Scope

Common acceptance guarantees that a majority of the community interested in managing the actual resource agrees that the best practice is, in fact, what it claims to be: the best set of practices that can be applied to manage this particular resource. It is not uncommon that two or more specialists have a difference of opinion regarding details of the best practice. However, these types of discussions may prove to be very fruitful and bring up certain aspects that otherwise could have been forgotten. The specialists that agree to a best practice may be recruited from various organizations, depending on the nature of the resource that is to be managed. If you develop a best practice for managing a specific type of application system, for example, IBM WebSphere® applications,

to be used within your own organization, chances are that you will need support from the application owner, who is in charge of the business aspects of the application, subject matter experts, and the systems administrators in charge of the run-time environment. At the best practices level, there is no need to get acceptance from the system administrators in charge of the tools used to implement your best practice (they have not been set at this point in time), even though it is advisable to get as many preapprovals as possible. The scope of your best practice may vary from one to the other. In most cases, you will work with best practices for resource management within your own organization, in which case, you would use an existing best practice and apply it to your specific environment. In other cases, especially if you are involved with standardization bodies or development of general system management platforms, such as Tivoli, you would be the one defining the best practice to be used by others.

When developing best practices, you should be sensitive to the fact that best practices are seen as templates or skeletons that will have to be modified to fit specific needs of the organization in which they are implemented. Cultural or company differences, practices, policies, and laws may restrict or demand special features of the best practice, even though it has already been accepted by the subject matter experts of that particular field. In our everyday life, we are surrounded by best practices, some of which have become laws. Others are unwritten rules that most people within an organization or a society comply with because of belief, tradition, experience, or convenience. Most best practices may be deviated from when special needs or local circumstances demand it, except where it is expressly forbidden. Developing and complying with best practices ensures the quality of your management solution. Of course, the best practice has to be maintained and constantly revised in order to incorporate changes to the resources being managed, to refine the existing best practices, to comply with changing company policies and procedures, and to met new requirements that may have arisen.

Appendix A.

Scripts used in this

publication

This appendix contains scripts used in this publication.

This appendix describes the following four scripts used to design this solution: 򐂰 rk_first.sh

򐂰 rk_second.sh 򐂰 rk_third.sh 򐂰 rk_fourth.sh

rk_first.sh

Example A-1 contains the rk_first.sh script.

Example: A-1 rk_first.sh

###################################################################### ########################FIRST SCRIPT################################## ###################################################################### ## THIS SCRIPTS WOULD BE EXECUTED ON SERVER WHERE NETVIEW IS INSTALLED ## It executes "ovobjprint" command to get the all uniq types of ## SNMP Agent discovered by NetView Server where LCF code is ## Not installed and it is of type Computer (Node = True). ##

## After getting uniq SNMP Agents, it executed "nvUtil (Unix) / ## smartsetutil (NT) which provides the IP address on node.

## Once IP Address is generated from nvUtil / smartsetutil command,

## it is compared with the entries under EXCLUSION and in case it is located, ## it is excludes from the list and only non-matching entries ( from

## Exlcusion list) are generated with file name as Type of OS. All UNKNOWN ## type of IP Addresses are assumed as NT and NT TMA code is installed. ###################################################################### ###################################################################### #### Directory where the scripts is executed

mdir="/tmp/shell/main/"

#### Below variable mep_shell mentions the shell script name to be executed once all nodes are

#### discovered. This will be done one default_password parameter is set to True.

mep_shell=$mdir"rk_second.sh" ##### Master file declaration

minp1=$mdir"nv_master.lst" # List of NetView agent with OS type minp2=$mdir"nv_exclude.lst" # List of exclusion list

##### Variables for Output file. Hence for NT, file name would be 'out_NT.nep'. ##### We may modify it as per our wish.

mfirst_var="out_" mlast_var=".nep"

##### Temporary files declaration.. mout1=$mdir"tmp_magnt.tmp"

mtmp=$mdir"tmp.tmp" mtmp1=$mdir"tmp1.tmp"

mlog_sniff=$mdir"log_sniff.log" mlog_ovobj=$mdir"log_ovobj.log" mlog_nvutil=$mdir"log_nvutil.log" ###### Variables being used under script moos="First"

########### Insertion of date / time with log files for i in $mlog_sniff $mlog_ovobj $mlog_nvutil do

echo " " >>$i

echo "=====================================================" >>$i echo "Script started on " `date` >> $i

echo "=====================================================" >>$i echo " " >>$i

done

### Whether default password is provided..If Yes, then what is the filename ### File contains three field. First is OS, Second User & thirs password ### e.g., for NT it would be like "NT Administrator password"

### unix would have entry as "UNIX root password". If this is not followed, ### scripts shall not be executed successfully.

mdefault_password=True

mdefault_file=$mdir"default.lst" muser=""

mpass=""

if [ $mdefault_password = True ] ; then if [ -r $mdefault_file ] ; then

for i in "NT" "UNIX" ## Start loop for Validity of user / password for NT / UNIX OS

do

muser=`cat $mdefault_file|grep $i|awk '{ print $2}'` mpass=`cat $mdefault_file|grep $i|awk '{ print $3}'` if [ "$muser" = "" ] || [ "$mpass" = "" ] ; then

for j in $mlog_sniff $mlog_ovobj $mlog_nvutil ## Start loop for LOG do

echo "Under $i OS, user account or password is blank. Update it immediately. Resetting as False to default password variable.." >>$j

echo "Kindly provide the password for each node & execute the next script manually for $i Operating System." >>$j

echo "Under $i OS, user account or password is blank. Update it immediately. Resetting as False to default password variable.."

echo "Kindly provide the password for each node & execute the next script manually for $i Operating System."

echo "" >>$j

done ##Endloop for LOG mdefault_password=False

done ## Endloop for validity of user / password for NT / UNIX OS else

for j in $mlog_sniff $mlog_ovobj $mlog_nvutil do

echo "File $mdefault_file containing password is not present. Check the filename / directory.." >>$j

echo "File $mdefault_file containing password is not present. Check the filename / directory.."

done

mdefault_password=False fi

fi ## End of IF loop for default_password checking

######## Getting the Operating System of the maching executing the script.. ######## Since nvUtil command name varies on NT / UNIX, hence

######## putting the command name under variable.. rm $mout1 2>/dev/null

touch $mout1 mopsys=""

if [ `uname` = "Windows_NT" ] ; then mutil_command="smartsetutil"

else

mutil_command="nvUtil" fi

###################Defining the path of SNIFFER CONFIGURATION FILE mnvpath="/usr/OV/conf/" ## Directory where nvsniffer.conf is present msniff_file=$mnvpath"nvsniffer.conf"

mconf="isLCF|9494|TivoliLCF|Tivoli TMA|||*"

###### Checking under sniffer configuration file for LCF parameter ###### If entry is missing, appending..

msnf=`grep "^$mconf" $msniff_file` if [ "$msnf" = "" ]; then

echo $mconf >> $msniff_file

echo "Appended record under $msniff_file file" >>$mlog_sniff else

echo "$mconf is present under $msniff_file" >> $mlog_sniff fi

echo $mconf >$mtmp

echo "Started to execute nvsniffer command to update NetView Object database.">>$mlog_sniff

nvsniffer -f $mtmp >>$mlog_sniff 2>>$mlog_sniff

echo "Executed nvsniffer command to update NetView Object database.">>$mlog_sniff

#ovobjprint|grep -i SNMPAgent|grep -iv Collection|cut -f 6|sort|uniq |cut -d"(" -f1> $mout1

################ Splitted the above command since on NT, it used to hang echo "Generating SNMPAgent.." >> $mlog_ovobj

ovobjprint > $mtmp1 2>>$mlog_ovobj

cat $mtmp1|grep -i SNMPAgent|grep -iv Collection|cut -f 6|sort|cut -d"(" -f1> $mtmp 2>>$mlog_ovobj

if [ $? = 0 ] ; then

echo "Successfully generated SNMPAgent.." >>$mlog_ovobj else

echo "Error in ovobjprint command.. Check it.." >>$mlog_ovobj exit 0

fi

##### Initializing the output file STARTED... for i in "NT" "UNIX" "UNKNOWN"

do

mparam=$mdir$mfirst_var$i$mlast_var rm $mparam 2>/dev/null

done

##### Initialization over

## Below lines are put to find the unique records. Under NT uniq command ## could not be executed.

while true read i do muniq=true while true read j do if [ "$i" = "$j" ]; then muniq=false break fi done<$mout1

if [ $muniq = true ]; then echo $i >> $mout1

fi

done < $mtmp

## Creation of Operating System wise list of IP Address

while true ## Loop to read $mout1 file STARTED.. read i

do

mgrep=`grep -i "$i" $minp1|cut -d"$" -f2` if [ "$mgrep" = "" ]; then

mos="UNKNOWN" else

mos=$mgrep fi

## Below lines associate the filename based on Operating System ## e.g., for NT it will be as $mfirst_varNT$mlast_var. Hence ## if mfirst_var is "out" and mlast_var is ".nep" then output ## filename would be "out_NT.nep". To change the name, the variable

## field (mfirst_var & mlast_var) must be modified. The same must be mentioned ## under Endpoint Installation Script.

if [ ! "$mos" = "SKIP" ] ; then #mout2="out_"$mos".nep"

mout2=$mdir$mfirst_var$mos$mlast_var if [ "$moos" = "First" ] ; then moos=$mos

else

mrc=`echo "$moos"|grep "$mos"` if [ "$mrc" = "" ]; then moos=$moos" "$mos fi

fi

#nvUtil e "((SNMPAgent = '$i') && !(isLCF = True) && (isComputer = True))" >$mtmp

echo "Execution of $mutil_command script on $i agent to get the Node without TMA.." >> $mlog_nvutil

`echo $mutil_command` e "((SNMPAgent = '$i') && not(isLCF = True) && (isNode = True))" >$mtmp1 2>> $mlog_nvutil

echo "Compeleted the execution of $mutil_command script for $i agent .." >> $mlog_nvutil

cat $mtmp1|cut -d"(" -f2|cut -d")" -f1>$mtmp #Steps for exclusion list...

for j in `cat $mtmp` do

rk=true while rk=true read k do if [ "$j" = "$k" ]; then mok='No' rk=false fi done < $minp2

if [ "$mok" = "Yes" ]; then

## Now it checks whether default password is put. If yes, associate with IP Address

if [ $mdefault_password = True ] ; then if [ "$mos" = "UNKNOWN" ] ; then mos="NT"

fi

muser=`cat $mdefault_file|grep $mos|awk '{ print $2}'` mpass=`cat $mdefault_file|grep $mos|awk '{ print $3}'` fi

wep ls -i label,address|grep $j ## Checking whether this current node is having TMA

if [ $? != 0 ] ; then

echo $j" "$muser" "$mpass >>$mout2 else

echo "This endpoint $j already exists in wep list.." fi

fi done fi

done < $mout1

#echo "OS TYPE => " $moos rm $mout1 $mtmp $mtmp1

## Below mentioned script shall check whether default password is ## provided by Administrator. Incase Yes, it will associate the ## mentioned account with node and execute the TMA installation ## script. Otherwise, it shall stop here and Administrator ## has to execute the TMA installation script.

if [ $mdefault_password = True ] ; then for i in "NT" "UNIX" "UNKNOWN"

do

mparam=$mdir$mfirst_var$i$mlast_var if [ -r $mparam ] ; then

mrow=`cat $mparam|wc -l` if [ $mrow -gt 0 ] ; then sh $mep_shell $i $mparam & fi

else

echo "No record under $mparam file.." >>$mlog_nvutil fi

done else

echo "Update the output file with account / password & execute TMA installation script.." >>$mlog_nvutil

fi

rk_second.sh

Example A-2 contains the rk_second.sh script.

Example: A-2 rk_second.sh #!/bin/ksh

function_create_policyregion() {

mpolicy_region=$1

echo "Function for Policy Region : " $mpolicy_region >>$mlog_eplog wlookup -Lr PolicyRegion $mpolicy_region >>$mlog_eplog 2>>$mlog_eplog if [ $? != 0 ] ; then

echo "Policy Region $mpolicy_region does not exisits.. Creating it..">>$mlog_eplog

madmin=""

for i in `wlookup -aLr Administrator` do

j=" -a "$i madmin=$madmin$j done

#mresource=" -m ManagedNode -m ProfileManager -m InventoryConfig -m Endpoint" mresource=" -m ManagedNode -m ProfileManager -m Endpoint -m TaskLibrary" echo "Creating Policy Region $mprname ..">>$mlog_eplog

wcrtpr $madmin -m ManagedNode $mresource $mpolicy_region >>$mlog_eplog 2>>$mlog_eplog

if [ $? = 0 ]; then

echo "Successfully created Policy Region $mpolicy_region .." >>$mlog_eplog else

echo "Could not create Policy Region $mpolicy_region. Check with Administrator. " >>$mlog_eplog

fi } function_create_task_library() { mtask_library=$1 mpolicy_region=$2

wlookup -Lr TaskLibrary $mtask_library >>$mlog_eplog 2>>$mlog_eplog if [ $? != 0 ] ; then

echo "Creating TASK LIBRARY $mtask_library under $mpolicy_region Policy Region.." >>$mlog_eplog

wcrttlib $mtask_library $mpolicy_region >>$mlog_eplog 2>>$mlog_eplog if [ $? = 0 ]; then

echo "Successfully created Task_Library $mtask_library under $mpolicy_region policy region.." >>$mlog_eplog

else

echo "Could not create TASK Library $mtask_library under $mpolicy_region policy region." >>$mlog_eplog fi fi } function_create_task() { mnode_name=$3 mtask_library=$2 mtask_name=$1

wgettask $mtask_library $mtask_name >>$mlog_eplog 2>>$mlog_eplog if [ $? != 0 ]; then

if [ ! -r $mtask_file ] ; then echo "hostname>host.out">$mtask_file fi

echo "wcrttask -t $mtask_name -l $mtask_library -r user -i default $mnode_name $mtask_file" >>$mlog_eplog 2>>$mlog_eplog

wcrttask -t $mtask_name -l $mtask_library -r user -i default $mnode_name $mtask_file >>$mlog_eplog 2>>$mlog_eplog

if [ $? = 0 ]; then

echo "Successfully created task $mtask_name under Task_Library $mtask_library ." >>$mlog_eplog

else

echo "Could not create task $mtask_name under Task_Library $mtask_library ." >>$mlog_eplog fi fi } function_execute_task() {

mep=$1

mtask_library=$2 mnext=False

echo "Executing task for $mep node.." >>$mlog_eplog

wruntask -t $mtask_name -l $mtask_library -h $mep >>$mlog_eplog 2>>$mlog_eplog echo "Task over for $mep node. Executing wadminep command to get host.out file.." >>$mlog_eplog

wadminep $mep get_file host.out host.out >>$mlog_eplog 2>>$mlog_eplog if [ $? = 0 ] ; then

mnext=True else

echo "Task $mtask could not be executed.. " >>$mlog_eplog fi return } ########################################################## #########################SECOND SCRIPT#################### ########################################################## ## This shell script has been created to install Tivoli ## Management Agent on the machine mentioned under ## Input file.

## Note : The record (IP Address) mentioned under Input file ## must contain Administrator account with password.

## Incase of Unix machine, account must be as "root" ## and incase of NT, it would be as "Administrator"

## Script checks whether default password for each type of ## Operating System (NT / Unix) has been provided. If, default ## Administrator account is provided, system shall automatically ## Start this script other wise administrator has to update the ## Input with Administrator account / password and execute the ## script.

## All unknown type of OS are put under Windows NT operating system.

## The unsuccessfull nodes (where TMA could not be installed) are redirected ## to failed log file. Administrator has to check physically to resolve the ## issue of operating system / password or availability of the machine. ##########################################################

########################################################## mparam_os=$1

minputfile=$2

#### Input - Directory where the scripts is executed mdir="/tmp/shell/main/"

####### Input - File name of the Inventory shell scripts.. minv_shell=$mdir"rk_third.sh"

#### Input - List of log files created during installation of TMA mlog_success=$mdir"log_successep.log"

mlog_failed=$mdir"log_failedep.log" mlog_taskfailed=$mdir"log_failedtask.log" mlog_eplog=$mdir"log_endpoint.log"

########### Insertion of date / time with log files

for i in $mlog_success $mlog_failed $mlog_eplog $mlog_taskfailed do

echo " " >>$i

echo "=====================================================" >>$i echo "Script of Endpoint started on " `date` >> $i

echo "=====================================================" >>$i echo " " >>$i

done

if [ "$mparam_os" = "" ] || [ "$minputfile" = "" ] ; then

echo "All parameters are not passed to this script..Please check." >>$mlog_eplog

echo "usage: inv_script_filename [Operating System {NT | UNIX }] [Filename {containing IP Address with user / password}] " >>$mlog_eplog

echo "Stopping the processing of script..." >>$mlog_eplog exit

fi >>$mlog_eplog 2>>$mlog_eplog if [ ! -r $minputfile ] ; then

echo "The parameter Inputfile $minputfile not present..">>$mlog_eplog echo "usage: inv_script_filename [Operating System {NT | UNIX }] [Filename {containing IP Address with user / password}] " >>$mlog_eplog

echo "Stopping the processing of script..." >>$mlog_eplog exit

fi >>$mlog_eplog 2>>$mlog_eplog

if [ "$mparam_os" != "NT" ] && [ "$mparam_os" != "UNKNOWN" ] && [ "$mparam_os" != "UNIX" ] ; then

echo "The value of operating system is not correct..Please check.." >>$mlog_eplog

echo "Acceptable operating systems are NT / UNIX " >>$mlog_eplog echo "Stopping the processing of script..." >>$mlog_eplog exit

fi >>$mlog_eplog 2>>$mlog_eplog

#echo "The OS parameter is => " $mparam_os #echo "The File parameter is => " $minputfile

if [ "$mparam_os" = "UNKNOWN" ] ; then mparam_os="NT"

fi >>$mlog_eplog 2>>$mlog_eplog

if [ "$mparam_os" = "NT" ] ; then ### Following input is required for NT os only ...STARTED if loop

## Input - List of variables like Endpoint name, Gateway etc. For NT Endpoint only

minput_source_ep="3B046A"

wlookup -r Endpoint $minput_source_ep >>$mlog_eplog 2>>$mlog_eplog if [ $? = 0 ] ; then

wep $minput_source_ep status >>$mlog_eplog 2>>$mlog_eplog if [ $? = 1 ] ; then

echo "This endpoint $minput_source_ep is not running. Check & start it before executing the script." >>$mlog_eplog

echo "Stopping the processing of script..." >>$mlog_eplog exit

fi else

echo "This endpoint $minput_source_ep does not exists under Endpoint list.." >>$mlog_eplog

echo "Stopping the processing of script..." >>$mlog_eplog exit

fi

## Input - Gateway to which Endpoint has to login must be with +9494 For NT ## Endpoint only e.g. for GW1 it would be GW+9494 ##

minput_source_gateway="9.3.4.48+9494" fi ## Checking of NT loop OVER..

### Input - List of policy region, task library & task to execute task ### to update the Endpoint hostname inplace of IP Address

mpolicy_region="aix-tmr1b-region"

mnode_name="aix-tmr1b" ## Name of the ManagedNode on which this script is executed..

mtask_library="TEST_TASK" mtask_name="TEST_TASK" mtask_file=$mdir"task.sh"

## Starting the installation of TMA for NT Servers

echo "Starting Endpoint Installation for $mparam_os Operating System." >> $mlog_eplog

winstlcf -N $minput_source_ep -g $minput_source_gateway -f $minputfile -Y -R >>$mlog_eplog 2>>$mlog_eplog

else

winstlcf -f $minputfile -Y >>$mlog_eplog 2>>$mlog_eplog fi

echo "Endpoint Installation over.." >>$mlog_eplog rm host.out 2>/dev/null

for mep in `cat $minputfile|awk '{print $1}'` do

echo "Checking the registration of Endpoint with wep command .." >>$mlog_eplog wep $mep status >>$mlog_eplog 2>>$mlog_eplog

if [ $? != 0 ]; then echo $mep >> $mlog_failed else

##### Put mcheckpol=False if checking of policy region, task library & ##### Task to be ignore. If mcheckpol is put to false then the ##### policy region, task library & task must be mentioned correctly ##### as it is present

###################################################################### ## Note=>It is adviced to ensure that all variables within ## ## the if condition are present and mcheckpol is put to ## ## false to reduce the processing time on account of ## ## checking these components which are really present. ## ###################################################################### mcheckpol=True

if [ $mcheckpol = True ] ; then

#########Checking whether policy region is present. ## If not, create the policy region

function_create_policyregion $mpolicy_region

#########Checking whether task library is present. If not, creating function_create_task_library $mtask_library $mpolicy_region #########Checking whether task is present. If not, creating function_create_task $mtask_name $mtask_library $mnode_name fi

mnext=True

function_execute_task $mep $mtask_library if [ $mnext = False ] ; then

echo "Task could not be executed on $mep node. It shall be executed once more after 5 minutes." >>$mlog_eplog

sleep 300

fi

if [ $mnext = False ] ; then echo $mep >> $mlog_taskfailed

echo "Task could not be executed on $mep node second time..Please check.." >>$mlog_eplog

minv_ep=$mep else

echo $mep >> $mlog_success

In document Implementing Automated Inventory Scanning and Software Distribution After Auto Discovery (Page 157-192)