Installing the WebSphere Application Server/Portal Server Agent Using the agentadmin Program (Sun OpenSSO Enterprise Policy Agent 3.0 Guide for IBM WebSphere Application Server 6.1/7.0 and WebSphere Portal Server 6.1)

Sun OpenSSO Enterprise Policy Agent 3.0 Guide for IBM WebSphere Application Server 6.1/7.0 and WebSphere Portal Server 6.1

Previous: Gathering Information to Install the WebSphere Application Server/Portal Server Agent
Next: Considering Specific Deployment Scenarios for the WebSphere Application Server/Portal Server Agent

Installing the WebSphere Application Server/Portal Server Agent Using the `agentadmin` Program

The version 3.0 agentadmin program includes these installation options:

Default install (agentadmin --install): The program asks a limited number of questions and uses default values for the other options. Use the default install option when the default options, as shown in Table 1, meet your deployment requirements.

or
Custom install (agentadmin --custom-install): The program asks a full set of questions similar to the version 2.2 program. Use the custom install option when you want to specify values other than the default options shown in Table 1.

Before you install the WebSphere Application Server/Portal Server agent:

A OpenSSO Enterprise server instance must be installed and running.
The WebSphere Application Server 6.1/7.0 instance must be installed and configured on the server where you plan to install the agent.
You must have downloaded and unzipped the distribution file, as described in Downloading and Unzipping the websphere_v61_agent_3.zip Distribution File.

To Install the WebSphere Application Server/Portal Server Agent Using the `agentadmin` Program

Login into the server where you want to install the agent.

Important: To install the agent, you must have write permission to the WebSphere Application Server 6.1/7.0 instance files and directories.

If necessary, shut down the WebSphere Application Server 6.1/7.0 instance.

Change to the following directory:

PolicyAgent-base/bin

On Solaris and Linux systems, set the permissions for the agentadmin program as follows, if needed:

# chmod 755 agentadmin

Start the agent installation:

Default install: # ./agentadmin --install

or

Custom install: # ./agentadmin --custom-install

On Windows systems, run the agentadmin.bat program.

Enter information as requested by the agentadmin program, or accept the default values displayed by the program.

After you have made your choices, the agentadmin program displays a summary of your responses. For example:

-----------------------------------------------
SUMMARY OF YOUR RESPONSES
-----------------------------------------------
Instance Config Directory :
/opt/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/
  agenthostNode01Cell/nodes/agenthostNode01/servers/server1
Instance Server name : server1 
WebSphere Install Root Directory : /opt/IBM/WebSphere/AppServer 
OpenSSO server URL : http://opensso.example.com:8080/opensso 
Agent URL : http://agenthost.example.com:9080/agentapp 
Encryption Key : e/usCNJI2Y57Tyg3S5Wz/5Jc9uxb/ZMn 
Agent Profile name : websphere6.1 
Agent Profile Password file name : wasagentpw

Verify your choices and either continue with the installation (selection 1, the default) , or make any necessary changes.

If you continue, the program installs the agent and displays a summary of the installation. For example:

SUMMARY OF AGENT INSTALLATION
-----------------------------
Agent instance name: Agent_001
Agent Bootstrap file location:
/agents/j2ee_agents/websphere_v61_agent/Agent_001/
  config/OpenSSOAgentBootstrap.properties
Agent Configuration file location
/agents/j2ee_agents/websphere_v61_agent/Agent_001/
  config/OpenSSOAgentConfiguration.properties
Agent Audit directory location:
/agents/j2ee_agents/websphere_v61_agent/Agent_001/logs/audit
Agent Debug directory location:
/agents/j2ee_agents/websphere_v61_agent/Agent_001/logs/debug

Install log file location:
/agents/j2ee_agents/websphere_v61_agent/installer-logs/audit/custom.log
Thank you for using OpenSSO Policy Agent

After the installation finishes successfully, if you wish, check the installation logs in the following directory:

installer-logs/audit

Restart the WebSphere Application Server 6.1/7.0 instance that is being protected by the agent.

Note –
After you install the WebSphere Application Server/Portal Server agent for a specific domain, you cannot use that same agent on the same host for a different domain. To use the WebSphere Application Server/Portal Server agent for another domain on the same host, you must install the agent specifically for that domain.

Example 1 Sample `agentadmin` Program Installation for the WebSphere Application Server/Portal Server Agent

************************************************************************
Welcome to the OpenSSO Policy Agent for IBM WebSphere Application Server 6.1
************************************************************************

Enter the fully qualified path to the configuration directory of the Server
Instance for the WebSphere node.
[ ? : Help, ! : Exit ]
Enter the Instance Config Directory
[/opt/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/
Node01Cell/nodes/Node01/servers/server1]:
/opt/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/
agenthostNode01Cell/nodes/agenthostNode01/servers/server1

Enter the Server Instance name.
[ ? : Help, < : Back, ! : Exit ]
Enter the Server Instance name [server1]:

Enter the WebSphere Install Root directory.
[ ? : Help, < : Back, ! : Exit ]
Enter the WebSphere Install Root directory
[/opt/IBM/WebSphere/AppServer]:

Enter the URL where the OpenSSO server is running. Please include the
deployment URI also as shown below:
(http://opensso.sample.com:58080/opensso)
[ ? : Help, < : Back, ! : Exit ]
OpenSSO server URL: http://opensso.example.com:8080/opensso

Enter the Agent URL. Please include the deployment URI also as shown below:
(http://agent1.sample.com:1234/agentapp)
[ ? : Help, < : Back, ! : Exit ]
Agent URL: http://agenthost.example.com:9080/agentapp

Enter a valid Encryption Key.
[ ? : Help, < : Back, ! : Exit ]
Enter the Encryption Key [e/usCNJI2Y57Tyg3S5Wz/5Jc9uxb/ZMn]:

Enter the Agent profile name
[ ? : Help, < : Back, ! : Exit ]
Enter the Agent Profile name: websphere6.1

Enter the path to a file that contains the password to be used for identifying
the Agent.
[ ? : Help, < : Back, ! : Exit ]
Enter the path to the password file: wasagentpw

-----------------------------------------------
SUMMARY OF YOUR RESPONSES
-----------------------------------------------
Instance Config Directory :
/opt/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/
agenthostNode01Cell/nodes/agenthostNode01/servers/server1
Instance Server name : server1
WebSphere Install Root Directory : /opt/IBM/WebSphere/AppServer
OpenSSO server URL : http://opensso.example.com:8080/opensso
Agent URL : http://agenthost.example.com:9080/agentapp
Encryption Key : e/usCNJI2Y57Tyg3S5Wz/5Jc9uxb/ZMn
Agent Profile name : websphere6.1
Agent Profile Password file name : wasagentpw
Verify your settings above and decide from the choices below.
1. Continue with Installation
2. Back to the last interaction
3. Start Over
4. Exit
Please make your selection [1]:
Copy agent.jar,openssoclientsdk.jar to
/opt/IBM/WebSphere/AppServer/lib/ext...DONE.
Creating directory layout and configuring Agent file for Agent_001
instance ...DONE.
Reading data from file wasagentpw and encrypting it ...DONE.
Generating audit log file name ...DONE.
Creating tag swapped OpenSSOAgentBootstrap.properties file for instance
Agent_001 ...DONE.
Creating a backup for file
/opt/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/Node01Cell/nodes/
Node01/servers/server1/server.xml
...DONE.
Configure server.xml file
/opt/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/Node01Cell/nodes/
Node01/servers/server1/server.xml...DONE.
Creating the Agent Profile websphere6.1 ...DONE.

SUMMARY OF AGENT INSTALLATION
-----------------------------
Agent instance name: Agent_001
Agent Bootstrap file location:
/agents/j2ee_agents/websphere_v61_agent/Agent_001/config/OpenSSOAgentBootstrap.properties
Agent Configuration file location
/agents/j2ee_agents/websphere_v61_agent/Agent_001/config/OpenSSOAgentConfiguration.properties
Agent Audit directory location:
/agents/j2ee_agents/websphere_v61_agent/Agent_001/logs/audit
Agent Debug directory location:
/agents/j2ee_agents/websphere_v61_agent/Agent_001/logs/debug

Install log file location:
/agents/j2ee_agents/websphere_v61_agent/installer-logs/audit/custom.log
Thank you for using OpenSSO Policy Agent

After You Finish the Install

Agent Instance Directory

The installation program creates the following directory for each agent instance:

PolicyAgent-base/Agent_nnn

PolicyAgent-base is Agent-HomeDirectory/j2ee_agents/websphere_v61_agent, where Agent-HomeDirectory is where you unzipped the agent distribution file.
nnn identifies the agent instance as Agent_001, Agent_002, and so on for each additional agent instance.

Each agent instance directory contains the following subdirectories:

/config contains the configuration files for the agent instance, including OpenSSOAgentBootstrap.properties and OpenSSOAgentConfiguration.properties.
/installer-logs contains the following subdirectories
- /audit contains local audit trail for the agent instance.
- /debug contains the debug files for the agent instance when the agent runs in debug mode.