Wednesday, March 18, 2009

Directory Server Enterprise Edition upgrade from 6.2 to 6.3.1 - OpenSolaris 2008.11

  • first backup(using ZFS snapshot for example)
  • stop cacao
-bash-3.00# cacaoadm stop
  • stop web console
-bash-3.00# smcwebserver stop
  • stop the DS instances
for example :

-bash-3.00# /var/opt/SUNWdseeInstances/DS62/stop-slapd
  • apply the patch
My DSEE is running in a zone and is located in /opt/SUNWdsee.
It is not very clear in the doc as they reference /local.

To Upgrade Directory Server Enterprise Edition to 6.3.1 Using ZIP Distribution

If you enter the wrong dierctory, you will end up with 2 versions of the software ! A 6.2 and a 6.3. It is not a big problem but your instances will not be upgraded !

-bash-3.00# pwd
/root/126749-05(extract the files)

This is the patch for X86.

-bash-3.00# ./dsee_deploy install -i /opt/SUNWdsee

Do you accept the license terms ? : yes
Check availability of port 11162
Checking running Directory Server instances
Checking running Directory Proxy Server instances
Unzipping sun-ldap-base.zip ...
Unzipping sun-ldap-dsrk6.zip ...
Unzipping sun-ldap-dsrk-man.zip ...
Unzipping sun-ldapcsdk-tools.zip ...
Unzipping sun-ldapcsdk-dev.zip ...
Unzipping sun-ldap-ljdk.zip ...
Unzipping sun-ldap-jre.zip ...
Unzipping sun-ldap-shared.zip ...
Unzipping sun-ldap-shared-l10n.zip ...
Unzipping sun-ldap-directory.zip ...
Unzipping sun-ldap-directory-l10n.zip ...
Unzipping sun-ldap-directory-config.zip ...
Unzipping sun-ldap-directory-man.zip ...
Unzipping sun-ldap-directory-dev.zip ...
Unzipping sun-ldap-mfwk.zip ...
Unzipping sun-ldap-cacao.zip ...
Unzipping sun-ldap-console-agent.zip ...
Unzipping sun-ldap-console-cli.zip ...
Unzipping sun-ldap-console-common.zip ...
Unzipping sun-ldap-console-var.zip ...
Unzipping sun-ldap-jdmk.zip ...
Unzipping sun-ldap-directory-client.zip ...
Unzipping sun-ldap-directory-client-l10n.zip ...
Unzipping sun-ldap-proxy.zip ...
Unzipping sun-ldap-proxy-l10n.zip ...
Unzipping sun-ldap-proxy-man.zip ...
Unzipping sun-ldap-proxy-client.zip ...
Unzipping sun-ldap-proxy-client-l10n.zip ...
Unzipping sun-ldap-console-gui.zip ...
Unzipping sun-ldap-console-gui-help.zip ...
Unzipping sun-ldap-console-gui-l10n.zip ...
Unzipping sun-ldap-console-gui-help-l10n.zip ...
Creating WAR file for Console

Configuring Cacao at /opt/SUNWdsee/dsee6/cacao_2
Setting Cacao parameter jdmk-home with default value [/opt/SUNWdsee/dsee6/private]
Setting Cacao parameter java-home with default value [/opt/SUNWdsee/jre]
Setting Cacao parameter nss-lib-home with default value [/opt/SUNWdsee/dsee6/private/lib]
Setting Cacao parameter nss-tools-home with default value [/opt/SUNWdsee/dsee6/bin]
Registering DSCC agent into cacao
Starting Cacao if necessary
Registering JESMF agent into Cacao
Making a copy of dsee_deploy
Making a copy of listrunnings
You can now start your Directory Server Instances
You can now start your Directory Proxy Server Instances
  • restart the services.
-bash-3.00# smcwebserver status
Sun Java(TM) Web Console is stopped

-bash-3.00# cacaoadm status
default instance is DISABLED at system startup.
default instance is not running.

-bash-3.00# cacaoadm start
Error when trying to start SMF service: [svc:/application/management/common-agent-container-1:default].
Please check the SMF log file for more information: [/var/svc/log/application-management-common-agent-container-1:default.log].

This problem was solved rebooting the zone !

-bash-3.00# reboot
Connection to europortal.vegworld.org closed by remote host.
Connection to europortal.vegworld.org closed.

rudy:~$ ssh -l root -X europortal.vegworld.org
Password:
Last login: Wed Mar 18 17:13:15 2009 from 192.168.1.100
Sun Microsystems Inc. SunOS 5.10 Generic January 2005

-bash-3.00# cacaoadm start
-bash-3.00# smcwebserver start
Starting Sun Java(TM) Web Console Version 3.1 ...
The console is running
  • start DSEE instance(s)
-bash-3.00# /var/opt/SUNWdseeInstances/DS62/start-slapd

-bash-3.00# more /var/opt/SUNWdseeInstances/DS62/logs/errors

BEFORE

[18/Mar/2009:16:37:43 +0100] - Sun-Java(tm)-System-Directory/6.2 B2007.192.2248
(32-bit) starting up

AFTER

[18/Mar/2009:17:16:43 +0100] - Sun-Java(tm)-System-Directory/6.3.1 B2008.1121.05
30 (32-bit) starting up

-Rudy-

Friday, February 27, 2009

Using IDM 8.0 - part 5 - Administering Identity Manager

This is a screenshot of http://identity-manager-80.catalogne.org:8080/idm/login.jsp

Using IDM 8.0 - part 4 - Documentation

IDM_Release_Notes_8-0.pdf
IDM_Resource_Reference_8-0.pdf
IDM_SPE_Deployment_8-0.pdf
IDM_Technical_Deployment_Overview_8-0.pdf
IDM_Administration_8-0.pdf
IDM_Tuning_Troubleshooting_8-0.pdf
IDM_DeploymentTools_8-0.pdf
IDM_Upgrade_8-0.pdf
IDM_Installation_8-0.pdf
IDM_Workflows_Forms_Views_8-0.pdf

You can get the doc in the same location that the software(sun.com).

Using IDM 8.0 - part 3 - Software

  • Identity Manager 8.0
IDM_8_0_0_0.zip
  • MySQL 5 (on OpenSolaris 2008.11)
mysql-5.1.31-solaris10-i386.tar
  • Apache Tomcat 6
apache-tomcat-6.0.18.zip
  • Java Activation Framework
jaf-1_0_2-upd2.zip
and more specifically activation.jar to be copied into /opt/apache-tomcat-6.0.18/webapps/idm/WEB-INF/lib
  • Java Mail
javamail-1_4_1.zip
and more specifically mail.jar to be copied into /opt/apache-tomcat-6.0.18/webapps/idm/WEB-INF/lib
  • Open Message Queue
mq4_3-installer-SunOS_X86.zip
and more specifically jms.jar to be copied into /opt/apache-tomcat-6.0.18/webapps/idm/WEB-INF/lib
  • MySQL jdbc driver
mysql-connector-java-5.1.6-bin.jar to be copied into /opt/apache-tomcat-6.0.18/webapps/idm/WEB-INF/lib

The 4 jars(activation.jar, mail.jar, jms.jar and mysql-connector-java-5.1.6-bin.jar) were archived for later use.

Using IDM 8.0 - part 2 - Displaying the waveset database

  • Displaying the contents of waveset

root@identity-manager-80:/opt/mysql-5.1.31# bin/mysqlshow waveset
+------------+
| Tables |
+------------+
| account |
| acctattr |
| acctchange |
| attribute |
| entattr |
| entchange |
| entitle |
| log |
| logattr |
| objchange |
| object |
| org |
| orgattr |
| orgchange |
| qattr |
| qchange |
| queue |
| roleattr |
| rolechange |
| roleobj |
| slogattr |
| syslog |
| task |
| taskattr |
| taskchange |
| userattr |
| userchange |
| userobj |
+------------+


Using IDM 8.0 - part 1 - Starting and Stopping MySQL and Tomcat

  • Starting MySQL

root@identity-manager-80:~# cd /opt/mysql-5.1.31
root@identity-manager-80:/opt/mysql-5.1.31# bin/mysqld_safe --user=mysql
090227 15:22:19 mysqld_safe Logging to '/opt/mysql-5.1.31/data/identity-manager-80.err'.
090227 15:22:19 mysqld_safe Starting mysqld daemon with databases from /opt/mysql-5.1.31/data


Comment(s) :

  1. It seems not possible to start mysql
    with /opt/mysql-5.1.31/bin/mysqld_safe --user=mysql
    a cd is necessary in /opt/mysql-5.1.31
    or maybe using a environment variable ?
  • Starting Identity Manager(Tomcat)
-Edit catalina.sh and and define the JAVA_HOME environment variable or define the variable into your environment.
JAVA_HOME=/usr/jdk/latest

root@identity-manager-80:~# /opt/apache-tomcat-6.0.18/bin/catalina.sh run
Using CATALINA_BASE: /opt/apache-tomcat-6.0.18
Using CATALINA_HOME: /opt/apache-tomcat-6.0.18
Using CATALINA_TMPDIR: /opt/apache-tomcat-6.0.18/temp
Using JRE_HOME: /usr/jdk/latest
Feb 26, 2009 1:39:11 PM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/jdk/instances/jdk1.6.0_12/jre/lib/i386/server:/usr/jdk/instances/jdk1.6.0_12/jre/lib/i386:/usr/jdk/instances/jdk1.6.0_12/jre/../lib/i386:/usr/jdk/packages/lib/i386:/lib:/usr/lib
Feb 26, 2009 1:39:11 PM org.apache.coyote.http11.Http11Protocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
Feb 26, 2009 1:39:11 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 637 ms
Feb 26, 2009 1:39:11 PM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Feb 26, 2009 1:39:11 PM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/6.0.18
Feb 26, 2009 1:39:12 PM org.apache.catalina.loader.WebappClassLoader validateJarFile
INFO: validateJarFile(/opt/apache-tomcat-6.0.18/webapps/idm/WEB-INF/lib/j2ee.jar) - jar not loaded. See Servlet Spec 2.3, section 9.7.2. Offending class: javax/servlet/Servlet.class
Constructing Startup Servlet...
Initializing Startup Servlet...
Defining system properties...
StartupServlet: programmatically derived waveset.home=file:/opt/apache-tomcat-6.0.18/webapps/idm/
StartupServlet: Defining properties from web.xml
Starting: Identity Server...
...Finished starting Startup Servlet
Feb 26, 2009 1:39:18 PM org.apache.coyote.http11.Http11Protocol start
INFO: Starting Coyote HTTP/1.1 on http-8080
Feb 26, 2009 1:39:18 PM org.apache.jk.common.ChannelSocket init
INFO: JK: ajp13 listening on /0.0.0.0:8009
Feb 26, 2009 1:39:18 PM org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=0/12 config=null
Feb 26, 2009 1:39:18 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 7312 ms


  • Stopping MySQL

root@identity-manager-80:~# cd /opt/mysql-5.1.31/
root@identity-manager-80:/opt/mysql-5.1.31# bin/mysqladmin -u root shutdown

  • Stopping Tomcat

root@identity-manager-80:~# /opt/apache-tomcat-6.0.18/bin/shutdown.sh
Using CATALINA_BASE: /opt/apache-tomcat-6.0.18
Using CATALINA_HOME: /opt/apache-tomcat-6.0.18
Using CATALINA_TMPDIR: /opt/apache-tomcat-6.0.18/temp
Using JRE_HOME: /usr/jdk/latest

  • What does happen if mysql is not running ?
Identity Manager does not work at all(of course !)
Starting: Identity Server...
com.waveset.util.ConfigurationError:
==> com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure

Last packet sent to the server was 0 ms ago.
...
...
...

  • URLs to access Identity Manager :
http://identity-manager-80.catalogne.org:8080/idm/login.jsp
http://identity-manager-80.catalogne.org:8080/idm/user/login.jsp

*configurator/configurator*---renamed to config
config/secret---don't use it
*administrator/administrator*---renamed to admin
admin/secret---don't use it

users to be used(for security reason)
myconfig/password
myadmin/password

Two new users were created. myconfig and myadmin and the original configurator and administrator were renamed to config and admin. The password of config and admin were changed.