by ·Comments Off on How create a certificate request

Product:
OPENSSL
Linux Centos

Problem:
How create a SSL (TLS) request for a server that need a certificate?

Suggested Solution:

Install openssl on your Centos Linux with command:

yum install openssl

Create a folder to work in mkdir /ibm

Go to that folder cd /ibm

Create a text file with a text editor like; nano san.txt

[ req ]
default_bits       = 2048
distinguished_name = req_distinguished_name
req_extensions     = req_ext
prompt             = no
[ req_distinguished_name ]
countryName                = Country Name (2 letter code)
stateOrProvinceName        = State or Province Name (full name)
localityName               = Locality Name (eg, city)
organizationName           = Organization Name (eg, company)
commonName                 = Common Name (e.g. server FQDN or YOUR name)
[ req_ext ]
subjectAltName = @alt_names
[alt_names]
DNS.1   = servername
DNS.2   = servername.domain.com
DNS.3   = dnsalias.domain.com

Save above text in the file after you change to your server-names.
openssl  req  -out /ibm/request.csr  -newkey rsa:2048 -nodes -keyout /ibm/privateKey.pem -config /ibm/san.txt
Above will give a new server private key and a certificate request for a cert.

Check the request with command:

openssl req -text -noout -verify -in request.csr

Check the private key with command:

openssl rsa -in privateKey.pem -check

The private-key should only be stored on the server where it should be used.
The certificate request you copy and paste to your Certificate Authority to generate your certificate.

SSL Experten

newkey rsa:2048

This option creates a new certificate request and a new private key.

 

 

More information:

https://www.openssl.org/docs/man1.1.1/man1/req.html

https://www.sslshopper.com/article-most-common-openssl-commands.html

https://geekflare.com/san-ssl-certificate/

https://www.azure365pro.com/install-and-configure-certificate-authority-in-windows-server-2016/

https://www.namecheap.com/support/knowledgebase/article.aspx/9640/69/how-to-export-certificates-between-windows-servers/

https://www.altaro.com/hyper-v/view-revoke-manually-approve-certificates/

https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/certificates/cert_complete_signing_req_c.html 

Managing Certs with Windows Certificate Manager and PowerShell [Tutorial]

Windows certificate stores

https://en.wikipedia.org/wiki/Certificate_authority  

https://support.citrix.com/article/CTX128656

by ·Comments Off on Silent install of ILMT

Product:
IBM License Metric Tool on Linux
Red Hat Enterprise Linux 7.5 or a higher 7.x version
Issue:
How install ILMT on Linux in one step

https://www.ibm.com/docs/en/license-metric-tool?topic=il-step-by-step-installation-guide-all-in-one-installer
Suggested Solution:
You need to install on Red Hat Enterprise Linux 7.5 or a higher 7.x version, but for this test we will use CentOS Linux  https://www.centos.org/download/
Install CentOS with a fix IP address, so you can easy connect to the Linux server.

Download the installation file “ILMT_Install_Lnx-x86-64_V9222.tar.gz”

https://www.ibm.com/support/pages/node/582891#linux

Copy the file to your linux server with WinSCP program. https://winscp.net/eng/download.php

Check disk space with command df  -h

https://www.ibm.com/docs/en/license-metric-tool?topic=requirements-hardware-server-linux

Install the needed programs https://www.ibm.com/docs/en/license-metric-tool?topic=requirements-software

yum install byobu

yum install libnsl

yum install libstdc++

yum install ksh

yum install pam*i686

yum install numactl*x86_64

yum install libstdc++*i686

yum install libpng12.x86_64

yum install fontconfig.x86_64

yum install libXext.x86_64

yum install libXrender.x86_64

yum install unixODBC.x86_64

yum install nano

yum install wget*x86_64

Unzip the tar file with command:  tar  zxvf  ILMT_Install_Lnx-x86-64_V9222.tar.gz

Copy the install_response.txt to a new file with command: cp install_response.txt response.txt
Edit that file in nano response.txt

Change the following values;

RSP_LICENSE_ACCEPTED=true

RSP_ADMIN_PASSWORD=

RSP_DB2_INST_PASSWORD=

#RSP_DB2_ROOT=/opt/ibm/db2/V11.5  (if you want DB2 installed in a different folder)

RSP_IEM_TEM_USER_PASSWORD=

#RSP_IEM_WR_WWW_PORT=8083 (if you want to change the port number used by BigFix)

#RSP_TLM_ROOT=/opt/ibm/LMT (if you want ILMT installed to other folder)

#RSP_TLM_HTTPS_PORT=9081 (if you want to change The port for administration server web UI)

Save the file, and run below command to start the installation:

./setup-server-linux-x86_64.sh -i silent -f /ibm/response.txt

You must install to Red Hat.  For this test we enter export disable_platform_check=true

Then the check in the script file will skip the check (if [ “$disable_platform_check” != “true” ]
then)….

Go to /root folder and enter command to unzip the log files:

tar zxvf LMT_9.2.22.0_20210514-113503_16243_logs.tar.gz

Check the log file with commando:

tail  LMT_9.2.22.0_20210514-113503_16243_logs/LMT9.2.22.0/Server.log

Solve the issue and run the ./setup-server-linux-x86_64.sh -i silent -f /ibm/response.txt again.

Add the BigFix port and ILMT port to the firewall on Linux server with commands:

firewall-cmd --permanent --add-port=52311/tcp

firewall-cmd --permanent --add-port=9081/tcp

firewall-cmd --reload

 

Copy windows client files to your windows share for clients with winSCP

Create a CMD file with this text to run the installation locally on the windows clients:

BigFix-BES-Client-10.0.2.52.exe /s /v”/L*vx! \”C:\temp\ClientInstallLog.txt\” SETUPEXE=1 REBOOT=ReallySuppress MSIRESTARTMANAGERCONTROL=Disable /qn”

Check the client windows services for “BES Client”, to see that it was installed.

Copy BIGFIX console files to your windows computer with winSCP

The files are in folder /var/opt/BESInstallers/ directory.

Run the BigFix console setup on a computer, and ensure the clients are listed in the Go to Sites – External Sites – IBM License Reporting (ILMT) – Fixlets and tasks – Install or Upgrade Scanner, task.

Browse to https://yourservername:9081/ in Chrome.

First time you log into ILMT webpage you should get above dialog, to import the data from BigFix server.

For more help contact your IBM partner.

Vår nya ILMT expert – Christer Borg

More information:

https://www.tutorialspoint.com/unix_commands/export.htm

https://www.ibm.com/docs/en/license-metric-tool?topic=il-step-by-step-installation-guide-all-in-one-installer

 

by ·Comments Off on Install DB2 on linux

Product:
DB2

Problem:

How install DB2 on Centos Linux

Suggested Solution:

To change the password for root user:
sudo passwd root

Download centos from https://www.centos.org/download/

Old centos versions is found here https://vault.centos.org/

Other Linux versions can be found here https://www.linuxlookup.com/linux_iso

Inside Linux, to find version of centos enter:

cat  /etc/centos-release

 

How activate X11:

How configure X11 Forwarding in CentOS/RHEL 6/7

http://www.straightrunning.com/XmingNotes/trouble.php

yum upgrade libstdc++

yum install libstdc++.i686

yum install gcc-c++

yum –noplugins install pam-devel.i686

yum install libXtst.so.6

yum install libXtst.x86_64

On your laptop where you run Xming before you start putty, add the Linux server ip address in the file C:\Program Files (x86)\Xming\X0.hosts to make X11 work.

 

Create folder

mkdir setup

mkdir ibm

Enter df -h to see free space on Linux.

Enter ln -s /home/ibm /ibm to create a softlink from /home/ibm to /ibm

 

How setup DB2

Copy the DB2_Svr_11.5_Linux_x86-64.tar.gz file to /ibm folder on your Linux server with WinSCP.

Expand the file with command:

tar  xvzf  v11.5.5_linuxx64_server_dec.tar.gz

Enter cd server_dec  to go to the correct folder and then start installation with command

./db2setup

Click new install

Click Next

Change the folder to install and click next

Enter the password and select the correct folder, then press next

Enter the password and then press next

Press Finish

Click Finish

Open firewall port in centos with command:

firewall-cmd –permanent –add-port=50000/tcp

firewall-cmd –reload

Change to user db2inst1 to be able to work with the database

su – dbinst1

Enter DB2 to get into the database, and enter CREATE DATABASE books, to create a database.

Db2 Tutorial

Enter db2 list db directory to see the databases created.

You need to download a license file to db2 folder license, to be able to use all CPU and RAM in the server. https://www.ibm.com/docs/en/license-metric-tool?topic=tool-step-1-installing-db2

Add a license file to extend your license.

  1. Go to the directory where you downloaded the license activator, and extract the package.
  2. From the directory with the extracted files, go to /db2/license.
  3. Copy the db2std_vpc.lic file to the home directory of the DB2 instance owner, by default /home/db2inst1.
  4. Open the terminal and switch the user to the DB2 instance owner. 
    su - db2inst1

Add the license file to your installation.

db2licm -a db2std_vpc.lic

https://www.ibm.com/docs/en/license-metric-tool?topic=linux-step-by-step-installation-guide-separate-installers

You can install a db-tool on your laptop to have a GUI to work with the database on the Linux server; https://www.dbvis.com/download/12.0

To setup ILMT see the documentation

https://www.ibm.com/docs/en/license-metric-tool?topic=installing-linux

If you get the error Unexpected Throwable caught: null. ERRORCODE=-4228, SQLSTATE=null. then the database schema maybe is not created or misspelled.

More information:

If you want to install ILMT, you can download this files:

All-in-One installer:
ILMT_Install_Lnx-x86-64_V9222.tar.gz
(PN: CC9RAML)
BigFix installer:
BigFix_Platform_Install_V10.0.2.zip
(PN: CC9RBML)
DB2 installer:
DB2_Svr_11.5_Linux_x86-64.tar.gz
(PN: CC1U0ML)
DB2 license activator:
DB2_DSE_Activation_11.5.zip
(PN: CC36WML)
Quick Start Guide:
ILMT_V9222_QS.zip
(PN: CC9R9EN)

https://www.ibm.com/support/pages/downloading-ibm-license-metric-tool-92?mhsrc=ibmsearch_a&mhq=ilmt%20download#order

How configure X11 Forwarding in CentOS/RHEL 6/7

https://www.ibm.com/support/pages/unsatisfiedlinkerror-cannot-open-shared-object-file-libxtstso6

https://www.ibm.com/docs/en/license-metric-tool?topic=tool-step-1-installing-db2

https://www.ibm.com/docs/en/license-metric-tool?topic=tool-step-4-performing-initial-configuration

https://www.ibm.com/docs/en/db2/10.5?topic=pack-stopping-all-db2-processes-linux-unix

https://www.anglepoint.com/ilmt-installation-linux-and-windows/?utm_source=Facebook&utm_medium=Post&utm_campaign=ilmtinstall_article&utm_content=Organic%20Content

https://cdn2.hubspot.net/hubfs/1697611/Events/Webinar.%20Basic%20ILMT%20Skills%20for%20IT%203.16.17.pdf 

http://www.redbooks.ibm.com/redbooks/pdfs/sg246899.pdf

https://www.db2tutorial.com/getting-started/db2-connect-to-database/

https://www.kbce.com/db2-community-edition/

https://www.ibm.com/support/pages/node/957531

https://www.ibm.com/support/pages/step-step-installation-ilmt-9202-windows-2008-r2-server

https://www.ibm.com/support/producthub/db2/docs/content/SSEPGG_11.5.0/com.ibm.db2.luw.admin.cmd.doc/doc/r0002059.html

by ·Comments Off on Adobe export PDF dialog in report

Product:

Cognos Controller 10.4.2

Issue:

When run a standard report in Cognos Controller, and select PDF format, the report have a “adobe tools” menu on the right side.

Solution:

Press CTRL+H to hide it.
or
Click on the arrow (in yellow in above picture) .
or
Select  view – show/hide – tools.

 

More information:

https://helpx.adobe.com/acrobat/kb/disable-right-hand-pane-in-acrobat-reader.html

https://community.adobe.com/t5/acrobat-reader/how-do-i-remove-the-right-hand-pane-in-reader-dc-locked/td-p/7021654

by ·Comments Off on Can not update TM1 since data trickle table was purged

Product:
Cognos Controller 10.4.2 FAP service
Microsoft Windows 2016 Server

Issue:
When doing a FAP IP, there is a error message in the process:

Can not update TM1 since data trickle table was purged while the TM1 server was down, try doing a new initial publish to solve problem

Possible Solution:
Login to the FAP client program.
In the Data Marts tab click on STOP after you have selected your active data-mart.

In the Sources tab select your active database, and click on STOP.

Then in Sources tab click on START, this will set the Last Purged Index to 0.
Go to the Data Marts tab and click on START.

Go to the Logs tab and check mark “Update Automatically”.
Wait 30 min, to see that the FAP process works without errors.

More Information:
If above does not work, then you need to do a reset of the tables as this article:

https://www.ibm.com/support/pages/node/235697

https://www.ibm.com/support/pages/can-not-update-tm1-data-trickle-table-was-purged-while-inside-fap-client

 

by ·Comments Off on Cognos Controller – can not save

Product:
Cognos Controller 10.4.2
Microsoft SQL database server

Issue:
After a restore of a production database to a test environment, the users can not save anything from inside Cognos Controller client, in the test enviroment.

Error Message:

FrangoClient.fm.UserAndInstallationRights.SaveUser.FrangoClient….

Server was unable to precess request –> System.Exception: xbo….

 

Possible solution:
Check with the Database Administrator (DBA) if any thing have been done during the restore.

If the controller database index are dropped, then the users can not save from inside Cognos Controller.

Do a new restore of the Controller database and try again.

More information on restore of database:

https://www.ibm.com/support/pages/how-migrate-upgrade-upsize-existing-database-new-later-version-controller

by ·Comments Off on Install BigFix Client on Centos

Product:
BigFix Client
Problem:
How install BES client on centos machine?

Solution:

Copy the client and masthead files to the Centos computer.

The file you need for masthead is found in folder /var/opt/BESInstallers/Client on server where ILMT is installed.

On the target computer create the folder: mkdir /etc/opt/BESClient/

Copy the file to the target with scp command, you need to connect with a user that have access to the folders

scp root@centos74:/var/opt/BESInstallers/Client/actionsite.afxm  actionsite.afxm

Copy the client with command: scp root@centos74:/var/opt/BESInstallers/Client/BESAgent-10.0.2.52-rhe6.x86_64.rpm  BESAgent-10.0.2.52-rhe6.x86_64.rpm

You can also download the BES Client/Agent from https://support.bigfix.com/bes/release/10.0/patch2/

Install the client  rpm -ivh  BESAgent-10.0.2.52-rhe6.x86_64.rpm

Start the client with command

/etc/init.d/besclient start

You can check if the BIGFIX (BES Client) is running with TOP command.

 

 

 

 

How manage the ILMT?

Setup the BigFix console on a windows computer to be able to manage the system.

Copy the console folder to your windows host with WinSCP, from /var/opt/BESInstallers/Console


Run the setup.exe to install the console on your windows computer

Login with user IEMAdmin (this was created during installation of the BigFix server)

If you get timeout errors, check that the firewalls allow port 52311 that is used by BigFix.

firewall-cmd --permanent --add-port=52311/tcp

firewall-cmd --reload

 

If all software components are installed and configured on the server, this are the steps to activate the scan from BigFix console.

Start the BigFix console “C:\Program Files (x86)\BigFix Enterprise\BES Console\BESConsole.exe”

Click on sites – external sites – IBM license Reporting (ILMT)
Check that All computers are selected for Computer Subscriptions.

Check that Download IBM License Metric Tool have the computers listed. Click Take Action to change.

Go to Sites – External Sites – IBM License Reporting (ILMT) – Analyses
Check that this analyses are Activated for all your computers:

Go to Sites – External Sites – IBM License Reporting (ILMT) – Fixlets and tasks
Select Install or Upgrade Scanner, click Take Action to change any values.

Go to Sites – External Sites – IBM License Reporting (ILMT) – Fixlets and tasks
Select Initiate Software Scan and check that all computers are listed.

First time you need under Take Action select Target and Execution times and save.

Go to Sites – External Sites – IBM License Reporting (ILMT) – Fixlets and tasks

Select Upload Software Scan Results, click Take Action to select computers and execution time.

Go to Sites > External Sites > IBM License Reporting (ILMT) > Fixlets and Tasks

Select Run Capacity Scan and Upload Results

Press “Click here to schedule regular capacity scans and uploads of results.” to get to the Take Action dialog. Select your computers and set the execution time. Click OK to active.

Browse to your ILMT installation in your Chrome web browser.
https://yourILMTservername:9081/management/imports

Under management – Data Imports, click on Import Now.

Then go to Reports – Overview or Reports – Computers to see that all nodes are included.

https://www.ibm.com/docs/en/license-metric-tool?topic=utilization-creating-snapshots-license-metric-auditing-purposes

 

 

 

 

More information:

https://help.hcltechsw.com/bigfix/9.5/platform/Platform/Installation/c_centos_installation_instructio.html

https://support.bigfix.com/bes/install/besclients-nonwindows.html

https://help.hcltechsw.com/bigfix/9.5/inventory/Inventory/planinconf/r_port_requirements.html 

http://www.numasolution.com/ILMT.pdf

https://cdn2.hubspot.net/hubfs/1697611/Events/Webinar.%20Basic%20ILMT%20Skills%20for%20IT%203.16.17.pdf  

https://www.ibm.com/docs/en/license-metric-tool?topic=requirements-network-port

Linux/UNIX For DOS Users (yolinux.com)

https://www.snowsoftware.com/blog/2014/03/13/swid-tags-what-are-they-and-why-are-they-important

by ·Comments Off on How create a mst file with ORCA

Product:
Cognos Controller 10.4.2 if7
Microsoft Windows 2012 Server
Issue:
How create a MST file to my Cognos Controller Client installation?

Suggested Solution:
Download msi45sdk.msi from Microsoft, and install it. You will find C:\Program Files (x86)\Orca\orca.exe to use.

Copy the ccrlocalclient64.msi to an empty folder on your computer.
You find ccrlocalclient64.msi in folder C:\Program Files\ibm\cognos\ccr_64\webcontent\ccr
Start ORCA
Go File – Open and select your CCRLocalClient64.msi file.
Click Open.

To note the changes you do, you must first select Transform – New Transform


Scroll down to property, and on the right side click on WSSURL value field to update it with your Cognos Controller Server name.

Enter http://servername.domain.com/ibmcognos/controllerserver

To set that users should not be able to select database in controller client at login, instead use the database you have named “default”, add the property CHANGEDB

Right click on empty space and select Add Row

Click on the property row and enter the CHANGEDB word in the field below, as in picture.
Click on the value row and enter the value false.
When all values is filled in you click on OK button.

Go to Xmlfile

Right click on empty space and select Add Row

Fill in the values with this lines:

ModifySelectDb

[#CCR.exe.config]
/configuration/profile/Settings/add[\[]@key=’SelectDb'[\]]
value
[CHANGEDB]
0
CCR.exe.config.setup

Values inside [ ] are variables that is replaced with the property value.

Click OK button.

Go to Transform – Generate Transform

Select folder to save the mst file in. Enter a name and click Save.

Exit ORCA without saving changes to CCrLocalClient64.msi file.

Put the msi and mst file in the same folder, and enter this command from that folder:

msiexec /i CCRLocalClient64.msi TRANSFORMS=production.mst /qb

Above command will install Cognos Controller client with your parameters in the mst file.

To uninstall cognos controller client, you can use this command:

MsiExec.exe   /x  {E1A50832-9F0C-4CE1-9A55-AAD8BF8A7700}  /qb

The number E1A50832-9F0C-4CE1-9A55-AAD8BF8A7700 you find in the property – productcode.

This is for the registry value of the installation.

Exist in this places in Windows registry:

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\23805A1EC0F91EC4A955AA8DFBA87700]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\23805A1EC0F91EC4A955AA8DFBA87700\InstallProperties]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1A50832-9F0C-4CE1-9A55-AAD8BF8A7700}]

There is a different productcode for each version of Cognos Controller Client.

More information:

https://www.advancedinstaller.com/user-guide/msiexec.html

https://support.venafi.com/hc/en-us/articles/215911917-Error-Uninstall-an-MSI-and-msiexec-fails-asking-for-path-of-old-MSI

https://www.ibm.com/support/pages/cognos-controller-builds-ccr-name-and-database-version

https://www.advancedinstaller.com/user-guide/win-sdk-tools.html

https://en.wikipedia.org/wiki/List_of_installation_software 

https://www.actualinstaller.com/articles/updater.html

by ·Comments Off on How restart a TM1 instance from remote computer

Product:
Planning Analytics 2.0.9

Microsoft Windows 2019 server

Problem:
How to stop a TM1 instance from other computer?

Suggested Solution:

Enter below in notepad++ and save as a powershell script named tm1script.ps1

#REM powershell script
#REM enter first the command then the tm1 instance
#REM Get-Service -ComputerName computername -Name servicename | Start-Service

#REM get the server name from a text file that you prepare before
$computers = Get-Content c:\temp\servers.txt

#REM get the command parameters
$action = $args[0]
$tm1instance = $args[1]

#REM if stop do this else do that
If ($action -eq “stop” )
{Get-Service -Computername $computers -Name $tm1instance | Stop-Service }
ElseIf ($action -eq “start” )
{Get-Service -Computername $computers -Name $tm1instance | Start-Service }

#REM if none of above, then enter a line in windows event log
Else
{
write-eventlog -Computername $computers -logname Application -source EventSystem -eventID 1000 -message “something else happened.”
}

Create a text file with the servername for the windows server that you have tm1 installed on.

Place the text file in c:\temp folder on the computer where you want to run the script.

The account running the script need to be administrator on the target host machine to be able to connect and stop windows services.

Enter command: ./tm1script.ps1  stop “planning sample”

The tm1 instance need to be inside ” when it have a space in the name.

More information:

PowerShell Basics: ElseIf Statement

https://learn-powershell.net/2012/01/15/startingstopping-and-restarting-remote-services-with-powershell/

https://ss64.com/ps/write-eventlog.html

by ·Comments Off on Schedule a cmd file

Product:
Microsoft Windows 2019

Issue:
Message when you try to add a schedule

Solution:

On the local server use Local Security Policy manager:

  1. Click START and type secpol.msc then press Enter
  2. Expand Security Settings > Local Policies > User Rights Assignment node
  3. Double click Log on as a batch job
  4. Click the Add User or Group button and add your service account user
  5. Click OK

You should use a service account that is part of the administrator group, to ensure it have rights to do the task you have in your cmd script file.

More Information:
https://www.urtech.ca/2019/06/solved-this-task-requires-that-the-user-account-specified-has-log-on-as-batch-job-rights/