Installation Guide › Configuration › Post Installation Steps: Environment

Post Installation Steps: Environment

Follow these steps after you have installed all components and you have confirmed that all servers are running.

These post-installation steps apply to your CA CloudMinder servers and components. For post-installation steps required after the deployment of each tenant, refer to Post-Installation Steps: Tenant.

Follow these steps:

1. Perform the following steps on all servers:
   1. Edit the /etc/ntp.conf file

      Add "server <_ntp_server>" to the list of servers

      Where <_ntp_server> is the IP address of your NTP server.

   2. Restart the ntpd service as follows:

      service ntpd restart
      

   3. Enable the ntpd service as follows:

      chkconfig ntpd on

2. Increase the processes and sessions for the Oracle database servers as follows:
   1. Launch SQL Plus and connect as the Oracle system database administrator.
   2. Under SQL Plus, run the following commands:

      alter system set processes=500 scope=spfile;
      alter system set sessions=824 SCOPE=spfile;
      ALTER SYSTEM SET EVENT='44951 TRACE NAME CONTEXT FOREVER, LEVEL 1024' scope=spfile;
      shutdown immediate
      startup
      

3. For high-availability deployments, on the second SiteMinder Policy Server system only:

   Edit the following file:

   /opt/CA/AdvancedAuth/conf/arcotcommon.ini

   1. vi /opt/CA/AdvancedAuth/conf/arcotcommon.ini
   2. Search for InstanceId=1
   3. Change the line to InstanceId=2
4. On all SiteMinder Policy Servers, restart Tomcat as follows:
   1. Navigate to /opt/CA/AdvancedAuth/Tomcat/bin
   2. (If Tomcat is already started) ./shutdown.sh
   3. ./startup.sh
5. Bootstrap the AuthMinder/RiskMinder/Advanced Authentication UDS service
   1. Connect to http://<SiteMinder Policy Server>:9090/arcotadmin/mabamlogin.htm using the default password: master1234!
   2. Change the default password to avoid any security loopholes.
   3. Create a global administrator for use later for configurations that are currently unavailable from the CSP console.

      Choose defaultorg as the organization and an appropriate username/password.

      Select the global administrator role, and the manages all organizations setting.

   4. Log out.
   5. Start webfort and riskfort, if they are not currently running, using the following commands. In a high-availability deployment, start these servers on both SiteMinder Policy Server systems.

      cd /opt/CA/AdvancedAuth/bin
      ./riskfortserver start
      ./webfortserver start
      

6. Reset the copyright in the Tenant Console as follows:

   On all Identity Management servers, modify the resources_en.properties file:

   1. cd /opt/jboss-5.1.0.GA/server/all/deploy/iam_im.ear/user_console.war/app/ui7
   2. vi resources_en.properties
   3. change the value of "console.copywrite"
   4. cd /opt/jboss-5.1.0.GA/server/all/deploy/iam_im.ear/user_console.war/app/ca12
   5. vi resources_en.properties, change the value of "console.copywrite"
   6. Restart all Identity Management servers

      /etc/init.d/im stop

      /etc/init.d/im start

Post-Installation Steps: Tenant

Modify the Password Policy Redirect URL

Configure Web Services Authentication

Modify the Password Policy Redirect URL

Follow these steps immediately after deploying each tenant.

1. Log in to the CSP console. This is typically found at:

   http://[SiteMinder_Policy_Server_Hostname]:8080/iam/siteminder/console

2. Navigate to Policies, Password, Password Policies.
3. Click the edit icon for your <tenanttag>Password Policy.

   In the Redirect section, in the Redirection URL text box, change the value to the following URL:

   https://<SPS>/siteminderagent/certoptional/forms/cmpwservices.fcc?iframe=yes&redirectURL=https://<SPS>/iam/im/<Public Alias of Tenant>/index.jsp?task.tag=PasswordServices

   Where <SPS> is the host address of your Secure Policy Server. In a high-availability deployment, <SPS> is your Secure Policy Server load balancer VIP

   and

   Where Public Alias of Tenant is the public alias of your tenant. This information is available in your CSP console. Navigate to Tenants, Manage Tenant, then click View Tenant in the drop down menu next to your tenant.

4. Navigate to Administration, Policy Server, Cache Management
5. In the All Caches section, click Flush All.