[IBM i]

Backing up security configuration files

Back up your security configuration files to prevent the loss of information due to a potential system failure.

About this task

Consider backing up the following security information:

Procedure

  • Back up your user profiles.

    When you use local OS security, back up your user profiles, using the normal save procedures for user profiles.

    For information about Lotus® Domino®, see the IBMIBM® Domino documentation.

  • Back up your security property files.

    Security settings are saved in several properties files. By default, these properties are located in the profile_root/properties directory. The default stand-alone profile name is default. If you define additional WebSphere® Application Server profiles, there are additional properties files located in the directories for those profiles.

    The following command saves all of the properties in the /SAS subdirectory:
    SAV DEV('/QSYS.lib/wsalib.lib/wsasavf.file')
OBJ(('profile_root/properties/sas*'))

    This previous command is on two lines for illustrative purposes only. Enter it as one continuous line

    You can save security property files while WebSphere Application Server is running.

  • Back up your HTTP configuration.

    The following information applies to IBM HTTP Server.

    Changes to the HTTP configuration are often made to enable WebSphere Application Server to serve servlets and JavaServer Pages (JSP) file requests and to enable WebSphere Application Server security. Consider saving your HTTP configuration as a part of your WebSphere Application Server backup and recovery. The IBM HTTP Server configurations are stored as members of the QATMHTTPC file in the QUSRSYS library. HTTP server instances are members of the QATMHINSTC file in the QUSRSYS library. The following example commands back up these files:
    SAVOBJ OBJ(QUSRSYS/QATMHTTPC)

SAVOBJ OBJ(QUSRSYS/QATMHINSTC)
  • Back up your key files.

    The key files contain certificates that are used by the security infrastructure for WebSphere Application Server. These certificates are also used for HTTPS transport between servers. Save all of the files in the profile_root/etc directory. Key files are contained in the profile_root/etc directory, but administrators might create and store these files in other directories.

  • Back up your validation lists.

    Passwords are stored as encrypted data in validation list objects when you use the OS/400® password encoding algorithm. The default validation list is /QSYS.LIB/QUSRSYS.LIB/EJSADMIN.VLDL, but you can change it in the administrative console by specifying it as a system property for the application server. See the information about administering application servers.