When Tivoli® Access
Manager security is configured for your existing environment and security
is enabled, you can migrate to WebSphere® Application Server, Version 7.0.
Before you begin
Your profiles must be migrated using the migration tools to migrate
product configurations.
Important: Do not restart the WebSphere Application Server Version 7.0 server until after performing the following procedure.
The migration tools omit some files that enable the server to start correctly.
About this task
After migrating your profiles additional steps are required when Tivoli Access
Manager security is configured.
Procedure
- Copy the following files from the existing
directory to the same directory for Version 7.0.
%WAS_HOME%\java\jre\PDPerm.properties
%WAS_HOME%\java\jre\lib\security\PdPerm.ks
%WAS_HOME%\java\jre\PolicyDirector\PDCA.ks
- Edit the PD.properties file, and change
the following configuration settings:
appsvr-plcysvrs=null\:0:\:1
config_type=standalone
Make the appropriate changes to point to
your Tivoli Access
Manager Policy Server, for example:appsvr-plcysvrs=pdmgrd.test.gc.au.ibm.com\:7135\:1
config_type=full
- Edit the PdPerm.properties file, and
change all path names to the correct path name. Change the following configuration
settings:
pdvar-home=C\:\\Program
Files\\WebSphere\\AppServer\\java\\jre\\PolicyDirector
baseGroup.PDJv1dugong-v2dugongMessageFileHandler.fileName=C\:\\Program
Files\\WebSphere\\AppServer\\java\\jre\\PolicyDirector\\log/msg__v1dugong-v2dugong.log
pdcert-url=file\:/c\:/progra~1/WebSphere/AppServer/java/jre/lib/security/PdPerm.ks
baseGroup.PDJv1dugong-v2dugongTraceFileHandler.fileName=C\:\\Program
Files\\WebSphere\\AppServer\\java\\jre\\PolicyDirector\\log/trace__v1dugong-v2dugong.log
pd-home=C\:\\Program Files\\WebSphere\\AppServer\\java\\jre\\PolicyDirector
java-home=C\:\\Program Files\\WebSphere\\AppServer\\java\\jre