©Copyright International Business Machines Corporation 2009. All rights reserved. U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
NOTE: Before using this information and the product it supports, read the general information under Notices in this document.
Date: 2009 October 09
This fix pack corrects several problems in IBM Tivoli Compliance Insight Manager, Version 8.5.0. It requires that IBM Tivoli Compliance Insight Manager, Version 8.5.0, already be installed. After installing this fix pack, your Tivoli Compliance Insight Manager installation will be at software service level 8.5.0.9.
This fix pack package contains:
This fix pack is distributed as an electronic download from the IBM Software Support Web site.
This fix pack package supports the same operating system releases as the IBM Tivoli Compliance Insight Manager 8.5 product. Refer to chapter 1 ("System Requirements") of the IBM Tivoli Compliance Insight Manager 8.5 Installation Guide for a complete list.
This fix pack supersedes the Windows part of fix packs from 8.5.0-TIV-TCIM-FP001 to 8.5.0-TIV-TCIM-FP008. z/OS actuator last fix pack is 8.5.0-TIV-TCIM-FP001. AIX last fix pack is 8.5.0-TIV-TCIM-AIXPPC32-FP008. HP-UX last fix pack is 8.5.0-TIV-TCIM-HPUXPARISC-FP008. Solaris last fix pack is 8.5.0-TIV-TCIM-SolarisSparc-FP008
Tivoli Compliance Insight Manager supports multiple platforms; for each platform requiring updates, a separate package is installed. Each package contains the updates for all components installed on that platform.
The following problems are corrected by this fix pack. For more information about the APARs listed here, refer to the Tivoli Compliance Insight Manager Support site.
Be aware of the following considerations before installing this fix pack:
You must already have Tivoli Compliance Insight Manager 8.5.0 and its prerequisites installed.
This fix pack package is provided as an executable file for the Microsoft Windows platform and as an archive file for each supported non-Windows platform.
It is recommended to backup TCIM installation on all systems where the FP will be installed. This will allow for a smooth rollback procedure in case any problems occur after installation. Please see the Backup and Restore Procedure of TCIM v8.5
The fix pack detects all the Tivoli Compliance Insight Manager components that are installed on the system and automatically updates them.
Note: If one or more interim fixes have already been installed on the system, the fix pack automatically detects them and takes the appropriate action to ensure they do not need to be reapplied.
Note 2: The fix pack should be applied on all Standard Servers before applying it on the Enterprise Server
to which the Standard Servers are connected.
In case a Standard Server is added later to the cluster so the fix pack is applied later on the Standard Server, the
following workaround should be applied:
- Start a DB2 session using cifowner
MSDOS> db2 connect to cifdb user cifowner using [cifownerpwd]
- Call the stored procedure
MSDOS> db2 Call CLMDB.DataSync_CreateCompositeViews()
(Ensure that the command execution is successful)
After that the "Investigate" page in Log Manager will work properly again.
Note 3: Database marked bad with ZRC=0x870F00F2
In situations in which TCIM is loading a lot of data into DB2, bulk loading may fail, and the error code 0x870F00F2 will appear
in the db2diag.log file from TCIM diagnostics. This problem can be avoided by disabling file caching in DB2.
To do so, stop all TCIM services, and execute the following commands
MSDOS> db2stop
After this, restart all TCIM services. More information can be found in the following DB2 article: Database marked bad with ZRC=0x870F00F2.
MSDOS> db2set DB2NTNOCACHE=ON
MSDOS> db2start
After the fix pack has been installed it is possible that one or more web applications are not accessible (for instance, failing with code 404). To solve this problem, stop the "IBM Tivoli Compliance Insight Manager Tomcat" service, delete all subfolders from the following directory:
<TCIM folder>\iView\tomcat\webapps
Do not delete the files in that folder, only the subdirectories. After that, restart the "IBM Tivoli Compliance Insight Manager Tomcat" service, and all web applications will be accessible again.
Configuration of the hostname used in SMTP HELO message when sending alerts:
[SMTP] section add the following line:Localhost=myhostname<Environment name="localhost-name" value="myhostname"
type="java.lang.String" override="false" />Addendum for TCIM v85 install manual, Tivoli Compliance Insight Manager 8.5 Installation Guide (page 302), requirement 4
If a firewall is present, ports 446, 448 and 449 also need to be opened, as they're needed to perform DDM/DRDA on iSeries.
Correction for TCIM v85 install manual, Tivoli Compliance Insight Manager 8.5 Installation Guide (page 306), "Configuring iSeries manually" point 12
The final step of the manual configuration of iSeries (point 12,
scheduling a job) should be skipped, as it will override the operation
at point 10; also, the functionality of that scheduled job is already
taken care of by the actions of point 11 of the same section. In case
that job has already been scheduled, make sure to remove it and repeat
the operations described in point 10.
Following note has been added to the technote ( Available Compliance Management Modules and Event Sources):
Note:
All Event Sources, which support SNMP protocol, are limited to work only with version 1 of it.
Addendum for TCIM v85 installation manual, Chapter 56. Configuring auditing for Oracle Operating System Audit Trail:
AUDIT SELECT, INSERT, UPDATE, DELETE ON DEFAULT BY ACCESSS, and AUDIT SYSTEM GRANT AUDIT SELECT, INSERT, UPDATE, or DELETE ON DEFAULT BY ACCESS
Addendum for TCIM v85 install manual, Chapter 60. Configuring auditing for SAP NetWeaver Web Application Server. Following information should be added below SSH collect section:
The auditing of SAP Netweaver Web Application Server supports collection of log files with short (audit_YYYYMMDD) and long (audit_YYYYMMDDXXXXXX) names.
Database Product The name of the database product where IBM Tivoli Identity Manager audit records are stored. Possible values are: DB2, MS SQL, and Oracle.
Database Name The name of the database where IBM Tivoli Identity Manager audit records are stored. The default value is itimdb.
Database Schema The name of the database schema where the Tivoli Identity Manager audit tables reside. The default value is itimuser.
Note:
For IBM Tivoli Identity Manager 4.6, the only possible value is enrole.
For IBM Tivoli Identity Manager 4.6, the schema of the audit tables is
enrole and cannot be configured.
Database Port The port number on the audited system that is assigned to the IBM Tivoli Identity Manager database service. The default ports are:
User Name The name of the user account that Tivoli
Compliance Insight Manager can use to connect to the IBM Tivoli
Identity Manager database back-end. This account must have at least
read permissions on the AUDIT_EVENT, AUDIT_MGMT_TARGET, and
AUDIT_MGMT_DELEGATE, AUDIT_MGMT_PROVISIONING tables of the Tivoli
Identity Manager database. The default value is username.
User Password Defines the password for the user account defined in the User Name property. The default value is "" (empty).
Collect Directory The name of the directory to store
temporary files. The default value is /tmp. (This property is not
present for Windows systems.)
After applying this Fix Pack, two new event sources will be available for AIX actuators: SNMP and Syslog realtime event sources. These are defined and configured in a similar way to their Microsoft Windows equivalents.
However, it's important to ensure that the actuator folder in the AIX system will have enough disk space assigned to handle the collected data.
Addendum for TCIM v85 user manual, Managing the Tivoli Compliance Insight Manager system, Viewing data and reporting, Creating and managing custom reports in iView
A report title should not contain special characters, like the ' sign.
Addendum for TCIM v85 installation manual, Chapter 23. Configuring auditing for BMC CONTROL-SA, page 166
"ESS Version 3.2.03 or higher" should be replaced by "ESS Version 3.2.03"
Addendum for TCIM v85 installation manual, Chapter 45. Configuring auditing for McAfee IntruShield IDS, page 315
"McAfee Version 1.9 or higher" should be replaced by "McAfee Version 1.9"
Addendum for TCIM v85 installation manual, Chapter 50. Configuring auditing for Novell Advanced Audit Service, page 381
"Novell NetWare 6.0 Support Pack 2 or higher" should be replaced by "Novell NetWare 6.0 Support Pack 2"
Addendum for TCIM v85 installation manual, Chapter 64. Configuring auditing for Symantec AntiVirus, page 465
"Symantec AntiVirus Version 9.0 and higher." should be replaced by "Symantec AntiVirus Version 9.0"
Please have a look at Available Compliance Management Modules and Event Sources for the platforms that are supported by TCIM. Note: some of the supported platforms may require an additional installation of an event source.
Addendum for TCIM v85 installation manual, Chapter 49. Configuring
auditing for Microsoft SQL Server, page 343, and the readme for the
MSSQL 2008 ES
Windows Authentication is not possible for this Event Source, only MSSQL Authentication is possible.
After applying this Fix Pack, the Oracle event sources will be renamed:
Oracle ==> Oracle 9i 10g 11g
Oracle through SSH ==> Oracle 9i 10g 11g through SSH
Oracle DAT ==> Oracle DAT 8i 9i 10g 11g
Oracle DAT through SSH ==> Oracle DAT 9i 10g 11g through SSH
Oracle FGA ==> Oracle FGA 9i 10g 11g
Oracle FGA through SSH ==> Oracle FGA 9i 10g 11g through SSH
Note: TCIM v8.5 doesn't support Oracle 11g out of the box. To get
support for Oracle 11g the eImage with part number C1WN3EN should be
installed.
In case the 'Back' button is used when working with reports that
have additional parameters (e.g. 'Events by rule'), the error "Warning:
Page has expired" or "The page cannot be displayed" (in case user
friendly erros are defined) could be shown.
In order to be redirected to the required page, the refresh
button needs to be used (and 'Retry' to send information). When "Show
friendly HTTP error message" option of IE browser is turned on, the
user is redirected to the dashboard page. Therefore in order to be
redirected to the required page, it is advised to turn off the "Show
friendly HTTP error message" option.
The following steps can be used to turn off the setting:
http://support.microsoft.com/kb/294807
When applying a fix for this issue (the first time), the cifowner password should not contain a $ sign.
Addendum for TCIM v85 user manual, Managing the Tivoli Compliance Insight Manager system, Managing users and roles,
Creating and managing users, Adding users
In addition to step 2 and 3, the following additional rules should be kept in mind when defining a username or password:
Addendum for TCIM v85 install manual, Chapter 43. Configuring auditing for iSeries, Configuring the platform for auditing
It's important to confirm that the iSeries Remote Collect user profile (i.e. TCIM) is fully authorized
to itself. In the rare case that the collect user isn't fully authorizated to it's profile, the CHGAUT (Change Authority)
iSeries CL command may be used to provide full permissions to the collect user profile on the object representing collect
user profile (*USRPRF). For example, if the collect user name is TCIM, the full command is:
CHGAUT OBJ('/qsys.lib/tcim.usrprf') USER(TCIM) DTAAUT(*RWX) OBJAUT(*ALL)
Addendum for TCIM v85 user manual, Chapter 11. Getting started with the Management Console, Using the Management Console tools,
Setting a data export schedule and Importing audit data
The export/import will run under a different context than the user who initiates the process, as it will use the TCIM OS user, so mapped drive letters that are visible for the user may not be available for the import/export process. In case of exporting/importing to a network drive, the UNC (Universal Naming Convention) path can be used instead of a drive letter (for example, \\Source\data), and ensure that the TCIM OS user (by default cifadmin) has enough permissions to write/read that network drive (see above for situation in domain/standalone environment).
This fix will correct the problems that may occur when a database load has been interrupted. This error can produce 3 types of situations:
Addendum for TCIM v85 install manual, Chapter 6. Deploying Tivoli Compliance Insight Manager event sources,
Configuring the event source for auditing, "Point of Presence, A system where Tivoli Compliance Insight
Manager Actuator (Actuator) is installed to collect the audit data"
The time zone for the audited machine is retrieved from the Point of Presence in most cases.
Addendum for TCIM v85 install manual, Chapter 36. Configuring auditing for IBM Tivoli Access Manager for e-business,
Configuring IBM Tivoli Access Manager for e-business for auditing
This chapter should be renamed to Configuring IBM Tivoli Access Manager for e-business for auditing for windows.
And the following section should be added:
Follow the steps below to configure the IBM Tivoli Access Manager for e-business platform for auditing by the Tivoli Compliance Insight Manager:
logcfg entry in the [aznapi-configuration] stanza:
(by default these config files are in /opt/PolicyDirector/etc/ directory)
logcfg.logcfg = audit.azn:file path=/var/PolicyDirector/audit/pdmgrd.log,rollover_size=50000,flush_interval=5,log_id=PDMgrAudit
logcfg = audit.authn:file log_id=PDMgrAudit
logcfg = audit.mgmt:file log_id=PDMgrAudit
logcfg entry in the [aznapi-configuration] stanza:
(by default these config files are in /opt/pdwebpi/etc/ and /opt/pdweb/etc/ directories respectively):
logaudit to yes.logsize and logflush entries to your value.auditlog parameter that specifies the name and location of a log file.auditcfg parameter that disables or enables a component-specific audit record. For example:[aznapi-configuration]
logsize = 50000
logflush = 5
logaudit = yes
auditlog = /var/pdweb/log/msg__webseald.log
auditcfg = azn
auditcfg = authn
auditcfg = wpi
The MS SQL Server event source that is provided with Tivoli Compliance Insight Manager Version 8.0 supports the audit trails only for systems running Microsoft SQL Server versions 2000 SP3, 2000 SP4, 2005 (default instances). The existing 'MS SQL Server' event source was renamed to 'MS SQL Server 2000-2005(deprecated)'.
The new MS SQL Server 2000-2008 event source that is provided adds support for named instances of MS SQL Server 2000, 2005, and 2008 MS SQL Server clusters.
A new option, 'MSSQL instance name,' is used to provide access to clusters and named instances:
The format of the 'MSSQL instance name' option is: server_name\instance_name
To connect to the named (non-default) instance of an SQL Server, specify the option as server_name\instance_name. To connect to an MS SQL Server on clusters, specify instance_name.
server_name is the hostname (or IP) of the server where the MS SQL instance is located; instance_name is the name of an MS SQL instance (or MS SQL cluster). When collecting from default instances, the 'MSSQL instance name' option is not needed.
NOTES:
In case more than 125 ESes are attached to the same agent TCIM L2 needs to be contacted to enlarge the non interactive desktop heapsize on the TCIM server
Addendum for TCIM v85 user manual, Exporting iView data to other formats, Exporting to PDF format (page 189)
Only reports up to 32 000 rows can be exported as PDF. For larger reports, one of the other formats has to be used.
After applying the fixpack, a new option named "Truncate" is present in the DB2 8-9.1 ES properties. It's set to 'yes' by default in the DB2 SelfAudit ES (the one that audits TCIM's DB2 instance) and 'no' by default for all the other ES instances. If this option is set to 'yes', TCIM will automatically prune db2audit.log after each collect, at most once an hour; the db2audit.log pruning process consists in removing logs that have already been collected, reducing the log file size. A mitigation was provided by the support document named "Control growing DB2 audit log on Tivoli Compliance Insight Manager 8.5 Server", and this fix renders the described mitigation obsolete.
To roll back the mitigation:
Remove cifdb2prune.vbs script from the scheduled tasks
From the Windows Start menu, open the Control Panel, and then "Scheduled Tasks". Delete the task that executes C:\ibm\TCIM\Tools\cifdb2prune.vbs.
Deleting cifdb2prune.vbs script
Delete the cifdb2prune.vbs file from the C:\ibm\TCIM\Tools\ folder.
Enable TCIM's db2audit.log truncation
If you are using DB2 SelfAudit ES, and want to prune the log file, you simply need to apply the fix pack; the 'Truncate' option will appear in all DB2 ES properties, and it will be set to 'yes' for the SelfAudit one, which will prune the db2audit.log as described before. If you are using other DB2 ES, and want to enable this feature, set the 'Truncate' option to 'yes' in the ES properties panel after applying the fix pack.
Note: It's highly recommended to prune "db2audit.log" periodically to keep that file small, as a large audit log file may affect the database performance.
To improve the speed of opening the iview dashboard, additional forms of the NodeGrid on the GEM dashboard page are introduced. Besides the "Full" dashboard, the only mode that was available before this fix, the mode "Reduced" and the mode "Disabled" are introduced. Which mode will be used for GEM databases, can be defined on the Settings page, in the section "NodeGrid Mode".
When the "Full" mode is enabled, the NodeGrid is calculated based on all events in the GEM database. This mode can be slow when a lot of data is stored in the GEM database.
When the "Reduced" mode is enabled, on the GEM Db Summary page a "reduced" version of NodeGrid is shown in order to speed up the time of opening the page. The "reduced" mode of NodeGrid is based on the first N events in the gem event table. The default N value is 1 000 000.
To change the performance of the "Reduced" mode, it's possible to
change the N that is used for this mode. To change N - the value of
events limit, the following lines should be added to [TCIM
directory]\iView\tomcat\conf\iview.ini file:
where parameter nodegrid_reduced_limit indicates the value of the limit (N).
[NodeGrid]
nodegrid_reduced_limit=3000000
The less the value for nodegrid_reduced_limit is, the faster db summary opens and the less NodeGrid looks like full NodeGrid, because it is based only on the part of the events. The "reduced" version of NodeGrid also does not contain composite groups. It contains only the information about the events of selected or the most important groups. The caption of NodeGrid reflects the fact that NodeGrid is reduced.
When the "Disabled" mode of NodeGrid is enabled, no NodeGrid is shown on GEM Db Summary page. Instead of NodeGrid message "NodeGrid is disabled" is shown. This mode is used to get the best time perfomance of opening the GEM dashboard.
For experienced TCIM users only, when in doubt, please contact TCIM L2
During the mapping phase, the "gethostname" GSL operator queries the
DNS for the host name corresponding to the supplied argument, which is
assumed to be an IP address. Use of this operator can seriously reduce
the performance of the mapper.
To solve the performance problem, it's possible to disable the
"gethostname" function in "gensub.ini", at the cost of not having the
reverse lookups in the mapped results.
To disable the "gethostname" function for all ESes, the following lines have to be added to <TCIM directory>\server\run\gensub.ini:
[RegexOperators]
gethostname=nl.consul.cea.gensub.scanning.regex.OperLit
It's also possible to disable the operator for a specific GSL file. To
disable the function for a specific GSL file, the following lines
should be added to the <TCIM directory>\server\run\gensub.ini file:
[RegexOperators.<GSL file name without the extension>]
gethostname=nl.consul.cea.gensub.scanning.regex.OperLit
For instance, the following lines will disable the "gethostname" function for FW1.gsl:
[RegexOperators.FW1]
gethostname=nl.consul.cea.gensub.scanning.regex.OperLit
After TCIM v85 group server is installed on a drive other than c:, the TCIM DB2 instance is installed on c:. Follow the instructions to move the DB2 instance to the right drive:
DB_NAME=CIFDB
DB_PATH=C:,F:
INSTANCE=CIFINST
NODENUM=0
STORAGE_PATH=C:,F:
STORAGE_PATH variables should be taken for each case separately from the database: select * from sysibmadm.dbpaths where type='DB_STORAGE_PATH' If there are more then one storage path all them should be added.
(Assuming the destination drive is drive F:, and the DB name/DB instance name are the default CIFDB/CIFINST.)
This procedure will replace "Chapter 5. Uninstalling IBM Tivoli Compliance Insight Manager components", page 35 from the TCIM v8.5 Installation Guide
To uninstall IBM Tivoli Compliance Insight Manager to the following steps should be executed in order. (Note the steps need to be performed with a user that has local administrator privileges.)
MSDOS> idsidrop.cmd -I idsinstChoose option 1 : (1) - Continue and delete the directory server instance
MSDOS>net user /delete cifdb2admin MSDOS>net user /delete db2adminitds MSDOS>net user /delete idsinst
When configuring RSA, ensure that only RSA authentication logfiles will be found in the Eventsource Properties RSA Log directory because all files in this directory will be processed and deleted, even when these are not logfiles.
For the following Event Sources we added an additional property 'Collect Directory':
This property could be used to specify a path to the directory where the TCIM Actuator stores its temporary files; these temporary files contain audit data created during collect before it is transferred to the log depot. The default value points to the directory /tmp. This value can be changed. Ensure that the directory exists; otherwise, collect will not start.
Note: For SSH version of the event sources, represented above, the 'Collect Directory' property is not used. The TCIM Actuator stores its temporary files in the run directory in the SSH user's home directory.
This document contains some additional information which is missing in the IBM Tivoli Compliance Insight Manager (TCIM) version 8.0 and 8.5 user manuals.
The depot investigation tool works in 2 steps:
Therefore it is possible that the "Search summary" will list some block of events while the "Search results" doesn't contain any results.
This is illustrated by the following example:
This is explained by the fact that "Cleve400" is contained in the block of events, but NOT in the field "result".
Precedence of logical operators
The search query isn't case sensitive regarding the logical operators (for example "or" is the same "OR").
The query parser starts evaluating the search query from the right to the left and works by creating a (binary) tree of nodes.
Attention: This is not in line with some other logical parsers where the AND operator takes precedence over the OR operator.
Therefore it is recommended always to use parentheses in the search query in case of using more than a single logical operator.
The tree contains compound nodes (OR nodes and AND nodes) and single nodes that signify simple expressions.
For example the search query:
a OR b AND C
gets interpreted in the query parser as
OR[a, AND [b,c]]
Some additional examples :
| Search query | Equivalent to | Interpreted by parser |
|---|---|---|
| a | a | a |
| A | a | a |
| (a) | a | a |
| a or b | a OR b | OR[a, b] |
| a OR b OR c | a OR (b OR c) | OR[a, OR[b, c]] |
| a AND b | a AND b | AND[a, b] |
| a OR b AND c | a OR (b AND c) | OR[a, AND[b, c]] |
| (a OR b) AND c | (a OR b) AND c | OR[a, AND[b, c]] |
| (a OR b) AND (c OR d) | (a OR b) AND (c OR d) | AND[OR[a, b], OR[c, d]] |
| (a OR b) AND (c OR d OR e) | (a OR b) AND (c OR (d OR e)) | AND[OR[a, b], OR[c, OR[d, e]]] |
| a OR b AND c OR d OR e | a OR (b AND (c OR (d OR e))) | OR[a, AND[b, OR[c, [OR[d, e]]]]] |
Special characters and wildcards in search query
The Depot Investigation Tools handles also special characters like "@_&#$%/\:" in the search query.
Please note that using special characters doesn't work in combination with wildcard characters "*".
If you install a Tivoli Compliance Insight Manager component on the system after the fix pack has been applied, you must install the fix pack on that system again to ensure that all components are running at the same software service level.
WORKAROUND: do not use uppercase characters in usernames.
After cifowner's and other user's password changes both cifowner and
user having access to Portal with necessary roles might not be able to
launch Chunk Continuity Report Generation.
WORKAROUND: Restart TCIM Tomcat service.
Password synchronization issue might be encountered on TCIM
installations with multiple servers authorizing against one security
server. The problem may occur when the same TCIM user is logged in from
more than one server and the password is changed in one of the sessions.
WORKAROUND: Restart server service on affected machines. If that does not work change password back to the old one and retry.
There might be a problem with traces collection when initially collected file is empty. The problem disappears, when non-empty file is collected - subsequent empty and non-empty files are collected successfully.
This information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to:
IBM Director of Licensing
IBM Corporation
North Castle Drive
Armonk, NY 10504-1785
U.S.A.
For license inquiries regarding double-byte (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to:
IBM World Trade Asia Corporation
Licensing
2-31 Roppongi 3-chome, Minato-ku
Tokyo 106, Japan
The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions; therefore, this statement may not apply to you.
This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.
Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk.
IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you.
Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information that has been exchanged, should contact:
IBM Corporation
2Z4A/101
11400 Burnet Road
Austin, TX 78758
U.S.A.
Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee.
The licensed program described in this document and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement or any equivalent agreement between us.
Any performance data contained herein was determined in a controlled environment. Therefore, the results obtained in other operating environments may vary significantly. Some measurements may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurement may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment.
Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.
All statements regarding IBM's future direction or intent are subject to change or withdrawal without notice, and represent goals and objectives only.
This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental.
IBM and Tivoli are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both.
Adobe, Acrobat, Portable Document Format (PDF), and PostScript are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, other countries, or both.
Java and all Java-based trademarks and logos are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.
Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both.
UNIX is a registered trademark of The Open Group in the United States and other countries.
Other company, product, and service names may be trademarks or service marks of others.