T l Security Compliance Manager - IBMpublib.boulder.ibm.com/tividd/td/ITSCM/TIVSCMFP0009OR/en...IBM...
Transcript of T l Security Compliance Manager - IBMpublib.boulder.ibm.com/tividd/td/ITSCM/TIVSCMFP0009OR/en...IBM...
Tivoli® Security Compliance Manager
Operational Reports Reference
Version 5.1 — Fix Pack 5.1.0-TIV-SCM-FP0009 — February 18, 2005
SC00-0000-00
���
Tivoli® Security Compliance Manager
Operational Reports Reference
Version 5.1 — Fix Pack 5.1.0-TIV-SCM-FP0009 — February 18, 2005
SC00-0000-00
���
Note
Before using this information and the product it supports, read the information in “Notices,” on page 43.
First Edition (February 2005)
This edition applies to the operational reports provided for version 5, release 1, modification 0 of IBM Tivoli
Security Compliance Manager (product number 5724-F82) and to all subsequent releases and modifications until
otherwise indicated in new editions.
© Copyright International Business Machines Corporation 2004, 2005. All rights reserved.
US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract
with IBM Corp.
Contents
Chapter 1. Operational reports . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Prerequisite fonts for viewing reports . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Chapter 2. Installing the operational reports . . . . . . . . . . . . . . . . . . . . 3
Uninstalling the operational reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Chapter 3. Administrative Activity report . . . . . . . . . . . . . . . . . . . . . . 7
Chapter 4. Changes to Roles and Permissions report . . . . . . . . . . . . . . . . 9
Chapter 5. Client Group Membership report . . . . . . . . . . . . . . . . . . . . 11
Chapter 6. Client Violations report . . . . . . . . . . . . . . . . . . . . . . . . 13
Chapter 7. Collector Run Information report . . . . . . . . . . . . . . . . . . . . 15
Chapter 8. Compliant and Non-compliant Systems report . . . . . . . . . . . . . . 17
Chapter 9. Policy Import Time report . . . . . . . . . . . . . . . . . . . . . . . 19
Chapter 10. Policy Violations Trends report . . . . . . . . . . . . . . . . . . . . 21
Chapter 11. Roles and Permissions Information report . . . . . . . . . . . . . . . 23
Chapter 12. Snapshot Creation Completion report . . . . . . . . . . . . . . . . . 25
Chapter 13. User Group Membership report . . . . . . . . . . . . . . . . . . . . 27
Chapter 14. Viewing operational reports . . . . . . . . . . . . . . . . . . . . . 29
Setting your preferred starting folder . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Setting your local time zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Chapter 15. Scheduling reports . . . . . . . . . . . . . . . . . . . . . . . . . 39
Viewing the results of a scheduled report . . . . . . . . . . . . . . . . . . . . . . . . . 40
Chapter 16. Known problems and workarounds . . . . . . . . . . . . . . . . . . 41
Application error when using DB2 Version 8.1 . . . . . . . . . . . . . . . . . . . . . . . . 41
Max processing time or records limit errors using Operational Reports or Warehouse Enablement Pack . . . . 41
SQL0443N error running Collector Run Information report . . . . . . . . . . . . . . . . . . . 42
Appendix. Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
© Copyright IBM Corp. 2004, 2005 iii
Chapter 1. Operational reports
Operational reports provide information about the current compliance state based
on the security policies in effect.
Note: Fix pack 5.1.0-TIV-SCM-FP0009, or later, must be installed before using the
updated operational reports.
Prerequisite fonts for viewing reports
The operational reports were designed and tested using a specific set of fonts.
To view the operational reports using those same fonts, you must install the fonts
on the systems that will be used to view the reports. Otherwise, the text in the
reports might not be aligned properly or might be difficult to read.
The Monotype Sans Duospace WT font must be installed on all systems. In
addition, systems using a double byte character set (DBCS) language require an
additional font to be installed. To summarize, the fonts required for viewing
operational reports are as follows:
Single byte character set (SBCS) languages
Monotype Sans Duospace WT
Japanese
Monotype Sans Duospace WT
Monotype Sans Duospace WT J
Korean
Monotype Sans Duospace WT
Monotype Sans Duospace WT K
Simplified Chinese
Monotype Sans Duospace WT
Monotype Sans Duospace WT SC
Traditional Chinese
Monotype Sans Duospace WT
Monotype Sans Duospace WT TC
The Monotype Sans Duospace WT font can be downloaded from the Tivoli®
Security Compliance Manager Utilities Web site, which you can locate from the
product Web page at:
http://www.ibm.com/software/tivoli/products/security-compliance-mgr/
The file name is mtsansdw.zip. Obtain the other fonts from IBM® Tivoli Software
Support.
© Copyright IBM Corp. 2004, 2005 1
Chapter 2. Installing the operational reports
After downloading the necessary files from the Web, you can install the
operational reports.
Before installing the reports, ensure that the Tivoli Security Compliance Manager
server is up and running.
If DB2® Version 7.2 is being used as the database server for Tivoli Security
Compliance Manager:
v Ensure that the DB2 Application Development Client has been installed on the
database server if you intend to use the Collector Run Information operational
report.
v Ensure that fix pack 10a, or a later fix pack, has been applied to the DB2
database server.
If you install other DB2 components later, you must reinstall the DB2 fix pack.
To install the operational reports:
1. Required: Obtain the ZIP file containing the operational reports.
a. Go to the Tivoli Security Compliance Manager Utilities Web site, which can
be found from the following Web page:
http://www.ibm.com/software/tivoli/products/security-compliance-mgr/
b. If you are using DB2 Version 7.2, download the scm_op_report_db2_72.zip
file.
c. If you are using DB2 Version 8.1, download the scm_op_report_db2_81.zip
file.2. Copy the downloaded ZIP file to the Microsoft® Windows® 2000 system where
you will install the Crystal Enterprise 9 server.
3. Unpack the ZIP file into a temporary directory.
4. If you are using DB2 Version 7.2 and intend to use the Collector Run
Information operational report:
a. Locate the SQL archive (SAR) file in the temporary directory for the
Collector Run Information report that corresponds to the operating system
of the DB2 system.
aix/scm_col_run.sar
DB2 7.2 on IBM AIX® systems
sles/scm_col_run.sar
DB2 7.2 on SUSE LINUX systems
solaris/scm_col_run.sar
DB2 7.2 on Sun Solaris Operating Environment systems
windows/scm_col_run.sar
DB2 7.2 on Microsoft Windows systemsb. Copy the appropriate file to a temporary directory on the system that is
running the DB2 database server.
c. Connect to the JAC database using a user ID that has administrator
permissions.
d. Verify that the user has the appropriate DBADM privileges by entering the
following command at a DB2 command prompt:
© Copyright IBM Corp. 2004, 2005 3
get authorizations
e. Optional: If DBADM authorizations have not been granted, run the
following command at a DB2 command prompt:
grant DBADM on database to USER db2admin
where db2admin is the DB2 user ID.
f. Import the SQL archive file to the DB2 database server by running the
following command at a DB2 command prompt:
put routine from temp_directory_on_DB2_server/scm_col_run.sar
g. Optional: To verify that the stored procedure is returning data, enter the
following command at a DB2 command prompt:
CALL JAC_SYS.COL_REPORT()
h. Disconnect from the database:
DISCONNECT JAC
5. If you are using DB2 Version 8.1 and intend to use the Collector Run
Information operational report:
a. Locate the JAC_SYS_SCHEMA_COL_REPORT.jar file and the appropriate
script file in the temporary directory where you unpacked the original ZIP
file.
Microsoft Windows systems
col_report.bat
UNIX® and Linux® systems
col_report.shb. Copy the JAR file and script file to a temporary directory on the system that
is running the DB2 database server.
c. On Linux systems, run the following commands as the root user:
cd /usr/lib
ln -s /opt/IBMJava2-131/jre/bin/libhpi.so .
ln -s /opt/IBMJava2-131/jre/bin/libjava.so .
ln -s /opt/IBMJava2-131/jre/bin/libjitc.so .
ln -s /opt/IBMJava2-131/jre/bin/libxhpi.so .
ln -s /opt/IBMJava2-131/jre/bin/libzip.so .
ln -s /opt/IBMJava2-131/jre/bin/classic/libjvm.so .
ldconfig
d. On Linux systems, determine if the path to the JDK is correct by running
the following command as the DB2 user:
db2 get dbm cfg
If the path displayed for the JDK is not correct, enter the following
command to correct it and then restart DB2. For example, if the correct path
to the JDK is /usr/lib/IBMJava2-1.3.1, run:
db2 update dbm cfg using JDK_PATH /usr/lib/IBMJava2-1.3.1
restart db2
e. Run the col_report script on the DB2 database server system.
Microsoft Windows
Open a DB2 command line processor window and run the
col_report.bat file.
The batch file syntax is:
col_report.bat -u user_id -p password
[-a database_alias] [-d directory]
4 IBM Tivoli Security Compliance Manager: Operational Reports Reference
UNIX and Linux
Log in as the DB2 user with access to the database and then run the
col_report.sh script file.
The script file syntax is:
col_report.sh -u user_id -p password
[-a database_alias] [-d directory]
where:
user_id
User ID for accessing the DB2 database.
password
Password associated with the DB2 user ID specified.
database_alias
Local database alias. If not specified, JAC is used.
directory
Location of the JAR file containing the stored procedure. If not
specified, the current directory.
Note: If a parameter contains spaces or special characters, enclose the
parameter in quotation marks (″).
f. Optional: To verify that the stored procedure is returning data, connect to
the JAC database using a user with administrator permissions, then enter
the following command at a DB2 command prompt:
CALL JAC_SYS.COL_REPORT()
After verifying the results, disconnect from the database:
DISCONNECT JAC
6. Install the DB2 client, IBM HTTP Server Version 1.x, and Crystal Enterprise 9
server on a Microsoft Windows 2000 system.
Note: IBM HTTP Server Version 2 or later cannot be used.
IBM HTTP Server Version 1.x is not provided with Tivoli Security Compliance
Manager. You can obtain it by selecting IBM HTTP Server Version 1.3.28.1 for
Windows from the following Web page:
http://www.ibm.com/software/webservers/httpservers/download.html
7. Configure the Crystal Enterprise 9.0 CGI Web Connector for IBM HTTP Server.
See the document entitled How to configure the CGI Web Connector with IBM
HTTP Server on the Business Objects Web site. This document might be
available at:
http://support.businessobjects.com/communityCS/
TechnicalPapers/ce9_ihs_cgi_web_connector.pdf
8. Create an Open Database Connectivity (ODBC) data source on the Crystal
Enterprise 9 server system called SCM_DB to the Tivoli Security Compliance
Manager database.
a. From the Windows desktop, click Start → Settings → Control Panel →
Administrative Tools → Data Sources (ODBC).
b. Click the System DSN tab.
c. Click Add and create a DB2 data source with a name of SCM_DB.9. Make the operational reports available on the Crystal Enterprise 9 server using
the publish script file that is provided in the ZIP file.
Chapter 2. Installing 5
The script file syntax is:
publish.bat -r reports_directory -h host_name -au aps_user_name
-ap aps_password -du db2_user_id -dp db2_password
-l log_file_path
where:
reports_directory
Directory from the unpacked ZIP file that contains the reports (.rpt and
.xml files)
host_name
Name of the Crystal Enterprise 9 server system.
aps_user_name
User ID of the Crystal Enterprise Administrator.
aps_password
Password for the Crystal Enterprise Administrator.
Note: The default administrator password is blank (″″).
db2_user_id
User ID for accessing the DB2 database server.
db2_password
Password associated with the DB2 user ID specified.
log_file_path
Directory to contain messages that are produced by the publish.bat file.
For example:
publish.bat -r c:\temp\reports -h myserver.mycompany.com -au Administrator
-ap my8pw -du db2admin -dp myDB2pw -l c:\logs
Verify that no errors were logged in the log_file_path directory.
Uninstalling the operational reports
To uninstall the operational reports:
1. Open Crystal Reports in your Web browser:
http://host_name/crystal/enterprise9
where host_name is the name of the system where Crystal Enterprise 9 is
running.
2. Click Crystal Management Console.
3. Specify the User Name and Password associated with the administrator. Click
Log On.
4. Click Manage Objects A list of all the reports and folders is displayed.
5. In the Folder column, select Tivoli Reports. A window showing the folders
under Tivoli Reports is displayed.
6. Select the ITSCM – Operational Reports folder and click Delete to uninstall all
of the operational reports.
6 IBM Tivoli Security Compliance Manager: Operational Reports Reference
Chapter 3. Administrative Activity report
This report displays a history of the administration activities that were performed
by users.
By default, the report displays administration activities that were performed by
any user from January 1, 2004 to the present.
To restrict the results to a specific user, specify the name of the user in the User ID
parameter field. To restrict the date range of the results, specify the desired date in
the Date parameter field.
Figure 1. Sample Administrative Activity report
© Copyright IBM Corp. 2004, 2005 7
Chapter 4. Changes to Roles and Permissions report
This report displays a history of changes to the definitions for roles and
permissions.
By default, the report displays changes made to the roles and permissions of any
user from January 1, 2004 to the present.
To restrict the results to a specific user, specify the name of the user in the User ID
parameter field. To restrict the date range of the results, specify the desired date in
the Date parameter field.
Figure 2. Sample Changes to Roles and Permissions report
© Copyright IBM Corp. 2004, 2005 9
Chapter 5. Client Group Membership report
This report displays information about client groups and their members.
By default, information about all client groups is displayed. To restrict the results
to a specific client group, specify the name of the group in the Client group name
parameter field.
Figure 3. Sample Client Group Membership report
© Copyright IBM Corp. 2004, 2005 11
Chapter 6. Client Violations report
This report displays the policies and their latest snapshots. Details for all the
violations that are associated with a client are included.
The Client Violations report displays violation information from the snapshots that
are associated with the specified policies. By default, information from all policies
and all clients is displayed.
To restrict the results to a specific policy, specify the name of the policy in the
Policy parameter field. Use an asterisk (*) as a wildcard character to select a set of
policies with similar names. For example, specifying System* would display
information for policies with names that start with System.
To restrict the results to a specific client, specify the name of the client in the
Client parameter field. Use an asterisk (*) as a wildcard character to select a set of
clients with similar names.
Figure 4. Sample Client Violations report
© Copyright IBM Corp. 2004, 2005 13
Chapter 7. Collector Run Information report
This report displays information about the previous runs of the collectors. By
default, information from all collectors is shown.
To restrict the results to a subset of collectors, either select a predefined value in
the Collector List parameter field or specify a specific name. An asterisk (*) can be
used as a wildcard character. For example, specifying unix.any.* would display
information from collectors with names that start with unix.any..
In the bar graph displayed in the report, you can click a vertical bar to get
additional information about the client, information about the collector instance,
and the time of the run.
Figure 5. Sample Collector Run Information report
Figure 6. Detail shown after selecting a collector in the Collector Run Information report
© Copyright IBM Corp. 2004, 2005 15
Chapter 8. Compliant and Non-compliant Systems report
This report displays the systems that are compliant with the defined security
policy as well as systems that are not in compliance.
There are no parameters associated with this report.
Click a section of the pie chart that is displayed in the report to view additional
information about the compliant and non-compliant systems.
Figure 7. Sample Compliant and Non-compliant Systems report
© Copyright IBM Corp. 2004, 2005 17
Click a bar in the bar chart to view detailed client information.
Figure 8. Details shown after clicking a section of the pie chart
Figure 9. Details on clients in bar graph
18 IBM Tivoli Security Compliance Manager: Operational Reports Reference
Chapter 9. Policy Import Time report
This report displays the names and descriptions of all the security policies
available and provides the time that the policy was imported.
There are no parameters associated with this report.
Figure 10. Sample Policy Import Time report
© Copyright IBM Corp. 2004, 2005 19
Chapter 10. Policy Violations Trends report
This report displays the violation information that is associated with all the
security policies.
By default, information from all snapshots is used. To restrict the results to a
specified time period, select a value in the Reporting Period parameter field. Use
the Date Range field to select specific start and end dates to be used.
Use the Snapshot Type field to restrict the results to a specific type of snapshot:
All Types
All snapshots
Client Only snapshots for a specific client
Group Only snapshots for a specific client group
Unrestricted
Only snapshots not restricted to a client or client group
The resulting chart shows the number of snapshots that are available for each
policy.
Figure 11. Sample Policy Violations Trends report
© Copyright IBM Corp. 2004, 2005 21
Click a bar to open another chart that shows the number of violations that are
associated with each snapshot.
Click a bar in the second chart to get detailed information about the violations that
are associated with each client in the snapshot.
Figure 12. Result of clicking a bar on the Policy Violations Trends report
Figure 13. Result of detailed information on the Policy Violations Trends report
22 IBM Tivoli Security Compliance Manager: Operational Reports Reference
Chapter 11. Roles and Permissions Information report
This report displays information about the roles and permissions that are assigned
to users.
By default, information about the roles and permissions of all users is displayed.
To restrict the results to a specific user, specify the name of the user in the User ID
parameter field.
Figure 14. Sample Roles and Permissions Information report
© Copyright IBM Corp. 2004, 2005 23
Chapter 12. Snapshot Creation Completion report
This report displays the times that each snapshot associated with each policy were
created.
There are no parameters associated with this report.
Figure 15. Sample Snapshot Creation Completion report
© Copyright IBM Corp. 2004, 2005 25
Chapter 13. User Group Membership report
This report displays information about user groups and their members.
By default, information about all user groups is displayed. To restrict the results to
a specific user group, specify the name of the group in the User group name
parameter field.
Figure 16. Sample User Group Membership report
© Copyright IBM Corp. 2004, 2005 27
Chapter 14. Viewing operational reports
After installing the operational reports, you can run a report and view its results at
any time using the Crystal Enterprise Launchpad.
To view a report:
1. Open Crystal Reports in your Web browser:
http://host_name/crystal/enterprise9
where host_name is the system where the Crystal Enterprise 9 server is running.
2. Click ePortfolio to open the ePortfolio.
3. To log in, click the Log On text or icon at the top of the window and then
complete the User Name and Password fields. Click Log On.
Figure 17. Crystal Enterprise Launchpad with the ePortfolio option visible.
© Copyright IBM Corp. 2004, 2005 29
4. Click the Public text or icon at the top of window to view the public reports.
5. Click Tivoli Reports to open the Tivoli Reports folder.
6. Click ITSCM – Operational Reports to open the folder that contains the IBM
Tivoli Security Compliance Manager operational reports.
Figure 18. ePortfolio login page
30 IBM Tivoli Security Compliance Manager: Operational Reports Reference
7. Select the report to view.
8. Click View in the pop-up menu to view the report.
Figure 19. The Tivoli Reports folder in the ePortfolio with the ITSCM – Operational Reports folder about to be
selected.
Chapter 14. Viewing reports 31
9. Optional: Some reports have one or more parameters that can be used to tailor
the results of the report. Enter the desired values and click OK.
Figure 20. The Collector Run Information report selected with the pop-up menu displayed.
32 IBM Tivoli Security Compliance Manager: Operational Reports Reference
When you view a report, ePortfolio attempts to display the report in the language
that is used by your Web browser. If the report is not available in that language,
the report is displayed in the language that is used by ePortfolio. If neither of
those languages is available, the report is displayed in the default language that
was set by the report designer, which is usually English.
Figure 21. The parameter fields page for the Collector Run Information report.
Chapter 14. Viewing reports 33
Note: If a report does not appear to show any data, check the top of the page to
see whether the number of pages is indicated as 1+. If so, click the arrow to
go to the next page.
Figure 22. The heading on the first page of the Collector Run Information report results. The top of the page indicates
more than 1 page is available for viewing.
34 IBM Tivoli Security Compliance Manager: Operational Reports Reference
In many reports, a bar graph or pie chart is displayed. Click an item shown to
display more detailed information.
Figure 23. Second page of the Collector Run Information report results showing a bar graph.
Chapter 14. Viewing reports 35
If a report generates no data, a No records returned message is displayed, as
shown in Figure 25 on page 37.
Figure 24. Detailed information displayed after clicking a bar in a bar graph.
36 IBM Tivoli Security Compliance Manager: Operational Reports Reference
Related information
Show me
Setting your preferred starting folder
You can specify your preferred starting folder.
To make the Tivoli Reports folder your preferred starting folder:
1. Click Preferences in the ePortfolio toolbar.
2. In the Initial view field, click Other and select Tivoli Reports.
3. Click Apply.
Setting your local time zone
You can set your time zone.
By default, the time zone preference is set to that of your Web browser. To
explicitly set your local time zone:
1. Click Preferences in the ePortfolio toolbar.
Figure 25. The Collector Run Information report indicating that no records were returned.
Chapter 14. Viewing reports 37
2. At the bottom of the page, select the appropriate time zone in the My current
time-zone is field.
3. Click Apply.
38 IBM Tivoli Security Compliance Manager: Operational Reports Reference
Chapter 15. Scheduling reports
After installing the operational reports, you can schedule one or more reports to
run on an automated basis using the Crystal Enterprise Launchpad.
To schedule a report:
1. Open Crystal Reports in your Web browser:
http://host_name/crystal/enterprise9
where host_name is the system where the Crystal Enterprise 9 server is
running.
2. Click ePortfolio to open the ePortfolio.
3. To log in, click the Log On text or icon at the top of the window and then
complete the User Name and Password fields. Click Log On.
4. Click the Public text or icon at the top of the window to view the public
reports.
5. Click Tivoli Reports to open the Tivoli Reports folder.
6. Click ITSCM – Operational Reports to open the folder that contains the IBM
Tivoli Security Compliance Manager operational reports.
7. Select the report to view.
8. Click Schedule in the pop-up menu. The Crystal Reports Schedule window
opens.
9. Select the schedule for the report using the Run report field on the Schedule
options page.
10. Specify any parameters needed for the report using the Parameters options
page.
11. Optional: To further customize the report, click Update. The options available
are:
Languages
Specify what languages the report runs in. The languages available are
those in which the report was originally published.
Database Logon
Specify the information to use to access the database server.
Destination
Specify a destination for the report.
Format
Specify the output format for the report.
Print Settings
Specify the printer settings for the report.
Note: Do not change the Filters settings when scheduling a report.
12. Click the Schedule text or icon at the top of the window to schedule the
report.
© Copyright IBM Corp. 2004, 2005 39
Viewing the results of a scheduled report
After a scheduled report has run, you can view the results in the ePortfolio.
1. Open Crystal Reports in your Web browser:
http://host_name/crystal/enterprise9
Where host_name is the system where the Crystal Enterprise 9 server is running.
2. Click ePortfolio to open the ePortfolio.
3. To log in, click the Log On text or icon at the top of the window and enter the
appropriate values in the User Name and Password fields. Click Log On.
4. Click the Public text or icon at the top of the window to view the public
reports.
5. Click Tivoli Reports to open the Tivoli Reports folder.
6. Click ITSCM – Operational Reports to open the folder that contains the IBM
Tivoli Security Compliance Manager operational reports.
7. Select the report to view.
8. Click View Latest Instance in the pop-up menu to view the most recently
scheduled report. Click History to select a specific report to view. The Report
window opens and displays the report.
40 IBM Tivoli Security Compliance Manager: Operational Reports Reference
Chapter 16. Known problems and workarounds
The following problems and limitations are known to exist. Workarounds are
provided if they are available. Some entries include an internal tracking number.
Report any other problems to Tivoli Software Support.
Application error when using DB2 Version 8.1
An application error might occur when using DB2 Version 8.1 with Crystal
Enterprise 9.
Problem
When configuring the ODBC data source for a DB2 Version 8.1 database on the
Crystal Enterprise 9 server system, the client configuration assistant might return
the following error after you press the Finish button:
javaw.exe Application Error
This problem usually occurs because the wizard copies the host name from the
TCPIP page to the system name field in the SYSTEM OPTIONS page. If the
TCP/IP host name is longer than 21 characters, this action results in a system
name longer than 21 characters, which is not supported by DB2 Version 8.1.
Workaround
Change the system name to be less than 21 characters in length.
Max processing time or records limit errors using Operational Reports
or Warehouse Enablement Pack
When using the Warehouse Enablement Pack or running the operational reports,
Crystal Reports might return an error that indicates the Max processing time/Max
records limit was exceeded.
Recovery action
1. Go to the Crystal Configuration Manager.
From the Windows desktop, click Start → Programs → Crystal Enterprise →
Crystal Configuration Manager.
2. Stop the Crystal PageServer.
From the Windows desktop, click Start → Settings → Control Panel →
Administrative Tools → Services. Right-click Crystal PageServer and then click
Stop.
3. Verify that -maxDBResultRecords 0 is set for properties.
From the Services window, right-click Crystal PageServer and then click
Properties. If the executable path field does not include -maxDBResultRecords 0,
then add it.
4. Restart the Crystal PageServer.
From the Services window, right-click Crystal PageServer and then click Start.
© Copyright IBM Corp. 2004, 2005 41
SQL0443N error running Collector Run Information report
Collector Run Information report might fail with SQL0443N message.
Problem
When running the Collector Run Information operational report in Crystal Reports,
you might receive an SQL0443N error message with diagnostic information
containing -970, 55009. This error usually indicates that the instance owner ID has
not been added as a member for the fenced users group or that the .fenced file has
incorrect permissions.
Recovery action
Add the DB2 instance owner user ID to the fenced user group. Verify that the
group has write permission to the sqllib/adm/.fenced file on the DB2 database
server. After correcting the problem, restart the DB2 database server.
42 IBM Tivoli Security Compliance Manager: Operational Reports Reference
Appendix. Notices
This information was developed for products and services offered in the U.S.A.
IBM may not offer the products, services, or features discussed in this document in
other countries. Consult your local IBM representative for information on the
products and services currently available in your area. Any reference to an IBM
product, program, or service is not intended to state or imply that only that IBM
product, program, or service may be used. Any functionally equivalent product,
program, or service that does not infringe any IBM intellectual property right may
be used instead. However, it is the user’s responsibility to evaluate and verify the
operation of any non-IBM product, program, or service.
IBM may have patents or pending patent applications covering subject matter
described in this document. The furnishing of this document does not give you
any license to these patents. You can send license inquiries, in writing, to:
IBM Director of Licensing
IBM Corporation
500 Columbus Avenue
Thornwood, NY 10594
U.S.A
For license inquiries regarding double-byte (DBCS) information, contact the IBM
Intellectual Property Department in your country or send inquiries, in writing, to:
IBM World Trade Asia Corporation
Licensing
2-31 Roppongi 3-chome, Minato-ku
Tokyo 106, Japan
The following paragraph does not apply to the United Kingdom or any other
country where such provisions are inconsistent with local law:
INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS
PUBLICATION “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER
EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or
implied warranties in certain transactions, therefore, this statement may not apply
to you.
This information could include technical inaccuracies or typographical errors.
Changes are periodically made to the information herein; these changes will be
incorporated in new editions of the publication. IBM may make improvements
and/or changes in the product(s) and/or the program(s) described in this
publication at any time without notice.
Any references in this information to non-IBM Web sites are provided for
convenience only and do not in any manner serve as an endorsement of those Web
sites. The materials at those Web sites are not part of the materials for this IBM
product and use of those Web sites is at your own risk.
IBM may use or distribute any of the information you supply in any way it
believes appropriate without incurring any obligation to you.
© Copyright IBM Corp. 2004, 2005 43
Licensees of this program who wish to have information about it for the purpose
of enabling: (i) the exchange of information between independently created
programs and other programs (including this one) and (ii) the mutual use of the
information which has been exchanged, should contact:
IBM Corporation
2Z4A/101
11400 Burnet Road
Austin, TX 78758
USA
Such information may be available, subject to appropriate terms and conditions,
including in some cases, payment of a fee.
The licensed program described in this information and all licensed material
available for it are provided by IBM under terms of the IBM Customer Agreement,
IBM International Program License Agreement, or any equivalent agreement
between us.
Customers are responsible for ensuring their own compliance with various laws
such as the Graham-Leach-Bliley Act, the Sarbanes-Oxley Act, and the Health
Insurance Portability and Accountability Act. It is the customer’s sole responsibility
to obtain advice of competent legal counsel as to the identification and
interpretation of any relevant laws that may affect the customer’s business and any
actions the customer may need to take to comply with such laws. IBM does not
provide legal, accounting or auditing advice, or represent or warrant that its
products or services will ensure that customer is in compliance with any law.
Any performance data contained herein was determined in a controlled
environment. Therefore, the results obtained in other operating environments may
vary significantly. Some measurements may have been made on development-level
systems and there is no guarantee that these measurements will be the same on
generally available systems. Furthermore, some measurement may have been
estimated through extrapolation. Actual results may vary. Users of this document
should verify the applicable data for their specific environment.
Information concerning non-IBM products was obtained from the suppliers of
those products, their published announcements or other publicly available sources.
IBM has not tested those products and cannot confirm the accuracy of
performance, compatibility or any other claims related to non-IBM products.
Questions on the capabilities of non-IBM products should be addressed to the
suppliers of those products.
All statements regarding IBM’s future direction or intent are subject to change or
withdrawal without notice, and represent goals and objectives only.
This information contains examples of data and reports used in daily business
operations. To illustrate them as completely as possible, the examples include the
names of individuals, companies, brands, and products. All of these names are
fictitious and any similarity to the names and addresses used by an actual business
enterprise is entirely coincidental.
If you are viewing this information softcopy, the photographs and color
illustrations may not appear.
44 IBM Tivoli Security Compliance Manager: Operational Reports Reference
Trademarks
The following terms are trademarks or registered trademarks of International
Business Machines Corporation in the United States, other countries, or both:
AIX
DB2
DB2 Universal Database
IBM
IBM logo
Tivoli
Tivoli logo
Microsoft, Windows, Windows NT®, and the Windows logo are trademarks of
Microsoft Corporation in the United States, other countries, or both.
Java™ and all Java-based trademarks and logos are trademarks or registered
trademarks of Sun Microsystems, Inc. in the United States and other countries.
Linux is a trademark of Linus Torvalds in the United States, other countries, or
both.
UNIX is a registered trademark of The Open Group in the United States and other
countries.
Other company, product, and service names may be trademarks or service marks
of others.
Appendix. Notices 45