Tivoli Access Manager for e-Business WebSEAL, Patch 5.1.0-TIV-AWS-FP0039

Installation Instructions

3.0 BEFORE INSTALLING THIS PATCH
--------------------------------
Before installing this patch, review the following prerequisites and
dependencies.


3.1 Back up Tivoli Access Manager data

Before applying any maintenance, be sure to back up your system. Use
the pdbackup command provided with the Tivoli Access Manager product
to back up Tivoli Access Manager-specific data. Documentation for the
pdbackup command is located in the "IBM Tivoli Access Manager Command
Reference, Version 5.1."


3.2 Upgrade GSKit to Version 7.0.4.28

Upgrade the IBM Global Security Toolkit (GSKit) to version 7.0.4.28
BEFORE installing the Tivoli Access Manager packages in this patch.

The updated GSKit installation packages may be downloaded at the URL:

https://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=gskitupdt&S_PKG=GSKit_7.0.4.28

After downloading the updated GSKit installation packages, use the
instructions located in the 5.1.0-TIV-TAM-FP0039.README to install the upgraded
GSKit packages.


4.0 INSTALLING THIS PATCH
-------------------------
Before installing this patch, be sure that you have reviewed the
prerequisites and have completed the back up procedure in section 3.0,
"BEFORE INSTALLING THIS PATCH".

If the Tivoli Access Manager product is distributed over multiple machines,
this patch must be applied to all WebSEAL systems within a secure domain.

This README assumes that $PATCH (or %PATCH% for Windows) is the path to
your temporary directory.


4.1 Installing this patch on AIX systems

1. Log in to the system as root.

2. Extract the archive into a temporary directory. For the
purpose of this README, assume that the symbol $PATCH
points to this temporary directory.

3. Stop the Tivoli Access Manager processes:

/opt/pdweb/bin/pdweb_start stop

4. At the command prompt, enter the following:

installp -a -g -X -d $PATCH <package>

where <package> is one of the following:

PDWeb.RTE Specifies the Access Manager Web Security Runtime
PDWeb.Web Specifies the Access Manager WebSEAL Server
PDWeb.ADK Specifies the Access Manager Web Services ADK
PDWeb.ARS Specifies the Access Manager Attribute Retrieval Service

5. Restart the Tivoli Access Manager processes:

/opt/pdweb/bin/pdweb_start start



4.2 Installing this patch on HP-UX systems


1. Log in to the system as root.

2. Extract the archive into a temporary directory. For the
purpose of this README, assume that the symbol $PATCH
points to this temporary directory.

3. Stop the Tivoli Access Manager processes:

/opt/pdweb/bin/pdweb_start stop

4. At the command prompt, enter the following:

swinstall -s $PATCH/<package> <patch>

where <package> and <patch> are one of the pairs
from the following table:

<package> <patch>
--------------------------------- -------------
PDWEBRTE000510-39.depot PDWebRTE
PDWEB000510-39.depot PDWeb
PDWEBADK000510-39.depot PDWebADK
PDWEBARS000510-39.depot PDWebARS

5. Restart the Tivoli Access Manager processes:

/opt/pdweb/bin/pdweb_start start


4.3 Installing this patch on Linux systems


1. Log in to the system as root.

2. Extract the archive into a temporary directory. For the
purpose of this README, assume that the symbol $PATCH
points to this temporary directory.

3. Stop the Access Manager processes.

/opt/pdweb/bin/pdweb_start stop

4. At the command prompt, enter the following:

rpm -U <patchname>

where <patchname> is one of the following:

Linux on xSeries(R)

PDWebRTE-PD-5.1.0-39.i386.rpm
PDWeb-PD-5.1.0-39.i386.rpm
PDWebADK-PD-5.1.0-39.i386.rpm
PDWebARS-PD-5.1.0-39.i386.rpm

Linux on zSeries

PDWebRTE-PD-5.1.0-39.s390.rpm
PDWeb-PD-5.1.0-39.s390.rpm
PDWebADK-PD-5.1.0-39.s390.rpm
PDWebARS-PD-5.1.0-39.s390.rpm

Linux on pSeries(R) and iSeries

PDWebRTE-PD-5.1.0-39.ppc.rpm
PDWeb-PD-5.1.0-39.ppc.rpm
PDWebADK-PD-5.1.0-39.ppc.rpm
PDWebARS-PD-5.1.0-39.ppc.rpm


Note:
If Tivoli Access Manager is already configured, you
might need to install with the --noscripts flag:

rpm -U --noscripts <patchname>

5. Restart the Tivoli Access Manager processes:

/opt/pdweb/bin/pdweb_start start


4.4 Installing this patch on Solaris Operating Environment systems

1. Log in to the system as root.

2. Extract the archive into a temporary directory. For the
purpose of this README, assume that the symbol $PATCH
points to this temporary directory.

3. Stop the Tivoli Access Manager processes:

/opt/pdweb/bin/pdweb_start stop

4. At the command prompt, enter the following:

cd $PATCH
patchadd <package>

where <package> is one of the following:


PDWEBRTE000510-39 Specifies the TAM Web Security Runtime
PDWEB000510-39 Specifies the TAM WebSEAL Server
PDWEBADK000510-39 Specifies the TAM Web Services ADK
PDWEBARS000510-39 Specifies the TAM Attribute Retrieval Service


5. Restart the Tivoli Access Manager processes:

/opt/pdweb/bin/pdweb_start start


4.5 Installing this patch on Windows systems

1. Log in to the Windows system as the Administrator.

2. Shut down the Tivoli Access Manager WebSEAL server:
a. From Control Panel -> Services click Access Manager
WebSEAL Server and then click Stop.
b. To confirm this action, click Yes.

3. Unpack the self-extracting archive into a temporary
directory. For the purpose of this README, assume that
%PATCH% points to this temporary directory.

4. Change to the patch directory and run the install command:

cd %PATCH%
5.1.0-TIV-AWS-FP0039-WIN.exe

Note: If, for any reason, you have to reboot your system to
complete this installation (for example, to overcome a
shared DLLs problem), you might subsequently encounter a
problem running the Web Portal Manager to access the console.
If this happens, confirm that the WebSphere service is
running. The WebSphere service is installed in manual startup
mode and might not be running after a reboot.

5. Restart the Tivoli Access Manager WebSEAL server:

From the Windows Start menu, click:

a. Settings -> Control Panel -> Administrative Tools -> Services
b. Click Access Manager WebSEAL Server -> Start
c. Click IBM WS AdminServer -> Start



5.0 UNINSTALLING THIS PATCH
---------------------------

NOTE: Uninstallation is not available on Microsoft Windows systems.

If the Tivoli Access Manager product is distributed over multiple machines,
uninstall this patch on those systems in the reverse order as it was applied.

To remove the patch on UNIX systems, perform the following steps.

1. Log in to the system as root.

2. Stop the Tivoli Access Manager processes:

/opt/pdweb/bin/pdweb_start stop

3. At the command prompt, enter the following:

On AIX, reject the applied patch:

installp -r <package>

where <package> is one of the following:

PDWeb.RTE
PDWeb.ADK
PDWeb.Web
PDWeb.ARS


On HP-UX, remove the patch:

swremove <patch>

where <patch> is one of the following:

PDWebRTE
PDWeb
PDWebADK
PDWebARS


On Linux, apply the previous patch level:

rpm -U --oldpackage <old_package>

where <old_package> is one of the following:

Linux on xSeries

PDWebRTE-PD-5.1.0-0.i386.rpm
PDWeb-PD-5.1.0-0.i386.rpm
PDWebADK-PD-5.1.0-0.i386.rpm
PDWebARS-PD-5.1.0-0.i386.rpm

Linux on zSeries

PDWebRTE-PD-5.1.0-0.s390.rpm
PDWeb-PD-5.1.0-0.s390.rpm
PDWebADK-PD-5.1.0-0.s390.rpm
PDWebARS-PD-5.1.0-0.s390.rpm


Linux on pSeries and iSeries

PDWebRTE-PD-5.1.0-0.ppc.rpm
PDWeb-PD-5.1.0-0.ppc.rpm
PDWebADK-PD-5.1.0-0.ppc.rpm
PDWebARS-PD-5.1.0-0.ppc.rpm


On Solaris, remove the patch:

patchrm <package>

where <package> is one of the following:

PDWEBRTE000510-39
PDWEB000510-39
PDWEBADK000510-39
PDWEBARS000510-39


4. Restart the Tivoli Access Manager processes:

/opt/pdweb/bin/pdweb_start start