I’ve been focusing a lot lately on how to install P8 with CPIT. Mostly because this is easier, faster, and usually more convenient, but it has inconveniences as well. Installing all components separatly has a few benefits and I thought it was time to write how to do that:
- Install different versions of the components
- Install Fix Packs during install
- Use different technologies
- Split components on different servers
- Use pre-installed components (LDAP, DB, …)
- Optimize install size by deleting binaries after each install
- And for curious people, understand better what’s going on 🙂
This will be a long post, but I’ll try to split this step by step and explain precisely what is going on. At the end of this post, I will give the full script you can run to install a full platform. Unlike the CPIT installer, I’ve tried to keep everything in one script to ease distribution, installation and customization. That’s why you will see a lot of HERE-doc commands to create files on-the-go. At this moment I’m using only one dependency, which is a file from the CPIT installer: cpt-actions.jar. This is the java tool allowing us to create the default domain and object store. This is quite basic to implement using the Java API so I hope to write soon how to rewrite this tool so we can get rid of all dependency on CPIT.
Contents
- Pre-requisites
- Create system users
- Install DB2
- Install Tivoli Directory Server
- Install Installation Manager
- Install WebSphere Application Server
- Configure DB2 for FileNet
- Create default users in TDS
- Deploy the TDS Admin server in WAS
- Install CE and its FP if any
- Install ICN and its FP if any
- Install CEC and its FP if any
- Configure the Content Engine
- Configure the Process Engine
- Export the LTPA key
- Configure ICN
- Configure the FileNet/ICN applications in WAS
- Final tasks
- All in one script
Pre-requisites
As for the CPIT, a few dependencies need to be installed before starting. Also, some configurations need to be done.
#!/bin/bash # Change this to the password you want to use password=IBMFileNetP8 # Where to find all binaries, renamed as for the CPIT binaries=/cpit_binaries # If you want to delete the decompressed binaries after install, set this to true cleanBinaries=true # If your hostname is correctly set you can keep this, if not set it here and the script will set it properly everywhere NAME=`hostname` # Setup, do not touch baseDir=`pwd` logDir=`pwd`/log mkdir -p $logDir # Checking all binaries are present [[ -f $binaries/db2.tar.gz ]] || { echo "db2.tar.gz does not exit"; exit 1; } [[ -f $binaries/db2lic.zip ]] || { echo "db2lic.zip does not exit"; exit 1; } [[ -f $binaries/tds.tar ]] || { echo "tds.tar does not exit"; exit 1; } [[ -f $binaries/tdsfp.tar ]] || { fpMissing "tdsfp.tar"; } [[ -f $binaries/tdsgskit.tar ]] || { echo "tdsgskit.tar does not exit"; exit 1; } [[ -f $binaries/im.zip ]] || { echo "im.zip does not exit"; exit 1; } [[ -f $binaries/WAS_V8.5.5_1_OF_3.zip ]] || { echo "WAS_V8.5.5_1_OF_3.zip does not exit"; exit 1; } [[ -f $binaries/WAS_V8.5.5_2_OF_3.zip ]] || { echo "WAS_V8.5.5_2_OF_3.zip does not exit"; exit 1; } [[ -f $binaries/WAS_V8.5.5_3_OF_3.zip ]] || { echo "WAS_V8.5.5_3_OF_3.zip does not exit"; exit 1; } [[ -f $binaries/ce.tar.gz ]] || { echo "ce.tar.gz does not exit"; exit 1; } [[ -f $binaries/cefp.tar.gz ]] || { fpMissing "cefp.tar.gz";} [[ -f $binaries/cec.tar.gz ]] || { echo "cec.tar.gz does not exit"; exit 1; } [[ -f $binaries/cecfp.tar.gz ]] || { fpMissing "cecfp.tar.gz"; } [[ -f $binaries/icn.tar ]] || { echo "icn.tar does not exit"; exit 1; } [[ -f $binaries/icnfp.tar ]] || { fpMissing "icnfp.tar"; } # I'm using xmlstarlet to edit easily XML files when configuring the CE and ICN command -v xmlstarlet >/dev/null 2>&1 || { rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm;yum -y install xmlstarlet; } function fpMissing { while true; do read -p " ****************************** WARNING ****************************** Fix pack $1 is missing. Are you sure you want to install without it? ****************************** WARNING ****************************** Are you sure? (yes/no): " yn case $yn in [Yy]* ) break;; [Nn]* ) exit;; * ) echo "Please answer yes or no.";; esac done } # Install some required pre-requisites to make sure installs work yum -y install ld-linux.so.2 libgcc_s.so.1 libX11.so.6 libXp.i686 libXp.x86_64 libXpm.i686 libXpm.x86_64 gtk2.x86_64 gtk2.i686 libXft.i686 libXft.x86_64 libXmu.i686 libXmu.x86_64 libXtst.i686 libXtst.x86_64 ksh ksh.x86_64 unzip bc sed compat-db47.i686 compat-db47.x86_64 pam.i686 pam.x86_64 elfutils.x86_64 elfutils-libs.i686 elfutils-libs.x86_64 rpm-build.x86_64 libgcc_s.so.1 libaio.x86_64 libstdc++.so.5 libstdc++.so.6 glibc.i686 libgcc.i686 libgcc.x86_64 libstdc++.so.5 compat-libstdc++-33.i686 compat-libstdc++-33.x86_64 # Disable SELinux for the install just to be sure /usr/sbin/setenforce 0 # Setting name properly sed -i "s/HOSTNAME=.*$/HOSTNAME=$NAME/g" /etc/sysconfig/network hostname $NAME sed -i "s/localhost4\slocalhost4.localdomain4\s*$/localhost4 localhost4.localdomain4 $NAME/g" /etc/hosts sed -i "s/localhost6\slocalhost6.localdomain6\s*$/localhost6 localhost6.localdomain6 $NAME/g" /etc/hosts echo $NAME > /etc/HOSTNAME # Create the base folder and symlink it to avoid errors mkdir /opt/IBM ln -s /opt/IBM /opt/ibm chmod 775 /opt/IBM # Symlink ksh to be sure it's found ln -s /bin/ksh /usr/bin/ksh mkdir $baseDir/tdsgskit tar -xf $binaries/tdsgskit.tar -C $baseDir/tdsgskit echo Installing gskit rpm -Uhv $baseDir/tdsgskit/8.0.14.27-ISS-GSKIT-LinuxX64-FP0027/64/gsk*rpm
Create system users
This step create all groups and users needed for the install.
# Add FileNet groups groupadd fnadmin groupadd fnop groupadd fnusr # System user for the P8 GCD DB adduser gcddbusr echo $password | passwd --stdin gcddbusr # System user for the P8 OS DBs adduser osdbuser echo $password | passwd --stdin osdbuser # System user for the ICN DB adduser nxsdbusr echo $password | passwd --stdin nxsdbusr # Add P8Admin user and add it to the correct groups adduser -G fnadmin,fnop,fnusr,adm,bin,sys P8Admin echo $password | passwd --stdin P8Admin useradd -G fnadmin,fnop,fnusr,adm,root,bin,daemon,sys,disk,wheel P8Admin echo $password | passwd --stdin P8Admin
Install DB2
This step installs DB2 and creates an instance we will use to create our databases later. We need a Database Management System for TDS (users/groups), for FileNet (GCD and Object Stores), and for ICN.
# Inflate binaries mkdir $baseDir/db2 mkdir $baseDir/db2lic tar xfz $binaries/db2.tar.gz -C $baseDir/db2 unzip -q $binaries/db2lic.zip -d $baseDir/db2lic # Create the DB2 response file, we want an instance for TDS ready cat >$baseDir/db2.rsp<<EOF PROD = ENTERPRISE_SERVER_EDITION FILE = /opt/ibm/db2/V9.7 LIC_AGREEMENT = ACCEPT ** ACCEPT or DECLINE INTERACTIVE = NONE ** NONE, YES, MACHINE INSTALL_TYPE = TYPICAL ** TYPICAL, COMPACT, CUSTOM INSTANCE = DB2_INST ** char(8) no spaces DB2_INST.NAME = dsrdbm01 ** char(8) no spaces, no upper case letters DB2_INST.GROUP_NAME = grrdbm01 ** char(30) no spaces DB2_INST.HOME_DIRECTORY = /home/dsrdbm01 ** char(64) no spaces. Valid for root installation only DB2_INST.PASSWORD = $password ** Valid for root installation only DB2_INST.TYPE = ESE ** DSF ESE WSE STANDALONE CLIENT DB2_INST.AUTOSTART = YES ** YES or NO DB2_INST.START_DURING_INSTALL = YES ** YES or NO. Default is YES. DB2_INST.SVCENAME = dsrdbm01svcids ** BLANK or char(14). Reserved for root installation only DB2_INST.PORT_NUMBER = 3737 ** 1024 - 65535, Reserved for root installation only DB2_INST.FENCED_GROUP_NAME = db2fsdm1 ** char(30) no spaces EOF # We need to free the port 3737 in the services file, this service is not used and conflict with DB2 sed -i "s/3737\/tcp/37370\/tcp/g" /etc/services # Run the installer using our response file $baseDir/db2/server/db2setup -r $baseDir/db2.rsp -l $logDir/db2install.txt # Set the DB2 license /opt/ibm/db2/V9.7/adm/db2licm -a $baseDir/db2lic/ese_o/db2/license/db2ese_o.lic /opt/ibm/db2/V9.7/adm/db2licm -l if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/db2lic $baseDir/db2; fi
Install Tivoli Directory Server
This steps installs an LDAP server we will use as LDAP server for the platform. In our case we will use TDS.
mkdir $baseDir/tds tar xf $binaries/tds.tar -C $baseDir/tds cat >$baseDir/tds.rsp<<EOF -silent -G createDirectoryResponse="yes" -G replaceExistingResponse="yesToAll" # install destination - this can be modified to install location -P product.installLocation="/opt/IBM/ldap/V6.3" -P DB2Feature.active=true -P BaseServerFeature.active=true -P ServerFeature.active=true -P ProxyServerFeature.active=false -P JavaClientFeature.active=true -P ClientFeature.active=true -P WebadminFeature.active=true -P GSKITFeature.active=false -P AppSrvFeature.active=false # Replace the following with a valid Userid for the Db2 administrator. Used only if DB2 is being installed. -W LdapInit.silentDB2Admin="P8Admin" # Replace the following with a valid password for the Db2 administrator. Used only if DB2 is being installed. -W LdapInit.silentDB2AdminPW="$password" # This must be last line. Be sure no blank lines or carriage controls follow! EOF cd $baseDir/tds/tdsV6.3/tds ./install_tds.bin -is:silent -options $baseDir/tds.rsp -is:log $logDir/installtds63.txt if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/tds; fi cd $baseDir mkdir $baseDir/tdsfp tar xf $binaries/tdsfp.tar -C $baseDir/tdsfp cd $baseDir/tdsfp/6.3.0.24-ISS-ITDS-LinuxX64-FP0024 # Install the license first so we don't get prompt when installing FP24 ./license/idsLicense -q ./idsinstall -u -f >$logDir/installtds63fp.txt if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/tdsfp; fi # Configure TDS # This one must be called as ./, not absolute path from somewhere else or it doesn't work cd /opt/IBM/ldap/V6.3/idstools ./idsdefinst -p $password -w $password -e encryptionseed if [ ! -d /home/dsrdbm01/dsrdbm01/NODE0000 ]; then echo ERROR: TDS Default instance was not created.; exit 1; fi echo "# The following three lines have been added by IBM DB2 instance utilities." >> /home/dsrdbm01/.profile echo "if [ -f /home/dsrdbm01/sqllib/db2profile ]; then" >> /home/dsrdbm01/.profile echo " . /home/dsrdbm01/sqllib/db2profile" >> /home/dsrdbm01/.profile echo "fi" >> /home/dsrdbm01/.profile
Install Installation Manager
Installation Manager is required to install WebSphere.
cd $baseDir mkdir $baseDir/im unzip -q $binaries/im.zip -d $baseDir/im chmod 777 $baseDir/im/installc $baseDir/im/installc -acceptLicense if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/im; fi
Install WebSphere Application Server
This step installs WebSphere, which we will use to deploy FileNet, ICN and TDS Admin server.
cd $baseDir mkdir $baseDir/was unzip -q $binaries/WAS_V8.5.5_1_OF_3.zip -d $baseDir/was unzip -q $binaries/WAS_V8.5.5_2_OF_3.zip -d $baseDir/was unzip -q $binaries/WAS_V8.5.5_3_OF_3.zip -d $baseDir/was cat >$baseDir/was-install.xml<<EOF <?xml version="1.0" encoding="UTF-8"?> <!--The "acceptLicense" attribute has been deprecated. Use "-acceptLicense" command line option to accept license agreements.--> <agent-input acceptLicense='true'> <server> <repository location='$baseDir/was'/> </server> <profile id='IBM WebSphere Application Server V8.5' installLocation='/opt/ibm/WebSphere/AppServer'> <data key='eclipseLocation' value='/opt/ibm/WebSphere/AppServer'/> <data key='user.import.profile' value='false'/> <data key='cic.selector.os' value='linux'/> <data key='cic.selector.ws' value='gtk'/> <data key='cic.selector.arch' value='x86'/> <data key='cic.selector.nl' value='en'/> </profile> <install modify='false'> <offering id='com.ibm.websphere.BASE.v85' version='8.5.5000.20130514_1044' profile='IBM WebSphere Application Server V8.5' features='thinclient,ejbdeploy,core.feature,embeddablecontainer,com.ibm.sdk.6_64bit' installFixes='none'/> </install> <preference name='com.ibm.cic.common.core.preferences.eclipseCache' value='/opt/IBM/IMShared'/> <preference name='com.ibm.cic.common.core.preferences.connectTimeout' value='30'/> <preference name='com.ibm.cic.common.core.preferences.readTimeout' value='45'/> <preference name='com.ibm.cic.common.core.preferences.downloadAutoRetryCount' value='0'/> <preference name='offering.service.repositories.areUsed' value='true'/> <preference name='com.ibm.cic.common.core.preferences.ssl.nonsecureMode' value='false'/> <preference name='com.ibm.cic.common.core.preferences.http.disablePreemptiveAuthentication' value='false'/> <preference name='http.ntlm.auth.kind' value='NTLM'/> <preference name='http.ntlm.auth.enableIntegrated.win32' value='true'/> <preference name='com.ibm.cic.common.core.preferences.preserveDownloadedArtifacts' value='true'/> <preference name='com.ibm.cic.common.core.preferences.keepFetchedFiles' value='false'/> <preference name='PassportAdvantageIsEnabled' value='false'/> <preference name='com.ibm.cic.common.core.preferences.searchForUpdates' value='false'/> <preference name='com.ibm.cic.agent.ui.displayInternalVersion' value='false'/> <preference name='com.ibm.cic.common.sharedUI.showErrorLog' value='true'/> <preference name='com.ibm.cic.common.sharedUI.showWarningLog' value='true'/> <preference name='com.ibm.cic.common.sharedUI.showNoteLog' value='true'/> </agent-input> EOF /opt/IBM/InstallationManager/eclipse/tools/imcl -input $baseDir/was-install.xml -log $logDir/was85_install.log -acceptLicense # Create profiles /opt/IBM/WebSphere/AppServer/bin/manageprofiles.sh -create -profileName AppSrv01 -cellName P8Node01Cell -nodeName P8Node01 -serverName server1 -enableAdminSecurity true -adminUserName P8Admin -adminPassword $password /opt/IBM/WebSphere/AppServer/bin/manageprofiles.sh -create -profileName AppSrv02 -cellName P8Node02Cell -nodeName P8Node02 -serverName server1 -enableAdminSecurity true -adminUserName P8Admin -adminPassword $password if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/was; fi
Configure DB2 for FileNet
In this step, we create the databases foneeded for FileNet:
- The Global Configuration Database (GCD)
- One database for the first object store
- One database for the second object store
usermod -a -G root dsrdbm01 usermod -a -G root gcddbusr usermod -a -G root osdbuser usermod -a -G root P8Admin usermod -a -G grrdbm01 dsrdbm01 usermod -a -G grrdbm01 gcddbusr usermod -a -G grrdbm01 osdbuser usermod -a -G grrdbm01 P8Admin # Create he DB locations on the disk mkdir -p /opt/IBM/DB2Databases chmod 777 /opt/IBM/DB2Databases cat >$baseDir/createFNdbs.sh<<EOF db2 CONNECT RESET echo "Creating Content Engine GCD database, tablespace, and granting proper rights to gcddbusr ..." db2 CREATE DATABASE GCD_DB AUTOMATIC STORAGE YES ON /opt/IBM/DB2Databases USING CODESET UTF-8 TERRITORY US COLLATE USING SYSTEM PAGESIZE 32768 db2 CONNECT TO GCD_DB db2 CREATE REGULAR TABLESPACE GCD_TS PAGESIZE 32 K MANAGED BY AUTOMATIC STORAGE EXTENTSIZE 16 OVERHEAD 10.5 PREFETCHSIZE 16 TRANSFERRATE 0.14 BUFFERPOOL IBMDEFAULTBP DROPPED TABLE RECOVERY ON db2 GRANT CREATETAB,CONNECT ON DATABASE TO USER gcddbusr db2 GRANT USE OF TABLESPACE GCD_TS TO USER gcddbusr db2 CONNECT RESET echo "Creating Content Engine TARGET Object Store database, tablespaces, and granting proper rights to osdbuser ..." db2 CREATE DATABASE TARGETDB AUTOMATIC STORAGE YES ON /opt/IBM/DB2Databases USING CODESET UTF-8 TERRITORY US COLLATE USING SYSTEM PAGESIZE 32768 db2 CONNECT TO TARGETDB db2 CREATE REGULAR TABLESPACE CEDATA_TS PAGESIZE 32 K MANAGED BY AUTOMATIC STORAGE EXTENTSIZE 16 OVERHEAD 10.5 PREFETCHSIZE 16 TRANSFERRATE 0.14 BUFFERPOOL IBMDEFAULTBP DROPPED TABLE RECOVERY ON db2 CREATE USER TEMPORARY TABLESPACE USRTEMP_TS PAGESIZE 32 K MANAGED BY AUTOMATIC STORAGE EXTENTSIZE 16 OVERHEAD 10.5 PREFETCHSIZE 16 TRANSFERRATE 0.14 BUFFERPOOL IBMDEFAULTBP db2 GRANT CREATETAB,CONNECT ON DATABASE TO USER osdbuser db2 GRANT USE OF TABLESPACE CEDATA_TS TO USER osdbuser db2 GRANT USE OF TABLESPACE USRTEMP_TS TO USER osdbuser db2 CREATE REGULAR TABLESPACE PEDATA_TS PAGESIZE 32 K MANAGED BY AUTOMATIC STORAGE EXTENTSIZE 16 OVERHEAD 10.5 PREFETCHSIZE 16 TRANSFERRATE 0.14 BUFFERPOOL IBMDEFAULTBP DROPPED TABLE RECOVERY ON db2 GRANT SECADM ON DATABASE TO USER P8Admin db2 GRANT CREATETAB,CONNECT ON DATABASE TO user P8Admin db2 grant use of tablespace pedata_ts to user P8Admin db2 UPDATE DATABASE CONFIGURATION USING APPLHEAPSZ 2560 IMMEDIATE db2 CONNECT RESET echo "--------------------" echo "Creating Content Engine DESIGN Object Store database, tablespaces, and granting proper rights to osdbuser ..." db2 CREATE DATABASE DESIGNDB AUTOMATIC STORAGE YES ON /opt/IBM/DB2Databases USING CODESET UTF-8 TERRITORY US COLLATE USING SYSTEM PAGESIZE 32768 db2 CONNECT TO DESIGNDB db2 CREATE REGULAR TABLESPACE CEDATA_TS PAGESIZE 32 K MANAGED BY AUTOMATIC STORAGE EXTENTSIZE 16 OVERHEAD 10.5 PREFETCHSIZE 16 TRANSFERRATE 0.14 BUFFERPOOL IBMDEFAULTBP DROPPED TABLE RECOVERY ON db2 CREATE USER TEMPORARY TABLESPACE USRTEMP_TS PAGESIZE 32 K MANAGED BY AUTOMATIC STORAGE EXTENTSIZE 16 OVERHEAD 10.5 PREFETCHSIZE 16 TRANSFERRATE 0.14 BUFFERPOOL IBMDEFAULTBP db2 GRANT CREATETAB,CONNECT ON DATABASE TO USER osdbuser db2 GRANT USE OF TABLESPACE CEDATA_TS TO USER osdbuser db2 GRANT USE OF TABLESPACE USRTEMP_TS TO USER osdbuser db2 CREATE REGULAR TABLESPACE PEDATA_TS PAGESIZE 32 K MANAGED BY AUTOMATIC STORAGE EXTENTSIZE 16 OVERHEAD 10.5 PREFETCHSIZE 16 TRANSFERRATE 0.14 BUFFERPOOL IBMDEFAULTBP DROPPED TABLE RECOVERY ON db2 GRANT SECADM ON DATABASE TO USER P8Admin db2 GRANT CREATETAB,CONNECT ON DATABASE TO user P8Admin db2 grant use of tablespace pedata_ts to user P8Admin db2 UPDATE DATABASE CONFIGURATION USING APPLHEAPSZ 2560 IMMEDIATE db2 CONNECT RESET echo "--------------------" db2 CONNECT RESET echo "--------------------" EOF # Change DB2 port cat >$baseDir/setDB2port.sh<<EOF db2 update dbm cfg using SVCENAME 3737 db2stop FORCE db2start db2 get dbm cfg | grep SVCENAME EOF # Start the instance /opt/ibm/db2/V9.7/instance/db2istrt dsrdbm01 chmod a+x $baseDir/createFNdbs.sh chmod a+x $baseDir/setDB2port.sh su - dsrdbm01 -c $baseDir/createFNdbs.sh su - dsrdbm01 -c $baseDir/setDB2port.sh rm -f $baseDir/createFNdbs.sh rm -f $baseDir/setDB2port.sh if [ ! -d /opt/IBM/DB2Databases/dsrdbm01/NODE0000 ]; then echo "ERROR: P8 Database was not created."; exit 1; fi
Create default users in TDS
We need to create a few users in our LDAP to use to configure FileNet/ICN.
cat >$baseDire/users.ldif<<EOF dn: o=sample objectclass: top objectclass: domain dc: o=sample o: sample dn: cn=P8Admin,o=sample cn: P8Admin sn: P8Admin userpassword: $password objectclass: top objectclass: organizationalPerson objectclass: person dn: cn=tester,o=sample cn: tester sn: tester userpassword: $password objectclass: top objectclass: organizationalPerson objectclass: person dn: cn=P8Admins,o=sample objectclass: groupOfNames objectclass: top cn: P8Admins member: cn=P8Admin,o=sample dn: cn=GeneralUsers,o=sample objectclass: groupOfNames objectclass: top cn: GeneralUsers member: cn=P8Admin,o=sample member: cn=tester,o=sample EOF /opt/IBM/ldap/V6.3/sbin/idsldif2db -i $baseDire/users.ldif -I dsrdbm01 # Start TDS /opt/IBM/ldap/V6.3/sbin/ibmslapd -I dsrdbm01
Deploy the TDS Admin server in WAS
TDS can be administrate in an easier way with a web application instead of always using command line tools, so let’s do that.
# Start WAS, let's start both profile for later /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/startServer.sh server1 /opt/ibm/WebSphere/AppServer/profiles/AppSrv02/bin/startServer.sh server1 cat >$baseDir/deploy.py<<EOF server = AdminConfig.getid('/Server:server1/') AdminApp.install('/opt/ibm/ldap/V6.3/idstools/IDSWebApp.war',['-MapRolesToUsers', "[['All Authenticated' No Yes '' '']]", '-MapModulesToServers', "[[ '.*' '.*.war,.*' server]]", '-MapWebModToVH', "[[ '.*' '.*.war,.*' 'default_host']]", '-appname', 'IDSWebApp', '-contextroot', 'IDSWebApp']) AdminConfig.save() dep = AdminConfig.getid("/Deployment:IDSWebApp/") depObject = AdminConfig.showAttribute(dep, "deployedObject") classldr = AdminConfig.showAttribute(depObject, 'classloader') AdminConfig.modify(classldr, [['mode', 'PARENT_LAST']]) modules = AdminConfig.showAttribute(depObject, 'modules') modules = modules[1:len(modules)-1].split(" ") for module in modules: if (module.find('WebModuleDeployment')!= -1): uri = AdminConfig.showAttribute(module, 'uri') if (uri == "web_client.war"): cl = AdminConfig.list('Classloader', module) if (cl): AdminConfig.modify(cl, [['mode', 'PARENT_LAST']]) else: AdminConfig.create('Classloader', module, [['mode', 'PARENT_LAST']]) AdminConfig.save() appManager = AdminControl.queryNames('cell=P8Node01Cell,node=P8Node01,type=ApplicationManager,process=server1,*') AdminControl.invoke(appManager, 'startApplication', 'IDSWebApp') EOF /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv01 -lang jython -f $baseDir/deploy.py rm -f $baseDir/deploy.py
Install CE and its FP if any
cd $baseDir mkdir $baseDir/ce tar xzf $binaries/ce.tar.gz -C $baseDir/ce sed -i "s/LICENSE_ACCEPTED=false/LICENSE_ACCEPTED=true/g" $baseDir/ce/ce_silent_install.txt $baseDir/ce/5.2.1-ICFCPE-LINUX.BIN -i silent -f $baseDir/ce/ce_silent_install.txt if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/ce; fi if [[ -f $binaries/cefp.tar.gz ]]; then cd $baseDir mkdir $baseDir/cefp tar xzf $binaries/cefp.tar.gz -C $baseDir/cefp sed -i "s/LICENSE_ACCEPTED=false/LICENSE_ACCEPTED=true/g" $baseDir/cefp/ce_silent_install.txt $baseDir/cefp/5.2.1.5-P8CPE-LINUX-FP005.BIN -i silent -f $baseDir/cefp/ce_silent_install.txt if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/cefp; fi fi
Install ICN and its FP if any
cd $baseDir mkdir $baseDir/icn tar xf $binaries/icn.tar -C $baseDir/icn sed -i "s/LICENSE_ACCEPTED=false/LICENSE_ACCEPTED=true/g" $baseDir/icn/ecmclient_silent_install.txt $baseDir/icn/IBM_CONTENT_NAVIGATOR-2.0.3-LINUX.bin -f $baseDir/icn/ecmclient_silent_install.txt -i silent if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/icn; fi if [[ -f $binaries/icnfp.tar ]]; then cd $baseDir mkdir $baseDir/icnfp tar xf $binaries/icnfp.tar -C $baseDir/icnfp sed -i "s/LICENSE_ACCEPTED=false/LICENSE_ACCEPTED=true/g" $baseDir/icnfp/ecmclient_silent_install.txt $baseDir/icnfp/IBM_CONTENT_NAVIGATOR-2.0.3.8-FP008-LINUX.bin -f $baseDir/icnfp/ecmclient_silent_install.txt -i silent if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/icnfp; fi fi
Install CEC and its FP if any
cd $baseDir mkdir $baseDir/cec tar xzf $binaries/cec.tar.gz -C $baseDir/cec sed -i "s/LICENSE_ACCEPTED=false/LICENSE_ACCEPTED=true/g" $baseDir/cec/ceclient_silent_install.txt # Enable only ICN sed -i "s/UPDATE_\([A-Z0-9]\+\)=1/UPDATE_\1=0/g" $baseDir/cec/ceclient_silent_install.txt sed -i "s/UPDATE_CN=0/UPDATE_CN=1/" $baseDir/cec/ceclient_silent_install.txt sed -i "s/CEServer/localhost/g" $baseDir/cec/ceclient_silent_install.txt sed -i "s/CEserver/localhost/g" $baseDir/cec/ceclient_silent_install.txt $baseDir/cec/5.2.1-ICFCPE-CLIENT-LINUX.BIN -i silent -f $baseDir/cec/ceclient_silent_install.txt if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/cec; fi if [[ -f $binaries/cecfp.tar.gz ]]; then cd $baseDir mkdir $baseDir/cecfp tar xzf $binaries/cecfp.tar.gz -C $baseDir/cecfp sed -i "s/LICENSE_ACCEPTED=false/LICENSE_ACCEPTED=true/g" $baseDir/cecfp/ceclient_silent_install.txt # Enable only ICN sed -i "s/UPDATE_\([A-Z0-9]\+\)=1/UPDATE_\1=0/g" $baseDir/cecfp/ceclient_silent_install.txt sed -i "s/UPDATE_CN=0/UPDATE_CN=1/" $baseDir/cecfp/ceclient_silent_install.txt sed -i "s/CEServer/localhost/g" $baseDir/cecfp/ceclient_silent_install.txt sed -i "s/CEserver/localhost/g" $baseDir/cecfp/ceclient_silent_install.txt $baseDir/cecfp/5.2.1.5-P8CPE-CLIENT-LINUX-FP005.BIN -i silent -f $baseDir/cecfp/ceclient_silent_install.txt if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/cecfp; fi fi
Configure the Content Engine
In this step we configure the Content Engine, which is the equivalent of using the Configuration tool UI for editing/running all tasks. We will also create two object stores instead of only one like the CPIT does. We will also creare the FileNet Domain and Object Stores. I’m still using the tool used by the CPIT but I hope to replace it with some small Java application using the FileNet API soon, to get rid of all dependencies on the CPIT installer.
profilePath=/opt/IBM/FileNet/ContentEngine/tools/configure/profiles/was_tiv_db2 cfmgr=/opt/IBM/FileNet/ContentEngine/tools/configure/configmgr_cl $cfmgr generateconfig -appserver WebSphere -license UVU -repositorytype standalone -db db2 -ldap tivoli -bootstrap new -deploy standard -profile $profilePath $cfmgr generateConfig -appserver WebSphere -db db2 -task configurejdbcos -profile $profilePath # Editing the config file xmlstarlet ed --inplace -u "//property[@name='ApplicationServerVersion']/value" -v "8.5" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerAdminUsername']/value" -v "P8Admin" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerAdminPassword']/value" -v "$password" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerSoapPort']/value" -v "8880" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerHostName']/value" -v "localhost" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerCell']/value" -v "P8Node01Cell" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='BootstrapUsername']/value" -v "P8Admin" $profilePath/configurebootstrap.xml xmlstarlet ed --inplace -u "//property[@name='BootstrapPassword']/value" -v "$password" $profilePath/configurebootstrap.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseServerName']/value" -v "localhost" $profilePath/configurejdbcgcd.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePortNumber']/value" -v "3737" $profilePath/configurejdbcgcd.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseName']/value" -v "GCD_DB" $profilePath/configurejdbcgcd.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseUsername']/value" -v "gcddbusr" $profilePath/configurejdbcgcd.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePassword']/value" -v "$password" $profilePath/configurejdbcgcd.xml xmlstarlet ed --inplace -u "//property[@name='JDBCDataSourceName']/value" -v "DESIGNOSDS" $profilePath/configurejdbcos.xml xmlstarlet ed --inplace -u "//property[@name='JDBCDataSourceXAName']/value" -v "DESIGNOSDSXA" $profilePath/configurejdbcos.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseServerName']/value" -v "localhost" $profilePath/configurejdbcos.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePortNumber']/value" -v "3737" $profilePath/configurejdbcos.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseName']/value" -v "DESIGNDB" $profilePath/configurejdbcos.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseUsername']/value" -v "osdbuser" $profilePath/configurejdbcos.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePassword']/value" -v "$password" $profilePath/configurejdbcos.xml xmlstarlet ed --inplace -u "//property[@name='JDBCDataSourceName']/value" -v "TARGETOSDS" $profilePath/configurejdbcos.2.xml xmlstarlet ed --inplace -u "//property[@name='JDBCDataSourceXAName']/value" -v "TARGETOSDSXA" $profilePath/configurejdbcos.2.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseServerName']/value" -v "localhost" $profilePath/configurejdbcos.2.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePortNumber']/value" -v "3737" $profilePath/configurejdbcos.2.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseName']/value" -v "TARGETDB" $profilePath/configurejdbcos.2.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseUsername']/value" -v "osdbuser" $profilePath/configurejdbcos.2.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePassword']/value" -v "$password" $profilePath/configurejdbcos.2.xml xmlstarlet ed --inplace -u "//property[@name='LDAPServerHost']/value" -v "localhost" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='LDAPServerPort']/value" -v "389" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='LDAPBindDN']/value" -v "cn=P8Admin,o=sample" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='LDAPBindPassword']/value" -v "$password" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='LDAPBaseDN']/value" -v "o=sample" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='AdminConsoleUser']/value" -v "P8Admin" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='OverwriteExistingUserReg']/value" -v "true" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='SetAsActiveUserReg']/value" -v "true" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerNode']/value" -v "P8Node01" $profilePath/deployapplication.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerName']/value" -v "server1" $profilePath/deployapplication.xml xmlstarlet ed --inplace -u "//configuration/@enabled" -v "true" $profilePath/deployapplication.xml # Before running the task, we need to set the JDBC driver for DB2 in WAS cat >$baseDir/setJDBC.py<<EOF import sys nodeName = sys.argv[0] node = AdminConfig.getid("/Node:$nodeName/") vars = AdminConfig.list("VariableSubstitutionEntry",node).split(java.lang.System.getProperty("line.separator")) for var in vars: name = AdminConfig.showAttribute(var, "symbolicName") if name == "DB2_JCC_DRIVER_PATH": AdminConfig.modify(var,[["value", "/opt/ibm/db2/V9.7/java"]]) break AdminConfig.save() EOF /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv01 -lang jython -f $baseDir/setJDBC.py P8Node01 /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv02 -lang jython -f $baseDir/setJDBC.py P8Node02 rm -f $baseDir/setJDBC.py # Increasing DB time out in case your host is slow sed -i "s/{value \"600\"}/{value \"3600\"}/g" /opt/IBM/FileNet/ContentEngine/tools/configure/scripts/configureWSJDBC.tcl $cfmgr execute -profile $profilePath -task configurepricingmodel if [[ ! -e $profilePath/status/configurepricingmodel.ok ]]; then echo "configurepricingmodel failed"; exit 1; fi $cfmgr execute -profile $profilePath -task configureldap if [[ ! -e $profilePath/status/configureldap.ok ]]; then echo "configureldap failed"; exit 1; fi $cfmgr execute -profile $profilePath -task configurejdbcgcd if [[ ! -e $profilePath/status/configurejdbcgcd.ok ]]; then echo "configurejdbcgcd failed"; exit 1; fi $cfmgr execute -profile $profilePath -task configureloginmodules if [[ ! -e $profilePath/status/configureloginmodules.ok ]]; then echo "configureloginmodules failed"; exit 1; fi $cfmgr execute -profile $profilePath -taskfile configurejdbcos.xml if [[ ! -e $profilePath/status/configurejdbcos.ok ]]; then echo "configurejdbcos failed"; exit 1; fi $cfmgr execute -profile $profilePath -taskfile configurejdbcos.2.xml if [[ ! -e $profilePath/status/configurejdbcos.2.ok ]]; then echo "configurejdbcos.2 failed"; exit 1; fi $cfmgr execute -profile $profilePath -task configurebootstrap if [[ ! -e $profilePath/status/configurebootstrap.ok ]]; then echo "configurebootstrap failed"; exit 1; fi $cfmgr execute -profile $profilePath -task deployapplication if [[ ! -e $profilePath/status/deployapplication.ok ]]; then echo "deployapplication failed"; exit 1; fi /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/stopServer.sh server1 -username P8Admin -password $password /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/startServer.sh server1 # Create domain and Object Stores # TODO = maybe rewrite the cpt-actions.jar using API to get rid of any dependence on CPIT # It just created the domain and OSs cat >$baseDir/os.properties<<EOF P8ADMINUSER=P8Admin PASSWD=$password CECONNECTIONURI=http://localhost:9080/wsi/FNCEWS40MTOM # P8 object store configuration # P8OSADMINGROUP is the default OS Admin security users and groups (Could be separated by a colon :) P8OSADMINGROUP=P8Admins NUMOS=2 DISPLAYNAME1=P8ConfigObjectStore SYMBOLICNAME1=P8ConfigObjectStore JNDIDATASOURCE1=DESIGNOSDS JNDIXADATASOURCE1=DESIGNOSDSXA DISPLAYNAME2=TARGETOS SYMBOLICNAME2=TARGETOS JNDIDATASOURCE2=TARGETOSDS JNDIXADATASOURCE2=TARGETOSDSXA # P8 Domain security administrator user or administrator group (Default = P8Admins) P8DOMAINADMIN=P8Admins P8DOMAINNAME=P8Domain CEWSISTANZA=FileNetP8WSI # PE Configuration PE_DNSNAME=localhost PE_BROKERPORT=32776 PE_REGIONNUMBER=1 PE_CONNPTNAME=P8ConnPt1 PE_CONNPTDESCRIPTION=PE Connection Point 1 for Region 1 # LDAP Configuration (TDS) DCDISPLAYNAME=P8_TDS LDAPHOST=localhost LDAPPORT=389 LDAPADMINNAME=cn=P8Admin,o=sample LDAPADMINPASSWORD=F0rmation ISSSLENABLED=false USERBASEDN=o=sample USERSEARCHFILTER=(&(objectClass=person)(cn={0})) USERDISPLAYNAMEATTRIBUTE=cn USERNAMEATTRIBUTE=cn GROUPBASEDN=o=sample GROUPSEARCHFILTER=(&(objectClass=groupOfNames)(cn={0})) GROUPDISPLAYNAMEATTRIBUTE=cn GROUPNAMEATTRIBUTE=cn GROUPMEMBERSHIPSEARCHFILTER=(&(objectclass=groupOfNames)(member={0})) RESTRICTMEMBERSHIPTOCONFIGUREREALMS=false EOF CECP=$baseDir/cpt-actions.jar:/opt/IBM/FileNet/ContentEngine/lib/Jace.jar:/opt/IBM/FileNet/ContentEngine/lib/log4j.jar:/opt/IBM/FileNet/ContentEngine/cdapi/stax-api.jar:/opt/IBM/FileNet/ContentEngine/cdapi/xlxpScanner.jar:/opt/IBM/FileNet/ContentEngine/cdapi/xlxpScannerUtils.jar JAASCONFIG=-Djava.security.auth.login.config=/opt/IBM/FileNet/ContentEngine/tools/PE/config /opt/IBM/FileNet/ContentEngine/_cejvm/jre/bin/java -cp $CECP $JAASCONFIG com.ibm.bluestack.utils.P8Util createP8Domain $baseDir/os.properties if [[ $? != 0 ]]; then echo "ERROR: Failed to create P8 domain."; exit 1; fi /opt/IBM/FileNet/ContentEngine/_cejvm/jre/bin/java -cp $CECP $JAASCONFIG com.ibm.bluestack.utils.P8Util createOS $baseDir/os.properties if [[ $? != 0 ]]; then echo "ERROR: Failed to create P8 Object Stores."; exit 1; fi rm -rf $baseDir/os.properties
Configure the Process Engine
JPE_HOME=/opt/IBM/FileNet/ContentEngine/tools/PE echo "JDBC_JAR_PATH=/opt/ibm/tdsV6.3db2/java/db2jcc4.jar:/opt/ibm/tdsV6.3db2/java/db2jcc_license_cu.jar">$JPE_HOME/data/jdbcinit cat >$JPE_HOME/data/peinitD.properties<<EOF DBConnectionName=TARGETOSDS DataSourceName=TARGETOSDS XADataSourceName=TARGETOSDSXA SysAdminGroup=P8Admins SysConfigGroup=P8Admins DateTimeMask=mm/dd/yyyy hh\:tt\:ss DefaultLocale=en_US pe_data=PEDATA_TS RegionDisplayName=P8Region IsolatedRegionNumber=1 DBSchemaName=OSDBUSER EnableRegionForBackup=false EOF $JPE_HOME/peinit P8ConnPt1 -D $JPE_HOME/data/peinitD.properties -Y P8Admin+$password if [[ $? != 0 ]]; then echo "ERROR: Failed to configure PE."; exit 1; fi rm -f $JPE_HOME/data/peinitD.properties
Export the LTPA key
We need to export the LTPA key from the profile 1 (FileNet) to import it in the profile 2 (ICN) so they can share authentication.
cat >$baseDir/exportLTPA.py<<EOF import java.lang.String as jstr import java.io as jio import javax.management as jmgmt ltpaKeyFile=sys.argv[0] password=jstr(sys.argv[1]).getBytes() security=AdminControl.queryNames('*:*,name=SecurityAdmin') securityON=jmgmt.ObjectName(security) params=[password] signature=['[B'] ltpaKeys=AdminControl.invoke_jmx(securityON,'exportLTPAKeys', params, signature) fout=jio.FileOutputStream(ltpaKeyFile) ltpaKeys.store(fout,'') fout.close() EOF /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv01 -lang jython -f $baseDir/exportLTPA.py /opt/IBM/ltpakeys.txt $password rm -f $baseDir/exportLTPA.py
Configure ICN
mkdir -p /opt/IBM/NEXUSDB2 chmod 777 /opt/IBM/NEXUSDB2 cat >$baseDir/createICNdbs.sh<<EOF db2 -v CONNECT RESET db2 -v DROP DATABASE NEXUSDB #-- Create the database - these statements must be on a single line db2 -v -t "CREATE DATABASE NEXUSDB ON '/opt/IBM/NEXUSDB2' USING CODESET UTF-8 TERRITORY US COLLATE USING SYSTEM CATALOG TABLESPACE MANAGED BY SYSTEM USING ('/opt/IBM/NEXUSDB2/NEXUSDB/sys') TEMPORARY TABLESPACE MANAGED BY SYSTEM USING ('/opt/IBM/NEXUSDB2/NEXUSDB/systmp') USER TABLESPACE MANAGED BY SYSTEM USING ('/opt/IBM/NEXUSDB2/NEXUSDB/usr')" ; db2 CONNECT TO NEXUSDB db2 GRANT secadm ON DATABASE TO USER nxsdbusr db2 GRANT CREATETAB,CONNECT,IMPLICIT_SCHEMA,DBADM,load ON DATABASE TO user nxsdbusr db2 UPDATE DATABASE CONFIGURATION USING APPLHEAPSZ 2560 IMMEDIATE db2 -v CONNECT RESET EOF chmod a+x $baseDir/createICNdbs.sh su - dsrdbm01 -c $baseDir/createICNdbs.sh rm -f $baseDir/createICNdbs.sh # Create the profile profilePath=/opt/IBM/ECMClient/configure/profiles/icn_was_tiv_db2 cfmgr=/opt/IBM/ECMClient/configure/configmgr_cl $cfmgr generateConfig -appserver websphere -configure_FileNetP8 \ yes -configure_CMIS_FileNetP8 yes -db db2 -deploy standard -ldap_Repository federated -ldap tivoli \ -profile $profilePath -appserverVersion 8.5 -cmisAuth httpbasic -icn_sso none -silent xmlstarlet ed --inplace -u "//property[@name='ApplicationServerVersion']/value" -v "8.5" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerProfileFolder']/value" -v "/opt/IBM/WebSphere/AppServer/profiles/AppSrv02" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerAdminUsername']/value" -v "P8Admin" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerAdminPassword']/value" -v "$password" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerSoapPort']/value" -v "8881" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerHostName']/value" -v "localhost" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerCell']/value" -v "P8Node02Cell" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseSchema']/value" -v "NEXUS" $profilePath/configureicntask.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseServerName']/value" -v "localhost" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePortNumber']/value" -v "3737" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseName']/value" -v "NEXUSDB" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseUsername']/value" -v "nxsdbusr" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePassword']/value" -v "$password" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='ECMClientAdminName']/value" -v "P8Admin" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseSchema']/value" -v "NEXUS" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='TableSpaceName']/value" -v "NEXUSTS" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='jdbcDir']/value" -v "/opt/ibm/db2/V9.7/java" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='jdbcDir']/value" -v "/opt/ibm/db2/V9.7/java" $profilePath/configurejdbcjarsecm.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerNode']/value" -v "P8Node02" $profilePath/configurejdbcjarsecm.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerName']/value" -v "server1" $profilePath/configurejdbcjarsecm.xml xmlstarlet ed --inplace -u "//property[@name='LDAPServerHost']/value" -v "localhost" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='LDAPServerPort']/value" -v "389" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='LDAPBindDN']/value" -v "cn=P8Admin,o=sample" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='LDAPBindPassword']/value" -v "$password" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='WasFederatedBaseEntryDNRepository']/value" -v "o=sample" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='FederatedRepositoriesRealm']/value" -v "defaultWIMFileBasedRealm" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='WasFederatedRepositoryId']/value" -v "localhost" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='WasFederatedBaseEntryDNRealm']/value" -v "o=sample" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='AdminConsoleUser']/value" -v "P8Admin" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='SetAsActiveUserReg']/value" -v "false" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseSchema']/value" -v "NEXUS" $profilePath/configuretmtask.xml xmlstarlet ed --inplace -u "//property[@name='tmAdminUser']/value" -v "P8Admin" $profilePath/configuretmtask.xml xmlstarlet ed --inplace -u "//property[@name='tmAdminPassword']/value" -v "$password" $profilePath/configuretmtask.xml xmlstarlet ed --inplace -u "//property[@name='tmBaseURL']/value" -v "http://`hostname`:9081/taskManagerWeb/api/v1" $profilePath/configuretmtask.xml xmlstarlet ed --inplace -u "//property[@name='CEHost']/value" -v "localhost" $profilePath/downloadcejarstask.xml xmlstarlet ed --inplace -u "//property[@name='CEPortNumber']/value" -v "9080" $profilePath/downloadcejarstask.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerNode']/value" -v "P8Node02" $profilePath/deployapplication.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerName']/value" -v "server1" $profilePath/deployapplication.xml xmlstarlet ed --inplace -u "//property[@name='LTPAKeyPath']/value" -v "/opt/IBM/ltpakeys.txt" $profilePath/importltpakey.xml xmlstarlet ed --inplace -u "//property[@name='LTPAKeyPassword']/value" -v "$password" $profilePath/importltpakey.xml $cfmgr execute -task downloadcejarstask -profile $profilePath if [[ ! -e $profilePath/status/downloadcejarstask.ok ]]; then echo "downloadcejarstask failed"; exit 1; fi $cfmgr execute -task configureldap -profile $profilePath if [[ ! -e $profilePath/status/configureldap.ok ]]; then echo "configureldap failed"; exit 1; fi $cfmgr execute -task importltpakey -profile $profilePath if [[ ! -e $profilePath/status/importltpakey.ok ]]; then echo "importltpakey failed"; exit 1; fi $cfmgr execute -task configurejdbcjarsecm -profile $profilePath if [[ ! -e $profilePath/status/configurejdbcjarsecm.ok ]]; then echo "configurejdbcjarsecm failed"; exit 1; fi $cfmgr execute -task configurejdbcecm -profile $profilePath if [[ ! -e $profilePath/status/configurejdbcecm.ok ]]; then echo "configurejdbcecm failed"; exit 1; fi chmod 777 /opt/IBM/ECMClient/configure/dbscripts/db2/modified/DB2_ONE_SCRIPT.sql cat > $baseDir/initICNdb.sh<<EOF db2 "CONNECT TO NEXUSDB" db2 -tvmf /opt/IBM/ECMClient/configure/dbscripts/db2/modified/DB2_ONE_SCRIPT.sql db2 "COMMIT" EOF chmod 777 $baseDir/initICNdb.sh su - dsrdbm01 -c "$baseDir/initICNdb.sh" $cfmgr execute -task configureloginmodules -profile $profilePath if [[ ! -e $profilePath/status/configureloginmodules.ok ]]; then echo "configureloginmodules failed"; exit 1; fi $cfmgr execute -task configuretmtask -profile $profilePath if [[ ! -e $profilePath/status/configuretmtask.ok ]]; then echo "configuretmtask failed"; exit 1; fi $cfmgr execute -task configureicntask -profile $profilePath if [[ ! -e $profilePath/status/configureicntask.ok ]]; then echo "configureicntask failed"; exit 1; fi $cfmgr execute -task rebuildear -profile $profilePath if [[ ! -e $profilePath/status/rebuildear.ok ]]; then echo "rebuildear failed"; exit 1; fi $cfmgr execute -task deployapplication -profile $profilePath if [[ ! -e $profilePath/status/deployapplication.ok ]]; then echo "deployapplication failed"; exit 1; fi
Configure the FileNet/ICN applications in WAS
The applications deployed in WAS need some more configuration to work properly.
cat >$baseDir/configWASFN.py<<EOF import java lineSeparator = java.lang.System.getProperty('line.separator') def enableCookie(server, value): wc = AdminConfig.list('WebContainer',server) services = AdminConfig.list('Service',wc).splitlines() for service in services: AdminConfig.modify(service,[['enableCookies',value]]) def serverSessionmanagementCookiesHttpOnly(server, value): wc = AdminConfig.list('WebContainer',server) services = AdminConfig.list('Service',wc).splitlines() for service in services: dcs = AdminConfig.showAttribute(service, 'defaultCookieSettings'); AdminConfig.modify(dcs,[['httpOnly',value]]) def setSecurityProperty(propertyName, propertyValue): security = AdminConfig.getid('/Security:/') prop = AdminConfig.getid('/Security:/Property:'+propertyName+'/') if prop: AdminConfig.modify(prop, [['value', propertyValue]]) else: AdminConfig.create('Property', security, [['name',propertyName], ['value',propertyValue]]) def addServerSessionManagementProperty(server, propertyName, propertyValue): wc = AdminConfig.list('WebContainer',server) services = AdminConfig.list('Service',wc).splitlines() attr = [['name',propertyName],['value',propertyValue]] for service in services: AdminConfig.create('Property', service, attr) server = AdminConfig.getid('/Server:server1/') # Add the InvalidateOnUnauthorizedSessionRequestException = true custom property to the server session management. addServerSessionManagementProperty(server, 'InvalidateOnUnauthorizedSessionRequestException', 'true') # Uncheck "Set security cookies to HTTP Only to help prevent cross-site scripting attacks" in SSO settings setSecurityProperty('com.ibm.ws.security.addHttpOnlyAttributeToCookies', 'false') # Enable server session management cookies and Uncheck "Set session cookies to HTTP Only to help prevent cross-site scripting attacks". enableCookie(server, 'true') serverSessionmanagementCookiesHttpOnly(server, 'false') server = AdminConfig.getid('/Server:server1/') jvms = AdminConfig.list('JavaVirtualMachine',server) arrayJVMs = jvms.split(lineSeparator) jvm = arrayJVMs[0] attr_name = ['name', "com.ibm.websphere.orb.uniqueServerName"] attr_value = ['value', "true"] attr_required = ['required', "false"] attr_description = ['description', ""] attr_list = [attr_name, attr_value, attr_required, attr_description] property=['systemProperties',[attr_list]] AdminConfig.modify(jvm, [property]) AdminTask.configureTrustedRealms('[-communicationType outbound -trustAllRealms true]') AdminTask.configureTrustedRealms('[-communicationType inbound -trustAllRealms true]') AdminConfig.save() EOF /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv01 -lang jython -f $baseDir/configWASFN.py rm -f $baseDir/configWASFN.py cat >$baseDir/configWASFN.py<<EOF import java lineSeparator = java.lang.System.getProperty('line.separator') server = AdminConfig.getid('/Server:server1/') jvms = AdminConfig.list('JavaVirtualMachine',server) arrayJVMs = jvms.split(lineSeparator) jvm = arrayJVMs[0] attr_name = ['name', "com.ibm.websphere.orb.uniqueServerName"] attr_value = ['value', "true"] attr_required = ['required', "false"] attr_description = ['description', ""] attr_list = [attr_name, attr_value, attr_required, attr_description] property=['systemProperties',[attr_list]] AdminConfig.modify(jvm, [property]) AdminTask.configureTrustedRealms('[-communicationType outbound -trustAllRealms true]') AdminTask.configureTrustedRealms('[-communicationType inbound -trustAllRealms true]') AdminTask.renameIdMgrRealm('[-name defaultWIMFileBasedRealm -newName localhost:389]') AdminTask.configureAdminWIMUserRegistry('[-realmName localhost:389 -verifyRegistry false ]') AdminConfig.save() EOF /opt/ibm/WebSphere/AppServer/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv02 -lang jython -f $baseDir/configWASFN.py rm -f $baseDir/configWASFN.py
Final tasks
To finalize this install, we will restart WAS, uninstall the default application in WAS and create a start and stop script for the whole platform.
/opt/ibm/WebSphere/AppServer/profiles/AppSrv02/bin/stopServer.sh server1 -username P8Admin -password $password /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/stopServer.sh server1 -username P8Admin -password $password /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/startServer.sh server1 /opt/ibm/WebSphere/AppServer/profiles/AppSrv02/bin/startServer.sh server1 echo Restarted WAS # Uninstall the useless default app in WAS echo Uninstalling DefaultApplication... cat > $baseDir/uninstallDefault.py<<EOF AdminApp.uninstall('DefaultApplication') AdminConfig.save() EOF /opt/ibm/WebSphere/AppServer/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv01 -lang jython -f $baseDir/uninstallDefault.py /opt/ibm/WebSphere/AppServer/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv02 -lang jython -f $baseDir/uninstallDefault.py rm -f uninstallDefault.py echo Uninstalled DefaultApplication mkdir /FileNet cat <<EOF > /FileNet/start.sh #!/bin/bash /etc/init.d/iptables stop su - dsrdbm01 -c db2start cd /opt/ibm/ldap/V6.3/sbin ./idsdiradm -I dsrdbm01 ./ibmslapd -n -I dsrdbm01 cd /opt/ibm/WebSphere/AppServer/bin/ ./startServer.sh server1 -profileName AppSrv01 ./startServer.sh server1 -profileName AppSrv02 EOF cat <<EOF > /FileNet/stop.sh #!/bin/bash cd /opt/ibm/WebSphere/AppServer/bin/ ./stopServer.sh server1 -profileName AppSrv02 -username P8Admin -password $password ./stopServer.sh server1 -profileName AppSrv01 -username P8Admin -password $password cd /opt/ibm/ldap/V6.3/sbin ./ibmslapd -I dsrdbm01 -k ./idsdiradm -I dsrdbm01 -k su - dsrdbm01 -c db2stop EOF chmod u+x /FileNet/start.sh chmod u+x /FileNet/stop.sh
All in one script
Here is a script you can use and customize to install a fully working platform. Feel free to change versions, location of components, users and so on. You might have to edit the cript a bit everywhere if you decide to change any of those, I haven’t made them easy to configure yet so snapshot and try :).
#!/bin/bash #################### INFORMATION ######################### ### This script install a full P8 platform, like a ### ### Composite Platform Installation Tool would do, ### ### However it fixes errors from the CPIT and do ### ### everything from one script (except the create ### ### domain/object stores tool), instead of having a ### ### lot of files dependencies. That explains there is ### ### so many HERE-doc statements, but it makes it easy ### ### to ship and easy to change options in the install. ### ### You can change easily versions, FPs, users, even ### ### run part of it on difference server and not having ### ### a standalone server only. ### ### To use to you own risk, snapshot/backup before use.### ########################################################## # Configuration shortcuts (others will have to be # changed within the script) password=IBMFileNetP8 binaries=/cpit_binaries cleanBinaries=true # Setup, do not touch baseDir=`pwd` logDir=`pwd`/log mkdir -p $logDir [[ -f $binaries/db2.tar.gz ]] || { echo "db2.tar.gz does not exit"; exit 1; } [[ -f $binaries/db2lic.zip ]] || { echo "db2lic.zip does not exit"; exit 1; } [[ -f $binaries/tds.tar ]] || { echo "tds.tar does not exit"; exit 1; } [[ -f $binaries/tdsfp.tar ]] || { fpMissing "tdsfp.tar"; } [[ -f $binaries/tdsgskit.tar ]] || { echo "tdsgskit.tar does not exit"; exit 1; } [[ -f $binaries/im.zip ]] || { echo "im.zip does not exit"; exit 1; } [[ -f $binaries/WAS_V8.5.5_1_OF_3.zip ]] || { echo "WAS_V8.5.5_1_OF_3.zip does not exit"; exit 1; } [[ -f $binaries/WAS_V8.5.5_2_OF_3.zip ]] || { echo "WAS_V8.5.5_2_OF_3.zip does not exit"; exit 1; } [[ -f $binaries/WAS_V8.5.5_3_OF_3.zip ]] || { echo "WAS_V8.5.5_3_OF_3.zip does not exit"; exit 1; } [[ -f $binaries/ce.tar.gz ]] || { echo "ce.tar.gz does not exit"; exit 1; } [[ -f $binaries/cefp.tar.gz ]] || { fpMissing "cefp.tar.gz";} [[ -f $binaries/cec.tar.gz ]] || { echo "cec.tar.gz does not exit"; exit 1; } [[ -f $binaries/cecfp.tar.gz ]] || { fpMissing "cecfp.tar.gz"; } [[ -f $binaries/icn.tar ]] || { echo "icn.tar does not exit"; exit 1; } [[ -f $binaries/icnfp.tar ]] || { fpMissing "icnfp.tar"; } command -v xmlstarlet >/dev/null 2>&1 || { yum -y install xmlstarlet; } command -v xmlstarlet >/dev/null 2>&1 || { echo "xmlstarlet not installed"; exit 1; } function fpMissing { while true; do read -p " ****************************** WARNING ****************************** Fix pack $1 is missing. Are you sure you want to install without it? ****************************** WARNING ****************************** Are you sure? (yes/no): " yn case $yn in [Yy]* ) break;; [Nn]* ) exit;; * ) echo "Please answer yes or no.";; esac done } ###################### STEP 1 ############################ ### Pre-requisites ### ########################################################## echo 1/19: Installing pre-requisites... # Install some required pre-requisites to make sure installs work yum -y install ld-linux.so.2 libgcc_s.so.1 libX11.so.6 libXp.i686 libXp.x86_64 libXpm.i686 libXpm.x86_64 gtk2.x86_64 gtk2.i686 libXft.i686 libXft.x86_64 libXmu.i686 libXmu.x86_64 libXtst.i686 libXtst.x86_64 ksh ksh.x86_64 unzip bc sed compat-db47.i686 compat-db47.x86_64 pam.i686 pam.x86_64 elfutils.x86_64 elfutils-libs.i686 elfutils-libs.x86_64 rpm-build.x86_64 libgcc_s.so.1 libaio.x86_64 libstdc++.so.5 libstdc++.so.6 glibc.i686 libgcc.i686 libgcc.x86_64 libstdc++.so.5 compat-libstdc++-33.i686 compat-libstdc++-33.x86_64 # Disable SELinux for the install just to be sure /usr/sbin/setenforce 0 # Setting name properly NAME=`hostname` sed -i "s/HOSTNAME=.*$/HOSTNAME=$NAME/g" /etc/sysconfig/network hostname $NAME sed -i "s/localhost4\slocalhost4.localdomain4\s*$/localhost4 localhost4.localdomain4 $NAME/g" /etc/hosts sed -i "s/localhost6\slocalhost6.localdomain6\s*$/localhost6 localhost6.localdomain6 $NAME/g" /etc/hosts echo $NAME > /etc/HOSTNAME #Create the base folder and symlink it to avoid errors mkdir /opt/IBM ln -s /opt/IBM /opt/ibm chmod 775 /opt/IBM # Symlink ksh to be sure it's found ln -s /bin/ksh /usr/bin/ksh mkdir $baseDir/tdsgskit tar -xf $binaries/tdsgskit.tar -C $baseDir/tdsgskit echo Installing gskit rpm -Uhv $baseDir/tdsgskit/8.0.14.27-ISS-GSKIT-LinuxX64-FP0027/64/gsk*rpm echo Installed pre-requisites ###################### STEP 2 ############################ ### Create users ### ########################################################## echo 2/19: Creating users... # Creating users and groups for the installation groupadd fnadmin groupadd fnop groupadd fnusr adduser gcddbusr echo $password | passwd --stdin gcddbusr adduser osdbuser echo $password | passwd --stdin osdbuser adduser nxsdbusr echo $password | passwd --stdin nxsdbusr adduser -G fnadmin,fnop,fnusr,adm,bin,sys P8Admin echo $password | passwd --stdin P8Admin useradd -G fnadmin,fnop,fnusr,adm,root,bin,daemon,sys,disk,wheel P8Admin echo $password | passwd --stdin P8Admin echo Created users ###################### STEP 3 ############################ ### Install DB2 ### ########################################################## echo 3/19: Installing DB2... mkdir $baseDir/db2 mkdir $baseDir/db2lic tar xfz $binaries/db2.tar.gz -C $baseDir/db2 unzip -q $binaries/db2lic.zip -d $baseDir/db2lic # Create the DB2 repsonse file, we want an instance for TDS reade cat >$baseDir/db2.rsp<<EOF PROD = ENTERPRISE_SERVER_EDITION FILE = /opt/ibm/db2/V9.7 LIC_AGREEMENT = ACCEPT ** ACCEPT or DECLINE INTERACTIVE = NONE ** NONE, YES, MACHINE INSTALL_TYPE = TYPICAL ** TYPICAL, COMPACT, CUSTOM INSTANCE = DB2_INST ** char(8) no spaces DB2_INST.NAME = dsrdbm01 ** char(8) no spaces, no upper case letters DB2_INST.GROUP_NAME = grrdbm01 ** char(30) no spaces DB2_INST.HOME_DIRECTORY = /home/dsrdbm01 ** char(64) no spaces. Valid for root installation only DB2_INST.PASSWORD = $password ** Valid for root installation only DB2_INST.TYPE = ESE ** DSF ESE WSE STANDALONE CLIENT DB2_INST.AUTOSTART = YES ** YES or NO DB2_INST.START_DURING_INSTALL = YES ** YES or NO. Default is YES. DB2_INST.SVCENAME = dsrdbm01svcids ** BLANK or char(14). Reserved for root installation only DB2_INST.PORT_NUMBER = 3737 ** 1024 - 65535, Reserved for root installation only DB2_INST.FENCED_GROUP_NAME = db2fsdm1 ** char(30) no spaces EOF # We need to free the port 3737 in the services file, this service is not used and conflict with DB2 sed -i "s/3737\/tcp/37370\/tcp/g" /etc/services $baseDir/db2/server/db2setup -r $baseDir/db2.rsp -l $logDir/db2install.txt # Set the DB2 license /opt/ibm/db2/V9.7/adm/db2licm -a $baseDir/db2lic/ese_o/db2/license/db2ese_o.lic /opt/ibm/db2/V9.7/adm/db2licm -l if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/db2lic $baseDir/db2; fi echo Installed DB2 ###################### STEP 4 ############################ ### Install/Configure TDS and TDS Fix Pack ### ########################################################## echo 4/19: Installing TDS... mkdir $baseDir/tds tar xf $binaries/tds.tar -C $baseDir/tds cat >$baseDir/tds.rsp<<EOF -silent -G createDirectoryResponse="yes" -G replaceExistingResponse="yesToAll" # install destination - this can be modified to install location -P product.installLocation="/opt/IBM/ldap/V6.3" -P DB2Feature.active=true -P BaseServerFeature.active=true -P ServerFeature.active=true -P ProxyServerFeature.active=false -P JavaClientFeature.active=true -P ClientFeature.active=true -P WebadminFeature.active=true -P GSKITFeature.active=false -P AppSrvFeature.active=false # Replace the following with a valid Userid for the Db2 administrator. Used only if DB2 is being installed. -W LdapInit.silentDB2Admin="P8Admin" # Replace the following with a valid password for the Db2 administrator. Used only if DB2 is being installed. -W LdapInit.silentDB2AdminPW="$password" # This must be last line. Be sure no blank lines or carriage controls follow! EOF cd $baseDir/tds/tdsV6.3/tds ./install_tds.bin -is:silent -options $baseDir/tds.rsp -is:log $logDir/installtds63.txt if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/tds; fi cd $baseDir mkdir $baseDir/tdsfp tar xf $binaries/tdsfp.tar -C $baseDir/tdsfp cd $baseDir/tdsfp/6.3.0.24-ISS-ITDS-LinuxX64-FP0024 # Install the license first so we don't get prompt when installing FP24 ./license/idsLicense -q ./idsinstall -u -f >$logDir/installtds63fp.txt if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/tdsfp; fi # Configure TDS # This one must be called as ./, not absolute path from somewhere else or it doesn't work cd /opt/IBM/ldap/V6.3/idstools ./idsdefinst -p $password -w $password -e encryptionseed if [ ! -d /home/dsrdbm01/dsrdbm01/NODE0000 ]; then echo ERROR: TDS Default instance was not created.; exit 1; fi echo "# The following three lines have been added by IBM DB2 instance utilities." >> /home/dsrdbm01/.profile echo "if [ -f /home/dsrdbm01/sqllib/db2profile ]; then" >> /home/dsrdbm01/.profile echo " . /home/dsrdbm01/sqllib/db2profile" >> /home/dsrdbm01/.profile echo "fi" >> /home/dsrdbm01/.profile echo Installed TDS ###################### STEP 5 ############################ ### Install Installation Manager ### ########################################################## echo 5/19: Installing IM... cd $baseDir mkdir $baseDir/im unzip -q $binaries/im.zip -d $baseDir/im chmod 777 $baseDir/im/installc $baseDir/im/installc -acceptLicense if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/im; fi echo Installed IM ###################### STEP 6 ############################ ### Install WebSphere 8.5.5 ### ########################################################## echo 6/19: Installing WAS... cd $baseDir mkdir $baseDir/was unzip -q $binaries/WAS_V8.5.5_1_OF_3.zip -d $baseDir/was unzip -q $binaries/WAS_V8.5.5_2_OF_3.zip -d $baseDir/was unzip -q $binaries/WAS_V8.5.5_3_OF_3.zip -d $baseDir/was cat >$baseDir/was-install.xml<<EOF <?xml version="1.0" encoding="UTF-8"?> <!--The "acceptLicense" attribute has been deprecated. Use "-acceptLicense" command line option to accept license agreements.--> <agent-input acceptLicense='true'> <server> <repository location='$baseDir/was'/> </server> <profile id='IBM WebSphere Application Server V8.5' installLocation='/opt/ibm/WebSphere/AppServer'> <data key='eclipseLocation' value='/opt/ibm/WebSphere/AppServer'/> <data key='user.import.profile' value='false'/> <data key='cic.selector.os' value='linux'/> <data key='cic.selector.ws' value='gtk'/> <data key='cic.selector.arch' value='x86'/> <data key='cic.selector.nl' value='en'/> </profile> <install modify='false'> <offering id='com.ibm.websphere.BASE.v85' version='8.5.5000.20130514_1044' profile='IBM WebSphere Application Server V8.5' features='thinclient,ejbdeploy,core.feature,embeddablecontainer,com.ibm.sdk.6_64bit' installFixes='none'/> </install> <preference name='com.ibm.cic.common.core.preferences.eclipseCache' value='/opt/IBM/IMShared'/> <preference name='com.ibm.cic.common.core.preferences.connectTimeout' value='30'/> <preference name='com.ibm.cic.common.core.preferences.readTimeout' value='45'/> <preference name='com.ibm.cic.common.core.preferences.downloadAutoRetryCount' value='0'/> <preference name='offering.service.repositories.areUsed' value='true'/> <preference name='com.ibm.cic.common.core.preferences.ssl.nonsecureMode' value='false'/> <preference name='com.ibm.cic.common.core.preferences.http.disablePreemptiveAuthentication' value='false'/> <preference name='http.ntlm.auth.kind' value='NTLM'/> <preference name='http.ntlm.auth.enableIntegrated.win32' value='true'/> <preference name='com.ibm.cic.common.core.preferences.preserveDownloadedArtifacts' value='true'/> <preference name='com.ibm.cic.common.core.preferences.keepFetchedFiles' value='false'/> <preference name='PassportAdvantageIsEnabled' value='false'/> <preference name='com.ibm.cic.common.core.preferences.searchForUpdates' value='false'/> <preference name='com.ibm.cic.agent.ui.displayInternalVersion' value='false'/> <preference name='com.ibm.cic.common.sharedUI.showErrorLog' value='true'/> <preference name='com.ibm.cic.common.sharedUI.showWarningLog' value='true'/> <preference name='com.ibm.cic.common.sharedUI.showNoteLog' value='true'/> </agent-input> EOF /opt/IBM/InstallationManager/eclipse/tools/imcl -input $baseDir/was-install.xml -log $logDir/was85_install.log -acceptLicense # Create profiles /opt/IBM/WebSphere/AppServer/bin/manageprofiles.sh -create -profileName AppSrv01 -cellName P8Node01Cell -nodeName P8Node01 -serverName server1 -enableAdminSecurity true -adminUserName P8Admin -adminPassword $password /opt/IBM/WebSphere/AppServer/bin/manageprofiles.sh -create -profileName AppSrv02 -cellName P8Node02Cell -nodeName P8Node02 -serverName server1 -enableAdminSecurity true -adminUserName P8Admin -adminPassword $password if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/was; fi echo Installied WAS ###################### STEP 7 ############################ ### Configure DB2 for FileNet ### ########################################################## echo 7/19: Configuring DB2 for FileNet... # add users to the correct groups: root and grrdbm01 usermod -a -G root dsrdbm01 usermod -a -G root gcddbusr usermod -a -G root osdbuser usermod -a -G root P8Admin usermod -a -G grrdbm01 dsrdbm01 usermod -a -G grrdbm01 gcddbusr usermod -a -G grrdbm01 osdbuser usermod -a -G grrdbm01 P8Admin # Create he DB locations on the disk mkdir -p /opt/IBM/DB2Databases chmod 777 /opt/IBM/DB2Databases cat >$baseDir/createFNdbs.sh<<EOF db2 CONNECT RESET echo "Creating Content Engine GCD database, tablespace, and granting proper rights to gcddbusr ..." db2 CREATE DATABASE GCD_DB AUTOMATIC STORAGE YES ON /opt/IBM/DB2Databases USING CODESET UTF-8 TERRITORY US COLLATE USING SYSTEM PAGESIZE 32768 db2 CONNECT TO GCD_DB db2 CREATE REGULAR TABLESPACE GCD_TS PAGESIZE 32 K MANAGED BY AUTOMATIC STORAGE EXTENTSIZE 16 OVERHEAD 10.5 PREFETCHSIZE 16 TRANSFERRATE 0.14 BUFFERPOOL IBMDEFAULTBP DROPPED TABLE RECOVERY ON db2 GRANT CREATETAB,CONNECT ON DATABASE TO USER gcddbusr db2 GRANT USE OF TABLESPACE GCD_TS TO USER gcddbusr db2 CONNECT RESET echo "Creating Content Engine TARGET Object Store database, tablespaces, and granting proper rights to osdbuser ..." db2 CREATE DATABASE TARGETDB AUTOMATIC STORAGE YES ON /opt/IBM/DB2Databases USING CODESET UTF-8 TERRITORY US COLLATE USING SYSTEM PAGESIZE 32768 db2 CONNECT TO TARGETDB db2 CREATE REGULAR TABLESPACE CEDATA_TS PAGESIZE 32 K MANAGED BY AUTOMATIC STORAGE EXTENTSIZE 16 OVERHEAD 10.5 PREFETCHSIZE 16 TRANSFERRATE 0.14 BUFFERPOOL IBMDEFAULTBP DROPPED TABLE RECOVERY ON db2 CREATE USER TEMPORARY TABLESPACE USRTEMP_TS PAGESIZE 32 K MANAGED BY AUTOMATIC STORAGE EXTENTSIZE 16 OVERHEAD 10.5 PREFETCHSIZE 16 TRANSFERRATE 0.14 BUFFERPOOL IBMDEFAULTBP db2 GRANT CREATETAB,CONNECT ON DATABASE TO USER osdbuser db2 GRANT USE OF TABLESPACE CEDATA_TS TO USER osdbuser db2 GRANT USE OF TABLESPACE USRTEMP_TS TO USER osdbuser db2 CREATE REGULAR TABLESPACE PEDATA_TS PAGESIZE 32 K MANAGED BY AUTOMATIC STORAGE EXTENTSIZE 16 OVERHEAD 10.5 PREFETCHSIZE 16 TRANSFERRATE 0.14 BUFFERPOOL IBMDEFAULTBP DROPPED TABLE RECOVERY ON db2 GRANT SECADM ON DATABASE TO USER P8Admin db2 GRANT CREATETAB,CONNECT ON DATABASE TO user P8Admin db2 grant use of tablespace pedata_ts to user P8Admin db2 UPDATE DATABASE CONFIGURATION USING APPLHEAPSZ 2560 IMMEDIATE db2 CONNECT RESET echo "--------------------" echo "Creating Content Engine DESIGN Object Store database, tablespaces, and granting proper rights to osdbuser ..." db2 CREATE DATABASE DESIGNDB AUTOMATIC STORAGE YES ON /opt/IBM/DB2Databases USING CODESET UTF-8 TERRITORY US COLLATE USING SYSTEM PAGESIZE 32768 db2 CONNECT TO DESIGNDB db2 CREATE REGULAR TABLESPACE CEDATA_TS PAGESIZE 32 K MANAGED BY AUTOMATIC STORAGE EXTENTSIZE 16 OVERHEAD 10.5 PREFETCHSIZE 16 TRANSFERRATE 0.14 BUFFERPOOL IBMDEFAULTBP DROPPED TABLE RECOVERY ON db2 CREATE USER TEMPORARY TABLESPACE USRTEMP_TS PAGESIZE 32 K MANAGED BY AUTOMATIC STORAGE EXTENTSIZE 16 OVERHEAD 10.5 PREFETCHSIZE 16 TRANSFERRATE 0.14 BUFFERPOOL IBMDEFAULTBP db2 GRANT CREATETAB,CONNECT ON DATABASE TO USER osdbuser db2 GRANT USE OF TABLESPACE CEDATA_TS TO USER osdbuser db2 GRANT USE OF TABLESPACE USRTEMP_TS TO USER osdbuser db2 CREATE REGULAR TABLESPACE PEDATA_TS PAGESIZE 32 K MANAGED BY AUTOMATIC STORAGE EXTENTSIZE 16 OVERHEAD 10.5 PREFETCHSIZE 16 TRANSFERRATE 0.14 BUFFERPOOL IBMDEFAULTBP DROPPED TABLE RECOVERY ON db2 GRANT SECADM ON DATABASE TO USER P8Admin db2 GRANT CREATETAB,CONNECT ON DATABASE TO user P8Admin db2 grant use of tablespace pedata_ts to user P8Admin db2 UPDATE DATABASE CONFIGURATION USING APPLHEAPSZ 2560 IMMEDIATE db2 CONNECT RESET echo "--------------------" db2 CONNECT RESET echo "--------------------" EOF # Change DB2 port cat >$baseDir/setDB2port.sh<<EOF db2 update dbm cfg using SVCENAME 3737 db2stop FORCE db2start db2 get dbm cfg | grep SVCENAME EOF # Start the instance /opt/ibm/db2/V9.7/instance/db2istrt dsrdbm01 chmod a+x $baseDir/createFNdbs.sh chmod a+x $baseDir/setDB2port.sh su - dsrdbm01 -c $baseDir/createFNdbs.sh su - dsrdbm01 -c $baseDir/setDB2port.sh rm -f $baseDir/createFNdbs.sh rm -f $baseDir/setDB2port.sh if [ ! -d /opt/IBM/DB2Databases/dsrdbm01/NODE0000 ]; then echo "ERROR: P8 Database was not created."; exit 1; fi echo Configured DB2 for FileNet ###################### STEP 8 ############################ ### Import default users in TDS ### ########################################################## echo 8/19: Importing users in TDS... cat >$baseDire/users.ldif<<EOF dn: o=sample objectclass: top objectclass: domain dc: o=sample o: sample dn: cn=P8Admin,o=sample cn: P8Admin sn: P8Admin userpassword: $password objectclass: top objectclass: organizationalPerson objectclass: person dn: cn=tester,o=sample cn: tester sn: tester userpassword: $password objectclass: top objectclass: organizationalPerson objectclass: person dn: cn=P8Admins,o=sample objectclass: groupOfNames objectclass: top cn: P8Admins member: cn=P8Admin,o=sample dn: cn=GeneralUsers,o=sample objectclass: groupOfNames objectclass: top cn: GeneralUsers member: cn=P8Admin,o=sample member: cn=tester,o=sample EOF /opt/IBM/ldap/V6.3/sbin/idsldif2db -i $baseDire/users.ldif -I dsrdbm01 # Start TDS /opt/IBM/ldap/V6.3/sbin/ibmslapd -I dsrdbm01 echo Imported users in TDS ###################### STEP 9 ############################ ### Deploy TDS admin app in WAS ### ########################################################## echo 9/19: Deploying TDS admin app in WAS... # Start WAS /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/startServer.sh server1 /opt/ibm/WebSphere/AppServer/profiles/AppSrv02/bin/startServer.sh server1 cat >$baseDir/deploy.py<<EOF server = AdminConfig.getid('/Server:server1/') AdminApp.install('/opt/ibm/ldap/V6.3/idstools/IDSWebApp.war',['-MapRolesToUsers', "[['All Authenticated' No Yes '' '']]", '-MapModulesToServers', "[[ '.*' '.*.war,.*' server]]", '-MapWebModToVH', "[[ '.*' '.*.war,.*' 'default_host']]", '-appname', 'IDSWebApp', '-contextroot', 'IDSWebApp']) AdminConfig.save() dep = AdminConfig.getid("/Deployment:IDSWebApp/") depObject = AdminConfig.showAttribute(dep, "deployedObject") classldr = AdminConfig.showAttribute(depObject, 'classloader') AdminConfig.modify(classldr, [['mode', 'PARENT_LAST']]) modules = AdminConfig.showAttribute(depObject, 'modules') modules = modules[1:len(modules)-1].split(" ") for module in modules: if (module.find('WebModuleDeployment')!= -1): uri = AdminConfig.showAttribute(module, 'uri') if (uri == "web_client.war"): cl = AdminConfig.list('Classloader', module) if (cl): AdminConfig.modify(cl, [['mode', 'PARENT_LAST']]) else: AdminConfig.create('Classloader', module, [['mode', 'PARENT_LAST']]) AdminConfig.save() appManager = AdminControl.queryNames('cell=P8Node01Cell,node=P8Node01,type=ApplicationManager,process=server1,*') AdminControl.invoke(appManager, 'startApplication', 'IDSWebApp') EOF /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv01 -lang jython -f $baseDir/deploy.py rm -f $baseDir/deploy.py echo Deployed TDS admin app in WAS ###################### STEP 10 ########################### ### Install Content Engine and Fix Packs ### ########################################################## echo 10/19: Installing CE... cd $baseDir mkdir $baseDir/ce tar xzf $binaries/ce.tar.gz -C $baseDir/ce sed -i "s/LICENSE_ACCEPTED=false/LICENSE_ACCEPTED=true/g" $baseDir/ce/ce_silent_install.txt $baseDir/ce/5.2.1-ICFCPE-LINUX.BIN -i silent -f $baseDir/ce/ce_silent_install.txt if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/ce; fi echo Installed CE echo Installing CE FP... cd $baseDir mkdir $baseDir/cefp tar xzf $binaries/cefp.tar.gz -C $baseDir/cefp sed -i "s/LICENSE_ACCEPTED=false/LICENSE_ACCEPTED=true/g" $baseDir/cefp/ce_silent_install.txt $baseDir/cefp/5.2.1.5-P8CPE-LINUX-FP005.BIN -i silent -f $baseDir/cefp/ce_silent_install.txt if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/cefp; fi echo Installed CE FP ###################### STEP 11 ########################### ### Install IBM Content Navigator and Fix Packs ### ########################################################## echo 11/19: Installing ICN... cd $baseDir mkdir $baseDir/icn tar xf $binaries/icn.tar -C $baseDir/icn sed -i "s/LICENSE_ACCEPTED=false/LICENSE_ACCEPTED=true/g" $baseDir/icn/ecmclient_silent_install.txt $baseDir/icn/IBM_CONTENT_NAVIGATOR-2.0.3-LINUX.bin -f $baseDir/icn/ecmclient_silent_install.txt -i silent if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/icn; fi echo Installed ICN echo Installing ICN FP... cd $baseDir mkdir $baseDir/icnfp tar xf $binaries/icnfp.tar -C $baseDir/icnfp sed -i "s/LICENSE_ACCEPTED=false/LICENSE_ACCEPTED=true/g" $baseDir/icnfp/ecmclient_silent_install.txt $baseDir/icnfp/IBM_CONTENT_NAVIGATOR-2.0.3.8-FP008-LINUX.bin -f $baseDir/icnfp/ecmclient_silent_install.txt -i silent if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/icnfp; fi echo Installed ICN FP ###################### STEP 12 ########################### ### Install Content Engine Client and Fix Packs ### ########################################################## echo 12/19: Installing CEC... cd $baseDir mkdir $baseDir/cec tar xzf $binaries/cec.tar.gz -C $baseDir/cec sed -i "s/LICENSE_ACCEPTED=false/LICENSE_ACCEPTED=true/g" $baseDir/cec/ceclient_silent_install.txt # Enable only ICN sed -i "s/UPDATE_\([A-Z0-9]\+\)=1/UPDATE_\1=0/g" $baseDir/cec/ceclient_silent_install.txt sed -i "s/UPDATE_CN=0/UPDATE_CN=1/" $baseDir/cec/ceclient_silent_install.txt sed -i "s/CEServer/localhost/g" $baseDir/cec/ceclient_silent_install.txt sed -i "s/CEserver/localhost/g" $baseDir/cec/ceclient_silent_install.txt $baseDir/cec/5.2.1-ICFCPE-CLIENT-LINUX.BIN -i silent -f $baseDir/cec/ceclient_silent_install.txt if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/cec; fi echo Installed CEC echo Installing CEC FP... cd $baseDir mkdir $baseDir/cecfp tar xzf $binaries/cecfp.tar.gz -C $baseDir/cecfp sed -i "s/LICENSE_ACCEPTED=false/LICENSE_ACCEPTED=true/g" $baseDir/cecfp/ceclient_silent_install.txt # Enable only ICN sed -i "s/UPDATE_\([A-Z0-9]\+\)=1/UPDATE_\1=0/g" $baseDir/cecfp/ceclient_silent_install.txt sed -i "s/UPDATE_CN=0/UPDATE_CN=1/" $baseDir/cecfp/ceclient_silent_install.txt sed -i "s/CEServer/localhost/g" $baseDir/cecfp/ceclient_silent_install.txt sed -i "s/CEserver/localhost/g" $baseDir/cecfp/ceclient_silent_install.txt $baseDir/cecfp/5.2.1.5-P8CPE-CLIENT-LINUX-FP005.BIN -i silent -f $baseDir/cecfp/ceclient_silent_install.txt if [[ $cleanBinaries == true ]]; then rm -rf $baseDir/cecfp; fi echo Installed CEC FP ###################### STEP 13 ########################### # Checking all services now that everything's installed # ########################################################## echo 13/19: Checking services... # Checking whether TDS is started or not..... /opt/IBM/ldap/V6.3/bin/ibmdirctl -D cn=root -w $password statusreturn if [[ $? == 0 ]]; then echo TDS is already started else echo Starting TDS instance /opt/IBM/ldap/V6.3/sbin/ibmslapd -I dsrdbm01 echo Started TDS instance fi # Checking whether DB2 is started or not....... ps -ef | grep db2sysc | grep -v grep if [[ $? == 0 ]]; then echo DB2 is already started else echo Starting DB2...... su - dsrdbm01 -c db2start echo Started DB2..... fi # Checking whether WAS is started or not...... /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/serverStatus.sh server1 -username P8Admin -password $password > status.txt grep ADMU0508I status.txt if [[ $? == 0 ]]; then echo WAS profile1 is already started else echo Starting WAS profile1.......... /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/startServer.sh server1 echo WAS profile1 started rm -rf status.txt fi /opt/ibm/WebSphere/AppServer/profiles/AppSrv02/bin/serverStatus.sh server1 -username P8Admin -password $password > status.txt grep ADMU0508I status.txt if [[ $? == 0 ]]; then echo WAS profile2 is already started else echo Starting WAS profile2.......... /opt/ibm/WebSphere/AppServer/profiles/AppSrv02/bin/startServer.sh server1 echo WAS profile2 started rm -rf status.txt fi echo Checked services ###################### STEP 14 ########################### ### Configure Content Engine ### ########################################################## echo 14/19: Configuring CE... profilePath=/opt/IBM/FileNet/ContentEngine/tools/configure/profiles/was_tiv_db2 cfmgr=/opt/IBM/FileNet/ContentEngine/tools/configure/configmgr_cl $cfmgr generateconfig -appserver WebSphere -license UVU -repositorytype standalone -db db2 -ldap tivoli -bootstrap new -deploy standard -profile $profilePath $cfmgr generateConfig -appserver WebSphere -db db2 -task configurejdbcos -profile $profilePath # Editing the config file xmlstarlet ed --inplace -u "//property[@name='ApplicationServerVersion']/value" -v "8.5" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerAdminUsername']/value" -v "P8Admin" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerAdminPassword']/value" -v "$password" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerSoapPort']/value" -v "8880" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerHostName']/value" -v "localhost" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerCell']/value" -v "P8Node01Cell" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='BootstrapUsername']/value" -v "P8Admin" $profilePath/configurebootstrap.xml xmlstarlet ed --inplace -u "//property[@name='BootstrapPassword']/value" -v "$password" $profilePath/configurebootstrap.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseServerName']/value" -v "localhost" $profilePath/configurejdbcgcd.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePortNumber']/value" -v "3737" $profilePath/configurejdbcgcd.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseName']/value" -v "GCD_DB" $profilePath/configurejdbcgcd.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseUsername']/value" -v "gcddbusr" $profilePath/configurejdbcgcd.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePassword']/value" -v "$password" $profilePath/configurejdbcgcd.xml xmlstarlet ed --inplace -u "//property[@name='JDBCDataSourceName']/value" -v "DESIGNOSDS" $profilePath/configurejdbcos.xml xmlstarlet ed --inplace -u "//property[@name='JDBCDataSourceXAName']/value" -v "DESIGNOSDSXA" $profilePath/configurejdbcos.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseServerName']/value" -v "localhost" $profilePath/configurejdbcos.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePortNumber']/value" -v "3737" $profilePath/configurejdbcos.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseName']/value" -v "DESIGNDB" $profilePath/configurejdbcos.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseUsername']/value" -v "osdbuser" $profilePath/configurejdbcos.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePassword']/value" -v "$password" $profilePath/configurejdbcos.xml xmlstarlet ed --inplace -u "//property[@name='JDBCDataSourceName']/value" -v "TARGETOSDS" $profilePath/configurejdbcos.2.xml xmlstarlet ed --inplace -u "//property[@name='JDBCDataSourceXAName']/value" -v "TARGETOSDSXA" $profilePath/configurejdbcos.2.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseServerName']/value" -v "localhost" $profilePath/configurejdbcos.2.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePortNumber']/value" -v "3737" $profilePath/configurejdbcos.2.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseName']/value" -v "TARGETDB" $profilePath/configurejdbcos.2.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseUsername']/value" -v "osdbuser" $profilePath/configurejdbcos.2.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePassword']/value" -v "$password" $profilePath/configurejdbcos.2.xml xmlstarlet ed --inplace -u "//property[@name='LDAPServerHost']/value" -v "localhost" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='LDAPServerPort']/value" -v "389" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='LDAPBindDN']/value" -v "cn=P8Admin,o=sample" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='LDAPBindPassword']/value" -v "$password" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='LDAPBaseDN']/value" -v "o=sample" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='AdminConsoleUser']/value" -v "P8Admin" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='OverwriteExistingUserReg']/value" -v "true" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='SetAsActiveUserReg']/value" -v "true" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerNode']/value" -v "P8Node01" $profilePath/deployapplication.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerName']/value" -v "server1" $profilePath/deployapplication.xml xmlstarlet ed --inplace -u "//configuration/@enabled" -v "true" $profilePath/deployapplication.xml # Before running the task, we need to set the JDBC driver for DB2 in WAS cat >$baseDir/setJDBC.py<<EOF import sys nodeName = sys.argv[0] node = AdminConfig.getid("/Node:$nodeName/") vars = AdminConfig.list("VariableSubstitutionEntry",node).split(java.lang.System.getProperty("line.separator")) for var in vars: name = AdminConfig.showAttribute(var, "symbolicName") if name == "DB2_JCC_DRIVER_PATH": AdminConfig.modify(var,[["value", "/opt/ibm/db2/V9.7/java"]]) break AdminConfig.save() EOF /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv01 -lang jython -f $baseDir/setJDBC.py P8Node01 /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv02 -lang jython -f $baseDir/setJDBC.py P8Node02 rm -f $baseDir/setJDBC.py # Increasing DB time out sed -i "s/{value \"600\"}/{value \"3600\"}/g" /opt/IBM/FileNet/ContentEngine/tools/configure/scripts/configureWSJDBC.tcl $cfmgr execute -profile $profilePath -task configurepricingmodel if [[ ! -e $profilePath/status/configurepricingmodel.ok ]]; then echo "configurepricingmodel failed"; exit 1; fi sleep 20 $cfmgr execute -profile $profilePath -task configureldap if [[ ! -e $profilePath/status/configureldap.ok ]]; then echo "configureldap failed"; exit 1; fi sleep 20 $cfmgr execute -profile $profilePath -task configurejdbcgcd if [[ ! -e $profilePath/status/configurejdbcgcd.ok ]]; then echo "configurejdbcgcd failed"; exit 1; fi sleep 20 $cfmgr execute -profile $profilePath -task configureloginmodules if [[ ! -e $profilePath/status/configureloginmodules.ok ]]; then echo "configureloginmodules failed"; exit 1; fi sleep 20 $cfmgr execute -profile $profilePath -taskfile configurejdbcos.xml if [[ ! -e $profilePath/status/configurejdbcos.ok ]]; then echo "configurejdbcos failed"; exit 1; fi sleep 20 $cfmgr execute -profile $profilePath -taskfile configurejdbcos.2.xml if [[ ! -e $profilePath/status/configurejdbcos.2.ok ]]; then echo "configurejdbcos.2 failed"; exit 1; fi sleep 20 $cfmgr execute -profile $profilePath -task configurebootstrap if [[ ! -e $profilePath/status/configurebootstrap.ok ]]; then echo "configurebootstrap failed"; exit 1; fi sleep 20 $cfmgr execute -profile $profilePath -task deployapplication if [[ ! -e $profilePath/status/deployapplication.ok ]]; then echo "deployapplication failed"; exit 1; fi /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/stopServer.sh server1 -username P8Admin -password $password /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/startServer.sh server1 # Create domain and Object Stores # TODO = maybe rewrite the cpt-actions.jar using API to get rid of any dependence on CPIT # It just created the domain and OSs cat >$baseDir/os.properties<<EOF P8ADMINUSER=P8Admin PASSWD=$password CECONNECTIONURI=http://localhost:9080/wsi/FNCEWS40MTOM # P8 object store configuration # P8OSADMINGROUP is the default OS Admin security users and groups (Could be separated by a colon :) P8OSADMINGROUP=P8Admins NUMOS=2 DISPLAYNAME1=P8ConfigObjectStore SYMBOLICNAME1=P8ConfigObjectStore JNDIDATASOURCE1=DESIGNOSDS JNDIXADATASOURCE1=DESIGNOSDSXA DISPLAYNAME2=TARGETOS SYMBOLICNAME2=TARGETOS JNDIDATASOURCE2=TARGETOSDS JNDIXADATASOURCE2=TARGETOSDSXA # P8 Domain security administrator user or administrator group (Default = P8Admins) P8DOMAINADMIN=P8Admins P8DOMAINNAME=P8Domain CEWSISTANZA=FileNetP8WSI # PE Configuration PE_DNSNAME=localhost PE_BROKERPORT=32776 PE_REGIONNUMBER=1 PE_CONNPTNAME=P8ConnPt1 PE_CONNPTDESCRIPTION=PE Connection Point 1 for Region 1 # LDAP Configuration (TDS) DCDISPLAYNAME=P8_TDS LDAPHOST=localhost LDAPPORT=389 LDAPADMINNAME=cn=P8Admin,o=sample LDAPADMINPASSWORD=F0rmation ISSSLENABLED=false USERBASEDN=o=sample USERSEARCHFILTER=(&(objectClass=person)(cn={0})) USERDISPLAYNAMEATTRIBUTE=cn USERNAMEATTRIBUTE=cn GROUPBASEDN=o=sample GROUPSEARCHFILTER=(&(objectClass=groupOfNames)(cn={0})) GROUPDISPLAYNAMEATTRIBUTE=cn GROUPNAMEATTRIBUTE=cn GROUPMEMBERSHIPSEARCHFILTER=(&(objectclass=groupOfNames)(member={0})) RESTRICTMEMBERSHIPTOCONFIGUREREALMS=false EOF CECP=$baseDir/cpt-actions.jar:/opt/IBM/FileNet/ContentEngine/lib/Jace.jar:/opt/IBM/FileNet/ContentEngine/lib/log4j.jar:/opt/IBM/FileNet/ContentEngine/cdapi/stax-api.jar:/opt/IBM/FileNet/ContentEngine/cdapi/xlxpScanner.jar:/opt/IBM/FileNet/ContentEngine/cdapi/xlxpScannerUtils.jar JAASCONFIG=-Djava.security.auth.login.config=/opt/IBM/FileNet/ContentEngine/tools/PE/config /opt/IBM/FileNet/ContentEngine/_cejvm/jre/bin/java -cp $CECP $JAASCONFIG com.ibm.bluestack.utils.P8Util createP8Domain $baseDir/os.properties if [[ $? != 0 ]]; then echo "ERROR: Failed to create P8 domain."; exit 1; fi /opt/IBM/FileNet/ContentEngine/_cejvm/jre/bin/java -cp $CECP $JAASCONFIG com.ibm.bluestack.utils.P8Util createOS $baseDir/os.properties if [[ $? != 0 ]]; then echo "ERROR: Failed to create P8 Object Stores."; exit 1; fi rm -rf $baseDir/os.properties echo Configured CE ###################### STEP 15 ########################### ### Configure Process Engine ### ########################################################## echo 15/19: Configuring PE... JPE_HOME=/opt/IBM/FileNet/ContentEngine/tools/PE echo "JDBC_JAR_PATH=/opt/ibm/tdsV6.3db2/java/db2jcc4.jar:/opt/ibm/tdsV6.3db2/java/db2jcc_license_cu.jar">$JPE_HOME/data/jdbcinit cat >$JPE_HOME/data/peinitD.properties<<EOF DBConnectionName=TARGETOSDS DataSourceName=TARGETOSDS XADataSourceName=TARGETOSDSXA SysAdminGroup=P8Admins SysConfigGroup=P8Admins DateTimeMask=mm/dd/yyyy hh\:tt\:ss DefaultLocale=en_US pe_data=PEDATA_TS RegionDisplayName=P8Region IsolatedRegionNumber=1 DBSchemaName=OSDBUSER EnableRegionForBackup=false EOF $JPE_HOME/peinit P8ConnPt1 -D $JPE_HOME/data/peinitD.properties -Y P8Admin+$password if [[ $? != 0 ]]; then echo "ERROR: Failed to configure PE."; exit 1; fi rm -f $JPE_HOME/data/peinitD.properties echo Configured PE ###################### STEP 16 ########################### ### Export LTPA key to import it in the ICN profile ### ########################################################## echo 16/19: Exporting LTPA key... cat >$baseDir/exportLTPA.py<<EOF import java.lang.String as jstr import java.io as jio import javax.management as jmgmt ltpaKeyFile=sys.argv[0] password=jstr(sys.argv[1]).getBytes() security=AdminControl.queryNames('*:*,name=SecurityAdmin') securityON=jmgmt.ObjectName(security) params=[password] signature=['[B'] ltpaKeys=AdminControl.invoke_jmx(securityON,'exportLTPAKeys', params, signature) fout=jio.FileOutputStream(ltpaKeyFile) ltpaKeys.store(fout,'') fout.close() EOF /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv01 -lang jython -f $baseDir/exportLTPA.py /opt/IBM/ltpakeys.txt $password rm -f $baseDir/exportLTPA.py echo Exported LTPA key ###################### STEP 17 ########################### ### Configure IBM Content Navigator ### ########################################################## echo 17/19: Configuring ICN... # First create the database mkdir -p /opt/IBM/NEXUSDB2 chmod 777 /opt/IBM/NEXUSDB2 cat >$baseDir/createICNdbs.sh<<EOF db2 -v CONNECT RESET db2 -v DROP DATABASE NEXUSDB #-- Create the database - these statements must be on a single line db2 -v -t "CREATE DATABASE NEXUSDB ON '/opt/IBM/NEXUSDB2' USING CODESET UTF-8 TERRITORY US COLLATE USING SYSTEM CATALOG TABLESPACE MANAGED BY SYSTEM USING ('/opt/IBM/NEXUSDB2/NEXUSDB/sys') TEMPORARY TABLESPACE MANAGED BY SYSTEM USING ('/opt/IBM/NEXUSDB2/NEXUSDB/systmp') USER TABLESPACE MANAGED BY SYSTEM USING ('/opt/IBM/NEXUSDB2/NEXUSDB/usr')" ; db2 CONNECT TO NEXUSDB db2 GRANT secadm ON DATABASE TO USER nxsdbusr db2 GRANT CREATETAB,CONNECT,IMPLICIT_SCHEMA,DBADM,load ON DATABASE TO user nxsdbusr db2 UPDATE DATABASE CONFIGURATION USING APPLHEAPSZ 2560 IMMEDIATE db2 -v CONNECT RESET EOF chmod a+x $baseDir/createICNdbs.sh su - dsrdbm01 -c $baseDir/createICNdbs.sh rm -f $baseDir/createICNdbs.sh # Create the profile profilePath=/opt/IBM/ECMClient/configure/profiles/icn_was_tiv_db2 cfmgr=/opt/IBM/ECMClient/configure/configmgr_cl $cfmgr generateConfig -appserver websphere -configure_FileNetP8 \ yes -configure_CMIS_FileNetP8 yes -db db2 -deploy standard -ldap_Repository federated -ldap tivoli \ -profile $profilePath -appserverVersion 8.5 -cmisAuth httpbasic -icn_sso none -silent xmlstarlet ed --inplace -u "//property[@name='ApplicationServerVersion']/value" -v "8.5" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerProfileFolder']/value" -v "/opt/IBM/WebSphere/AppServer/profiles/AppSrv02" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerAdminUsername']/value" -v "P8Admin" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerAdminPassword']/value" -v "$password" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerSoapPort']/value" -v "8881" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerHostName']/value" -v "localhost" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerCell']/value" -v "P8Node02Cell" $profilePath/applicationserver.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseSchema']/value" -v "NEXUS" $profilePath/configureicntask.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseServerName']/value" -v "localhost" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePortNumber']/value" -v "3737" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseName']/value" -v "NEXUSDB" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseUsername']/value" -v "nxsdbusr" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='DatabasePassword']/value" -v "$password" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='ECMClientAdminName']/value" -v "P8Admin" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseSchema']/value" -v "NEXUS" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='TableSpaceName']/value" -v "NEXUSTS" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='jdbcDir']/value" -v "/opt/ibm/db2/V9.7/java" $profilePath/configurejdbcecm.xml xmlstarlet ed --inplace -u "//property[@name='jdbcDir']/value" -v "/opt/ibm/db2/V9.7/java" $profilePath/configurejdbcjarsecm.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerNode']/value" -v "P8Node02" $profilePath/configurejdbcjarsecm.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerName']/value" -v "server1" $profilePath/configurejdbcjarsecm.xml xmlstarlet ed --inplace -u "//property[@name='LDAPServerHost']/value" -v "localhost" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='LDAPServerPort']/value" -v "389" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='LDAPBindDN']/value" -v "cn=P8Admin,o=sample" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='LDAPBindPassword']/value" -v "$password" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='WasFederatedBaseEntryDNRepository']/value" -v "o=sample" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='FederatedRepositoriesRealm']/value" -v "defaultWIMFileBasedRealm" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='WasFederatedRepositoryId']/value" -v "localhost" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='WasFederatedBaseEntryDNRealm']/value" -v "o=sample" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='AdminConsoleUser']/value" -v "P8Admin" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='SetAsActiveUserReg']/value" -v "false" $profilePath/configureldap.xml xmlstarlet ed --inplace -u "//property[@name='DatabaseSchema']/value" -v "NEXUS" $profilePath/configuretmtask.xml xmlstarlet ed --inplace -u "//property[@name='tmAdminUser']/value" -v "P8Admin" $profilePath/configuretmtask.xml xmlstarlet ed --inplace -u "//property[@name='tmAdminPassword']/value" -v "$password" $profilePath/configuretmtask.xml xmlstarlet ed --inplace -u "//property[@name='tmBaseURL']/value" -v "http://`hostname`:9081/taskManagerWeb/api/v1" $profilePath/configuretmtask.xml xmlstarlet ed --inplace -u "//property[@name='CEHost']/value" -v "localhost" $profilePath/downloadcejarstask.xml xmlstarlet ed --inplace -u "//property[@name='CEPortNumber']/value" -v "9080" $profilePath/downloadcejarstask.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerNode']/value" -v "P8Node02" $profilePath/deployapplication.xml xmlstarlet ed --inplace -u "//property[@name='ApplicationServerName']/value" -v "server1" $profilePath/deployapplication.xml xmlstarlet ed --inplace -u "//property[@name='LTPAKeyPath']/value" -v "/opt/IBM/ltpakeys.txt" $profilePath/importltpakey.xml xmlstarlet ed --inplace -u "//property[@name='LTPAKeyPassword']/value" -v "$password" $profilePath/importltpakey.xml $cfmgr execute -task downloadcejarstask -profile $profilePath if [[ ! -e $profilePath/status/downloadcejarstask.ok ]]; then echo "downloadcejarstask failed"; exit 1; fi $cfmgr execute -task configureldap -profile $profilePath if [[ ! -e $profilePath/status/configureldap.ok ]]; then echo "configureldap failed"; exit 1; fi $cfmgr execute -task importltpakey -profile $profilePath if [[ ! -e $profilePath/status/importltpakey.ok ]]; then echo "importltpakey failed"; exit 1; fi $cfmgr execute -task configurejdbcjarsecm -profile $profilePath if [[ ! -e $profilePath/status/configurejdbcjarsecm.ok ]]; then echo "configurejdbcjarsecm failed"; exit 1; fi $cfmgr execute -task configurejdbcecm -profile $profilePath if [[ ! -e $profilePath/status/configurejdbcecm.ok ]]; then echo "configurejdbcecm failed"; exit 1; fi chmod 777 /opt/IBM/ECMClient/configure/dbscripts/db2/modified/DB2_ONE_SCRIPT.sql cat > $baseDir/initICNdb.sh<<EOF db2 "CONNECT TO NEXUSDB" db2 -tvmf /opt/IBM/ECMClient/configure/dbscripts/db2/modified/DB2_ONE_SCRIPT.sql db2 "COMMIT" EOF chmod 777 $baseDir/initICNdb.sh su - dsrdbm01 -c "$baseDir/initICNdb.sh" $cfmgr execute -task configureloginmodules -profile $profilePath if [[ ! -e $profilePath/status/configureloginmodules.ok ]]; then echo "configureloginmodules failed"; exit 1; fi $cfmgr execute -task configuretmtask -profile $profilePath if [[ ! -e $profilePath/status/configuretmtask.ok ]]; then echo "configuretmtask failed"; exit 1; fi $cfmgr execute -task configureicntask -profile $profilePath if [[ ! -e $profilePath/status/configureicntask.ok ]]; then echo "configureicntask failed"; exit 1; fi $cfmgr execute -task rebuildear -profile $profilePath if [[ ! -e $profilePath/status/rebuildear.ok ]]; then echo "rebuildear failed"; exit 1; fi $cfmgr execute -task deployapplication -profile $profilePath if [[ ! -e $profilePath/status/deployapplication.ok ]]; then echo "deployapplication failed"; exit 1; fi echo Configured ICN ###################### STEP 18 ########################### ### Configure FileNet/ICN apps in WAS ### ########################################################## echo 18/19: Configuring Apps in WAS... cat >$baseDir/configWASFN.py<<EOF import java lineSeparator = java.lang.System.getProperty('line.separator') def enableCookie(server, value): wc = AdminConfig.list('WebContainer',server) services = AdminConfig.list('Service',wc).splitlines() for service in services: AdminConfig.modify(service,[['enableCookies',value]]) def serverSessionmanagementCookiesHttpOnly(server, value): wc = AdminConfig.list('WebContainer',server) services = AdminConfig.list('Service',wc).splitlines() for service in services: dcs = AdminConfig.showAttribute(service, 'defaultCookieSettings'); AdminConfig.modify(dcs,[['httpOnly',value]]) def setSecurityProperty(propertyName, propertyValue): security = AdminConfig.getid('/Security:/') prop = AdminConfig.getid('/Security:/Property:'+propertyName+'/') if prop: AdminConfig.modify(prop, [['value', propertyValue]]) else: AdminConfig.create('Property', security, [['name',propertyName], ['value',propertyValue]]) def addServerSessionManagementProperty(server, propertyName, propertyValue): wc = AdminConfig.list('WebContainer',server) services = AdminConfig.list('Service',wc).splitlines() attr = [['name',propertyName],['value',propertyValue]] for service in services: AdminConfig.create('Property', service, attr) server = AdminConfig.getid('/Server:server1/') # Add the InvalidateOnUnauthorizedSessionRequestException = true custom property to the server session management. addServerSessionManagementProperty(server, 'InvalidateOnUnauthorizedSessionRequestException', 'true') # Uncheck "Set security cookies to HTTP Only to help prevent cross-site scripting attacks" in SSO settings setSecurityProperty('com.ibm.ws.security.addHttpOnlyAttributeToCookies', 'false') # Enable server session management cookies and Uncheck "Set session cookies to HTTP Only to help prevent cross-site scripting attacks". enableCookie(server, 'true') serverSessionmanagementCookiesHttpOnly(server, 'false') server = AdminConfig.getid('/Server:server1/') jvms = AdminConfig.list('JavaVirtualMachine',server) arrayJVMs = jvms.split(lineSeparator) jvm = arrayJVMs[0] attr_name = ['name', "com.ibm.websphere.orb.uniqueServerName"] attr_value = ['value', "true"] attr_required = ['required', "false"] attr_description = ['description', ""] attr_list = [attr_name, attr_value, attr_required, attr_description] property=['systemProperties',[attr_list]] AdminConfig.modify(jvm, [property]) AdminTask.configureTrustedRealms('[-communicationType outbound -trustAllRealms true]') AdminTask.configureTrustedRealms('[-communicationType inbound -trustAllRealms true]') AdminConfig.save() EOF /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv01 -lang jython -f $baseDir/configWASFN.py rm -f $baseDir/configWASFN.py cat >$baseDir/configWASFN.py<<EOF import java lineSeparator = java.lang.System.getProperty('line.separator') server = AdminConfig.getid('/Server:server1/') jvms = AdminConfig.list('JavaVirtualMachine',server) arrayJVMs = jvms.split(lineSeparator) jvm = arrayJVMs[0] attr_name = ['name', "com.ibm.websphere.orb.uniqueServerName"] attr_value = ['value', "true"] attr_required = ['required', "false"] attr_description = ['description', ""] attr_list = [attr_name, attr_value, attr_required, attr_description] property=['systemProperties',[attr_list]] AdminConfig.modify(jvm, [property]) AdminTask.configureTrustedRealms('[-communicationType outbound -trustAllRealms true]') AdminTask.configureTrustedRealms('[-communicationType inbound -trustAllRealms true]') AdminTask.renameIdMgrRealm('[-name defaultWIMFileBasedRealm -newName localhost:389]') AdminTask.configureAdminWIMUserRegistry('[-realmName localhost:389 -verifyRegistry false ]') AdminConfig.save() EOF /opt/ibm/WebSphere/AppServer/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv02 -lang jython -f $baseDir/configWASFN.py rm -f $baseDir/configWASFN.py echo Configured Apps in WAS ###################### STEP 19 ########################### ### Restart WAS/Uninstall DefaultApplication ### ########################################################## echo 19/19: Restarting WAS... /opt/ibm/WebSphere/AppServer/profiles/AppSrv02/bin/stopServer.sh server1 -username P8Admin -password $password /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/stopServer.sh server1 -username P8Admin -password $password /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/bin/startServer.sh server1 /opt/ibm/WebSphere/AppServer/profiles/AppSrv02/bin/startServer.sh server1 echo Restarted WAS # Uninstall the useless default app in WAS echo Uninstalling DefaultApplication... cat > $baseDir/uninstallDefault.py<<EOF AdminApp.uninstall('DefaultApplication') AdminConfig.save() EOF /opt/ibm/WebSphere/AppServer/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv01 -lang jython -f $baseDir/uninstallDefault.py /opt/ibm/WebSphere/AppServer/bin/wsadmin.sh -username P8Admin -password $password -conntype SOAP -profileName AppSrv02 -lang jython -f $baseDir/uninstallDefault.py rm -f uninstallDefault.py echo Uninstalled DefaultApplication mkdir /FileNet cat <<EOF > /FileNet/start.sh #!/bin/bash /etc/init.d/iptables stop su - dsrdbm01 -c db2start cd /opt/ibm/ldap/V6.3/sbin ./idsdiradm -I dsrdbm01 ./ibmslapd -n -I dsrdbm01 cd /opt/ibm/WebSphere/AppServer/bin/ ./startServer.sh server1 -profileName AppSrv01 ./startServer.sh server1 -profileName AppSrv02 EOF cat <<EOF > /FileNet/stop.sh #!/bin/bash cd /opt/ibm/WebSphere/AppServer/bin/ ./stopServer.sh server1 -profileName AppSrv02 -username P8Admin -password $password ./stopServer.sh server1 -profileName AppSrv01 -username P8Admin -password $password cd /opt/ibm/ldap/V6.3/sbin ./ibmslapd -I dsrdbm01 -k ./idsdiradm -I dsrdbm01 -k su - dsrdbm01 -c db2stop EOF chmod u+x /FileNet/start.sh chmod u+x /FileNet/stop.sh echo /FileNet/start.sh and /FileNet/stop.sh have been created to start/stop the whole platform.
Hello Guillaume, thanks a lot for this post!
Your article is extremely precise and it has guided me very well though I am new to ECM systems.
These are the only difficulties I experienced to complete my Filenet installation successfully.
I installed step by step, so I did not check them against the all-in-one script.
CEC installation requires CE and PE configuration steps to be done beforehand.
In the initial LDIF file, copied from webpage and inserted in vi or mc editor, I had single space chars in each empty line separating the entries, that inhibited LDIF entries from being able to import properly. So space chars in empty lines had to be manually sought and destroyed.
The -cmisAuth option usage is prohibited when installing ICN without fixpacks.
You forgot to replace sample password (“For…”) with $password at some place.
Thank you and please enjoy a look at Murmansk, Russia, the city I love best! :))
http://kleinburd.ru/news/wp-content/uploads/2014/03/294.jpg
Hi Elias,
Thank you so much for your feedback, I can see that helped others which is great! Sorry I haven’t answered before somehow I missed your comment.
I’ll try to update my post with your comment when I have a bit more time.
Glad to help, doc ))
Hello
anyone faced similar error on downloadcejarstask.
Starting to run the Update the FileNet P8 Client Connector Files task.
Update the FileNet P8 Client Connector Files
There was an error executing the Update the FileNet P8 Client Connector Files task.
The task failed with the following messages:
Connection error: The IBM Content Navigator Configuration and Deployment Tool cannot connect to the following Content Engine server: sinlqfnwas01.td.afg. Ensure that the server is running and that the information about your Content Engine server is correct.
Details:
\Server returned HTTP response code: 401 for <
I too faced the same issue. How did you resolved the same?
Hello
Is there any Cluster Setup Document for the filenet ?
Hi Anand,
I apologize for the really late answer, but I changed my hosting in January and I just noticed emails weren’t working anymore so I missed all the comments.
I haven’t written anything about clustered platform since this blog is more focusing on development, but you can find this in the official doc here.
Hope that helps.
Thanks for the info
Hello Guillaume, thanks a lot for your work on this.
Also thanks to Elias for hints on how to make all-in-one script perfect.
I successfully installed FileNet 5.2.1 on CentOS 6 with all-in-one script.
Then I tried the same on CentOS 7.
It failed in step 4/19 TDS install.
I found out that some rpm files were not installed because of conflicts.
It look like the rpm changed behavior between CentOS 6 and CentOS7.
The workaround is to put some rpm commands with –replace files option
before the # Configure TDS step.
Like this for example but for all not installed files:
rpm –replacefiles -iv idsldap-srvbase64bit63-6.3.0-24.x86_64.rpm
Hope this helps someone trying to install on CentOS 7.
Hello, Mladen!
I cannot successfully install on CentOS 6 with all-in-one script. It failed in step 14:
Configure LDAP ******
There was an error executing the Configure LDAP task.
Running the task failed with the following message: The LDAP authentication configuration failed.
What was i missed?
Hello Guillaume,
We have a production P8 5.2.1 system running in a Windows environment (Windows Server 2012 R2, Active Directory, MSSQL Server, WAS 8.5.5) and we are trying to implement a programmatic method of adding new object stores. While we understand how to programmatically create new SQL databases to be used by the object stores, we are unclear as to the best approach to create/configure new WAS JDBC datasources and subsequently define/instantiate the new object stores that utilize them. From the examples you show above, it would appear that we could:
1) Create a new configurejdbcos.xml file for each new datasource.
2) Create the JDBC datasources by executing the configuration file in #1 above using the
configmgr_cl.exe utility.
3) Create an os.properties file specifying the object stores to be created.
4) Create the object store(s) by executing the “P8Util createOS” function against the
properties file created in #3 above.
Is this approach correct? Are there steps missing? Is there a better way to do any/all of the above using an API, preferably in C#? Assuming we can successfully implement a programmatic approach to do this, does bringing a new object store online require either a reboot or WAS restart? We would like to avoid this if at all possible.
I look forward to your reply. Thanks.
Hello Guillaume,
many thanks for this great blog post. I learned a lot.
At the moment I’m trying cpit for ICM. May it be possible to add the ICM installation steps to this blog post as well ?
Hello!
There are mistakes in step 8:
echo 8/19: Importing users in TDS…
cat >$baseDire/users.ldif<<EOF <—! should be $baseDir
/opt/IBM/ldap/V6.3/sbin/idsldif2db -i $baseDir/users.ldif -I dsrdbm01 <—! should be $baseDir
Hello Guillaume,
Is there another way existing to create domain and object stores instead of using cpt-actions.jar?
Thank you for your answer!