As part of installing WebSphere for the driver, you should complete the following tasks consecutively. These instructions are for Windows, but you can follow the same procedure for other platforms.
For Webspehere 7.1 on your messaging server, locate the following jar files:
com.ibm.mq.jar
com.ibm.mqjms.jar
connector.jar
dhbcore.jar
jta.jar
fscontext.jar
jndi.jar
For Websphere 7.5, locate the following jar files:
com.ibm.mq.jar
com.ibm.mq.jmqi.jar
com.ibm.mqjms.jar
connector.jar
dhbcore.jar
fscontext.jar
jndi.jar
NOTE:After copying the MQ jar files, restart eDirectory.
Copy the jar files to the Identity Manager server.
The following table identifies where to place jar files on an Identity Management server, by platform.
|
Platform |
Directory Path |
|---|---|
|
Windows |
Local installation: C:\Novell\IdentityManager\NDS\lib Remote installation: C:\Novell\IdentityManager\RemoteLoader\lib |
|
Linux/UNIX |
Local installation: /usr/lib/dirxml/classes (pre-eDirectory 8.8) or opt/novell/eDirectory/lib/dirxml/classes (eDirectory 8.8) Remote installation: /usr/lib/dirxml/classes (pre-eDirectory 8.8) or /opt/novell/eDirectory/lib/dirxml/classes (eDirectory 8.8) |
Locate where you installed the installation script during the JMS driver installation. The following table indicates the default directories where scripts are installed, by platform.
|
Platform |
Directory Path |
|---|---|
|
Windows |
C:\Novell\IdentityManager\NDS\DirXMLUtilities\jms\webmq |
|
Linux\UNIX |
install-dir/lib/dirxml/rules/jms/webmq |
Copy the script to your messaging server.
If necessary, restart your eDirectory server.
From the command line, change directories to Program Files\IBM\WebSphere MQ\Java\bin.
From the command line, execute the following command:
runmqsc QM < idm_mq_install.mqsc
This file is provided only as an example; you might need to customize the content.
Continue with Section 4.1.3, Starting the Publish/Subscriber Broker.
From the command line, execute the following command:
strmqbrk -m QM
You should see a message indicating that the broker is running.
Continue with Section 4.1.4, Installing System Queues Necessary for Publish/Subscribe.
From the command line, execute the following command:
runmqsc QM < MQJMS_PSQ.mqsc
You should see some tracing, indicating successful queue creation.
NOTE:If you don’t enter this command, you might see the following error: “MQJMS1111: JMS 1.1 The required Queues/Publish Subscribe services are not set up {0} error.”
Continue with Section 4.1.5, Creating a User Account.
Click Start > Programs > Administrative Tools > Computer Management.
Expand the Local Users and Groups subtree.
Right-click the Users folder, then select New User.
Specify a user name. The scripts referenced in these instructions assume idm.
Specify a password. The scripts referenced in these instructions assume novell.
Deselect the User must change password at next login check box.
Click the Create button.
Click the Close button.
Continue with Making the User a Member of the mqm Group.
Right-click the newly created user, then click Properties.
Select the Member Of tab.
Select the mqm group.
Click Add.
Click OK twice.
Continue with Section 4.1.6, Setting Up JMS.
On the MQ server, edit <MQ_install_path>\java\bin\JMSAdmin.config, and set the value to the following:
INITIAL_CONTEXT_FACTORY=com.sun.jndi.fscontext.RefFSContextFactoryPROVIDER_URL=file:/C:/JNDI-Directory
NOTE:Depending on your OS platform adjust the PROVIDER_URL to point to a valid file location path on the MQ server.
Edit <MQ_install_path>\java\bin\JMSAdmin.bat file, and set the JAVA envionment variable pointing to the correct location of the java executable under the jre folder set JAVA="%MQ_JRE_PATH%\bin\java"
Edit <MQ_install_path>\java\bin\PSIVTRun.bat file, and set the JAVA envionment variable pointing to the correct location of the java executable under the jre folder.
From the NetIQ Identity Manager installation media <root>/products/IDM/windows/setup/drivers/jms/tools/jms/webmq/ Copy the following files:
install.bat
netiqsamplejms.prop
uninstall.bat
Paste the files to the following location on the MQ server <MQ_install_path>\java\bin\
Edit netiqsamplejms.prop file, and set the values as follows:
|
Properties Key |
Purpose |
|---|---|
|
IDM_LOCAL_USER_ACCOUNT_NAME |
A local windows user account will be created. This account will be used by the NetIQ JMS connetor to connect to MQ. Example: IDM |
|
IDM_LOCAL_USER_ACCOUNT_PWD |
Password for the local windows account. Example: NetIQ123 |
|
IDM_QUEUE_MANAGER_NAME |
A queue manager is a program that provides messaging services to applications that use the Message Queue Interface to put and get messages from the queue. This is the name of the Queue Manager under which the IDM queues will be created and controlled.Example: IDM.QM |
|
IDM_LISTENER_NAME |
A listener is a WebSphere® MQ process that listens for connections to the queue manager. Provide the name for the listener that the above IDM queue manager will be using.Example: LISTENER.TCP |
|
IDM_WEBMQ_HOST |
This is the hostname or IP address of the server where MQ is running.Example: webmq.lab.com or <IP address> |
|
IDM_LISTENER_PORT |
This is the listener port where MQ server can accept messages. The default port for MQ is 1414, however each installation can be changed to listen on different ports. Enter the port number that is relevant to your installation.Example: 1414 |
|
IDM_CHANNEL_NAME |
A channel is a communication link used by distributed queue managers identified by a unique name.Thereare two categories of channel in WebSphere® MQ:
IDM integtration uses MQI channels. Provide a name that IDM will use. Example: CHANNEL.IDM.QM |
|
IDM_DRV_QUEUE_NAME |
A WebSphere MQ queue is a named object on which applications can put and get messages.Specify a name that uniquely identifies the IDM queue where IDM events are sent and received from.Example: IDM.EVENTSQ |
|
IDM_DRV_TOPIC_NAME |
A topic is the subject of the information that is published in a publish/subscribe message. Specify a unique TOPIC name that IDM can use to pub/sub messages.Example: IDM.EVENTSTOPIC |
|
IDM_DRV_TOPIC_STRING |
A publisher creates a message, labels it with a topic string that best fits the subject of the publication and then publishers it. To receive publications, a subscriber creates a subscription with a pattern matching topic string to select publication topics.Example: IDM.TOPICSTR |
|
IDM_JNDI_PROVIDER_URL |
Sun engineered JNDI like JMS in that there is an API that MQ clients/apps use and an SPI or Service Provider Interface that is used by something called a “registry”. Although JNDI can be implemented in LDAP, one of the base implementations that Sun provided right out of the box was to use the local filesystem as the registry. JNDI uses the .bindings file as the "registry" and it holds all the administered object definitions. The objects in the .bindings file are represented in Name/Type/Value triplets. Each .bindings file typically has many objects. Each object has many attributes. Each attribute has a name, a value and the type of variable that holds the value. IBM provides the JMSAdmin tool to generate and read the .bindings file. But a valid file system location should be made availble for the JMSAdmin tool where it can create the .bindings file. Example: C:\JNDI-Directory |
In command prompt change location to <MQ_install_path>\java\bin\ and run install.bat to create the MQ/JMS objects that will be used by the NetIQ JMS connector.
Edit the Program Files\IBM\WebSphere MQ\Java\bin\JMSAdmin.bat file
@echo off ::add this line at the beginning of the file setlocal ::add the following line before call to java set JRE_PATH=C:\Program Files\IBM\WebSphere MQ\gskit\jre ::replace call to Java "%JRE_PATH%\bin\java" -cp "%CLASSPATH%" -DMQJMS_INSTALL="%MQ_JAVA_INSTALL_PATH%" -DMQJMS_LOG_DIR="%MQ_JAVA_DATA_PATH%"\log -DMQJMS_TRACE_DIR="%MQ_JAVA_DATA_PATH%"\errors -DMQJMS_INSTALL_PATH="%MQ_JAVA_INSTALL_PATH%" com.ibm.mq.jms.admin.JMSAdmin %1 %2 %3 %4 %5 ::add this line at end of file endlocal
Edit the Program Files\IBM\WebSphere MQ\Java\bin\JMSAdmin.config file:
# comment out all of the INITIAL_CONTEXT_FACTORY lines using # comment char "#" and add this line: INITIAL_CONTEXT_FACTORY=com.sun.jndi.fscontext.RefFSContextFactory # comment out all PROVIDER_URL lines and add this one: PROVIDER_URL=file://<hostmname>:<port>/<path of binding file>
Locate where you installed the installation script during the driver installation. The following table indicates the default directories where scripts are installed by platform.
|
Platform |
Directory Path |
|---|---|
|
Windows |
C:\Novell\IdentityManager\NDS\DirXMLUtilities\jms\webmq |
|
Linux/UNIX |
install-dir/lib/dirxml/rules/jms/webmq |
Copy the following scripts to the Program Files\IBM\WebSphere MQ\Java\bin directory on your messaging server:
idm_jms_install.scp
idm_jms_uninstall.scp
idm_mq_install.mqsc
idm_mq_uninstall.mqsc
install.bat
uninstall.bat
Edit the idm_jms_install.scp configuration file with definitions for each queue that is defined to connect with the Identity Manager JMS driver. For example, if the queue manager name is QM1, the publisher queue name is PQ1, and the subscriber queue is SQ1, then the definitions in the idm_jms_install.scp configuration file should be as follows:
-- Queue connection factory definition
define qcf(QueueConnectionFactory) +
qmgr(QM1) +
tran(CLIENT) +
host(hostname) +
port(1414)
-- Publisher Queue Definition---
define q(PQ1) +
qmgr(QM1) +
queue(PQ1)
-- Subscriber Queue Definition---
define q(SQ1) +
qmgr(QM1) +
queue(SQ1)
-- q is the jndi name used in the JMS driver configuration.
-- qmgr is the queue manager name.
-- queue is the queue name.
-- host is the IP address or host Name of the IBM Websphere MQ server.
-- port is the queue manager listener port.Update the listener port in idm_mq_install.mqsc.
From the command line, change directories to Program Files\IBM\WebSphere MQ\Java\bin.
From the command line, execute the following command:
JMSAdmin.bat -v < idm_jms_install.scp
This file is provided as an example only; you might need to customize the content.
From the command line, manually start the publish/subscribe broker by executing the following command:
Program Files\IBM\WebSphere MQ\bin\strmqbrk.exe.
From the command line, ensure that the publish/subscribe broker is configured correctly by executing the following command:
Program Files\IBM\WebSphere MQ\Java\PSIVTRun.bat -nojndi -t
Make sure the .bindings file resides in the correct location.
The .bindings file is generated during the WebSphere MQ configuration. When you run the JMSAdmin.bat -v idm_jms_install.scp command, the .bindings file is generated under the path specified in the JMSAdmin.config file.
If the driver, WebSphere MQ, Metadirectory engine, and Identity Vault are all on the same server, make sure the .bindings file resides in the location specified by the PROVIDER_URL option for the driver configuration (see PROVIDER_URL).
If the driver and WebSphere MQ are on one server and the Metadirectory engine and Identity Vault are on another server (a Metadirectory server), copy the .bindings file to the Metadirectory server and make sure the PROVIDER_URL includes the correct path to the file. If multiple Metadirectory servers connect to the WebSphere MQ server, copy the .bindings file to the PROVIDER_URL path on each Metadirectory server.