Skip to Content
Information
Unsupported content This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Agent and NSH updates for SP3

In BMC Server Automation 8.3 SP3, Agent and NSH are updated as follows:

Openssl version upgrade

In BMC Server Automation 8.3 SP3, the Openssl version is upgraded to 0.9.8y.

RSCD Agent upgrade

You can now upgrade the RSCD agent to the version of the Application Server, by using the BMC Server Automation built-in Agent Installer Job. The installation of RSCD agents can be done through the GUI or through the CLI. The upgrade can be performed on the following platforms:

  • Solaris
  • Linux
  • Windows
  • AIX
Warning

Note

  • Upgrading the RSCD agents is done through the Agent Installation wizard. The same wizard is updated with UI changes to enable Upgrading.
  • Shell to native agent installer upgrade is not supported for for HP-UX platform.

For more information about upgrading the RSCD Agents, see Upgrading-the-RSCD-Agent-using-an-Agent-Installer-Job.

Default NSH roles are not required

BMC Server Automation 8.3 SP3 allows you to remove a given user from showing up in NSH only ACLs, during an ACL Push job. It is no longer necessary that each user has a default NSH role and the default NSH role can be left blank.

User_info.dat authentication for AD

In earlier releases, user_info.dat could only be used for SRP authentication with blcred to authenticate without providing the password explicitly. Now, this functionality is extended to Domain authentication and LDAP authentication methods also.

New keepalive setting for NSH connections

To ensure that NSH to RSCD connection remains alive and is not killed due to connection time out, you need to configure a keepalive setting through the secure file. This setting controls the frequency that the client sends a keepalive message to the target server, and is required only on the client side (and not required at the remote target that runs the RSCD Agent).

client_keepalive_time = <value in seconds>

See the following steps to configure the client_keepalive_time field:

  1. Go to the RSCD folder on Client Application server.
  2. Open the secure file. The following sample options are displayed by default:
    rscd:port=4750:protocol=5:tls_mode=encryption_only:encryption=tls
    default:port=4750:protocol=5:tls_mode=encryption_only:encryption=tls
  3. Append client_keepalive_time = <value in seconds> to the second line, where <value in seconds> is an integer greater than or equal to zero and it looks like as follows:
    default:port=4750:protocol=5:tls_mode=encryption_only:encryption=tls:client_keepalive_time=10:

Limiting NSH access to the role on targets

When ACL Push option (set via blasadmin ACL Push namespace) RevokeNshAccessWhenOnlyComponentAccessGranted  is set to TRUE will cause the ACL Push file to limit user access to the Configuration Manager (if that user has access to a server via components and not directly on the server itself).

ACL Push jobs will log only errors and failures

ACL Push Job can now have their Job Log messages limited to errors and failures. When the blasadmin setting ACLPush LogOnlyErrorsOrWarningOnAclPush is set to TRUE, INFO messages are eliminated and error and warning messages are retained.

Ability to configure Role:* during ACL Push

When the blasadmin setting ACLPush UserWildcardOnAclPush is set to TRUE, it causes ACL Push jobs to use a single line of <ROLE>:* instead of individual lines of <ROLE>:<USER>.  This reduces the size of the user file that is pushed to each agent.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Server Automation 8.3