Preparing necessary security authorizations

Depending on your security policy, you might need a user ID and password to complete tasks such as creating files and folders and accessing the database. Prepare secure user IDs to prevent problems when the servers attempt to access protected data.

Before you begin

  • Complete the design of your database.
  • Determine the authentication system to use, for example, Lightweight Directory Access Protocol (LDAP).
  • Determine what controls are in place that affect the authorizations required for your IBM® Business Automation Workflow installation.
  • Identify the systems on which you are installing the product.

About this task

The security policies for your site enables global security which indicates that you require specific authorities to install software, create databases or tables, or access databases. To successfully install and operate the product you must do these steps. Refer to IBM Business Automation Workflow security overview for more information about IBM Business Automation Workflow roles and groups.

Procedure

To prepare security authorizations for an IBM Business Process Manager database, complete the following steps:

  • Prepare a list of user IDs and passwords that have authority to install software on the systems. You must run the installation wizards for IBM Business Automation Workflow user IDs that have the authority to create files and folders.
  • For AIX operating systemFor Linux operating systemIf you are installing in group mode, set up the installation user group and add the appropriate users. Create the Installation Manager installation folder and change the ownership to the installation group. Change the access rights for the group on the folder to ensure they have read, write, and execute authority. Then install Installation Manager in group mode.
    For more information, see the Installation Manager documentation topic Administrator, nonadministrator, and group mode.
  • Prepare a list of user IDs, passwords, and roles that are needed for daily operations of the system:
    • Administrative console user IDs and roles to limit capabilities. You can have user IDs for configuring, administering, or monitoring roles.
    • User IDs for each system bus to authenticate system communications.
    • This topic applies only to the IBM Business Automation Workflow Advanced configuration.Administrative and monitoring user IDs or groups for each Business Process Choreographer container for authentication with Business Flow Manager and Human Task Manager.
    • This topic applies only to the IBM Business Automation Workflow Advanced configuration.User IDs or groups for synchronous calls to authenticate with Business Flow Manager and Human Task Manager.
  • Prepare a list of user IDs and passwords that the system uses to access the database tables that it uses during operation.
  • Optional: Prepare a list of user IDs and passwords that the system uses to create databases or database tables during installation. Your site policies might restrict this authority to the database administrator. In this case, you must provide generated scripts to the administrator to create the databases or database tables.

Results

You can install and operate your servers in a secure environment.