Specify a name for the profile and the
directory path for the profile directory, or accept the default values.
Then, click Next. Profile
naming guidelines: Double-byte characters are supported. The profile
name can be any unique name with the following restrictions. Do not
use any of the following characters when naming your profile:
- Spaces
- Special characters that are not supported within the name of a
directory on your operating system, such as *&?
- Slashes (/) or (\)
The default profile
The
first profile that you create on a machine is the default profile.
The default profile is the default target for commands that are issued
from the bin directory in the product installation
root. When only one profile exists on a machine, every command works
on the single server process in the configuration. You can make
another profile the default profile when you create that profile by
checking Make this profile the default on the Profile name
and location panel of the Advanced profile creation path. You
can also make another profile the default profile using the manageprofiles
command after you create the profile.
Addressing
a profile in a multiprofile environment
When
multiple profiles exist on a machine, certain commands require that
you specify the profile to which the command applies if the profile
is not the default profile. These commands use the -profileName parameter
to identify which profile to address. You might find it easier to
use the commands that are in the bin directory
of each profile.
Use these commands to query the
command shell to determine the calling profile and to address these
commands to the calling profile.
Default profile
information
The default profile name
is
<profile_type><profile_number>:
- <profile_type> is a
value of AppSrv, Dmgr, Custom, AdminAgent, JobMgr,
or SecureProxySrv.
- <profile_number> is
a sequential number that is used to create a unique profile name
The
default profile directory is app_server_root/profiles,
where app_server_root is the installation root.
The default profile directory
is app_server_root\profiles, where app_server_root is
the installation root.
On the Node and Host Names panel, specify a unique node
name, a server name, and the actual host name of the machine. Click Next.
Table 1. Characteristics of the secure proxy
server node. This table shows the characteristics of
the secure proxy server node.
Field name |
Default value |
Constraints |
Description |
Node name |
shortHostName
Node
where:
- shortHostName is the short host name.
- NodeNumber is a sequential number starting
at 01.
|
Use a unique name for the secure proxy server. |
The name is used for administration within the
deployment manager cell. |
Server name |
proxy1
|
Specifies a logical name for the server. Server
names must be unique within a node. However, for multiple nodes within
a cluster, you might have different servers with the same server name
as long as the server and node pair are unique. |
The server name is used for administration within
the deployment manager cell. |
Host name |
The long form of the domain name server
(DNS) name.
|
The host name must be addressable through your
network. Read about host
name considerations.
|
Use the actual DNS name or IP address of your
machine to enable communication with your machine. See additional
information about the host name that follows this table. |
Reserved names: Avoid using reserved folder
names as field values. The use of reserved folder names can cause
unpredictable results. The following terms are reserved folder names:
- cells
- nodes
- servers
- clusters
- applications
- deployments
Directory path length:
The number
of characters in the profiles_directory_path\profile_name directory
must be less than or equal to 80 characters.
Host name considerations: The
host name is the network name for the physical machine on which the
node is installed. The host name must resolve to a physical network
node on the server. When multiple network cards exist in the server,
the host name or IP address must resolve to one of the network cards.
Remote nodes use the host name to connect to and communicate with
this node. Selecting a host name that other machines can reach within
your network is important. Do not use the generic identifier, localhost,
for this value. Also, do not attempt to install WebSphere Application
Server products on a machine with a host name that uses characters
from a double-byte character set (DBCS). DBCS characters are not supported
when used in the host name.
If you define coexisting
nodes on the same computer with unique IP addresses, then define each
IP address in a domain name server (DNS) look-up table. Configuration
files for standalone application servers do not provide domain name
resolution for multiple IP addresses on a machine with a single network
address.
The value that you specify for the host
name is used as the value of the hostName property in configuration
documents for the standalone application server. Specify the host
name value in one of the following formats:
- Fully qualified domain name server (DNS) host name string, such
as xmachine.manhattan.ibm.com
- The default short DNS host name string, such as xmachine
- Numeric IP address, such as 127.1.255.3
The fully qualified DNS host name has the
advantages of being unambiguous and flexible. You have the flexibility
of changing the actual IP address for the host system without having
to change the application server configuration. This value for the
host name is particularly useful if you plan to change the IP address
frequently when using Dynamic Host Configuration Protocol (DHCP) to
assign IP addresses. A disadvantage of this format is dependency on
DNS. If DNS is not available, then connectivity is compromised.
The short host name is also dynamically resolvable. A
short name format has the added function of being redefined in the
local hosts file so that the system can run the application server,
even when disconnected from the network. To run disconnected, define
the short name as the loopback address, 127.0.0.1,
in the hosts file to run disconnected. A disadvantage of this format
is a dependency on DNS for remote access. If DNS is not available,
then connectivity is compromised.
A numeric IP address
has the advantage of not requiring name resolution through DNS. A
remote node can connect to the node that you name with a numeric IP
address without DNS being available. A disadvantage of this format
is that the numeric IP address is fixed. You must change the setting
of the hostName property in Express configuration documents whenever
you change the machine IP address. Therefore, do not use a numeric
IP address if you use DHCP, or if you change IP addresses regularly.
Another disadvantage of this format is that you cannot use the node
if the host is disconnected from the network.
After displaying
the node name, server name, and host name for the secure proxy profile,
the tool displays the Security Level Selection panel.
Choose whether to run the
secure proxy server as a Windows service
on a Windows operating system
or as a Linux Service on a Linux operating system, and click Next.
The Windows service
definition panel is displayed for the Windows operating
system only if the ID that installs the Windows service
has the administrator group privilege. However, you can run the WASService.exe
command to create the Windows service
as long as the installer ID belongs to the administrator group. Read
about automatically restarting server processes for more information.
The product attempts to start Windows services for secure proxy processes
that are started by a startServer command. For example, if you configure
a secure proxy server as a Windows service
and issue the startServer command, then the wasservice command
attempts to start the defined service.
If you chose
to install a local system service, then you do not have to specify
your user ID or password. If you create a specified user type of service,
then you must specify the user ID and the password for the user who
runs the service. The user must have Log on as a service authority
for the service to run correctly. If the user
does not have Log on as a service authority, then
the Profile Management tool automatically adds the authority.
To perform this profile creation task, the user ID
must not contain spaces. In addition to belonging to the administrator
group, the ID must also have the advanced user right of Log
on as a service. The Installation program grants the user
ID the advanced user right if the user ID does not already have the
advanced user right and if the user ID belongs to the administrator
group.
You can also create other Windows services
after the installation is complete to start other server processes.
Read about automatically restarting server processes for more information.
You can remove the Windows service
that is added during profile creation during profile deletion. You
can also remove the Windows service with the wasservice
command.
IPv6 considerations
Profiles created
to run as a Windows service
fail to start when using Internet Protocol Version 6.0 (IPv6) if
the service is configured to run as local system. Create a user-specific
environment variable to enable IPv6. Since this environment variable
is a user variable instead of a local system variable, only a Windows service that runs as
that specific user can access this environment variable. By default,
when a new profile is created and configured to run as a Windows service, the service is set to run
as local system. When the Windows service
for the secure proxy server process attempts to run, the service is
unable to access the user environment variable that specifies IPv6,
and thus attempts to start as IPv4. The server does not start correctly
in this case. To resolve the problem, when creating the profile, specify
that the Windows service
for the secure proxy server process runs as the same user ID from
which the environment variable that specifies IPv6 is defined, instead
of as Local System.
![[Windows]](../../windows.gif)
The following default
values for the Windows service definition panel
exist:
- The default is to run as a Windows service.
- The service process is selected to run as a system account.
- The user account is the current user name. User name requirements
are the requirements that the Windows operating
system imposes for a user ID.
- The startup type is automatic. The values for
the startup type are those values that the Windows operating
system imposes. If you want a startup type other than automatic,
you can either select another available option from the menu or change
the startup type after you create the profile. You can also remove
the created service after profile creation, and add it later with
the desired startup type. You can choose not to create a service at
profile creation time and optionally create the service later with
the desired startup type.
The Linux service
definition panel is displayed if the current operating system is a
supported version of Linux operating systems, and the
current user has the appropriate permissions.
The
product attempts to start Linux services for application
server processes that are started by a startServer command. For example,
if you configure an application server as a Linux service
and issue the startServer command, then the wasservice command
attempts to start the defined service.
By default,
the product is not selected to run as a Linux service.
To create the service, the user that runs the Profile Management Tool must be the root
user. If you run the Profile Management Tool with
a non-root user ID, then the Linux service
definition panel is not displayed, and no service is created.
When you create a Linux service,
you must specify a user name from which the service runs.
To delete a Linux service, the user must be
the root user or have appropriate privileges for deleting the service.
Otherwise, a removal script is created that the root user can run
to delete the service for the user.
The tool displays
the Profile creation summary panel.