STEP 8. Configuring IBM ADDI Search Service

Edit online
Follow the configuration steps that are needed to have up and running IBM® ADDI Search Service:
  1. Configure the parameters that are present in the conf.yaml file
  2. Make IBM AD Search Service available in IBM AD Configuration Server
    Note: IBM AD Search Service is necessary for the Search in Files functionality to work. It is mandatory to have IBM AD File Service installed, configured and up and running.
  3. Restart IBM AD Search Service

1. Configure the parameters that are present in the conf.yaml file

Important: The configuration of the following parameters is not mandatory. It is recommended to follow below steps only in case that you had previously configured these parameters and you performed an upgrade to the latest version of IBM ADDI product.
On the machine where IBM AD Search Service is installed, go to <IBM ADDI Installation Folder>/IBM Application Discovery Search Service/conf/ and make sure that the conf.yaml is present. If the conf.yaml file is not present in the /conf folder, go to <IBM ADDI Installation Folder>/IBM Application Discovery Search Service/sample-conf/ and copy the conf.yaml file in the /conf folder. Open the conf.yaml file by using a text editor and enter the desired values for the parameters that are detailed below.
Note: The parameters are represented in YAML as mappings that consist of a parameter key and the value that is associated to that key. The format of the mapping is the parameter key represented by a string, which is terminated by a trailing colon that is followed by a space. The value for that parameter key is represented by a string that follows the key's colon and space. Example:
my_parameter: my_value
  1. Set the https parameter as follows:
    1. If the https parameter is set to false, a non-secured communication is used.
      #if communication should be secured with TLS
https: false
    2. If the https parameter is set to true, a secured communication is used.
      Note: This step implies the use of certificates. If you want to set the communication to be secured, make sure that a certificate authority issues a signed certificate (.crt) and a private key for the certificate (.key).
      #if communication should be secured with TLS
https: true
    Note: If the https parameter is set to true, an additional step needs to be performed. Locate startServer.bat file under <IBM ADDI Installation Folder>/IBM Application Discovery Search Service/ and replace the following line:
    set tlsoptions=
    with:
    SET keystorepath=<"path_to_keystore">
SET keystorepass=<"password_of_keystore">
set tlsoptions=-Djavax.net.ssl.keyStore="%keystorepath%" -Djavax.net.ssl.keyStorePassword="%keystorepass%"
    Where:
    • Path to keystore is the path to the keystore that holds the certificate for IBM AD Search Service.
    • Keystore password is the keystore password.
  2. Leave blank the line where the authSrv parameter is present if Authentication Server (DEX) is not needed.
    #authentication server URL
authSrv:
    Otherwise, set the authSrv parameter as follows:
    1. If the value of the https parameter is set to true, add the URL of Authentication Server (DEX) where authSrv parameter is present. Authentication Sever (DEX) that belongs to the IBM AD package is used. For more information, see STEP 4. (Optional) Configuring Authentication Server (DEX). Example:
      #authentication server URL
authSrv: https://WIN-ASK7V692EKB.ferdinand2.com:7600/dex
    2. If the value of the https parameter is set to false and the Authorization and Authentication feature is enabled, add the URL of Authentication Server (DEX). Example:
      #authentication server URL
authSrv: http://WIN-ASK7V692EKB.ferdinand2.com:7600/dex
  3. The default value of the disableAuth parameter is true. Leave the default value if Authentication Server (DEX) is not needed.
    #disable authentication/authorization. allow all files to be sent
disableAuth: true
    Otherwise, set the disableAuth parameter to false. The false value keeps enabled the authentication.
    #disable authentication/authorization. allow all files to be sent
disableAuth: false
  4. Optionally, the main path where the indexes are created for each project, can be overwritten by the following configuration. This path needs to be identical to the one present under <IBM ADDI Installation Folder>/IBM Application Discovery Batch Server/conf/project.properties, where the project.projectName.index.indexFolder parameter is present.
    #optional
#overrides indexPath for a specific project.
projects:
   - project: Project1
     path: C:\Index\Indexes\Project1

2. Make IBM ADDI Search Service available in IBM ADDI Configuration Server

IBM ADDI Search Service is responsible with the access to the indexed data. The folder path in which the indexes are generated needs to be accessible for both IBM ADDI Batch Server and IBM ADDI Search Service.

After IBM AD Search Service is up and running, go to IBM AD Configuration Server and make IBM AD Search Service available for the other IBM ADDI components as follows:
  1. Access Start Menu > IBM Application Discovery and Delivery Intelligence > Launch IBM Application Discovery Configuration Service Admin, and go to Configure > Environments > "Your environment" > Services > Search Service. The Search Service settings page is displayed.
  2. Add the path where the indexes are created. This path needs to have as an endpoint the same folder where the indexes are stored. Example:
    \\server01\Indexes
  3. Optionally, the main path where the indexes are created for each project, can be overwritten. Click Add, select the target project, and add the path where the indexes are created for the target project.
  4. Click Save.

3. Restart IBM ADDI Search Service

  • On Windows
    1. Once the configuration is done, go to the Dashboard tab, in IBM ADDI Configuration Server, click the menu button of Search Service, and select Restart Service.
      Note: Wait until the service is restarted, this can take a few minutes to complete.
    2. Click Start, select Run, type services.msc and start IBM Application Discovery Search Service.
    3. If the service does not start, check the search.log file under <IBM ADDI Installation Folder>/IBM Application Discovery Search Service/log folder.