AIX^(TM)

The instructions for uninstalling AIX are incomplete. Use the procedures described below instead.

Notes:

• Be aware of any dependency other computers in your domain may have on the components you remove. For example, do not remove the LDAP directory if other computers with On-Demand Server are still using it.

• You must have root user privilege to remove all or part of an On-Demand Server environment.

• If you intend to reinstall On-Demand Server, you do not need to remove your Web server.

• The instructions below assume you have all components installed on one machine. You may only need to perform part of these steps, depending on which components are installed.

Steps:

1. Using the table in the AIX Uninstalling documentation, decide what component-related software you need to remove. The remaining steps assume everything, including LDAP, are installed on one machine. Also take care to remove only software installed by On-Demand Server, and not your own preexisting software that may have been used by On-Demand Server but that you may still need.

2. Stop the web server.

3. Look for any remaining Java OutOfProcEngine process and stop it if it is running:

       ps -ef | grep java                              
       kill -9 pid from output of previous command     
   

4. If LDAP is installed, find and stop the slapd process:

       ps -ef | grep slapd                             
       kill -9 pid from output of previous command     
   

5. Stop any active DB2 instances and processes and cleanup related data. DB2 is installed along with the LDAP or operations management server installation selections.

   Caution: These commands will delete the DB2 databases used for storing operations management data and On-Demand Server directory data if these components were installed on this computer. Before deleting these databases, make sure you either have a backup computer with these databases or that you intend to rebuild a new On-Demand Server domain without this data.

   The example below uses db2admin for the DB2 administrator's ID. Substitute the appropriate DB2 administrator ID when you issue these commands.

       su - ldapdb2 -c "db2 stop database manager"     
       su - db2admin -c "db2 stop database manager"    
       /usr/lpp/db2_05_00/instance/db2idrop ldapdb2    
       /usr/lpp/db2_05_00/instance/db2idrop db2admin   
       rmuser db2admin                                 
       rmuser ldapdb2                                  
       rmuser ldap                                     
       rmuser db2fenc1                                 
       rmgroup ldap                                    
       rmgroup db2admin                                
       rmgroup ldapdb2                                 
       rmgroup db2fadm1                                
       rm -rf /home/ldapdb2                            
       rm -rf /home/db2admin                           
       rm -rf /home/db2fenc1                           
       rm -rf /var/db2                                 
       ps -eflgrep db2jdlgrep -v greplawk '{print $2}' 
       kill -9 pid from output of previous command     
   

6. Use smitty to uninstall the following filesets:

   DB2	db2_05_00.client db2_05_00.cnvucs db2_05_00.conn db2_05_00.conv.jp db2_05_00.conv.kr db2_05_00.conv.sch db2_05_00.conv.tch db2_05_00.cs.drda db2_05_00.cs.ipx db2_05_00.cs.rte	db2_05_00.cs.sna db2_05_00.das db2_05_00.db2.engn db2_05_00.db2.rte db2_05_00.db2.samples db2_05_00.esrv db2_05_00.jdbc db2_05_00.odbc db2_05_00.repl
   WebSphere Application Server	IBMWebAS.base.plug-in_name IBMWebAS.base.core IBMWebAS.en_US.core IBMWebAS.en_US.resources	plug-in_name represents the Web server being used with WebSphere Application Server en_US is the language fileset for English. Indicate other filesets as appropriate for your system.
   On-Demand Server	OnDemand.base.rte
   GS Kit	Export: gskre301.base gskrf301.base	Secure: gskru301.base gskrf301.base
   LUM	ifor_ls.jcs
   LDAP	ldap.client.adt ldap.client.rte ldap.server.admin	ldap.server.com ldap.server.rte

7. Look for any residual LDAP configuration files in /etc and remove them if present:

       cd /etc                                                  
       ls -l slapd*                                             
       rm any files that show up in output of previous command  
       ls -l *IBM*                                              
       rm any files that show up in output of previous command  
          (there should be 2 of these)                          
   

8. Look for any residual files left over after products are uninstalled (the following are the most likely candidates):

       cd /usr/lpp            
       rm -rf OnDemand.base   
       rm -rf IBMWebAS        
   

9. Look for any residual files left over in /tmp that might prevent a successful reinstall.

       cd /tmp                 
       rm -rf .asibmappserve   
       rm -rf SQLDIR.LK0       
   

10. Restart your Web server.

Solaris^(TM)

The instructions for uninstalling On-Demand Server on Solaris are incomplete. Use the procedures described below instead.

Notes:

• Be aware of any dependency other computers in your domain may have on the components you remove. For example, do not remove the LDAP directory if other computers with On-Demand Server are still using it.

• If you intend to reinstall On-Demand Server, you do not need to remove your Web server.

• You must have root user privilege to remove all or part of an On-Demand Server environment.

• The instructions below assume you have all components installed on one machine. You may only need to perform part of these steps, depending on which components are installed.

Steps:

1. From the Solaris command line prompt, log in as root user.

2. Using the table in the Solaris Uninstalling documentation, decide what component-related software you need to remove. The remaining steps assume everything, including LDAP, are installed on one machine. Also take care to remove only software installed by On-Demand Server, and not your own preexisting software that may have been used by On-Demand Server but that you may still need.

3. Stop the web server.

4. If LDAP is installed, find and stop the slapd process:

    ps -ef | grep slapd                             
    kill -9 pid from output of previous command     
   

5. From the local Solaris computer, enter:

    pkgrm package_ID         
   

   where package_ID can be any or all of the following:

   • IBMenodSV for On-Demand Server (including toolkit)
   • IBMWebAS for WebSphere Application Server
   • IBMldaps for LDAP Directory (server)
   • IBMldapc for LDAP Directory (client)
   • LUM for License Use Management (runtime)
   • LUM-JCS for License Use Management (client)
   • gskru301 for Global Security Kit (domestic version)
   • gskre301 for Global Security Kit (export version)

   To specify multiple packages, separate each with a space in the command.

6. Stop any active DB2 instances and processes and cleanup related data. DB2 is installed along with the LDAP or operations management server installation selections.

   Caution: These commands will delete the DB2 databases used for storing operations management data and On-Demand Server directory data if these components were installed on this computer. Before deleting these databases, make sure you either have a backup computer with these databases or that you intend to rebuild a new On-Demand Server domain without this data.

   The example below uses db2admin for the DB2 administrator's ID. Substitute the appropriate DB2 administrator ID when you issue these commands.

     su - db2admin -c "db2 deactivate database opmgrdb"  
     su - db2admin -c "db2 stop database manager"        
     /opt/IBMdb2/V5.0/instance/db2idrop db2admin         
     userdel -r db2admin                                 
     userdel -r db2fenc1                                 
     groupdel db2admin                                   
     groupdel db2fadm1                                   
     su - ldapdb2 -c "db2 stop database manager"         
     /opt/IBMdb2/V5.0/instance/db2idrop ldapdb2"         
     userdel  -r  ldapdb2                                
     groupdel  ldapdb2                                   
     ps -ef  |  grep db2                                 
     kill -9 pid from output of previous command         
     rm -rf /var/db2                                     
   

7. Remove DB2.

     /shared_dir/install/Db2/db2_deinstall -n  
   

   or

     /cdrom/ibm-ondemand/Db2/db2_deinstall -n   
   

8. Look for any residual LDAP configuration files in /etc and remove them if present:

     cd /etc                                                  
     ls -l slapd*                                             
     rm any files that show up in output of previous command  
     ls -l *IBM*                                              
     rm any files that show up in output of previous command  
        (there should be 2 of these)                          
   

9. Look for any residual files left over in /tmp that might prevent a successful reinstall

     cd /tmp                
     rm -rf .asibmappserve  
     rm -rf SQLDIR.LK0      
   

10. Restart your Web server.

Windows NT

Before you uninstall On-Demand Server, make sure you stop the following services (if present):

1. WebSphere Servlet Service
2. Your Web server
3. IBM ODS Platform Authentication Service
4. eNetwork Directory
5. DB2 - LDAPDB2
6. BD2 - DB2DAS00
7. DB2 - DB2

After you remove On-Demand Server and reboot the computer, remove the following directories:

• /Db2
• /Ibm/Gsk
• /Jdk1.1.7
• /ifor
• /Ldap
• /Ldapdb2
• /onDemand
• /Sqllib
• /WebSphere

LDAP SSL for AIX, Solaris, and Windows NT

The following are the updated instructions for enabling SSL on IBM LDAP Directory Server using a personal certificate on AIX, Solaris, and Windows NT. Make sure the LDAP directory is already configured for a Web server before starting these steps.

Note: On Solaris, run the following script from the product CD before you start these procedures:

   drive:/instmgr/cpciphirs.sh  

1. Create a CMS key database file and personal certificate:

   1. Open the Global Security Kit interface.
      • On AIX, as root, enter the ikmgui command from the /usr/lpp/ibm/gsk/bin/ directory.
      • On Solaris, as root, enter the ikmgui command from the /opt/ibm/gsk/bin/ directory.
      • On Windows NT, enter the ikmguiw command from the \IBM\GSK\bin\ directory.
   2. Select Key Database File New.
   3. Change the file name to ldapkeyring.kdb -- do not change any other default entries -- then, click OK. The file is stored in the gsk/bin directory.
   4. Enter the password/confirmation, then click OK. Make sure you remember this password. This is the keyring file password that you will need to enter in a later step.
   5. Within the Key database content panel, change Signer Certificates to Personal Certificates in the drop down menu.
   6. In the lower right corner, click New Self Signed.
   7. Enter a key label, for example, ldapkey. Do not change the key version from X509 V3. For export versions, keep the default key size of 512. For US versions, change the key size to 1024.
   8. Change the common name to be the fully qualified host name of your IBM Directory Server.
   9. In Organization, enter your company name, then, enter any optional information you want to include.
   10. Select your country.
   11. Increase the validity period or keep the default to expire after a year.
   12. Click OK to close the window and create the certificate. You are returned to the IBM Key Management window and the entry for your new certificate is displayed.
   13. Select the certificate that you just created and click Extract Certificate.
   14. In the Extract Certificate to a file dialog, change the data type to SSLight key database class.
   15. Change the certificate file name to ldapkeyring.class.
   16. Click OK to create the file and close the dialog.
   17. Select Key Database File Exit to close the window and save your changes.

   You should have created the following files:

   Operating system	Files created
   AIX	/usr/lpp/ibm/gsk/bin/ldapkeyring.kdb /usr/lpp/ibm/gsk/bin/ldapkeyring.class
   Solaris	/opt/ibm/gsk/bin/ldapkeyring.kdb /opt/ibm/gsk/bin/ldapkeyring.class
   Windows NT	install_drive:\IBM\GSK\bin\ldapkeyring.kdb install_drive:\IBM\GSK\bin\ldapkeyring.class

2. Set the key database file in the IBM LDAP Directory Server:

   1. Run the setKeyConfig command.
      • On AIX, run setKeyConfig in /usr/ldap/sbin/.
      • On Solaris, run setKeyConfig in /opt/IBMldaps/sbin/ .
      • On Windows NT, run setKeyConfig.exe in install_drive:\LDAP\bin\ .
   2. For the Directory Server Administrator ID, enter the administrator distinguished name (DN).
   3. For the Directory Server Administrator Password, enter the administrator DN password.
   4. For the Keyring filename, the full path for ldapkeyring.kdb must be entered with a forward slash.
      • On AIX, enter /usr/lpp/ibm/gsk/bin/ldapkeyring.kdb
      • On Solaris, enter /opt/ibm/gsk/bin/ldapkeyring.kdb
      • On Windows NT, enter install_drive:/IBM/GSK/bin/ldapkeyring.kdb
   5. For the Keyring file password, enter the password that you set for the key database.

3. Turn on SSL support for the IBM LDAP Directory Server:

   1. If you have not already done so, configure your Web server for LDAP Administration by executing the LDAP configuration command.
      • On AIX, run /usr/ldap/sbin/ldapcfg.
      • On Solaris, run /opt/IBMldaps/sbin/ldapcfg.
      • On Windows NT, run install_drive:\LDAP\bin\ldapxcfg.exe.
   2. Start your Web server.
   3. Launch a browser to go to the following URL: http://server/ldap.
   4. For the User ID, enter the administrator DN.
   5. For the Password, enter the administrator DN password.
   6. In the panel to the left, select Server SSL, then select SSL On. Keep the default port set to 636.
   7. Click Apply.
   8. Click the V3 cipher link and check all the encryption algorithms, then click Apply.
   9. Click Restart; it is a black circle with a vertical bar in the middle in the upper right corner.

4. Update ldapkeyring.class with your own personal certificate. To do this you must copy this file from your IBM Directory Server and replace it on each On-Demand Server.

   • For AIX, replace /usr/lpp/IBMWebAS/web/onDemand/classes/ldapkeyring.class
   • For Solaris, replace /opt/IBMWebAS/web/onDemand/classes/ldapkeyring.class
   • For Windows NT, replace install_drive:\WebSphere\AppServer\web\onDemand\classes\ldapkeyring.class
   • For OS/390^TM, enter cp ldapkeyring.class /usr/lpp/OnDemand.base/onDemand/classes/ldapkeyring.class

5. Open the Options window of the Admin Center and change the LDAP SSL parameters for On-Demand Server to match that of LDAP.

   1. Click the LDAP Directory tab and enter 636 for the LDAP port .
   2. Click Advanced and select the new LDAP SSL level.
   3. Click OK twice to close both windows and save your changes.

6. Restart On-Demand Server. On-Demand Server will now communicate securely with the IBM Directory Server.

LDAP SSL on OS/390

Before starting this procedure, set the STEPLIB environment variable to find the DLLs for system SSL. The DLLs for system SSL are installed into a partitioned dataset (PDS). These DLLs are not installed into the LINKLIB or LPALIB by default. If they have not been placed in LINKLIB or LPALIB, you must set the STEPLIB environment variable to find the DLLs. Consult your system programmer for the high-level qualifier of the System SSL PDS. In this example, the high-level qualifier for the System SSL PDS is GSKHLQ. In the following command, replace GSKHLQ with the value for your installation:

export STEPLIB=GSKHLQ.SGSKLOAD

Throughout this procedure, you must use the Unix System Services (OE) shell environment with superuser authority.

1. Change to the /usr/lpp/OnDemand.base/keys directory.

2. Enter the following command:

     export NLSPATH=$NLSPATH:/usr/lpp/OnDemand.base/lib/%N  
   

3. Enter the ikeyman command to access the IBM Key Management Utility. Within the IBM Key Management Utility:
   1. Enter 1 to choose Option 1 - Create new key database.
      1. Enter the key database name ldapkeyring.kdb
      2. Enter a password and record it for later use.
      3. Verify the password.
      4. At your option, set the password to expire.
      5. If you set the password to expire, enter the expiration time.
      6. Enter 1 to continue working with the database.

   2. Enter 5 to choose Option 5 - Create a self-signed certificate.
      1. Press Enter to accept the default version number 3.
      2. Enter a key label.
      3. Enter 1 for key size 512
      4. Enter your own values for the following self-signed certificate information (identical to the certificate information). At a minimum, enter values for the required fields. For Common Name, enter the server's fully qualified host name.
         • Common Name (required)
         • Organization (required)
         • Organizational Unit (optional)
         • City/Locality (optional)
         • State/Province (optional)
         • Country Name (required 2 characters)
      5. Enter the number of days the certificate will be valid (365 is the default).
      6. Press Enter to set the key as default in your key database.
      7. Press Enter to save the certificate to a file.
      8. Enter 2 to save the certificate to a binary file.
      9. Enter ldapkeyring.der for the file name.
      10. Enter 0 to stay in ikeyman.

   3. Enter 11 to choose Option 11 - Store encrypted database password.

   4. When processing for option 11 completes, enter 1 to exit ikeyman.

4. Enter crtldapkeyring.sh and wait for the two "Done" messages. This should generate an ldapkeyring.class file.

5. Update ldapkeyring.class with your own personal certificate. To do this you must copy this file from your IBM Directory Server and replace it on each On-Demand Server.
   • For AIX, replace /usr/lpp/IBMWebAS/web/onDemand/classes/ldapkeyring.class
   • For Solaris, replace /opt/IBMWebAS/web/onDemand/classes/ldapkeyring.class
   • For Windows NT, replace install_drive:\WebSphere\AppServer\web\onDemand\classes\ldapkeyring.class
   • For OS/390, enter cp ldapkeyring.class /usr/lpp/OnDemand.base/onDemand/classes/ldapkeyring.class

6. Edit the LDAP configuration file with the following command:

     vi /etc/slapd.conf  
   

7. Change the parameters in slapd.conf as indicated below:

   securePort	        636                                             
   security	        ssl                                             
   sslCipherSpecs          12288                                           
   sslKeyRingFile          "/usr/lpp/OnDemand.base/keys/ldapkeyring.kdb"   
   sslKeyRingFilePW	your password                                   
   

   Note: You will not see the sslCipherSpecs parameter in the file. Instead, you will have to add it to a new line. If you intend to use strong encryption, and if it is available, specify 15360 for sslCipherSpecs. For more information about all of the parameters and values in slapd.conf, see eNetwork LDAP Server Administration. When you are finished, save your changes and exit the file.

8. Open the Options window of the Admin Center and change the LDAP SSL parameters for On-Demand Server to match that of LDAP.
   1. Click the LDAP Directory tab and enter 636 for the LDAP port .

   2. Click Advanced and select the new LDAP SSL level.

   3. Click OK twice to close both windows and save your changes.

9. Enter the following command to restart the IBM Directory Server.

     slapd -f /etc/slapd.conf  
   

10. Restart On-Demand Server. On-Demand Server will now communicate securely with the IBM Directory Server.

HTTP Server might not start from the Windows NT Services menu

• To start the HTTP Server without using Services, open a system command prompt and enter the command, apache .

• If you want to start the HTTP Server from Services and you have not yet enabled SSL:
  1. Open Services from the Control Panel.
  2. Select IBM HTTP Server.
  3. Click Startup.
  4. Make sure This Account is select.
  5. Re-enter your password in both fields.
  6. Click OK to exit.

• If you want to start the HTTP Server from Services and you have already enabled SSL, you might have to start it twice before it will successfully run.

Using HTTP Server version 1.3.3.1

WebSphere Application Server version 2.02 on Windows NT does not detect IBM HTTP Server version 1.3.3.1. It does detect IBM HTTP Server version 1.3.3. To install On-Demand Server and Application Server version 2.02 on a computer with IBM HTTP Server version 1.3.3.1:

1. Click Start Run regedit.

2. Rename the software registry key from:

   HKEY_LOCAL_MACHINE\SOFTWARE\IBM\HTTP Server\1.3.3.1
   to:
   HKEY_LOCAL_MACHINE\SOFTWARE\IBM\HTTP Server\1.3.3

3. Rename the uninstall registry key from:

   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HTTP Server 1.3.3.1
   to:
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HTTP Server 1.3.3

4. Install On-Demand Server which will silently install WebSphere Application Server version 2.02 .

5. After On-Demand Server is installed but before rebooting the system, restore the registry keys back to 1.3.3.1.

6. Reboot the system.

If you installed On-Demand Server before changing the registry entry, HTTP Server version 1.3.3.1 will not start the WebSphere Servlet Service and On-Demand Server automatically. To get IBM HTTP Server to start On-Demand Server:

1. Make sure you have enabled HTTP Server for SSL.

2. Copy the lines found in the file, drive:\WINNT\conf\conf\httpd.conf.
   Note: This file may be found in other locations on the /WINNT directory. To make sure you have the right file, verify that you are copying six lines of text, as in the following example:

    LoadModule ibm_app_server_module C:/WebSphere/AppServer/plugins/nt/mod_ibm_app_server.dll 
    Alias /IBMWebAS/samples/  "C:/WebSphere/AppServer/samples/"                               
    Alias /IBMWebAS/  "C:/WebSphere/AppServer/web/"                                           
    NcfAppServerConfig BootFile  C:\WEBSPH~1\APPSER~1\properties\bootstrap.properties         
    NcfAppServerConfig LogFile  C:\WebSphere\AppServer\logs\apache.log                        
    NcfAppServerConfig LogLevel  TRACE|INFORM|ERROR                                           
   

3. Paste these lines to the bottom of the file, drive:\Program Files\IBM HTTP Server\conf\httpd.conf

  startsrc -e "LC_ALL=ko_KR" -s httpd  

LDAP and DB2

If LDAP is installed on the same computer as DB2 and DB2 is version 5.0, LDAP requires a PTF (program temporary fix). For the AIX platform, the PTF is U457337F. For the NT platform, the PTF is US9044F.

For LDAP and DB2 performance enhancement information, see the On-Demand Server Hints and Tips Web site.

Problems reinstalling LDAP

LDAP reinstallation might fail on Windows NT if you do not delete the /Ldap and /Ldapdb2 directories and described in Windows NT Uninstallation. Delete these directories and try to install again.

LDAP help files in traditional Chinese

If you are using Netscape Communicator to view LDAP help on the LDAP Directory Server and your language setting is traditional Chinese, all the help files are unreadable. This is a Netscape problem. Use Microsoft Internet Explorer to view the LDAP help files in traditional Chinese.

LDAP and Lotus Domino Go Web server

After installing LDAP in conjunction with Lotus Domino Go Web server, if you have problems loading the web-based administration tool, edit the httpd.conf file and reverse the order of the following two lines:

             Pass /ldap/* ...
             Exec /ldap/cgi-bin/* ...

The corrected config file should now look like:

             Exec /ldap/cgi-bin/* ...
             Pass /ldap/* ...    

When the Pass statement occurs before the Exec statement, the LDAP configuration program does not start.

Reboot your Web server after making this change.

LDAP and On-Demand Server domains

Multiple On-Demand Server domains on a single LDAP server must be placed under different parent objects. However, On-Demand Server does not support sharing user and user group information among domains.

LDAP password expiration

The LDAP password expiration field, Password lifetime (days), on the Security tab of the Options panel in the Admin Center does not work.

LDAP and Windows NT

• If all of the following are true, On-Demand Server might fail to start:
  • On-Demand Server and LDAP are installed on the same machine.
  • The Web server is set to automatically start in the Services menu.
  • LDAP is configured for SSL.

  This is because LDAP must be started before the Web server. To fix the problem:

  1. Open Services from the Control Panel.
  2. Stop the Web server (if started).
  3. Stop the Websphere Servlet Service (if started).
  4. Start the Web server.

• On Windows NT, before uninstalling LDAP, you must stop DB2 or the uninstall will fail. See Windows NT Uninstallation for more information.

• After restarting from a silent installation on Windows NT, creation of the On-Demand Server domain in LDAP fails because the file MessageTraceConfig.properties cannot be found. To fix this problem, after LDAP installation is completed, copy MessageTraceConfig.properties from your WINNT directory (usually c:\winnt) to the directory that is set as the environment $TEMP (usually c:\temp), and then restart the computer to create the On-Demand Server domain. The LDAP installation and configuration will then complete successfully.

LDAP and Solaris

To restart the IBM LDAP directory server on non-English Solaris, issue the following commands at a shell prompt:

    LANG=C                 
    LC_CTYPE=C             
    export LANG LC_CTYPE   
    slapd                  

DB2 version 5.0 and On-Demand Server

For AIX, Solaris, and Windows NT, if you already have DB2 v5.0 installed you must upgrade to DB2 v5.2 with Fixpack 8 before installing any On-Demand Server components.

DB2 and Solaris

In order to run either the operations management server or LDAP server on a Solaris machine, the following DB2 system variable must be added to the /etc/system file:

	set semsys:seminfo_semmsl = 50

You must restart the computer for the change to take effect. This variable change is in addition to those listed in the Solaris installation document.

DB2 uninstall

If DB2 is being uninstalled as part of a migration or upgrade, the database should not be dropped. The DB2 drop command completely destroys the database and eliminates any chance of recovering it. It is especially important not to drop the LDAPDB2 instance and database.

When DB2 is installed on Windows NT, a default instance called DB2 is created. The instance uses a directory tree by the same name as the instance name, to hold the databases and other data.

After uninstalling the database, manually delete all the /Db2 and /Ldapdb2 directories created during the install process. Delete these directories before re-installing the database. Also delete the /Sqllib directory. The /Sqllib directory contains all the DB2 product files. Deleting these directory trees before the second install will allow the database create function to work correctly.

To recover these databases, use the add command in the DB2 Control Center (db2cc command) to:

• Add the database OPMGRDB to instance DB2 (when installing the operations management server on the local machine)
• Add database LDAPDB2 to instance ldapdb2 (when installing the LDAP Directory server on the local machine)

Netscape and DBCS

DBCS (Double Byte Character Set) text in the Netscape Java console is unreadable.

Netscape and JVM

JVM does not support entering Alt + GR on certain languages.

Netscape problems on client

When a client accesses the On-Demand Server launcher or Admin Center through Netscape and a Netscape error occurs:

1. Verify that your computer color settings are greater than 16 colors.

2. To determine your current settings, on Windows NT, click:

   Start Settings Control Panel Display Settings

3. Rename or delete existing *.db files and force Netscape to recreate them.

   Note:  Close all Netscape programs and windows before renaming or deleting these files. The location of these files will vary depending on where Netscape was installed. Generally these files are located in directory:

   drive:\Program Files\Netscape\Users\default

Netscape and On-Demand Server

You may encounter the following problems when using Netscape 4.51 with On-Demand Server. These problems are Netscape function restrictions and are not specific to On-Demand Server.

• Launching the Admin Center or Desktop Launcher under Netscape will always require new files (HTML, class, JAR, and so on) to be loaded; caching is disabled. If you are connecting using a slow link, such as a dial-up connection, Internet Explorer will provide a faster response since caching is available.

• Intermittent errors may occur when a URL that is not language-specific is launched. For example, launching the documentation using http://hostname/IBMWebAS/onDemand/index.htm and allowing automatic determination of the correct locale may cause errors on some double-byte clients. If you encounter such problems, modify the documentation URL to specify the specific locale you want. For example, on a Japanese system, modify the URL to be http://hostname/IBMWebAS/onDemand/ja/index.htm. We do not recommend modifying the URLs of the Admin Center and launcher.

Netscape and Solaris

The documentation does not display correctly when using the Netscape browser on Solaris configured for traditional Chinese. As an alternative, the HotJava Browser from Sun may be used.

JDK on AIX

On-Demand Server requires JDK on the AIX platform to be version 1.1.6.6.

Web servers on AIX

After installing On-Demand Server and before starting the Web server on AIX simplified Chinese and Japanese computers, the file /etc/httpd/config/lang/httpd.conf (where lang represents the language returned by the locale) must be copied to /etc/httpd.conf. This modification is necessary to be able to run the Web server and WebSphere Application Server.

Solaris and JIT

On-Demand Server requires the JIT (Just In Time) compiler for the Solaris platform to be turned off for proper operation.

To turn off the JIT compiler, in the IBM WebSphere Application Server properties file, specify none for the java.compiler parameter:

      java.compiler=none

This parameter is located in the bootstrap.properties file for Application Server version 2.0, and in the jvm.properties file for Application Server version 1.1.

Solaris and the Web server

Before installing On-Demand Server, copy the file /IBMWebAS/response.res from the product CD to the /tmp directory. Edit the file and change the HTTPSERVERS environment variable to indicate all supported Web servers for which WebSphere Application Server must supply plugins.

HTTPSERVERS keywords for the Web servers packaged with On-Demand Server are:

• IBMHTTP133 for IBM HTTP Server
• APACHE132 for Apache Web server
• LGW for Lotus Domino Go Webserver
• NS301 for Netscape FastTrack 3.01
• NS351 for Netscape Enterprise Server 3.6.1

To enable support for the Web server, do the following after installing On-Demand Server but before running it.

1. Locate the start script for each Web server that you are using.
   • Apache - install_directory/bin/apachectl
   • IBM HTTP Server - /opt/HTTPServer/sbin/apachectl
   • Lotus Domino Go - /etc/rc2.d/S88go_httpd
   • Netscape FastTrack 3.01 - install_directory/suitespot/httpd-hostname/start
   • Netscape Enterprise Server 3.6.1 - install_directory/suitespot/https-hostname/start

2. Edit each start script, and add the following lines near the top of the file, after the #!/bin/sh declaration:

     LD_LIBRARY_PATH=/usr/java/lib/sparc/native_threads:  \           
     /opt/IBMWebAS/plugins/sun:  \                                    
     /usr/lib:   \                                                    
     /opt/OnDemand.base/bin:  \                                       
     /opt/IBMdb2/V5.0/lib                                             
     LIBPATH=$LD_LIBRARY_PATH                                         
     DB2INSTANCE='awk -e 'BEGIN (FS="=") /jdbcUserID=/ { print $2 }'  
     /opt/OnDemand.base/etc/domaininfo.properties'                    
     THREADS_FLAG=native                                              
     export LD_LIBRARY_PATH LIBPATH DB2INSTANCE THREADS_FLAG          
   

   Note: For Netscape FastTrack and Enterprise servers, the start scripts for both the secure and non-secure instaces must be modified.

3. To use On-Demand Server with either IBM HTTP Server or Apache freeware, you must first increase the default limit on the number of open file descriptors per process:
   • To determine the current limit, type:
     ulimit -a
     at the command prompt. The default is 64 files.

   • To change the default, type:
     ulimit -n m
     where m is the number of file descriptors per process. Since 512 is the recommended value, enter:
     ulimit -n 512

   • To verify the change is in effect, rerun:
     ulimit -a

     Note:The open file descriptor value that you specified is only in effect for the login session where you changed it. If you restart On-Demand Server or reboot your machine, run ulimit again before restarting the Web server.

4. Start On-Demand Server by starting the Web server.

Solaris and swap space

Operations management server and LDAP server require that users have at least 190 MB of swap space.

Solaris and encryption

On-Demand Server will not function if strong encryption enabled on Solaris.

Solaris and the changePassword applet

The change native database password applet that is invoked through URL http://server/IBMWebAS/onDemand/changePassword.html does not function on Solaris. If attempted, the change password panel is presented and input is accepted, but the password is not changed. Also there is no error indication that the password was not changed.

Unattended install on AIX, Solaris, and Windows NT

The name of the sample install.script file located in the /instmgr directory has changed to installscript.sample.

You must modify the sample files serverconfig.script and dmcreate.script before running install.script; you cannot process these two samples using only the default settings. After modifying these sample files, change the following entries in install.script to indicate the fully qualified path and file names for your modified files:

	odsconfigfile=path_and_filename
	Ldapdmconfigfile=path_and _filename

You can override your odsconfigfile entry and indicate an alternative response file from the command line. This is useful when you want to change the startup parameters on a local computer after you have distributed an identical install.script file to all computers. To override the odsconfigfile entry, use the configfile option when you run install.script:

   Install /p install.script configfile=new_path_and_filename

You cannot override the Ldapdmconfigfile entry from the command line.

Windows NT FAT file system

On a Windows NT 4.0 with a FAT file system, On-Demand Server and WebSphere Application Server cannot be accessed when running Internet Information Server, version 3. This occurs because Application Server installs with path names that contain double backslashes (\\). Internet Information Server does not understand double backslashes when the file system on which the Application Server home directory resides (c:\websphere\appserver, by default) is FAT.

The problem does not cause errors to appear in any log files, and everything will seem to start up fine. However, if you point a browser to http://your_server/IBMWebAS/onDemand/desktopLauncher.html or http://your_server/IBMWebAS/onDemand/adminCenter.html, you will receive a 400 error (bad request).

To remedy this:

1. Start the Microsoft Internet Service Manager.
2. Double-click the WWW service.
3. Select the Directories tab. You should see three entries containing WebSphere.
4. Highlight each of the entries and select Edit Properties.
5. Change any double backslashes to single backslashes.
6. Click OK to close the window and save your changes.

Alternatively, you can convert your file system to NTFS.

Changing the DB2 password for On-Demand Server

Read this if you are:

installing the operations management server ...
on AIX, Windows NT, or Solaris ...
and DB2 is not previously installed.

When installing the operations management server, DB2 is installed using a default administrator ID (db2admin) and password that is shipped and published in that product's documentation. (You can set the administrator ID and password during installation on Solaris and AIX, but not on Windows NT.) After installing the operations management server, you should change the DB2 administrator password used by On-Demand Server to protect the system from unauthorized access. If LDAP is installed on the same server, you should also change the DB2 password used by LDAP. If you already have DB2 set up with a unique administrator password before installing On-Demand Server, you do not need to make this change.

1. From the menu bar of the Admin Center, click View Options. The Options window is displayed.
2. Click the Database tab.
3. Update both password fields with the new password.
4. Click OK to close the window and save your changes. Do not restart the servers at this time.
5. On Windows NT only, enter the command db2admin setid db2admin password where password is the new password.
6. From the operations management server, use the operating system's native utilities to change the password for the DB2 account used by On-Demand Server (db2admin).
7. Restart all servers from the Admin Center.

Changing the DB2 password for LDAP

Read this if you are:

installing the LDAP directory from the product CD ...
on AIX, Windows NT, or Solaris ...
and DB2 is not previously installed.

When installing the LDAP directory from the On-Demand Server product CD, DB2 is installed using a preset administrator ID (ldapdb2) and password. After installing LDAP, you should change the DB2 administrator password used by LDAP to protect the system from unauthorized access. If the operations management server is installed on the same server, you should also change the DB2 password used by On-Demand Server. If you already have DB2 set up with a unique administrator password before installing LDAP, you do not need to make this change.

Before you follow these steps, make sure the Web server is configured for LDAP. Read the instructions for Windows NT, Solaris, or AIX. At the LDAP directory server:

1. Stop the LDAP directory server.
2. With the operating system's native utilities, change the password for the DB2 account used by LDAP (ldapdb2).
3. Make sure the Web server on the LDAP server is started.
4. Point your browser to the LDAP configuration (http://server/ldap) and login.
5. In the left pane, open Database Properties.
6. Type the new password in the New Password and Confirm Password fields.
7. On the LDAP server, stop the Web server and, if running, the WebSphere servlet service.
8. Stop and restart any running DB2 services on the LDAP server.
9. Start the LDAP directory server.

Init fn="load-modules" funcs="init_exit,service_exit,term_exit" shlib="C:/WebSphere/AppServer/plugins/nt/ns35.dll"
Init fn="init_exit" bootstrap.properties="C:/WebSphere/AppServer/properties/bootstrap.properties"                 
NameTrans from="/IBMWebAS/samples" fn="pfx2dir" dir="C:/WebSphere/AppServer/samples"                              
NameTrans from="/IBMWebAS" fn="pfx2dir" dir="C:/WebSphere/AppServer/web"                                          
service fn="service_exit"                                                                                         

AddUsers parameters -userid admin_ID -password admin_password