[AIX HP-UX Linux Solaris Windows]

Assigning profile ownership to a non-root user

An installer can create a profile and assign ownership of the profile directory to a non-root user so that the non-root user can start the product for a specific profile. Use this example to accomplish the tasks through commands.

Before you begin

This task assumes a basic familiarity with the manageprofiles command and system commands.

This task uses the following terms:
  • Root users refers to:
    • Root users
    • Administrators
  • Non-root users refers to:
    • Non-root users
    • Non-administrators
  • Installer refers to a root user or a non-root user.

Before you can create a profile, you must install the product.

About this task

Have the installer perform the following steps to create a profile and assign ownership for the profile directory and the logs directory. The ownership is assigned to a non-root user ID that is different from the installer ID. The non-root user needs access to these directories to start the product.

This example creates a default profile.

The commands are split on multiple lines for printing purposes.

Procedure

  1. Create the profile by issuing the following code from a command prompt:
    ./manageprofiles.sh -create -profileName profile01 -profilePath
    app_server_root/profiles/profile01 -templatePath 
    app_server_root/profileTemplates/default 
    manageprofiles.bat -create -profileName profile01 -profilePath 
    app_server_root\profiles\profile01 -templatePath 
    app_server_root\profileTemplates\default 
    
  2. Change ownership of the profile01 profile directory to the user1 non-root user.
    For example, issue the following command:
    chown -R user1 app_server_root/profiles/profile01
    Follow instructions in the Windows® documentation to grant user1 access to the following directory:
    app_server_root\profiles\profile01
  3. Change the ownership of the logs directory for the profile01 profile to the user1 non-root user to prevent displaying log messages to the console.
    Issue the following command:
    chown -R user1 app_server_root/logs/manageprofiles/profile01
    Follow instructions in the Windows documentation to grant user1 access to the following directory:
    app_server_root\logs\manageprofiles\profile01

Results

The installer has created a default profile and changed ownership of the profile directory and log directory to a non-root user.

What to do next

As the installer, you can continue to create profiles and assign ownership to non-root users as needed.

A non-root user ID can manage multiple profiles. Have the same non-root user ID manage an entire profile, whether it is the deployment manager profile, a profile that contains the application servers and the node agent, or a custom profile. A different user ID can be used for each profile in a cell, whether global security or administrative security is enabled or disabled. The user IDs can be a mix of root and non-root user IDs. For example, the root user might manage the deployment manager profile, while a non-root user might manage a profile that contains application servers and the node agent, or vice versa. However, typically, a root user or a non-root user manages all profiles in a cell.

The non-root user can use the same tasks to manage a profile that the root user uses.




In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic Task topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Feb 5, 2014 9:49:51 PM CST
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=compass&product=was-nd-mp&topic=tpro_rootpro_nonroot_own
File name: tpro_rootpro_nonroot_own.html