HP UX B6941-90001 User Manual

368

Chapter 9

An Overview of ITO Processes

Understanding ITO Processes

However, this configuration information must be present on both the
management server and the managed node.

ITO associates two names with the two types of node in its environment,
namely: one each for the management server and the managed node. All
management server processes then run under the name associated with
the management server, and all managed node processes under the
identity of the name associated with the managed node.

In addition, ITO allows you to select and configure the security level your
particular environment requires for an individual managed node: the
value is stored in the given managed node’s

opcinfo

file and in the

relevant entry in the database on the management server. In this way,
security on a given managed node may be changed to handle, for
example, the addition of sensitive connections through a firewall.

ITO may be configured in such a way as to be able to overcome a
situation where, owing to the temporary unavailability or mis-
configuration of the security service, a process is required either to run in
unauthenticated mode or to fail. For example, if a management server
process such as the request sender receives an authentication failure
when calling a control agent on a managed node, an error message is
generated, which appears in the

Message Browser

window. The

administrator is then able to take immediate corrective action, for
example, by temporarily changing the security level on the managed
node in question to allow the retransmitted request to succeed.