Tivoli Header

Quick Start


Configuration Instructions

Configuring Active directory Services involves configuring Active Directory within the Windows 2000 operating system and then extending the Active Directory Schema specifically for TSM, so that TSM Servers and their inventories of TSM client nodes become part of the Active Directory.

The following tasks are required to set up the Active Directory environment and TSM:

Configuring Active Directory on the Windows 2000 Machine

Configuring Active Directory within Windows 2000 involves setting up the Windows machine as a domain controller and adjusting the Domain Naming Service (DNS) for Active Directory. Any Windows Server that has been set up as a domain controller is a candidate to become an Active Directory Server. Refer to the Windows 2000 online help (Active Directory Checklist) and documentation for more information.

Performing the One-time Configuration

Configuring Active Directory for TSM involves using the Active Directory Configuration Wizard to extend the active directory schema and to define TSM Servers and their respective client nodes to Windows Active Directory Servers. This process requires the following tasks:

Installing Windows 2000 Administration Tools

The steps required to update the schema involve the use of the Active Directory Schema snap-in. This snap-in is part of Windows 2000 Administration Tools, which is included on the Windows 2000 Server and Advanced Server compact disc sets. These tools enable administrators to manage the active directory schema on a Windows 2000 domain controller.

  1. Load the compact disc (CD) into the Windows 2000 computer CD drive.
  2. Open the I386 folder.
  3. Double click the Adminpak.msi file.
  4. Follow the instructions that appear in the resulting setup wizard.

Creating a Windows Account With Required Permissions

Administrators can use this procedure to create a separate account, other than the default system account, for the TSM Server service. The system account does not have the permissions required for Active Directory. After the Windows 2000 Administration Tools have been installed, administrators can configure permissions.

From the domain controller containing the Active Directory schema, do the following:

  1. Click Start | Run.

    The Run dialog opens.

  2. Type schmmgmt.msc in the Run dialog entry field and click OK.

    The Active Directory schema snap-in opens.

  3. In the console tree, right-click Active Directory Schema and select Operations Master.
  4. Click The Schema may be modified on this domain controller.
  5. In the console tree, right-click Active Directory Schema and select Permissions.
  6. If you don't see your name in the name section, click Add.
  7. Select your account name, click Add, and click OK.
  8. Select the account name and check the Full Control checkbox in the Allow column of the Permissions area. Click OK.

Extending the Active Directory Schema

System administrators must allow TSM to update the Active Directory Schema before TSM can store information in and retrieve information from Active Directory. The Active Directory Schema, stored on the Windows 2000 domain controller, is a list of definitions that identifies objects and information about those objects. This one-time configuration allows TSM to extend the schema by adding objects to the schema that define TSM servers.

For more information about the active directory schema, refer to the Windows 2000 online help. A detailed description of the TSM Active Directory schema extensions is available from the TSM Web site at http://www.tivoli.com/support/storage_mgr/adwserv.htm.

An administrator must perform the following one-time operation to extend the Active Directory schema before adding the first TSM Server:

  1. Expand the TSM Console tree until the TSM Server you want to add to the Active Directory is displayed.
  2. Expand the TSM Server and click Wizards.
  3. The TSM wizards are listed in the right pane.
  4. Click Active Directory Configuration in the Wizards list.

    The Active Directory Configuration wizard appears in the right pane.

  5. Click the Start button to start the wizard and click Next.
  6. Click the Detect button and click Next.
  7. No entries appear at this time, but the schema has been updated. Click Cancel.

At this point, you can disable the permissions to extend the schema. To disable permissions, return to the schema snap-in, right-click Active Directory Schema, and click Permissions. Select your account name, uncheck the Full Control checkbox, and click OK. If you want to disable further schema updates you can right-click on the Active Directory Schema, and click Operations Master. Uncheck The Schema may be modified on this Domain Controller and click OK.

Configuring Each TSM Server Instance

Configuring the TSM server and managing TSM in an Active Directory environment involves the following tasks:

TSM allows administrators to add or edit server entries so that they can define non-Windows TSM servers to Active Directory. When TSM clients look up TSM servers in Active Directory they do not know what platforms the servers are running on nor do they care. They are just looking for communication parameters that they can use to connect to a TSM server that knows about them.

Configuring the TSM Server to Define Itself to Active Directory

TSM servers running on Windows can define themselves to Active Directory when they start up and they can also remove themselves from Active Directory when they are halted. Administrators can modify the three server options that control TSM Server behavior regarding Active Directory.

Note:
Typically, the TSM server is run as a Windows service. The TSM server service should be configured to run under an account other than the default System Account because the System Account does not have the permissions needed to access Active Directory over the network. Administrators can modify the service account using the Service Configuration wizard in the TSM Console.
  1. Expand the TSM Console tree until the TSM server for which you want to modify options is displayed. Expand the Server and expand Reports.
  2. Click Service Information.

    The Service Information report appears in the right pane. The TSM server, running as a service, should appear in the Service Information report. If the server does not appear in the report, ensure that you have initialized the server using the Server Initialization wizard in the TSM Console.

  3. Right click the TSM server service and select Edit Options File.

    The Server Options File tabbed dialog appears.

  4. Click the Active Directory tab.

    The Active Directory options appear.

  5. Check Register with Active Directory on TSM server startup.
  6. Check Unregister with Active Directory on TSM server shutdown.
  7. Select Automatically Detect in the Domain Controller section Click OK.

The next time the TSM server starts, it defines itself to Active Directory and adds information including the list of registered nodes and protocol information. This can be verified at any time using the Active Directory Configuration wizard in the TSM Console.

Adding or Removing TSM Client Nodes

Adding TSM client nodes to and removing them from Active Directory is a matter of adding the nodes to or removing them from a TSM Server that has already been added to the Active Directory. TSM automatically updates the Active Directory.

Note:
Do not attempt to add or expect to see TSM clients running Windows 95 or Windows 98. At this time, only Backup-Archive clients running on Windows NT or Windows 2000 are supported. Backup-Archive clients on Windows 95/98 cannot currently access the TSM Active Directory entries.
  1. Expand the TSM Console tree until the TSM server on which you want to add or remove TSM nodes is displayed.
  2. Expand the server and click Wizards.

    The Wizards list appears in the right pane.

  3. Click Active Directory Configuration in the Wizards list and click Start.

    The Active Directory Configuration wizard starts.

  4. Navigate to the dialog entitled TSM Active Directory Configuration.
  5. Select a TSM server in the List of TSM Servers in Active Directory dialog and click Edit.

    The Settings dialog appears for the selected TSM server with the Nodes tab displayed.

  6. Click Add or Remove.

    The Node Name that needs to be added to the server dialog appears.

  7. Enter the node name for the TSM client node you want to add to or remove from this server. Click OK.

You can also connect a client node with a TSM server during the client configuration process. To select a server, click the Browse button on the communications protocol parameters page of the Client Configuration Wizard. The wizard displays a list of TSM servers with which the node is registered and that support the selected protocol. When you select a server and complete the wizard, the corresponding communication protocol information is included in the client options file.

Removing a TSM Server from the Active Directory

  1. Expand the TSM Console tree until the TSM server you want to remove from the Active Directory is displayed.
  2. Expand the server and click Wizards.

    The Wizards list appears in the right pane.

  3. Click Active Directory Configuration in the Wizards list and click Start.

    The wizard opens to the introductory dialog.

  4. Navigate to the dialog entitled TSM Active Directory Configuration.
  5. Select the TSM server you want to remove and click Remove.
  6. The TSM server is deleted from Active Directory.


[ Top of Page | Previous Page | Next Page | Table of Contents | Index ]