Add a database user registry on AIX

 

+

Search Tips   |   Advanced Search

 

To add a database user registry to the default federated repository to store user account information for authorization.

  1. Log on to the primary node.

  2. Ensure that server1 and WebSphere_Portal servers are started.

  3. Set up a new database, including creating a new user with appropriate WebSphere Portal privileges for accessing the database.

    For DB2...

    1. Install DB2.

    2. Open a DB2 command window and type...

      db2 create database MYDB using codeset UTF-8 territory US

    3. Enter the following database tuning commands:

      db2 "create db mydb using codeset UTF-8 territory us pagesize 8192"
      db2 "update db cfg for MYDB using applheapsz 4096"
      db2 "update db cfg for MYDB using app_ctl_heap_sz 1024"
      db2 "update db cfg for MYDB using stmtheap 16384"
      db2 "update db cfg for MYDB using dbheap 2400"
      db2 "update db cfg for MYDB using locklist 1000"
      db2 "update db cfg for MYDB using logfilsiz 4000"
      db2 "update db cfg for MYDB using logprimary 12"
      db2 "update db cfg for MYDB using logsecond 20"
      db2 "update db cfg for MYDB using logbufsz 32"
      db2 "update db cfg for MYDB using avg_appls 5"
      db2 "update db cfg for MYDB using locktimeout 30"
      db2 "update db cfg for MYDB using AUTO_MAINT off"

    For Oracle, installing Oracle also installs the databases.

  4. Define the DbDriver and DbLibrary parameter values:

    1. Edit...

      ...and enter a value for the following parameters under the appropriate database type properties heading:

      • db_type.DbDriver
      • db_type.DbLibrary

    2. Save changes.

    WAS UserManagement component (VMM) requires used database libraries in the WAS server classpath...

    appserver/lib

    This limitation will be addressed with PK66195. In the meantime if you want to use the VMM database functions such as Property Extension or database user registry, copy the following library files into...

    appserver/lib

    ...prior to starting the server...

    DB2 Type 2 driver db2java.zip
    DB2 Type 4 driver db2jcc.jar;db2jcc_license_cu.jar
    DB2 for z/OS Type 2 driver db2java.zip
    DB2 for z/OS Type 4 driver db2jcc.jar;db2jcc_license_cisuz.jar;db2jcc_javax.jar
    Oracle ojdbc14.jar

  5. Edit...

    WP_PROFILE/ConfigEngine/properties/wkplc.properties

    ...and enter a value for the following required parameters in the wkplc.properties file under the VMM Federated Database Properties heading:

  6. Edit...

    wp_profile/properties/soap.client.props

    ...and set...

    com.ibm.SOAP.requestTimeout=1000

  7. Perform the following steps in a clustered environment:

    1. Create the local Deployment Manager WebSphere variable used to access the database jars. 

       WP_PROFILE/ConfigEngine
./ConfigEngine.sh wp-prep-vmm-db-secured-environment 
                  -DWasPassword=wpsadmin 
                  -DDbDomain=la|federated.db 
                  -Ddb_type.DmgrDbLibrary=path/to/database/jars/on/dmgr 
                  -DDmgrNodeName=dmgr_node

      Where DbDomain is either la or federated.db depending on whether you are using a property extension database (la) or a database user registry (federated.db).

      Set db_type in db_type.DmgrDbLibrary to the type of database you are using, for example db2.

      The local path of the database jars on the Deployment Manager should be one of the following options:

      • DB2 Type 2 driver: db2java.zip
      • DB2 Type 4 driver: db2jcc.jar;db2jcc_license_cu.jar
      • DB2 for z/OS Type 2 driver: db2java.zip
      • DB2 for z/OS Type 4 driver: db2jcc.jar;db2jcc_license_cisuz.jar;db2jcc_javax.jar
      • Oracle: ojdbc14.jar

    2. Run the following task for EACH WebSphere Portal node that participates in the cluster to set up access to the database drivers; if multiple nodes share the same database library path you can submit a comma separated list of node names:

      This task does not need to be executed from the node identified in the VmmNodeName parameter.

      1. Set the property value for federated.db.DbType if using a database user registry or if the cell is migrated from a previous version and set the property value for la.DbType if using a property extension database in the wkplc.properties file.

      2. Run... 

         cd  WP_PROFILE/ConfigEngine
./ConfigEngine.sh wp-node-prep-vmm-db-secured-environment 
                  -DWasPassword=wpsadmin 
                  -DDbDomain=la|federated.db 
                  -DVmmNodeName=node 
                  -Ddb_type.NodeDbLibrary/path/to/DB/jars

        ...directory on each node to create the variable used to access the VMM database jars.

        Where DbDomain is either la or federated.db depending on whether you are using a property extension database (la) or a database user registry (federated.db). VmmNodeName is a list of one or more WebSphere Portal nodes names in the cell which share the same database driver paths. The db_type in db_type.NodeDbLibrary should be set to the type of database you are using, for example db2.

        The local full path of the database jars should be one of the following options:

        • DB2 Type 2 driver: db2java.zip
        • DB2 Type 4 driver: db2jcc.jar;db2jcc_license_cu.jar
        • DB2 for z/OS Type 2 driver: db2java.zip
        • DB2 for z/OS Type 4 driver: db2jcc.jar;db2jcc_license_cisuz.jar;db2jcc_javax.jar
        • Oracle: ojdbc14.jar

    3. Run... 

       ./ConfigEngine.sh wp-connect-database-vmm -DWasPassword=wpsadmin 
                                           -DDbDomain=la|federated.db

      ...task to connect to the VMM database, where DbDomain is either la or federated.db depending on whether you are using a property extension database (la) or a database user registry (federated.db).

    4. Stop and restart the deployment manager, the node agent(s), server1, and the WebSphere_Portal servers.

  8. Add a database user registry to the default federated repository.

      WP_PROFILE/ConfigEngine
      ./ConfigEngine.sh wp-create-db -DWasPassword=wpsadmin

    Users who are not in an LDAP do not have awareness and cannot see if other users are online. This can happen if you install WebSphere Portal and then enable a Federated LDAP or Federated database user repository that does not contain that user. Also, users who sign up using the Self Care portlet do not have awareness.

  9. To propagate the security changes:

    Option Description
    Stand-alone environment cd WP_PROFILE/bin
    ./stopServer.sh server1 -username adminid -password passwd
    ./stopServer.sh WebSphere_Portal -username adminid -password passwd
    ./startServer.sh server1
    ./startServer.sh WebSphere_Portal
    Clustered environment cd dmgr_profile_root\bin
    ./stopManager.sh
    ./stopNode.sh -username adminid -password passwd
    cd WP_PROFILE/bin
    ./stopServer.sh server1 -username adminid -password passwd
    ./stopServer.sh WebSphere_Portal -username adminid -password passwd
    ./startManager.sh
    cd dmgr_profile_root\bin
    ./startNode.sh
    cd WP_PROFILE/bin
    ./startServer.sh server1
    ./startServer.sh WebSphere_Portal

  10. To update the user registry where new users and groups are stored:

    1. Edit wkplc.properties located in WP_PROFILE/ConfigEngine/properties.

      ...and enter a value for the following required parameters in the wkplc.properties file under the VMM supported entity types configuration heading:

      • personAccountParent
      • groupParent
      • personAccountRdnProperties
      • groupRdnProperties

    2. Save changes to the wkplc.properties file.

    3. Update the Group and PersonAccount entity types with the corresponding default parent and relative distinguished name.

        WP_PROFILE/ConfigEngine
        ./ConfigEngine.sh wp-update-entitytypes -DWasPassword=wpsadmin

    4. Stop and restart the deployment manager, the node agent(s), server1, and the WebSphere_Portal servers.

  11. Optional

    List the names and types of configured repositories.

      cd WP_PROFILE/ConfigEngine
      ./ConfigEngine.sh wp-query-repository -DWasPassword=wpsadmin

 

Parent topic

Configure the default federated repository on AIX

 

Parent topic

Updating your user registry on AIX