Windows cygwin, Hp-ux and linux, Hp sim database – HP Systems Insight Manager User Manual

account. For automatic sign-in to HP SIM, a domain account must be used. On UNIX, HP SIM is
installed and runs as daemons running as root.

Windows Cygwin

The version of

Cygwin

provided with the

SSH server

for Windows, for CMS and the managed

systems, has been modified with security enhancements to restrict access to the shared memory
segment. As a result, it does not interoperate with the generally available version of Cygwin. Only
administrative users can connect to a system running the modified SSH server.

HP-UX and Linux

The device /dev/random command is used, if available on the CMS, as a source for random
numbers within HP SIM.

HP SIM database

Access to the database server should be restricted to protect HP SIM data. Specify appropriate
non-blank passwords for all database accounts, including the system administrator (sa) account
for SQL Server. Changes to the operating data, such as authorizations, tasks, and collection
information, can affect the operation of HP SIM. System data contains detailed information about
the managed systems, some of which might be considered restricted including asset information,
configuration, and so on. Task data might contain extremely sensitive data, such as user names
and passwords.

SQL Server and MSDE

HP SIM uses only Windows authentication with SQL Server and MSDE. The installation of MSDE
with previous versions of HP SIM creates a random password for the sa account, though it is not
used for HP SIM.

Remote SQL Server

SQL Server supports advanced security features, including SSL encryption during sign in and data
communication. More information can be found in SQL Server documentation and the Microsoft
website.

PostgreSQL

PostgreSQL uses a password that is randomly generated when HP SIM is installed. This password
can be changed through the command line. See the mxpassword manpage for more information.

Oracle

The Oracle database administrator must create a user (preferably with a non-blank password) for
HP SIM to use when connecting to Oracle. The Oracle user must have, at the minimum, the Connect
and DBA roles, which allow HP SIM to have the correct privileges to create and delete HP SIM
tables and views, along with read/write access to the HP SIM tables. Changes to the operating
data, such as authorizations, tasks, and collection information, can affect the operation of HP SIM.
System data contains detailed information about the managed systems, some of which might be
considered restricted, including asset information, configuration, and so on. Task data can contain
extremely sensitive data, such as user names and passwords.

Command-line interface

Much of HP SIM's functionality can be accessed through the command line. To access the
command-line interface, you must be logged on to the CMS using an operating system account
that is a valid HP SIM user account. That account's authorizations and privileges within HP SIM
apply to the command line interface as well.

HP SIM database 105