Maximo SaaS Flex - Enhanced Access DEV Environment - Description, Limitations & Restrictions
Maximo SaaS Flex customers can order one or more Enhanced Access DEV environment(s). This type of environment is optional and available at an added cost. It is designed to allow customers who will be performing configuration and customization work more flexibility and less dependence on the IBM Cloud Delivery Services team to execute back-end configuration tasks. The MAXDEV environment has the following architecture:
(1) Windows Maximo Application Server running WebSphere
(1) Linux Database Server running IBM DB2 (or Oracle if specifically provisioned)
Customers gain direct access to the Maximo Application Server console via RDP (Windows Remote Desktop) using CDS provided OpenVPN client software. This allows them to connect and login as a standard windows user. Up to five (5) windows user accounts can be created per environment. OpenVPN and Windows user accounts can be requested by submitting case in the IBM Support Community after environment have been provisioned.
Features include:
Access to the Maximo Application Server filesystem using File Manager or DOS command prompt (for running configdb, installing class file extensions, etc)
IBM WebSphere UserID (Administrator Role) for direct management and deployment of EAR files via the WebSphere console
Database UserID's allowing Read and Write access to the corresponding DEV database using IBM Data Studio or SQL tools.
Note: Read access is provided by default. Write access must be specifically requested.BIRT Report Designer setup (on a per-request basis - must be requested by customer via case ticket submission).
Limitations
It is important to note that customers will not have Windows Administrator access to the Maximo DEV Application Server. This restriction is required in order for IBM to maintain corporate ITSS cloud security and compliance guidelines. The IBM SRE team configures all DEV accounts with standard windows user access; meaning customers cannot perform the tasks listed below:
Windows Server shutdown or restart
Installing and uninstalling applications
Use of IBM Installation Manager
Stop / Start or Restart of Windows Services
Changing settings for Windows Firewall
Running Registry Editor (REGEDIT)
Killing processes from the DOS command line
Running an Application as an Administrator
Changes to system-wide settings
Changes to files in folders that standard users don't have permissions for (such as %SystemRoot% or %ProgramFiles% in most cases)
Changes to an access control list (ACL), commonly referred to as file or folder permissions
Installing device drivers
Installing ActiveX controls
Changing UAC settings
Configuring Windows Update
Adding or removing user accounts
Changing a user’s account type
Turning on file sharing or media streaming
Running Task Scheduler
Restoring backed-up system files
Viewing or changing another user’s folders and files
Running Disk Defragmenter
Change power settings, turning off Windows features, uninstall, change or repair a program
Requests for any of the above tasks requires review and IBM SRE approval. A case must be submitted in the IBM Support Community detailing the request along with justification.
Database Server Access
Direct access to the DEV database server console (i.e. Linux SSH login) is not permitted. Read/Write access to the DEV database itself is allowed via SQL or related tools from a) the Maximo Dev App Server console or b) Customer remote client workstations via a properly configured OpenVPN account or site-to-site VPN. Setup of VPN access can be requested via service request (case) ticket submission. Database access accounts must then be created by the SRE team in order for customers to connect. For more information on Direct Database Access, click here
SFTP Access
Enhanced Access DEV environments do not have SFTP access. File transfers must be performed using the Remote Desktop Connection (RDC) 'Local Resources' tab.