Add a database user registry on Windows in a clustered environment

Add a database user registry to the default federated repository to store user account information for authentication and authorization. We can add multiple database user registries to the default federated repository although we can only add one database user registry at a time.

In a clustered environment, start the dmgr and nodeagent and verify they are able to synchronize.

Add a database user registry to the default federated repository

repeat these steps for each additional database user registry to add:

Complete these steps on the primary node only.

To help ensure correct properties, we can use...

WP_PROFILE/ConfigEngine/config/helpers/wp_add_DB.properties

For information about creating databases manually on a Windows clustered server, see the related links.

1. Run backupConfig

2. Set up a new database, including creating a new user with appropriate database privileges:

   Database	Steps
   DB2	Create a DB2 database: Install DB2. Enter the following database tuning commands: db2 "CREATE DB dbname using codeset UTF-8 territory us PAGESIZE 8192" db2 "UPDATE DB CFG FOR dbname USING applheapsz 4096" db2 "UPDATE DB CFG FOR dbname USING app_ctl_heap_sz 1024" db2 "UPDATE DB CFG FOR dbname USING stmtheap 32768" db2 "UPDATE DB CFG FOR dbname USING dbheap 2400" db2 "UPDATE DB CFG FOR dbname USING locklist 1000" db2 "UPDATE DB CFG FOR dbname USING logfilsiz 4000" db2 "UPDATE DB CFG FOR dbname USING logprimary 12" db2 "UPDATE DB CFG FOR dbname USING logsecond 20" db2 "UPDATE DB CFG FOR dbname USING logbufsz 32" db2 "UPDATE DB CFG FOR dbname USING avg_appls 5" db2 "UPDATE DB CFG FOR dbname USING locktimeout 30" db2 "UPDATE DB CFG FOR dbname using AUTO_MAINT off"
   Oracle	Create an Oracle database: Install Oracle using UNICODE Database and National character sets such as UTF8, AL32UTF8, or AL16UTF16. Configure the database in Dedicated Server Mode. Enter the recommended initial buffer pool sizes or set them according to the business needs: db_block_size = 8192 db_cache_size = 300M db_files = 1024 log_buffer = 65536 open_cursors = 1500 pga_aggregate_target = 200M pre_page_sga = true processes = 300 shared_pool_size = 200M
   SQL Server	Create an SQL Server database: Install SQL Server. Set Collation to case-sensitive. Install SQL Server with the appropriate portal database collation so that your tempdb collation setting matches the collation we use for the property extension database. The tempdb collation is inherited from the master database, which you set when you install SQL Server.

3. Define the DbDriver and DbLibrary parameter values:

   1. Edit wkplc_dbtype.properties file, located in...
      WP_PROFILE/ConfigEngine/properties

   2. Set the following parameters under the appropriate database type properties heading:

      • db_type.DbDriver

      • db_type.DbLibrary

   3. Save the changes.

   Limitation: The WAS UserManagement component (VMM) requires access to the following database libraries to use the VMM database functions such as Property Extension and database user registry, however, if the Portal is using the DB2 Type 2 driver, due to functional limitations, VMM must use the DB2 Type 4 driver; see Configure a JDBC provider and datasource for federated repositories for additional information:

   • DB2 Type 2 driver: db2java.zip
   • DB2 Type 4 driver: db2jcc4.jar;db2jcc_license_cu.jar
   • DB2 for z/OS Type 2 driver: db2java.zip
   • DB2 for z/OS Type 4 driver: db2jcc4.jar;db2jcc_license_cisuz.jar
   • Oracle: ojdbc14.jar
   • SQL Server JDBC driver: sqljdbc.jar

   Add the library paths to the VMM_JDBC_CLASSPATH variable:

   1. Log on to the WAS admin console as the administrator.

   2. Click Environment > WebSphere Variables.

   3. Select scope: cell.

   4. Select the VMM_JDBC_CLASSPATH variable or click New to create the variable if it does not exist.

   5. Enter the complete paths to the library files, separated by ';", in the Value field; for example, enter D:\IBM\SQLLIB\java\db2jcc4.jar;D:\IBM\SQLLIB\java\db2jcc_license_cu.jar.
   Copy the library files into the appserver/lib directory. Then stop and restart the WebSphere_Portal server to load the library files. In a clustered environment, also stop and restart the dmgr and the nodeagents.

4. Edit wkplc.properties, located in...
   WP_PROFILE/ConfigEngine/properties

   
   

5. Set parameters under the VMM Federated Database Properties heading:
   
   federated.db.DataSourceName
   federated.db.DbType
   federated.db.DbUrl
   federated.db.id
   federated.db.baseDN
   federated.db.DbUser
   federated.db.DbPassword
   federated.db.DbName

6. Set SOAP request timeout...

   1. cd WP_PROFILE\properties

   2. Edit soap.client.props

   3. Locate com.ibm.SOAP.requestTimeout and ensure the value is greater than 1000.
      

   4. Save and close soap.client.props.

7. Complete the following steps in a clustered environment:

   1. Run the ConfigEngine.bat wp-prep-vmm-db-secured-environment -DWasPassword=foo -DDbDomain=federated.db -Ddb_type.DmgrDbLibrary=/path/to/db/jars on the dmgr -DDmgrNodeName=dmgr_node_name task from the WP_PROFILE\ConfigEngine to create the local dmgr WebSphere variable used to access the database jars.

      Set db_type to your database type, for example db2.

      Set path to DB jar files on the dmgr host:

      • DB2 Type 2 driver: db2java.zip
      • DB2 Type 4 driver: db2jcc4.jar;db2jcc_license_cu.jar
      • DB2 for z/OS Type 2 driver: db2java.zip
      • DB2 for z/OS Type 4 driver: db2jcc4.jar;db2jcc_license_cisuz.jar
      • Oracle: ojdbc14.jar
      • SQL Server JDBC driver: sqljdbc.jar

   2. Include each node name as a comma separated list in the command:

      1. Set the property value for federated.db.DbType in wkplc.properties if we are using a database user registry or if the cell is migrated from a previous version.

      2. Run the ConfigEngine.bat wp-node-prep-vmm-db-secured-environment -DWasPassword=foo -DDbDomain=federated.db -DVmmNodeName=node_name,node_name,node_name -Ddb_type.NodeDbLibrary=/path/to/db/jars task from the WP_PROFILE\ConfigEngine on each node to create the variable used to access the VMM database jars.

         VmmNodeName is a list of one or more nodes names in the cell which share the same database driver paths. The db_type in db_type.NodeDbLibrary should be set to the type of database we are using, for example db2.

   3. Stop and restart all necessary servers to propagate the changes.
      

8. Run the ConfigEngine.bat wp-create-db -DWasPassword=foo task, from the WP_PROFILE\ConfigEngine, to add a database user registry to the default federated repository.

   Users who are not in an LDAP do not have awareness and cannot see if other users are online. This can happen if you install WebSphere Portal and then enable a Federated LDAP or Federated database user repository that does not contain that user. Also, users who sign up using the Self Care portlet do not have awareness.

9. Stop and restart servers, dmgrs, and node agents.

10. To update the user registry where new users and groups are stored:

    If we are using multiple LDAP user registries and/or a database user registry, only run this task for the user registry to define as the default user registry where new users and groups are stored.

    1. Edit wkplc.properties, located in...
       WP_PROFILE/ConfigEngine/properties

       
       

    2. Set the following required parameters under the VMM supported entity types configuration heading:
       • personAccountParent
       • groupParent
       • personAccountRdnProperties
       • groupRdnProperties

       The parameters groupParent and personAccountParent must be set to the same value.

       For example:

       • personAccountParent=dc=myco,dc=com
       • groupParent=dc=myco,dc=com

    3. Save changes to wkplc.properties.

    4. Run the ConfigEngine.bat wp-set-entitytypes -DWasPassword=foo task, from the WP_PROFILE\ConfigEngine, to delete the old attributes before adding the new attributes.

    5. Stop and restart all necessary servers to propagate the changes.
       

11. Optional: Run the ConfigEngine.bat wp-query-repository -DWasPassword=foo task, from the WP_PROFILE\ConfigEngine, to list the names and types of configured repositories.

If you created a cluster, including additional nodes, and then completed the steps in this task, run update-jcr-admin on the secondary nodes.

Parent: Configure the default federated repository on Windows in a clustered environment
Related:
Start and stop servers, dmgrs, and node agents
Enable LDAP security after cluster creation
Windows clustered server: Create databases manually