IBM Support

Steps to use DataPower Domain Settings masked password-treatment feature

Question & Answer


Question

What steps are necessary to export or import domain content with the password-treatment set to masked.

Cause

The import process to retain password alias maps, previous user passwords, etc. within a previously obtained export requires extra steps or data can be lost during import.

Answer

Section 1. Exporting domain content with password alias maps included:

  1. Inside each of the domain(s) to be exported, in the WebGUI open Domain Settings, then follow Steps 2-4 inside each domain.
  2. Make sure Password Treatment is set to 'masked'
  3. Set the Passphrase to a value you will remember, this will be used later on in Section 2.  There is an 8 character minimum required.
  4. Save configuration
  5. After following the steps export the domain per one of the following options: https://www.ibm.com/support/knowledgecenter/en/SS9H2Y_7.7.0/com.ibm.dp.doc/configuration_backingupexporting.html

Section 2. Importing previously exported domain content:

Option 1: Create the domain and instantiate domain settings before import

  1. For each domain to import, in the WebGUI open Administration->Configuration->Application Domain in the default domain, add a new domain per the steps here: https://www.ibm.com/support/knowledgecenter/en/SS9H2Y_7.7.0/com.ibm.dp.doc/domains_creating.html
  2. In the upper right hand corner of the WebGUI switch to the newly created domain
  3. In the WebGUI Open Objects->Configuration Management->Domain Settings
  4. Set Password treatment to 'Masked'
  5. Set the Passphrase fields to the same value used in the previous domain export
  6. Import the domain configuration, however do not import the Domain Settings object
  7. Save Configuration

Option 2: Modify the export.xml file(s) before import to include the passphrase and assure password-treatment is still masked in domain-settings.

  1. Inside the export zip or domain zip if it is multiple domains there is an export.xml, open it within a notepad editor.
  2. Make sure the DomainSettings child element PasswordTreatment is set to masked
  3. Add a new element after PasswordTreatment is closed called Passphrase as the text of the element add the previous password used when exporting.
  4. Import the domain: https://www.ibm.com/support/knowledgecenter/en/SS9H2Y_7.7.0/com.ibm.dp.doc/configuration_importing.html
  5. During the import process where "The following configuration already exists:" check the box next to Domain Settings:default.

 

Example of the modified DomainSettings object inside an export.xml (default domain or custom domain):

<DomainSettings name="default" intrinsic="true" xmlns:dp="http://www.datapower.com/schemas/management" xmlns:env="http://www.w3.org/2003/05/soap-envelope"> <mAdminState>enabled</mAdminState> <PasswordTreatment>masked</PasswordTreatment><Passphrase>abcd1234</Passphrase></DomainSettings>

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"Component":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"7.6,2018","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
08 June 2021

UID

ibm11072866