Create and augment a new dmgr profile on Linux
For a production environment you should install the dmgr on a server that is remote from the portal installation. Use pmt.sh or manageprofiles.sh to create the remote dmgr profile. In a test or dev environment, we can install the dmgr locally using the IBM Installation Manager. Skip these steps if we are using the Installation Manager to install a local dmgr profile on the primary node.
- Prerequisites
- Prepare the Linux operating system in a clustered environment
- Prepare the primary node on Linux
- Clustered environment: Install with GUI on Linux
- Clustered environment: Install with response file on Linux
Create and augment the dmgr profile
- If IBM WAS is not installed on the system you plan to use for the dmgr:
- Click the appropriate link under "Prerequisites" for installation instructions.
- Install IBM Installation Manager on the dmgr server.
- Add WebSphere Portal repositories
- Install WAS ND only
- We can either use an existing dmgr profile or we can choose one of the following options to create a default dmgr profile:
If we are using an existing dmgr profile, the profile must have been created with the "Management" profile template and not the "Cell" profile template. If the profile was created with the "Cell" profile template, follow the instructions to create a default dmgr profile.
Enable administrative security. If we use pmt.sh, check the enable administrative security check box. If we use manageprofiles.sh, add the -enableAdminSecurity true parameter.
pmt.sh
- Run...
cd WAS_HOME/bin/ProfileManagement
./pmt.sh
- Click Launch Profile Management Tool
- Click Create to create a new profile.
- On the Environment Selection panel, select Management, and then click Next.
- Select dmgr as the server type and then click Next.
- Select the button...
Advanced profile creation
- Check the box...
Deploy the administrative console
- On the panel...
Profile Name and Location
...provide the name for the new profile and its location in the file system. The name and location must be unique from other existing profiles. Click Next to continue.
We can also choose to select the check box...
Create the server using the development template
...to enable...to enable developer mode for this profile and the check box...
Make this profile the default
...to specify that this profile is the default profile in the system.
- On the Node, Host Names, and Cell Names panel, provide the node name and TCP/IP host name for the new profile.
To federate this profile, the node name must be unique from other profiles in the same management cell (under dmgr control). The host name must be a valid and reachable over the network. Enter the cell name for this dmgr. Click Next to continue.
- On the Administrative Security panel, check the box...
Enable administrative security
Enter values for the User name, Password, and Confirm password fields. Click Next to continue.
- On the Security Certificate (Part 1) panel, choose either...
- Create a new default personal certificate
- Import an existing default personal certificate
and choose either...
- Create a new root signing certificate
- Import an existing root signing certificate
Click Next to continue.
- On the Security Certificate (Part 2) panel, either provide the new certificate information or verify the existing certificate information. Click Next to continue.
- On the Port Values Assignment panel, change any necessary port values and then click Next.
- On the panel...
Service Definition
...specify whether or not the WebSphere Portal server in this profile is to be registered and controlled as a service. Click Next to continue.
- On the panel...
Profile Creation Summary
...review the information collected by the wizard, and then click Create to create the new profile based on the supplied information.
The port values presented in the summary value are overridden by the port values used by the servers present in the configuration archive provided as part of the portal profile template. These port values need to be adjusted after profile creation if they are in conflict with other ports on the local system.
- Click Finish to exit PMT.
manageprofiles.sh./manageprofiles.sh -create -templatePath WAS_HOME/profileTemplates/management -hostName hostname -profileName Dmgr01 -profilePath WAS_HOME/Dmgr01 -enableAdminSecurity true -adminUserName dmgradmin -adminPassword dmgrpass
- Collect files from the primary node and copy them to the remote dmgr:
- Copy...
PORTAL_HOME/filesForDmgr/filesForDmgr.zip
...to the remote dmgr server.
- Stop the dmgr.
- Expand the filesForDmgr.zip file into the installation root directory of the dmgr; for example in directory...
/opt/IBM/WebSphere/AppServer
If the dmgr profile was not created in the default Appserver/profiles/Dmgr01 directory, then...
Appserver/profiles/Dmgr01/config/.repository/metadata_wkplc.xml
...in the compressed file, must be copied into
DMGR_PROFILE/config/.repository
- Start the dmgr.
- Choose one of the following methods to augment a dmgr profile:
pmt.sh
- Run...
cd WAS_HOME/bin/ProfileManagement
./pmt.sh
- Click Launch Profile Management Tool
- Select the dmgr profile and then click Augment.
- On the Augment Selection panel, select dmgr for Portal, and then click Next.
- On the Profile Augmentation Summary panel, review the information collected by the wizard, and then click Augment.
- Click Finish to exit PMT.
manageprofiles.shcd WAS_HOME/bin ./manageprofiles.sh -augment -templatePath WAS_HOME/profileTemplates/management.portal.augment -profileName dmgrUse the continuation character "\" to avoid seeing the "not found" error message.
In this example, the profile template is installed under...
WAS_HOME/profileTemplates
The existing dmgr profile is named dmgr and is located under...
WAS_HOME/profiles/dmgr
- Stop and restart the dmgr server; see "Starting and stopping servers, dmgrs, and node agents" for information.
- If there are common shortnames between the default dmgr security configuration and the LDAP server:
- Log on to the dmgr console.
- Navigate to Security > Global security.
- Under User account repository, click Configure.
- In the Primary administrative user name field, alter the user ID so that is using the full distinguished user name. For the default file user registry, the syntax is...
uid=userID,o=defaultWIMFileBasedRealm
for example: uid=wpadmin,o=defaultWIMFileBasedRealm.
- Click Apply.
- Enter the password for the user and then confirm the password.
- Save all changes.
- Log out of the WAS admin console.
- If you changed the context root on the panel...
Configuration for IBM WebSphere Portal: Profile configuration details: Advanced
...during installation:
- Log on to the dmgr console.
- Go to Security > Global security.
- Click Trust association in the Web and SIP security section.
- Click Interceptors in the Additional Properties section.
- Click com.ibm.portal.auth.tai.HTTPBasicAuthTAI.
- Edit the urlBlackList and urlWhiteList parameters with the new context path; for example:
- urlBlackList: /wpsmodified/myportal*
- urlWhiteList: /wpsmodified/mycontenthandler*
- Click Apply.
- Save all changes.
- Log out of the dmgr console.
Parent: Set up a cluster on Linux
Previous: Prepare the primary node on Linux
Next: Prepare to create the cluster on Linux
Related:
Start and stop servers, dmgrs, and node agents
Start and stop servers, dmgrs, and node agents