Below is the content of a recent article published on the IBM web site (http://www-1.ibm.com/support/entdocview.wss?rs=663&context=SSGSG7&q1=+tsm%20+sp2%20+xp%20+firewall&uid=swg21176160&loc=en_US&cs=utf-8&lang=en)
Regards, Andy Andy Raibeck IBM Software Group Tivoli Storage Manager Client Development Internal Notes e-mail: Andrew Raibeck/Tucson/[EMAIL PROTECTED] Internet e-mail: [EMAIL PROTECTED] The only dumb question is the one that goes unasked. The command line is your friend. "Good enough" is the enemy of excellence. ------------------------------------------------------------------------- Problem When deploying Windows XP Service Pack 2, Windows Firewall will be installed and activated automatically. It will restrict unsolicited incoming traffic in order to provide protection for computers against malicious users or programs. However, this will also prevent data from traveling between the TSM Client and TSM Server. Therefore, the user will need to make the changes listed below for TSM Client to function properly Cause The deployment of Windows XP Service Pack 2. Solution For more information regarding the Windows XP Service Pack 2, please refer to the Microsoft document: Deploying Windows Firewall Settings for Microsoft XP with Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyID=4454e0e1-61fa-447a-bdcd-499f73a637d1&displaylang=en For Command Line Client, Native GUI, Scheduler using polling mode: No action is required. For Web Client, Scheduler Service /w prompted mode managed by the CAD: 1. Bring up Control Panel. 2. Double click on Windows Firewall. 3. Click on the Exceptions Tab. 4. Click on Add Program. 5. Click on the Browse button. 6. Select the file ?dsmcad.exe? from the installation directory. Default is C:\Program Files\Tivoli\TSM\baclient\dsmcad.exe. 7. The focus will shift back to the Firewall Exception Tab once the executable is selected. Hit OK to finish the process. For Scheduler Service /w prompted mode NOT managed by the CAD: 1. Follow the above steps. 2. In step 6, look for the file ?dsmcsvc.exe? instead of ?dsmcad.exe?. For Command Line Scheduler /w prompted mode: 1. Follow the above steps. 2. In step 6, look for the file ?dsmc.exe? instead of ?dsmcad.exe?. In order to configure the Windows Firewall setting for large amount of machines, Netsh command syntax is available for creating batch file(s) to add program(s) to the Firewall Exception list. Please refer to Appendix B of the Microsoft document: Deploying Windows Firewall Settings for Microsoft XP with Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyID=4454e0e1-61fa-447a-bdcd-499f73a637d1&displaylang=en Command Syntax: set allowedprogram [ program = ] path [ [ name = ] name [ mode = ] ENABLE|DISABLE [ scope = ] ALL|SUBNET|CUSTOM [ addresses = ] addresses [ profile = ] CURRENT|DOMAIN|STANDARD|ALL ] An example of the command: netsh firewall set allowedprogram program="C:\Program Files\Tivoli\TSM\baclient\dsmc.exe" name="TSM Command Line Client" mode=disable
