Product:
Cognos Controller 10.3.1
Microsoft Windows 2012 server

Problem:
Several controller users are thrown out of the cognos controller client at reporting week.

Error message:

Solution:
Check the firewall between the servers, controller servers and citrix servers.
Is there any new rules that have been implemented?

Does other application that also use citrix servers have issues with connection losses?

Turn off aggressive Aging in your firewall.

 

Also check if the Windows SQL server demand TLS 1.2, and you need to update the Windows registry to not use TLS 1.2 communication on the cognos servers. Set this values on cognos server:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]

“DisabledByDefault”=dword:00000000

“Enabled”=dword:00000001

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]

“DisabledByDefault”=dword:00000000

“Enabled”=dword:00000001

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]

“DisabledByDefault”=dword:00000000

“Enabled”=dword:00000000

If it does not help, then also try to change the DoS attacks settings in Windows;

https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=6859390e-7047-41d2-930e-a1ecd87ba3bb&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments

A change in TCP/IP service are going to enable DoS protection.

  1. Run regedit.exe
  2. Navigate to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters registry subkey.
  3. From the Edit menu, select New, DWORD Value.
  4. Enter the name TcpMaxHalfOpen, then press Enter.
  5. Double-click the new value, set it to 100, then click OK.
  6. Enter the name TcpMaxHalfOpenRetried, then press Enter.
  7. Double-click the new value, set it to 80, then click OK.
  8. Enter the name SynAttackProtect, then press Enter.
  9. Double-click the new value, set it to 1, then click OK.
  10. Reboot the machine.

If above is set, try to remove it with SynAttackProtect value set to 0.

When SynAttackProtect value is 0, it offers no protection. Value 1 indicate to delay the response Notification untill three way handshake is complete by the received by the SYN packet. By default, this is not invoke untill it exceeds the TcpMaxHalfOpen and TcpMaxHalfOpenRetried values. The values TcpMaxHalfOpen and TcpMaxHalfOpenRetried could be changed, and I strongly recommend to test with different settings in your environment, then choose the best ones.

https://www.informit.com/articles/article.aspx?p=371702

More Information:
https://sc1.checkpoint.com/documents/R76/CP_R76_IPS_AdminGuide/12857.htm

Understanding Aggressive Aging

To increase gateway stability, aggressive Aging helps manage the capacity of the connection table and gateway memory consumption.

Aggressive Aging introduces a new set of short timeouts called aggressive timeouts. When a connection is idle for more than its aggressive timeout, it is marked as “eligible for deletion”. When the connections table or memory consumption reaches a user defined threshold, Aggressive Aging begins to delete “eligible for deletion” connections until memory consumption or connection capacity falls to the desired level.

Aggressive Aging lets the Security Gateway handle large amounts of unexpected traffic, for example during a Denial of Service attack.

If the defined threshold is exceeded, each incoming connection triggers the deletion of ten connections from the “Eligible for Deletion” list. An additional ten connections are deleted with every new connection until the memory consumption or the connections capacity falls below the enforcement limit. If there are no “Eligible for Deletion” connections, no connections are deleted but the list is checked for each subsequent connection that exceeds the threshold.

Timeout settings are a key factor in memory consumption configuration. When timeout values are low, connections are deleted faster from the table, enabling the firewall to handle more connections concurrently.

Best Practice: When memory consumption exceeds its threshold, work with shorter timeouts that can maintain the connectivity for the majority of the traffic.

In the Aggressive Aging Timeouts are enforced when section, select whether they will be enforced if the Connections table exceeds a limit, if Memory exceeds a limit, or if both exceed their limits.

If you select both, the values in the percentage fields of the other options are applied. Default is 80%, with connections from the “Eligible for Deletion” list being deleted if either the Connections table or Memory consumption passes this limit.

Note – The limits for the Connections table and Memory consumption are set for each profile. The Aggressive Aging timeouts are global. Therefore: different gateways may enforce the same timeouts at different thresholds.

Activate this protection in either Prevent or Detect mode.

Product:
Cognos TM1 10.2.2
Microsoft Windows 2008 server

Problem:
Can not connect to TM1 server from client TM1 Architect.
Error:  TM1 Perspectives cannot connect to TM1 Admin server

Solution:
Check that you have access to the TM1 admin server, by run telnet from the DOS prompt your client computer;

TELNET  servername  5498

if you get a black screen, and no error message, then you have a open connection.

Then check that you have the same version on you client as on the TM1 server.

You can check the file tm1api.dll in folder C:\Program Files\ibm\cognos\tm1_64\bin

Above the 10.2.2 TM1 client in RTM version.

Above the TM1 10.2.2 fix pack 7 version.  Version number 10.2.20700

https://www.ibm.com/support/pages/how-determine-exact-version-tm1-installed

If you do not have correct version, uninstall the TM1 client from your computer.

Install the correct program and update, and try again.

Run tm1_64b_10.2.2_win_ml.tar.gz and then up_tm1client_win64_10.2.5270.109_ml.tar.gz to install the needed software.

More Information:

https://www.ibm.com/support/knowledgecenter/SSD29G_2.0.0/com.ibm.swg.ba.cognos.tm1_inst.2.0.0.doc/c_tm1_inst_defaultvaluesfortm1installation.html

https://www.ibm.com/support/pages/ibm-cognos-tm1-ssl-expiration-manual-fix-approach-landing-page

https://www.ibm.com/support/pages/node/553505

https://www.ibm.com/support/pages/e4-cannot-connect-admin-server-host-and-port-caused-expired-ssl-certificates

Product:
IBM Cognos Controller 10.3.1
Microsoft Windows 2008 R2 server
Microsoft Excel 2008

Problem:
When inside Cognos Controller click on the icon to start excel, you get a error;
APPCRASH. CCR.exe

Error:

Solution:
Install a newer version of Excel.

Cognos Controller 10.3.1 only supports excel version 2010, 2013 and 2016.

 

https://www.ibm.com/support/pages/ibm-cognos-controller-1031-supported-software-environments

 

Product:
Cognos Analytics 11.1.5
Microsoft Windows 2016 server
Linux red hat 7.7 or other flavor

Problem:
How install cognos jupyter notebook on linux?

Solution:
Download the file from IBM;
IBM Cognos Analytics for Jupyter Notebook 11.1.5 Linux x86-64 Multilingual CC4QEML
https://www.ibm.com/support/pages/downloading-ibm-cognos-analytics-11150

Install instructions:
https://www.ibm.com/support/knowledgecenter/SSEP7J_11.1.0/com.ibm.swg.ba.cognos.inst_cr_winux.doc/t_inst_jupyter.html
Check what linux version jupyter notebook is supported on.

Help for linux commands:
https://ss64.com/bash/

Login to your linux server with putty:
https://www.ssh.com/ssh/putty/windows

Change to root user
sudo su

Check free disk space on server with
df -h

Ensure you have 200 GB free for you IBM folder and 200 Gb free for you folder where you store the docker containers.

Install docker:
 sudo yum install -y docker
sudo systemctl enable docker.service
sudo systemctl start docker.service

Create the docker user:
groupadd docker
useradd -G docker dockeruser

Create the folders we need:
mkdir -p /ibm/jupyter
mkdir -p /ibm/install

Copy the media with WINSCP to linux box folder /ibm/install
https://www.doteasy.com/web-hosting-getting-started/uploading-your-web-files-using-winscp-windows

Create a text file in Notepad++ with below content:


#
# Replay feature output
# ———————
# This file was built by the Replay feature of InstallAnywhere.
# It contains variables that were set by Panels, Consoles or Custom Code.

#false
#—–
BISRVR_CA_INSTALL=0

#true
#—-
BISRVR_CA_TOOLS_INSTALL=1

#false
#—–
CA_FM=0
CA_LCM=0
CA_DCUBEMODEL=0
CA_DQA=0

#true
#—-
CA_JUPYTER=1

USER_INSTALL_DIR=/ibm/jupyter


Save the file as responsefile.properties in folder /ibm/install

Change the rights on the file, so dockeruser can access it
chown dockeruser:docker responsefile.properties

Run the unattended install:
Make dockeruser able to run docker commands
 chmod 666 /var/run/docker.sock

Change to dockeruser
sudo su dockeruser

Go to the /ibm/install folder
 cd /íbm/install

Enter this command
 ./ca_instl_lnxi38664_2.0.191205.bin -DREPO=/ibm/install/ca_jupyter_lnxi38664_11.1.5.zip -f responsefile.properties -i silent

Check the log file for errors – in folder /ibm/jupyter/uninstall/logs

Install jupyter:

Go to folder /ibm/jupyter/dist/scripts/unix

Enter ./install.sh to run the installation

When finish, test the notebook, from IE browse to it at http://linuxservername:8000

If above show, then you are a success, go then to Cognos Analytics.

 

If you get a error during install like;

Error step 3/12 : Copy –chown=ca_user:users pip.conf $HOME/.config/pip/ .
Unknown flag: chown

Above error is solved by replace the file “Dockerfile_server_instance” with this content:


# IBM Cognos Products: Notebook

FROM ca_jupyter_server_instance_original:installed

USER ca_user

WORKDIR $HOME

# copy additional_packages & install if not empty

# COPY –chown=ca_user:users pip.conf $HOME/.config/pip/.

# COPY –chown=ca_user:users additional_packages.txt .

# Change below

COPY additional_packages.txt  .

USER root

RUN chown ca_user:users additional_packages.txt

USER ca_user

WORKDIR $HOME

COPY pip.conf $HOME/.config/pip/.

USER root

RUN chown -R ca_user:users $HOME

USER ca_user

WORKDIR $HOME

# Stop change

RUN if [ -s additional_packages.txt ]; then \

pip install –user -r additional_packages.txt; \

fi \

&& rm additional_packages.txt

# install certificates for trusted external servers as root

USER root

WORKDIR /tmp

COPY build-tmp certificates

RUN if [ `ls -1 /tmp/certificates/*.crt 2>/dev/null | wc -l` -ne 0 ]; then \

cp /tmp/certificates/*.crt /usr/local/share/ca-certificates/; \

chmod 754 /usr/local/share/ca-certificates/*.crt; \

update-ca-certificates; \

fi \

&& rm -rf certificates

# switch to notebook user

USER ca_user

WORKDIR $HOME


Save the file as Dockerfile_server_instance2
Copy the file over to  /ibm/install/ folder on the linux server
Rename the Dockerfile_server_instance to Dockerfile_server_instance_org
Rename the Dockerfile_server_instance2 to Dockerfile_server_instance

Change access to the file
chmod 755  Dockerfile_server_instance

Run the install again from the unix folder
./install.sh

 

https://pypi.org/project/pixiedust/#files

If you get a error like Could not fetch URL https://pypi.org/simple/pixiedust/: There was a problem confirming the ssl certificate HTTPSConnectionPool (host=’pypi.org’, port=443): Max retries exceeded with url: /simple/pixiedust….

Then the Linux box have not access to internet, and can not download the software. Solve by temporary allow the Linux box Internet access during installation.

You can also try to do this steps:

Open IE on your laptop and paste this line, to download the tar file.

https://files.pythonhosted.org/packages/16/ba/7488f06b48238205562f9d63aaae2303c060c5dfd63b1ddd3bd9d4656eb1/pixiedust-1.1.18.tar.gz

Copy the pixiedust-1.1.18.tar.gz file over to /ibm/install folder on linux server with WINSCP program.

Change the user access
chown dockeruser:dockeruser pixiedust-1.1.18.tar.gz

Extract the file with command
  tar -xvf pixiedust-1.1.18.tar.gz

Change the owner of all files in folder with command
chown dockeruser:docker pixiedust-1.1.18

Go to folder /ibm//jupyter/dist/scripts

Edit the file additional_packages.txt

nano additional_packages.txt

Comment out all the lines and then add the following line:

–no-index –find-links=/ibm/install/pixiedust-1.1.18  pixiedust

Save the file and exit nano program

Go to the folder unix and run the install again;

cd /ibm/jupyter/dist/scripts/unix

 ./install.sh

Change on IIS server:

https://www.ibm.com/support/knowledgecenter/SSEP7J_11.1.0/com.ibm.swg.ba.cognos.inst_cr_winux.doc/t_gateway_iis.html

  • If you want to integrate Cognos Analytics for Jupyter Notebook Server, you must add a rule to map WebSocket requests from IBM Cognos Analytics notebooks to the back end Jupyter Notebook Server.

For more information, see Installing IBM Cognos Analytics for Jupyter Notebook Server.

Important You must also install WebSocket Protocol support in IIS. For more information, see WebSocket <webSocket> (https://docs.microsoft.com/en-us/iis/configuration/system.webserver/web socket).

  1. Select the ibmcognos alias. Click on URL rewrite icon.
  2. Click Add Rules > Inbound Rules > Blank Rule .
    • If proxies are not already enabled, you are prompted to enable. Click OK.
    • The server name and port are defined in the config.conf file when you configure Jupyter Notebook Server.
    • Select the newly created rule and click Edit.
    • Pattern is v1/jupyter/(user/[^/]*)/(api/kernels/[^/]+/channels)
    • Action type is Rewrite.
    • Rewrite URL (for SSL configurations) is https://jupyter_host_name:jupyter_host_port/bi/v1/jupyter/{R:1}/{R:2}

Note For non-SSL configurations use the following rewrite URL: http://jupyter_host_name:jupyter_host_port/bi/v1/jupyter/{R:1}/{R:2}

    • Check Append query string.
    • Check Stop processing of subsequent rules.
    • Click Apply and Back to Rules.
  • exit iis manager.

If above step is missed you get above error.

Enable jupyter notebook in CA11

Login to CA11 as administrator


Go to Manage
Click on configuration
Click on system
Click on environment
At Jupyter service location enter linux server name as

 http://linuxservername.domain.com:8000

Click Apply
Refresh the web page in the web browser (IE)
Click on new
Click on notebook

Enter import pixiedust to test

Import Samples to Cognos Analytics versions 11.1.5

  1. Copy the deployment archive, IBM_Cognos_Notebook_Samples.zip, for the notebook samples into the deployment folder: cognos_analytics_server_install_location\deployment.
  2. Go to Manage > Administration console and open IBM Cognos Administration.
  3. On the Configuration tab, click Content Administration.
  4. On the toolbar, click the New Import icon New import icon.
  5. Select IBM_Cognos_Notebook_Samples in the first step of the New Import wizard.
  6. At the Run with options screen, ensure that Do not Assign new IDs during import is selected. Click Run and complete process using default settings.
  7. After the import is complete, you can navigate to the notebook samples by clicking Team content > Samples > By feature > Notebooks.

https://www.ibm.com/support/knowledgecenter/SSEP7J_11.1.0/com.ibm.swg.ba.cognos.ig_smples.doc/c_jup_not_samples.html

https://www.ibm.com/support/pages/node/1125165 

The docker images are normally in folder /var/lib/docker/overlay2 folder

https://www.freecodecamp.org/news/where-are-docker-images-stored-docker-container-paths-explained/

More Information:

https://www.edx.org/course/fundamentals-of-red-hat-enterprise-linux

https://www.redhat.com/en/services/training/rh024-red-hat-linux-technical-overview

The folder dist/scripts/unix contains all the scripts that you need to run.

Script Purpose
build.sh Run this to rebuild the images, after you change config.
config.conf Edit this configuration file to change Jupyter parameters.
install.sh Run this to load and start the Docker containers.
prune.sh Run this to remove old Docker images.
start.sh Run this to start the Jupyter server.
stop.sh Run this to stop the Jupyter server.
uninstall.sh Run this to uninstall Jupyter server.

https://www.ibm.com/support/knowledgecenter/SSEP7J_11.1.0/com.ibm.swg.ba.cognos.inst_cr_winux.doc/t_inst_jupyter.html

Product:
Cognos Enterprise Planning 10.2.1
Microsoft Windows 2012 R2 Server

Problem:
When doing a large publish from inside Contributor Administration Console (CAC) to a SQL 2017 server an a different computer, you get a error at random times. It can work, but most of the time the publish fail.


The cognos planning publish process stop at different BCP jobs, and you can find the errors in the -out file. Best practice is to set the cognos planning services system path to a separate folder, then can you easy find the log files for cognos planning.

Error message:
Error Number: -2147220469
Line Number: 400
Description: Unable to execute Job Item
Execution failed after 1 attempt(s).
Unable to Bulk Load the data.
Error found in output.
SQLState = 08001, NativeError = 10054
Error = [Microsoft][ODBC Driver 17 for SQL Server]SSL Provider: An existing connection was forcibly closed by the remote host.
SQLState = 08001, NativeError = 10054
Error = [Microsoft][ODBC Driver 17 for SQL Server]Client unable to establish connection

Suggested Solution:
On both your SQL server and Cognos Planning server update the registry with this values, to turn off TLS 1.2 usage:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]

“DisabledByDefault”=dword:00000000

“Enabled”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]

“DisabledByDefault”=dword:00000000

“Enabled”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]

“DisabledByDefault”=dword:00000000

“Enabled”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]

“DisabledByDefault”=dword:00000000

“Enabled”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]

“DisabledByDefault”=dword:00000000

“Enabled”=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]

“DisabledByDefault”=dword:00000000

“Enabled”=dword:00000000

TCP/IP Registry Values That Harden the TCP/IP Stack ( Windows 2003 Servers )

If that does not help then add this value on the SQL server in registry;

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]

“SycAttackProtect”=dword:00000000

This turn of DoS protection.
https://social.technet.microsoft.com/Forums/en-US/c55aa101-059d-491e-9fc2-73b5d8171eb8/protect-against-syn-attacks?forum=winservergen

You may need to reboot the servers to make the change take affect.

And if that does not help – install a later SQL driver on you cognos planning server, download from Microsoft and install.
https://www.microsoft.com/en-us/download/details.aspx?id=56567

https://docs.microsoft.com/en-us/sql/connect/odbc/download-odbc-driver-for-sql-server?view=sql-server-ver15

You can check the version of SQL driver you have, by going to the DOS prompt, and enter commando:
 bcp /v
to see version in use.

You may need to update the PATH on your windows server, to have the new driver folder first in path – so it is used by Cognos Planning.

Go to control panel – system – advance system settings
Click on Advance tab – click on Environment Variables
In System variables select path and click Edit
Add the SQL driver path to beginning of the path like; %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\

More information:

https://support.microsoft.com/sv-se/help/3135244/tls-1-2-support-for-microsoft-sql-server

https://books.google.se/books?id=VaS1U0gmiKoC&pg=PT233&lpg=PT233&dq=Value+name:+SynAttackProtect&source=bl&ots=RG8Vw1G676&sig=ACfU3U3St9O7S3H3F16RuePtgtNUoJL_YA&hl=sv&sa=X&ved=2ahUKEwiDiafAuszoAhUwwqYKHf0GDqUQ6AEwAXoECAsQLA#v=onepage&q=Value%20name%3A%20SynAttackProtect&f=false

https://docs.microsoft.com/en-us/sql/relational-databases/errors-events/mssqlserver-17832-database-engine-error?view=sql-server-ver15

https://community.hostek.com/t/ssl-security-error-for-microsoft-sql-driver/348

Server Hardening

Product:
Cognos Planning 10.2.1
Microsoft Windows 2012

(This text is partly a copy from IBM web site – to keep it, in case it is removed)

Problem

Previously, to perform a complete IBM Cognos Planning 10.2.1 installation, you had to obtain the Planning 10.2.1 components and the BI Server 10.2.2 components from separate locations. Now, however, you can download and install all components from one location in IBM Passport Advantage.

Resolving The Problem

This document walks you through the process of replicating the Planning Complete installation with the current version. The installation Kits for Planning 10.2.1 are full installs, and thus not able to upgrade any existing installation.

Downloading IBM Cognos Planning 10.2.1

To download and install the IBM Cognos Planning 10.2.1 eAssembly, follow the steps in Downloading IBM Cognos Planning 10.2.1.

The eAssembly consists of:

  • Planning Client (eImage: CNLY3ML)
  • Planning Server (eImage: CNLY4ML)
  • Planning Administration (eImage: CNLY5ML)
  • Planning Gateway (eImage: CNLY6ML)
  • Framework Manager 10.2.2 (eImage: CN1YRML)
  • BI Server 10.2.2 32-bit (eImage: CN1YNML)
  • BI Server 10.2.2 64-bit (eImage: CN1YPML)

Note: A corresponding Cognos Planning non-production eAssembly is also available.

https://www.ibm.com/support/pages/cognos-planning-1021-fix-lists

If you are an existing BI customer, you may use your existing install if it is version 10.2.2 or above. If you are a Cognos Analytics customer, you can use your existing install if it is CA 11.0.7 or above. You can use either 32 or 64 bit.

https://www-01.ibm.com/support/docview.wss?uid=swg21991239

Installing and configuring the components

Once you have downloaded the kits you need, you can start to install.

The BI server and the planning code must be installed in separate directories on your disk.

For example, and for the rest of this document, we’ll install BI into a folder called BI1022 and the planning software into the EP1021 folder. Recommended to only use short (8 characters) folder names.

You can place these into the root of a drive, below Program Files, or in any other path.

When installing a mixture of 64-bit and 32-bit Cognos products in a single environment, the 32-bit instance of the appropriate version of the BI gateway should be used. The 32-bit Gateway components for each product (Planning, BI, Metric Studio etc.) should all be installed to a single location on the Gateway or web server(s); and the 64-bit BI Gateway component is not required (however it does not need to be un-installed; if you are adding 32-bit components to an existing 64-bit BI environment, you can install each of the 32-bit Gateways to a new location on the server, and then simply re-configure IIS to reference the 32-bit Gateway location).

Step 1 – Install BI Server

Install the BI server kit into BI 10.2.2. This install is very similar to the Planning installs, and it will set up a few start menu icons for you, among which are Cognos Configuration.

Note: You should also install the latest BI 10.2.2 fix pack at this time. It can be downloaded from Fix Central at https://ibm.biz/BdY77S for 32-bit BI and https://ibm.biz/BdY776 for 64-bit BI.

https://www.ibm.com/support/pages/cognos-business-intelligence-1022-fix-lists

You need to copy the sqljdbc42.jar file to folder D:\ibm\bi1022\c10_64\webapps\p2pd\WEB-INF\lib

Step 2 – Install Planning Gateway

Install the Planning Gateway install Kit into the same location as the BI server. This will put some extra static files into the right folders in the BI server location. (This assumes that the BI gateway is on the same computer as the BI server. If the BI gateway is installed elsewhere the Planning Gateway should be installed on top of that).

 

Step 3 – Configure BI Server

Start Cognos Configuration that was just installed. You will see that this looks very similar to the configuration you are used to seeing in previous Planning versions. This will allow you to connect to a content store, and set up any security namespace that you need.

Setup Content Store

  1. Create a database using your Microsoft SQL Server administration tools.
    1. Ensure that the collation sequence for the database is case insensitive.

      In a custom installation, you choose a collation sequence, which includes character sets and sort order, during the Microsoft SQL Server setup. In a typical installation, the installation uses the locale identified by the installation program for the collation. This setting cannot be changed later.

    2. Ensure that TCP/IP connectivity is used for Microsoft SQL Server.
  2. From the Start menu, click Programs then click IBM Cognos 10 then click IBM Cognos Configuration.
  3. In the Explorer window, under Data Access, Content Manager, right-click Content Store, and click Delete.

    This removes the default content store properties, which are defaulted to use an IBM DB2® database.

  4. Right-click Content Manager, and click New Resource then click Database.
  5. In the Name field, type a name for the resource. Such as Content Store.
  6. In the Type box, select the appropriate Microsoft SQL Server database type, and click OK.

    If you use Windows authentication for your Microsoft SQL Server database, select Microsoft SQL Server database (Windows authentication). If not, select Microsoft SQL Server database.

  7. In Database server and port number, enter the name of your computer and port number on which Microsoft SQL Server is running. For example, localhost:1433. The value 1433 is the default port number used by Microsoft SQL Server. If you are using a different port number, ensure you use that value.
  8. Click the Value field next to the User ID and password property and then click the edit button when it appears. Type the appropriate values and click OK.
  9. In the Properties window, for the Database name property, type the name for your content store database.
  10. Right-click the resource you added for the content store database, and click Test.

    If the test is successful, Content Manager can create the required tables in the content store when you start the IBM Cognos service for the first time. If the connection properties are not specified correctly, you cannot start the IBM Cognos services.

You can also configure dispatchers and set up the connection to the website (Gateway URI).

The website should be set up exactly as you are used to, using IIS or similar software. See existing tech notes on how to do this.

Note: If you are upgrading from a previous install, and you have made customizations to, for example, the Cognos namespace, it would be a good idea to reuse your existing content store database. The upgrade then runs silently, which is the preferred method for a BI upgrade. Ensure that you back up your old content store database, restore it to a DB on your new system, and connect to it in Cognos Configuration.

Setup the connection to active directory

  1. In every location where you installed Content Manager, open IBM Cognos Configuration.
  2. In the Explorer window, under Security, right-click Authentication, and then click New resource > Namespace.
  3. In the Name box, type a name for your authentication namespace.
  4. In the Type list, click Active Directory and then click OK.

    The new authentication provider resource appears in the Explorer window, under the Authentication component.

  5. In the Properties window, for the Namespace ID property, specify a unique identifier for the namespace.
  6. Specify the values for all other required properties to ensure that IBM Cognos components can locate and use your existing authentication provider.
  7. Specify the values for the Host and port property.

    To support Active Directory Server failover, you can specify the domain name instead of a specific domain controller.

    For example, use mydomain.com:389 instead of dc1.mydomain.com:389.

  8. If you want to search for details when authentication fails, specify the user ID and password for the Binding credentials property.

    Use the credentials of an Active Directory Server user who has search and read privileges for that server.

  9. From the File menu, click Save.
  10. Test the connection to a new namespace. In the Explorer window, under Authentication, right-click the new authentication resource and click Test.

    You are prompted to enter credentials for a user in the namespace to complete the test.

    Depending on how your namespace is configured, you can enter either a valid user ID and password for a user in the namespace or the bind user DN and password.

    https://www.ibm.com/support/pages/enabling-single-sign-cognos-secured-against-active-directory

  11. In addition to those steps, if you want to use SSO, an advanced property needs to be set using Cognos Configuration to disable the use of Microsoft Kerberos for single signon like this:
    + In the Explorer window, under Security, Authentication, click the Active Directory namespace.
    + Click in the Value column for advanced properties and then click the edit button

    + In the Value – Advanced properties window, click Add.
    + In the Name column, type singleSignonOption (Case sensitive)
    + In the Value column, type IdentityMapping (Case sensitive)
    + Click OK.

Step 3a – Configure IIS Server

  1. In the Microsoft Windows Control Panel, click Programs > Programs and Features.

    If you are using Microsoft Windows 8 or 2012 Server, Programs and Features is available directly from the Control Panel.

  2. Click Turn Windows features on or off.
  3. If you are using Microsoft Windows 2012 Server, use the following steps:
    1. In the Add Roles and Features Wizard, click Role-based or feature-based installation, and click Next.
    2. Select your server, and click Next.
    3. Select Web Server (IIS), if it is not already installed, ensure that Common HTTP Features is selected, and click Next until you get to the Role Services section of the wizard.
    4. Expand Application Development.
    5. Select CGI and ISAPI extensions if it is not already selected, and click Next.
    6. Click Install.
  4. In the Internet Information Services (IIS) Manager console, under Connections, select your server name.
  5. Double-click ISAPI and CGI Restrictions.
  6. Under Actions, click Add.
  7. Enter the path to the cognos.cgi file. The file is in the c10_location\cgi-bin directory.

    You must enter the full path, including the file name. If the path includes spaces, ensure you use quotation marks around the path. For example, enter:

    C:\Program Files\ibm\cognos\c10\cgi-bin\cognos.cgi

  8. Enter a Description, such as CognosCGI.
  9. Select Allow extension path to execute, and click OK.
  10. Under Connections, expand Sites, and under your website, add the virtual directories as shown in the table:
    Table 1. Required virtual directories

    Alias

    Location

    ibmcognos

    c10_location/webcontent

    ibmcognos/cgi-bin

    c10_location/cgi-bin

  11. Select the cgi-bin virtual directory that you created.
  12. Double-click Handler Mappings.
  13. Under Actions, click Add Module Mapping.
    1. In Request Path, type cognos.cgi.
    2. In Module, select CgiModule.
    3. Leave Executable (optional) blank.
    4. In Name, enter a name for the entry, such as CognosCGI.
    5. Click OK.
  14. Under Actions, click Add Module Mapping.
    1. In Request Path, type cognosisapi.dll.
    2. In Module, select IsapiModule.
    3. In Executable, enter the path to the cognosisapi.dll file.

      For example, enter:

      C:\Program Files\ibm\cognos\c10\cgi-bin\cognosisapi.dll

    4. In Name, enter a name for the entry, such as CognosISAPI.
    5. Click OK.
    6. Click Yes in the dialog box to allow the ISAPI extension.
  15. Start IBM Cognos Configuration.
  16. In the Explorer panel, click Local Configuration > Environment.
  17. In the Gateway URI box, change the cognos.cgi part of the URI to cognosisapi.dll.

On the IBM Cognos 10 Gateway install,

  1. Open <COG_ROOT>\webcontent\default.htm in a text editor. For example, D:\cognos\c10\webcontent\default.htm.
  2. Find the line that reads
    1
    2
    window.setTimeout("window.location.replace('cgi-bin/cognos.cgi?
     b_action=xts.run&m=portal/main.xts&startwel=yes')",5);

    and change cognos.cgi to cognosisapi.dll.

    1
    2
    window.setTimeout("window.location.replace('cgi-bin/cognosisapi.dll?
     b_action=xts.run&m=portal/main.xts&startwel=yes')",5);

This will make http://<webserver>/<alias> work like http://<webserver>/<alias>/isapi, redirecting to the ISAPI Gateway after showing a splash screen.
For SSO, set windows authentication on the cgi-bin folder in IIS manager.

Results for IIS

Users can access the gateway by entering http://servername/ibmcognos in their Web browsers.

https://www.ibm.com/support/knowledgecenter/en/SSEP7J_10.2.2/com.ibm.swg.ba.cognos.inst_cr_winux.10.2.2.doc/t_inst_usetheisapigateway.html

After you are done, start the Cognos service and verify that you can connect to the website and access the portal and Cognos Administration.

If you use Windows Authentication to connect to the SQL content store database, you need to set the IBM Cognos service to use a windows account, and not local system, or you get below error;
CFG-ERR-0103 Unable to start IBM Cognos service.
Execution of the external process returns an error code value of ‘-1’.

Step 3b– copy the BI content store data

Export your old Cognos BI content to a zip file, copy the zip file to the new deployment folder, and import the content store data, to get security and reports moved over.

Data source you have to manually update in cognos connection, to point to correct server.

To be able to schedule Planning Macros from Cognos BI you need to add this;
In IBM Cognos Administration in Cognos BI, on the Configuration tab, click Dispatchers and Services. Click the Cognos BI dispatcher that you want to configure. The list of services is displayed. Find the MonitorService service. You may have to click the Next Page icon to find the service in the list.
Click the Set properties – MonitorService icon.
On the Settings tab, for the Advanced settings of the Environment Category, click Edit.
Select Override the settings acquired from the parent entry.
Create a new parameter named enable.session.affinity. Set its value to true.
Create another new parameter named session.affinity.services.
Set its value to serviceName=planningAdministrationConsoleService.

Click OK, then click OK again.

 

Step 4 – Install Planning Server and Planning Administration

Install Planning Server and Planning Administration into EP1021. This will give you some startup icons.

Note: You will now have two different Cognos Configuration instances that work on their own set of configuration files in the two locations you have installed into. This is how it should be.

At d:\cognos create cognos$ fileshare for your filesys.ini file. When installing Cognos Planning Server enter \\servername\cognos$\planning as Analyst UNC path, to get the files created at d:\cognos\planning\bin\filesys.ini


When installing admin tools on a server, mark that you run them on a citrix server.

Create a SQL alias for the planning store, in the SQL client on the Cognos Planning server.

You need to install the following Microsoft SQL Server 2005 Backward Compatibility Component:
● SQL Distributed Management Objects (SQL-DMO) from SQLServer2005_BC.msi file.

If you use the Generate Framework Manager extension or the Generate Transformer Model extension you will need to install either Framework Manager or Transformer on the same machine that you have installed the Planning Admin tools on.
Since Framework Manager and Transformer are now different renditions they need to be installed into separate directory paths. To accommodate for this in Cognos Configuration browse to the Planning entry in the Cognos Configuration tree and enter a path pointing to the directory that IBM Cognos Business Intelligence is installed in.


Note: A common mistake is browsing too deeply into the directory such as to the \bin location. Browse only to the parent directory such as \ibmcognos\c10 or in this example \ibm\bi1022\c10_fm.

Set the Gateway URI to the BI server like this
http://servername.domain.com:80/ibmcognos/cgi-bin/cognosisapi.dll
Set the External and Internal dispatcher URI to point to the Cognos Planning server itself as this
http://servername.domain.com:9301/p2pd/servlet/dispatch 
Dispatcher URI for external applications should point to BI server
http://servername.domain.com:9300/p2pd/servlet/dispatch
Content Manager URI should point to primary content manager on BI server http://servername.domain.com:9300/p2pd/servlet

 

Step 5 – Configure the Planning Store

Start the new Cognos Configuration from your Planning install and set up a planning store, by connecting to a new, fresh planning store database.

If not SQL server 2012 is shown inside Cognos Configuration as an option, you can add support to it by update the D:\ibm\ep1021\c10\bin\epEAdminSQL7Resources.xml file.
Make a backup copy of the c10_location\bin\epEAdminSQL7Resources.xml file.
Open the c10_location\bin\epEAdminSQL7Resources.xml file in a text editor.
Find the entry for Resource ID=”2k8DefaultProviderDriverString” and locate the <![CDATA[SQLNCLI10]]> entry.
Change the entry to read <![CDATA[SQLNCLI11]]>.
Save the file and close it.

Note: It is ok to reuse an old content store and therefore save some work configuring, for example, the security settings. However, you should always create a new, empty planning store database, and connect to that. All your planning components can then be moved over using the deployment export/import tool.

 

Make sure that the dispatchers you have in Planning configuration do not have port conflicts with the ones specified in the BI configuration. You have to select a different port on the Planning dispatchers.

In the Planning configuration, point to the main gateway so that it can find the content store. Therefore, ensure that the Gateway URI in the Planning configuration is the same as in the BI configuration. For this reason, you must configure your BI gateway first.

Start the Planning service and you should be able to run Analyst and Cognos Administration console.

The Cognos services should be set to startup type “Automatic (Delayed start)” on a Microsoft Windows 2012 server.

Step 6 – Install Planning Client (Optional)

Optionally, you can also install the Planning client kit if you want to have the client application on the same computer.

In folder C:\ibm\ep1021\bin\Language\English, on server where Analyst is installed, do
Copy adminbifs.amf to adminbif.AMF
Copy adminodbc.AMF to adminodb.AMF

You must start Cognos Planning Contributor Administration Console as “run as administrator” to make it work.

Post Installation

Moving Over Applications

Use the Deployment Wizard to move any applications from your old system that you want on the new, upgraded system. On the old system, select Export with data to export one or more applications into a folder on your disk. This folder can be moved to the deployment location on the new system, and you can use the Deployment wizard to import the application into the new system.

If you want the deployment wizard to bring in existing security settings, it is important that you have set up the same or similar namespaces. If the new namespaces contains the same users, groups and roles, the import wizard can automatically match the names and bring over the security. If you want to use new groups and roles, it also allows you to manually map from the old security to the new one.

Any Analyst libraries used by the exported Contributor applications can be included in the deployment files and easily moved to the new system. If you have some Analyst-only libraries or if you do not use Contributor at all, see the next section.

First import the database and then import macro and links.

Moving Over Applications – old way

Disconnect the application in the old CAC
Copy the database files over to the new SQL server (with SQL backup / restore)
Load the database in the new SQL server and setup the SQL login
Update each database with SQL Server Management Studio
Expand tables and select table dbo.adminoption
right click and select “edit top 200 rows”


find in column optionid, the following 3 rows and erase the value at optionvalue if any
PAD_GUID
PAD_NAME
PAD_NAMESPACE
Exit SQL Server Management Studio
Go into the new CAC and select Link to existing Applications.

 

Moving Over Analyst Libraries

Analyst objects are stored in files in folders. Therefore, if you want to use existing analyst libraries on a new system, you have two options:

  • If you don’t need to use the old system again, you can leave the libraries where they are, and move the file called LIBS.TAB to the new system. This file contains the path to all the libraries set up in Analyst. If you point to this file in the Filesys.ini entry called Libs= it will just work on the old libraries where they are stored already.
  • If you want a transition period, where both the old and the new system are operational, you should take a copy of all your existing Analyst library folders and move them to where you want them to be stored when using the new system.

After the libraries are moved, you can manually reconnect to the libraries via the Analyst administration screens. If you have many files, it is faster to make use of the old LIBS.TAB file and move it to the new system. This will replace the LIBS.TAB file created during installation. On a default installation, this will be in the BIN folder below your installation location.

Next, start Analyst, look on the administration screens, and you will see it pointing to the old Analyst libraries. Right-click in the table with the library information, and choose Change Path which allows you to search and replace portions of the path on all libraries in one operation.

For example, if your old libraries were stored below \\servername\data\analyst\libraries, and you made a copy of these in \\newservername\data\analyst\libraries, you would do a search and replace on \\servername and replace it with \\newservername.

If the filesys.ini is in the wrong folder, you can remove this instancelock line in the filesys.ini

and then copy the filesys.ini to the correct folder. You need to copy the other files too.


You need to update the path inside filesys.ini to point to the new location for all files.
Then from inside CAC, you go to Tools – Update FileSys.ini options to point out the new location.

Backing-Up Old Applications

As your model evolves or as budgeting cycles pass, you may have old applications on your system that you no longer use, but want to keep in case you ever need to reference them. There are various ways to remove them from your Administration Console to make it more manageable and easy to overview.

You should first determine if there is data in the applications that is not already stored elsewhere. Some applications work by loading data from external sources and never have data entered that is not already stored elsewhere. If you have the original data sources, you may not need to keep the old applications at all.

If you do need to keep a backup of your application, there are two options:

  • If you want to be able to bring the application back online and access the data via the Planning software, you can export the application with data using the Deployment wizard. The resulting folder can be compressed and backed up for later use. When it needs to be restored, the Deployment wizard will be able to do that as well.
  • If you just want to keep a copy of your data that can be accessed from any data access tool, you can publish the cubes into a database table. The data can then be viewed using whatever client tools you would normally use to access that database, or be backed up as you would any other database.

Additional settings on the Cognos Planning Windows server

To prevent errors because of people login to the server with the service account this should be set;

Logon to the application server as an administrator
Launch the group policy editor (click “Start – Run” then type “gpedit.msc”)
Navigate “Computer Configuration -> Administrative Templates -> System-> UserProfiles”
Double-click on “Do not forcefully unload the user registry at user logoff”
Change the setting from “Not Configured” to “Enabled”.

Move database log files to different folder

From inside the SQL management studio, do similar to this;

ALTER DATABASE database_name SET OFFLINE;
... move the file(s) to new location
ALTER DATABASE database_name MODIFY FILE ( NAME = logical_name, FILENAME = 'new_path\os_file_name' );
ALTER DATABASE database_name SET ONLINE;

More information:

https://www.ibm.com/support/pages/downloading-ibm-cognos-planning-1021

https://www-01.ibm.com/support/docview.wss?uid=swg21991239

https://www.ibm.com/support/pages/how-configure-ibm-cognos-planning-102-work-ibm-business-intelligence-1022-fp5

https://www.ibm.com/support/pages/node/161227

https://www.ibm.com/support/pages/error-unable-get-list-drives-0

https://www.microsoft.com/en-us/download/confirmation.aspx?id=42295

https://www.ibm.com/support/pages/node/553105

https://www.ibm.com/developerworks/data/library/cognos/infrastructure/web_servers/page599.html

https://www.ibm.com/support/pages/node/571589

https://social.technet.microsoft.com/Forums/en-US/c55aa101-059d-491e-9fc2-73b5d8171eb8/protect-against-syn-attacks?forum=winservergen

 

Product:
Cognos BI 10.2.2 fix pack 10
C8BISRVR_UPDATE_version=C8BISRVR-AW64-ML-RTM-10.2.6110.31-0
C8BISRVR_UPDATE_name=IBM Cognos Business Intelligence Server Update
Microsoft Windows 2012 R2

Problem:
When you run a report as schedule, the formatting for HTML is lost. If you run the report intermediate it works fine.


Above the scheduled report who is missing formatting


Above the correct report layout, as it looks when you run it intermediate.


Inside Cognos Connection can you create a “job” to schedule the run a report at a defined time.

https://www.ibm.com/support/knowledgecenter/en/SSEP7J_10.2.2/com.ibm.swg.ba.cognos.wig_cr.10.2.2.doc/t_gtstd_ex_schedule_report.html

Solution:
Change to use cognosisapi, as the default IIS gateway.

On the IBM Cognos 10 Gateway server,

  1. Open \webcontent\default.htm in a notepad. For example, D:\cognos\c10\webcontent\default.htm.
  2. Find the line that reads
    1
    2
    window.setTimeout("window.location.replace('cgi-bin/cognos.cgi?
     b_action=xts.run&m=portal/main.xts&startwel=yes')",5);

    and change cognos.cgi to cognosisapi.dll.

    1
    2
    window.setTimeout("window.location.replace('cgi-bin/cognosisapi.dll?
     b_action=xts.run&m=portal/main.xts&startwel=yes')",5);

This will make http://<webserver>/<alias> work like http://<webserver>/<alias>/isapi, redirecting to the ISAPI Gateway after showing a splash screen.

Possible the schedule report is saved in the content store database, but when you try to look at it is not showing the correct formatting, because the cognos.cgi process does not get all the data.

More information:

https://www.ibm.com/developerworks/data/library/cognos/infrastructure/web_servers/page599.html

Product:
Cognos Analytics 11.1.5
Microsoft Windows 2012

Problem:
In a Cognos solution where you have a multi-server setup of Cognos Analytics, more than one Cognos BI server, you get strange errors in teams or story’s.

Solution:
In newer versions of CA11, can you test the Configuration Group to ensure it works.
Right click on Configuration Group inside Cognos Configuration and select Verify.

If the windows server with CA11 installed, have more than one network card, it is important to enter the network cards IP for that card that is used for communications between the CA11 servers.

Group contact host should be the IP to the Cognos Content Manager server that act as Configuration Group master.
Member coordination host should be the local windows servers IP number, that will be used for communications between the servers. This is often the same IP number that is used by client if they access the CA11 direct on port 9300.

Enter Ping ca11servername.domain.com from you client computer to find the possible address to use.

Product:
Cognos Controller 10.4.2
Microsoft Windows 2012 R2 server
Microsoft SQL server

Problem:
How upgrade a new restored database to the latest Cognos Controller version?

Solution:
When a database backup from a previous version is restored on the SQL database server, it needs to be upgrade after it is connected.
You need also to update the data sources in CA11 by click on repair button, in Controller Configuration.

Login to the Controller server (if you have more than one controller server, you need to repeat the step to configure the new controller database in controller configuration on all servers).
Right click on Controller Configuration and open it as an Administrator.

Go to Database Connections
Click on the icon for a new connection
At database type select SQL Server

Fill in the name of the database, as the users in cognos controller will see it.
Enter the provider to be SQLNCLI11.1
Enter the user id, to the SQL login you have for the database.
Enter the SQL user password.
At Initial catalog, you enter the name of the database as seen on the SQL server.
At data source you enter the name of the windows server that run SQL server.

(if unsure of what to enter, check on the previous database setup parameters)
Click on the test icon, to ensure you got it all right.

Click save.

Click on the green arrow to start the DBConv program.

Click on Connect Button to connect to the new database and see what version it have today.

Click on Upgrade Button to upgrade the database to latest Cognos Controller version.

When done, and no errors are shown, click on Close.

Now you have to update the BI database connections, by go to Report Service, in Controller Configuration.
Click on Check icon.


Click on Repair button.
Close Controller Configuration.

Then on the Controller Web server, you need to start a CMD prompt as an administrator.
Inside CMD you need to move to folder C:\Program Files\IBM\cognos\ccr_64\fcmweb

cd C:\Program Files\IBM\cognos\ccr_64\fcmweb

Type the following command to update Controller web:

SyncDBConf.bat    ..\Data   wlp\usr\shared\config\datasources
Now the ControllerWeb application should know about the new Controller Database.

Best is to restart the Windows servers where Cognos Controller is installed, to make the changes noticed. You need to restart the CA11 servers in correct order.

At least you need to restart the IBM Cognos Controller Batch Service.

If you have several controller servers, the Controller Batch Service must only be running on the Controller Master server.

More information:
https://www.ibm.com/support/pages/how-migrate-upgrade-upsize-existing-database-new-later-version-controller
https://www.ibm.com/support/knowledgecenter/SS9S6B_10.4.2/com.ibm.swg.ba.cognos.qrc_ctrl_inst.doc/t_qsg_ctrl_config_controllerdb.html

https://www.ibm.com/support/pages/missing-database-connection-choices-when-using-controller-web

Product:
Cognos Analytics 11.1.4
Microsoft Windows 2016 Server

Problem:
Cognos Analytics uses a lot of CPU on the server and creates a lot of DMP files that fills up the hard disk.
A restart of the windows server does not help, Cognos Java process start up and uses a lot of CPU.
Even though there are no users in the system.

Solution:
On the Windows server, set the IBM Cognos service to manual.
Stop the IBM Cognos Service.
(to be sure, reboot the windows server, to clean out any lost processes)
Clean out temp report files by renaming the \temp and \data folders.
Check in Cognos Configuration the location of the temp and data folders.
Change C:\Program Files\ibm\cognos\analytics\temp to C:\Program Files\ibm\cognos\analytics\temp_old
Do the same for the \data folder.
Create a new \temp and a new \data folder.
Start IBM Cognos service.
Check that Cognos Connection is working, and there are no unusual CPU activity.
If all is OK, change Cognos Service to automatic.
Remove the temp_old and data_old folders.

To prevent BIBUS dump files to be created, change value in the file /configuration/cclWinSEHConfig.xml to

<configuration>

            <env_var name=CCL_HWE_ABORT value=0:0/>

</configuration>

To remove dump files from the Query process, you need in Cognos Configuration go to Administration tab.

Click on system – click on the dispatcher listed – select QueryServices – right-click and select Set properties.

Go to “Additional JVM arguments for the query service (Requires QueryService restart)” on last page.
Enter value:  -Xdump:heap+system:none
Press OK.

Exit Cognos Connection Administration.

More Information:
https://www.ibm.com/support/knowledgecenter/SSEP7J_11.1.0/com.ibm.swg.ba.cognos.cbi.doc/manuals.html

https://www.ibm.com/support/knowledgecenter/en/SSYKE2_7.0.0/com.ibm.java.aix.70.doc/diag/tools/dumpagents_removing.html