test

Sun OpenSSO Enterprise Policy Agent 3.0 Guide for IBM WebSphere Application Server 6.1/7.0 and WebSphere Portal Server 6.1

Installing and Configuring the WebSphere Application Server/Portal Server Agent in a Network Deployment Environment

Installing the WebSphere Application Server/Portal Server agent in a Network Deployment environment is similar to the installation process for an environment with a single Application Server instance. However, you must also install and configure an agent instance onto the Deployment Manager server instance, each Node Agent instance, and each Application Server instance. The Application Server instance might be or might not be within a cluster.

Caution – Caution –

Before you install and configure the WebSphere Application Server/Portal Server agent, the Network Deployment environment must already be setup properly. This guide does not cover installing or configuring the Network Deployment environment itself. Each server instance's configuration should also be synchronized with its corresponding part in the Deployment Manager's profile. That is, each server instance's server.xml file in the remote host should be the same as the corresponding copy in the Deployment Manager's profile. One way to achieve this synchronization is to run the syncNode.sh (or syncNode.bat on Windows) command on each node for each profile.

You must also stop the Network Deployment, including the Deployment Manager server instance, all Node Agent instances, and all Application Server instances.

Pre-Installation Tasks for the WebSphere Application Server/Portal Server Agent in a Network Deployment Environment

The pre-installation tasks are the same as Pre-Installation Tasks for the WebSphere Application Server/Portal Server Agent.

Note: Each agent instance should have a unique agent profile. You can create each agent profile as described in Creating an Agent Profile or during the agent installation using the agentadmin --custom-install option.

Installing the WebSphere Application Server/Portal Server Agent in a Network Deployment Environment

The following install sequence is recommended for a Network Deployment environment, although it is not necessarily in a required order:

Installing the WebSphere Application Server/Portal Server Agent on the Deployment Manager Instance

Install the first instance of the WebSphere Application Server/Portal Server agent on the Deployment Manager instance.

ProcedureTo the WebSphere Application Server/Portal Server Agent on the Deployment Manager Instance

  1. Ensure that the WebSphere Application Server 6.1 or 7.0 Network Deployment is down.

  2. On the machine running Deployment Manager, install the agent onto the Deployment Manager server instance, as described in Installing the WebSphere Application Server/Portal Server Agent.

    Installation considerations are:

    • Use the agentadmin --custom-install option.

    • Several prompts specific to this installation are:

    Prompt 

    Description 

    Instance Config Directory 

    Path to the configuration directory for the WebSphere Application Server instance. For example: 

    /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/config/cells/
hostnameCell01/nodes/hostnameCellManager01/servers/dmgr

    Server Instance name 

    Name of the WebSphere Application Server instance. For example: dmgr

    Agent URL 

    Agent URL, including the deployment URIs. For example: 

    http://agenthost.example.com:9080/agentapp

    The agent application (agentapp.war) is a housekeeping application used by the agent for notifications and other functions such as cross domain single sign-on (CDSSO) support. For more information, see Deploying the Agent Application.

    Note: Since the agentapp cannot be deployed onto the Deployment Manager instance, this URL can point to an Application Server instance on the same host with the agentapp deployed.

Installing WebSphere Application Server/Portal Server Agent on Each Node Agent

ProcedureTo Installing WebSphere Application Server/Portal Server Agent on Each Node Agent

  1. Ensure that the WebSphere Application Server 6.1 or 7.0 Network Deployment is down.

  2. On the machine running the Node Agent, install the agent onto the Node Agent instance as, described in Installing the WebSphere Application Server/Portal Server Agent.

    Installation considerations are:

    • Use the agentadmin --custom-install option.

    • Several prompts specific to this installation are:

    Prompt 

    Description 

    Instance Config Directory 

    Path to the configuration directory for the WebSphere Application Server instance. For example: 

    /opt/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/
hostnameCell01/nodes/hostnameNode01/servers/nodeagent

    Server Instance name 

    Name of the WebSphere Application Server instance. For example: nodeagent

    Agent URL 

    Agent URL, including the deployment URIs. For example: 

    http://agenthost.example.com:9080/agentapp

    The agent application (agentapp.war) is a housekeeping application used by the agent for notifications and other functions such as cross domain single sign-on (CDSSO) support. For more information, see Deploying the Agent Application.

    Note: Since the agentapp cannot be deployed onto the Node Agent instance, this URL can point to an Application Server instance on the same host with the agentapp deployed.

  3. Copy the Node Agent's server.xml file to overwrite its corresponding copy under the Deployment Manager's profile.

    For example, copy:

    /opt/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/
hostnameCell01/nodes/hostnameNode01/servers/nodeagent/server.xml

    to overwrite:

    /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/config/cells/
hostnameCell01/nodes/hostnameNode01/servers/nodeagent/server.xml

    Note: The above two server.xml files should be synchronized before installation, so this copy operation will not cause a mismatch. Otherwise you must find out the changes in server.xml (compared with original copy with a name such as server.xml-preAmAgent-timestamp) by the agent installer and merge the changes with its corresponding copy in the Deployment Manager's profile.

    If the Node Agent is on a remote host from the Deployment Manager, its server.xml file on the remote host should be copied or FTPed to the host of the Deployment Manager and overwrite its own corresponding copy in the Deployment Manager profile as above.

    Caution: Each Node Agent has its own copy of server.xml in Deployment Manager, and overwriting a file mistakenly can cause the other server instances to malfunction.

Installing the WebSphere Application Server/Portal Server Agent on Each Application Server Instance

ProcedureTo Install the WebSphere Application Server/Portal Server Agent on Each Application Server Instance

  1. Ensure that the WebSphere Application Server 6.1 or 7.0 Network Deployment is down.

  2. On the machine running the Application Server instances, install the WebSphere Application Server/Portal Server agent onto each Application Server instance, as described in Installing the WebSphere Application Server/Portal Server Agent.

    Installation considerations are:

    • Use the agentadmin --custom-install option.

    • Several prompts specific to this installation are:

    Prompt 

    Description 

    Instance Config Directory 

    Path to the configuration directory for the WebSphere Application Server instance. For example: 

    /opt/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/
hostnameCell01/nodes/hostnameNode01/servers/server1

    Server Instance name 

    Name of the WebSphere Application Server instance. For example: server1

    Agent URL 

    Agent URL, including the deployment URIs. For example: 

    http://agenthost.example.com:9080/agentapp

    The agent application (agentapp.war) is a housekeeping application used by the agent for notifications and other functions such as cross domain single sign-on (CDSSO) support. For more information, see Deploying the Agent Application.

  3. Copy the Application Server server1 server.xml file to overwrite its corresponding copy under the Deployment Manager's profile.

    For example, copy:

    /opt/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/
hostnameCell01/nodes/hostnameNode01/servers/server1/server.xml

    to overwrite:

    /opt/IBM/WebSphere/AppServer/profiles/Dmgr01/config/cells/
hostnameCell01/nodes/hostnameNode01/servers/server1/server.xml

    Note: The above two server.xml files should be synchronized before installation, so this copy operation will not cause a mismatch. Otherwise you must find out the changes in server.xml (compared with original copy with a name such as server.xml-preAmAgent-timestamp) by the agent installer and merge the changes with its corresponding copy in the Deployment Manager's profile.

    If the Node Agent is on a remote host from the Deployment Manager, its server.xml file on the remote host should be copied or FTPed to the host of the Deployment Manager and overwrite its own corresponding copy in the Deployment Manager profile as above.

    Caution: Each Application Server instance has its own copy of server.xml in Deployment Manager, and overwriting a file mistakenly can cause the other server instances to malfunction.

Post-Installation Tasks for the WebSphere Application Server/Portal Server Agent in a Network Deployment Environment

ProcedureTo Perform Post-Installation Tasks for the WebSphere Application Server/Portal Server Agent in a Network Deployment Environment

  1. Perform the following steps once to configure all agent instances.

  2. Perform Enabling Cookie Reset for the Agent ProfileEnabling Cookie Reset for the Agent Profile for each agent profile, including the agent profile for the Deployment Manager, Node Agent, or Application Server instances.

  3. Perform Specifying the Agent User in the OpenSSOAgentBootstrap.properties File for each agent instance's OpenSSOAgentBootstrap.properties file.

    Note: All agent instances can share the same agent user, but each agent instance still keeps its unique agent profile using the following property:

    com.sun.identity.agents.config.profilename = agent-profile-name

  4. In Performing Global Configuration Tasks for WebSphere Application Server 6.1/7.0, perform each task once for the configuration of all agent instances.

  5. Perform Deploying the Agent Application for each WebSphere Application Server instance.

  6. For Configuring Applications Protected by the WebSphere Application Server/Portal Server Agent, perform this task for each application to be protected by the WebSphere Application Server/Portal Server agent.

  7. Optionally, consider the Optional Post-Installation Tasks for the WebSphere Application Server/Portal Server Agent.