Home | Tasks | Commerce install | IHS install


Create WCS users and groups

 

+

Search Tips   |   Advanced Search


Overview

This document, and the Commerce pre-install document, describe UNIX tasks that must be completed by Mid-Tier Engineering (admins) before starting a Commerce install.

For official documentation on setting up users and completing Commerce pre-install tasks, see: Engineering Playbook


Commerce Configuration IDs

Web Appserver Database NDM Batch Endeca WXS
wasadmin wasadmin wasadmin wasadmin wasadmin wasadmin wasadmin
wasadmin03 wasadmin03 wasadmin03 wasadmin03 wasadmin03 wasadmin0 wasadmin03
rptat0101 rptat0101 rptat0101 rptat0101 rptat0101 rptat0101 rptat0101
wwwsupt wwwsupt wwwsupt wwwsupt wwwsupt wwwsupt wwwsupt
docusr002 docusr002

docusr002
mqm
rptat0102
endeca

Generate SAFE request to create the following groups on application server LPARs...

www wasadmin's group
was_group Used for sharing between wasadmin and rptat0101

Generate SAFE request to create the following users on web and application server LPARs...

ID HOME HOME group HOME perms Primary group Secondary groups Expire Rlogin Own .profile
wasadmin /home/wasadmin wasadmin:users 755 www nobody
was_group
mqsa00_g
mqta0f_g
ef_group
N N Y
wasadmin03 /home/wasadmin03 rptat0101:users 755 Users Staff N N Y
rptat0101

Create on DB2 server also

/home/rptat0101 rptat0101:users 755 was_group staff
users
mqsa00_g
ef_group
N N Y
rptat0102

Create on DB2 server also

/home/rptat0102 rptat0102:users 755 was_group staff
users
mqsa00_g
ef_group
N N Y
mqm /home/mqm mqm:users 755 mqm staff
was_group
wcsgroup
mqbrkrs
mqsa00_gg
N N Y
docusr00 /home/docusr00 docusr00:users 755 users staff
was_group
N N Y
root /root root: system 755 system bin
sys
security
cron
audit
lp
mqm
mqbrkrs
N N Y
docusr00 /home/docusr00 docusr00:users 755 users users
staff
was_group
N N Y

On staging servers only, wasadmin should be added to the unison group. This allows wasadmin to modify the maestro flow.

To verify..

lsuser wasadmin
ls -al /home/wasadmin
ls -al /home | grep wasadmin
lsuser rptat0101
ls /home/rptat0101
ls -al /home | grep rptat0101


Direct Logon

admins team enables direct logon for the IDs listed below. This is only applicable until OPSWARE is fixed in AIX 7

chuser rlogon = true
vi /etc/passwd
=xApp= put x in the line for each user ID you want to change
wasadmin
wasadmin03
rptat0101
wwwsupt


Set up .netrc

Create a .netrc file for users wasadmin and rptat0101.

Edit file and for each...

...add entry...

machine <remote hostname> login rptat0101 password <remote password>

Set perms on .netrc

chmod 700 .netrc


Manually create users and groups

For reference only. Use SAFE requests to create users and groups

  1. Create user wasadmin...

    sudo su -
    mkuser wasadmin
    passwd -f wasadmin
    mkgroup was_group
    chgrpmem -m + wasadmin was_group
    chgrpmem was_group

    Make was_group primary group of wasadmin

  2. On both database server and client nodes, make wasadmin and wasadmin members of the database user group (wasgrp01) and the DB2 Fenced user group (pocsa12f).

    To verify database user group exists...

    chgrpmem wasgrp01
    chgrpmem pocsa12f

    To add wasadmin to database user and fenced groups:

    usermod wasadmin -g wasgrp01 -G wasgrp01
    usermod wasadmin -g pocsa12f -G pocsa12f

  3. On the database node only, add the DB2 Fenced user group (pocsa12f) to the list of groups associated with the DB2 Database user ID (wasadmin).


Configure and verify

  1. Edit...

    /home/wasadmin/.profile

    ...and verify the current working directory is part of the PATH variable.

    PATH=$PATH:.:
    export PATH

    Set pathing environment variables...

    WC_INSTALL=/opt/WCS70
    WC_PROFILE=/opt/WAS70/profiles/myco
    export WC_INSTALL WC_PROFILE

  2. Verify that the wasadmin locale code is set properly.

    sudo su - wasadmin
    echo $LANG

    We want en_US

     

    Author: Michael Pareene
    Ascendant Technology
    michael.pareene@atech.com
    612.220.8725