Oracle ODSEE LDAP Admin Console Setup (DSCC) – Update

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Note: For most up-to-date OUD/ODSM information click here

Create a solaris zone

Admin server information

Glassfish ldap-admin server1
Glassfish ldap-admin server2
ldap-admin server1
ldap-admin server2

Admin server setup information

  • Create a zone with zonecfg, the config is below
  • Install the zone with zoenadm
# zonecfg -z ldap-admin1 info
zonename: ldap-admin1
zonepath: /rpool/ldap-admin1
brand: native
autoboot: false
bootargs: 
pool: 
limitpriv: 
scheduling-class: 
ip-type: shared
fs:
    dir: /rpool/ldap_install
    special: rpool/ldap_install
    raw not specified
    type: lofs
    options: []
net:
    address: 10.10.10.10
    physical: igb1
    defrouter not specified
dataset:
    name: rpool/gf30-inst1

Setup the environment

export HISTSIZE=1000
export PATH=/gf30-inst1/bin:$PATH:/usr/sfw/bin:/opt/dsee7/bin
export JAVA_HOME=/usr/jdk1.6.0_21

Download Oracle glassfish 3.0.1

Extract and install glassfish with silent file below

#openInstaller Dry Run Answer File.  This File can be used as input to the openInstaller engine using the -a option.
#Mon Jul 19 11:17:33 EDT 2010
RegistrationOptions.regoptions.CREATE_NEWACCT=CREATE_NEWACCT
glassfish.Administration.HTTP_PORT=8080
updatetool.Configuration.PROXY_PORT=8080
glassfish.Administration.ADMIN_PASSWORD=password
JDKSelection.directory.JDK_FROM_LIST_CHOICE=true
RegistrationOptions.regoptions.SKIP_REGISTRATION=SKIP_REGISTRATION
updatetool.Configuration.PROXY_HOST=10.10.10.5
SOAccountCreation.accountinfo.COUNTRY=
InstallHome.directory.INSTALL_HOME=/gf30-inst1
RegistrationOptions.regoptions.USE_EXISTINGACCT=USE_EXISTINGACCT
SOAccountCreation.accountinfo.FIRSTNAME=
updatetool.Configuration.ALLOW_UPDATE_CHECK=false
glassfish.Administration.ADMIN_USER=admin
JDKSelection.directory.JDK_LIST=/usr/java (v. 1.6.0_21 by Sun Microsystems Inc.)
SOAccountCreation.accountinfo.PASSWORD=
SOAccountCreation.accountinfo.COMPANYNAME=
JDKSelection.directory.HIDDEN_JDK=/usr/java
SOAccountCreation.accountinfo.COUNTRY_DROP_DOWN=
SOAccountCreation.accountinfo.REENTERPASSWORD=
RegistrationOptions.regoptions.USERNAME=
updatetool.Configuration.BOOTSTRAP_UPDATETOOL=false
SOAccountCreation.accountinfo.LASTNAME=
glassfish.Administration.ADMIN_PORT=4848
RegistrationOptions.regoptions.USERPASSWORD=
JDKSelection.directory.JDK_TYPED_IN_CHOICE=false
SOAccountCreation.accountinfo.EMAIL=
JDKSelection.directory.JDK_TYPE_IN=
RegistrationOptions.regoptions.DUMMY_PROP=

Create glassfish domain

# ./asadmin create-domain domain0
Enter admin user name [Enter to accept default "admin" / no password]> admin
Enter the admin password [Enter to accept default of no password]> 
Enter the admin password again> 
Enter the master password [Enter to accept default password "changeit"]> 
Enter the master password again> 
Using port 4848 for Admin.
Using default port 8080 for HTTP Instance.
Using default port 7676 for JMS.
Using default port 3700 for IIOP.
Using default port 8181 for HTTP_SSL.
Using default port 3820 for IIOP_SSL.
Using default port 3920 for IIOP_MUTUALAUTH.
Using default port 8686 for JMX_ADMIN.
Using default port 6666 for OSGI_SHELL.
Distinguished Name of the self-signed X.509 Server Certificate is:
[CN=ldap-admin1,OU=GlassFish,O=Oracle Corporation,L=Santa Clara,ST=California,C=US]
No domain initializers found, bypassing customization step
Domain domain0 created.
Domain domain0 admin port is 4848.
Domain domain0 admin user is "admin".
Command create-domain executed successfully.

Start the domain

# ./asadmin start-domain domain0
Enter master password (3) attempt(s) remain)> 
Waiting for DAS to start ...
Started domain: domain0
Domain location: /gf30-inst1/glassfish/domains/domain0
Log file: /gf30-inst1/glassfish/domains/domain0/logs/server.log
Admin port for the domain: 4848
Command start-domain executed successfully.

glassfish setup

If the glassfish admin hangs because it tries to connect to the intranet, stop the admin and do.

cd /gf30-inst1/glassfish/modules
mv console-updatecenter-plugin.jar console-updatecenter-plugin.jar.org

To configure the war file run on the admin server

dsccsetup war-file-create
Created /opt/SUNWdsee7/var/dscc7.war

dsccsetup ads-create
Choose password for Directory Service Manager:
Confirm password for Directory Service Manager:
Creating DSCC registry...
DSCC Registry has been created successfully

How to deploy the war file

  • Deploye the /opt/SUNWdsee7/var/dscc7.war file in glassfish
  • Add in the [glassfish_config_path]/glassfish/domains/domain1/config/server.policy
// Permissions for Directory Service Control Center
grant codeBase "file:${com.sun.aas.instanceRoot}/applications/j2ee-modules/dscc7/-" 
{
        permission java.security.AllPermission;
};

How to add the DS/DPS to the admin

On the Director server / Directory Proxy server, test the connection to the admin

dsccreg list-servers -h 10.10.10.10
Enter DSCC administrator's password:
Hostname  Port  sPort  Type  Owner  Flags  iPath  Description
--------  ----  -----  ----  -----  -----  -----  -----------
0 server instance(s) found in DSCC on 10.10.10.10.

Add the DS/DPS to the admin server

Note: The dsccreg needs to run on the DS/DPS servers (not the admin server)

dsccreg add-server -h 10.10.10.10 /data1/ldap_inst1/ldap/
Enter DSCC administrator's password:
/data1/ldap_inst1/ldap/ is an instance of DS
Enter password of "cn=Directory Manager" for /data1/ldap_inst1/ldap/:
This operation will restart /data1/ldap_inst1/ldap/.
Do you want to continue ? (y/n) y
Connecting to /data1/ldap_inst1/ldap (using ldap://127.0.0.1:1389)
Enabling DSCC access to /data1/ldap_inst1/ldap
Restarting /data1/ldap_inst1/ldap
Registering /data1/ldap_inst1/ldap in DSCC on 10.10.10.10.

dsccreg add-server -h 10.10.10.10 /data1/ldaproxy-config 
Enter DSCC administrator's password:
/data1/ldaproxy-config is an instance of DPS
Enter password of "cn=Proxy Manager" for /data1/ldaproxy-config:
Connecting to /data1/ldaproxy-config (using ldap://127.0.0.1:389)
Enabling DSCC access to /data1/ldaproxy-config
Registering /data1/ldaproxy-config in DSCC on 10.10.10.10.

Verify the registration is good

dsccreg list-servers -h 10.10.10.10
Enter DSCC administrator's password:
Hostname          Port  sPort  Type  Owner  Flags  iPath                   Description
----------------  ----  -----  ----  -----  -----  ----------------------  -----------
ldap1.domain.com  389   636   DS    root          /data1/ldap_inst1/ldap
ldproxy1.domain.com  389   636   DPS   root          /data1/ldaproxy-config
2 server instance(s) found in DSCC on 10.10.10.10.

Run on each instance

# dsccsetup cacao-reg
Registering DSCC Agent in Cacao...
Checking Cacao status...
Deploying DSCC agent in Cacao...
DSCC agent has been successfully registered in Cacao.

Replication between the admin servers

Note: First make sure to follow this process to setup the certificates between the admin servers
Follow this process to complete replication between the admin servers

How to Patch Directory Server

Note: The instructions below is only for the ZIP version

Stop the running domain

This is only needed on the admin server

asadmin stop-domain domain0

Prepare for the patch

dsccsetup prepare-patch

Unzip and overwrite the old files

cd TEMP_DIRECTORY
unzip -qq ODSEE11_1_1_3_0_xxx.zip
cd ODSEE_ZIP_Distribution
unzip -qq sun-dsee7.zip -d INSTALL_PATH
cd INSTALL_PATH/dsee7
 
# unzip -qq sun-dsee7.zip -d /optreplace /opt/dsee7/lib/libslapd.so.1? [y]es, [n]o, [A]ll, [N]one, [r]ename: A

Complete install process

dsccsetup complete-patch
***
Configuring Cacao...
Cacao has been successfully configured.
Registering DSCC Agent in Cacao...
Checking Cacao status...
Starting Cacao...
DSCC Agent will use locale C and charset ISO646-US
DSCC agent has been successfully registered in Cacao.
You can now restart your Directory Proxy Server instances:
        /opt/dsee7/bin/dpadm start /ldproxy1/ldap-proxy1/proxy
***

Start Directory Server

/opt/SUNWdsee7/bin/dsadm start /opt/SUNWdsee7/var/dcc/ads
or
/opt/dsee7/bin/dpadm start /ldpr1/ldap-proxy1/proxy
or
/opt/dsee7/bin/dsadm start /ldap1/ldap_inst1/ldap

Start the domain – for Admin servers only

asadmin start-domain domain0

ReDeploy the war fail

Under deployed applications, just click redeploy
For more information Check this out

References

Installing Directory server control center