Tivoli Endpoint Manager Installation

First thing that will be a shock to most Tivoli users is Tivoli Endpoint Manager  requires a license and tracks software usage. So you need to get a valid license authorization file before starting the install.  License model is based on per client for desktops and RVU for servers, although there is currently no method for tracking RVU usage on servers, so the metric is still controlled on a per server basis.

TEM software can be downloaded from the BigFix support site or Passport Advantage, although the version in Passport Advantage was not the latest when I last looked, so needs to be upgraded after installation.

Tivoli Endpoint Manager Installation

The installation is broken down into two parts, first is the validation of the license authorization file and generation of the TEM installers.

License Validation

The validation of the license requires access to the internet and creates a license.crt (site certificate), license.pvk (password protected site administrator private key) file and a masthead.afxm. The validation of the license requires the use of either IP or DNS for the TEM server, I am using DNS as the license is tied to the DNS name, so it make it easier to move later if required. Be careful not to make any mistakes in the license authorization process as you will need to request a new license authorization file if you mess it up.
I backup the license.crt and .pvk  files as these are needed to rebuild the system if there are any problems.  If you don’t have access to the internet to validate the license there is an offline method that can be used.  This stage gave me the options to define some of the installation options such as the single port 52311 used by TEM after the installation.  This part of the installation generates a directory of installers C:\Program Files\BigFix Enterprise\BES Installers\ which includes installers for the server, windows clients, and the console.  On completion it launched the install TEM components window.

Endpoint Manager Installation Wizard

Endpoint Manager Installation Wizard

 

Tivoli Endpoint Manager Server Install

The second part of the installation covers the TEM software components.  I started by installing the server, the install required about 80MB of space and gave me the options of creating a single or replicated database. As this is demo environment I am just going for the Single Master Database with a local database, but options are available for remote databases as well.  As I did not have SQL server pre-installed there is the option for the installer to install SQL Server 2005 Express which is adequate for my demo environment.  The Web Reports server is installed on port 80 unless IIS is running on the server in which case choose 52312. During the installation it asked for the site level admin key (license.pvk) this is required to configure the installation and launches the User Management interface so that master operator can be created.

Create Master Operator TEM

Create TEM Master Operator

 

After the server installation completed, the Diagnostic Tool was launched that shows the current status of the environment.

Endpoint Manager Diagnostics Tool

Endpoint Manager Diagnostics Tool

 

A common error that can occur at this point is that the TEM server is unable to access the internet, this is normally due to access being controlled though a proxy.  To overcome this problem the Bes Gather Service can be modified to run under a user that has internet access.

 

TEM gather service

TEM gather service

Tivoli Endpoint Manager Console Installation

Next I installed the windows TEM console this installed the SQL Server Native Client and created ODBC System DSN’s.
Launching the console required the Master operator user name and the password protected publisher key, publisher.pvk.

 

Endpoint Manager Console

Endpoint Manager Console

Tivoli Endpoint Manager Client Installation

Next I installed a client locally, the windows clients are around 6 MB and can be installed silently and do not require a system reboot.
There is also an option to use the TEM client deployment tool, to install clients remotely using Active directory.

Next I checked the Web Reports server, first login to Web Reports  http://localhost:80 required the setup of an administrative user, once that is done the interface loads. Giving me read access to all TEM data, including computer data, operator audit information and standard reports.

 

TEM Web Reports

TEM Web Reports

TEM Software Usage Analysis Installation

The next part of the install was to install TEM software usage analysis which gives me access to the executable scanning functionality for windows.  This is a separate download from passport advantage.  The install ran quite quickly and required some setup parameters, I used NT Authentication for the database settings.  It then asked for a port to run the SUA web server on, I chose a port that was not in use 81, the BFInventory database was created. When the installation is complete the inter face can be launched, http://localhost:81 this interface requires IE 8 and Adobe Flash. You may encounter problems with downloading and installing flash depending on your internet security settings.
First login to Software Usage Analysis required me to set an administrative user.  Also a data source needed to be configured once the inventory analyses have been activated. I configured the data source to use NT Authentication and set the upload directory to the following.

C:\Program Files\BigFix Enterprise\BES Server\UploadManagerData\BufferDir\sha1

Next I logged into the SUA web server.

Software Usage Analysis

Software Usage Analysis

Overall the install has taken just under an hour and I have my TEM Server, Web Reports, Software Usage Analysis and a client rolled out.
Now installing Framework and TCM, I won’t bore you with the details, but it reminded me why I scripted the installations, 3 hours later and Framework and TCM installed, patched, rim objects setup and working, managed node installed, patched ….

 

Next I am going to start looking at comparing the functionality, Framework and TCM to TEM, starting with administrators and logging in.