RepliWeb User Guide - Attunity

RepliWebTopology ManagerUser GuideSoftware Version 2.1.1For Windows, Linux and UNIX operating systemsOctober 21, 2009RepliWeb, Inc., 6441 Lyons Road, Coconut Creek, FL 33073Tel: (954) 946-2274, Fax: (954) 337-6424E-mail: info@repliweb.com, Support: http://support.repliweb.com

RTM v2.1.1 User GuideCopyright © 2009 RepliWeb ® Inc., All Rights ReservedThe information in this manual has been compiled with care, but RepliWeb, Inc. makesno warranties as to its accuracy or completeness. The software described herein may bechanged or enhanced from time to time. This information does not constitute acommitment or representation by RepliWeb and is subject to change without notice. Thesoftware described in this document is furnished under license and may be used and/orcopied only in accordance with the terms of this license and the End User LicenseAgreement.No part of this manual may be reproduced or transmitted, in any form, by any means(electronic, photocopying, recording or otherwise) without the express written consent ofRepliWeb, Inc.Windows, Windows NT and Windows XP are trademarks of Microsoft Corporation in theUS and/or other countries. UNIX is a registered trademark of Bell Laboratories licensedto X/OPEN.Any other product or company names referred to in this document may be thetrademarks of their respective owners.Please direct correspondence or inquiries to:RepliWeb, Inc.6441 Lyons RoadCoconut Creek, Florida 33073USATelephone: (954) 946-2274Fax: (954) 337-6424Sales & General Information: info@repliweb.comDocumentation: docs@repliweb.comTechnical Support: http://support.repliweb.comWebsite: http://www.repliweb.comii

Table of Contents1. INTRODUCTION ........................................................................................................................... 1THE REPLIWEB FAMILY OF PRODUCTS ..................................................................................................... 1ABOUT THE USER GUIDE ........................................................................................................................... 22. OVERVIEW .................................................................................................................................... 3GENERAL CONCEPTS................................................................................................................................. 3FUNCTIONAL DESCRIPTION........................................................................................................................ 4ARCHITECTURE .......................................................................................................................................... 43. REPLIWEB TOPOLOGY MANAGER CONSOLE .................................................................... 6CONNECT DIALOG ...................................................................................................................................... 6HOST DEFAULTS ........................................................................................................................................ 9MANAGING HOSTS ................................................................................................................................... 10Menus & Toolbars ............................................................................................................................. 11Information Tab ................................................................................................................................. 13Hosts Tab ........................................................................................................................................... 14Scheduler Tab ................................................................................................................................... 16Recovery Options Window ........................................................................................................................... 19Email Configuration Tab................................................................................................................... 21Users Definition Tab ......................................................................................................................... 23Security Rules Tab ............................................................................................................................ 26License Tab ....................................................................................................................................... 31SSL Tab .............................................................................................................................................. 33PAM Service Tab .............................................................................................................................. 36Disk Space Tab ................................................................................................................................. 37Tools Tab ........................................................................................................................................... 39Change Password ......................................................................................................................................... 40Run Command ............................................................................................................................................... 44Migration ......................................................................................................................................................... 45Manage Internal Processes Tab ..................................................................................................... 47Internal Processes - Eraser .......................................................................................................................... 47Internal Processes - Failover ....................................................................................................................... 49Internal Processes – Backup & Restore ..................................................................................................... 53Backup Settings ........................................................................................................................................ 55Backup Settings – General Tab ......................................................................................................... 55Backup Settings – Error Handling Tab .............................................................................................. 57Backup Settings – On Exit Tab .......................................................................................................... 58Restore Wizard.......................................................................................................................................... 59Restore Wizard - Select Location ...................................................................................................... 59Restore Wizard - What to Restore ..................................................................................................... 60Restore Wizard - Jobs ......................................................................................................................... 61Restore Wizard - Error Handling ........................................................................................................ 62Restore Wizard - Summary ................................................................................................................ 63Restore Wizard - Progress ................................................................................................................. 64PROPAGATE SETTINGS ............................................................................................................................ 65APPENDICES ...................................................................................................................................... 69APPENDIX A – QUICK GUIDE ......................................................................................................... 70APPENDIX B – PROXY USER SECURITY MECHANISM ............................................................. 71iii

RTM v2.1.1 User Guide1. IntroductionRepliWeb, Inc. is a full service technology company that develops innovative softwarefor data replication and deployment. Its primary clients are S/M/L Enterprises,Technology Developers, Integrators and Global Service Providers.The RepliWeb Family of ProductsRepliWeb products helping your IT organization deliver strategic file workflow, contentautomation and information delivery solutions faster—and more reliably. RepliWeb‘ssoftware solutions automate, guarantee, and accelerate the delivery of files throughoutlocal and distributed enterprise-computing environments. Installed in some of the mostdemanding enterprise IT and datacenter environments, RepliWeb solutions accelerateinformation availability, deliver improved performance, and reduce costs associated withcontent-based file workflows.R-1 Deployment Platform (R-1) – Automated deployment of web content, IIS6Metabase, .NET framework and COM+ components to data centers and across local ordistributed computing environments.RepliWeb Directory Synchronization (RDS) – A peer-to-peer file replication and filesynchronization solution for heterogeneous computing environment (Windows, Linux,UNIX).RepliWeb Operational Synchronization for SharePoint (ROSS) – A deploymentsolution for SharePoint © -enabled organizations publishing across tiered topologies andmultiple farms.RepliWeb Managed File Transfer (RMFT) – A managed file transfer platform that helpsorganizations automate file workflows and accelerate the way they transfer, share, andexchange files between internal users, customers, and business partners.A complete list of products and supported platforms can be found at RepliWeb‘s website: http://www.repliweb.com.1

RTM v2.1.1 User GuideIntroductionAbout the User GuideAudienceThis guide was written with the following in mind:The user is familiar with the various Microsoft Windows operating systems(Windows NT / Server 2000 / XP / Vista (32/64-bit Editions) Server 2003/ Server2008 (32/64-bit Editions)) as well as the UNIX operating system (should thereplication job employ it) and their basic administration.The user has the necessary privileges for the computer(s) on which the softwareis to be installed. These will be described more fully throughout the User Guide.The user is familiar with Windows-style graphical user interfaces (GUI) and / orcommand line interfaces (CLI).User Guide OrganizationRepliWeb Topology Manager has been designed to operate between Windowsenvironments, UNIX environments, and heterogeneous (mixed) environments,communicating with other RepliWeb systems (RDS/R-1/ROSS).The User Guide explains the various RepliWeb Topology Manager capabilities through agraphical user interface screens (RepliWeb Topology Manager GUI).NOTE: RepliWeb Topology Manager does NOT create any default user or password. Alluser names and passwords used in this guide are samples only.Valid credentials should be used for any host connections.2

RTM v2.1.1 User Guide2. OverviewThis chapter provides a high-level description of RTM‘s functionality, architecture andmain features. It also talks about the basic terminology that is used throughout thisdocument.General ConceptsMissionRepliWeb Topology Manager is a tool designed to provide RepliWeb customers usingRDS/R-1/ROSS with centralized management capabilities for their RepliWeb hosts.RepliWeb Topology Manager can connect to any RDS, R-1, and/or ROSS machine,regardless of the components installed on it (this can be an RDS Controller, an R-1 orROSS Center, an RDS Satellite, an R-1 or ROSS Edge, and any combination of them).NOTE: For brevity, the terms Center and Edge are used throughout this guide to denote(R-1/ROSS) Center / (RDS) Controller and (R-1/ROSS) Edge / (RDS) Satellite, respectively.RepliWeb Topology Manager is an extension to the RDS, R-1, and ROSS Consoles,providing management features not included in the standard Console GUI.NOTE: The following chapters describe the RepliWeb Topology Manager interactionamong RDS, R-1, and ROSS components like Center and Edge.RepliWeb Topology Manager Features Verify version information Handle Hosts list Manage licenses Configure Scheduling properties Define and test e-mail configuration Execute remote commands Manage Virtual Users Configure disk space thresholds Specify security rules Open a Console GUI for each host Define SSL communication Propagate definitions from one host to other hosts3

RTM v2.1.1 User GuideOverviewFunctional DescriptionRepliWeb Topology Manager provides RDS/R-1/ROSS administrators with managementcapabilities for their RepliWeb hosts. The list of RepliWeb nodes is maintained by theuser, adding groups and hosts, reflecting the actual topology, on one of the Centers.Once connected with the Enterprise Manager Console, the user can connect to any ofthe Hosts on the list, and displayed with various management options. Information aboutthe installed components information from that node is displayed, the user may managethe Hosts list on that node, setup Scheduler properties, manage its licenses, configureE-mail properties, execute batch files on the remote node, handle virtual users andsecurity rules.Any RDS, R-1, or ROSS machine may be connected, regardless of the componentsinstalled on it (Center and / or Edge).Once connected to a host, if this host is the Center, the Console GUI for that machinecan be opened.ArchitectureRepliWeb‘s flexible architecture allows the user to connect to any machine regardless ofthe network configuration or operating system being used. The RepliWeb TopologyManager console can connect to any Windows-to-UNIX machine that has RDS, R-1,and/or ROSS installed.Figure 1: RepliWeb Topology Manager - Topology Map4

RTM v2.1.1 User GuideOverviewTerminologyThe RepliWeb Topology Manager Console may connect to any Center to centrallymaintain the list of all RepliWeb hosts in the organization.The RepliWeb Topology Manager Organizer is any Center, on which theorganization‘s Hosts list is maintained. Users may maintain different lists on differentmachines to reflect administrative roles and security.HostAny machine that has a Center or an Edge installed may be added to the list of Hostsmaintained in RepliWeb Topology Manager. Connecting to a host enables managingand setting RDS/R-1/ROSS properties to multiple hosts.Connecting to a Host which is the Center that is using an administrator‘s credentials(members of Administrator groups on Windows, and root on UNIX) also allows the userto open the standard GUI to that Host. This enables administrators to centrally monitormultiple Centers simultaneously.GroupHosts may be grouped in a multi-level tree structure to reflect the replication anddistribution topology of the organization. There is no limit to the number of Hosts andGroups or the number of tree levels.5

RTM v2.1.1 User Guide3. RepliWeb Topology ManagerConsoleThe RepliWeb Topology Manager Console enables the user to connect to any RDS/R-1/ROSS machine. This can be either a Center or an Edge.The RepliWeb Topology Manager Console provides a centralized management pointof all RepliWeb hosts in the organization, organized in an easily managed tree structure,reflecting the organization‘s replication and deployment topology.NOTE: The RepliWeb Topology Manager Console installation requires the appropriateConsole (RDS/R-1/ROSS) to be installed first.Connect DialogThe first step is to connect to the RepliWeb Topology Manager Organizer. Then, onceconnected to where the Hosts list is maintained, add a Host to the list.Figure 2: Connect Organizer DialogNOTE: Only members of the Administrative Privileges group can connect to theRepliWeb Topology Manager Organizer. Connected to a UNIX Center, use root or rootlikeusers (UID and GID 0); connected to a Windows Center, use a member of theAdministrator group on the Center.6

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleOnce connected, using the hosts list, double click the host, or click the Connect button,the Connect Dialog is opened, this time to enter connection credentials to the selectedhost.Figure 3: Connect Host DialogOrganizer / Host – Enter the host name or IP address of the host beingaccessed. RepliWeb Topology Manager saves, according to user settings, theconnection credentials of each of the Hosts the Console is connecting to, sohosts the user already connected to it can be selected from the list.NOTE: When connecting to the RepliWeb Topology Manager Organizer, themachine must be either a Center or an Edge while connection to a Host, themachine can be a Center or an Edge, or any combination of them.User – Enter the user name to connect to the remote host.Password – Enter the password for the account specified in the User field.Domain – If user is part of a domain, enter the domain here, if it is not, leave thisfield blank.Connection credentials can include the password with/without confirmation if the userselects to do that; the password is saved in an encrypted format.When all the necessary fields are filled in, click Connect.Connect – Connects to the host specified. Connection credentials are savedaccording to the settings specified by the user. The user can elect to always addthe Center‘s connection credentials to the list upon successful connection to theCenter.This window allows saving the list of RepliWeb Topology Manager Organizersand Hosts the user connects to from the Console.7

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleFigure 4: Connection Screen OptionsNOTE: The Organizers list is saved locally on the machine RepliWeb Topology ManagerConsole is running from and is user specific. The Hosts list is saved on the RepliWebTopology Manager Organizer and is available to anyone who connects to this Organizerusing RepliWeb Topology Manager.Options – Clicking the Options button enhances the screen to allow moreconnection options and saving connections setting options.Save – Save connection credentials according to the settings specified by theuser regardless of the validity of the values entered.Remove – Remove the Center‘s connection credentials from the list.Set Default – Use the current connection credentials as the default for RepliWebTopology Manager to use the next time the console is opened.Settings – Specify whether the connection credentials will be saved with/withoutthe password, and whether saving confirmation is required. This window alsoallows specifying that the connection credentials will be automatically saved uponsuccessful connection to the Center.NOTE: When saving passwords, the password is always encrypted!Use SSL – Specify whether to connect to that Host using SSL protocol.Use Alternate Port – Check this option to change the port being used forConsole – Organizer and Console – Host communication, and specify the newport number to use.8

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleHost DefaultsThe RepliWeb Topology Manager Organizer allows specifying defaults for new hostsadded to the hosts tree. This makes it easier when adding many hosts and usingcorporate defaults.Figure 5: Connect Organizer DialogHost Prefix – If most of your hosts begin with the same prefix, enter it here. It willbe used whenever you add a new host to the tree.User – Enter the default user name to be used in the connection screen of newhosts.Password – Enter the default password to be used in the connection screen ofnew hosts.Domain – If user is part of a domain, enter the default domain here. It will beused in the connection screen of new hosts.Use SSL – Specify whether to connect to new hosts using SSL protocol.Use Alternate Port – Check this option to change the default port being used forConsole-Organizer and Console-Host communication, and specify the newport number to use.9

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleManaging HostsTo maintain the list of RepliWeb hosts, hosts and groups are added, in a tree structure.The Tree structure may be organized in any way the user prefers. It can reflect theorganization‘s replication topology; it may match a geographical topology, or just be aflat list of hosts.Any RDS/R-1/ROSS machine can be added and connected to the Hosts list, regardlessof the components installed on it (even if it is just an Edge).Figure 6: Managing the Hosts TreeThe Host name is the DNS name or IP address of the machine. The Group name has nofunction so it may be any text the user selects.Connected hosts appear in bold. Once connected to a host, if this host is the Center, theConsole GUI for that machine can be opened.Operations that can be performed on the main screen and the tree by using: the toolbar,application menu and floating menu (using the right-mouse button). See detaileddescription below.See Appendix A – Quick Guide for step-by-step instructions on how to add hosts andgroups.10

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleMenus & ToolbarsFigure 7: The Menu & ToolbarThe application menus provide access to all RDS/R-1/ROSS functions.File – Create a new Host or group of hosts and connect to a different RepliWebTopology Manager Organizer.Action – Operate on the selected host or group: connect/disconnect, rename,remove, manage and open the Console.View – Select to view or hide the status and tool bars.Help – Initializes the RepliWeb Topology Manager help. From the Help menu theuser can also access RepliWeb‘s online knowledge base and support form.Toolbar ButtonsThe toolbar is analogous to the toolbar functions in most standard Windows applications.As such, the toolbars may be undocked and placed at any place in the main Job Listwindow.Tool tips appear when the pointer is held over each button.Listed below are the buttons available on the RepliWeb Topology Manager Console.Button Function DescriptionNew GroupRemove GroupNew HostRemove HostAdd a new group to the Hosts tree. The group is addedbeneath the currently selected group.Click this button to remove the selected groupAdd a new Host to the Hosts tree. The Host is added tothe currently selected group. Enter the DNS name or IPaddress of the host.Click this button to remove the selected host.ConnectClick this button to connect to the selected host.11

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleButton Function DescriptionDisconnectClick this button to disconnect from the selected host.ManageConsoleClick this button to manage the selected host.Click this button to activate the selected Console(RDS/R-1/ROSS). The appropriate Console will open,depending on the RepliWeb application installed on thehost.NOTE: This button is available only if the user hasconnected to the host.12

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleInformation TabThe Information tab displays the build date and version of the various RepliWebcomponents installed on the host. In addition, it displays the operating system of thehost.To access the Information tab:Right click the required host, select Manage, and then Information from the leftpane.Figure 8: Information Tab13

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleHosts TabThe Hosts tab allows updating the Hosts list on the managed host.This tab is available only for hosts that have a Center component installed.To access the Hosts tab:Right click the required host, select Manage, and then Hosts from the left pane.Figure 9: Managing HostsThe RepliWeb Hosts list resides on the Center, listing the hosts the user can replicatebetween.This tab allows changing the order of the hosts in the list, and also exporting andimporting the list of hosts. This enables easy assignment of the same hosts list in theentire organization.New – Add a Host to the hosts listRemove – Remove a host from the hosts listRename – Rename a host in the hosts listUp – Move the selected host one level higher in the list.14

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleDown – Move the selected host one level down the listImport – Import a list of hosts from a file on the RepliWeb Topology ManagerOrganizer machine.Export – Export the list of hosts to a file on the RepliWeb Topology ManagerOrganizer machine.Save – Save the list of hosts to the Hosts file on the remote Host.Undo – Undo changes done to the list. The list of hosts is re-loaded from theremote host.NOTE: None of the changes will take effect until the Save button is clicked. Onlynew jobs will be affected by these changes.15

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleScheduler TabThe Scheduler tab enables the user to set the Scheduler properties.This tab is available only for hosts that have a Center component installed.To access the Scheduler tab:Right click the required host, select Manage, and then Scheduler from the leftpane.Figure 10: Scheduler PropertiesSubmit Server – Specify the Scan Frequency of the Submit server. This valuespecifies how frequently the server will check if scheduled jobs need to initiatenew jobs.Active Server – The Active server is responsible for status changes of allrunning (active) jobs.o Scan Frequency – Specifies the frequency the Active server will scan therunning jobs and determine actions that need to be taken (i.e. move toarchive, execute exit command, activate recovery, etc.).16

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleooMax Jobs – Specify the maximum number or simultaneously runningjobs. If there‘s a job that is scheduled to run every minute that distributesdata to multiple Edges, and the server is down, when the server isrunning again, all pending jobs will try to run at once. Limiting the numberof jobs, will queue the rest of the jobs until one of the currently runningjobs had completed.Recovery Options – Replication & Distribution operations can recoverafter unexpected errors such as communication line or network faults,user interruption, or even a system crash. In anticipation of these errors,the Center maintains an ongoing record of its progress through eachdistribution job.Click this button to open the Recovery Options window for settingrecovery options.Archive Server – The Archive server is responsible for handling completed jobs.Configure here the Purge Policy depending on the completion status of a job.NOTE: When a job has reached its purge age, it will be deleted. A purged job isno longer viewable through either the Console CLI or the Console GUI.Each job generates report files that can be used for monitoring purposes. Sincethese reports can consume vast amounts of disk space, they are automaticallypurged after a predetermined amount of time. This means that they willdisappear from the Console GUI, and not be visible by a Console CLI showcommand.The Scheduler‘s Archive Server can be configured to have different purgepolicies for different job completion statuses. For example, a job that exited witherror may want to be kept much longer than a job that completed successfully.The Abort / Error / Success Purge Policy fields are in minutes, and will governhow long a job record will be kept after completion.By default, job reports will be kept like this: Successful Jobs - 4 hours (240 minutes) Aborted jobs - 2 hours (120 minutes) Failed jobs - 24 hours (1440 minutes)oScan Frequency – This value specifies how frequently the server willcheck if jobs are to be purged.As RepliWeb product architecture is designed to be robust and resilient tofailures, the purge command is performed in an asynchronous way. Whenthe purge command is issued, the job is "only" marked to be purged, andthe actual deletion is performed on a scheduled basis. This means thatthe user can issue a purge command, reboot the Center server before thejobs are actually deleted and when the server is started the purge17

RTM v2.1.1 User GuideRepliWeb Topology Manager Consoleoperation will still take place.oOn Success / Error / Abort – A different policy can be specified for eachcompletion status.• Purge After – Specify the duration (Days/Hours/Minutes) in whichto keep the Job‘s reports.Actions (Administrative Hold) – These two administrative tasks are to be usedon the Center or Edge prior to RDS/R-1/ROSS upgrades, or before other generalmaintenance activities that require the administrator to stop all processes on theservers.o Hold all running jobs – Put on hold all running and scheduled jobs. Thisis an administrative task that will put on hold all Replication andDistribution jobs regardless of their originating user.ooPrevent new Edge processes – Check this option to prevent newprocesses on the Edge (replication, cleanup, snapshot, etc.) from beinginitiated. Note that running RepliWeb processes will not be stopped andwill continue until completion. The Edge will not accept download orupload requests, Scheduled or Continuous Update jobs that involve thisEdge will fail at initiating new job instances.Allow Local Admin to view all jobs – Check this option to allow allmembers of Local Admin group on the Center to view all jobs via theConsole. When this option is un-checked, only the user who submittedthe jobs (and users that were authorized to view the job) will be able toview and monitor the job.NOTE: None of the changes will take effect until the Save button is clicked. Onlynew jobs will be affected by these changes.Save – Save changes to the configuration files on the remote host.Undo All – Undo changes done to the configuration files. Values are re-loadedfrom the remote host.18

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleRecovery Options WindowReplication and Distribution operations can recover after unexpected errors such ascommunication line or network faults, user interruption, or even a system crash. Inanticipation of these errors, the Center maintains an ongoing record of its progressthrough each distribution job.In the event of failure, the product used obtains all necessary information regarding thefailed operation from the record generated, including the original property configurationsand the exact point of failure.This window can be used to specify recovery options for Replication, Distribution andEdge jobs, including recovery attempts interval and recovery notifications.Figure 11: Recovery OptionsRetry Interval – Specify the interval calculation between recovery attempts:o Base Interval – The time interval before the next attempt is made.o Maximum Interval – The maximum period of time to which the intervalbetween recovery attempts may accumulate based on the Base Intervaland the Retry Factor.o Retry Factor – An incremental increasing factor used to geometricallyincrease the interval length between attempts.19

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleExample:A job has a Max Retries of 6, a Base Interval of 10 minutes (600 seconds), aRetry Factor of 50%, and a Max Interval of 60 minutes (3600 seconds).The job was submitted at 5:05 AM:Recovery attempt 1 of 6 will occur at 5:15 (10 minutes after the failure)Recovery attempt 2 of 6 will occur at 5:30 (15 minutes after the last failure)Recovery attempt 3 of 6 will occur at 5:53 (23 minutes after the last failure)Recovery attempt 4 of 6 will occur at 6:27 (34 minutes after the last failure)Recovery attempt 5 of 6 will occur at 7:18 (51 minutes after the last failure)Recovery attempt 6 of 6 will occur at 8:34 (76 minutes after the last failure)Recovery attempt 6 of 6 will not occur since the interval has increased to 76minutes surpassing the Max Interval of 60 minutes.Early Warning – Administrators can receive early notification when jobs are inrecovery, enabling them to fix the situation and allow the job to continueuninterrupted, before the job exhausts its recovery attempts. Notification can besent by email and / or by reporting to Event Viewer.o Every Attempt – Notify on every recovery attempt.o Before Attempt Number – Notify after the specified number of recoveryattempts.o Never – Do not notifyEarly Warning Settingso Report to Event Viewer – For each completion type, report the Job‘s exitmessage to the Windows Event Viewer or the UNIX syslog.oooEmail – An email is sent as a notification that the Job is in recovery.Recipients – Enter the email address of the email recipient(s). More thanone email address may be entered. Multiple email addresses should beseparated by commas.Subject – Edit the subject of the email to be sent. The subject line mayinclude information about the job:• $job_type• $job_id• $job_name• $statusA subject line is specified in the job properties as follows:$job_type[$job_id]: $job_name, is in recovery.This particular subject line will appear in an email as follows:Distribution [2362]: Weekly Updates, is in recovery.oAttach Reports – Select the replication reports to be attached to theemail. The list of reports depends on the Job type – Replication,Distribution, Rollback.• Select / Deselect All – Include or exclude all reports.20

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleEmail Configuration TabAs RDS/R-1/ROSS can be set up to send email upon job completion, e-mailconfiguration parameters should be set on the Center.This tab is available only for hosts that have the Center component installed.To access the Email tab:Right click the required host, select Manage, and then Email from the left pane.Figure 12: Email ConfigurationConfigurationo SMTP Host Name – Enter the IP Address or name of the Email servero SMTP sender – Enter the Email address that appears in the From field ofthe mail. It does not necessarily have to be an actual account.Format is user@company.com.oUse sender password authentication – Check this option if your Emailserver is secured.• User – Email server authenticating user name• Password – Password of the Email server authenticating username21

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleEmail Test – Enter the Email address of a recipient to test the emailconfiguration settings, and click the Test button. Upon successful email-sending,the user will be prompted to save the configuration settings, if those were notalready saved.Save – Save email configuration properties on the remote host.Reload – Undo changes and re-load the remote host configuration properties.22

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleUsers Definition TabThe User Definition tab enables you to define virtual and real users to convert them toreal users.To use a virtual user between the Center and an Edge, you should connect to the Edge.If you want to use a virtual user between Console and Center, connect to the Center.Virtual users are defined on the machine accepting the connection. This way, themachine initiating the connection ―knows‖ only virtual information and only virtualinformation is sent on the network. Real information never leaves the machine acceptingthe connection.NOTE: In UNIX, you can only define virtual users. No need to define real users to beused in the Rules Tab. In Windows, in order to map a virtual user to a real user, the realuser must be defined in the User Definition tab as well.To access the User Definition tab:Right click the required host, select Manage, and then User Definition from theleft pane.Figure 13: Define Virtual Users23

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleFor additional explanation on Security Rules and Virtual Users, refer to Appendix B –Proxy User Security Mechanism.NOTE: Do not define real users if there are no virtual users mapped to them.1. Click the leftmost button to add a new user.Figure 14: Adding Virtual Users2. Add the virtual user and virtual password.3. Select the Virtual option and click OK.NOTE: If you define that virtual user with a domain (a virtual one), you shouldalso specify that domain name in the Connection screen.4. Add the real user that the virtual user is translated to by selecting the Systemoption and entering a real Domain:5. Click the Save button.Figure 15: Adding Real Users24

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleUpdating the Submit CommandAssuming that you have defined virtual users on an Edge, you can go back to your CLIsubmit command on the Console, and change the user/password combination for theremote connection:Instead of:> … submit … -user=real-user –password=*** –domain=compdomainyou can now specify:> … submit … -user=vuser –password=vpassUsing the Console GUI, your job definition will look like this:Figure 16: Submit with a virtual user25

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleSecurity Rules TabThe Security Rules tab enables you to define rules that apply to system and virtualusers.Security rules are defined on the machine accepting the connection, as this is whereaccess to system and virtual users is granted or denied. Here you define the connectionbetween the virtual user and the real user.To use security rules between the Center and an Edge, you should connect to theEdge. If you want to use security rules between Console and Center, connect to theCenter.For additional explanation on Security Rules and Virtual Users, refer to Appendix B –Proxy User Security Mechanism.To access the Rules tab:Right click the required host, select Manage, and then Rules from the left pane.Figure 17: Security Rules Tab26

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleTo define a rule:1. Click the leftmost button ―New Rule‖ to add a new rule –Figure 18: Adding a RuleEnable Rule – Specify whether this rule is enabled or not. If this option is notselected the rule is not taken into account while evaluating a user.ooDescription – Fill in a description of that rule. This field has no effect onthe rule‘s functionality.Incoming User – specify the user name performing the connection. Thisuser name will be translated to a real user on the target machine. Specifywhether the incoming user is Virtual or not.If the incoming user is a virtual user, you can define a virtual domain aswell. The domain is then used in the actual connection command.NOTE: In UNIX, you can only define virtual users. No need to define realusers to be used in the Rules Tab. In Windows, in order to map a virtualuser to a real user, the real user must be defined in the User Definitiontab as well.- In a Console Center / Host connection, the incoming useris the one used in the Console Connection screen.27

RTM v2.1.1 User GuideRepliWeb Topology Manager Console- In a Center Edge connection, the incoming user is the oneused in the job definition.• SSL – Specify if to consider SSL during the connection: With SSL – The connection must be with SSL Without SSL – The connection must be without SSL.ooAction – specify whether the rule is ―positive‖ – approve the user toconnect (Accept Connection), or ―negative‖ – deny access to that user(Reject Connection).Transform To – specify the real target user the Incoming User istranslated to.• If applicable, specify Domain.NOTE: If the virtual user was defined with a domain (a virtual one),you should also specify that domain name here.This is a basic rule. Since you defined only one user, simply click OKto specify that the user ―vuser‖, will be examined as a virtual user andtranslated to the real user ―james‖ from the domain ―comp_domain‖.Stop searching for additional matching rules – Do not check that user usingother rules. If the incoming user matches that rule, accept or deny according tothat rule.Advanced – Rules may be further enhanced to tighten security and limitaccessibility to RDS/R-1/ROSS machines. These features describe the operatingsystem environment from which the connection request is coming from.Figure 19: Advanced Rule Parameters28

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleRequester Users – Wildcard and multiple values are supported.- In a Console Center connection, this is the ACTUAL ACCOUNT fromwhich the RDS/R-1/ROSS command came from, i.e. Windows or UNIXaccount, not the Console login.- In a Center Edge connection, this is the user used in the Consolelogin to the Center.Requester Domains – Wildcard and multiple values are supported.- In a Console Center connection, this is the ACTUAL Windowsdomain from which the RDS/R-1/ROSS command came from.- In a Center Edge connection, this is the domain of the user used inthe Console login to the Center.Requester Nodes – The machine name from which the request comes from.Wildcard and multiple values are supported.- In a Console Center connection, this is the network name of theConsole machine.- In a Center Edge connection, this is the network name of the Center.Requester Subnets – The subnet from which the request comes from. Wildcardand multiple values are supported. For example - 17.0.84.*.- In a Console Center connection, this is the subnet of the Consolemachine.- In a Center Edge connection, this is the subnet of the Center.Requester Netmasks – The netmask from which the request comes from.Wildcard and multiple values are supported. 255.255.255.0 - for example.- In a Console Center connection, this is the netmask of the Consolemachine.- In a Center Edge connection, this is the netmask of the Center.Requester Applications – The application name from which the request comesfrom. Multiple values are supported, and ALL can be selected meaning therequest can come from any of the listed applications. This field can have thefollowing options:o Consoleo Command Lineo APIo Replication Jobo Multicast Distributiono ManageTarget Applications – The target application receiving the connection request.This field can have the following options:o Center29

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleoEdgeIn the screen-shot above, only users that their name begins with ―comp‖, fromdomain ―comp_domain‖, and that are connecting from machines whose IPaddress begins with 12.0.76 are allowed to connect. Other users will not passthat rule and their connection request will be denied.2. Click the Save button.3. Defining a few rules, you can determine the order in which the rules are appliedwhen a user tried to connect to the machine. To update the location of a rule,right-click the rule, and in the floating menu select the Move option. A window willopen, enabling to move the rule up and down between the existing rules.30

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleLicense TabThis window enables managing product Licenses on the remote Host.NOTE: Handle RepliWeb licenses with care. Follow the instructions you received fromRepliWeb support.To access the License tab:Right click the required host, select Manage, and then License from the leftpane.Figure 20: LicensingLicense Type – Select the license type (RDS/R-1/ROSS).Remove – Remove the license from the remote machine.NOTE: RDS, R-1, and ROSS are licensed RepliWeb applications. Removing anyRepliWeb application‘s license without direct instructions from RepliWeb supportwill disable it.31

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleInstall – Save the viewed license on the remote host. Use the license receivedfrom Repliweb. Either copy the license from the email and paste it in the licensewindow, or import a saved license from the RepliWeb Topology ManagerOrganizer machine.Undo – Discard changes done in the license window, reload license from theremote Host.Export – Export the license in the window to a file on the RepliWeb TopologyManager Organizer.NOTE: RepliWeb Licenses are digitally signed. Do not make any changes to thetext.32

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleSSL TabRepliWeb products use OpenSSL to enable Encryption and Authentication for:‣ Console Center communication effective for Console Center,RepliWeb Topology Manager Console RepliWeb Topology ManagerOrganizer and RepliWeb Topology Manager Console RepliWeb TopologyManager Host.‣ Center Edge communication effective for WAN transfer replication andR-1/ROSS distribution jobs.SSL sessions can be configured using the RepliWeb Topology Manager GUI andManaged in the Console GUI user interfaces.NOTE: For maximal data-security, although the key-phrase is encrypted at all times, it isrecommended to set SSL configuration using a local Console on each of the machines,and not over the network.To access the SSL tab:Right click the required host, select Manage, and then SSL from the left pane.33Figure 21 – SSL Configuration

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleNOTE: Use the default certificate and key provided with the product to configure and testSSL communication. However, for production environment, it is recommended to usecertificates provided by a Certificate Authority (CA).For a step-by-step explanation about setting SSL security, see your RepliWeb product‘sSSL Guide.Internal Tabs – Select one of the 4 end-points to configure.o Console (Client) – Configure the Client in a Console Centercommunication.o Center / RepliWeb Topology Manager Organizer / RepliWebTopology Manager Host (Server) – Configure the Server in a Console Center communication.o Center (Client) – Configure the Client in a Center Edge replicationprocess communication.o Edge (Server) – Configure the Server in a Center Edge replicationprocess communication.Local Certificate – Specify how the machine being configured introduces itself inthe Authentication stage.o Use Alternate Files – Specify the Certificate and Key file names to beused. If unchecked – default certificate, private key and private keyphrase will be used. If checked, the following will be used:• Certificate – Specify the full path to the CA Certificate file.• Private Key – Specify the full path to the private key file.• Private Key Phrase – Specify the password to read the privatekey file. The key phrase is kept encrypted and hidden.NOTE: The private key phrase is kept encrypted for eachWindows Login user separately.Other Side Authentication – Specify how the machine being configured verifiesthe other side in the Authentication stage.o Authenticate Using – Select the authentication type that will take place:• Certificate – Authenticate the other end using a certificate.• Certificate + Name – Authenticate the other end by using acertificate and the Common name written in certificate.• None – Do not authenticate the other end. The SSL session willuse encryption but not authentication.ooServer / Client Common Name – When using authentication by name,this name will be expected in the other end‘s certificate.Use Approved CA – If unchecked - default certificate, private key andprivate key phrase will be used. If checked, the following will be used:• CA File – Specify the full path to a file containing trustedcertificate authorities information.• CA Dir – Specify the full path to a directory containing trustedcertificate authorities files.34

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleEncryption – Select the encryption type to use during the SSL session. Optionsare:o DES – DES (Data Encryption Standard) applies a 56-bit key to each 64-bit block of data.o 3DES – Triple DESo RC2 – RC2 (Rivet‘s Cipher 2) is a variable key-size block cipher.o RC4 – RC4 is a variable key-size block cipher with a key size range of 40to 128 bits. It is faster than DES and is exportable with a key size of 40bits.o Use Server Defaults – The encryption type is selected by the serverautomatically.NOTE: Encryption can be set in Client side only.For a step-by-step explanation about setting SSL security, see your RepliWeb product‘sSSL Guide.35

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsolePAM Service TabUsing PAM authentication, RTM administrators can enable users on LDAP repositories,such as Microsoft‘s Active Directory, to log into UNIX machines using their own accountcredentials without having to create a unique login account for each relevant UNIXmachine.To access the PAM Service tab:Right click the required host, select Manage, and then the PAM Service tab inthe left pane.Figure 22 – PAM AuthenticationTo configure PAM authentication:1. Select the Use PAM Service checkbox.2. Enter the appropriate PAM Service Name. Default is ―repliweb‖.3. Enter the PAM Library Path. For example, /lib/libpam.so.0.81.54. Select if to attempt local authentication in the event that PAM authentication fails.36

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleDisk Space TabUse this tab to configure the disk space thresholds allowed and the system‘s behaviorwhenever a disk space problem or shortage occurs.To access the Disk Space tab:Right click the required host, select Manage, and then Disk Space from the leftpane.Figure 23 – Disk Space ConfigurationInstallation Drive Space Thresholdo Minimum required disk space – Set the minimum disk space (in MB)that is required on the installation drive for proper operation.oWhen the installation drive threshold is reached:• Prevent jobs from running – (enabled for Centers only) Hold alljobs from running until there is sufficient disk space.• Reject job connections from other Centers – (enabled forEdges only) Reject any future job connections from other Centersuntil there is sufficient disk space.37

RTM v2.1.1 User GuideRepliWeb Topology Manager Console• Report to Event Viewer – Report this issue to the WindowsEvent Viewer or the UNIX syslog.• Email to – Enter the recipient(s) email address to be used whenthe installation drive threshold is reached. More than one emailaddress may be entered. Multiple email addresses should beseparated by commas.Archived Jobs Disk Space ThresholdNOTE: This section is enabled for Centers only.oooooDisk space allocation threshold – Set the maximum disk space allowed(in MB) for the archived jobs directory.Archived jobs folder – Displays the path to the archived jobs folder.When the disk space threshold is reached:• Purge jobs when exceeding the disk space threshold – Oncethe disk space threshold is reached, the system will begin purgingarchived jobs based on the oldest purge date until the archivedjobs directory limit is surpassed.- Purge jobs that are set to “Never Purged” if there isstill insufficient disk space – When purging jobsdoes not clear enough disk space, the system willbegin purging jobs that were set to Never Purged untilthe archived jobs‘ disk space limit is reached.Report to Event Viewer – Report this issue to the Windows EventViewer or the UNIX syslog.Email to – Enter the recipient(s) email address to be used when theinstallation drive threshold is reached. More than one email address maybe entered. Multiple email addresses should be separated by commas.38

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleTools TabThe tab enables access to various management tools.To access the Tools tab:Right click the required host, select Manage, and then Tools from the left pane.Figure 24: Management ToolsChange Password – Use the Change Password utility to update scheduled jobs‘passwords.Run Command – Use this option to execute commands on remote hosts.Migration – Use this option to migrate RDS jobs to R-1 jobs.All tools are described in detail in the following chapters.39

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleChange PasswordUse the Change Password utility to update Jobs, Templates and configuration fileswhenever a password change occurs.Examine the following scenario:User ‗bob‘ defines a scheduled job, and gives the following credentials to connectto the Edge:Edge=103.20.161.102User=bobPassword=abaThe job starts to run using these credentials.One hour later the user‘s password on the Edge expires (its his company policy)and he needs to change his password.He changes the password on the Edge from ‗aba‘ to ‗daba‘.From now on, new instances of this scheduled job will fail, as the suppliedcredentials are invalid, because they try to connect to the Edge using the oldpassword, which is no longer valid.All recovery tries will fail and, the account of that user may be locked becausethere were too much retries to login with bad credentials.Using the Change Password utility, the user can automatically update the password forall jobs. Without this utility, the user had to resubmit all jobs that use the old password,and update them to use the new one.Changing passwords may be done using this screen, or using command line byactivating this Change Password utility located in the RDS installation path ~ProgramFiles\RepliWeb\RDS\utilities.40

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleFigure 25: Change Password Wizard – Welcome PageBack – Go to the previous wizard page.Next – Click the Next button after filling the required fields in the current page.Finish – Click the Finish button to perform the change password process.Cancel – Cancel the wizard. Change password utility is not activated.41Figure 26: Change Password Wizard – HostsIn the Hosts page, specify the identities (names, IP addresses and/or aliases) of all thehosts on which you want to change the user‘s password. Several identities may havebeen specified for the same host. For example, the user may have submitted on jobusing the host‘s IP address and another job using the host name. In this case, bothvalues should enter the list.

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleNOTE: If the machine specified is the localhost machine (the same machine on whichyou run the utility), you must specify either the name of the machine, its IP address or―localhost‖.In general, it is recommended to always specify also the name of the machine.Figure 27: Change Password Wizard – Specify CredentialsIn the Credentials page, specify the credentials of the user‘s password have beenchanged, and the new password to be used.Note that the old credentials must match exactly those in the job. If you specify username and old password with no domain, only jobs that use that user and passwordwithout domain will be changed.42

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleFigure 28: Change Password Wizard – Progress ReportIn the Progress Report page, a log of the Change Password process is displayed.Review the log to verify that all entities have been updated successfully.The Migration progress report may be saved upon completion of the wizard. Checkingthe Keep Report At and clicking Finish will save the report in the specified path.43

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleRun CommandThe tab enables executing a batch file or an executable on the remote Host. This screenmay be used to test pre/post replication commands that should be run on the remoteHost before or after the replication process.Figure 29: Remote ExecutionLoad – Use the Browse button to open a file dialog on the remote Center,enabling selection of the file to execute. The executable‘s output is displayed inthe Report window.Run – Click the button after filling in the name of the file to execute.NOTE: The file must reside on the remote host.Clear – Clears the text from the Log window.44

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleMigrationThe RDS-to-R-1 migration wizard enables to convert all RDS entities to R-1 so they canbe viewed, saved, and submitted using the R-1 Console, CLI and API.RDS services will be stopped during this process, thus putting on administrative hold allrunning jobs, and disconnecting all Consoles connected to that host.The services are restarted automatically after the process is complete but the Consoleswill need to be re-connected manually.Figure 30: Migration Wizard – Welcome PageBack – Go to the previous wizard page.Next – Click the Next button after filling the required fields in the current page.Run – Click the Finish button to perform the migration process.Cancel – Cancel the wizard. The Migration process is not activated.45

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleFigure 31: Migration Wizard – Progress ReportIn the Progress Report page, a log of the migration process is displayed. Review thelog to verify that the process completed successfully.The Migration progress report may be saved upon completion of the wizard. Checkingthe Keep Report At and clicking Finish will save the report in the specified path.46

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleManage Internal Processes TabRepliWeb products use internal jobs to perform various system operations. Set thevarious internal processes‘ properties using the appropriate tabs.Internal Processes - EraserThe Eraser job is responsible for purging recorded Rollback data that has expired. In thistab the user can monitor the Eraser job, view its report and set its properties. Theexpiration date of recorded data is set in the Rollback Job Properties / Purge tab.To access the Internal Processes tab:Right click the required host, select Manage, and then Internal Processes fromthe left pane.Figure 32: Internal Process - EraserJob Details – View the Eraser job‘s state, completion message and report. Asthe Eraser job is an internal process, available operations are Holdand47

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleContinueonly. Users can also request to refresh the displayed informationby clicking refresh .Job Propertieso Scan Frequency – Specify in minutes how often the Scheduler willsubmit an Eraser job. This affects how frequently the Eraser will check ifexpired data needs to be erased.o Report cleanup every – The Eraser report can be cleaned up atspecified intervals. This value is in minutes.o Save – Save eraser job properties on the Center.48

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleInternal Processes - FailoverThe Failover process enables administrators to maintain a Backup (standby) server thatwill be used as the Center in case the Primary Server is temporarily shut down.Failover is an important fault tolerance function of mission-critical systems that rely onconstant accessibility. The backup server is automatically and transparently to the userbeing updated with all Center files, so when the need arises, it can replace the primaryserver and act as the Center, running all replication and distribution jobs as before.NOTE: The Failover Server must contain a complete R-1 installation, using the sameproduct version, installed on exactly the same path as the Center initiating the Failoverprocess. Install at least the Center and Edge components; the Console is optional. Thiswill allow the failover server to act as both the Center and an Edge for existing and newjobs.The Failover and Primary server should be of the same platform (Windows Windows, Linux Linux, etc.).The Failover process will fail if these requirements are not met.The Failover process updates the Failover server with the following product information:Scheduled Jobs – This includes all continuous update jobs, scheduled jobs, ondemandjobs.Templates – Common and User Specific.Containers – Common and User Specific.Configuration FilesPreference FilesNOTE: The Failover process does NOT copy any content from the Primary server to theFailover server. This is the responsibility of the user/administrator.49

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleProcess Description Setup1. Install the RepliWeb product on both Primary and Failover server. Make sure atleast the Center and Edge components are installed. Both servers should beinstalled on EXACTLY the same path on both servers. The Failover and Primaryserver should be of the same platform (Windows Windows, Linux Linux, etc.).NOTE: The Failover server must be a different machine from the Primary server.When the Failover process is enabled on the Primary server, the Schedulerservice is automatically stopped on the Failover server.2. Stop the RDS Scheduler service on the failover server and set it to startmanually, so it won‘t start automatically in case of a reboot.The Failover process copies scheduled job definitions, Templates, Containersand all configuration files required for the Failover server to act as a Primaryserver when needed. The Failover does NOT copy content from the productionserver to the Failover server.3. When the Primary server goes down, the user should perform the following:a. The Failover server should get the IP / DNS and NAME of the primaryserver. This should be done according to corporate policy to allowpreviously scheduled jobs to continue uninterrupted without resubmitting.b. Start the Scheduler service on the Failover serverUsing Windows:i. From the Windows Start menu, browse to Control Panel Administrative Tools Services.ii.iii.Start the service named RDS Scheduler.Set the RDS Scheduler service to start automatically.Using UNIX:Start repliweb_scheduler:/usr/bin/repliweb_schedulerc. On the Failover server, using the Console GUI, go to Manage / Center /Scheduler and check the Allow local admin to view all jobs option.d. Using the Console GUI, re-connect to the Failover Center.50

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleFigure 33: Internal Process – FailoverFailover Properties – Set the Failover process properties.o Enable Automated Failover – Selecting this option immediately initiatesthe Failover process.To stop the Failover process, un-check the field and click the Applybutton.oConnection Credentials – Enter the credentials that will be used by theFailover process to connect to the Failover Server.• Failover Server – Enter the host name or IP address of theCenter being used as the Failover Server.• User – Enter the user name that the Failover Process will use.• Password – Enter the password for the account specified in theUser field.• Domain – If user is part of a domain, enter the domain here, if it isnot, leave this field blank.NOTE: If a replication job is also running in front of the Failoverserver, it MUST use the same ―Failover Server‖ name (name, IPaddress) as specified here, otherwise it will fail on ―Duplicate LicenseCheck‖.51

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleooooRun Options – Specify how the Failover process will run:• Run Immediately – The process will run immediately if theEnable Automated Failover is selected.• Run Every – Run a job at a specific time interval (days / hours /minutes).Use Alternate Port – Check this option to change the port being used forthe failover job, and specify the new port number to use.Report Cleanup – The Failover report can be cleaned up at specifiedintervals. This value is in minutes.Click Apply to save changed settings. If the Failover is enabled, savedsettings take effect immediately.Running Details – View the Failover job‘s state, completion message and report.To refresh the displayed information clicking refresh .52

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleInternal Processes – Backup & RestoreThe Backup process enables administrators to maintain a backup of the definitions of allCenters including configuration files, templates, containers, etc.Use this feature when in need of Migration (copy) of definitions between Centers Persistency from uninstall & install processes Recovery from incorrect definition changes Disaster Recovery.Backup may be performed only from Center machines.NOTE: Template, Containers and Defaults – All items: Local (if Console is alsoinstalled on the Center), Center-Common and Center-User-Specific items are backedup.Scheduled Jobs: Only scheduled jobs are Backed-Up; instances of scheduled jobsare not backed-up.It is recommended to back up Centers to a remote machine and not locally. The backupand restore functions are not replication jobs and should not rely on access to remotecomputers enabled by components. Data should be saved to folders that are accessiblefrom the backed-up machine - this can be a UNC path in windows or an NFS path inUNIX.NOTE: Define Backup properties by using the Backup Settings button before trying toback up RDS/R-1/ROSS for the 1 st time.53

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleFigure 34: Internal Process – Backup & RestoreBackup Jobs History – Select a backup process to view its report.o Stop Backup – Stop the current backup process. This button is availableonly if a backup process is in progress.o Refresh Report – Refresh the report of the selected backup process.Use this button if there is a backup process in progress.Backup Settings – Clicking this button will open the Backup Settings window tospecify the backup process‘s properties.Back Up Now – Click this button to initiate a backup process immediately.Restore Now – Clicking this button will open the Restore Wizard to guide youthrough the recovery process. You can select to restore either from the currentlyselected Backup or define another backup to restore from in the Restore Wizardwindow.54

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleBackup SettingsThe Backup Settings window is opened when clicking the Backup Settings button in theBackup & Restore tab.Specify here properties of the backup process as required by your organization‘s needs.NOTE: Define Backup properties by using the Backup Settings button before trying toback up RDS/R-1/ROSS for the first time.Backup Settings – General TabSpecify in this tab the backup folder to use, backup scheduling options and additionalsettings.It is recommended to back up Centers to a remote machine and not locally. The backupand restore functions are not replication jobs and should not rely on access to remotecomputers enabled by components. Data should be saves on folders that are accessiblefrom the backed-up machine - this can be a UNC path in windows or an NFS path inUNIX.Figure 35: Backup Settings – General Tab55

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleBackup Directory – Specify where the backed up data will be stored.The recording location may be specified as a path on the target machine(D:\r1_recordings) or a network share (\\nasstorage\R1_recording).Network Share access credentials – If the backup folder is on a network drive,check this option and fill the necessary credentials to access this location.Scheduling – Specify when the backup process should be performed:o Daily – Backup will be run daily at the specified time.o Weekly – Backup will be run weekly at the specified date and time.o On Demand – Backup will only be performed manually, when the userclicks the Back Up Now button in the Backup & Restore window.E-mail backup ZIP file – Check this option and specify recipients to have yourRepliWeb product send a ZIP file containing the backed up data. The ZIP file isemailed in addition to backing the data in the specified folder above and notinstead. Multiple email addresses should be separated by commas.Purge backups after – Specify in days, minutes and seconds when to purge thebacked up date.56

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleBackup Settings – Error Handling TabSpecify here whether to abort the backup or continue in case of an error. Errors canrange from inability to send mail to file access problems, etc.Figure 36: Backup Settings – Error Handling TabAbort – Abort the backup process in case of an error during the backup process.Continue – Continue the backup process even if an error occurred. The error willbe recorded in the backup report.57

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleBackup Settings – On Exit TabThe On Exit option allows the linking of procedures to the ‗exit‘ status of the backupprocess. For each of the completion status: Success, Abort or Error, specify the requiredoperation:Figure 37: Backup Settings – On Exit TabReport to event viewer – Select a backup process to view its report.Send Email – An email is sent upon completion of the backup process.o Recipient – Enter the email address of the email recipient(s). More thanone email address may be entered. Multiple email addresses should beseparated by commas.o Attachment – Specify whether to attach the backup report to the email.Propagate All – Use the same specified procedure for all Exit functions.58

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleRestore WizardThe restore Wizard appears when clicking Restore Now in the Backup & Restore tab.When data restoration is required, in the Backup & Restore tab select the backed updata to restore from.Restore Wizard - Select LocationSpecify in this page the location of the backup files to restore from.Figure 38: Restore Wizard ILocal path / Network share access credentials – Choose the backup locationto restore from. If a backup was selected in the Backup & Restore window, itsproperties will automatically be filled here.ooRestore from – Select a backup folder to restore from.Backup instance – Select the backup instance to restore. Note that theremay be more than one backup instance in the same backup folder.Incomplete backups are marked as [partial].These buttons will appear on each of the restore wizard‘s screens:Back – Click here to go back to the previous restore wizard screen.Next – Click here to continue with the restore process.Cancel – Click this button to cancel the restore operation.59

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleRestore Wizard - What to RestoreSelect the items to restore. By default, all items are selected.Note that items like Containers, Templates and Users have sub levels that can also beselected or deselected.Figure 39: Restore Wizard II60

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleRestore Wizard - JobsWhile restoring jobs, they can either be restored as templates to be edited and ran at alater stage, or as new jobs.Figure 40: Restore Wizard IIICreate templates from the restored jobs – A template will be created for eachbacked up job, with the same name, description and type of the restored job.Templates are created as Center – Common templates.Create jobs from the restored jobso Clear all existing jobs before restoring – All scheduled jobs areaborted and then deleted before the restore process is taking place, tomake sure we are not creating conflicts.o Preserve jobs’ ownership while restoring – Use the ownership of therestored job and not of the user performing the restore operation.61

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleRestore Wizard - Error HandlingSpecify error handling during the restore process. Errors can range from inability to sendmail to file access problems, etc.Figure 41: Restore Wizard IVAbort on restore error – Select this option to abort the restore process if anerror occurred.Continue on restore error – Select this option to continue with the restoreprocess even if an error occurred.62

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleRestore Wizard - SummaryCompleting the restore operation, this screen displays a summary of the restoreoperation to be performed.Figure 42: Restore Wizard VRun – Click here to complete the restore process.63

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleRestore Wizard - ProgressPerforming the restore operation, this screen displays a progress of the restoreoperation being performed.Figure 43: Restore Wizard VISave report in – Check this option and specify a path to save the restore‘sprogress report.Finish – Click this button to close the restore wizard.64

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsolePropagate SettingsEnhancing RepliWeb Topology Manager‘s global management capabilities, thePropagate feature allows users to define settings on one host and propagate them toother hosts on their network. This includes propagating in a multi-product environment.When propagating to a different product (for example, from R-1 to ROSS), only theproperties that are relevant to that product will be propagated.Users can specify which settings will be propagated to what servers, saving the need toredefine the same settings on all hosts. This feature is very powerful especially forsettings like Rules and User Definition, Scheduler configuration settings, and may beused also for spreading Templates and Containers.1. From the Hosts list, right click the host you want to propagate from; this can beeither a Center or an Edge, or both, and select the Propagate option.Figure 44: Propagate – Select Source MachineThe Propagate Wizard opens, guiding you through the steps required tocomplete the propagation process.2. Select the machines to propagate to. Click Next.65

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleFigure 45: Propagate – Select Target Machines3. Select which properties to propagate. Note that Center properties will not bepropagated to Edge only machines.4. Click Next.Figure 46: Propagate – Select Properties5. Select the error handling method. If an error occurs during the propagateprocess, you can select to Abort the process, continue to the next host, or promptand wait for a user response before continuing.6. Click Next.66

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleFigure 47: Propagate – Error Handling7. Enter Alternate credentials to be used in the propagate process. These will beused if there are no saved Credentials for that host, or in case the Credentialssaved with the host do not have enough permission to connect to that host.Using a multi-platform environment, you can enter both Windows and UNIXcredentials. In case the connection fails using the 1 st Alternate Credentials,RepliWeb Topology Manager will attempt to connect to that host using the 2 ndAlternate Credentials.8. Click Next.67

RTM v2.1.1 User GuideRepliWeb Topology Manager ConsoleFigure 48: Propagate – Alternate Credentials9. When the Propagate button is clicked, the process begins, displaying theprogress report on the screen. The report can be saved to an external file.10. Click Next.Figure 49: Propagate – Propagation Report68

RTM v2.1.1 User GuideAppendices69

RTM v2.1.1 User GuideAppendix A –Quick GuideRepliWeb Topology Manager Step-by-Step1. Open the RepliWeb Topology Manager Console from the Start menu.2. Connect to a RepliWeb Topology Manager Organizer. Fill in the followingfields:a. Organizer – the name or IP address of the RepliWeb Topology ManagerOrganizer.b. User/Password/Domain – fill in the credentials to connect to theOrganizer/Host. Enter Domain if the machine is on a Windows network.c. Click the Connect button.3. In the main menu, or the tool bar, select New Group. A new hosts group isadded to the tree, change its name.4. Using the mouse, highlight the newly create group.5. In the main menu, the tool bar, or the right-mouse floating menu, select NewHost. A new Host is added to the tree in the selected group, change the Host‘sname. The host name should be DNS name or IP address.6. To connect, highlight the newly added Host. Double-click the host, use thetoolbar, or use the Action / Connect menu option. Fill in the connectionscredentials,The process of adding Groups and Hosts can be repeated, reflecting your Hosts‘topology. You can add as many Groups and Hosts as required, arranging them in anyorder and any tree structure. Groups may be added to Groups creating a multi-level tree.Hosts me be added directly to My Hosts.70

RTM v2.1.1 User GuideAppendix B –Proxy User Security MechanismOverviewThe RepliWeb User Account Proxy is a layer within each RepliWeb product that acts asboth an incoming security reference monitor and as a User proxy.A system administrator can control RepliWeb product operations on his system throughthe Proxy Security Mechanism.Whenever a request for an operation is received, it activates a security check, whichcompares the details of the requested operation against a rule base. Based on theadministrator-defined rules recorded in this file, the operation is approved or refused.The Proxy Security Mechanism plays two major roles:It is an administrative tool, allowing you to control how users use the product andtheir related programs on your system.It is a security tool, allowing you to control all incoming RDS/R-1/ROSS requestsfrom outside your system.The Proxy Security Mechanism serves here as a data transfer firewall, allowing remoteusers access without exposing your system account and password information.To understand how the Proxy Security Mechanism carries out these functions, it isuseful to know how it performs the security check.For each requested operation, a number of parameters are examined during a securitycheck. These include the requester's node, user name and network address, the localuser name and password given for the operation, etc. Any of these properties can beused as criteria to determine if a given rule should apply to the operation. A matchingrule can instruct the checking application to refuse or approve the requested operation.The rules can also tell the application to modify the operation's properties, such aschanging the local user account the operation is carried under.Once a particular requested session has been approved, the action taken is to fork thechild process that handles the request under the specified local user context defined inthe security file.This is the “Virtual User” functionality.71

RTM v2.1.1 User GuideAppendix B –Proxy User Security MechanismSecurity RulesThe Proxy Security Mechanism operates on the principal of Active Security: instead ofpassively relying on the system's built-in security measures, it actively takes anyinformation it has on the requested operation and decides if it should be refused,approved or modified, based on any relevant rules defined in one or more security files.Because of this, security is not based on what the remote user knows about a system(like ftp or rcp passive security), but on what the administrator actively allows to bedone on the system through the security rule base.This means that sensitive system information such as user account names or passwordsdon‘t have to be given to remote users or passed over the network.The administrator decides exactly who is allowed to connect from where, whatauthentication process they must pass, and what exactly they will or will not be allowedto do.Active Security can be used to limit access based on remote user's name, remote node'sname, network address, and other identifiers. Complete sub-networks and user groupscan be identified and restricted in a single rule.The administrator can define Rules to divert remote users to specific local accounts,regardless of information they might possess.By default the security file in the product allows all users with real username andpasswords to have full access and control. Use the Virtual Users and Rules Tabs totighten your security settings.It should be noted here that the Security File ~\config\rw_security.cf must haverestricted permissions set on it, (600 on UNIX and Administrator only on Windows)otherwise an error is returned upon connection.NOTE: The Rule base is parsed such that later rules will overwrite and take precedenceover earlier ones.An example of this is given below, where the initial Rule denies ALL connections,regardless of who they are and where they come from, yet a subsequent Rule allowscertain access, provided the request uses a virtual user name.72

RTM v2.1.1 User GuideAppendix B –Proxy User Security MechanismExampleBelow is an example that has just two rules.Rule 1 rejects everybody.Rule 2 just allows one virtual user vjames full control from any machine.73

RTM v2.1.1 User GuideAppendix B –Proxy User Security MechanismThis is how the rules table will look. When an incoming connection request arrives, anyuser will be rejected by the first rule. Now since the rule is not marked as ―Stop Search‖the next rule is examined. The second rule will only allow the virtual user vjames toaccess the target machine. The rule is marked with ―Stop Search‖. This means that thefollowing rules (if exist) will not be checked. And as this rule grants access to this user,his request is granted.74

RTM v2.1.1 User GuideIndexArchitecture, 4Backup & Restore. See Manage / InternalProcessesBase Interval, 19Build Info. See Manage / InformationCenterConnecting, 51ConnectHost, 6, 9Organizer, 6, 9, 11ConnectionDefault Credentials, 8Settings, 8ConsoleGUI, 6Quick Guide, 70RepliWeb Topology Manager, 5Domain, 51Early Warning, 19Email Configuration. See Manage / EmailConfiguration, See Manage / EmailConfigurationEMail Notification, 20, 58On Exit, 20Event ViewerReport to, 20Failover, 49Features, 3Functional Description, 4General Concepts, 3Group, 5New, 11Remove, 11Rename, 11Help, 11Host, 5Connect, 6, 9, 11Disconnect, 11, 12Manage, 11New, 11Open Console, 11, 12Remove, 11Rename, 11Hosts List, 5, See Manage / HostsLicense. See Manage / LicenseRemove, 31ManageChange Password, 40Disk Space, 37Execution, 33, 44Failover, 49Hosts, 14Information, 13Install, 32License, 31Migration, 45Scheduler, 16Security Rules, 26Tools, 39User Definition, 23Max Interval, 19Menus, 11Operating System, 2Organizer, 5Connect, 6, 9Password, 51Propagate, 65Proxy User Security Mechanism, 71Purge Policy. See Manage / SchedulerRDS to R-1 Migration. See Manage / ExecutionRecovery Options, 19Recovery Options WindowGUI, 19Remote Execution. See Manage / Execution, SeeManage / ExecutionRestore Wizard. See Manage / InternalProcessesRetry Factor, 19Rules, 71, See Manage / Security RulesSecurity. See Proxy User Security MechanismSSL, 8, 9, 52syslogReport to, 20Toolbar, 11User Guide, About the, 2Virtual Users, 71, See Manage / User Definition75