test

Sun Java System Access Manager 7.1 Release Notes

Patch Installation Instructions

Note –

Beginning with patch 3 (and any subsequent patches unless specifically noted), you must run the updateschema.sh script on Solaris and Linux systems or the updateschema.pl script on Windows. The updateschema script updates the Sun Java System Directory Server schema with any new attributes required by the patch.

For more information see Running the updateschema Script is Required.

Patch Installation Instructions For Solaris Systems

Before you install the Solaris patch, make sure that you have backed up the files listed in Pre-Installation Considerations.

To add and remove patches on Solaris systems, use the patchadd and patchrm commands, which are provided with the OS.

patchadd Command

Use the patchadd command to install a patch on a standalone system. For example:

# patchadd /var/spool/patch/126356-05
Note –

If you are installing the Solaris patch on a Solaris 10 global zone, invoke the patchadd command with the -G argument. For example:

patchadd -G /var/spool/patch/126356-05

The postpatch script displays a message about redeploying the Access Manager applications, except on a system that has only the Access Manager SDK component installed.

The postpatch script creates the amsilent file in the following directory:

AccessManager-base is the base installation directory. The default base installation directory is /opt on Solaris systems and /opt/sun on Linux systems.

The amsilent is based on the amsamplesilent file, but with some required parameters set according to the Access Manager configuration files on the system. The password parameters, however, contain default values. Uncomment and modify the value of each password parameter and carefully check values of other parameters in this file, as needed for your deployment.

The COMMON_DEPLOY_URI parameter, the URI prefix for the common domain web application, also contains a default value. If you have chosen a non-default value for this URI, make sure to update this value. Otherwise, the redeployment of the web applications with amconfig and the patch generated amsilent file will fail.

Then, run the following command (shown with Access Manager installed in the default directory):

# cd /opt/SUNWam/bin 
# ./amconfig -s /opt/SUNWam/amsilent
Caution – Caution –

The amsilent file contains sensitive data such as administrator passwords in plain text, so make sure you secure the file as appropriate for your deployment.

patchrm Command

Use the patchrm command to remove a patch from a standalone system. For example:

# patchrm 126356-05

The backout script displays a message similar to the patchadd command, except on a system that has only the Access Manager SDK component installed.

After the patch is removed, redeploy the Access Manager applications using the amsilent file in the AccessManager-base/SUNWam directory, where AccessManager-base is the base installation directory. The default base installation directory is /opt on Solaris systems.

Set the parameters in the amsilent file, as needed for your deployment.

Then, run the following command, which is shown with Access Manager installed in the default directory on Solaris systems:

# cd /opt/SUNWam/bin
# ./amconfig -s /opt/SUNWam/amsilent

For additional information and examples about the patchadd and patchrm commands, see the appropriate Solaris man pages.

Solaris 10 Zones

The Solaris 10 operating system introduced the new concept of “zones.” Consequently, the patchadd command includes the new -G option, which adds a patch only to the global zone. By default, the patchadd command looks for the SUNW_PKG_ALLZONES variable in the pkginfo of packages to be patched. However, for all Access Manager packages, the SUNW_PKG_ALLZONES variable is not set, and the -G option is required if Access Manager 7.1 is installed in the global zone. If Access Manager is installed in a local zone, the patchadd -G option has no effect.

If you are installing Access Manager 7.1 patches on a Solaris system, it is recommended that you use the -G option. For example:

 # patchadd -G AM7_patch_dir

Similarly, if Access Manager is installed in the global zone, the -G option is required to run the patchrm command. For example:

# patchrm -G 126356-05

Patch Installation Instructions For Linux Systems

Before you install the Linux patch, make sure that you have backed up the files listed in Pre-Installation Considerations.

The installpatch installs a patch on a standalone Linux system. For example:

# ./installpatch

The postpatch script prints messages similar to the messages on a Solaris system. However, the procedure to back out a patch on a Linux system is different than on a Solaris system. There is no generic script to back out a Linux patch. If a lower version of the patch was previously installed, you can re-install that version and then follow the postpatch instructions to redeploy the Access Manager applications by running the amconfig script.

If the patch is installed on the Access Manager 7.1 RTM release and you want to remove the patch and restore the system to the RTM state, you must reinstall the Access Manager RTM bits using the reinstallRTM script. This script takes the path where the Access Manager RTM RPMs are stored and installs the RTM RPMs over the patched RPMs. For example:

# ./scripts/reinstallRTM path_of_AM71_RTM_RPM_directory

After you run the reinstallRTM script, redeploy the Access Manager applications by running the amconfig script and the restart the web container.

Patch Installation Instructions For Windows Systems

The requirements to install the Windows patch include:

Installing the Windows Patch

Before you install the Windows patch, make sure that you have backed up the files listed in Pre-Installation Considerations.

In the base directory path for input to the patch scripts, use a forward slash (/). For example: c:/sun

To install the Windows patch:

  1. Logon to the Windows system as a member of the Administrators group.

  2. Create a directory to download and unzip the Windows patch file. For example: AM71p1

  3. Download and unzip the 126359-05.zip file in the directory from the previous step.

  4. Stop all Java Enterprise System 5 services.

  5. Run the AM71p1\scripts\prepatch.pl script.

  6. Run AM71p1\126359-05.exe to install the patch.

  7. Run the AM7p5\scripts\postpatch.pl script.

  8. Restart the Java ES 5 services.

  9. Redeploy the Access Manager applications.

Note –

If Access Manager is deployed to Web Server 7.0, make sure that Web Server administration server is up and running

Backing Out the Windows Patch

To back out the Windows patch:

  1. Logon to the Windows system as a member of the Administrators group.

  2. Run the Uninstall_126359-05.bat file.

  3. Run the AM71p1\scripts\postbackout.pl script.

  4. Redeploy the Access Manager applications.

  5. Restart the Java ES 5 services.