z/OS: Diagnosing ITCAM <a href="http://setgetweb.com/p/ITCAMv7/was_agent_install_guide_dist/chapter_unix_agent_install/addl_dc_steps.html">data collector configuration</a> problems with global security

IBM Tivoli Composite Application Manager for Application Diagnostics, Version 7.1.0.1

z/OS: Diagnosing ITCAM data collector configuration problems with global security

The problem: Installing ITCAM for Application Diagnostics on z/OS with Global Security enabled may result in errors during the configuration of the application server.
The solution: The ITCAM data collector configuration process uses the WAS administration scripting client, wsadmin.sh to configure the WebSphere Java Virtual Machine properties and services. The scripting client connects to an admin server or the Deployment Manager (in Network Deployment) using a SOAP connection. When Global Security is enabled, the administration service requires an authenticated user ID and password to be supplied in order to execute the configuration script. In addition, since SOAP transport is HTTP, the underlying TCP/IP connection is established using Secure Sockets Layer (SSL). This protocol uses a private-public key authentication mechanism, which on z/OS uses RACF to store the SSL certificates.
If configuration problems are encountered using the setupwas.sh script, try using the wsadmin.sh script directly. The setup script requires a SUPERUSR connected ID, but also have access to the SSL digital certificates. Refer to the WebSphere Security Handbook for further information.
To configure zWebSphere in security enabled environment:
Go to WAS_INSTALL_ROOT/AppServer/bin
Try SOAP connection:
wsadmin.sh -user username -password pass
If the connection to the server instance succeeds, go to ITCAM data collector install_root/WebSphere/DC/bin:
setupwas.sh -user $username -password $pass
If the connection to the server instance fails, try wasadmin.sh -user username -password pass -conntype RMI -port yourRMIport (default 2809).
Go to ITCAM DC install_root/WebSphere/DC/bin
setupwas.sh -user $username -password $pass -conntype RMI -port yourRMIport
If you do not succeed in step 4, resolve the WebSphere problem before configuring the data collector.
If you install on WebSphere V6R1, your install ID uid=0 need to be connected to Admin keyRing. Refer to your WebSphere configure prefix.DATA(BBOWBRAK).

Parent topic:
z/OS systems

+
Search Tips | Advanced Search