CommandPointTM Admin is a Java®-based graphical user interface (GUI) product that provides administrative capabilities for DYNIX/ptx® systems. A DYNIX/ptx system runs the server portion; you can run the client either on a PC running Windows NT® or on a PC running DYNIX/ptx via eXceed®. Features of CommandPoint Admin include the following:
Easy to learn, easy to use administrative interface.
Java-based graphical front-end that is platform independent. Use it as an X application or a Windows NT application.
Consistent look-and-feel on all platforms.
Easy task navigation.
Learning environment for inexperienced users by means of the following:
View Commands mode that shows the back-end commands that are running.
Dry Run Mode that allows you to specify an action, but not have the action executed on the server.
ATTENTION You can invoke both View Command and Dry Run Mode from CommandPoint Admin's View menu.
Ability to execute multiple tasks concurrently.
Ability to launch CommandPoint Clusters (if ptx/CLUSTERS and CommandPoint Clusters are installed) or CommandPoint SVM (if ptx/SVM and CommandPoint SVM are installed) from the CommandPoint Admin Launcher.
Context sensitive on-line help.
Control over access by user or group to administrative tasks (see the Task Description File Configuration section of these release notes).
Ability to access multiple DYNIX/ptx hosts and their system management applications via the CommandPoint Admin Launcher.
Logging of all administrative operations to a common per-system event log (using ptx/EES).
CommandPoint Admin supports the following administrative functions:
More capabilities will be added in future releases.
CommandPoint Admin is targeted towards providing the following benefits for new to experienced system administrators:
These Release Notes contain the following information:
Compatibility information
Installation instructions
TDF (Task Description File) administration
Getting Started instructions, including Navigation Tips
Documentation
Problem reports
CommandPoint Admin V4.4.0 is compatible with the following software products running on Symmetry® and NUMA-QTM systems:
DYNIX/ptx V4.4.4 or later (required)
ptx/LAN V4.5.3 or later (required)
ptx/TCP/IP V4.5.1 or later (required)
ptx/NFS® V4.6.3 or later (optional)
ptx/WINDOWS® V4.4.1 (required)
ptx/JSE V1.1.1 (required)
ptx/EES V1.0.1 (optional)
CommandPoint Admin V4.4.0 is compatible with the following software products running on a PC:
ATTENTION Do not use the VCS console on a NUMA-Q system to run CommandPoint Admin.
If you plan to use the Windows NT-compatible client to administer your system, then the following minimum requirements apply to the PC that you will be using. (These requirements are in addition to the DYNIX/ptx requirements listed in the previous section.)
ATTENTION The minimum configuration will allow you to run all three CommandPoint products simultaneously. However, the performance will be better if you use the recommended hardware configuration.
Whichever configuration you choose to use, the performance of the system will be impacted by the number and size of the applications that you run simultaneously.
The minimum hardware requirements are:
The recommended hardware requirements are:
266MHz (Pentium) (or faster) CPU
64 MB Memory
1280x1024 Video
21" Display
CD-ROM drive
Network Interface Card
You can run the CommandPoint Admin client on DYNIX/ptx (using ptx/WINDOWS) or on Windows NT.
Refer to the DYNIX/ptx and Layered Products Software Installation Release Notes for installation procedures. The product to select for installation is: cpadmin.
The DYNIX/ptx installation process installs both the CommandPoint Admin server and the (DYNIX/ptx) client.
Once you have installed the software, you need to modify the TDF files located in /opt/commandpoint/cpadmin/tdf. These files identify which user or group can access which tasks in CommandPoint Admin.
If you want to run CommandPoint Admin, you need to grant yourself access to the tdf directory tree by entering the following commands as root:
# cd /opt/commandpoint/cpadmin
# tdfcli/add_acl -a -u lucy tdf/_tdf.tdf
(where lucy is your login)
In this example, the following line would be appended to the /opt/commandpoint/cpadmin/tdf/_tdf.tdf file:
ACL_ALLOW:user="lucy"
ATTENTION We recommend that you refer to the Task Description File Configuration section of these release notes for more information on TDF configuration prior to starting CommandPoint Admin.
Next, you need to start the CPAServer (CommandPoint Admin server). The CommandPoint Admin server must be started in order for the CommandPoint Admin clients (be they DYNIX/ptx or Windows NT) to be able to administer the DYNIX/ptx system.
To start the CPAServer, enter:
/etc/init.d/CPAServer start
If you are using eXceed, refer to the Instructions for eXceed Users section in these release notes prior to starting the CommandPoint Admin client, so that the correct "Dialog" font is used.
ATTENTION CommandPoint Admin requires 6MB of free disk space.
To load the CommandPoint Admin client software on a Windows NT system, load the Systems Management Software CD in your E drive and click on cpadmin\setup.exe.
Follow the standard installation.
During the Windows NT installation of CommandPoint Admin, you will be prompted to respond to a licensing query. In order to install CommandPoint Admin you will need to agree to the terms of the electronic license by clicking on the Yes button which will allow the installation to proceed. (If you answer No, the installation will stop).
Answering Yes allows you to install and use the Windows NT Client component of CommandPoint Admin on one or more workstations which will be used for the purpose of administering systems. In this regard, the Windows NT Client component is an exception to Paragraph 1.2 of the Software License Agreement for CommandPoint Admin.
CommandPoint Admin uses the following authentication mechanisms:
The client user must have an account on the server DYNIX/ptx machine.
The user name and password are authenticated on the server prior to allowing access on the client. (If a valid user name is entered with an invalid password, after 3 tries the user will be locked out for 1 hour.)
Both the UNIX crypt algorithm and the DES encryption algorithm are used.
During authentication, the clear-text password is not sent over the network.
Only root can make changes to the TDF tree located in /opt/commandpoint/cpadmin/tdf as described in the Task Description File Configuration section. (Entries in the TDF tree allow or deny access to tasks in CommandPoint Admin. Once a user is authenticated, only tasks that he or she is allowed access to, as defined by the TDF tree, will be visible to that user. Tasks that he or she does not have permission to access will not be displayed.)
Direct root login is not allowed in order to preserve traceability.
ATTENTION In the Task Description File Configuration section of these release notes, we recommend that you not grant open access to all in the TDF tree, as this could be an administrative problem. Rather, carefully consider who or what group(s) you want to perform various CommandPoint tasks.
Task Description Files (TDFs) are text files that represent an on-disk database of tasks that can be performed with CommandPoint Admin. TDFs contain information such as the name of the task and who can and cannot perform the task. The tasks that appear in the CommandPoint Admin Launcher are created by the system reading the TDF tree; there is one file in the TDF tree for each task you see in the CommandPoint Admin Launcher. The primary area you need to make changes to in the TDF tree is the access control information, which controls which users or groups can access various CommmandPoint Admin tasks.
You decide which users or groups can access the various tasks. In the Installation section, you added your name to the access file for the TDF tree so that you can see and execute all tasks available in CommandPoint Admin. This section describes how to configure the TDF tree and includes examples that show you how to add or deny access for other users or groups to tasks listed in the TDF tree.
In each branch of the TDF tree, there is a _name.tdf file, where name corresponds to a branch of CommandPoint Admin such as: Filesystem, EES, or UserGroup. Also contained in each directory are files that describe each task you see in CommandPoint Admin for that administrative function.
For example, in the /opt/commandpoint/cpadmin/tdf/UserGroup/Group directory, you will see a _Group.tdf file and files for tasks such as groupadd.tdf or groupmodify.tdf (tasks to add a group and modify a group respectively). When you add an entry to a tdf file, the user name or group name is appended to the file.
TDFs have a hierarchy structure; allowing access to the top file (tdf/_tdf.tdf) automatically grants access to all sub-tasks in the TDF tree. This means that in order to give, for example, access at the lowest level of the tree, you need access at each level above it. For example, to have access to the Add User task, you need access in 3 files:
Refer to Task Description File Configuration Examples for more examples.
CommandPoint Admin's TDF tree provides the following features:
Very granular control over who is given access to which tasks. As shipped, no one (including root) has access to CommandPoint Admin's administrative tasks until they (or their group) are given access to tasks in the TDF tree.
Ability to configure access in a large variety of ways in order to meet the needs of different operating environments.
Ability to tailor CommandPoint Admin to your site's administrative policies.
Ability to control on either a user-by-user basis or a group-by-group basis, or a mix of both.
In order to set up the TDF permissions and see tasks in CommandPoint Admin, you need to do the following:
Become root on the server system.
Grant access to the TDF directory for yourself (as described in the Installation section of these release notes).
Decide which user or group should have access to each task.
ATTENTION We recommend that you not grant open access to all in the TDF tree, as this could be an administrative problem. Rather, carefully consider who or what group you want to allow access to perform various CommandPoint Admin tasks.
Add or deny access in the TDF tree to users or groups for each task. Examples are provided later in this section.
TDF administration is handled by means of a command-line interface. The TDF files are located in /opt/commandpoint/cpadmin/tdf. The command-line utilities are in /opt/commandpoint/cpadmin/tdfcli and their output should be written to the /opt/commandpoint/cpadmin/tdf directory tree.
The command you will use most is add_acl. You will most likely not need to use other TDF commands.
The add_acl script adds an entry to the access control list for a specified TDF. This entry either allows or denies access to a particular task. The name refers to the user or group account names on the server. The user may enter multiple user and/or group names per command. The file refers to the TDF file that gets modified.
Refer to the tdfcli(1) man page for more information on all the TDF commands.
ATTENTION If you do not have ptx/EES installed, you need to deny access to all EES tasks. Do not remove the EES TDF files, as you will need these TDF files if you later choose to install ptx/EES.
After making any changes to the TDF tree using add_acl or other TDF commands, you should update the CPAServer (if it is already running); if the CPAServer is not running, start it. Changes you make to the TDF tree do not become effective until the server re-reads the TDF tree. To instruct the server to read the TDF tree, enter the following command which dynamically updates the server:
#/opt/commandpoint/cpadmin/tdfcli/updateTDF
If you need to start the CPAServer, enter the following:
#/etc/init.d/CPAServer start
If you need to stop the CPAServer, enter the following:
#/etc/init.d/CPAServer stop
If you need to restart the CPAServer, enter the following:
#/etc/init.d/CPAServer restart
(This command stops the CPAServer, then restarts it; when the CPAServer starts, it reads the latest TDF tree.)
ATTENTION The CPA Server is linked in /etc/rc2.d for automatic start up and shutdown.
The following scenarios show how you can use the TDFs to further enhance the security of your system administrative tasks and to tailor the task access to fit the policies of your site.
ATTENTION All TDF commands need to be run as root.
ATTENTION The TDF scripts do not check that the user or group names you enter on the command line are valid names. You need to manually verify their validity prior to their use.
In scenario 1, "Lucy" is the primary administrator for a single DYNIX/ptx system, with responsibility for administering all facets of the system. In this scenario, Lucy should be given complete access to the CommandPoint Admin task hierarchy. All others will automatically be denied access to all tasks, unless she explicitly grants them access.
Lucy (as root) would enter the following commands to allow herself access to all branches:
# cd /opt/commandpoint/cpadmin
# ./tdfcli/add_acl -a -u lucy tdf/_tdf.tdf
# ./tdfcli/updateTDF
Result: Because the tdf/_tdf.tdf file is the highest level of the TDF hierarchy, Lucy's access in the _tdf.tdf file will percolate down to all sub-directories, thereby granting access to all tasks.
In scenario 2, a subset of administrators needs to do User and Group administration on multiple DYNIX/ptx systems. If these administrators are members of a UNIX group (such as ugadmin group), the simplest configuration would be to allow access to the CommandPoint Admin User and Group tasks for that group (ugadmin). Alternatively, each individual administrator could be explicitly allowed. This configuration must be done on each system.
Lucy (as root) would execute the following commands to allow access to the top level of the TDF tree for group ugadmin, but then deny access to the EES and Filesystem branches of the tree:
# cd /opt/commandpoint/cpadmin
# ./tdfcli/add_acl -a -g ugadmin tdf/_tdf.tdf
# ./tdfcli/add_acl -d -g ugadmin tdf/EES/_EES.tdf
# ./tdfcli/add_acl -d -g ugadmin tdf/Filesystem/_Filesystem.tdf
# ./tdfcli/updateTDF
Result: When any user in ugadmin group invokes CommandPoint Admin, they will only see User and Group tasks and nothing else. They will, however, have full access to all tasks in User and Group.
ATTENTION Because adding access for group ugadmin in the _tdf.tdf file automatically gave the group members access to all sub-tasks, an explicit deny for EES and Filesystem tasks is necessary.
Tip: Using UNIX group names to allow or deny access to tasks is a good idea. If the system administrative staff at your site changes, all you need to do is to modify the UNIX group. You will not need to update the CommandPoint Admin TDF files.
In scenario 3, assume again that all of the administrators belong to a UNIX group (such as ugadmin), but specific individuals in that group are explicitly denied access to a task, such as adding a user.
Lucy (as root) would enter the following commands to allow access to group ugadmin, but deny access to the add.tdf file (for the Add a User task) for users Fred, Sally, and George:
# cd /opt/commandpoint/cpadmin
# ./tdfcli/add_acl -a -g ugadmin tdf/_tdf.tdf
# cd tdf/UserGroup/User
# ../../../tdfcli/add_acl -d -u "fred sally george" add.tdf
# ../../../tdfcli/updateTDF
Result: Fred, Sally, and George will not see the Add User task, while others in group ugadmin will.
In scenario 4, the administrators belong to distinct UNIX groups (such as admin and asstadmin). The admin group needs access to all tasks, while the asstadmin group can only access "display" tasks in the Group branch.
Lucy (as root) would enter the following commands to allow access to all tasks for groups admin and asstadmin, then would deny access to modification tasks for group asstadmin group in the Group branch:
# cd /opt/commandpoint/cpadmin
# ./tdfcli/add_acl -a -g "admin asstadmin" tdf/_tdf.tdf
# cd tdf/UserGroup/Group
# ../../../tdfcli/add_acl -d -g asstadmin groupadd.tdf
# ../../../tdfcli/add_acl -d -g asstadmin groupdelete.tdf
# ../../../tdfcli/add_acl -d -g asstadmin groupmodify.tdf
# ../../../tdfcli/add_acl -d -g asstadmin groupvalidate.tdf
# ../../../tdfcli/updateTDF
Result: Users in the asstadmin group will only see the Display Groups task under the Group Accounts. They will not see other tasks such as Add, Delete, Modify, or Validate Group.
Scenario 5 describes a situation where a site has multiple DYNIX/ptx systems, where one machine is chosen to host a "master" copy of the User and Group files and changes are made (such as adding or removing users) only on the "master" system On a periodic basis, the "master" files (such as /etc/passwd and /etc/group) are copied to all of the other ("non-master") DYNIX/ptx systems. In this case, CommandPoint Admin should be configured, via the TDFs, such that approved administrators on "non-master" systems are only allowed to view the User and Group information, but are not allowed to modify it. On the master system, CommandPoint Admin should be configured such that the approved administrators can both view and modify User and Group information.
Lucy (as root) would enter the following commands on system1 (the "master" system) for group admin to allow access to all branches:
# cd /opt/commandpoint/cpadmin
# ./tdfcli/add_acl -a -g admin tdf/_tdf.tdf
# ./tdfcli/updateTDF
ATTENTION The tdfcli/add_acl command in the example for system 1 also allows group admin to not only display, but also modify EES and Filesystem information. If you want to exclude group admin from those branches, you need to explicitly deny access to each branch. The next set of commands shows you how to deny access for modifications to the Group and User branches.
Lucy (as root) would enter the following commands on system2 and system3 to deny access to the User and Group branches:
#cd /opt/commandpoint/cpadmin
# tdfcli/add_acl -a -g admin tdf/_tdf.tdf
#cd tdf/UserGroup/Group
# ../../../tdfcli/add_acl -d -g admin groupadd.tdf
# ../../../tdfcli/add_acl -d -g admin groupdelete.tdf
# ../../../tdfcli/add_acl -d -g admin groupmodify.tdf
# ../../../tdfcli/add_acl -d -g admin groupvalidate.tdf
#cd ../User
# ../../../tdfcli/add_acl -d -g admin add.tdf
# ../../../tdfcli/add_acl -d -g admin deactivate.tdf
# ../../../tdfcli/add_acl -d -g admin delete.tdf
# ../../../tdfcli/add_acl -d -g admin modify.tdf
# ../../../tdfcli/add_acl -d -g admin reactivate.tdf
# ../../../tdfcli/add_acl -d -g admin setdefaults.tdf
# ../../../tdfcli/add_acl -d -g admin validatepwd.tdf
#/opt/commandpoint/cpadmin/tdfcli/updateTDF
The following TDF precedence rules apply:
You cannot deny access at a high level in the TDF tree, then allow access below.
User will always take precedence over group.
For example, assume that user Mike is a member of group oper. If group oper is denied access at a level and Mike is allowed access at the same level, then Mike will be allowed access since the user specification always takes precedence over group.
Deny access takes precedence over allow at the same level of the TDF tree, unless the user takes precedence over group.
Once you have installed the software, you can start CommandPoint Admin. The following sections describe how to start CommandPoint Admin for both Windows NT and DYNIX/ptx users.
To start the CommandPoint Admin client click on the Start-->Programs-->NUMA-Q-->CommandPoint Admin Launcher shortcut.
ATTENTION Before starting the client, you must correctly set your DISPLAY environment variable.
To start the client on DYNIX/ptx enter:
/usr/bin/cpadmin
The CommandPoint Admin online help contains "helpful hints" on the following user-interface topics:
Navigating: What appears in the two-pane window
Sorting: How to click on a column header
Selecting: How to use single-click (used everywhere except folder icons)
Dialog buttons: What are the differences between OK, Apply, Update, and so on
Status indicators: How task status is available on the task tabs
Refer to the online help for more information on these topics.
ATTENTION CommandPoint Admin was developed using the Sun® Swing and JDK (Java Development Kit) tools. Navigation and other interaction may be different from what you are used to with Windows applications. We encourage you to refer to the CP Admin Main Window Interface topic in the online help. (To see the "helpful hints" online help, select Help-->CP Admin Help Topics from the CommandPoint Admin menu; then click on CommandPoint Admin Main Window Interface.)
The following tips should also be noted:
You must click on a button (such as OK or Apply) to initiate an action; pressing Enter will not work.
Press the TAB key to cycle through fields to reach a desired button, then press the Space Bar to initiate the button action or click on the button (such as the OK button). For example, in the Login dialog, you cannot enter your password and then press Enter to complete the login process. You must press the Tab key after entering your password, then either hit the Space Bar or click on the OK button to complete the login process.
When you click on OK, task success is indicated by the task tab disappearing with no error or warning. The tab will remain if there are any problems.
When adding multiple users or groups, press Apply after each task and Reset before adding the next user. Pressing Reset refreshes the dialog and provides the next UID for use.
Once the client software is running, you will see the CommandPoint Launcher window. Click on File-->Add a New Host. Enter a Host Name or host IP address, Login, and Password. Click OK.
You will see the host name in the left pane of the CommandPoint Launcher window and the CommandPoint Admin icon in the right pane.
ATTENTION Only the applications (CommandPoint Admin, CommandPoint SVM, or CommandPoint Clusters) or tasks (Add a User, Mount a Filesystem and so on) to which a user has access (as defined by the TDF) will appear in the right pane.
Click on the CommandPoint Admin icon. The following Management Tasks will appear (as defined by the TDF tree on the server) in the left pane:
These options contain the following functionality:
To expand the task tree in the left pane of CommandPoint Admin to see User and Group tasks, for example, double click on User and Group.
To see the Group tasks, double click on Group Accounts.
To start a task (such as Display Groups), single click on the task.
The task tree can also be expanded by single clicking on the dots next to each application in the left pane.
If you want to add additional hosts, return to the Command Point Admin Launcher window.
To reconnect to a previously connected host, select Log On from the File menu of the CommandPoint Admin Launcher and click on CommandPoint Admin to start again.
ATTENTION Hosts that are added will be present each time CommandPoint Admin Launcher is started.
To delete a host, go to the CommandPoint Admin Launcher window, click on the host name, and select File-->Remove Selected Host.
You can run CommandPoint Clusters or CommandPoint SVM as stand-alone applications. You can also launch CommandPoint Clusters or CommandPoint SVM from CommandPoint Admin, if you are running CommandPoint Admin as an X application (meaning running it via eXceed and not running it as a Windows NT application). If you are running CommandPoint Admin from Windows NT and there is no eXceed installed on your PC, you will not be able to launch CommandPoint Clusters or CommandPoint SVM.
If you want to launch CommandPoint Clusters or CommandPoint SVM from CommandPoint Admin, you need to allow access for yourself to the Clusters or SVM portion of the TDF tree or you will not see those applications when you run CommandPoint Admin. Refer to the Task Description File Administration for CommandPoint Clusters or CommandPoint SVM section for instructions on how to make changes for the Clusters or SVM portions of the TDF tree. (Refer to the Task Description File Configuration section for more information about TDF in general.)
If you install CommandPoint Clusters or CommandPoint SVM after CommandPoint Admin is installed, you will need to restart the CPAServer (/etc/init.d/CPAServer restart) or run the /opt/commandpoint/cpadmin/tdfcli/updateTDF command-line utility so that Launcher sees the new applications (assuming that you have granted yourself access to the TDF tree).
If CommandPoint Admin is installed after CommandPoint Clusters or CommandPoint SVM, then these applications will show up automatically in Launcher when the CPAServer is started (/etc/init.d/CPAServer start).
When CommandPoint Clusters or CommandPoint SVM is installed, a single TDF file is placed in the /opt/commandpoint/cpadmin/tdf directory; a cpclusters.tdf file or a cpsvm.tdf file respectively. As described in the Task Description File Configuration section, this file contains the task name (Cluster Administration or Volume Management), product name, and a list of who can and cannot perform the task. For CommandPoint Admin, you can allow or deny access to specific tasks within the TDF tree. However, for CommandPoint Clusters or CommandPoint SVM, you can only allow or deny access to the top level of the tree, meaning a user or group can either access or not access CommandPoint Clusters or CommandPoint SVM.
To allow access to CommandPoint Clusters for herself, an administrator named Evie would enter (as root):
# cd /opt/commandpoint/cpadmin/tdf
# ../tdfcli/add_acl -a -u evie cpclusters.tdf
# ../tdfcli/updateTDF
To allow access to CommandPoint SVM for herself, Evie would enter (as root):
# cd /opt/commandpoint/cpadmin/tdf
# ../tdfcli/add_acl -a -u evie cpsvm.tdf
# ../tdfcli/updateTDF
These commands would append Evie's name to the cpclusters.tdf or cpsvm.tdf file and would instruct the server to read the TDF tree.
To allow access to CommandPoint Clusters to a group named ugadmin, Evie would enter (as root):
# cd /opt/commandpoint/cpadmin/tdf
# ../tdfcli/add_acl -a -g ugadmin cpclusters.tdf
# ../tdfcli/updateTDF
To allow access to CommandPoint SVM to a group named ugadmin, Evie would enter (as root):
# cd /opt/commandpoint/cpadmin/tdf
# ../tdfcli/add_acl -a -g ugadmin cpsvm.tdf
# ../tdfcli/updateTDF
These commands would append the ugadmin group name to the cpclusters.tdf or cpsvm.tdf file and would instruct the server to read the TDF tree.
The CommandPoint Admin documentation consists of these release notes and the online help.
The number that appears in parentheses in problem report titles is the Problem Tracking System number assigned to the report. These problems will be corrected in a future release unless otherwise noted.
ATTENTION Some of the bugs listed are not CommandPoint Admin bugs, but are bugs against Java tools. If so, they are identified as such with the heading of "Java Problem."
In earlier versions of the JDK (prior to V1.1.6), programs running on Win32TM systems with 256-color displays would sometimes repaint unnecessarily after closing a modal dialog. This problem occurs only on Windows NT.
Workaround. None. This bug is fixed in JDK 1.1.6. (Sun bug number 4088416.)
In JDK V1.1.5, information about a thread was not discarded when the thread died. This resulted in severe memory leaks in programs that created and destroyed large numbers of threads. While running CommandPoint Admin, you may see increasingly slow response, slow screen updates, or hangs of CommandPoint Admin.
Workaround. Restart CommandPoint Admin. This bug is fixed in JDK 1.1.6. (Sun bug number 4102107.)
Periodically, invoking the help subsystem (Jhelp) causes the JVM (Java Virtual Machine) to exit. This problem is only seen on a Windows NT client.
Workaround. Restart CommandPoint Admin. This is a JVM bug.
The versions of Swing and JDK that we use to develop CommandPoint Admin frequently exhibit problems when repainting dialogs, for example when viewing the Filesystem EFS option.
Workaround. In many cases, resizing the window or iconifying it and then restoring it will force the window to be displayed correctly.
If you increase the file size allocation in the Modify Event Log File dialog and hit Apply, the command will successfully complete, but you will get an error dialog that has no error string. This can also happen to any commands (such as compacting the log, increasing file size allocation, and so on) in the Modify Event Log File dialog because the underlying ptx/EES command, ees_logmgr does not return a proper exit code.
Workaround. None. This is a ptx/EES bug.
If you press Next in any dialog before all fields initialize (which takes several seconds), you may get a java.lang.NullPointerException error.
Workaround. Do not press Next before all fields initialize; wait until the status information in the tab says Input, then press Next.
If you start the login process to CommandPoint Admin (but do not complete it), go to another application, then return to CommandPoint Admin, you may not see the login dialog as it can hide behind other windows.
Workaround. Press ALT + TAB to bring up the CommandPoint Admin Launcher.
The Browse button for the Filesystem-->Mount FS-->FS Spec Options-->External Log Device displays character devices for the log dev devices (such as /dev/rdsk/...), instead of block devices (such as /dev/dsk/...). Therefore, the mount command fails. This occurs for both EFS and CFS filesystem types.
Workaround. Select a device and manually edit the entry to remove the r from /dev/rdsk.
The CPAServer fails to start if the /opt/commandpoint/cpadmin/CPAServer.PID file exists, but the PID listed is no longer running.
Workaround. Remove the /opt/commandpoint/cpadmin/CPAServer.PID file. Then enter /etc/init.d/CPAServer start to start the server.
If you enter the name of an active user in the Reactivate User Account dialog, that user will be assigned a new password.
Workaround. None.
The Add New Filesystem-->Display Browse dialog in Add New Filesystem lists all possible devices, with the exception of devices used for swap, SVM subdisks, and mounted filesystems. These devices are excluded because the operations would fail if they were used. However, this does not mean that all of the other devices can be used safely. For example, you would not want to create a new filesystem over a raw partition that contains a database. It is not possible to exclude all these cases from the dialog list so it is important to verify the device's state before adding a new filesystem.
Workaround. None. The online help for this dialog includes this same bug text. (This bug is related to 243168.)
The External Log Devices Browse dialog in EFS Mount Options lists all possible devices, with the exception of devices used for swap, SVM subdisks, and mounted filesystems. These devices are excluded because the operations would fail if they were used. However, this does not mean that all of the other devices can be used safely. For example, you would not want to create a new filesystem over a raw partition that contains a database. It is not possible to exclude all these cases from the dialog list so it is important to verify the device's state before adding a new filesystem.
Workaround. None. The online help for this dialog includes this same bug text. (This bug is related to 243185.)
In the Modify Table Entry dialog, the Filesystem Type can be changed, however the Filesystem Options dialog displays the original filesystem type.
Workaround. None.
The Add Filesystem Entry menu allows you to specify non-existent mount points. If you add a non-existent mount point, your machine may not reboot correctly.
Workaround. None.
The Delete Group menu allows you to delete group root. You cannot then use CommandPoint Admin to re-add it.
Workaround. None.
The Delete for NFS dialog picks the device instead of the mount point to delete.
Workaround. None.
Clicking on Cancel before a form completes initialization can generate an error.
Workaround. Do not cancel a form before it completes initialization.
If you add or modify a filesystem table entry for an EFS filesystem and set the convosync mount option to Direct, the mount option will get set back to its original setting.
Workaround. None.
The Modify Filesystem dialog allows you to, for example, change a filesystem type but does not warn you about the dangers of doing so.
Workaround. None.
mount -v is used to display mounted filesystems in CommandPoint Admin. If you mount an EFS-type filesystem with a long list of options, such as a logdev, mount -v dumps core and the mounted filesystems are not displayed in the Display Filesystem window.
Workaround. Manually execute a mount -v on the server.
The CommandPoint Admin client may give a java.lang.exception after ~15 forms (tasks operations) are opened. This problem happens most frequently on DYNIX/ptx.
Workaround. Do not open more than 10 tasks at one time and close unneeded forms.
If there are two entries for the same mount points on different devices and you choose to remove one of them, delfstab should provide a warning.
Workaround. Press Update (to update the table) and then press Apply.
The list of users in the Display Group form contains only the users specified in the /etc/group file for the selected group. It does not show the logins of users for whom the selected group is the primary group.
Workaround. None.
The vertical scroll bar is not visible in the Validate Group File dialog.
Workaround. Scroll horizontally all the way to the right until you see the vertical scroll bar.
Typing or using browse dialogs to enter a long list in a text field on any of the CommandPoint Admin forms may result in failure of the command on the server due to a limitation on the maximum number of characters on a command line. The error message will not specifically indicate that the failure was caused by too many characters on the command line.
Workaround. Limit the number of characters of input in text fields.
Table columns that are manually resized to a wider or narrower width will be returned to original width following an Update of the form.
Workaround. None.
CommandPoint Admin does not run properly on audited systems. It cannot be started via drestart, therefore the setup of the vector privileges fails.
Workaround. None.
The Add User Account task does not append the user login name to the home directory listed in the Home Directory field of the Add User Account form. However, the user's account is created.
Workaround. Enter the full path (including the user's login) in the Home Directory field of the Add User Account form when adding a new user to the system.
Errors do not appear in CommandPoint Admin when loading ptx/EES filters from a command file.
Workaround. None.
In Browse dialogs, such as Delete FS Table Entry, sometimes the last column on the right is displayed with its heading box not sized correctly.
Workaround. Resizing the dialog slightly fixes the heading.
If the CFS Filesystem is mounted without going into the CFS Specific Options dialog and entering a log device, you will get an error message.
Workaround. Enter a log device in the CFS Specific Options dialog.
Browse dialogs that contain tables may not be drawn correctly.
Workaround. Resize the dialog.
Adding an EES filter from a file always returns success even if the file is a directory name or a badly formatted file.
Workaround. Use the Display Filters dialog to verify that the filters were successfully added via Add Filters.
The Filesystem Check dialog does not allow fsck options.
Workaround. Manually run fsck options.
CommandPoint Admin may not be usable if the Windows NT client is left running overnight.
Workaround. Attempt to close CommandPoint Admin via the normal way. If that fails, use the Windows NT Task Manager to perform an End Task on the CommandPoint Launcher application.
The Display Table Entries dialog does not have a Mount task option.
Workaround. None.
The Reset button in the EES Modify Event Log File does not reset all fields.
Workaround. None.
A user could log into a node and not see a CommandPoint Admin icon in Launcher's right pane. This is a tdf (task description file) permission problem.
Workaround. Refer to the Task Description File Configuration section of these release notes or to the tdfcli(1) man page for details on the usage of the tdf command line utilities.
If you have an MFS filesystem type, you may see an error dialog in the Modify Filesystem Table Entry dialog that says:
"...memory-based filesystem table entries are not supported in this release. Use ptx/ADMIN". This message is incorrect because ptx/ADMIN® does not support MFS filesystem types.
Workaround. None.
Some error messages generated by insufficient permission in the tdf file are cryptic, such as:
Cannot start Task Description Node named 'delete.tdf' Cannot start task: Problem instantiating class for Task Description File (TDF) name 'delete.tdf' (Internal Warning: No infoObj Exception data available for %ex_trace%)
A better error message would be "Delete: Permission Denied."
Workaround. Click on the Help button (if one exists); in many cases the online help will provide suggestions on how to accomplish the task or where to go for more information. Refer to Task Description File Configuration in these release notes for more information about tdf.
The Copy (Ctrl + C) option in View Commands does not work on the DYNIX/ptx client.
Workaround. None.
If you have CommandPoint Admin running and run updateTDF (to update the task list), update notices will appear. The notices do not list the server name.
Workaround. None.
You may see duplication communication failure error messages for the same (single) problem.
Workaround. None.
The Delete Group form deletes only one user at a time, but the browse dialog for group name allows multiple selections. Only the first group selected in the browse dialog will appear in the Group name list after dialog is closed.
Workaround. None.
The text-field portion of numeric spinners in CommandPoint Admin will not allow the use of backspace key to clear the field so that a new value can be typed. When the backspace erases the last remaining digit in the field, that digit is restored automatically.
Workaround. You can enter a new value if the existing value is first selected (highlighted) using the mouse.
Lists or columns in tables which contain mixed alpha and numeric entries are sorted lexicographically rather than alpha-numerically. For example, entries in a column of integers ending with percent symbols will be sorted as 1%, 10%, 2%.
Workaround. None.
Group Add does not support the -o option. This option on the UNIX command line allows creation of a new group using a group ID that is already used in an existing group.
Workaround. Use the UNIX command line.
Sorting of lists or columns in tables which contain date entries are not sorted in correct date/time order.
Workaround. None.
CommandPoint Admin's Launcher comes up blank when invoked on a Sun SPARC station (this was observed on a Sun NetraTM and an Ultra SPARC 2).
Workaround. Resize the Launcher window.
The Validate Passwd File and Validate Group File dialogs report inconsistencies in the /etc/passwd and /etc/group files, when in fact there are no errors.
Workaround. None.
Clicking on Next (without selecting an entry) in FS-->Table Entries-->Modify Entry returns the following error message:
One or more user-provided values are invalid: Modification of memory-based filesystem table entries not supported in this release. Use ptx/ADMIN. A table entry must be selected.
The validation portion of the error message is correct (you must enter a value). The rest of the error message is misleading, in that the problem is that a value has not been entered.
Workaround. Enter a value.
The Set Account Default's Shell field does not accept manual input, even though it is an editable field.
Workaround. Select one of the 3 shells listed.
The following procedures allow you to configure eXceed colors and fonts so that they work better with CommandPoint Admin.
ATTENTION You only need to apply these procedures once. You may determine if the procedure has already been done (for example for CommandPoint Clusters), by doing the following:
Invoke an MS-DOS® command prompt window.
Cd to the eXceed user directory as described next, normally located in:C:\Program Files\exceed.nt\user
C:
cd \Program Files\exceed.nt\user (or wherever the eXceed user directory is located on your system)
dir *.bak
If 75dpi.bak or 100dpi.bak appears in the list, the procedure has already been done.
ATTENTION The following procedure to change eXceed colors is required.
To configure eXceed colors, perform the following:
Exit eXceed if you have an active session.
From the Start menu, select Programs-->Exceed-->Xconfig. The Xconfig window will open.
To set colors, double-click on Video.
Locate the Server Visual field. (We recommend that you write down what the current value for this field is, in case you need to later return to that value.) If the current setting is Auto Select or True Color, change it to PseudoColor and click OK. (Do not close the Xconfig window as you need to make more changes in this window later in this procedure.)
Proceed to the Changing Fonts section.
We recommend that you perform the following procedure to configure eXceed fonts so that they work better with CommandPoint Admin.
ATTENTION CommandPoint Admin only works in eXceed's single-window mode. To verify the eXceed mode, select Programs-->Exceed-->Xconfig-->Window Mode from the Start menu, and click on Single (if it is not already selected). Click on OK to close the Window Mode window.
ATTENTION Applying this procedure may affect font sizes for other applications run to the eXceed display. Note that if the version of eXceed is upgraded or reinstalled, these changes will be lost.
ATTENTION The following highly recommended procedure configures eXceed fonts so that they work better (meaning proper font sizes) with all CommandPoint products.
While other versions of eXceed probably work properly, we have only tested eXceed versions 5.1.3.0 and 6.0.1.15. If you are running eXceed V6.0.1.0 and want to upgrade to a later version, you may contact Hummingbird® technical support at 1-416-496-2200 (or http://www.hummingbird.com/faq/cntcontact.html).
Please make sure this release note procedure has been applied before reporting CommandPoint Admin problems to Customer Support.
To configure eXceed fonts, perform the following:
ATTENTION Changes you make to the eXceed settings do not take effect until you start a new eXceed session.
From the Xconfig dialog, verify if your X server is configured to use 75 or 100dpi fonts as follows:
From the Xconfig window, double-click on Font.
Click on Font Database. In the Font DB File column, search for a 75dpi or a 100dpi entry.
Note which dpi setting and the font path location you have. You will use this information in a later step. (If both 75 and 100dpi are listed, note which font is listed first and use that value in later steps.)
Click on Cancel to close the Font Database dialog.
Click on Close to close the Font Settings dialog. (Do not close the Xconfig window as you need to make more changes in this window later in this procedure.)
Make a backup copy of eXceed's current font configuration file by invoking an MS-DOS command prompt window. Cd to the eXceed user directory as described next, normally located in:C:\Program Files\exceed.nt\user.
C:
cd \Program Files\exceed.nt\user
If you are using 75dpi (you verified your dpi setting in step 1), enter:
copy 75dpi.fdb 75dpi.bak
If you are using 100dpi (you verified your dpi setting in step 1), enter:
copy 100dpi.fdb 100dpi.bak
Exit the MS-DOS command window.
In the Xconfig window, double-click on Font. (If you have accidently closed the Xconfig window, from the Start menu select Programs-->Exceed-->Exceed-->Xconfig.)
Click on Font Database. Click on the dpi setting (75dpi or 100dpi; if both appear, click on the first one in the list).
Click on Font List for Directory.
If you are using 75dpi, scroll until you locate courr12, then click to select it. If you are using 100dpi, scroll until you locate courr10, then click to select it.
If you are using 75dpi, scroll in the Font List window until you locate helvr10, then click to select it. If you are using 100dpi, scroll until you locate helvr08, then click to select it.
Click on Make Alias.
In the Logical Name field, enter:
-b&h-lucida sans-medium-r-normal-sans-*-100-*-*-p-*-iso8859-1
ATTENTION Enter the alias exactly as it appears; there must be a space between lucida and sans.
Click on OK.
Click on Make Alias.
In the Logical Name field, enter:
-linotype-helvetica-medium-r-normal-sans-*-110-*-*-p-*-iso8859-1
Click on OK.
If you are using 75dpi, scroll in the Font List window until you locate helvr12, then click to select it. If you are using 100dpi, scroll until you locate helvr10, then click to select it.
Click on Make Alias.
In the Logical Name field, enter:
-b&h-lucida sans-medium-r-normal-sans-*-120-*-*-p-*-iso8859-1
ATTENTION Enter the alias exactly as it appears; there must be a space between lucida and sans.
Click on OK.
Click on Make Alias.
In the Logical Name field, enter:
-linotype-helvetica-medium-r-normal-sans-*-120-*-*-p-*-iso8859-1
Click on OK.
If you are using 75dpi, scroll in the Font List window until you locate helvb12, then click to select it. If you are using 100dpi, scroll until you locate helvb10, then click to select it.
Click on Make Alias.
In the Logical Name field, enter:
-b&h-lucida sans-bold-r-normal-sans-*-120-*-*-p-*-iso8859-1
ATTENTION Enter the alias exactly as it appears; there must be a space between lucida and sans.
Click on OK.
Click on Make Alias.
In the Logical Name field, enter:
-linotype-helvetica-bold-r-normal-sans-*-120-*-*-p-*-iso8859-1
Click on OK.
If you are using 75dpi, scroll in the Font List window until you locate helvbo12, then click to select it. If you are using 100dpi, scroll until you locate helvbo10, then click to select it.
If you are using 75dpi, scroll in the Font List window until you locate helvb18, then click to select it. If you are using 100dpi, scroll until you locate helvb14, then click to select it.
If you are using 75dpi, scroll in the Font List window until you locate helvb24, then click to select it. If you are using 100dpi, scroll until you locate helvb18, then click to select it.
Click on OK in the Font List dialog.
Click on OK in the Font Database dialog.
Click on Close in the Font Setting dialog.
Close the Xconfig window.
Start eXceed and proceed to the Getting Started section of these release notes.
The following procedure describes how to reconfigure eXceed for its default values, in case those values are needed by another application you are running via eXceed. To configure eXceed for its default settings, perform the following:
ATTENTION Changes you make to the eXceed settings do not take effect until you start a new eXceed session.
Exit eXceed if you have an active session.
To restore the backup copy of the font configuration, invoke an MS-DOS command prompt window. Cd to the eXceed user directory as described next, normally located in C:\Program Files\exceed.nt\user.
C:
cd \Program Files\exceed.nt\user
If you are using 75dpi (you verified your dpi setting in step 1), enter:
copy 75dpi.bak 75dpi.fdb
If you are using 100dpi (you verified your dpi setting in step 1), enter:
copy 100dpi.bak 100dpi.fdb
Exit the MS-DOS command window.
From the Start menu, select Programs-->Exceed-->Xconfig.
Double-click on Video.
In the Server Visual field, select the setting you saved in step 4 in the Changing Colors section of these release notes.
Click OK to close the Video dialog.
Close the Xconfig window.
Restart eXceed.