Welcome to Tivoli Kernel Services 1.1.1!

Congratulations on your decision to deploy Tivoli management software!

Tivoli Kernel Services provides a set of components that are used to manage a wide variety of users, devices, and services. These components are used in conjunction with the Tivoli management software you have purchased. Be sure to read the documentation included with that Tivoli management software before installing Tivoli Kernel Services. Any planning, prerequisite, and installation information provided with that software supersedes similar information included with Tivoli Kernel Services.

This readme file contains information that changed after the documentation and online help provided with Tivoli Kernel Services were complete. The information in this document supersedes the information provided in the online help and the product documentation included on the Installation and Bootprint CD-ROMs. There is no Release Notes document associated with Tivoli Kernel Services.

Before You Install

Before installing Tivoli Kernel Services:

1. Read the documentation provided with the Tivoli management software you have purchased.
2. Verify that the systems on which you plan to install Tivoli Kernel Services are supported and are at the proper service level. Refer to the prerequisite information in both the Tivoli management software documentation and in Planning for Tivoli Kernel Services. There are a number of prerequisites that must be met before installing on these platforms:
   • IBM AIX 4.3.3
   • Sun Solaris 2.7
   • Microsoft Windows NT Server 4.0

   Note: See Prerequisties for Installing on AIX 4.3.3 in this readme file for the correct list of APARs for your AIX system. The list provided in the Planning for Tivoli Kernel Services book is not complete.

3. Complete the Planning Worksheet in Planning for Tivoli Kernel Services.
4. Read Installing Tivoli Kernel Services and perform the necessary prerequisite steps.

Documentation

Documentation for Tivoli Kernel Services consists of the following documentation available in HTML and PDF formats on the Installation and Bootprint CD-ROMs:

Planning for Tivoli Kernel Services

Describes how to plan for the deployment of Tivoli Kernel Services. The concepts of the installation depot, the bootprint, and other Tivoli Kernel Services concepts are explained. This document also contains a Planning Worksheet to enable you to quickly and accurately deploy Tivoli Kernel Services.

Installing Tivoli Kernel Services

Describes how to use the installation programs to install the installation depot and other Tivoli Kernel Services servers.

Introducing Tivoli Kernel Services Administration

Describes how to administer Tivoli Kernel Services and introduces the Tivoli Console, the graphical user interface (GUI) used for user and system management.

Tivoli Kernel Services Command Reference

Describes the command line interface (CLI) provided with Tivoli Kernel Services which can also be used for user and system management.

Tivoli Kernel Services Quick Reference Card

Describes the syntax of the command line interface (CLI) provided with Tivoli Kernel Services. (Available in PDF format only.)

If you are viewing this readme file from either the Installation or Bootprint CD-ROM, you can go directly to the Tivoli Information Center. The Tivoli Information Center contains links to these documents, plus a link to the Tivoli Console Guided Tour.

You can also view the Tivoli Information Center by inserting either the Installation or Bootprint CD-ROM into your CD-ROM drive and pointing your Web browser to the tivolidocs directory in the root directory.

Known Problems

The following problems and limitations exist in Tivoli Kernel Services. Workarounds are provided if they are available. Report any other problems to your Tivoli Customer Support personnel.

Note: Some of the workarounds described in this section require you to issue commands to Tivoli Kernel Services using the command line interface, or CLI. The wcmd commands provided in this readme file assume that the person issuing the commands is implicitly identified in Tivoli Kernel Services by the appropriate account and user information. If this is not the case, you must use the -u option on each wcmd and explicitly specify a Tivoli Kernel Services user ID that is authorized to perform the command.

For example, to issue the wcmd info getOrbs command using the default user ID of superadmin:

wcmd -u superadmin info getOrbs

When prompted for a password, enter password if you have not changed the default.

Additional information on command authorization can be found in the Tivoli Kernel Services Command Reference in the section entitled Security Implications for wcmd Commands.

Error using convertSerialLog.bat and convertSerialLog.sh scripts

The scripts convertSerialLog.bat and convertSerialLog.sh fail with the following error message:

	Exception in thread "main" java.lang.NoClassDefFoundError:
		com/ibm/logging/utilities/SerialViewer

This error occurs because the location of the JLOG toolkit jar file has been changed.

To fix this problem on a Microsoft Windows system, edit script file %ORBDIR%\bin\w32-ix86\convertSerialLog.bat and change the line that reads:

	set LOGJARS=%ORBDIR%\boot\external\log\2.0.2\log.jar

to read:

	set LOGJARS=%ORBDIR%\boot\external\log\2.0.4\log.jar

To fix the problem on a UNIX system, edit the file $ORBDIR%/bin/solaris2/convertSerialLog.sh or $ORBDIR%/bin/aix4-r1/convertSerialLog.sh and change the line that reads:

	LOGJARS=$ORBDIR/boot/external/log/2.0.2/log.jar

to read:

	LOGJARS=$ORBDIR/boot/external/log/2.0.4/log.jar

Install to an NTFS Drive on Windows Systems

Install Tivoli Kernel Services on an NTFS drive on Microsoft Windows machines. Tivoli does not recommend installing to a disk formatted with the FAT file system because of the large number and small size of many of the files installed.

Install Fails if PATH Length Exceeded or Contains Quotes

The installation program might fail when initially launched if the length of the PATH environment variable exceeds the maximum allowed by the operating system. If you encounter this problem, reduce the size of the PATH environment variable and then restart the installation program.

The installation program also might fail if the PATH environment variable contains quote characters. If you encounter this problem, edit the PATH environment variable to remove the quote characters and then restart the installation program.

MQSeries Server Install Might Fail on Solaris Systems

The install of an MQSeries server might fail on Sun Solaris 2.7. This error occurs because the installation program cannot determine if the MQSeries group and user ID being used by Tivoli Kernel Services have already been defined.

To correct the problem:

1. Define a group called mqm and a user ID called mqm.
2. Replace the /etc/system file with the /etc/system.updated.1 file.
3. Reboot the system.
4. Run the installation program again to install the MQSeries server.

Installing a Tivoli DAS Server on Solaris

If you plan to install a Tivoli DAS server on a Sun Solaris system, the machine must be a Sun Ultra or higher class machine. Otherwise, the Tivoli DAS server might encounter errors working with secure sockets.

Installing MQSeries and Tivoli DAS Servers on Same Solaris System

If you plan to install an MQSeries server on the same Sun Solaris system as a Tivoli DAS server, you must install the MQSeries server last. After installing the MQSeries server, replace the /etc/system file with the /etc/system.updated.1 file and reboot the system.

Increasing Threadpool Size for a Tivoli DAS Server Datasource

The number of threads that the Tivoli DAS server uses for a particular datasource should be changed to reflect the number of connections to the datasource. In particular, the slash datasource should have at least 5 more threads than the pool size specified during the Tivoli Kernel Services installation. If the Tivoli DAS server does not have enough threads for processing requests, the Tivoli DAS server might stop processing requests or hang.

To increase the number of threads used by the Tivoli DAS server, you need to modify the dasOrbCfg.tks file in the Tivoli DAS server installation directory. When changing the threadpool value you must change the existing line in the file, which looks similar to the following:

DAServer.datasource.datasource_name.threadpool=nnn

and add an additional line of the form:

tdo.poa.datasource_name.thread_pool=nnn

where datasource_name is the name of the datasource, such as slash, ps, or tmd, and nnn is the new larger value for the threadpool, such as 65.

For the slash database, this value should be set to at least 5 more than the pool size specified during the installation. To determine the current pool size setting for the slash database, direct the following command (all on one line) to the installation depot ORB:

wcmd -u superadmin cfg get /com/tivoli/core/directory/slash
   DBPOOL.CONNECTION.POOL.SIZE

Then change the dasOrbCfg.tks file to include these lines:

DAServer.datasource.slash.threadpool=nnn
tdo.poa.slash.thread_pool=nnn

where nnn is at least 5 more than the DBPOOL.CONNECTION.POOL.SIZE value.

You must stop and restart the Tivoli DAS server for this change to take effect.

Database Connectivity Considerations on AIX

You might experience database connectivity problems when running your DB2 database server and the Tivoli Data Access Services (DAS) server on an AIX system. This is caused by the use of shared memory by DB2 when communicating with the Tivoli DAS server and an AIX IPC defect.

A workaround for this problem is to configure the server to behave as a remote client, which causes DB2 to use TCP/IP sockets instead of shared memory for communication. This procedure is documented in Appendix A of the Installing Tivoli Kernel Services document.

MQSeries Server Might Not Automatically Restart on AIX

An MQSeries server installed on an AIX system might not automatically restart when the system is rebooted. Use the following command to manually start the MQSeries server:

/usr/mqm/tksSi/startMqOnReboot start

Losing the Installation Program Progress Window

If you minimize the installation program on a UNIX system and subsequently restore it, the installation progress window ends up being hidden behind the black background of the installation panel. To bring the progress window back to the foreground, resize the background installation panel so that the progress panel is partially visible, and then click on the progress window.

Installation Depot ORB Does Not Work if Microsoft IIS is Running

The installation depot ORB might fail to work properly on Microsoft Windows systems if the Microsoft Internet Information Service (IIS) or other Web server is running. One symptom of this problem is that the launch of the installation depot ORB results in an error message in the ORB message log indicating that "http://your-host-name" was in use. Another symptom of this problem is that you cannot connect your Web browser to http://your-host-name/Repository after the ORB is running.

To correct the problem, do one of the following before launching the installation depot ORB:

• Stop or uninstall the Microsoft Internet Information Service or other Web server
• Configure your existing Web server to use a port other than 80.

Only Use Characters Supported by the Database

Tivoli Kernel Services stores its Unicode character data, such as security registry information, preference node names, keys, and values, in the DB2 databases created by the tdacl script. Only use Unicode characters that are supported by your database.

If you plan to run Tivoli Kernel Services in a multi-language or multilingual environment, be sure that you have created your DB2 databases using the appropriate code page, language, and territory to ensure your Unicode data can be stored and retrieved correctly. More information can be found in Installing Tivoli Kernel Services.

Improving Performance

Tivoli Kernel Services relies heavily on its underlying DB2 databases for managing configuration and security information. As significant amounts of data are written to these databases, overall performance of Tivoli Kernel Services might degrade. This might be especially noticeable after the initial install of the installation depot, after the install of one or more bootprints, or after installing an application on Tivoli Kernel Services.

To improve performance, it is strongly recommended that you generate statistics for the Tivoli Kernel Services databases on a regular basis. Tivoli Kernel Services provides a script to perform this activity for you. Refer to Installing Tivoli Kernel Services for information on running this script.

Always Use Fully Qualified Name for MQSeries Server

When running the installation program, always make sure that a fully qualified host name is used for the MQSeries server. On some operating system platforms, failure to use a fully qualified name results in Tivoli Kernel Services being unable to connect to the MQSeries server.

Tivoli Console Help Might Not Be Available from Installation Depot on Solaris

During the initial start of the installation depot ORB on a Sun Solaris system, you might see the following error in the Local ORB Creator and Killer (LOCK) output log:

2000.12.04 14:53:57.181 McrClientServer$BackgroundHelpBuilder buildHelp() java.io.IOException: Read-only file system
       at java.io.UnixFileSystem.createFileExclusively(Native Method)
       at java.io.UnixFileSystem.createFileExclusively(Compiled Code)
       at java.io.File.createNewFile(Compiled Code)
       at com.tivoli.pf.mcr.McrClientServer$BackgroundHelpBuilder.buildHelp(Compiled Code)
       at com.tivoli.pf.mcr.McrClientServer$BackgroundHelpBuilder.run(Compiled Code)

2000.12.04 14:53:57.224 McrClientServer$BackgroundHelpBuilder buildHelp() FWP1731E An error occurred creating or writing to the file mcrbhs.inv.

This is caused by a problem in the Tivoli Assistant online help build utility.

To correct the problem, shut down and restart the installation depot ORB. After the ORB initialization is complete, issue the following command to build the help:

wcmd -u superadmin psmcr rebuildHelp

Until the help is built, no Tivoli Console in the installation will have online help available to it.

Tivoli Console Icon Does Not Appear on Windows Desktop

The Tivoli Console icon does not show up on the Windows Desktop until both the installation depot ORB and either the Presentation Services ORB or the Tivoli Console bootprint ORB have started completely. Do not install any Tivoli management software on the installation depot until the Tivoli Console is available.

If the Tivoli Console icon does not appear on the Desktop after waiting a reasonable amount of time, enter the following commands to force a restart of the PsJcLauncherService:

Unexpected Error When Starting Tivoli Console on a Bootprint the First Time

You might see the following error message the first time you start the Tivoli Console on a Tivoli Console bootprint:

  FWP0015E Connection to Management Component Repository server failed.

To recover from this error, simply close the pop-up error window and click OK on the Sign on to Tivoli Console window. The sign on should complete successfully.

Tivoli Console Does Not Start After Failed Sign On Attempt

If your attempt to sign on to a Tivoli Console fails, and you close the sign on window without successfully signing on, future sign on attempts might fail. The symptom of this problem is that when you start the Tivoli Console you see the Tivoli Console splash screen displayed momentarily and then disappear. You will not be prompted to sign on to the Tivoli Console. This failure also might be accompanied by an error similar to the following in the Local ORB Creator and Killer (LOCK) output log:

  2001.02.08 15:58:49.779 com.tivoli.pf.jc.JcConsole launchJC() FWP0035E Unable to create new Fmk instance
  because the Fmk instance has already been created.  Already running an instance of the console.

If you encounter this problem, there are two ways to resolve it:

1. (Recommended) Issue the following command to stop the failed instance of the Tivoli Console. If the failure is encountered on the installation depot machine, direct the command to the Presentation Services ORB (orb.2). Otherwise, direct the command to orb.1 on the bootprint machine encountering the failure.

   wcmd -u superadmin accmgr stopService -s PsJcImpl
   

2. Recycle the ORB. If the failure is encountered on the installation depot machine, recycle orb.2 on that machine. Otherwise, recycle orb.1 on the Tivoli Console bootprint machine.

Restart the Tivoli Console and enter a valid user ID and password to sign on.

Initial Start of Installation Depot Takes a Long Time

The initial start of the installation depot ORB takes a long time and results in data being written to the security registry a number of times during initialization. Stopping the installation depot ORB while it is writing a lot of data to the security registry might leave the ORB in an inconsistent state and might require a re-install to correct the situation.

To ensure that the installation depot ORB is fully operational after it has been started for the first time, ensure that all of the following conditions are met:

1. You see the following messages in the ORB message log for the installation depot ORB:

   FNGCP0069I All components have been started.  Some components might not be ready for use.
   
   FNGTM0005I Baseline completed in nnnnnn milliseconds.
   

2. You see the following message in the Local ORB Creator and Killer (LOCK) output log for the installation depot ORB:

   FWP1734I The build help set utility has completed successfully.
   

Launch Times for ORBs

The launch time for an installation depot or bootprint ORB, after their initial install and launch, is dependent on a number of factors, such as:

• The amount of available memory and the processor speed of the machine
• What other services and applications are running on the machine
• The location of the Tivoli Data Access Services (DAS) and MQSeries servers in relation to the machine
• The location of the installation depot machine in relation to the bootprint machine
• How often the DB2 databases are optimized for performance using the runstats script

The ORB launch time is also affected by the Tivoli management software that you purchased which is using Tivoli Kernel Services.

Assuming the minimum recommended processor speeds and memory requirements, you can usually expect the launch of the installation depot ORB to complete in about 5 minutes. The launch of the second ORB on the installation depot or the launch of a bootprint ORB usually completes in about 2.5 minutes. To check on the progress of the ORB, you can monitor the ORB message log.

These times should be considered best case on the minimum recommended hardware, and were measured in our test laboratory with no Tivoli management software installed. Launch times will increase as Tivoli applications are added to the configuration. More accurate information might be included in the documentation provided with the Tivoli management software that you purchased.

Bootprint Installation Might Hang on Machines Running Winsock Applications

The bootprint installation program might hang on Windows machines running programs that interact with Winsock, the Windows component that routes internet traffic through TCP/IP. Such programs include custom dialers, socksification programs, and some VPN solutions. Disabling these applications does not necessarily correct the problem. It is recommended that you do not attempt to install a bootprint on a machine with these types of programs installed.

Error in MFC42U.DLL Running Bootprint ORB on Windows NT

When starting the bootprint ORB on a Microsoft Windows NT 4.0 system after the bootprint installation program has completed, you might encounter the following error:

The ordinal 6871 could not be located in the dynamic link library MFC42U.DLL

This is caused by a down-level version of the MFC42U.DLL file on the target system. Locate the MFC42U.DLL in your Windows directory and replace it with the updated version provided with Tivoli Kernel Services. The proper DLL to use is \TivoliBP\orb.1\lib\w32-ix86\mfc42u.dll

After replacing the DLL, you must reboot the machine. The bootprint ORB should run as expected.

Sign on to Tivoli Console Window Might Not Appear in Foreground

When starting the Tivoli Console, the "Sign on to Tivoli Console" window might open behind other windows on the desktop. To view the window, either minimize other windows on your desktop or use your window manager or taskbar to bring the signon window to the foreground.

Problem Closing the Tivoli Console with Tasks Open

If you attempt to close the Tivoli Console using the Console->Exit menu item, or by clicking the close window control (the X on the title bar) when there are active task windows displayed, the tasks will close but the Tivoli Console remains running.

To close the Tivoli Console, repeat the close operation.

Refreshing the Manage ORBs Window in the Tivoli Console

To refresh the status of an ORB displayed in the Manage ORBs window, you must select the ORB and then click Refresh. If you do not select an ORB, the status is not refreshed.

Can Only Add One Role to a Resource at a Time in the Tivoli Console

In the Security Registry window, when you right click on an object and click on either Role Member - Existing Role or Role Target - Existing Role, a list of roles is displayed. Even though multiple selection is allowed, only the first role selected is actually added to the object.

Search Security Window in the Tivoli Console Hangs

In the Search Security window, there is a drop down list that allows a user to set properties for a particular object class. After selecting an object class, a filter window appears and the Tivoli Console appears to be hung because the buttons on the panel are not active.

Resizing the filter window or moving the slider refreshes the display and the buttons become active.

Tivoli Console Outside a Firewall Needs Access to the Tivoli DAS Port

If you intend to install a Tivoli Console outside a firewall, the communications port used by the Tivoli DAS server needs to be open in the firewall. Otherwise, the Tivoli Console will not work correctly.

Set DISPLAY Variable Before Launching Tivoli Console on UNIX

The DISPLAY environment variable must be set appropriately before launching the Tivoli Console on UNIX systems. Otherwise, the Tivoli Console does not start and an exception is recorded in the Local ORB Creator and Killer (LOCK) error log. The error might look something like this:

The DISPLAY environment variable must be set on those ORBs that run the Tivoli Console:

• The Tivoli Presentation Services ORB (orb.2) on the installation depot
• Any Tivoli Console bootprint ORBs.

If the desired ORB is already running, you must stop the ORB, set the DISPLAY environment variable appropriately, and then restart the ORB. These steps are outlined in the following procedure.

1. Locate the LOCKCfg.properties file appropriate for your platform and the ORB in question:

   AIX

   $ORBDIR/bin/aix4-r1/LOCKCfg.properties

   Solaris

   $ORBDIR/bin/solaris2/LOCKCfg.properties

   where $ORBDIR is the directory associated with the ORB.

2. Set the DISPLAY environment variable in the LOCKCfg.properties file by adding a line like:

   DISPLAY=hostname:0.0
   

   where hostname is the fully qualified name of the system where you want the Tivoli Console to be displayed. This system could be either the UNIX system itself or a remote system. If you do not know the name of the UNIX system, use the hostname command to find it.

   Be careful not to press Return after adding the DISPLAY line. If the LOCKCfg.properties file has a blank line in it (even at the end) the subsequent start of the ORB might fail with a malloc error.

   Note: XWindows security must be set appropriately on the system where you want the Tivoli Console to be displayed by using xhost +.

3. If the ORB is already running, stop it using wcmd orb shutdown.
4. Issue an xhost + command.
5. Restart the ORB, to pick up the change.

On UNIX systems, you can start the Tivoli Console by entering the following commands:

. ./setupEnv.sh
JCLaunch.sh

The JCLaunch.sh script is available after the PsJcLauncherService is active.

If you are starting the Tivoli Console on a UNIX machine and using Hummingbird Exceed, be sure to use version 6.2.0.16 or later. Earlier versions might cause the start of the Tivoli Console to hang without any indication of an error.

Link to the Readme File on Windows Systems Might Not Work

After the installation program runs, an entry for Tivoli Kernel Services 1.1.0 is added to the Programs menu. The link to the Readme from that entry might fail, or generate a misleading error message, if Netscape Navigator is the default Web browser on the system. If the launch of the readme file fails, point your browser to the appropriate location, such as:

C:\Tivoli\readme\readme.htm

Icon for Tivoli Console Might Remain on Desktop After Uninstall

After uninstalling the installation depot or a Tivoli Console server on Microsoft Windows, the Tivoli Console icon might still appear on the desktop. To remove the icon, right click on the icon and click Delete.

Ping and Traceroute of GatewayIPService Require Administrator Authority on Windows

Users running on Windows NT or Windows 2000 systems must have Administrator authority to use the ping and traceroute commands of the GatewayIPService. You can disable the security check by editing the Windows registry and creating the following variable and setting its value to DWORD 1:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Afd\Parameters\DisableRawSecurity

Always make a backup of your registry before changing it. You must restart your computer for the change to take effect.

(This is a feature of Windows platforms that only users with Administrator authority can create ICMP raw packets. Those packets are used by the ping and traceroute commands. The URL for the problem resolution is http://support.microsoft.com/support/kb/articles/Q195/4/45.ASP)

Stopping ORBs

Tivoli Kernel Services ORBs should be stopped using the ORB shutdown command:

wcmd orb shutdown

or using the methods outlined in Chapter 5 "Stopping an ORB" in the Installing Tivoli Kernel Services document.

If an ORB appears to be hung and is not responding to commands directed to it, you can terminate the ORB using the standard operating system functions, such as kill or the Windows Task Manager. However, use caution when terminating an ORB in this matter. If an ORB is stopped while writing data to the security registry, the ORB might end up in an inconsistent state, possibly requiring a re-install to correct the problem.

ORB Taking java.net.UnknownHostException Exceptions

During either installation or normal running of Tivoli Kernel Services, an ORB might unexpectedly take java.net.UnknownHostException exceptions. This exception usually occurs in multi-domain environments where the short name for the machine, instead of its fully qualified host name, was used or exported.

To determine if this was the cause of the exception, locate the exception in the Local ORB Creator and Killer (LOCK) output log. For a failure during the installation program, the exception might look similar to this:

2000.10.31 17:21:57.089 BootPrintNSInstall registerOrb(BootPrintNSInstallData, LocalOrbVault)
  RuntimeRemoteException( : java.net.UnknownHostException: kpg057 )
        at java.lang.Throwable.fillInStackTrace(Native Method)
        at java.lang.Throwable.fillInStackTrace(Compiled Code)
        at java.lang.Throwable.(Compiled Code)
        at java.lang.Exception.(Compiled Code)
        at java.lang.RuntimeException.(RuntimeException.java:37)
        at com.objectspace.voyager.RuntimeRemoteException.(RuntimeRemoteException.java)
        at com.objectspace.voyager.Proxy.osInvoke(Proxy.java)
        at com.objectspace.voyager.Proxy.osobjectInvoke(Proxy.java)
        at com.tivoli.core.ns.NetSecurityService_IProxy__Proxy.issueNewOrbCertificate(Unknown Source)
        at com.tivoli.core.ns.BootPrintNSInstall.registerOrb(Compiled Code)
        at com.tivoli.core.ns.BootPrintNSInstall.installNS(BootPrintNSInstall.java:57)
        at BPNetSecuritySetup.configure(BPNetSecuritySetup.java:73)
        at States$getInstallerIdAndPassword_State.valid(States.java:695)
        at States$getInstallerIdAndPassword_State.run(Compiled Code)
        at TKSInstall.install(Compiled Code)
        at TKSInstall.main(Compiled Code)

In the example above, the name of the unknown host is kpg057. If that name corresponds to a machine in your domain, such as kpg057.mycompany.com, verify that you have network connectivity to it by using the ping command. If you have connectivity using the fully qualified host name, the use of the short name is the most likely cause of the exception.

A workaround for this situation is to ensure that all machines in the Tivoli Kernel Services installation can be identified by their short names. To do this:

1. Shut down all the ORBs running in the installation.
2. Modify the /etc/hosts files on each machine to map the short names of each machine to the fully qualified host name. Be sure to include the machine on which you encountered the exception.
3. Restart the ORBs that were running.
4. Restart the ORB that initially took the exception (or run the installation program again if the failure occurred during an install.)

wcmd Directed to an ORB Fails With Message FNGOB3013E

If you are certain that an ORB is up and running, but when you direct a wcmd to it using the -i option you receive the following message:

FNGOB3013E No CLI server found for ORB ID nnnnnnnn

You might want to check the Local ORB Creator and Killer (LOCK) output log to see if a java.net.UnknownHostException occurred. If an exception occurred, see the workaround information in ORB Taking java.net.UnknownHostException Exceptions.

Using Exceed to Install on UNIX Systems

If you plan to use Hummingbird Exceed to install Tivoli Kernel Services on a UNIX system remotely from a Microsoft Windows system, use version 6.2.0.16 or later. Earlier versions might not work as expected. If you use a lower-level version, the installation program might fail with an error indicating that there is a missing class file.

Changing the Encryption Strength Used in ORB Communications

To change the strength of the encryption used in SSL (secure socket layer) communications, use the wcmd cfg command to change the encryptionStrength key in the configuration node com/tivoli/core/orb/ssl to the desired value:

WEAK

Use 40-bit encryption (the default)

STRONG

Use 128-bit encryption

You will need to recycle the ORB for these changes to take effect.

Windows Application Event Log Can Fill Up on MQSeries Servers

An MQSeries server running on a Windows system might generate a lot of events that could result in the Application Event Log filling up. To correct this problem, increase the size of the Application Event Log, or enable the wrapping of events in the log.

Tivoli Kernel Services Requires Fully Qualified Host Names

Some machines might be configured to return a short host name, such as kendall instead of a fully qualified host name, such as kendall.myorg.mycompany.com. This causes problems for several Tivoli Kernel Services components which are expecting the ORB to always be using fully qualified host names.

To ensure that your operating system is configured to return a fully qualified host name:

Solaris

Verify that the /etc/resolv.conf file exists and contains the appropriate information, such as:

domain myorg.mycompany.com
nameserver 123.123.123.123

A short host name is used if the /etc/nsswitch.conf file contains a line that starts with:

  hosts:     files

and the /etc/hosts file contains the short name of the machine. To correct this:

1. Change the line in the /etc/nsswitch.conf file to:

     hosts:    dns nis files
   

2. Stop the inet service:

      /etc/init.d/inetsvc stop
   

3. Restart the inet service:

      /etc/init.d/inetsvc start
   

4. Recycle the ORB to pick up the change.

Windows NT

Specify a Primary DNS Suffix in the Network settings (Start -> Settings -> Control Panel -> Network -> Protocols -> Properties... -> DNS)

Reboot the machine when prompted.

Windows 2000

There are two places where the Primary DNS Suffix can be set, in Network Identification and in your system properties. To confirm that the Primary DNS Suffix is properly set:

1. Right click on My Computer and click Properties.
2. Click the Network Identification tab.
3. Confirm that the Full Computer Name field displays the fully qualified host name.

If this field does not contain a fully qualified host name:

4. Click on Properties and then More....
5. Enter your domain information in the Primary DNS suffix for this computer field.

Reboot the machine when prompted.

AIX

The default domain name search order is:

• BIND/DNS (named)
• Network Information Service (NIS)
• Local /etc/hosts file

To ensure that AIX always provides a fully qualified host name:

1. Verify that the /etc/resolv.conf file exists and contains the appropriate information, such as:

   domain myorg.mycompany.com
   nameserver 123.123.123.123
   

(If the /etc/resolv.conf file does not exist, the /etc/hosts file is always used.)

2. If nis+ is installed, the /etc/irs.conf file overrides the default behavior.

    hosts = bind,local
   

3. The /etc/netsvc.conf file, if it exists, overrides the /etc/irs.conf file as well as the system default behavior.

    settings in the /etc/irs.conf file
    hosts = bind,local
   

4. If the NSORDER environment variable is set, it overrides all of the above.

     export NSORDER=bind,local
   

5. If only the /etc/hosts file is used, the fully qualified host name must be the first one listed after the IP address.

FNGMS0007E Subscription references non-existent queue suffixed.java.lang.Object/com.tivoli.tes.TESTopicImpl/
FNGMS0007E Subscription references non-existent queue java.lang.Object/com.tivoli.tes.TESTopicImpl
FNGMS0008E Orphaned subscriber discovered java.lang.Object/com.tivoli.tes.TESTopicImpl
FNGMS0009I MQSeries subscription was successfully deregistered java.lang.Object/com.tivoli.tes.TESTopicImpl
FNGMS0011E Unable to delete orphaned subscriber, MQSeries may become unstable java.lang.Object

FNGCS0032E The security context for principal system/services/principals/serviceManager has either expired or is not valid.

wcmd cfg put /com/tivoli/core/time
    SERVER_LIST="timeserver.almaden.ibm.com timeserver.raleigh.ibm.com"

tail -f tksOut.log