+

Search Tips   |   Advanced Search

Clusters and external security managers


Complete any configuration for an external security manager after you have completed all other setup, including ensuring that the cluster is functional.

Review system requirements before implementing.

Perform the security configuration on each node in the cluster

If you make changes to the external security manager configuration after initial setup, first make the changes in wkplc_comp.properties on the primary node of the cluster. If additional nodes exist in the cluster, propagate changes to wkplc_comp.properties on other nodes in the cluster.


Tivoli Access Manager

Run validate-pdadmin-connection on each node in the cluster. It the task fails, verify each node in the cluster has a unique value for...

...in wkplc.properties, then execute run-svrssl-config.

For external web servers, edit wkplc_comp.properties on each node and set...

Ensure that the WebSEAL TAI parameters, found in wkplc_comp.properties, are the same on each node in the cluster.

If you run a configuration task that overwrites the WebSEAL junction, the WAS TAI properties are not automatically updated. Manually ensure that all nodes are using the same parameters. From the dmgr console go to...

If we are still using the deprecated TAIs implementation, go to...

To indicate the location of the AMJRTE properties file, set the file location using...

...in wkplc_comp.properties. The value for wp.ac.impl.PDPermpath can be set globally for all cluster members by setting...

...in the dmgr WAS...

Because the dmgr security configuration is not sensitive to each node's filesystem type, the value for the configURL property must be resolved on each node.

To ensure that the location of the PdPerm.properties file is properly specified...


Parent: Cluster considerations