topic Re: Yet another Version Control question in Server Management - Systems Insight Manager

Yet another Version Control question

Mikael Rönnbäck — Mon, 06 Sep 2004 09:15:40 GMT

Since upgrading from CIM7 to HPSIM I'm getting a "no trust relation established" for most of my systems. If all systems had had this failure I would have thought of it as just an upgrade issue that needed re-config. but now some of the systems actually work properly and still have the same settings as the ones that do not work. (I'm using Trust By Name)
Any ideas what to look for, the manual does not tell me very much on this issue ?

Re: Yet another Version Control question

Rob Buxton — Mon, 06 Sep 2004 19:25:24 GMT

Mikael,
I didn't migrate, so I can only guess. Possibly HPSIM makes more use of FQDNs and it's showing up as a difference.

I use Trust by certificate which seems to work well.

Re: Yet another Version Control question

Colin Moors — Tue, 07 Sep 2004 04:34:40 GMT

I agree with Rob - I tried using "trust by name" and "trust all" (not a good idea, but I was getting desperate!). Using "trust by certificate" and importing the certificate of the CMS on each server seems to work the best.

One tip, if you use the same machine all the time to access SIM, it's worth installing the certificates of each individual machine as you go along - that way it stops nagging you all the time!

Re: Yet another Version Control question

Mikael Rönnbäck — Tue, 07 Sep 2004 05:55:29 GMT

Ok thanks, since I've so far only deployed using pre-config'ed HP bundles where I've entered the system name (and/or fqdn), is there any good ideas on how to roll out a certificate based login during setup of new servers and also to existing servers ? (I really don't feel like logging in to 1100 servers manually... ;-))

Also it's kind of strange that it works sometimes and sometimes not, does anyone know what is best practice to use ? Name or certificate, my HP contact says HP themselves uses trust by name.

Re: Yet another Version Control question

Rob Buxton — Tue, 07 Sep 2004 15:39:34 GMT

Mikael,
You can configure the Agents with the HPSIM Server Certifacte, you just export it to a file and then cut 'n' paste that into the Agent Configuration.
So, when you deploy the Agents you've got all of your settings already there.

Alas, becasue this is a Trust issue, you may not be able to use the Replicate Agent Settings

Re: Yet another Version Control question

Mikael Rönnbäck — Thu, 09 Sep 2004 06:15:24 GMT

Thanks for the advice, I will try that at out nexr driver upgrade, in the meantime I will have to live with trust by name.