Computer Associates SQLSTQ99000600 Diagnostics Guide - Page 37
MSI Administrative Installs with SDMSILIB on Windows Server 2003
UPC - 757943257441
View all Computer Associates SQLSTQ99000600 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 37 highlights
Apply the Cure and Document the Solution MSI Administrative Installs with SDMSILIB on Windows Server 2003 When using MSI administrative installations to deploy packages over the SDMSILIB share, the "sd_sscmd libraryaccess" method is not sufficient for connecting to that share. Agents must be able to access this share even when installations or configurations using Software Delivery are not running. The reason for this is that access to the SDMSILIB share may be requested by MSI installations at any time, for example, when performing repair or self healing. Instead, Software Delivery assumes that agents are granted access to the SDMSILIB share through their machine domain accounts. Windows 2003 SP1 MSI Library Access - Restrict Anonymous Access to Named Pipes and Shares By default, anonymous access to network shares on Windows 2003 Service Pack 1 is denied. For network installations of MSI packages from the SDMSILIB share or general anonymous access to the SDLIBRARY$ share on a computer running Windows 2003 Service Pack 1, the following steps must be performed: 1. Set the following security option in the Local Security Policy: 'Network Access: Restrict anonymous access to Named Pipes and Shares - Disabled' 2. Reboot the system in order for the changes to take effect. Software Delivery Agents Connecting to Software Delivery Scalability Servers The following applies only when Software Delivery agents connect to Software Delivery managers running on Windows Server 2003 and where the Local Security Policy "Network Access: Restrict anonymous access to Named Pipes and Shares" is set to Enabled on the manager or scalability server Software Delivery agents running on Windows NT 4.0 and Windows 9x/Me systems continue to use anonymous access and, as a result, will not be granted access to the Software Delivery library shares. Software Delivery agents running on computers with Windows 2000, Windows XP, or Windows Server 2003, which do not belong to any domain, or which belong to a different non-trusted domain than the Software Delivery manager on which the Software Package Library share exists, will be refused access as well. To resolve the access issues for Software Delivery agents on Windows NT 4.0, Windows 2000, Windows XP, or Windows Server 2003, manually create a dedicated user account on the scalability server machine and add it to the "Everyone" group. This will grant read-only access to the SDLIBRARY$ shares. The user name and password have to be entered into the common configuration store of each domain manager and scalability server running on the new Windows manager platform. Chapter 5: Troubleshooting Installation and Migration 5-7