×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Tivoli Framework Client 4.1 and TEC 3.9

Tivoli Framework Client 4.1 and TEC 3.9

Tivoli Framework Client 4.1 and TEC 3.9

(OP)
What is tivoliap?

Whenever the TEC tried to perform the task "Send_Email", I always have events that mentioned about tivoliap.dll or tivoli tried to use the administrator to log in to the windows computer. Is the send_email related with this tivoliap in the window platform?




Thank you very much,

Please e-mail me at aofan@yahoo.com if you need additional information. Please e-amil with title "tec 3.9"

Thankx

aofan

RE: Tivoli Framework Client 4.1 and TEC 3.9

tivoliap.dll is the Tivoli Authentication Package that allows the Tivoli applications to run setui methods. Ensure that the "tmerservd" and "BuiltinNTAdministrator" accounts have the following Local User Rights:

Bypass traverse Checking for tmersrvd.
Log on Locally right for tmersrvd.
Act as part of the OS for Tivoli_Admin_Privileges.
Increase Quotas for Tivoli_Admin_Privileges.
Replace a process level Token for Tivoli_Admin_Privileges.

Also check:
tmersrvd account is not disabled.
The Local Administrator account (BuiltinNTAdministrator, regardless of its current name if renamed) is in Tivoli_Admin_Privileges.
TivoliAP.dll exists in %System32%.
tmersrvd has read/execute rights to TivoliAP.dll
tmersrvd has read/execute rights to %system32%
tmersrvd has read/execute rights to %systemroot%/tivoli and propogated to all subdirectories
tmersrvd has full rights to %lcfroot%.

To check if TivoliAP.DLL loaded and activated correctly, do:
1. Start cmd.exe on the local console of the endpoint box
2. cd <disk>:\Admin\Tivoli\lcf\dat\1 or <disk>:\Program Files\Tivoli\lcf\dat\1 or <disk>:\winnt\Tivoli\lcf\1
1. Run lcf_env.cmd or lcf_env.sh. This will source the Endpoint's environment first
2. Run wlcftap (you may need to add this to the path or run it directly from it's location). This will check to see if TAP is enabled. If the following results are not returned , the TRAA has not been configured, or activated.
1
13
1
Thu Mar 15 14:15:10 2001
(null)\(null)


wlcftap is located in %lcf_bindir% (i.e. <disk>:\Admin\Tivoli\lcf\bin\w32-ix86\mrt or <disk>:\Profram Files\Tivoli\lcf\bin\w32-ix86\mrt)
run wlcftap if the error is access denied run wlcftap -r "" this will normally fix this error if all the above are correct. If wlcftap returns "Authorization Pacakge is Unknown" the box requires a reboot.
If it does not return an error, then the settings are fine.



Loran Swymer
SwymerL@wr.disa.mil
 
 

RE: Tivoli Framework Client 4.1 and TEC 3.9

(OP)
Loran,

   I ran the wlcftap -r "" with all my clients. It decrease the number of the event I received in the windows syslog - security. However, I still received a few. Also, I have the default administrator account renamed to something else (example:rsxdmin). I kept receiving errors in the securitylog that tivoliap tried to log in with the "default Administrator" account. Is there any way to avoid it?


Thank you very much, Loran.


aofan

RE: Tivoli Framework Client 4.1 and TEC 3.9

Check your widmap entries to make sure the entry for root_user w32-ix86 is your renamed admin account (rsxdmin)

widmap add_entry root_user w32-ix86 rsxdmin

Loran Swymer
SwymerL@wr.disa.mil
 
 

RE: Tivoli Framework Client 4.1 and TEC 3.9

(OP)
I wondering why we have tivoliap. Can I just disable it?
Why do I need tivoliap for? the access the remote system for what purposes?


Thank you,

aofan
aofan44@yahoo.com

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login


Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close