Wednesday, July 16, 2014

Even if you cannot access the internet, you can still install Smartcloud Control Desk content packs using using Content Installer. However, you must first download the content pack remotely and then copy it to your SCCD server.

To install content packs from behind a firewall, complete the following steps.

Create an XML file called ContentSource.xml in the C:\temp directory on your Smartcloud Control Desk server system that contains the following text:

xmlns:tns="http://www.ibm.com/tivoli/tpae/ContentCatalog"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="ContentCatalog.xsd">

    Enter the version number of the Content Installer pack, for example 7.5.1
    mriu
    Enter the name of package
    Enter a description of the package here


    Describe the category of the content
    file:////C:\temp\TestPackage.zip
Edit the name and description and the category according to the content that you are installing. Change the file name in the URL to the name of the content pack zip file.
Save the file.
Copy the content pack zip file to the C:\temp directory on the server.
Go to the ISM Content Installer application: System Configuration>IBM Content Installer.
Click the New icon.
Enter the location of the ContentSource.xml that you created in step 1 and a description. The file name in our example is: file:////c:\temp\ContentSource.xml
Click Save.
Click the newly created content source.
Click the download link to install the content.

Thursday, June 12, 2014

WebSphere: wasadmin – how to recover a lost password

Encoding vs Encrypting

You might know that all sensitive information about security is entered into the security.xml document that can be found at [$WAS_HOME]/profiles/[profile name]/config/cells/[cell name] folder. In Windows this might equate to:

C:\IBM\Websphere\AppServer\profiles\Dmgr01\config\cells\cell01\security.xml

Linux/AIX would likely be something like:

/usr/IBM/WebSphere/AppServer/profiles/Dmgr01/config/cells/cell01/security.xml

This document contains the name and password information for the primary admin account for the WebSphere cell – in most cases that will be the default account [wasadmin]. The password is, however, not encrypted but rather encoded. Encryption would use an encryption key to hash the password and without that key you would not be able to retrieve it. Encoding however is a whole other deal – the coding/decoding information is integral to WebSphere itself and is the same for any install anywhere in the world. That means if you encode the same password anywhere, the resulting hash will be exactly the same no matter which server you do it on.
Now, this is not great security in and upon itself and I will not go into details on this – other than it is really important to lock down the physical access to to any WebSphere server you are in charge of, all the way down to file rights …. or you might regret it at some later time.

How to Decrypt:

I am not the first blogger out there that is writing about this, but nobody every wrote it out for Windows servers so I am going to concentrate on that OS right now, and most of the blog entries out there are for older versions and the proces has changed since. Here some of the articles that I have read over the last few years Robert Farstad, Robert Maldon, and a few more . . . . google the conent here and you will find them.
Here some basic details:

WebSphere Version: 7.0.0.21 (the process is the same for any V 7.x server)
$WAS_HOME=C:\IBM\WebSphere\AppServer

Step 1: find the wasadmin information

Open the security.xml, find the entry for the encrypted password: it always starts with {xor}, in my case it is:

userId=”wasadmin” password=”{xor}LDo8LTor”

Step 2: Find your WAS Version Specific Java Plug-in Folder:

In my case it was:

C:\IBM\WebSphere\AppServer\deploytool\itp\plugins\com.ibm.websphere.v7_7.0.2.v20110524_2321\

Step 3: Find your java home and open a command prompt

In my case this equates to

C:\IBM\WebSphere\AppServer\java\bin\

Change to this folder in the command prompt you opened.

Step 4: Run the Password Encoder/Decoder:

This is where you need the folder location and the encoded password you looked up in the previous steps.
In C:\IBM\WebSphere\AppServer\java\bin\ run the following command

java – java.ext.dirs=C:\IBM\WebSphere\AppServer\deploytool\itp\plugins\com.ibm.websphere.v7_7.0.2.v20110524_2321\wasJars\ -cp securityimpl.jar:iwsorb.jar com.ibm.ws.security.util.PasswordDecoder {xor}LDo8LTor

This above command is one long command string (it might wrap depending on your screen) and it will create the following output in the command prompt:

encoded password == “{xor}LDo8LTor”, decoded password == “secret”

The process for Linux/AIX is basically the same, however the folder structure will be different. The commands are about the same but depending on which version of Linux you are running the Java switches might need some fidlding – though the base does not change.

MAXIMO Blog

Search This Blog

Wednesday, July 16, 2014

Maximo Mobile change the color of the start center lables.

ORACLE SPECIFIC TUNING in Maximo

SQL SPECIFIC Technotes:

Maximo Performance on SQL Server - Turning off Page Locking

Maximo 7.5 Performance Technotes

Monday, June 23, 2014

IBM SCCD 7.5.1.0 Process Content Packs

Using Content Installer behind a firewall (SCCD)