Monthly Archive: August 2013

Websphere Application Server configuration with LDAP Server

 Security is a critical aspect of any distributed application model. Most of the firms have a centralized repository of the users in LDAP servers like Active Directory, Novell LDAP.

This post illustrates how you can configure authentication to the WebSphere Application server using an Open DS LDAP  commonly reffered as WebSphere LDAP configuration.

Open DS is a freeware and can be downloaded from the below site.

http://opends.java.net/

Steps to configure:

1.       Setting up the global security.

Global security configuration applies to the security policy for all administrative functions and is used as a default security policy for user applications. Security domains can be defined to override and customize the security policies for user applications.

Login to WebSphere 7 admin console, navigate to Security –> Global Security.

 

Global security settings

Global security settings

2.       Enable administrative security option.

3.       Configure user account repository.

Select “Standalone LDAP Registry” from the drop down of “User Account Repositoryà configure

4.       Define the LDAP configuration details in the next page.

Specify the below properties.

Primary administrative user name:  Specifies the name of a user with administrative privileges that is defined in your custom user registry

Type of LDAP Server: Since we are using Open DS for the illustration, select ‘Custom’ from the drop down.

 

 

Click on “Test Connection” button to check the ldap configuration settings. Save the changes

5.       Modify the Advanced LDAP User Registry Settings.

Define the User Filter to use (objectclass=inetOrgPerson), since it resonates to the LDAP user registry objectclass settings.

6.       Set the LDAP registry as Current realm definition.

6

7.       Restart the WebSphere Application server.

8.       Login into the admin console using the operator from the LDAP Server.

 

For further reading:

http://pic.dhe.ibm.com/infocenter/iisinfsv/v8r1/index.jsp?topic=/com.ibm.swg.im.iis.found.admin.common.doc/topics/wsisadmin_config_was_ldap.html

 

Cheers,

Wonders Team

WebSphere Managment Commands

After the installation with WebSphere Application server one of the most common task is creating the profiles and federating it with Dmgr which comes as part of an L3/L4 job.

But, the most important and commonly performed task is administration of websphere environment. Unlike the installation or creation or configuration, administration is a Day-Day task which is most comfortable, if we are equipped with some of the commonly used HANDY commands provided by WebSphere Application server. This referenced article explains those most of these handy commands with syntax, when and how to use with an example:-

1)      Backup config: Backup config command is used to take the backup of configuration information of your profiles in zip format. This command is mainly used when we want to upgrade, migrate or for anything where our profile configuration impacts.

Syntax: Profile>bin>backupConfig.sh <name_config.zip>  (or) backupConfig.sh <path/name_config.zip>

Example: /opt/IBM/WebSphere/AppServer/profiles/AppSrv02/bin/backupConfig.sh /opt/IBM/WebSphere/AppServer/profiles/A ppSrv02/logs/AppSrv02_bkp.zip

Image1

2) CleanupNode: CleanupNode is used to clean the node when you have defined a node in cell config but node no longer exists. This is generally used when we are done with defederation.

Syntax: DmgrProfile>bin> ./cleanupNode.sh <nodename> <deploymgrhost> <deploymgrport>

Example: /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin/cleanupNode.sh. myNode -trace -profileName mydmgr

3) RemoveNode: Remove nodes returns from WAS distributed administration cell to standalone application server installation

Syntax: Profile>bin>./ removeNode.sh <nodename> <deploymgrhost> <deploymgrport>

Example: /opt/IBM/WebSphere/AppServer/profilesCustom02/bin/removeNode.sh. –userName admin –password admin

Image1

4) genHistoryReport:It generates an HTML report of recent configuration changes done at profile level. This is generally used when we want to present client an audit report about the profile level environment (.i.e. changes done in my profile).

Syntax: Profile>bin>./ genHistoryReport.sh

Example: /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin/genHistoryReport.sh –userName admin –password admin

Image1

5) genVersionreport: It generates an HTML report of version related changes on profile which is useful in any upgrades, migration, fixpacks, etc.

Syntax: Profile>bin>./ genVersionReport.sh

Example: /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin/genVersionReport.sh –userName admin –password admin

Image16) collector: Collector command generates complete information about websphere application server with reference to OS and its environment in JAR format containing information about property files, logs, etc. This method is deprecated in WAS7.0 and replanced by AutoPD

Syntax: DmgrProfile>bin>./ collector.sh

DmgrProfile>bin>./ collector.sh –profileName profile_name(with reference to profile)

Example: /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin/collector.sh

7) dumpNameSpace: dumpNamespace.sh script dumps information about the WAS namespace, debugging applications when JNDI errors are seen in WAS logs

Syntax: DmgrProfile>bin>./ dumpNameSpace.sh –profileName profile_name(with reference to profile)

Example: /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin/dumpNameSpace.sh

8) IVT: Installation verification tool(IVT) is used to verify the installation of profile with reference to server.

Syntax: Profile>bin>./ ivt.sh -serverName –profileName –p server_port HostName

Example: /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/bin/ivt.sh server1 AppSrv02 –p 9801 LinuxServer

Image19) Delete a Profile: To delete an existing non federated profile we can use the following command:

./manageprofiles.sh -delete -profileName Dmgr01