omnibus PA 配置

 
1.在系统中创建ncoadmin用户组
  [root@prajna test]# groupadd ncoadmin
2.将当前用户(一般都是root)加入到nocadmin组中
  [root@prajna test]# usermod -G ncoadmin root
3.安装PAM认证模块
    1)安装netcool pam模块
       [root@prajna /]# cp /etc/pam.d/passwd /etc/pam.d/netcool
    2) 安装omnibus pam模块
       [root@prajna /]# /opt/netcool/omnibus/bin/nco_install_ospam 
       将会产生/etc/pam.d/nco_objesrv文件
4.配置pa server配置文件 $OMNIHOME/etc/nco_pa.conf
  示例如下:
  [root@prajna /]# vi /opt/netcool/omnibus/etc/nco_pa.conf 
nco_process ‘MasterObjectServer’
{
        Command ‘$OMNIHOME/bin/nco_objserv -name NCOMS -pa NCO_PA’ run as 0
        Host            =       ‘prajna’
        Managed         =       True
        RestartMsg      =       ‘${NAME} running as ${EUID} has been restored on ${HOST}.’
        AlertMsg        =       ‘${NAME} running as ${EUID} has died on ${HOST}.’
        RetryCount      =       0
        ProcessType     =       PaPA_AWARE
}
 
nco_process ‘syslog’
{
        Command ‘/opt/netcool/omnibus/probes/nco_p_syslog’ run as 0
        Host            =       ‘prajna’
        Managed         =       True
        RestartMsg      =       ‘${NAME} running as ${EUID} has been restored on ${HOST}.’
        AlertMsg        =       ‘${NAME} running as ${EUID} has died on ${HOST}.’
        RetryCount      =       0
        ProcessType     =       PaPA_AWARE
}
#
# List of Services
#
nco_service ‘Core’
{
        ServiceType     =       Master
        ServiceStart    =       Auto
        process ‘MasterObjectServer’ NONE
}
 
nco_service ‘probe’
{
        ServiceType     =       Master
        ServiceStart    =       Auto
        process ‘syslog’        NONE
}
#
# ROUTING TABLE
#
nco_routing
{
        host ‘prajna’ ‘NCO_PA’ ‘root’ ‘EGEDAJALALFM’
#写入主机名和PA的名称,写用户名和密码(密码是通过/opt/netcool/omnibus/bin/nco_pa_crypt加密过的密码)
}
5.使用pa加密工具加密当前用户登录操作系统的密码
  [root@prajna ~]# /opt/netcool/omnibus/bin/nco_pa_crypt redhat
  EGEDAJALALFM
6.修改NCOMS的配置文件($OMNIHOME/etc/NCOMS.props),修改以下四项
  PA.Name: ‘NCO_PA’
  PA.Username:’root’
  PA.Password:’EGEDAJALALFM’   #redhat加密后为:EGEDAJALALFM
  Sec.UsePam:TRUE
7.检查omnibus 的pam配置文件中的objectserver是正确的
  [root@prajna /]# more /etc/pam.d/nco_objserv 
 
  #
  # PAM Configuration for the Netcool/OMNIbus ObjectServer.
  #
  auth required   /opt/netcool/omnibus/platform/linux2x86/module/pam/omnibus_os/libpam_omnibus_os.so.1
  account required        /opt/netcool/omnibus/platform/linux2x86/module/pam/omnibus_os/libpam_omnibus_os.so.1
  password required       /opt/netcool/omnibus/platform/linux2x86/module/pam/omnibus_os/libpam_omnibus_os.so.1
8.启动PA
  [root@prajna /]# $OMNIHOME/bin/nco_pad -name NCOMS_PA -authenticate PAM -user root  -password EGEDAJALALFM&
9.查看process agent运行状态
  [root@prajna /]# nco_pa_status 
  Login Password: 
  ——————————————————————————-
  Service Name         Process Name         Hostname   User      Status      PID
  ——————————————————————————-
  Core                 MasterObjectServer   prajna     root      RUNNING    6197
  probe                syslog               prajna     root      RUNNING    6269
  ——————————————————————————-
  
10.其他工具:
 nco_pa_shutdown:停止PA的服务
  nco_pa_stauts:
查看PA状态
  nco_pa_start:
启动PA进程
  nco_pa_stop:
停止PA进程