Perform Update
-Run appropriate db scripts (e.g. for sm52-update-2.0: Aggregate-SingleTablespace.sql, Aggregate-Data.sql; for sm52-ttc-activation-1.0.zip: activation.sql; for sm52-repository-manager-integration-1.1.0.zip: setup.sql)
-Stop all processes (subsystems, management console, wizards, management points, sample apps etc)
-Copy zip files to be updated to the /update_repository folder
-Open update tool: Administration Tools -> Perform Updates
-Check the zip file to be updated
-Click Apply Update button
-Run post update scripts if needed (e.g. sm52-update-2.0: update52ModelToUpdate2State.bat, sm52-update-2.14.zip: update52ModelToUpdate214State.bat)
-Modify property files if needed (e.g. sm52-content-type-override-update:add to mp_config.properties: mime.writer.override.content.type=text/xml)
-Reinstall NT services (mandatory for sm52-update-2.0)
-May need to physically remove the “work” directory under sm52/console.
Integrate with OpenLDAP
-Login as administrator
-Open Configure Security page: Configure -> Security -> Identity Systems
-Click “Add Identity System” button and follow the wizard.
Identity System Type: Directory Server
Domain Name: OpenLDAP
Directory Type: Other
URL: ldap://localhost:389
Users
BaseDN: ou=Users,dc=example,dc=com
Search Scope: Onelevel
Object Category: organizationalUnit
Username Attribute: uid
Full Name Attribute: cn
Email Attribute (optional): mail
Memberof Attribute (optional):
Groups
BaseDN: ou=Groups,dc=example,dc=com
Search Scope: Subtree
Object Category: organizationalUnit
Username Attribute: uid
Full Name Attribute: cn
Description Attribute: description
Member Attribute: uniqueMember
Map with Search
LDAP search filter when searching user based on user name: (&(objectclass=person)(uid=$USERNAME))
LDAP search filter when searching user based on full name: (&(objectclass=person)(cn=$FULLNAME))
LDAP search filter when searching group based on group name: (&(objectclass=groupOfUniqueNames)(cn=$GROUPNAME))
LDAP search filter when searching groups based on member DN: (&(objectclass=groupOfUniqueNames)(uniqueMember=$USERDN))
Proxy User Name: cn=Manager,dc=example,dc=com
Proxy User Password: secret
Setup Subsystems As Windows Services
Directory of C:\Program Files\SOA Software\sm52\bin 01/14/2009 01:37 PM 4,045 installAMEngineService.bat 01/14/2009 01:37 PM 4,653 installMPService.bat 01/14/2009 01:37 PM 4,499 installMSConsoleService.bat 01/14/2009 01:37 PM 4,114 installMSEngineService.bat 01/14/2009 01:37 PM 3,971 installPMEngineService.bat 01/14/2009 01:37 PM 3,977 installRMEngineService.bat C:\Program Files\SOA Software\sm52\bin>installAMEngineService.bat Enter Alert Manager Server Instance Name: AlertManager1 Enter the HTTP Port Number for AlertManager1: 9902 The service was successfully installed. Press any key to continue . . . C:\Program Files\SOA Software\sm52\bin>installPMEngineService.bat Enter Policy Manager Server Instance Name: PolicyManager1 Enter the HTTP Port Number for PolicyManager1: 9903 The service was successfully installed. Press any key to continue . . . C:\Program Files\SOA Software\sm52\bin>installRMEngineService.bat Enter Registry Manager Server Instance Name: RegistryManager1 Enter the HTTP Port Number for RegistryManager1: 9901 The service was successfully installed. Press any key to continue . . . C:\Program Files\SOA Software\sm52\bin>installMSConsoleService.bat Enter Management Console Instance Name: ManagementConsole1 Enter the HTTP Port Number for ManagementConsole1: 9900 The service was successfully installed. Press any key to continue . . . C:\Program Files\SOA Software\sm52\bin>installMSEngineService.bat Enter Management Server Engine Instance Name: ManagementServer1 Enter the HTTP Port Number for ManagementServer1: 9904 The service was successfully installed. Press any key to continue . . . C:\Program Files\SOA Software\sm52\bin>installMPService.bat Enter Management Point Container Key: MP1_Container Enter Management Point Instance Name: MP1 Enter the HTTP Port Number for MP1: 9905 The service was successfully installed. Press any key to continue . . . C:\Program Files\SOA Software\sm52\bin>installMPService.bat Enter Management Point Container Key: MP_HTTPS Enter Management Point Instance Name: MP_HTTPS Enter the HTTP Port Number for MP_HTTPS: 9943 The service was successfully installed. Press any key to continue . . .
Uninstall
cd UninstallerData ./Uninstall_Service_Manager
Use Built-in PKI Utility
MP1 HTTPS Listener:
Generate PKI keys
Generate CSR
CA:
Issue/sign certificate
MP1 HTTPS Listener:
Import signed cert
Import CA cert
SM52:
Add trusted cert
Import signed cert
Using VeriSign Certificate
MP1 HTTPS Listener:
Generate PKI keys
Generate CSR
VeriSign:
Issue/sign certificate
MP1 HTTPS Listener:
* Use base 64 encoded certificate
* If signed by VeriSign intermediate G2, you need to manually concatenate the base64 encoded versions of signed certificate and intermediate G2 certificate into one “chained” certificate file
* Import the “chained” certificate file into MP PKI.
Enable Various Portlets
ADDITIONS TO MSCONSOLE.PROPERTIES: #Set enabled to 'true' to enable the collaboration portlet #Set targeturl to the location of the Jive server #portlet.desm.forum.enabled=true #portlet.desm.forum.targeturl=http://localhost:9980/jiveforums #Set enabled to 'true' to enable the policy attachments portlet portlet.desm.policyattachments.enabled=true #Set enabled to 'true' to enable the policy results portlet portlet.desm.complianceresults.enabled=true #Set enable to 'true' to enable the Test Client TestClient.enabled=true #This will hide quick-search if set to false QuickSearch.enabled=true ADDITIONS TO MSENGINE.PROPERTIES: #Set enable to 'true' to enable the discovery of runtime dependencies based on transaction tracking scheduler.job.correlate.activities.enabled=true
Disable CRL
Add to dems.properties and pm_config.properties
com.soa.crl.disabled=true
Remove Management Point MP1
* Stop MP1 (./stopMP.sh -sk MP1)
* Delete container from management console
* ./startOnlineAdmin.sh
– Remove Management Point Configuration
– Select MP1(MP1)
Clone Service Manager
* Shutdown SM. Make sure no state files in the sm52/state directory.
* Shutdown MP. Make sure no state files in the sm52/state directory.
* Export/Import soasm, soamp user schema;
– Grant CREATE SESSION to soasm;
– Grant CREATE SESSION to soamp;
* Copy sm52 directory to the same location on a different machine
– Remove logs directory conent
* Edit bootstrap.properties
– Replace all machine domain names
– Replace database machine domain name
vi config/bootstrap.properties :%s/old_host/new_host/g :%s/old_db_host/new_db_host/g
* Edit dems.properties
– Comment out installation.name property
#installation.name=old_host* Run offline admin wizard (startOfflineAdmin.sh)
– Update Database Settings
– Update ALL Subsystem Listener Information
– Synchronize Bootstrap Configuration
* Modify Container Listener URLs
– Start SM but NOT Management Point
– Login SM
– Select Container MP
– Select HTTP Modify Container Listener
– Change Host name to new host name
– Click Apply
– Select HTTPS Modify Container Listener
– Change Host name to new host name
– Click Apply
* Run update tool (startUpdateTool.sh) to recreate installation.name property
* Configure MP (.configMP.sh)
* Start MP
Redirect logs
* Append to bootstrap.properties
#Logs directory logs.redirect.dir=c:/sm52/logs
* Modify LOG.HANDLERS.File.Filename property in following property file:
– amengine.properties
– msconsole.properties
– msengine.properties
– rmengine.properties
– pmengine.properties
– mp_config.properties
LOG.HANDLERS.File.Filename=%logs.redirect.dir%/alert_manager/amengine.log
Redirect state directory
* Set state.dir.path property in dems.properties:
state.dir.path=c:/sm52/state
Batch Update DB Properties
* Generate template file
./updateDatabaseConfigurationCmdl.sh -t /tmp/updateDB.properties
* Modify template file
## Username, Password and PM Seed ## --------------------------- ## Enter your Service Manager login information (Username ## and Password), and specify the Policy Manager (PM) Seed ## assigned during the initial Service Manager configuration ## process. ## cmdl_updatedbconfiguration_smusername=administrator cmdl_updatedbconfiguration_smpassword=secret cmdl_updatedbconfiguration_pmseed=pmseed ## Modify Database Information ## --------------------------- ## Specify the database type you would like to modify. DBType valid ## values are mssql, db2, oracle, UserDefinedJDBCDriver, ## mysql(not officially supported as of 08/06). ## cmdl_updatedbconfiguration_dbtype=oracle ## Specify Host Name and Port Number ## --------------------------------- ## Specify the Host Name and Port Number of the database you would ## like to modify. Configure the database configuration options ## below based on the database type specified. cmdl_updatedbconfiguration_host=192.168.0.10 cmdl_updatedbconfiguration_port=1521 ## Oracle Only cmdl_updatedbconfiguration_instancename=xe cmdl_updatedbconfiguration_dbuser_name=soasm cmdl_updatedbconfiguration_dbuser_password=secret ## Modify Management Point (yes/no default yes) ## -------------------------------------------- ## You can optionally modify the Management Point database user password ## by enabling the dbmpuser update by specifying "yes," entering the dbmpuser, ## and dbmpuser password. ## cmdl_updatedbconfiguration_dbmpuser_update=yes cmdl_updatedbconfiguration_dbmpuser_name=soamp cmdl_updatedbconfiguration_dbmpuser_password=secret
* Update config/bootstrap.properties with new database connection strings
* Shutdown SM
* Run command line in batch mode with parameter file:
./updateDatabaseConfigurationCmdl.sh -p /tmp/updateDB.properties
* Start SM
* Restart MP
Archive Usage Data
Tables that include monitoring data are:
Realtime data
MO_ROLLUPDATA
Historical charts
MO_ROLLUP15
MO_ROLL_ORG15
MO_ROLLUP_HOUR
MO_ROLL_ORG_H
MO_ROLLUP_DAY
MO_ROLL_ORG_D
Usage logs
MO_USAGEDATA
Record Messages
MO_USAGEMSGS
Alerts
AM_ALERTS
AM_COMMENTS
AM_ALERTCOMMENTS
Alert Audit trails
AM_AUDITTRAIL
Security Audit trails
PM_AUDITTRAIL