights. In Windows 2000 and Windows XP, open the Local Security Policy by selecting Start Programs Administrative
Tools. Expand the Local Policies tree, and select User
Rights Assignment. Ensure the HP SIM users have the access
this computer from the network right and that they do not have
the Deny access to this computer from the network right
selected.
I am receiving the exception org.apache.jasper.JasperException
while signing in to HP SIM.
Solution: Delete all the files in the work directory,
and sign in again. On HP-UX and Linux: /opt/mx/jboss/server/hpsim/work
On Windows: \jboss\server\hpsim\work
I am being asked for my signin credentials
when accessing a trusted system.
Solution: Verify that you have a valid trust
relationship set up between HP SIM and the managed system. Also, verify that
you are authorized for an appropriate tool on the desired system. Tools that
enable Single Login to managed systems include System Management Homepage
as Administrator, System Management Homepage as Operator, System Management
Homepage as User, Replicate Agent Settings, and Install Software and Firmware.
Refer to Trusted Certificates - Setting Up Trust Relationships for more information on setting up trust relationships.
After installing the Microsoft MS04-025:
Cumulative Security Update for Internet Explorer (867801), I can no longer
access HP SIM and System Management Homepage.
Solution: This issue affects any system running
Windows XP Service Pack 2 and any version of HP SIM and System Management Homepage or any system
running Windows XP Service Pack 2 and browsing to HP SIM running on any supported
operating system. To resolve: Configure Windows XP Service Pack 2 firewall to allow access
to System Management Homepage. On the Windows XP system, select Start Control Panel Windows Firewall to configure the firewall settings. Select the Exceptions tab, and click [Add
Port]. Add the following exceptions to the firewall protection. Enter
the product name and the port number for each. * If the system is not being managed from HP SIM, only ports 2301
and 2381 should be configured to enable browser access to System Management Homepage. ** Usage is configurable in HP SIM. *** This setting is under the Advanced tab of the Windows
Firewall window. Select ICMP Setting allow
incoming echo request.
In the Add a Port window, click [OK]. In the Windows Firewall window, click [OK].
This configuration leaves the Windows XP Service Pack 2 security enhancements
intact and allows traffic over the ports listed in the previous table.
Note: HP SIM discovers Web
servers on other ports Enable file and print sharing and Remote Administration Exception. Enable file and print sharing: Select Start Control
Panel. Click Windows Firewall to configure the firewall
settings. Select the Exceptions tab. Select the File and Print sharing checkbox. Click [OK].
Enable Remote Administration Exception: In the Control Panel, open the Group
Policy editor. Select Computer Configuration. Select Administrative Templates. Select Network. Select Network Connections. Select Windows Firewall. Select Domain profile. Select Enable the Windows Firewall: Allow Remote Administration
Exception.
Configure Windows XP Service Pack 2 to allow access to HP SIMon the system running Windows XP Service Pack 2 and HP SIM. On the Windows XP system, select Start Control Panel Windows Firewall to configure the firewall settings. Select the Exceptions tab, and click [Add
Port]. Add the following exceptions to the firewall protection. Enter
the product name and the port number for each. * Configurable in HP SIM ** Configurable in the SIM/jboss/server/hpim/conf/jboss-service.xml descriptor In the Add a Port window, click [OK]. In the Windows Firewall window, click [OK].
This configuration leaves the Windows XP Service Pack 2 security enhancements
intact and allows traffic over the ports listed in the table.
After installing HP SIM, I changed the Windows
administrator password and can no longer sign in to HP SIM.
Solution: If you have SQL Server installed
locally, verify that it is running. If it is not running verify the logon credentials.
The service login credentials could have changed. The HP SIM service is registered to run under
the credentials used during installation. To resolve this issue: Change the MSSQL service password: In Windows, open Services (Control
Panel Services). Locate the MSSQL service and select Properties.
Select the Logon tab, and change the password.
Restart the MSSQL service.
Change the HP SIM service password: In Windows, open Services (Control
Panel Services). Locate the HP SIM service, and select Properties.
Select the Logon tab, and change the password. Restart the HP SIM service.
If you are using OpenSSH on Windows Server 2000 or 2003, change
the OpenSSH Server service password: In Windows, open Services (Control
Panel Services). Locate the OpenSSH Server service, and select Properties. Select the Logon tab, and change the password. Restart the HP SIM service.
Signing in from a dial-up connection takes a
long time.
Solution: Your connection depends on many
factors that are beyond your control. You might have a slow modem, the server
you are connecting to might not be operating at peak efficiency, or you might
have a bad phone line.
I cannot sign in to HP SIM.
Solution: This condition can result from any
of the following reasons: If the IP Address Restriction field (on
the New User Group, Edit User, New
User, or the Edit User Group pages) is configured,
ensure that is includes all IP addresses of the CMS. If browsing to localhost ensure
that the loopback address 127.0.0.1 is also included. You are not entering the information correctly. Passwords
are case-sensitive. The account you are entering is not a valid account for HP SIM. The account you are entering has been deleted, disabled, or
locked out. The password for the account must be changed. You are attempting to sign in from an IP address that is not
valid for the specified account. You do not have cookies enabled in your browser or you are
using a cookie blocker.
I cannot sign in to my Windows HP SIM.
Solution: If you are attempting to sign in
with a Windows user account created on the CMS (as opposed to a domain
account) and the CMS host name is longer than 15 characters, then you must
enter the first 15 characters of the CMS name in the domain field to sign
in. For example, if your Windows CMS is named "SIMwin2003withsp2" and
you have a local account "bob," then sign in with username = "bob" and domain
= "SIMwin2003withs." Any new local user account created cannot sign in, unless
they were created using only the first 15 characters of the system name entered
in domain name field and signed in using the same.
SNMP Agent
How do I enable or disable the Restart Agents
option that is available for the SNMP Agents when using the HP SIM Replicate
Agent Settings Task?
Solution: The option must be changed from
inside the HP SIM Replicate Agent Settings Task. Select Configure Replicate Agent Settings. Select a target system, and click [Next].
Refer to Managing with Tasks - Creating a Task for
more information on selecting the target system. Select the configure link related to system. On the Insight Management Agent page, under
the Restart Agents option, select the Enable or Disable radio button. Click [Apply], and close the SNMP
Configuration page. Return to HP SIM, and click [Refresh]. The updated configuration appears in the Replicate Agent Settings Task Complete the Replicate Agent Settings Task setup by clicking [Next],
defining a task name, selecting a collection, and defining a schedule for
the task. Click [Save] to complete the setup and return
to the Tasks Results page.
Software Status
The SW Status column
displays Unknown. How do I determine why the status is Unknown?
Solution: There are several reasons why the SW Status
displays Unknown. To assist in determining why a status is unknown, position
the cursor over the SW Status column that displays Unknown.
A tool tip appears and displays a hint indicating what is unknown. Any of
the following can display: HP Version Control Repository Manager not found Software Status Polling task not run on system
If the status cannot be determined, then the tool tip displays Click
for Details.
Storage System
Sections of a storage system's Identity tab
are missing or say No data available.
Solution: Data has not been collected, or
the data collection task was not successful. Try the following solutions:
One or more storage systems is missing from
the Storage Systems collections in HP SIM.
Solution: There might be a configuration problem
with the SMI
CIMOM or the SMI-S provider. Perform the
following: Verify that HP SIM is configured to discover storage systems.
Refer to Storage Integration Using SMI-S - Configuring HP Systems Insight Manager with Storage Systems for more information. Verify that your SMI-S provider is installed and configured
with SSL enabled. Refer to the HP SIM Installation and User Guide for
more information about obtaining and installing SMI-S providers. Verify that the WBEM SSL port is accessible on the network.
On the CMS, open a command window, and enter telnet providerIPAddress
5989. If the port is accessible, a blank line appears, and no error
such as Connect failed or Connection
refused appears. Press Control-], and
enter quit to disconnect and close Telnet. If the port is unreachable and the SMI-S provider is correctly
installed and configured, verify that there is a firewall between the CMS
and the system hosting the SMI-S provider. If there is a firewall, configure
it to allow traffic through the port the provider is running on (usually 5989).
Switch
After discovering and identifying an HP ProCurve
Switch, the switch management page is not displayed when I click the HP
ProCurve switch link under the System Page, Link tab.
Solution: Change the System Link
Configuration settings for the system. Click Options Security System
Link Configuration. The System Link Configuration page
appears. Select Use the system full DNS name to use
the full system DNS name instead of the system name. Click [OK] to save and apply the changes.
Return to the System Page for the HP ProCurve Switch,
and the link will now open correctly.
System
Systems displaying on the system table view
page with Critical status do not display IP/IPX address and have no system
link.
Solution: HP SIM has assigned this system
address to another node. The following scenarios can
cause this issue to occur: The system is temporarily removed from the network. When it
returns, the system returns to a managed state. This situation can happen when a laptop
computer is removed from the network for an extended period and its previous
address has been reused by DHCP. The system could have changed names. However, this change was not
discovered by HP SIM. HP SIM continues to look for a system by that name.
My SNMP parameters are not saved when I add
a system with a host file. I created a file that did not exist on the network.
For example:
#$IMXE: Type="Server"
#$IMXE: SNMP_RET=4 SNMP_TIM=10 SNMP_MON=HP SNMP_CON=HP
1.1.1.1 myserver
How can I save the SNMP parameters?
Solution: This problem only exists when a
system is not online yet. However, HP recommends the following workaround:
#$IMXE_DEFAULT: Type = Server SNMP_RET=4 SNMP_TIM=10 SNMP_MON=HP
SNMP_CON=HP
1.1.1.1 myserver
When the All Systems window sits idle for
a few minutes and I launch a new browser window, the All Systems window turns
white and Internet Explorer hangs. I am forced to end the task. How can
I avoid hanging up in Internet Explorer?
Solution: For security reasons, always sign out of HP SIM before closing Internet Explorer. Signing out before
closing Internet Explorer resolves this issue.
When I use the command mxnode -r
-f to delete systems, the container systems (for example, clusters,
enclosures, and racks) are not deleted.
Solution: Containers must be deleted
individually.
How do I change a credential for a system
that is currently using the global defaults?
Solution:
Run the mxnodesecurity command to change
or add the credentials. Run mxnode from the CLI to generate
an XML file for a particular system and redirect the output to an external
file:
mxnode -lf nodename >somefilename.xml
where somefilename.xml is the name of the
external file in which the output is directed. The following is an example of a partial mxnode XML file:
<?xml version="1.0" encoding="UTF-8"?>
<node-list>
<node name="abc" guid="..." host-name="abc.mycompany.com">
<hw-attribute name="DeviceType">Workstation</hw-attribute>
<hw-attribute name="DeviceSubType">HP9000</hw-attribute>
<hw-attribute name="Model">9000/785</hw-attribute>
<hw-attribute name="ProcessorFamily">pa-risc</hw-attribute>
<sw-attribute name="OSName">HPUX</sw-attribute>
<sw-attribute name="OSVendor">HP</sw-attribute>
<sw-attribute name="OSRevision">11.00</sw-attribute>
<sw-attribute name="IPAddress">192.1.2.3</sw-attribute>
<sw-attribute name="ProtocolSupport">SNMP:1.0</sw-attribute>
<sw-attribute name="Description">HP-UX phoenix</sw-attribute>
<sw-attribute name="SystemName">abc.mycompany.com</sw-attribute>
<sw-attribute name="DefaultProtoSettings">true</sw-attribute>
<sw-attribute name="DefaultAttributeSettings">true</sw-attribute>
<sw-attribute name="DefaultSystemName">true</sw-attribute>
</node>
</node-list>
|
The last three sw-attribute elements represent
the current default settings (true or false).
Edit the file and change all three values to false, and save the file.
Use the mxnode command to modify
the same system, using the modified XML file as input:
mxnode -m -f somefilename.xml
The system should now use the new settings.
System Page
On the System Page,
when I click the Management Processor link, I receive
an HTTP 1.1 dependency error and there is no status icon for the Management
Processor.
Solution: The iLO and proxy server
(if being used) must be configured to use HTTP 1.1. To configure Internet Explorer to use HTTP 1.1: In Internet Explorer, select Tools Internet Options Advanced. Under HTTP 1.1 Settings, select Use
HTTP 1.1. Click [OK].
To configure Mozilla to use HTTP 1.1: Select Edit Preferences Advanced HTTP Networking. In the Direct Connection Options, select Use
HTTP 1.1 and select Enable Keep-Alive. Click [OK].
If you are communicating to an iLO through a proxy server: In Internet Explorer, select Tools Internet Options Advanced. Under HTTP 1.1 Settings, select Use
HTTP 1.1 through proxy connections. Click [OK].
Links on the System Page that participate
in HTTP communication do not get updated when an agent is stopped.
Solution: When browsing to a particular system
that has a Web Agent (http://machinename:2301),
the first link/GIF on the window (usually Insight Manager Web Agents) is the
proxy agent that sends all HTTP commands. If a Web Agent is stopped that is
not the proxy agent, then the appropriate HTTP command is not sent to HP SIM,
allowing the link to the Web Agent to be updated. To verify that you have
the correct links for a system, execute discovery or the Daily Identification
Task, which verifies all Web Agents running on a particular system.
When drilling down on links on the System
Page, time-outs occur.
Solution: This error often happens when the HP SIM Management
server can see multiple subnets. However, the system that the user is browsing
from cannot. When drilling down on some links (like Management Agents), HP SIM connects
to http://systemIPaddress:2301 with added URL information.
This link connects directly to the agent running on that system. The machine
that the user is browsing from must be able to speak to the system in question
through TCP/IP (for example, be able to ping the system).
When drilling down on a Critical system,
the System Page still displays all links that were present before HP SIM could
not talk to the system.
Solution: This behavior is expected. Links
remain in case the system in question is in a reboot state or some other state
of flux. If the system is actually down, the links time out when connecting
to any agent or Web server.
Task
When creating a task, I cannot use
the Backspace key to delete text in any of the text boxes.
How can I edit my entry?
Solution: When creating a task, use your mouse
to select the text to be corrected, or use the Delete key to delete text from
the text box. Enter the updated information.
When executing a task, the message Unknown
OS appears.
Solution:
If the system that you are trying to execute a task against is
a Windows system, verify that it was rebooted after installation of SSH. A
reboot is required to complete the installation. Enable DMI, WBEM, or SNMP on the system so the type of operating
system can be determined, and then run identification and data collection
to update the HP SIM database. Verify that the commands to determine the operating system are
working. For Windows.
ver
For HP-UX and Linux.
uname
When running the Initial ProLiant Support
Pack Install task, it fails.
Solution: When running the Initial ProLiant
Support Pack Install task on a Windows 2000 or Windows 2003 system, be sure
to enter the domain in the Domain field. If the system
is not part of the domain, enter the target system name instead.
On an HP-UX system, when a full-configuration-rights
user edits a task, changes the owner to a limited-configuration-rights
user, and then views the task, the original owner is still shown as the owner.
If a full-configuration-rights user opens another browser and views the task,
the correct owner appears.
Solution: This is a sporadic error with no
known solution.
After executing the Install Software/Firmware
task on a Windows 2000 Advanced Server system, the status does not update
in the Task Results section. The status continues to report In Progress,
and the Install Software/Firmware task finally times out after two hours.
Solution: The Linux VCA target system cannot
resolve the address of the CMS. Ensure whether the name resolution is configured
properly, and if it is not working, the Linux system that has the VCA installed
must be configured to include the CMS name in the host file. To configure the host file on the Linux system: Edit the host's file in
\etc
directory.
Note: You can use a text editor
or vi to edit this file. Add an entry in the host file:
<ipaddress of server>
<fully qualified DNS name of server>
<name of server>
For example, an HP SIM system with IP address 170.50.1.201,
fully qualified domain name perf760g2.wbem.com, and name perf760g2 displays
the following entry in the host file of the managed node on the Linux VCA
system:
170.50.1.201 perf760g2.wbem.com perf760g2
Save the file.
All automatic event handling tasks fail with
the following error on the Tasks Results page: Send
failed. class Could not connect to SMTP host: ipaddress, port 25;java.net.SocketException:
Software caused connection abort:connect.
Solution: If you have antivirus software installed
and it is configured to block port 25, configure the antivirus software
to unblock port 25 or disable it for the automatic event handling tasks (e-mail)
to run correctly.
Tools
I am receiving the HTTP - 404 error when
trying to launch a tool.
Solution: This error is received when you
try to access any tool that you are not authorized to use.
An mxauthenticationexception is generated
when a tool is run from the GUI or the CLI.
Solution:
Be sure that you have privileges
to run the tool on the system. Refer to HP Systems Insight Manager Technical Reference Guide - Users and Authorizations to verify and grant privileges. Be sure that the SSH daemon is accessible on the target system. From the CMS, attempt to manually install SSH to the system.
There is no need to sign in, but be sure that you can connect. Try to log in as an administrative user to a Windows system and
as root to an HP-UX or Linux system. From an HP-UX or Linux CMS, enter:
ssh root@<HP-UX/Linux node>
or
ssh Administrator@<Windows node>
From a Window CMS:
<OpenSSH directory>\bin\ssh root@<HP-UX/Linux
node>
<OpenSSH directory>\bin\ssh Administrator@<Windows
node>
If you are prompted to accept a host key or enter a password, then the
SSH daemon is accessible. Run mxagentconfig again to verify that the
keys are transferred:
mxagentconfig -a -n <node name or ipaddress> -u
<user> -p <password>
On the system you are attempting to run tools on, verify the permissions
of some directories. Verify the permission on the home directory of the user name you are
using. The home directory should have permissions: drwxr-xr-x (755) The .ssh directory within the home directory should have permissions: drwxr-xr-x (755) The authorized_keys2 file in the .ssh directory should have
permissions: -rw-r--r-- or -rwxr-xr-x (644 or 755)
To verify these permissions: On Windows: Run <OpenSSH Install Directory>\bin\ls -ld <File or
directory name>
On HP-UX or Linux: Run ls -ld <File or directory name>
To change permissions: On Windows: Run <OpenSSH Install Directory>\bin\chmod <Permission
number><File or directory name>
On HP-UX or Linux: Run chmod <Permission number> <File or directory name>
(Permission number is the number above, for example, 644/755)
When the command is run, the Execute-as user is listed in the
status, which is the user for which you have to run mxagentconfig. If execution has worked in the past and is now failing, verify
that SSH has been reinstalled on the target system. Reinstalling SSH causes
the system to have a different host key. Therefore, SSH can verify that it
is the system that it is trying to contact. Run mxagentconfig -r -n system name
or Go to the GUI and remove the system host key. Remove the lines that refer to the system on which to execute. Remove
all references to the system (for example, systemname and systemname.hp.com) Alternately, you can also remove the entire known_hosts file,
which means that SSH registers the keys of every system again the next time it contacts
them. This behavior could be a security problem until each system has been contacted.
Remove the .ssh directory from the home directory of the user
on the managed system to ensure that there are no old keys or old permissions
that could cause mxagentconfig to fail. Run mxagentconfig again.
Mxagentconfig fails when trying to authorize
a user on a Windows managed system that OpenSSH was not installed by HP SIM.
Solution:
Run:
sshuser –u <username> -d <domain name> >>
"c:\Progra~1\OpenSSH\etc\passwd"
Run mxagentconfig again.
If mxagentconfig still fails, be sure SSH is running
by following the steps outlined in step 1. Remove the .ssh directory from the home directory
of the user on the managed system to ensure that there are no old keys
or old permissions that could cause mxagentconfig to fail. If none of these work, then manually copy the key. Transfer
the file .dtfSshKey.pub to the managed system. The file
can be found at /etc/opt/mx/config/sshtools/ on Windows and at <HP SIM Install Directory>\config\sshtools on HP-UX and Linux.
On Windows: Enter <location of .pub file> >> <user home directory>\.ssh\authorized_keys2.
Or enter hpsimssh if
user’s home directory did not exist before running sshuser. On HP-UX or Linux:
Enter .cat <location of .pub file< >> ~/.ssh/authorized_keys2.
After installing HP SIM on a Windows system, I cannot run any of the command line tools. I receiving the following error: %1
is not a valid Win32 application.
Solution: Search the root directory for a
folder or file named Program. If this file exists, delete
it. If this folder exists, rename it or delete it if the folder is empty.
When I use the mxnodesecurity command
on an HP-UX system to add a system from a different domain, the command does
not work properly. For example, if I enter mxnodesecurity -a -p
wbem -c openview\wmi:wmi -n testnode10, the single backslash between openview and wmi is
missing.
Solution: The UNIX shell environment recognizes
the single backslash as an escape character. If you want to add a system from
a different domain, add another backslash for it to be recognized. For example, mxnodesecurity
-a -p wbem -c openview\\wmi:wmi -n testnode10.
When I try to run tools, they fail.
This error happens with any tool selected.
Solution: This problem happens if HP SIM is installed
on a system without a C drive.
When a tool opens a new window and I click
the browser Refresh button, the window closes.
Solution: All windows close if they are manually
refreshed using the browser Refresh button because the Refresh
operation is indistinguishable from a close operation.
I am a full-configuration-rights user on
a Linux or HP-UX system. However, I am receive an exception when I try
to run the mxnodesecurity command.
Solution: The command must be executed by
the root user.
When trying to run tools from the command
line, I receive an error, stating that SSH authentication failed.
Solution: If you have renamed the administrator
account, edit the TDEF files for each tool, and change the Execute-as user.
For example: Navigate to /System Insight Manager/tools, and
open mx-tool.xml. Change the <execute-as-user>Administrator</execute-as-user>
to the new administrator account name. Save the file. At the DOS prompt, run command: mxtool -m -f mx-tool.xml
-x force. The tool will now run.
You must do this for all of the command line tools.
VCRM
I cannot find a desired software component
in HP SIM in its listing of a HP Version Control Repository Manager software catalog. I know it exists
in the selected VCRM, but I cannot find it in the displayed list.
Solution: It might be listed as a revision
of another component with a slightly different name if the component name has changed since a previous revision. If you still
cannot find the component, you might want to browse to the HP Version Control Agent on each individual
system and install the component from there.
During the HP Systems Insight Manager (HP SIM)
installation, the VCRM fails to install.
Solution:
Use the following method to uninstall the VCRM. Simply reinstalling the VCRM
over the existing VCRM might continue to produce the error. Click Start Control
Panel. Double-click Add or Remove Programs. The Add
or Remove Programs dialog box appears. Scroll down and select the current HP Version Control Repository Manager. Click [Remove] to uninstall the VCRM. Reboot the system, and then reinstall VCRM. For more information
regarding installing the VCRM (without using HP SIM), refer to HP Version Control Installation Guide at http://h18013.www1.hp.com/products/servers/management/agents/documentation.html.
Virtual Machine
JVM is shutting down.
Solution: This could happen if you have physically disconnected the central management server from your network. Restart HP SIM and the problem should correct itself.
VMM
The HP ProLiant Essentials Virtual Machine Management Pack (HP ProLiant Essentials Virtual Machine Management Pack) functions are not working
in HP SIM.
Solution: Attempts to log in to the VMM
plug-in forHP SIM 4.x will not succeed if the user name contains a character
that is not alphanumeric, which prevents the VMM functions from being used
within HP SIM.
Windows NT Event Log
If you receive the error message
DCOM was unable to communicate
with computer<system> using any of the configured protocols, in the Windows NT Event Log, disable logging the WMI errors. These error messages are not generated by
WMIMapper. Rather, they are generated by the Microsoft Windows Management
Instrumentation (WMI) service when it cannot communicate with the target
system to get the WMI information. Usually, the target system is a non-Windows
system.
Solution: To disable logging the WMI errors
to the Windows NT Event Log, perform the following procedure on the system
where WMIMapper is installed. In Windows NT, click Control Panel Administrative Tools Services, and stop the Pegasus WMI Mapper service. Right-click My Computer. Select Manage. The Computer
Management page appears. Expand Services and Applications. Right-click WMI Control. The WMI
Control Properties page appears. Select the Logging tab. Select Disabled from the Logging
level section, and then click [OK] to close
this page. From the Computer Management window, double-click Services,
and then select Windows Management Instrumentation service.
Stop and restart the service. Start the Pegasus WMI Mapper service from
the Services page.
WMIMapper
The WBEM protocol is not listed on the System
Page for the system, and the data from WBEM is not displayed.
Solution: By default, when the CMS is installed
on a Windows platform, the WMIMapper service is installed at c:\Program
Files\The Open Group\WMIMapper. The WMIMapper installation also
creates a directory named c:\hp (lowercase) with a subfolder
containing the certificates used by the system. If you previously created
a directory called c:\HP (uppercase) the certificates
are installed under that directory. When the WBEM and WMIMapper try to communicate,
WMIMapper looks for a directory named c:\hp (lowercase)
and cannot find the certificates. This same problem applies wherever the Windows
platform the WMIMapper is installed. To solve this problem, delete the c:\HP (uppercase)
directory before installing the CMS or WMIMapper on a Windows platform.
Be sure to reroute any application using data in that directory to the new
directory.
I cannot access WMI information from a client
system.
Solution: WMI is configured to allow remote
access to accounts in the administrators group. If the
privileges are reduced to guest on the remote system,
no WMI connection can be obtained from the remote system. Therefore, the
local security policy on the client system might be the problem. Modify the
setting.
|