Changing security settings in WebSphere Application Server with wsadmin
 Technote (troubleshooting)
 
Problem(Abstract)
Security settings that are not valid within IBM® WebSphere® Application Server can prevent the Deployment Manager, NodeAgent, or Application Server from starting. In this case, the administrative console also won't start.
 
Cause
The WebSphere Deployment Manager, NodeAgent, or Application Server might fail to start if:
  • The security settings are set improperly within Application Server
  • Changes occur within the operating system or LDAP server configuration that cause the security settings to become invalid within Application Server.
 
Resolving the problem
Use the wsadmin batch / script to disable security when the Deployment Manager, NodeAgent, or Application Server does not start because of security settings that are not valid within WebSphere.
When WebSphere Deployment Manager is installed
This procedure assumes that there is at least one federated Application Server, which is the typical case when the Deployment Manager is installed.

  1. Ensure that no Java™ processes related to Application Server are running.

  2. Disable security for WebSphere:

    1. cd $WAS_HOME/bin for the Deployment Manager.

    2. Issue the wsadmin -conntype NONE command. (Issue ./wsadmin.sh -conntype NONE for UNIX®. ) Wait until wsadmin responds.

    3. Issue the securityoff command (no space between security and off).

    4. Issue the exit command.

  3. Restart WebSphere. (Start Deployment Manager first, then NodeAgent; you do not need to restart servers at this point.)

  4. Log on to the ND administrative console.

  5. Make the required security setting changes.

  6. Click Apply, then click Save, then click OK to save the master configuration and synchronize the change to all nodes.

  7. Log out of the administrative console.

  8. Stop Deployment Manager and the NodeAgent.

  9. Start Deployment Manager, the NodeAgent, (in that order) and then start any Application Servers.

When a stand-alone Application Server is installed
This procedure assumes that the application server is Base, meaning that it is NOT federated within a Deployment Manager cell.

  1. Ensure that no Java processes related to Application Server are running.

  2. Disable security for Application Server.

    1. cd $WAS_HOME/bin for the Application Server.

    2. Issue the wsadmin -conntype NONE command. (Issue ./wsadmin.sh conntype NONE for UNIX®. ) Wait until wsadmin responds.

    3. Issue the securityoff command (no space between security and off).

    4. Issue the exit command.

  3. Restart the Application Server.

  4. Log on to the administrative console.

  5. Make the required security setting changes.

  6. Click Apply, then click Save, then click OK to save the master configuration.

  7. Log out of the administrative console.

  8. Stop the Application Server.

  9. Start the Application Server.
 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
Historical Number
90600
000
672
 
Product Alias/Synonym
WAS
 
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): Windows
Software version: 5.1
Software edition:
Reference #: 1173912
IBM Group: Software Group
Modified date: Aug 23, 2007