test

Sun Management Center 4.0 Installation and Configuration Guide

Using es-config

The syntax for the es-config command is:

es-config [-Adhmnqrox] [-y filename] [-p sunmc_component] [-c sunmc_component:channel] [-u usmuser] [-f filename] [-a option] [-F component:status] [[-P [component:MinPort:MaxPort] [-w webuser] [-M module [-z priv] [-k lauser |-l lauser | -s]]

The following table describes the es-config parameters.

Table 9–4 es-config Options

Option 

Modifying Options 

Description 

-A

 

Configure all ports 

-a

option

Set up database in archive log mode or no archive log mode. The valid values are enable and disable.

-c

sunmc_component:channel

Enable or disable the component channels being logged. Valid Sun Management Center components for which channels can be controlled are topology, cfgserver, event, cstservice, trap, metadata, agent, platform, and platform_instances. Valid channels are debug, info, error, status, history, syslog, warning, eventhistory, trace, trap, audit, and attributeAudit.

-d

 

Restore all ports to the 4.0 default value. See Table 9–3.

-F

component:status

Enable firewall support where the valid values for component are server and console and the valid values for status are enable or disable.

-f

file

Used only with the -r, -u, and -o options. Reads the seed and community string from the specified file and seeds the esd component. The file has the format:


ES_SECURITY_SEED=seed
ES_SNMPV1_STRING=string

where seed is the seed you want to reseed with and string is the community string. The file should be owned by root and have read/write permissions for root only; otherwise the seed could be readable by unauthorized users.

-h

 

List the es-config options.

-k

lauser

Delete the specified Local Access user from the ACL list. This option can be used for Service Management Facility (SMF), Module Configuration Propagation, and Solaris Container Manager modules. 

-L

sunmc_component

List of channels being logged for the given component. The valid Sun Management Center component for which channels can be listed are topology, cfgserver, event, cstservice, trap, metadata, agent, platform, and platform_instances.

-l

lauser

Add Local Access user or users from ACL list. This option can be used for Service Management Facility (SMF), Module Configuration Propagation, and Solaris Container Manager modules. 

-M

module

Module name for local access user. Used in conjunction with -k, -l, -s.

  • When used with the -z option, updates the module level ACLs

  • When used without the -z option, updates the Local Access user

-m

 

Configure module configuration propagation by adding a list of user names to the es-mcp-users configuration file.

-n

 

Enable the Network Address Translation support. 

-P

component:MinPort:MaxPort

Configure the probe mechanism port range where MinPort is the starting port number and MaxPort is the ending port number. The range of ports must be at least 20 for example, 1024:1044. The minimum specified ports for -P is 20. The ports are used by the probe mechanism to execute ad hoc commands for communication between the Sun Management Center server and agent or between server and console. Valid port numbers are 1100-65535.

Valid values for component are server and console.

This option can be used in one of the following ways: 

-P MinPort:MaxPort: Configures port range for communication between server and agent

-P server:MinPort:MaxPort: Configures server port range for communication between server and console

-P console:MinPort:MaxPort: Configures console port range for communication between server and console

Note –

You must configure the port range to support communication between the Sun Management Center server and agent or between server and console through a firewall.

-p

sunmc_component

Configure port to be used by the Sun Management Center component component-name. Valid components are topology, cfgserver, event, cstservice, trap, metadata, rmi, agent, grouping, HTTP, HTTPS, platform, and platform_instances.

-q

 

Exit from script without starting the esd component. By default, the script tries to start the esd component before exiting.

-r

 

Regenerate security keys, and enable or disable encrypted SNMP communication. For more information, see SNMP Encryption (Privacy) in Sun Management Center 3.6.1 User’s Guide

-s

 

Show Local Access users or ACL users. This option can be used for Service Management Facility (SMF), Module Configuration Propagation, and Solaris Container Manager modules. 

-u

usmuser

Create or update User Security Model (USM) user for an SNMPv3 agent. usmname is the name of the SNMPv3 user to be added to the USM table. After entering the user name and pressing Return, you will be prompted to enter the passphrase (minimum of eight characters) and confirm it. This passphrase is used to generate the keys needed for performing SNMPv3 communication.

-w

webuser

Configure or change the specified user to start and stop the Web Server. Sun Management Center server uses noaccess as the default user to start or stop the Tomcat Web Server.

-x

 

Configure PRM data retention parameters 

-y

file

Read the age limits from this file. Used only with the -x option.

-z

priv

Privilege level for USM users. Valid values are admin, operator, and general.