Migrate with TAM for authentication enabled on a single node
When TAM security is configured for the existing environment and security is enabled for a single node, we can migrate to WAS, V7.0. Your profiles must be migrated using the migration tools to migrate product configurations.
Do not restart the WAS V7.0 server until after performing the following procedure. The migration tools omit some files that enable the server to start correctly.
After migrating the profiles additional steps are required when TAM security is configured.
- Copy the following files from the existing directory to the same directory for V7.0.
%WAS_HOME%\java\jre\PDPerm.properties %WAS_HOME%\java\jre\lib\security\PdPerm.ks %WAS_HOME%\java\jre\PolicyDirector\PDCA.ks- Edit the PD.properties file, and change the following settings:
appsvr-plcysvrs=null\:0:\:1 config_type=standaloneMake the appropriate changes to point to your TAM Policy Server...appsvr-plcysvrs=pdmgrd.test.gc.au.ibm.com\:7135\:1 config_type=full- Edit the PdPerm.properties file, and change all path names to the correct path name. Change the following configuration settings:
pdvar-home=C\:\\Program Files\\WebSphere\\AppServer\\java\\jre\\PolicyDirector baseGroup.PDJv1dugong-v2dugongMessageFileHandler.fileName=C\:\\Program Files\\WebSphere\\AppServer\\java\\jre\\PolicyDirector\\log/msg__v1dugong-v2dugong.log pdcert-url=file\:/c\:/progra~1/WebSphere/AppServer/java/jre/lib/security/PdPerm.ks baseGroup.PDJv1dugong-v2dugongTraceFileHandler.fileName=C\:\\Program Files\\WebSphere\\AppServer\\java\\jre\\PolicyDirector\\log/trace__v1dugong-v2dugong.log pd-home=C\:\\Program Files\\WebSphere\\AppServer\\java\\jre\\PolicyDirector java-home=C\:\\Program Files\\WebSphere\\AppServer\\java\\jre
Next steps
Also see the migration information with TAM for authentication that is enabled on multiple nodes with security enabled.
Related tasks
Migrate with TAM for authentication enabled on multiple nodes
Migrating, coexisting, and interoperating – Security considerations