Question & Answer
Question
How do I install a standalone Tivoli Access Manager WebSEAL server for IBM Intelligent Operations Center running in English?
Answer
IBM® Intelligent Operations Center installation can be changed so a stand-alone Tivoli® Access Manager WebSEAL server can be configured for the system.
About this task
The steps to configuring a stand-alone Tivoli Access Manager WebSEAL server are grouped into the following major areas:
1. Install the IBM Intelligent Operations Center stopping prior to installing cyber hygiene.
2. Install the Tivoli Access Manager WebSEAL server.
3. Update the System Verification Check properties.
4. Update the Tivoli Access Manager WebSEAL host name for the IBM Intelligent Operations Center portlets.
5. Update the Platform Control Tool.
6. Install and run cyber hygiene.
Procedure
Install the IBM Intelligent Operations Center stopping prior to installing cyber hygiene.
1. Following the instructions in the IBM Intelligent Operations Center documentation, install the IBM Intelligent Operations Center solution using either the IBM Installation Manager or step-by-step instruction. Stop before installing cyber hygiene.
Install the Tivoli Access Manager WebSEAL server.
2. Log on to the installation server as the root user. Open a terminal window.
3. Run the cd /opt/IBM/IOC/BA/ioc command.
4. Create a compressed directory containing all the files in the /opt/IBM/IOC/BA/ioc directory. The compressed directory will be a backup of the original files.
5. Copy the ioc.zip file included with this technote to the /opt/IBM/IOC/BA/ioc directory on the installation server.
6. Expand the ioc.zip file.
7. Edit the /opt/IBM/IOC/BA/ioc/topology/websealInstall.xml file.
a. Change xxxhostname to your Tivoli Access Manager WebSEAL host name.
b. Change xxxusername to your Tivoli Access Manager WebSEAL root user.
c. Change xxxpassword to your Tivoli Access Manager WebSEAL root user password.
8. Run the export JAVA_HOME=/opt/ibm/java-x86_64-60/jre command.
9. Run the export PATH=/opt/ibm/java-x86_64-60/jre/bin:$PATH command.
10. Install a new Tivoli Access Manager WebSEAL server.
a. Run the cd /opt/IBM/IOC/BA/ioc/bin command.
b. Run the ./ba.sh parameterizeTopology -t websealInstall -r ../topology/iop_lite_topo.properties -p passwordcommand. Where password is the topology password set during the installation. The default value is passw0rd.
c. After the previous command successfully completes, run the ./ba.sh installTopology -t websealInstall -p password command. Where password is the topology password set during the installation. The default value is passw0rd. All installation results should display [OK].
11. Add an application junction by running the ./ba.sh installTopology -t ioc_lite_topology -p password command. Where password is the topology password set during the installation. The default value is passw0rd.
12. Uninstall the original Tivoli Access Manager WebSEAL server by running the ./ba.sh doAction -t iop_lite_topo_phase1 -c webseal_server_a1 -action uninstall -p password command. Where password is the topology password set during the installation. The default value is passw0rd.
Update the System Verification Check properties.
13. Log on to the application server as the owner of the /opt/IBM/iss/iop/cat/portal/props directory. This would most likely be the root or ibmadmin user.
14. Open a terminal window.
15. Run the cd /opt/IBM/iss/iop/cat/portal/props command.
16. Edit the IopCatConfig.properties file.
17. Change all Error! Hyperlink reference not valid entries to http://your_webseal:80/. Where your_webseal is the host name of your Tivoli Access Manager WebSEAL server.
18. Change 0900.hosturl to http://{$APP_HOSTNAME_1}:80/.
19. Log off the application server.
Update the Tivoli Access Manager WebSEAL host name for the IBM Intelligent Operations Center portlets.
20. Log on to the data server as the db2inst1 user.
21. Run the following commands:
connect to IOCDB
update IOC.SysProp set Value='new_webseal' where Name='old_webseal'
select * from IOC.SysProp where Name='old_webseal'
Where new_webseal is the host name of your new Tivoli Access Manager WebSEAL server and old_webseal is the host name of the Tivoli Access Manager WebSEAL server on the application server.
Update the Platform Control Tool.
22. Log on to the management server as the root user.
23. Run the cd /opt/IBM/ISP/mgmt/scripts/ command.
24. Run the cp build.xml build.xml.org command to create a backup copy of the build.xml file which is named build.xml.org.
25. Copy the build.xml file included with this technote to the /opt/IBM/ISP/mgmt/script directory on the management server.
26. Stop and restart the WebSphere® Portal cluster.
a. Run the su - ibmadmin command.
b. Run the cd /opt/ibm/ISP/mgmt/scripts command.
c. Run the ./iopmgmt.sh stop wpe password command. Where password is the password defined when the Platform Control Tool was installed.
d. Wait for the stop operation to complete successfully.
e. Run the ./iopmgmt.sh start wpe password command. Where password is the password defined when the Platform Control Tool was installed.
Install and run cyber hygiene.
27. Following the instructions in the IBM Intelligent Operations Center documentation, modify the IBM Intelligent Operations Center installation using either the IBM Installation Manager or step-by-step instruction and install cyber hygiene.
What to do next
When configuring single sign-on for collaboration services during the post-installation configuration of IBM Intelligent Operations Center, make sure to import the LTPA key from the new Tivoli Access Manager WebSEAL server, and not the application server.
Related Information
[{"Product":{"code":"SS3NGB","label":"IBM Intelligent Operations Center"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Not Applicable","Platform":[{"code":"PF016","label":"Linux"}],"Version":"1.5","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]
Was this topic helpful?
Document Information
Modified date:
17 June 2018
UID
swg21610849