IBM Tivoli and Cisco User Manual

Page 446

Advertising
background image

428

Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

HotfixId=KB896423
TmfWebUIEndpoint=tcmweb

4. This configuration file is a little different from the others created before. The

first difference is the additional parameter close to the end named

HotfixId

.

The value of this parameter

must

match the name of the hotfix. To notice the

second difference, take a closer look into the
nac.win.any.hotfix.PostureHotfixV2_HOTFIX_WF.DefaultConfig.properties
file located in the $BINDIR/tcmremed/cfg directory. This file contains the
default options for this type of the workflow. Specifically, there are three
important parameters:

RunQchainFlag.format=true
TmfWebUIPublicName.format=/${WorkflowName}/${PostureCollectorName}/${Postur
eCollectorParameterName}/${HotfixId}

RunQchainFlag equaling true means that the software package block installer
should use the qchain.exe utility, which is provided by Microsoft in order to
provide the ability to install multiple hotfixes with only one reboot at the end of
the installation. This line has two implications:

– During the remediation you can install multiple hotfixes, one by another,

without a reboot.

– You must add this qchain.exe utility to your remediation package.

This utility is a part of the Microsoft Windows 2000 Resource Kit and is
available free for registered Microsoft Windows users. Download it from the
Microsoft Web site and store it in the $BINDIR/tcmremed/cfg directory.

The second parameter, TmfWebUIPublicName.format, defines the public
name of the remediation package under which it will be seen on the Web
Gateway. You may notice that the actual workflow name for all hotfix
packages will be the same (TCRMSPatchesInstallWinXP), but the name of
the package will include the HotfixId specified in the Sample.properties file.

5. Run the

sputil.sh

command to create the software package block and

publish it on the Web Gateway. To achieve this run the following commands:

cd $BINDIR/tcmremed/download
cd TCRMSPatchesInstallWinXP_KB896423
$BINDIR/tcmremed/bin/sputil.sh -p Sample.properties

6. Verify the result of running the tool with the following command:

wlookup -ar SoftwarePackage | grep TCRMSPatchesInstallWinXP_KB896423

Note: If you do not have or do not want to use the qchain.exe utility, set the
value of the RunQchainFlag to false in the Sample.properties file for the
hotfix remediation package you are preparing.

Advertising
See also other documents in the category IBM Hardware: