You can install the DMZ Secure Proxy Server using Installation
Manager response files.
Before you begin
Prepare for the installation before using this procedure.
See Preparing the operating system for installation on IBM i for more information.
Before
you install the DMZ Secure Proxy Server, ensure that your user profile
has *ALLOBJ and *SECADM special authorities.
Install Installation
Manager on the system onto which you want to install the product.
- If you want to use the Installation Manager that comes with this
product, perform the following actions:
- Obtain the necessary files.
There are three basic options for
obtaining and installing Installation Manager and the product.
Note: If you do not have a Passport Advantage ID and password,
you must install the product from the product repositories on the
media or local repositories.
- Install Installation Manager.
- Sign on to the IBM i system
with a user profile that has *ALLOBJ and *SECADM special authorities.
- On a CL command line, run the STRQSH command
to start the Qshell command shell.
- Make sure that the umask is set to 022.
To verify the umask
setting, issue the following command:
umask
To
set the umask setting to 022, issue the following command:
umask 022
- Change to the temporary directory where you unpacked the Installation
Manager files.
- Run the following command in the temporary folder:
installc -acceptLicense -log log_file_path_and_name
- If you already have a version of Installation Manager installed
on your system and you want to use it to install and maintain the
product, obtain the necessary product files.
There are three basic
options for installing the product.
- Access the physical media, and use local installation
You
can access the product repositories on the product media. Use Installation
Manager to install the product from the product repositories on the
media.
- Download the files from the Passport Advantage site, and use
local installation
Licensed customers with a Passport Advantage ID and password
can download the necessary product repositories from the Passport Advantage site.
- Download the product repositories from the Passport Advantage site.
- Use Installation Manager to install the product from the downloaded
repositories.
- Access the live repositories, and use web-based installation
If
you have a Passport
Advantage ID and password, you can use Installation Manager to
install the product from the web-based repositories. Use Installation
Manager to install the product from the web-based repository located
at
http://www.ibm.com/software/repositorymanager/com.ibm.websphere.NDDMZ.v85
Note: This location
does not contain a web page that you can access using a web browser.
This is a remote web-based repository location that you must specify
in the response file so that the installation can access the files
in this repository.
Whenever possible, you should use
the remote web-based repositories so that you are accessing the most
up-to-date installation files.
Note: If you do not have a Passport Advantage ID and password,
you must install the product from the product repositories on the
media or local repositories.
Example
The following is an example of a response file for installing
the DMZ Secure Proxy Server with the Administration Thin Client feature
into the
/QIBM/ProdData/WebSphere/AppServer/V85/NDDMZ directory
using a web-based repository located at
http://www.ibm.com/software/repositorymanager/com.ibm.websphere.NDDMZ.v85.
<?xml version="1.0" encoding="UTF-8"?>
<agent-input>
<server>
<repository location='http://www.ibm.com/software/repositorymanager/com.ibm.websphere.NDDMZ.v85'/>
</server>
<profile id='DMZ Secure Proxy Server for IBM WebSphere Application Server V8.5' installLocation='/QIBM/ProdData/WebSphere/AppServer/V85/NDDMZ'>
<data key='eclipseLocation' value='/QIBM/ProdData/WebSphere/AppServer/V85/NDDMZ'/>
<data key='was.install.os400.profile.location' value='/QIBM/UserData/WebSphere/AppServer/V85/NDDMZ'/>
<data key='user.import.profile' value='false'/>
<data key='cic.selector.nl' value='en, fr, it, zh, ro, ru, zh_TW, de, ja, pl, es, cs, hu, ko, pt_BR'/>
</profile>
<install modify='false'>
<offering profile='DMZ Secure Proxy Server for IBM WebSphere Application Server V8.5' features='core.feature,thinclient' id='com.ibm.websphere.NDDMZ.v85'/>
</install>
<preference name='com.ibm.cic.common.core.preferences.eclipseCache' value='/QIBM/UserData/InstallationManager/IMShared'/>
<preference name='com.ibm.cic.common.core.preferences.connectTimeout' value='30'/>
<preference name='com.ibm.cic.common.core.preferences.readTimeout' value='30'/>
<preference name='com.ibm.cic.common.core.preferences.downloadAutoRetryCount' value='0'/>
<preference name='offering.service.repositories.areUsed' value='true'/>
<preference name='com.ibm.cic.common.core.preferences.ssl.nonsecureMode' value='false'/>
<preference name='com.ibm.cic.common.core.preferences.http.disablePreemptiveAuthentication' value='false'/>
<preference name='http.ntlm.auth.kind' value='NTLM'/>
<preference name='http.ntlm.auth.enableIntegrated.win32' value='true'/>
<preference name='com.ibm.cic.common.core.preferences.preserveDownloadedArtifacts' value='true'/>
<preference name='com.ibm.cic.common.core.preferences.keepFetchedFiles' value='false'/>
<preference name='PassportAdvantageIsEnabled' value='false'/>
<preference name='com.ibm.cic.common.core.preferences.searchForUpdates' value='false'/>
</agent-input>
What to do next
You can create a secure proxy profile using the manageprofiles command.
The
following is an example of using the
manageprofiles command
to create a default secure proxy profile. This example is based on
the following assumptions:
- Security is to be enabled.
- The system host name is myhost.abc.com.
- The appserver_install_root is /QIBM/ProdData/WebSphere/AppServer/V85/NDDMZ.
- The user_data_root is /QIBM/UserData/WebSphere/AppServer/V85/NDDMZ.
- The administrative user name is wasadmin.
- The password is password.
manageprofiles -create
-portsFile /QIBM/ProdData/WebSphere/AppServer/V85/NDDMZ/profileTemplates/secureproxy/actions/portsUpdate/portdef.props
-serverName proxy1
-nodeName myhost
-hostName myhost.abc.com
-cellName myhost
-adminUserName wasadmin
-adminPassword password
-templatePath /QIBM/ProdData/WebSphere/AppServer/V85/NDDMZ/profileTemplates/secureproxy
-enableAdminSecurity true
-profileName SecureProxySrv01
The following is
an example of using the
manageprofiles command
to make profile SecureProxySrv01 the default profile.
manageprofiles -setDefaultName -profileName SecureProxySrv01