Which certificate are you trying to generate - the one that encrypts the communication between the client and the appserver (one should have been generated during install) ?
You can't authenticate NSH w/o the NSH Proxy.
You can create entries in the users.local files on the target agents for the username of the client system username - so if you login to your desktop w/ 'youngso' you could add a line like:
youngso rw,map=root in the users.local file on the target agent.
then you can cd to the target from your desktop (assuming the network path is clear and the exports file allows the connection)
I would like to generate certificate on the user desktop to authenciate with application server using NSH. Please keep in mind that there is no agent installed on the user's desktop. So, within NSH, Iblcred cred -acquire -profile to authenicate the NSH shell. Then I could manage all endpoint without being at the application server.
Modify the user.local file didn't work for me. when I did cd \\machinename; it (machine) refused the connection.
Without the nsh proxy, you can't authenticate NSH. you can run blcred and get credentials but they won't be using by NSH unless you configure the client to use the NSH proxy.
what's in the exports file on the target system, and what's in the rscd.log on the target when you get rejected?
If you want to manage your hosts over nsh w/o the appserver (this was how version 4 of BladeLogic worked) you should only need to make sure:
-exports file on your target(s) allow connections from your client system or * eg:
<client ip> rw
-in the users or users.local file you have an entry for the client OS user like:
and you should be able to cd to the machine like
cd //<target server>
this also assumes the client system can talk to 4750/tcp on the target (eg no firewalls blocking access)
if that fails, you should look in the rscd.log on the target system and see why you are denied.