Installing a practice runtime on z/OS

Use this task to practice installing WebSphere Application server for z/OS. If you are installing the product for the first time without migration from an earlier version, it is helpful to install a practice runtime in order to learn the install and customization process.

Before you begin

Note the following tips when you install your practice runtime:

Why and when to perform this task

You should install a practice runtime when you are installing WebSphere Application Server on z/OS for the first time and you want to learn the steps to install and customize.

Steps for this task

  1. Run through the Dialog and follow all the steps for configuring a security domain up. View the generated instructions.
  2. Follow the generated security domain instructions, which execute the BBOSBRAJ and BBOSBRAK jobs.
  3. Issue the RACF commands necessary to define the users, groups, profiles, and SSL digital certificates that are effective for all WebSphere Application Server for z/OS runtime servers.
  4. Save your security domain definition.
  5. Run through the Dialog and follow all the steps for configuring a base Application Server. View the generated instructions.
  6. Perform the manual configuration updates in the generated base Application Server instructions.
    These steps affect parts of your system that are usually controlled. These are changes that your systems programmer responsible for this z/OS system should review.

    Note: You can use "canned" jobstreams to update WLM, SYS1.PARMLIB, and the TCP/IP configuration, however most installations do not allow this.

  7. Create your logstreams and data sets.
    The first four jobs (BBOMSGC - BBOWCTR) are straightforward system programming tasks.
  8. Update your server-specific security definitions.
    The next two jobs (BBOCBRAJ and BBOCBRAK) generate and then issue the RACF commands necessary to define the users, groups, profiles, and permissions for the WebSphere Application Server for z/OS runtime servers. The recommended approach is to run the jobs that generate the commands and simplify the profile names.

    Submit the BBOCBRAK job, or take it and the BBOCBRAJ job to your security administrator for approval. Your security administrator should issue those commands or submit the supplied jobstreams. If your installation has different profiles structures, you may have to modify the RACF commands generated by these execs to suit your particular needs.

    Note: Your installation must have "list of groups" on for these to work, because the servers must be connected to the WebSphere Application Server for z/OS administrator group.

    After you get the runtime up and successfully run the Installation Verification Test (IVT), you may want to replace the built-in administrators defined for WebSphere Application Server for z/OS, or at least change their passwords. If you want to prevent the user IDs assigned to started tasks from being used to sign on or submit jobs, you can make the user ID protected by adding the keywords NOPASSWORD and NOOIDCARD to the user's RACF profile.

    If you have some other security product such as Top Secret or ACF2 instead of RACF, then you must put the RACF commands into the appropriate syntax.

    Note: Ask your customer's security administrator to contact the vendor (CA) for the latest maintenance and guidance on WebSphere Application Server for z/OS customization.

  9. Create and populate the configuration hierarchal file system (HFS).
    The next three jobs (BBOWCHFS - BBOMCFG) and BBOWCPY2 run BPXBATCH shell scripts to define, customize, and load data into the configuration HFS and manipulate the ownership and permission attributes. For this reason these jobs must be submitted with job ownership of a user with a UID=0 (despite what the instructions say):
    • Submit by a user with a UID=0,
    • Submit by a user with surrogate access to a user ID with UID=0, or
    • Specify the user ID and password of a user ID with UID=0 on the JOB card.
    Review the output of these jobs so you can see where the configuration files were built and how the directories are structured. Also note that ownership is reassigned to the WebSphere administrator and permission bits are set so you must be connected to that group to even read them.

Results

After you finish running through the instructions with these simplified instructions, you have set up a practice run time. You can uninstall it and reinstall WebSphere Application Server for z/OS for your actual environment.

What to do next

Some common mistakes to watch out for:

Related concepts
Simplifying your installation



Searchable topic ID:   tinspracticeinstall
Last updated: Jun 21, 2007 9:56:50 PM CDT    WebSphere Application Server for z/OS, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.websphere.zseries.doc/info/zseries/ae/tins_practiceinstall.html

Library | Support | Terms of Use | Feedback