- 論壇徽章:
- 0
|
IBM Tivoli FrameWork在A(yíng)IX系統(tǒng)日常管理中的使用
AIX系統(tǒng)由于缺少集中的管理工具在日常的系統(tǒng)管理和維護(hù)中非常的不方便����,如:需要在所有的主機(jī)上創(chuàng)建或刪除一個(gè)AIX帳號(hào),需要登陸到每一臺(tái)主機(jī)進(jìn)行帳號(hào)的創(chuàng)建或刪除�,或者是對(duì)主機(jī)上的一些關(guān)鍵信息或配置進(jìn)行審計(jì)或檢查,也需要登陸到每一臺(tái)主機(jī)進(jìn)行手工檢查���,導(dǎo)致日常維護(hù)工作的效率非常低���,本文主要是闡述利用IBM Tivoli FrameWork在A(yíng)IX主機(jī)群中搭建一個(gè)客戶(hù)端/服務(wù)器的模式來(lái)對(duì)AIX主機(jī)群進(jìn)行集中管理和維護(hù)。
Tivoli Management Framework 的安裝和配置請(qǐng)參考IBM網(wǎng)站上的相關(guān)內(nèi)容http://publib.boulder.ibm.com/tividd/td/framework/GC32-0804-01/en_US/PDF/instguid.pdf
客戶(hù)端安裝完成后會(huì)啟動(dòng)一個(gè)lcfd的進(jìn)程�,并需要同服務(wù)器端的9494和9495端口進(jìn)行通訊
Tivoli FrameWork可以在服務(wù)器端定制task,并利用客戶(hù)端lcfd進(jìn)程同服務(wù)器間的通訊將task發(fā)送到客戶(hù)端執(zhí)行�����。其優(yōu)點(diǎn)主要體現(xiàn)在:
1. Task或腳本不會(huì)在客戶(hù)端出現(xiàn)���,因此對(duì)于task或腳本的維護(hù)僅需要維護(hù)服務(wù)器上的一個(gè)版本就可以�����。
2. task的執(zhí)行不需要root權(quán)限�����,對(duì)于一些日常工作且必須使用root去完成的���,也能通過(guò)task的方式來(lái)實(shí)現(xiàn)�����,避免了root的頻繁使用而容易導(dǎo)致出現(xiàn)誤操作���。
3. 快速高效,對(duì)于一些日常工作且需要頻繁在多臺(tái)主機(jī)上實(shí)施的任務(wù)可以使用task方式一次完成��,既提高了工作效率也避免了操作失誤���。
樣例:
本腳本實(shí)現(xiàn)三個(gè)工作:
1. 在所有主機(jī)上創(chuàng)建一個(gè)用戶(hù);
2. 在所有主機(jī)上刪除一個(gè)用戶(hù)����,并可刪除該用戶(hù)的home目錄;
3. 從所有主機(jī)上獲取/etc/passwd�、/etc/security/passwd����、/etc/security/user���、/etc/security/lastlog并使用腳本對(duì)所有主機(jī)上的所有用戶(hù)的上次修改密碼時(shí)間進(jìn)行計(jì)算�����。
aix_manager.sh為主程序
./shell中的為輔助程序
aix_manager.sh:
###
### The shell Script is used for AIX System Management
### The shell Script should use with Tivoli FrameWork
###
### Author:BanHao
### VER:V1.0
###
#!/usr/bin/ksh
###
### user_manager
###
user_manager()
{
clear
while true
do
echo "********************************************************"
echo "* *"
echo "* *"
echo "* 1)|ADD USER *"
echo "* *"
echo "* 2)|DEL USER *"
echo "* *"
echo "* q)|quit *"
echo "* *"
echo "********************************************************"
echo " Please enter your choice: \c";read X1
case $X1 in
1)
echo "Please Enter the User Name: \c";read USERNAME
echo "Please Enter the User ID: \c";read USERID
echo "Please Enter the Primary GROUP: \c";read PGROUP
echo "Please Enter the Group SET: \c";read GROUPS
echo "Please Enter the HOME Directory: \c";read HOMEDIRECTORY
echo "Please Enter the shell: \c";read SH
echo "mkuser id='$USERID' pgrp='$PGROUP' groups='$GROUPS' home='$HOMEDIRECTORY' shell='$SH' $USERNAME" |sed "s/[^ ]*=''//g" > ./shell/add_user.sh
echo "echo "$USERNAME:passw0rd"|chpasswd" >> ./shell/add_user.sh
wcrttask -t add_user -l Aix_System_TL -i aix4-r1 SERVERNAME /DIRECTORY/aix_manager/shell/add_user.sh -r admin
host_manager
cat host|while read line
do
wruntask -t add_user -l "Aix_System_TL" -h $line
done
rm ./shell/add_user.sh
wdeltask add_user "Aix_System_TL"
;;
2)
echo "Please Enter the User Name: \c";read USERNAME
echo "rmuser $USERNAME" > ./shell/del_user.sh
wcrttask -t del_user -l Aix_System_TL -i aix4-r1 SERVERNAME /DIRECTORY/aix_manager/shell/del_user.sh -r admin
host_manager
cat host|while read line
do
wruntask -t del_user -l "Aix_System_TL" -h $line
done
echo "Do your want to Clear the user's Home Directory?[Y/N] \c";read YN
if [ "$YN" = y -o "$YN" = Y ]
then
host_manager
cat host|while read line
do
wruntask -t clear_home_dir -l "Aix_System_TL" -h $line
done
fi
rm ./shell/del_user.sh
wdeltask del_user "Aix_System_TL"
;;
q)
clear
echo "********************************************************"
echo "* *"
echo "* Thank You! *"
echo "* *"
echo "********************************************************"
break;;
*)
clear
echo "********************************************************"
echo " Sorry, $X1 is not the right choice! "
echo " "
echo " Please enter the right Choice "
echo "********************************************************"
echo
continue;;
esac
done
}
###
### user_audit
###
user_audit()
{
host_manager
cat host|while read line
do
wruntask -t get_lastlog -l "Aix_System_TL" -h $line
done
mv /tmp/*.lastlog ./data
mv /tmp/*.user ./data
mv /tmp/*.securitypasswd ./data
mv /tmp/*.passwd ./data
cd data
ls -la *.passwd|awk '{print $9}' > passwdfile.tmp
cat passwdfile.tmp|while read line
do
HOSTNAME=`echo $line|awk -F. '{print $1}'`
#echo $HOSTNAME
#echo $HOSTNAME.passwd.tmp
#echo $HOSTNAME.lastlog
#echo $HOSTNAME.lastupdate.log
awk -F: '{print $1}' $line > $HOSTNAME.passwd.tmp
cat $HOSTNAME.passwd.tmp|while read USER
do
echo $USER >> $HOSTNAME.lastupdate.log
../shell/lastupdate.sh $USER $HOSTNAME.securitypasswd >> $HOSTNAME.lastupdate.log
echo "********************************************************" >> $HOSTNAME.lastupdate.log
done
done
#rm *.lastlog
#rm *.passwd
#rm *.tmp
}
###
### host_manager
###
host_manager()
{
while true
do
cat host
echo "Do you want to running in ALL these Hosts?[Y/N] \c";read YN
if [ "$YN" = y -o "$YN" = Y ]
then
break
else
echo "Do you want to add Host?[Y/N] \c";read YN
if [ "$YN" = y -o "$YN" = Y ]
then
echo " Please Enter the Host Name: \c";read HOSTNAME
if [ $HOSTNAME ]
then
clear
echo $HOSTNAME >> host
cat host > host.tmp
cat host.tmp | sort -nk1 |tee host
else
echo "The Host Name can not be Blank!"
fi
rm -rf host.tmp
else
echo "Do you want to del Host?[Y/N] \c";read YN
if [ "$YN" = y -o "$YN" = Y ]
then
echo "Please Enter the Host Name: \c";read HOSTNAME
if [ $HOSTNAME ]
then
clear
sed '/'"$HOSTNAME"'/d' host > host.tmp
cat host.tmp | sort -nk1 |tee host
else
echo "The Host Name can not be Blank!"
fi
rm -rf host.tmp
fi
fi
fi
clear
echo "These Hosts will running the task!"
cat host
echo "*************The End****************"
done
}
###############################################################
###
### MAIN PROGRAM
###
clear
while true
do
echo "********************************************************"
echo "* *"
echo "* *"
echo "* 1)|USER MANAGER *"
echo "* *"
echo "* 2)|USER AUDIT *"
echo "* *"
echo "* q)|quit *"
echo "* *"
echo "********************************************************"
echo " Please enter your choice: \c";read X1
case $X1 in
1)user_manager;;
2)user_audit;;
q)
clear
echo "********************************************************"
echo "* *"
echo "* Thank You! *"
echo "* *"
echo "********************************************************"
break;;
*)
clear
echo "********************************************************"
echo " Sorry, $X1 is not the right choice! "
echo " "
echo " Please enter the right Choice "
echo "********************************************************"
echo
continue;;
esac
done
參考書(shū)目:
Tivoli Management Framework Reference Manual
http://publib.boulder.ibm.com/tividd/td/framework/SC32-0806-01/en_US/PDF/ref.pdf
Tivoli Management Framework Planning for Deployment Guide
http://publib.boulder.ibm.com/tividd/td/framework/GC32-0803-00/en_US/PDF/TMF_Planning_Guide.pdf
Tivoli Enterprise Installation Guide
http://publib.boulder.ibm.com/tividd/td/framework/GC32-0804-01/en_US/PDF/instguid.pdf
Tivoli Management Framework User’s Guide
http://publib.boulder.ibm.com/tividd/td/framework/GC32-0805-01/en_US/PDF/user.pdf
Tivoli Management Framework Maintenance and Troubleshooting Guide
http://publib.boulder.ibm.com/infocenter/tiv3help/topic/com.ibm.tivoli.frmwrk.doc/trouble.pdf |
|
免費(fèi)注冊(cè)
發(fā)表于 2007-08-09 15:10
