Support User Manuals

IBM Tivoli and Cisco Network Card User Manual

Open as PDF

of 516

428 Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

HotfixId=KB896423

TmfWebUIEndpoint=tcmweb

4. This configuration file is a little different from the others created before. The

first difference is the additional parameter close to the end named

HotfixId.

The value of this parameter

must match the name of the hotfix. To notice the

second difference, take a closer look into the

nac.win.any.hotfix.PostureHotfixV2_HOTFIX_WF.DefaultConfig.properties

file located in the $BINDIR/tcmremed/cfg directory. This file contains the

default options for this type of the workflow. Specifically, there are three

important parameters:

RunQchainFlag.format=true

TmfWebUIPublicName.format=/${WorkflowName}/${PostureCollectorName}/${Postur

eCollectorParameterName}/${HotfixId}

RunQchainFlag equaling true means that the software package block installer

should use the qchain.exe utility, which is provided by Microsoft in order to

provide the ability to install multiple hotfixes with only one reboot at the end of

the installation. This line has two implications:

– During the remediation you can install multiple hotfixes, one by another,

without a reboot.

– You must add this qchain.exe utility to your remediation package.

This utility is a part of the Microsoft Windows 2000 Resource Kit and is

available free for registered Microsoft Windows users. Download it from the

Microsoft Web site and store it in the $BINDIR/tcmremed/cfg directory.

The second parameter, TmfWebUIPublicName.format, defines the public

name of the remediation package under which it will be seen on the Web

Gateway. You may notice that the actual workflow name for all hotfix

packages will be the same (TCRMSPatchesInstallWinXP), but the name of

the package will include the HotfixId specified in the Sample.properties file.

5. Run the sputil.sh command to create the software package block and

publish it on the Web Gateway. To achieve this run the following commands:

cd $BINDIR/tcmremed/download

cd TCRMSPatchesInstallWinXP_KB896423

$BINDIR/tcmremed/bin/sputil.sh -p Sample.properties

6. Verify the result of running the tool with the following command:

wlookup -ar SoftwarePackage | grep TCRMSPatchesInstallWinXP_KB896423

Note: If you do not have or do not want to use the qchain.exe utility, set the

value of the RunQchainFlag to false in the Sample.properties file for the

hotfix remediation package you are preparing.

previous next