Scribd
Upload
36 views15 pages

WebSphere V8 Configuration - DMZ

Uploaded by

mana45
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLS, PDF, TXT or read online on Scribd
36 views15 pages

WebSphere V8 Configuration - DMZ

Uploaded by

mana45
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLS, PDF, TXT or read online on Scribd

WebSphere Application Server for z/OS V8 Configura

This spread sheet complements WP100653 - WebSphere for z/OS V7 Sample ND Configuration and WP100871 - Introducing
outlined in those documents are utilized in this spread sheet - Naming Convention, Shared PROCs, Reduced RACF Definition
ease the process of gathering information and entering that information into the z Profile Management Tool (zPMT) for your W

To retrieve the latest copy of this spreadsheet, go to the following url: [Link]

The spread sheet consists of the following separate worksheets:


1. Documentation This work sheet
2. Variables Specify the variables for your WebSphere configuration on this worksheet. The
the remaining worksheets.
3. Admin Agent Generated responseFile for WebSphere Customization Tools (zPMT) to
4. Secure Proxy Generated responseFile for WebSphere Customization Tools (zPMT) to

The worksheets are color coded in an attempt ease the process of gathering and entering information. The color code is as fo

Orange Worksheet Heading


Gold Row and Column headings, no entry
Bright Green Fields requiring data entry, some fields are optional on worksheets after Variables
Black No data, no entry
Light Green Computed values using information from Variables worksheet
Pale Blue Section Headers
Brown Tables used to compute worksheet values

Author: John Cowel


jrcowel@[Link]

o Thanks to Jeffrey Sampson for providing the idea for developing this
spread sheet.
o Thanks to Don Bagwell for reviewing this spread sheet and publishing it
on the Techdocs web site.
o Thanks to Kevin Senior for providing the start of the zPMT sheets.
o Thanks to Jeff Mierzejewski for WebSphere V7 configuration information.

Change History:

5/2/2011 Add variable zUseVirtualKeyring


3/1/2011 Original document for WebSphere V8
for z/OS V8 Configuration
uration and WP100871 - Introducing the zPMT. Most of the recommendations
PROCs, Reduced RACF Definitions. This spread sheet was developed to
anagement Tool (zPMT) for your WebSphere for z/OS Configuration.

[Link]/support/techdocs/[Link]/WebIndex/PRS4686

onfiguration on this worksheet. These variables are used to compute values in

stomization Tools (zPMT) to Configure Administrative Agent


stomization Tools (zPMT) to Configure Secure Proxy

information. The color code is as follows:

after Variables

the idea for developing this

spread sheet and publishing it

start of the zPMT sheets.


ere V7 configuration information.
WebSphere Application Server for z/OS V
Configuration Variables
Variables related to Target z/OS Image on which WebSphere Utility Servers will be Configured
Enter Sysplex Name ==> plex
Enter System Name of DMZ system ==> sysa

Enter One Letter Node (LPAR) Qualifier for DMZ system ==> a

Enter Two Character Cell Prefix ==> ag

Enter Save Customization Dataset HLQ ==> [Link]

Enter PROCLIB Dataset Name ==> [Link]

Variables related to WebSphere Utility Server Configuration HFS/ZFS


Enter Configuration HFS Dataset HLQ ==> omvs.was80

Enter Configuration HFS Dataset LLQ ==> [Link]

Enter Configuration HFS High Level Directory ==> /wasv8confi

Configuration Dataset(s) File System Type (HFS | ZFS) ==> zFS

Admin Agent
Primary Space Allocation (CYL) ==> 420
Secondary Space Allocation (CYL) ==> 100
Volume (* if SMS Managed) ==> *

Path to WebSphere Install HFS (SBBOHFS) ==> /usr/lpp/zWebSphere_


Use Intermediate Symbolic Link to WebSphere Install HFS (Y | N)? Y

Variables related to Security Definitions in support of WebSphere Utility Servers


Reduced RACF definitions (Y | N)? Y
Use z/OS Security Product (Y | N | WAS)? Y
Use SAF profile prefix in RACF Profiles (Y | N)? Y

OMVS Home Directory for WebSphere Userids ==> /var/WebSphere/

Use AUTOGID/AUTOUID (Y | N)? N


Enter Starting GID ==> 2500
Enter Starting UID ==> 2400

Job Card Customization


Job Card Line 1: (ACCTNO,ROOM),'USERID',CLASS=A,REGION=0M,
Job Card Line 2: // MSGCLASS=A,NOTIFY=?
Job Card Line 3: //*
Job Card Line 4: //*

Variables related to SSL Configuration


Generate Certificate Authority (CA) Certificate (Y | N)? Y
Certificate Authority (CA) Certificate Label ==> WebSphereC
Expiration Date for Certificate Authority ==> 2021/12/31
Enable Writable SAF Keyring Support (Y | N)? N
Enable SSL on Location Service Daemon (Y | N)? Y
Use Virtual Keyring (Y | N)? Y

Variables related to TCP/IP Network


Host Name for DMZ system ==> [Link]

IP Address to bind ports to, or * for all > *

Variables related to Secure Proxy


Secure Proxy Security Level ( LOW | MEDIUM | HIGH ): HIGH
Secure Proxy Supported Protocols ( HTTP | SIP | BOTH ): BOTH

TCP/IP Port Allocations


Enter Starting TCP/IP Port ==>

Daemon ORB IIOP


Daemon ORB SSL
JMX Soap
Bootstrap/ORB IIOP
ORB SSL
Administrative console port
Administrative console secure port
HTTP
HTTP SSL
Administrative interprocess communication port
High availability manager communication port
Session Initiation Protocol (SIP) Port
Session Initiation Protocol (SIP) Secure Port
on Server for z/OS V8
Variables
Servers will be Configured
plex
sysa

ag

[Link]

[Link]

ration HFS/ZFS
omvs.was800

[Link]

/wasv8config

zFS

Admin Agent Secure Proxy


420 420
100 100
* *

/usr/lpp/zWebSphere_SPS/V8R0
Y

phere Utility Servers


Y
Y
Y

/var/WebSphere/home

N
2500
2400

CLASS=A,REGION=0M,
FY=?
Y
WebSphereCA
2021/12/31
N
Y
Y

[Link]

HIGH
BOTH

Starting TCP/IP Port ==> 9500


Secure Admin
Proxy Agent
Daemon ORB IIOP 9500 9520
Daemon ORB SSL 9501 9521
JMX Soap 9522
Bootstrap/ORB IIOP 9503 9523
ORB SSL 9524
ministrative console port 9525
ive console secure port 9526
HTTP 9507
HTTP SSL 9508
ess communication port 9509 9529
ger communication port 9510
ation Protocol (SIP) Port 9515
otocol (SIP) Secure Port 9516
#
# WebSphere Configuration Excel Workbook
#
# Generated responseFile to configure:
#
# Secure Proxy
# In Cell - AGPRXYA
#
# To be imported into the z Profile Management Tool that is part of
# Application Server Toolkit (AST).
#
# 1. Copy contents of this column by clicking on the column 'A' header above,
# then press CTRL-C to copy to clipboard.
#
# 2. Open a new file with notepad/wordpad and paste this in (CTRL-V).
#
# 3. Save the newly created file as [Link]
#
# 4. Load into z Profile Management Tool
#
#
create
adminPassword=
adminUserName=
cellName=agproxa
hostName=[Link]
nodeName=agproxa
profileName=default
profilePath=<root>\profiles\AGPROXA
securityLevel=high
serverName=agproxa
supportedProtocols=HTTP\\,SIP
targetOS=os390
templatePath=<root>\profileTemplates/zos-secureproxy
zAdminAsynchProcName=AGXDMSH
zAdminAsynchTaskUid=2405
zAdminAsynchTaskUserid=AGADMSH
zAdminLocalPort=9509
zAdminSecurityType=websphereForZos
zAdminUid=2401
zAdminUnauthenticatedUid=2402
zAdminUnauthenticatedUserid=AGGUEST
zAdminUserid=AGADMIN
zBootstrapPort=9503
zCaAuthorityExpirationDate=2021/12/31
zCellShortName=AGPROXA
zClusterTransitionName=AGPROXA
zConfigHfsName=[Link]
zConfigHfsPrimaryCylinders=420
zConfigHfsSecondaryCylinders=100
zConfigHfsVolume=*
zConfigMountPoint=/wasv8config/agproxa/agproxa
zConfigurationGroup=AGCFG
zConfigurationGroupGID=2500
zControlProcName=AGXCRA
zControlUid=2403
zControlUserid=AGACRU
zDaemonHomePath=/wasv8config/agproxa/agproxa/Daemon
zDaemonIPName=[Link]
zDaemonJobName=AGDMNXA
zDaemonListenIP=*
zDaemonPort=9500
zDaemonProcName=AGDMNXA
zDaemonRegisterWlmDns=false
zDaemonSslPort=9501
zDefaultSAFKeyringName=[Link]
zEnableIntermediateSymlink=true
zEnableSslOnDaemon=true
zEnableWritableKeyring=false
zFilesystemType=ZFS
zGenerateCaCertificate=true
zHighAvailManagerPort=9510
zHttpTransportHostName=*
zHttpTransportPort=9507
zHttpTransportSslPort=9508
zIntermediateSymlink=/wasv8config/agproxa/agproxa/wasInstall
zJobStatement1=(ACCTNO,ROOM),'USERID',CLASS=A,REGION=0M,
zJobStatement2=// MSGCLASS=A,NOTIFY=?
zJobStatement3=//*
zJobStatement4=//*
zLocalUserGroup=AGGUESTG
zLocalUserGroupGID=2502
zNodeShortName=AGPROXA
zProclibName=[Link]
zSSLCaKeylabel=WebSphereCA
zSAFProfilePrefix=AGPROXA
zServantGroup=AGSRVG
zServantGroupGID=2501
zServantProcName=AGXSRA
zServantUid=2404
zServantUserid=AGASRU
zServerShortName=AGPROXA
zSessionInitiationPort=9515
zSessionInitiationSecurePort=9516
zSmpePath=/usr/lpp/zWebSphere_SPS/V8R0
zSysplexName=PLEX
zSystemName=SYSA
zTargetHLQ=[Link]
zUserIDHomeDirectory=/var/WebSphere/home
zUseVirtualKeyring=true
zWasServerDir=SecureProxy
Property used in zPMT Derived value from Variables sheet
create
adminPassword
adminUserName
cellName agproxa
hostName [Link]
nodeName agproxa
profileName default
profilePath <root>\profiles\AGPROXA
securityLevel high
serverName agproxa
supportedProtocols HTTP\\,SIP
targetOS os390
templatePath <root>\profileTemplates/zos-secureproxy
zAdminAsynchProcName AGXDMSH
zAdminAsynchTaskUid 2405
zAdminAsynchTaskUserid AGADMSH
zAdminLocalPort 9509
zAdminSecurityType websphereForZos
zAdminUid 2401
zAdminUnauthenticatedUid 2402
zAdminUnauthenticatedUserid AGGUEST
zAdminUserid AGADMIN
zBootstrapPort 9503
zCaAuthorityExpirationDate 2021/12/31
zCellShortName AGPROXA
zClusterTransitionName AGPROXA
zConfigHfsName [Link]
zConfigHfsPrimaryCylinders 420
zConfigHfsSecondaryCylinders 100
zConfigHfsVolume *
zConfigMountPoint /wasv8config/agproxa/agproxa
zConfigurationGroup AGCFG
zConfigurationGroupGID 2500
zControlProcName AGXCRA
zControlUid 2403
zControlUserid AGACRU
zDaemonHomePath /wasv8config/agproxa/agproxa/Daemon
zDaemonIPName [Link]
zDaemonJobName AGDMNXA
zDaemonListenIP *
zDaemonPort 9500
zDaemonProcName AGDMNXA
zDaemonRegisterWlmDns false
zDaemonSslPort 9501
zDefaultSAFKeyringName [Link]
zEnableIntermediateSymlink true
zEnableSslOnDaemon true
zEnableWritableKeyring false
zFilesystemType ZFS
zGenerateCaCertificate true
zHighAvailManagerPort 9510
zHttpTransportHostName *
zHttpTransportPort 9507
zHttpTransportSslPort 9508
zIntermediateSymlink /wasv8config/agproxa/agproxa/wasInstall
zJobStatement1 (ACCTNO,ROOM),'USERID',CLASS=A,REGION=0M,
zJobStatement2 // MSGCLASS=A,NOTIFY=?
zJobStatement3 //*
zJobStatement4 //*
zLocalUserGroup AGGUESTG
zLocalUserGroupGID 2502
zNodeShortName AGPROXA
zProclibName [Link]
zSSLCaKeylabel WebSphereCA
zSAFProfilePrefix AGPROXA
zServantGroup AGSRVG
zServantGroupGID 2501
zServantProcName AGXSRA
zServantUid 2404
zServantUserid AGASRU
zServerShortName AGPROXA
zSessionInitiationPort 9515
zSessionInitiationSecurePort 9516
zSmpePath /usr/lpp/zWebSphere_SPS/V8R0
zSysplexName PLEX
zSystemName SYSA
zTargetHLQ [Link]
zUserIDHomeDirectory /var/WebSphere/home
zUseVirtualKeyring true
zWasServerDir SecureProxy
#
# WebSphere Configuration Excel Workbook
#
# Generated responseFile to configure:
#
# Administrative Agent
# In Cell - AGADMAA
#
# To be imported into the z Profile Management Tool that is part of
# Application Server Toolkit (AST).
#
# 1. Copy contents of this column by clicking on the column 'A' header above,
# then press CTRL-C to copy to clipboard.
#
# 2. Open a new file with notepad/wordpad and paste this in (CTRL-V).
#
# 3. Save the newly created file as [Link]
#
# 4. Load into z Profile Management Tool
#
#
create
adminPassword=
adminUserName=
cellName=agprxaa
hostName=[Link]
keyStorePassword=
nodeName=agprxaa
personalCertDN=cn=[Link]\\,ou=AGPRXAA\\,ou=AGPRXAA\\,o=IBM\\,c=US
personalCertValidityPeriod=1
profileName=default
profilePath=<root>\profiles\AGPRXAA
serverName=adminagent
serverType=ADMIN_AGENT
signingCertDN=cn=[Link]\\,ou=Root Certificate\\,ou=AGPRXAA\\,ou=AGPRXAA\\,o=IBM\\,c=U
signingCertValidityPeriod=20
targetOS=os390
templatePath=<root>\profileTemplates/zos-management
zAdminConsolePort=9525
zAdminConsoleSecurePort=9526
zAdminLocalPort=9529
zAdminSecurityType=websphereForZos
zAdminUid=2401
zAdminUnauthenticatedUid=2402
zAdminUnauthenticatedUserid=AGGUEST
zAdminUserid=AGADMIN
zCaAuthorityExpirationDate=2021/12/31
zCellShortName=AGPRXAA
zClusterTransitionName=AGPRXAA
zConfigHfsName=[Link]
zConfigHfsPrimaryCylinders=420
zConfigHfsSecondaryCylinders=100
zConfigHfsVolume=*
zConfigMountPoint=/wasv8config/agprxaa/agprxaa
zConfigurationGroup=AGCFG
zConfigurationGroupGID=2500
zControlProcName=AGYCRA
zControlUid=2403
zControlUserid=AGACRU
zDaemonHomePath=/wasv8config/agprxaa/agprxaa/Daemon
zDaemonIPName=[Link]
zDaemonJobName=AGDMNYA
zDaemonListenIP=*
zDaemonPort=9520
zDaemonProcName=AGDMNGA
zDaemonRegisterWlmDns=false
zDaemonSslPort=9521
zDefaultSAFKeyringName=[Link]
zEnableIntermediateSymlink=true
zEnableSslOnDaemon=true
zEnableWritableKeyring=false
zFilesystemType=ZFS
zGenerateCaCertificate=true
zHttpTransportHostName=*
zIntermediateSymlink=/wasv8config/agprxaa/agprxaa/wasInstall
zJobStatement1=(ACCTNO,ROOM),'USERID',CLASS=A,REGION=0M,
zJobStatement2=// MSGCLASS=A,NOTIFY=?
zJobStatement3=//*
zJobStatement4=//*
zLocalUserGroup=AGGUESTG
zLocalUserGroupGID=2502
zNodeShortName=AGPRXAA
zOrbListenerHostName=*
zOrbListenerPort=9523
zOrbListenerSslPort=9524
zProclibName=[Link]
zSSLCaKeylabel=WebSphereCA
zSAFProfilePrefix=AGPRXAA
zServantGroup=AGSRVG
zServantGroupGID=2501
zServantProcName=AGYSRA
zServantUid=2404
zServantUserid=AGASRU
zServerShortName=AGPRXAA
zSmpePath=/usr/lpp/zWebSphere_SPS/V8R0
zSoapPort=9522
zSysplexName=PLEX
zSystemName=SYSA
zTargetHLQ=[Link]
zUserIDHomeDirectory=/var/WebSphere/home
zUseVirtualKeyring=true
zWasServerDir=SecureProxyAdmin
Property used in zPMT Derived value from Variables sheet
create
adminPassword
adminUserName
cellName agprxaa
hostName [Link]
keyStorePassword
nodeName agprxaa
personalCertDN cn=[Link]\\,ou=AGPRXAA\\,ou=AGPRXAA\\,o=IBM\\,c=US
personalCertValidityPeriod 1
profileName default
profilePath <root>\profiles\AGPRXAA
serverName adminagent
serverType ADMIN_AGENT
signingCertDN cn=[Link]\\,ou=Root Certificate\\,ou=AGPRXAA\\,ou=AGPRXAA\\,o=IBM\\
signingCertValidityPeriod 20
targetOS os390
templatePath <root>\profileTemplates/zos-management
zAdminConsolePort 9525
zAdminConsoleSecurePort 9526
zAdminLocalPort 9529
zAdminSecurityType websphereForZos
zAdminUid 2401
zAdminUnauthenticatedUid 2402
zAdminUnauthenticatedUserid AGGUEST
zAdminUserid AGADMIN
zCaAuthorityExpirationDate 2021/12/31
zCellShortName AGPRXAA
zClusterTransitionName AGPRXAA
zConfigHfsName [Link]
zConfigHfsPrimaryCylinders 420
zConfigHfsSecondaryCylinders 100
zConfigHfsVolume *
zConfigMountPoint /wasv8config/agprxaa/agprxaa
zConfigurationGroup AGCFG
zConfigurationGroupGID 2500
zControlProcName AGYCRA
zControlUid 2403
zControlUserid AGACRU
zDaemonHomePath /wasv8config/agprxaa/agprxaa/Daemon
zDaemonIPName [Link]
zDaemonJobName AGDMNYA
zDaemonListenIP *
zDaemonPort 9520
zDaemonProcName AGDMNGA
zDaemonRegisterWlmDns false
zDaemonSslPort 9521
zDefaultSAFKeyringName [Link]
zEnableIntermediateSymlink true
zEnableSslOnDaemon true
zEnableWritableKeyring false
zFilesystemType ZFS
zGenerateCaCertificate true
zHttpTransportHostName *
zIntermediateSymlink /wasv8config/agprxaa/agprxaa/wasInstall
zJobStatement1 (ACCTNO,ROOM),'USERID',CLASS=A,REGION=0M,
zJobStatement2 // MSGCLASS=A,NOTIFY=?
zJobStatement3 //*
zJobStatement4 //*
zLocalUserGroup AGGUESTG
zLocalUserGroupGID 2502
zNodeShortName AGPRXAA
zOrbListenerHostName *
zOrbListenerPort 9523
zOrbListenerSslPort 9524
zProclibName [Link]
zSSLCaKeylabel WebSphereCA
zSAFProfilePrefix AGPRXAA
zServantGroup AGSRVG
zServantGroupGID 2501
zServantProcName AGYSRA
zServantUid 2404
zServantUserid AGASRU
zServerShortName AGPRXAA
zSmpePath /usr/lpp/zWebSphere_SPS/V8R0
zSoapPort 9522
zSysplexName PLEX
zSystemName SYSA
zTargetHLQ [Link]
zUserIDHomeDirectory /var/WebSphere/home
zUseVirtualKeyring true
zWasServerDir SecureProxyAdmin
o=IBM\\,c=US

AA\\,ou=AGPRXAA\\,o=IBM\\,c=US

You might also like