HP WBEM Services for HP-UX System Administrator Guide (5900-1624, April 2011)
CIM Server properties
After HP WBEM Services is installed, you can configure the properties listed in this section using
the cimconfig command. You must have privileged user (root) permissions to modify the values
of these properties.
You must regularly backup the following property configuration files:
For HP-UX:
• /var/opt/wbem/cimserver_current.conf contains the current values that are not
defaulted.
• /var/opt/wbem/cimserver_planned.confcontains planned values, not yet in effect
and not defaulted.
Following are the properties of the CIM Server that you can modify:
• authorizedUserGroups - Set to user group names, group names are separated by a
comma. The default is not set to any user group, which implies that all users on the system are
authorized (if not restricted by setting enableNamespaceAuthorization) to access CIM resources.
You can use user group authorization if you need the extra security of restricting access to
CIM resources.
A privileged user (user with root permissions on the local system) is always authorized. A
privileged user can grant user group authorizations to other users. For more information, see
Chapter 3 (page 33).
• enableHttpConnection - Set to true or false. The default is false, which means that HP
WBEM Services listens at port 5989 HTTPS connection only. Setting it to true enables user
access through port 5988, using HTTP TCP/IP communication. Use HTTP connections only if
you are certain your environment is secure. For more information, see Chapter 3 (page 33).
• enableHttpsConnection - Set to true or false. The default setting, true, enables users to
access through port 5989, using the HTTPS TCP/IP communication. HTTPS connection has
better security than HTTP. For more information, see Chapter 3 (page 33).
• enableNamespaceAuthorization - Set to true or false. The default setting, false, means
that users are authorized across all namespaces. If enableNamespaceAuthorization is
set to true, you must authorize each user, namespace by namespace, with the cimauth
command.
You can use namespace authorization when you need the extra security of restricting access
to certain namespaces. Users with root permission on the local system are privileged users.
A privileged user can grant namespace authorizations to others. For more information, see
Chapter 3 (page 33).
• enableRemotePrivilegedUserAccess - Set to true or false. The default setting is true
as of the 1.5 version of HP WBEM Services. (In earlier versions, it was false.) A true setting
means that an authenticated user, with privileged access to the system running HP WBEM
Services, is allowed to issue requests to HP WBEM Services from a remote system.
• shutdownTimeout - Set to a number of seconds. When a cimserver -s shutdown
command is issued, the timeout is the maximum number of seconds allowed for the CIM Server
to complete outstanding CIM operation requests before shutting down. If the specified timeout
period expires, the CIM Server will shut down, even if there are still CIM operations in progress.
The minimum value is 2 seconds and the maximum value is 30 seconds. By default, the value
is set to 30 seconds.
• enableSubscriptionsForNonprivilegedUsers - Set to true or false. The default, false,
means that only a privileged user (superuser) will be allowed to create Indication Subscriptions.
• sslClientVerificationMode
30 Installing and setting up HP WBEM Services