IBM Security Access Manager for Enterprise Single Sign-On, Version 8.2

Creating profiles for network deployments (command-line) for x86 or x64 architectures

Use the manageprofiles command to create profiles for a network deployment from the command line.

Before you begin

Log on to the system as a user with administrator privileges.
Prepare the WebSphere Application Server.
Install the WebSphere Application Server fix packs.
Ensure that two way host name resolution is set up between the deployment manager, the nodes, and every other node. You can add the entries to a DNS host or a hosts files.

About this task

For 64-bit WebSphere Application Server 7.0, you must use the manageprofiles command to create profiles because the Profile Management Tool is not available for 64-bit systems.

The command-line parameters included with the following steps, uses the same profile creation parameters you might use when you create the profiles in the Profile Management Tool. The examples serve only as a guide. For complete information about creating profiles in WebSphere Application Server, see the WebSphere Application Server information center.

Important: For new network deployments, create a deployment manager profile first.

Procedure

Open the command prompt.

To create the deployment manager profile.

See the following example (use without line-breaks, case-sensitive):

Command line with parameters (case-sensitive, use without line breaks) Example with sample values

Command line with parameters (case-sensitive, use without line breaks)	Example with sample values
`"<was_home>\bin\manageprofiles.bat" -create -profileName <Dmgr01> -profilePath "<was_home>\profiles\<Dmgr01>" -templatePath "<was_home>\profileTemplates\management" -enableAdminSecurity true -adminUserName <WAS Admin user ID> -adminPassword <password> -winserviceAccountType localsystem -winserviceCheck true -winservicePassword <password> -winserviceStartupType automatic`	`"C:\Program Files\IBM\WebSphere\AppServer\bin\manageprofiles.bat" -create -profileName Dmgr01 -profilePath "C:\Program Files\IBM\WebSphere\AppServer\profiles\Dmgr01" -templatePath "C:\Program Files\IBM\WebSphere\AppServer\profileTemplates\management" -enableAdminSecurity true -adminUserName wasadmin -adminPassword <password> -winserviceAccountType localsystem -winserviceCheck true -winserviceStartupType automatic`

"<was_home>\bin\manageprofiles.bat" 
-create 
-profileName <Dmgr01> 
-profilePath "<was_home>\profiles\<Dmgr01>" 
-templatePath "<was_home>\profileTemplates\management" 
-enableAdminSecurity true
-adminUserName <WAS Admin
user ID>
-adminPassword <password>
-winserviceAccountType localsystem 
-winserviceCheck true
-winservicePassword <password> 
-winserviceStartupType automatic

"C:\Program Files\IBM\WebSphere\AppServer\bin\manageprofiles.bat" -create -profileName Dmgr01 -profilePath "C:\Program Files\IBM\WebSphere\AppServer\profiles\Dmgr01" -templatePath "C:\Program Files\IBM\WebSphere\AppServer\profileTemplates\management" -enableAdminSecurity true -adminUserName wasadmin -adminPassword <password> -winserviceAccountType localsystem -winserviceCheck true -winserviceStartupType automatic

Important: The administrative user name that you supply for the WebSphere administrator must not exist on the directory server. For example: if the WebSphere administrator you provide is wasadmin, then the user wasadmin must not exist on the corporate enterprise directory.

Verify that the profile is created.
1. Click Start > All Programs > IBM WebSphere > Application Server Network Deployment 7.0 > Application Server > profiles > <Dmgr01> > First steps.
2. Click the Installation verification link.
Optional: Recreate the root CA on the deployment manager node before creating member nodes.
This optional step is only for deployments with specific 2048 bit key size requirements.

To create the custom profile for a managed node:

Note: Ensure that the deployment manager is started. Ensure that two way name resolution is enabled between the nodes and the deployment manager.

See the following example (case-sensitive, use without line-breaks):

Command line with parameters (case-sensitive, use without line breaks)	Example with sample values
`"<was_home>\bin\manageprofiles.bat" -create -profileName <Custom01> -profilePath "<was_home>\profiles\<Custom01>" -templatePath "<was_home>\profileTemplates\managed" -dmgrHost ibm-svr1.example.com -dmgrPort 8879 -dmgrAdminUserName <WAS Admin user ID> -dmgrAdminPassword <password>`	`"C:\Program Files\IBM\WebSphere\AppServer\bin\manageprofiles.bat" -create -profileName Custom01 -profilePath "C:\Program Files\IBM\WebSphere\AppServer\profiles\Custom01" -templatePath "C:\Program Files\IBM\WebSphere\AppServer\profileTemplates\managed" -dmgrHost ibm-svr1.example.com -dmgrPort 8879 -dmgrAdminUserName wasadmin -dmgrAdminPassword <password>`

The example creates a custom profile and federates the custom node into the deployment manager node.

Remember: You can update the Planning worksheet with the values of your created profile.

If the federation fails, see the IBM Security Access Manager for Enterprise Single Sign-On Troubleshooting and Support Guide.

What to do next

Optional: If the installation is not verified, start the First steps tool to verify the installation.

Click Start > All Programs > IBM WebSphere > Application Server Network Deployment 7.0 > Application Server > profiles > <Dmgr01> > First steps.
Click Installation verification.

Feedback