Scribd
Upload
87 views

WAS Admin Notes - 3

The document provides steps to install WebSphere Application Server 7.0 Network Deployment and configure profiles, servers, security and custom user registry. It includes instructions on installing WAS ND, creating cell, node and custom profiles using profile management tool, federating servers to the deployment manager, configuring global security using local OS registry and custom user registry, and assigning administrative roles.

Uploaded by

krishna m
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
87 views

WAS Admin Notes - 3

The document provides steps to install WebSphere Application Server 7.0 Network Deployment and configure profiles, servers, security and custom user registry. It includes instructions on installing WAS ND, creating cell, node and custom profiles using profile management tool, federating servers to the deployment manager, configuring global security using local OS registry and custom user registry, and assigning administrative roles.

Uploaded by

krishna m
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 56

WebSphere Application Server 7.

0 Network Deployment
Installation:
----Go to C:\Documents and Settings\Administrator\Desktop\Websphere_7.0\WAS\install.exe
Click install.exe

Click Next.
Accept the License.

Click Next.
Click Next.
No need to check anything.

Click Next.
Click Next.
Select None.
Note: from WAS ND 6.1 0nwards one more profile will add.
Dmgr01
Ie.. Cell Profile (AppSrv01 Profile will automatically federated to dmgr)
AppSrv01

Click Next.
Click Yes.
Uncheck Create a repository for Centralized Installation Managers.(New feature in 7.0).

Click Next.

Click Next.
Uncheck create a new WebSphere Application Server Profile using the Profile Management
Tool.
Click Finish.
---- Compared with 6.0 in 7.0 three more profiles will add.
Profile Creation Using Profile Management Tool:
---- Go to C:\IBM_ND_7.0\WebSphere\AppServer\bin\ProfileManagement\pmt.bat
(Or)
Using Profile Management Tool.

Click Launch Profile Management Tool.


Click On create.
Select Cell (deployment manager and a federated application server).

Click Next.
Select Advanced Profile Creation Radio button.

Click Next.
Click Next.

Click Next.
Click Next.
Uncheck Enable administrative security.
Click Next.

Click Next.
Click Next.
Click Next.
Click Next.
Uncheck Run deployment manager process as a Windows service.
Startup type: Manual.

Click next.
Uncheck Create a Web server definition.

Click Next.

Click Create.
Click Finish.
Q) How could you know whether the federation had done without login to dmgr console?
Ans: First we have to check the server status of dmgr.

---- Login to dmgr admin console using url http://rajasekhar-pc:9066/ibm/console

---- But the server status is unavailable.


There is a problem with synchronization. For that we need to synchronize the node features to
dmgr using the below command.

--- Check the server status of AppSrv01 profile.

---- Start the node on AppSrv01 Profile.

---- Start server on AppSrv01 Profile.

---- Login to dmgr console and check whether the server has started or not.
Creating Custom Profile using Profile management tool:
---Go to Profile Management Tool.

Click Launch Profile Management Tool.

Click on Create.
Select Custom Profile.

Click Next.
Click Next.

Click Next.
Click Next.
If we check Federate this node later, we have to add the node to dmgr using below command
after successful completion of Custom profile creation.
----

Click Next.
Click Next.
Click Next.
Click Next.
Click Create.

Click Finish.
Federation in WAS 7.0
---- Login to dmgr console.
http://rajasekhar-pc:9066/ibm/console/login.do
---- Go to Servers select WebSphere Application Servers under server type.
Click on New.
In select Node drop down list select app_Node01 (ND 7.0.0.0).
Server Name: server3.

Click Next.

Click Next.
Click Next.

Click Finish.
Click on Review.
Check Synchronize changes with Nodes.

Click save.
Click Ok.
---- Start the server3.
Adding the server under Custom Node.
---- Select servers under that select server types in that select WebSphere Application Servers.

Click on New.
Under select node drop down list select Custom_Node01 (ND 7.0.0.0)
Server name: server4

Click Next.

Click Next.

Click Next.
Click Finish.

Click on Review.
Check Synchronize changes with Nodes.

Click Save.
Click Ok.
Check the server4. Click start.
Global Security in WAS 7.0 ND
Steps to configure global security by using local os registry:
1) Create user accounts in your local os.
2) Assign passwords fro that account.
3) Login to the admin console and expand security.
4) Select secure administration, applications and infrastructure option.
5) Select security configuration wizard.
6) Select local os option to configure with local os registry.
7) Provide user id and password.
8) Under LTPA authentication mechanism, confirm the password once again.
9) Enable administrative security check box.
10) Select local operating system under available realm definitions.
11) Save the changes and restart the server.
12) Now access the admin console using http://<host-name>:9045/ibm/console (We have
to check in dmgr01 server index.xml for secure port).
13) Provide user name and password to login admin console.
Process:
---- Go to dmgr console.
--- Select Global Security under Security.
Click on Security Configuration Wizard.
Uncheck Enable application Security.

Click Next.
Select Local Operating System radio button.
Click Next.
Primary Administrative Name: test123.

Click Next.

Click Finish.
Click Review.
Check Synchronize Changes with Nodes.

Click Save.

Click Ok.
---- Click LTPA under Authentication.
Password Confirmation: test123.

Click Apply.
Click Review.
Check Synchrinize changes with Nodes.

Click Save.

Click Ok.
---Check Enable administrative security.
Select Local Operating System Registry under Available realm definitions.
Click Apply.

Click on Review.
Check Synchronize changes with Nodes.
Click Save.

Click Ok.
---- Logout dmgr console
Stop the dmgr console.

Start the dmgr.

----- Login to dmgr console using url https://rajasekhar-pc:9049/ibm/console/logon.jsp


----- Providing roles to other users of dmgr admin console.

There are 8 types of roles in WAS 7.0 ND.


1) Admin Security Manager.
2) Administrator.
3) Auditor.
4) Configurator.
5) Deployer.
6) ISC Admins.
7) Monitor.
8) Operator.
---- Go to Administrative User Roles under Users and Groups.

Click On Add.
Click on Search.

Select Administrator Role for RAJASEKHAR-PC\\admin user.


Click on Add button.

Click Ok.
Click on Review.
Check synchronize changes with Nodes (admin-authz.xml will update under dmgr cell).

Click Save.

Click Ok.
---- Do the same for remaining users for config, operator, and monitor.

----- Logout the dmgr console.


--- Stop the dmgr.

Click Ok.
---- Start the dmgr.

---- Login to each user account. Login to admin user account and check the roles.
He is having full control rights on dmgr console, like crate new servers and applications, start or
stop servers and applications etc…..
----Login to config user account.

He is responsible to configure new servers and applications but not having the authority to stop and
start servers and applications.
---- Login to Operator.

He can do only start/stop and Restart the servers and applications.


---- Login to Monitor.

These users will only monitor the applications & servers are up and running. He can’t do anything.
Export: Backup the application. No need to stop the server.
Export DDL: It will backup only queries of the application.
Custom User Registry:
Steps to follow to create custom user registry:

1) Create two files a) users. Registry and b) groups.registry.


2) Add user accounts information under users.registry file.
3) Add group’s information under groups.registry.
4) Login to dmgr console and expand Security.
5) Select the secure administration, applications and infrastructure option.
6) Select security configuration wizard and select custom user registry option.
7) Create two variables usersFile and groupsFile.
8) Provide the absolute path of users.registry and groups.registry as a value for those
variables.
9) Enable administrative security check box and select custom registry under available
realm definitions.
10) Save the changes and restart server.
11) Login to the admin dmgr admin console by using http://rajasekhar-pc:9045/ibm/console

You might also like