Home Print Show Topic URL Previous Next
IT Management Suite
Client Management Suite
Server Management Suite
Deployment Solution
Asset Management Suite

Best practices for installing the IT Management Suite

ITMS Installation and Upgrade

Following are the best practices for installing the IT Management Suite (ITMS) 7.5 SP1 solutions on a computer:

  • Install the latest version of Java before installation so that the Software Library and other Package settings work directly after install.

    See Table: IT Management Suite 7.5 SP1 required third-party software

  • Enable the plug-in rollouts for Inventory and Software Management directly after the installation. Alternatively, you can plan to roll out the plug-ins after the installation.

  • Ensure that you have the user logged in as the application identity when you install any ITMS solution.

    The application identity of Notification Server is the account under which Notification Server runs. You specify the appropriate user name and password when you install Notification Server, and you only need to update it when necessary. For example, if your organization has a password change policy, the CMDB access credentials may be forced to change. The application identity no longer has permission to log on to the SQL Server.

    To verify that the user account is an application identity account:

    • In the Symantec Management Console, in the Settings menu, click All Settings.

    • In the left pane, under Settings folder, expand Notification Server, and then click Notification Server Settings.

    • On the Notification Server Settings page, in the Processing tab, ensure that the user account is an application identity account in the Application identity area.

  • In a hierarchy, all solutions that are to be installed on child Notification Servers must be installed on the parent Notification Server.

    A few solutions or architectural components must be installed only on the parent Notification Server. For example, CMDB and Asset Management Solutions that gets installed as part of IT Management Suite installation. Do not install the CMDB and Asset Management Solutions on child Notification Servers.

  • Specify HTTPS communication only or both HTTP and HTTPS communications to access the Symantec Management Platform and to communicate with the client computers. You must perform this task when you have logged on to the Notification Server computer as an administrator.

    HTTP is unsecured and is subject to man-in-the-middle and eavesdropping attacks, which can let attackers gain access to website accounts and sensitive information. HTTPS is designed to withstand such attacks and is considered secure against such attacks. HTTPS mode of communication creates a secured channel for a communication that is more reliable and improves communication with client computers. To set up cloud-enabled management, you must configure the Notification Server computer to use only HTTPS communication.

    See About Cloud-enabled Management

    You can specify HTTPS communication on the Notification Server computer using any of the following methods:

    • Specify to use HTTPS communication when you install the IT Management Suite solutions.

      During the IT Management Suite installation on a computer, you can select to use HTTPS communication using the Symantec Installation Manager. You can select the HTTPS communication while specifying Notification Server settings on the Notification Server Configuration page in the installation wizard of the Symantec Installation Manager.

      See “To configure Notification Server settings and SQL database settings”

    • Set up HTTPS communication after the installation of IT Management Suite solutions is completed.

      After the ITMS solutions installation is completed and the Notification Server computer is set up, you can create an SSL certificate and import the newly-created SSL certificate. You must then configure the Notification Server computer to use the newly-created SSL certificate to set up HTTPS communication.

      See Configuring Notification Server to use HTTPS after ITMS installation is completed

  • Before you start a fresh installation of ITMS solutions or an upgrade to ITMS 7.5 SP1, you must check the SSL configuration for the SMP website. If the Require SSL option is selected for the SMP website in the IIS Manager, ensure that the Client Certificates: Require option is not selected.

    After the Symantec Management Platform (SMP) website is configured to Require SSL option with Client Certificates: Require option in the Internet Information Services (IIS) Manager, the configuration does not start and the installation process or the upgrade process fails. Additionally, a forbidden (403) error is displayed and an associated warning is reported in the Altiris Log Viewer.

  • Before you start installing ITMS 7.5 SP1, ensure that you use same database collation on all the servers that might participate in Notification Server hierarchy.

    Hierarchy is not supported on the servers that have different database collation on parent Notification Server and child Notification Server.