Below is the content of a recent article published on the IBM web site
(http://www-1.ibm.com/support/entdocview.wss?rs=663&context=SSGSG7&q1=+tsm%20+sp2%20+xp%20+firewall&uid=swg21176160&loc=en_US&cs=utf-8&lang=en)
Regards,
Andy
Andy Raibeck
IBM Software Group
Tivoli Storage Manager Client Development
Internal Notes e-mail: Andrew Raibeck/Tucson/IBM@IBMUS
Internet e-mail: storman AT us.ibm DOT com
The only dumb question is the one that goes unasked.
The command line is your friend.
"Good enough" is the enemy of excellence.
-------------------------------------------------------------------------
Problem
When deploying Windows XP Service Pack 2, Windows Firewall will be
installed and activated automatically. It will restrict unsolicited
incoming traffic in order to provide protection for computers against
malicious users or programs. However, this will also prevent data from
traveling between the TSM Client and TSM Server. Therefore, the user will
need to make the changes listed below for TSM Client to function properly
Cause
The deployment of Windows XP Service Pack 2.
Solution
For more information regarding the Windows XP Service Pack 2, please refer
to the Microsoft document: Deploying Windows Firewall Settings for
Microsoft XP with Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=4454e0e1-61fa-447a-bdcd-499f73a637d1&displaylang=en
For Command Line Client, Native GUI, Scheduler using polling mode:
No action is required.
For Web Client, Scheduler Service /w prompted mode managed by the CAD:
1. Bring up Control Panel.
2. Double click on Windows Firewall.
3. Click on the Exceptions Tab.
4. Click on Add Program.
5. Click on the Browse button.
6. Select the file ?dsmcad.exe? from the installation directory. Default
is C:\Program Files\Tivoli\TSM\baclient\dsmcad.exe.
7. The focus will shift back to the Firewall Exception Tab once the
executable is selected. Hit OK to finish the process.
For Scheduler Service /w prompted mode NOT managed by the CAD:
1. Follow the above steps.
2. In step 6, look for the file ?dsmcsvc.exe? instead of ?dsmcad.exe?.
For Command Line Scheduler /w prompted mode:
1. Follow the above steps.
2. In step 6, look for the file ?dsmc.exe? instead of ?dsmcad.exe?.
In order to configure the Windows Firewall setting for large amount of
machines, Netsh command syntax is available for creating batch file(s) to
add program(s) to the Firewall Exception list. Please refer to Appendix B
of the Microsoft document: Deploying Windows Firewall Settings for
Microsoft XP with Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=4454e0e1-61fa-447a-bdcd-499f73a637d1&displaylang=en
Command Syntax:
set allowedprogram
[ program = ] path
[ [ name = ] name
[ mode = ] ENABLE|DISABLE
[ scope = ] ALL|SUBNET|CUSTOM
[ addresses = ] addresses
[ profile = ] CURRENT|DOMAIN|STANDARD|ALL ]
An example of the command:
netsh firewall set allowedprogram program="C:\Program
Files\Tivoli\TSM\baclient\dsmc.exe" name="TSM Command Line Client"
mode=disable
|