Security Configuration for DSMIT

This procedure requires you to respond to a series of interactive prompts and to perform a set of offline actions on the managing and managed systems.

Before you begin with the following procedure, identify the systems that will be managed. If you had a previous version of DSMIT, the /usr/share/DSMIT/hosts file on the managing system will contain the names of the managed systems. Otherwise, if you have a large number of managed systems, you should enter their names in a file to use in the following procedure.

To start DSMIT security configuration, follow these step s:

1. At the command prompt, enter:

   dsmit-init

   A screen appears with options to initialize or modify the DSMIT security configuration.
2. Select Initialize DSMIT Security Configuration.

   A screen appears where you can select the following options:

   Easy Initialization	Use if you plan to have only one managing system.
   Custom Initialization	Use if you plan to have multiple managing systems sharing DSMIT configuration files from a central DSMIT configuration files server.

   Notes:

   1. If you select Easy Initialization now, you can add managing machines later using the "Modifying DSMIT Security Configuration" procedure.
   2. There are sample programs located in /usr/dsmit/samples that can assist you in performing the off-line actions.

Easy Initialization

When you select the Easy Initialization option, the system where you are running this task is configured as the managing system and DSMIT configuration file server.

1. DSMIT ADMINISTRATORS appears. Enter the login ID and password for the DSMIT administrator.

   Note: You must enter a unique password for each DSMIT administrator you specify. If you want to establish single sign-on for a DSMIT administrator, the DSMIT password must be the same as the AIX login password. See "Establishing Single Sign-On" procedure for more information.

2. DSMIT MANAGED MACHINES appears. Enter the hostnames for the machines you want managed.

   Note: If you have a file containing the names of the managed machines, enter its filename. Otherwise, you can enter the machine names one at a time.

3. OFFLINE ACTIONS appears. Perform the specified tasks on the managed machines to complete the DSMIT security configuration.
4. Erase the files in /tmp/dsmit on the managing machine when you have successfully completed the offline actions.

Custom Initialization

When you select the Custom Initialization option, the prompt for DSMIT CONFIGURATION FILE SERVER appears.

1. Enter the system name where you want to store the DSMIT configuration files. The DSMIT server code must be installed on the system, but it does not have to be designated as a managing system.
2. DSMIT ADMINISTRATORS appears. Enter the login ID and password for the DSMIT administrator.

   Note: You must enter a unique password for each DSMIT administrator you specify. If you want to establish a single sign-on for a DSMIT administrator, the DSMIT password must be the same as the AIX login password. See "Establishing a Single Sign-On" procedure more information.

3. DSMIT MANAGING MACHINES appears. Enter the hostname of the managing machine.

   Note: You can specify more than one managing system. They will all share the DSMIT configuration data stored on the DSMIT configuration file server.

4. DSMIT MANAGED MACHINES appears. Enter the hostnames for the machines you want managed.
5. OFF-LINE ACTIONS appears. You must perform the specified tasks on the managing and managed machines to complete DSMIT security configuration.
6. Erase the files in /tmp/dsmit on the system where you are running the dsmit-init command.

   Note: The offline actions are saved in /tmp/dsmit.offline.

Related Information

Distributed System Management Interface Tool (DSMIT) Overview.

The installp command.

The inetd daemon.

inetd.conf file format for TCP/IP, services file format for TCP/IP.