Creating and augmenting a new Deployment Manager profile on Linux

For a production environment you should install your Deployment Manager on a server that is remote from your IBM® WebSphere® Portal installation. Use the Profile Management Tool or the manageprofiles command to create the remote Deployment Manager profile. In a test or development environment, you can install your Deployment Manager locally using the IBM Installation Manager. Complete the steps to creating and augmenting a new Deployment Manager profile if you are installing a remote Deployment Manager profile. Skip these steps if you are using the Installation Manager to install a local Deployment Manager profile on your primary node. A remote Deployment Manager profile is on a server that does not contain a WebSphere Portal installation.

Before you begin

Choose the appropriate installation option to install your Deployment Manager profile:
Prerequisites
Preparing your Linux operating system in a clustered environment
Preparing the primary node on Linux

About this task

Complete the following steps to create and augment the Deployment Manager profile:

Procedure

  1. Complete the following steps if IBM WebSphere Application Server is not installed on the system you plan to use for the Deployment Manager:
    1. Click the appropriate link under "Prerequisites" for installation instructions.
    2. Install or update the IBM Installation Manager on your Deployment Manager server.
    3. Add the same repositories that you used when installing WebSphere Portal on your primary node.
    4. Begin the installation process.
    5. Select the WebSphere Application Server Network Deployment installation package only and complete the installation process.
  2. You can either use an existing Deployment Manager profile or you can choose one of the following options to create a default deployment manager profile:
    Restriction: If you are using an existing Deployment Manager profile, the profile must have been created with the "Management" profile template and not the "Cell" profile template. If your profile was created with the "Cell" profile template, you must follow the instructions to create a default Deployment Manager profile.
    Important: While creating the default Deployment Manager profile, enable administrative security. If you use the Profile Management Tool, check the enable administrative security check box. If you use the manageprofile command, add the -enableAdminSecurity true parameter to the command line.
    Table 1. Steps to create a default deployment manager profile.
    Method Steps
    Profile Management Tool Complete the following steps to use the Profile Management Tool:
    1. Run the ./pmt.sh command from the AppServer_root/bin/ProfileManagement directory.
    2. Click Launch Profile Management Tool.
    3. Click Create to create a new profile.
    4. On the Environment Selection panel, select Management, and then click Next.
    5. Select Deployment Manager as the server type and then click Next.
    6. Select the Advanced profile creation radio button and then click Next.
    7. Check the Deploy the administrative console check box and then click Next.
    8. On the Profile Name and Location panel, provide the name for the new profile and its location in the file system. The name and location must be unique from other existing profiles. Click Next to continue.
      Note: You can also choose to select the Create the server using the development template check box to enable developer mode for this profile and the Make this profile the default check box to specify that this profile is the default profile in the system.
    9. On the Node, Host Names, and Cell Names panel, provide the node name and TCP/IP host name for the new profile. If you plan to federate this profile, the node name must be unique from other profiles in the same management cell (under Deployment Manager control). The host name must be a valid and reachable over the network. Enter the cell name for this deployment manager. Click Next to continue.
    10. On the Administrative Security panel, make sure that the Enable administrative security checkbox is checked. Enter values for the User name, Password, and Confirm password fields. Click Next to continue.
    11. On the Security Certificate (Part 1) panel, choose either the Create a new default personal certificate or the Import an existing default personal certificate radio button and choose either the Create a new root signing certificate or the Import an existing root signing certificate radio button. Click Next to continue.
    12. On the Security Certificate (Part 2) panel, either provide the new certificate information or verify the existing certificate information. Click Next to continue.
    13. On the Port Values Assignment panel, change any necessary port values and then click Next.
    14. On the Service Definition panel, specify whether or not the WebSphere Portal server in this profile is to be registered and controlled as a service. Click Next to continue.
    15. On the Profile Creation Summary panel, review the information collected by the wizard, and then click Create to create the new profile based on the supplied information.
      Tip: You should remember the WebSphere Integrated Solutions Console port value and the Deployment Manager SOAP connector port values as you need these values in the future.
      Note: The port values presented in the summary value are overridden by the port values used by the servers present in the configuration archive provided as part of the portal profile template. These port values need to be adjusted after profile creation if they are in conflict with other ports on the local system.
    16. Click Finish to exit PMT.
    manageprofile command 
    ./manageprofiles.sh -create -templatePath AppServer_root/profileTemplates/management 
		-hostName hostname
		-profileName Dmgr01 
		-profilePath AppServer_root/Dmgr01 
		-enableAdminSecurity true 
		-adminUserName dmgradmin 
		-adminPassword dmgrpass
  3. Collect files from the primary node and copy them to the remote Deployment Manager profile:
    1. An archive or compressed file is placed in the PortalServer_root/filesForDmgr directory during installation; the file is called filesForDmgr.zip. Copy the filesForDmgr.zip file to the remote Deployment Manager server.
    2. Stop the deployment manager.
    3. Expand the filesForDmgr.zip file into the installation root directory of the remote Deployment Manager; for example in the /opt/IBM/WebSphere/AppServer directory.
      Note: If the Deployment Manager profile was not created in the default AppServer\profiles\Dmgr01 directory, then the metadata_wkplc.xml file, located in the AppServer/profiles/Dmgr01/config/.repository\metadata_wkplc.xml directory in the compressed file, must be copied into the config/.repository subdirectory under the Deployment Manager profile directory.
    4. Start the deployment manager.
  4. Choose one of the following methods to augment a deployment manager profile:
    Table 2. Choosing between the Profile Management Tool and the manageprofiles task to augment a deployment manager profile.
    Option Steps
    Profile Management Tool Complete the following steps to use the Profile Management Tool:
    1. Run the ./pmt.sh command from the AppServer_root/bin/ProfileManagement directory.
    2. Click Launch Profile Management Tool.
    3. Select your Deployment Manager profile and then click Augment.
    4. On the Augment Selection panel, select Deployment Manager for Portal, and then click Next.
    5. On the Profile Augmentation Summary panel, review the information collected by the wizard, and then click Augment to augment the Deployment Manager profile with WebSphere Portal.
    6. Click Finish to exit PMT.
    manageprofiles command Run the following command from the AppServer_root/bin directory:
    ./manageprofiles.sh -augment -templatePath 
AppServer_root/profileTemplates/management.portal.augment
			-profileName dmgr01
    Tip: If you have a long command, use the continuation character "\" to avoid seeing the "not found" error message.

    In this example, the profile template is installed under the AppServer_root/profileTemplates directory. The existing Deployment Manager profile is named dmgr and is located under the AppServer_root/profiles/dmgr directory.
  5. Stop and restart the Deployment Manager server; see "Starting and stopping servers, deployment managers, and node agents" for information.
  6. Complete the following steps if there are common shortnames between the default Deployment Manager security configuration and the LDAP server:
    1. Log on to the Deployment Manager WebSphere Integrated Solutions Console.
    2. Navigate to Security > Global security.
    3. Under User account repository, click Configure.
    4. In the Primary administrative user name field, alter the user ID so that is using the full distinguished user name. For the default file user registry, the syntax is uid=userID,o=defaultWIMFileBasedRealm; for example: uid=wpadmin,o=defaultWIMFileBasedRealm.
    5. Click Apply.
    6. Enter the password for the user and then confirm the password.
    7. Save all changes.
    8. Log out of the WebSphere Integrated Solutions Console.
  7. Complete the following steps if you changed the context root on the Configuration for IBM WebSphere Portal: Profile configuration details: Advanced panel during installation:
    1. Log on to the Deployment Manager WebSphere Integrated Solutions Console.
    2. Go to Security > Global security.
    3. Click Trust association in the Web and SIP security section.
    4. Click Interceptors in the Additional Properties section.
    5. Click com.ibm.portal.auth.tai.HTTPBasicAuthTAI.
    6. Edit the urlBlackList and urlWhiteList parameters with the new context path; for example:
      • urlBlackList: /wpsmodified/myportal*
      • urlWhiteList: /wpsmodified/mycontenthandler*
    7. Click Apply.
    8. Save all changes.
    9. Log out of the Deployment Manager WebSphere Integrated Solutions Console.