After WebSphere Application Server 6.x is installed on multiple
systems being upgraded from version 5.1, you can also migrate the Tivoli Access
Manager 5.1 authorization configuration. This should be performed before the
Application Server is started.
- On the Deployment Manager system, copy the following files from
the version 5.1 directory to the same directory for the version 6.x installation:
- %WAS_HOME%\java\jre\PDPerm.properties
- %WAS_HOME%\java\jre\lib\security\pdperm.ks
-
- %WAS_HOME%\java\jre\PolicyDirector\PDCA.ks
- %WAS_HOME%\java\jre\PolicyDirector\PD.properties
- %WAS_HOME%\java\jre\PolicyDirector\PDJLog.properties
- On the Deployment Manager system, open the PD.properties file with
a text editor and change the pathnames to the correct pathnames for the following
elements, as shown in the following example:
pd-home=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre\\PolicyDirector
pdvar-home=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre\\PolicyDirector
java-home=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre
jar-files=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre\\lib\\ext
\\ibmjcefw.jar,C\:\\Program Files\\WebSphere\\AppServer\\java\\jre\\lib\\ext
\\ibmjsse.jar,C\:\\Program Files\\WebSphere\\AppServer\\java\\jre\\lib
\\ext\\ibmpkcs.jar,C\:\\Program Files\\WebSphere\\AppServer\\java\\jre
\\lib\\ext\\jaas.jar,C\:\\Program Files\\WebSphere\\AppServer\\java\\jre
\\lib\\ext\\local_policy.jar,C\:\\Program Files\\WebSphere\\AppServer
\\java\\jre\\lib\\ext\\PD.jar,C\:\\Program Files\\WebSphere\\AppServer
\\java\\jre\\lib\\ext\\US_export_policy.jar
- On the Deployment Manager system, open the PdPerm.properties file
with a text editor and change all pathnames to the appropriate pathname, as
shown in the following example:
pdvar-home=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre\\PolicyDirector
baseGroup.PDJ<appsvr-servername>MessageFileHandler.fileName=C\:\\Program Files
\\IBM\\WebSphere\\AppServer\\java\\jre\\PolicyDirector\\log/msg__<appsvr-servername>.log
pdcert-url=file\:/c\:/progra~1/IBM/WebSphere/AppServer/java/jre/lib/security/pdperm.ks
baseGroup.PDJ<appsvr-servername>TraceFileHandler.fileName=C\:\\Program Files\\IBM\\WebSphere
\\AppServer\\java\\jre\\PolicyDirector\\log/trace_<appsvr-servername>.log
pd-home=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre\\PolicyDirector
java-home=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre
jar-files=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre\\lib\\ext\\ibmjcefw.jar,
C\:\\Program Files\\WebSphere\\AppServer\\java\\jre\\lib\\ext\\ibmjsse.jar,C\:\\Program Files
\\WebSphere\\AppServer\\java\\jre\\lib\\ext\\ibmpkcs.jar,C\:\\Program Files\\WebSphere
\\AppServer\\java\\jre\\lib\\ext\\jaas.jar,C\:\\Program Files\\WebSphere\\AppServer\\java
\\jre\\lib\\ext\\local_policy.jar,C\:\\Program Files\\WebSphere\\AppServer\\java\\jre\\lib
\\ext\\PD.jar,C\:\\Program Files\\WebSphere\\AppServer\\java\\jre\\lib\\ext\\US_export_policy.jar
Note: For the purposes of this example it is assumed that the Application
Server has been installed on the C drive running Microsoft Windows. If your
Application Server installation is not on the C drive then change the file
paths in the configuration settings accordingly.
Note: The <appsvr-servername> value is located in the PdPerm.properties file.
- Start the Application Server Deployment Manager.
- For each of the managed nodes, copy the following files from the
version 5.1 directory to the same directory for the version 6.x installation:
- %WAS_HOME%\java\jre\PDPerm.properties
- %WAS_HOME%\java\jre\lib\security\pdperm.ks
- %WAS_HOME%\java\jre\PolicyDirector\PDCA.ks
- %WAS_HOME%\java\jre\PolicyDirector\PD.properties
- %WAS_HOME%\java\jre\PolicyDirector\PDJLog.properties
- For each of the managed nodes, open the PD.properties file
with a text editor and change the following configuration elements so that
their specified paths are correct:
pd-home=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre\\PolicyDirector
pdvar-home=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre\\PolicyDirector
java-home=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre
jar-files=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre\\lib\\ext\\ibmjcefw.jar,
C\:\\Program Files\\WebSphere\\AppServer\\java\\jre\\lib\\ext\\ibmjsse.jar,C\:\\Program Files
\\WebSphere\\AppServer\\java\\jre\\lib\\ext\\ibmpkcs.jar,
C\:\\Program Files\\WebSphere \\AppServer\\java\\jre\\lib\\ext\\jaas.jar,C\:\\Program Files
\\WebSphere\\AppServer\\java \\jre\\lib\\ext\\local_policy.jar,C\:\\Program Files\\WebSphere
\\AppServer\\java\\jre\\lib \\ext\\PD.jar,
C\:\\Program Files\\WebSphere\\AppServer\\java\\jre\\lib\\ext\\US_export_policy.jar
- On each of the managed nodes being migrated, open the PdPerm.properties file
with a text editor and change all pathnames to the appropriate pathname, as
shown in the following example:
pdvar-home=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre\\PolicyDirector
baseGroup.PDJ<appsvr-servername>MessageFileHandler.fileName=C\:\\Program Files\\IBM\\WebSphere
\\AppServer\\java\\jre\\PolicyDirector\\log/msg__<appsvr-servername>.log
pdcert-url=file\:/c\:/progra~1/IBM/WebSphere/AppServer/java/jre/lib/security/PdPerm.ks
baseGroup.PDJ<appsvr-servername>TraceFileHandler.fileName=C\:\\Program Files\\IBM\\WebSphere
\\AppServer\\java\\jre\\PolicyDirector\\log/trace__<appsvr-servername>.log
pd-home=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre\\PolicyDirector
java-home=C\:\\Program Files\\IBM\\WebSphere\\AppServer\\java\\jre
config_type=standalone
- Start the node agents and associated application servers on each
of the Application Server nodes that were migrated to version 6.x.