To backup/restore Tivoli configuration
This is to backup/restore TAM configuration data which is not stored in LDAP
pdbackup –a backup –list /opt/PolicyDirector/etc/pdinfo.lst –p /data/tivoli/backup –file pdbackup
Once the above command is executed, we can find an archive file by name pdbackup.tar under the folder /data/tivoli/backup.
To restore use the same command with -action restore option.
Tuesday, September 7, 2010
Configure Policy Server failover in non-AIX operating systems
Policy Server failover is achieved using HACMP on AIX environment. How do you configure failover in operating systems other than AIX such as Windows.
One of the ways that I could see is:
1. Take nortan ghost of MPS machine and on a new machine with the same OS configuration, extract the ghost.
2. Keep the second machine disconnected from network. This machine will have same hostname as the primary MPS machine.
3. On a periodic basis, take MPS backup from primary using pdbackup command and restore the backup on second machine(call it backup machine).
4. In the event of primary MPS failure, disconnect primary from network and connect backup MPS machine to network.
One of the ways that I could see is:
1. Take nortan ghost of MPS machine and on a new machine with the same OS configuration, extract the ghost.
2. Keep the second machine disconnected from network. This machine will have same hostname as the primary MPS machine.
3. On a periodic basis, take MPS backup from primary using pdbackup command and restore the backup on second machine(call it backup machine).
4. In the event of primary MPS failure, disconnect primary from network and connect backup MPS machine to network.
The Tivoli Access Manager authorization server could not be started
Take the backup of ivacld.db to ivacld.db.old and remove ivacld.db. Start Autherizartion service.
TAM WPM 6.0 console error "Page cannot be displayed displayed"
Cause : “amconf.properties” file is missing under classes directory of TAMWPM.ear.
Solution : Manually created “amconf.properties” file.
Solution : Manually created “amconf.properties” file.
Monday, September 6, 2010
Attempting to configure the Web Portal Manager 5.1 in native mode, an error occurs: The Access Manager Java Runtime installed within the WebSphere JRE is outdated. Please upgrade the Access Manager Java Runtime."
Cause
PD.jar not updated
Answer
When attempting to configure the IBM Tivoli Access Manager for e-Business 5.1 Web Portal Manager in native mode, an error occurs:
"C:\Program Files\Tivoli\Policy Director\sbin>amwpmcfg -action config -interactive
The Access Manager Java Runtime installed within the WebSphere JRE is
outdated. Please upgrade the Access Manager Java Runtime."
Checking the java version in IBM WebSphere, it shows the version as 1.3.1.
What seems to be the problem?
Doing a search of the PD.jar file on the system, this information is displayed:
File Name
Location
Size
PD.jar
C:\Program Files\Tivoli\Policy Director\java\export\pdjrte
1,213 KB
PD.jar
C:\Program Files\Tivoli\Policy Director\java\export\pdwpm
1,213 KB
PD.jar
C;\Program Files\WebSphere\AppServer\java\jre\lib\ext
717 KB
As seen in the table above, the size of the PD.jar file is a different size than the other two files of the same name. This older PD.jar file is the one shipped within IBM WebSphere which was built for Web Portal Manager 4.1.
To solve this problem, copy the larger PD.jar file from the directory:
C:\Program Files\Tivoli\Policy Director\java\export\pdwpm
and overwrite the PD.jar file in this directory:
C;\Program Files\WebSphere\AppServer\java\jre\lib\ext
Reconfigure WPM.
PD.jar not updated
Answer
When attempting to configure the IBM Tivoli Access Manager for e-Business 5.1 Web Portal Manager in native mode, an error occurs:
"C:\Program Files\Tivoli\Policy Director\sbin>amwpmcfg -action config -interactive
The Access Manager Java Runtime installed within the WebSphere JRE is
outdated. Please upgrade the Access Manager Java Runtime."
Checking the java version in IBM WebSphere, it shows the version as 1.3.1.
What seems to be the problem?
Doing a search of the PD.jar file on the system, this information is displayed:
File Name
Location
Size
PD.jar
C:\Program Files\Tivoli\Policy Director\java\export\pdjrte
1,213 KB
PD.jar
C:\Program Files\Tivoli\Policy Director\java\export\pdwpm
1,213 KB
PD.jar
C;\Program Files\WebSphere\AppServer\java\jre\lib\ext
717 KB
As seen in the table above, the size of the PD.jar file is a different size than the other two files of the same name. This older PD.jar file is the one shipped within IBM WebSphere which was built for Web Portal Manager 4.1.
To solve this problem, copy the larger PD.jar file from the directory:
C:\Program Files\Tivoli\Policy Director\java\export\pdwpm
and overwrite the PD.jar file in this directory:
C;\Program Files\WebSphere\AppServer\java\jre\lib\ext
Reconfigure WPM.
Bad Request "The Access Manager WebSEAL server recieved an invalid HTTP request"
In most cases, this can be resolved by modifying the following (default) declaration in the webseald conf file:
max-webseal-header-size = 0
to a fixed value, such as:
max-webseal-header-size = 3192
This will cause webseal to split the header (packet) at the given value if the header size is above the given value. Backend server processes meeting the HTTP 1.1 spec will reconstruct the header if applicable.
max-webseal-header-size = 0
to a fixed value, such as:
max-webseal-header-size = 3192
This will cause webseal to split the header (packet) at the given value if the header size is above the given value. Backend server processes meeting the HTTP 1.1 spec will reconstruct the header if applicable.
Sunday, September 5, 2010
DPWWA1235E Could not read the response status line sent by a third-party server. Possible causes: non-spec HTTP headers, connection timeout, no data returned. This is not a problem with the WebSEAL server.
Increase the value of http-timeout = 120 & https-timeout = 120 (default) in webseald-default.conf file.
Subscribe to:
Posts (Atom)