Changing the Host Machine Name or Domain in an Access Manager Deployment

The following procedures explain the modifications you need to make to an Access Manager configuration when the host machine name or domain changes.

• To Change the Host Machine Name in an Access Manager Deployment

• To Change the Domain in an Access Manager Deployment

• To Change the Host Machine Name or Domain in the Access Manager Configuration Data Store

• To Change the Host Machine Name or Domain in the Access Manager Session Data Store

• To Change the Host Machine Name or Domain in the Access Manager Authentication Data Store

• To Change the Host Machine Name or Domain in the Access Manager User Data Store

• To Change the Host Machine Name or Domain in the Access Manager Policy Data Store

To Change the Host Machine Name in an Access Manager Deployment

The following procedure explains what you need to modify in an Access Manager deployment when the name of the machine on which Access Manager is hosted changes.

1. Stop Access Manager.

2. Delete the bootstrap file.

   # rm user_home/AccessManager/*

   where user_home is the home directory of the UNIX user under which the Access Manager web container is running.

3. Copy the value of the am.encryption.pwd property from AMConfig.properties.

   am.encryption.pwd=eza2p5sYo+19hlzeZPynfOk+g89JUbRS

4. Delete the sample identities created by the Identity Repository Service when Access Manager is deployed.

   By default, context-root is amserver.

   1. Change to the agent directory.

      # cd AM-Config-Dir/context-root/idRepo/agent/

   2. Remove the following.

      # rm LibertyBearerTokenWSP LibertySAMLTokenWSP LibertyX509TokenWSP LocalDiscoDiscovery SAML-HolderOfKeyWSP SAML-SenderVouchesWSP UserNameTokenWSP wscWSC wspWSP X509TokenWSP

   3. Change to the realm directory.

      cd AM-Config-Dir/context-root/idRepo/realm/

   4. Remove the following.

      # rm ContainerDefaultTemplateRole

   5. Change to the user directory.

      cd AM-Config-Dir/context-root/idRepo/user/

   6. Remove the following.

      # rm jondoe jsmith

5. Start Access Manager.

6. Using a browser, go to the Access Manager URL using the new host machine name: http://new_FQDN_AM_host:port/amserver.

   You will be redirected to the Access Manager configuration page. After redirection, verify that the URL in the Location bar reflects the new host name.

7. Fill in the details on the configuration page displayed.

   Be sure of the following:

   • Verify that the value of the Server URL correctly reflects the new host name.

   • Paste the encryption password you previously copied as the value of the Encryption Key.

8. Click Configure to submit the form.

   A message confirming a successful configuration will be displayed and you will be redirected to the Access Manager console to login.

9. Login to the Access Manager console as amadmin.

   If configuration has failed or you are unable to login, troubleshoot the issue by looking at the logs from the web container that hosts Access Manager and the debug logs from Access Manager itself.

10. Make the following changes to the Access Manager Platform Service.

    1. Click the Configuration tab.

    2. Click System Properties.

    3. Click Platform.

    4. Delete the Instance Name entry referring to the old host name.

    5. Update the Site Name to include the instance-ID pertaining to the new host name.

    6. Click Save to save the changes.

11. Make the following changes to the top-level realm.

    1. From the console home page, click the Access Control tab.

    2. Click the name of the top-level realm.

    3. Click Realm Attributes.

    4. Under Realm/DNS Aliases, delete the entry referring to the old host name.

    5. Click Save to save the changes.

12. Follow the instructions in To Change the Domain in an Access Manager Deployment, if applicable.

13. Log out of the Access Manager console.

To Change the Domain in an Access Manager Deployment

The following procedure explains what you need to modify in an Access Manager deployment when the domain in which the machine on which Access Manager is hosted changes.

1. Login to the Access Manager console as amadmin.

2. Click the Configuration tab.

3. Click System Properties.

4. Click Platform.

5. Add the new Access Manager domain name as a new value to the Cookie Domains attribute.

6. Click Save to save the changes.

7. Follow the instructions in To Change the Host Machine Name in an Access Manager Deployment, if applicable.

8. Log out of the Access Manager console.

To Change the Host Machine Name or Domain in the Access Manager Configuration Data Store

The following procedure explains what you need to modify in the Access Manager configuration data store when the host machine name or domain in which the machine on which Access Manager is hosted changes.

1. To change the host machine name in the configuration data store, follow steps 1 through 7 in To Change the Host Machine Name in an Access Manager Deployment.

2. Enter the domain in which the configuration data store is installed as the value in the Directory Server Settings field on the new Access Manager configuration page.

3. Click Configure to submit the form.

   A message confirming a successful configuration will be displayed and you will be redirected to the Access Manager console to login.

To Change the Host Machine Name or Domain in the Access Manager Session Data Store

Sun Java System Message Queue is used by Access Manager to implement session failover. Part of the installation process includes installing the Berkeley DB as a session data store. The following procedure explains what you need to modify in this session data store when the host machine name or domain in which the machine on which Access Manager is hosted changes.

1. Login to the Access Manager console as amadmin.

2. Click the Configuration tab.

3. Click Global Properties.

4. Click Session.

5. Change the host name of the session data store under Secondary Configuration Instance.

6. Click Save to save the changes.

7. Log out of the Access Manager console.

To Change the Host Machine Name or Domain in the Access Manager Authentication Data Store

The following procedure explains what you need to modify in a configured Access Manager authentication data store when the host machine name or domain in which the machine on which Access Manager is hosted changes.

1. Login to the Access Manager console as amadmin.

2. Click the Access Control tab.

3. Click the name of the top-level realm.

4. Click Authentication.

5. Click Module Instances.

6. Click the name of the relevant instance(s) and make the appropriate changes to the configured host machine name and domain.

7. Click Save to save the changes.

8. Log out of the Access Manager console.

To Change the Host Machine Name or Domain in the Access Manager User Data Store

1. Login to the Access Manager console as amadmin.

2. Click the Access Control tab.

3. Click the name of the top-level realm.

4. Click Data Stores.

5. Click the name of the relevant data store(s) and make the appropriate changes to the configured host machine name and domain.

6. Click Save to save the changes.

7. Log out of the Access Manager console.

To Change the Host Machine Name or Domain in the Access Manager Policy Data Store

1. Login to the Access Manager console as amadmin.

2. Click the Access Control tab.

3. Click the name of the top-level realm.

4. Click Services.

5. Click Policy Configuration.

6. Make changes to the host machine name and domain configured in the appropriate attributes.

7. Click Save to save the changes.

8. Log out of the Access Manager console.