Transcription
InfoSphere Master Data Management Reference DataManagement HubVersion 10 Release 0Installation Guide GI13-2636-00
InfoSphere Master Data Management Reference DataManagement HubVersion 10 Release 0Installation Guide GI13-2636-00
NoteBefore using this information and the product that it supports, read the information in “Notices and trademarks” on page37.Edition NoticeThis edition applies to version 10.0 of IBM InfoSphere Master Data Management Server and to all subsequentreleases and modifications until otherwise indicated in new editions. Copyright IBM Corporation 2011, 2012.US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contractwith IBM Corp.
ContentsChapter 1. InfoSphere MDM ReferenceData Management Hub installation . . . 1Technical requirements . . . . . . . . . .Extracting and installing the application files . .Preparing to install the InfoSphere MDM ReferenceData Management Hub . . . . . . . . . .Uninstalling the application . . . . . . . . 1. 2. 3. 5Chapter 2. Installing InfoSphere MDMReference Data Management Hub. . . . 7Configuring security and authorization . . . .Security access control . . . . . . . . .Configuring the user repository . . . . . .Configuring security on WebSphere ApplicationServer . . . . . . . . . . . . . .Creating groups in the WebSphere ApplicationServer repository . . . . . . . . . .Creating groups in InfoSphere MDM ReferenceData Management Hub . . . . . . . .Creating and assigning users . . . . . .Creating roles . . . . . . . . . . .Associating groups and roles . . . . . . .Assigning roles to groups in WebSphereApplication Server . . . . . . . . . . Copyright IBM Corp. 2011, 2012. 7. 7. 9. 10Assigning users to groups in InfoSphere MDMReference Data Management Hub . . . . . 18Chapter 3. Configuring the components 21Adjusting transaction timeouts . . . . . .Configuring batch export . . . . . . . .Batch export properties . . . . . . .Configuring application defaults . . . . .Properties files and default values . . . .Setting default dates for importing referencevalues and mappings . . . . . . . .Customizing the custom page tab . . . . .2122222425. 32. 33Legal Statement. . . . . . . . . . . 35Notices and trademarks . . . . . . . 37. 11.12121316Index . . . . . . . . . . . . . . . 41Contacting IBM . . . . . . . . . . . 43. 17iii
ivInstallation Guide
Chapter 1. InfoSphere MDM Reference Data Management HubinstallationThis document provides a reference of the most important installation andconfiguration steps for IBM InfoSphere Master Data Management Reference DataManagement Hub.It is not meant as a replacement for the documentation provided with IBMInfoSphere Master Data Management Custom Domain Hub and WebSphere Application Server. It specifically addresses the issues and options that pertain toInfoSphere MDM Reference Data Management Hub within your environment.Installing InfoSphere MDM Reference Data Management Hub is a multi-stepprocess that includes configuring the repository in the web application server,setting up user groups, and running SQL scripts to create the database that theInfoSphere MDM Reference Data Management Hub uses. The instructions shownare specific to IBM WebSphere Application Server. See the “Technicalrequirements” for information about supported application servers, databases,browsers, and other hardware and software components.First, install the prerequisite applications, including the InfoSphere MDM CustomDomain Hub, and extract the application files. For information about installing theprerequisite applications, see “Preparing to install the InfoSphere MDM ReferenceData Management Hub” on page 3.After the prerequisite applications are installed, you can begin to configure theInfoSphere MDM Reference Data Management Hub. See “Configuring security andauthorization” on page 7.Technical requirementsThere are specific hardware and software requirements that must be met toproperly install and run the InfoSphere MDM Reference Data Management Hub.Table 1. Hardware and software requirementsServer hardware Copyright IBM Corp. 2011, 2012Consult with your IBM or Partner account team forrecommendations that best fit your businessrequirements.1
Table 1. Hardware and software requirements (continued)Server vendor softwarev Operating system: AIX , Linux, or Solarisv InfoSphere MDM Custom Domain Hub version 10.0v IBM Installation Manager version 1.5.0 or higher*v Servlet Container: IBM WebSphere 7.0 with fix pack15 or later– Web 2.0 feature pack for IBM WebSphereApplication Serverv DB2 9.7 or Oracle 11v WebSphere MQ 7.0.1.3 or WebSphere embeddedmessagingv JSP 1.2v IBM JDK 1.6v A utility to extract compressed files.Client workstation hardwarev Processor: 800 MHz minimumv Memory: 128 MB minimum, 1 GB suggestedv Disk Storage: 30 MB minimumv Networking: TCP/IP, 10 MB or greaterClient workstation vendorsoftwarev Internet Explorer 8.0, or Mozilla Firefox 10.0– Running Internet Explorer with Enhanced SecuritySettings (ESS) enabled is not supported– If you are using Internet Explorer, disableCompatibility View mode for the domain that hoststhe InfoSphere MDM Reference Data ManagementHub. This setting is changed by using the Tools Compatibility View settings menu.v Cookies must be enabledv Javascript must be enabled* If you do not have the Installation Manager installed, you can download thelatest version from http://www.ibm.com/support/docview.wss?uid swg24030152.Extracting and installing the application filesThe installation of InfoSphere MDM Reference Data Management Hub consists oftwo steps. First you install the database entities, and then you install the webapplication.Before you beginInstall the InfoSphere MDM Custom Domain Hub before starting the InfoSphereMDM Reference Data Management Hub installation. For information, see“Preparing to install the InfoSphere MDM Reference Data Management Hub” onpage 3.Uninstall any previous version of InfoSphere MDM Reference Data ManagementHub, if it exists. For information, see “Uninstalling the application” on page 5.If you do not have the Installation Manager installed, you can download the latestversion from http://www.ibm.com/support/docview.wss?uid swg24030152.2Installation Guide
Procedure1. Extract the RDMRepos.zip file to a temporary directory.2. Start the IBM Installation Manager. Browse to the extracted repository andfollow the instructions to install it. This procedure provides the files you needfor the remaining steps.3. Alternatively, you can run the installation process from the command line. Inthe command window, browse to the /opt/IBM/InstallationManager/eclipse/tools/imcl directory and run the command ./imcl -input/response files/install product.xml -log /mylog/silent install log.xml-acceptLicense4. Run the SQL setup scripts provided. The scripts are in the InstallDir /scripts/sql/ db type directory, where InstallDir refers tothe directory where the installation manager extracted the files. Follow theinstructions found in the readme file for the database type: InstallDir /README DB2.txt or InstallDir /README Oracle.txt.5. In the administrative console, install the InfoSphere MDM Reference DataManagement Hub client by choosing Applications New Application NewEnterprise Applications. Browse to the RDMClientEAR.ear file, choose the FastPath installation option, accept the defaults, and click Finish. See theWebSphere documentation for instructions.Note: If InfoSphere MDM Reference Data Management Hub is not installedwith the default port (9080), the configuration of the web service clients mustbe changed. You can find the configuration at perties.If the correct host aliases are not defined in WebSphere application server, youmight see an error when you log in to InfoSphere MDM Reference DataManagement Hub, stating that virtual hosts are not defined. One solution youcan try is:a. Click Servers WebSphere application servers server name Portsb. Note the values forv SIP DEFAULTHOSTv SIP DEFAULTHOST SECUREv WC defaulthostv WC defaulthost securec. Click Environment Virtual Hosts default host Host Aliasesd. Create new aliases based on the four values you noted.Related reference:“Properties files and default values” on page 25The InfoSphere MDM Reference Data Management Hub properties files instructthe system on how to apply security and other functions. The values listed are thedefault values for each file.Preparing to install the InfoSphere MDM Reference Data ManagementHubBefore you begin to install the InfoSphere MDM Reference Data Management Hub,you must install the prerequisite applications, including the InfoSphere MDMCustom Domain Hub. You then update the MIH-App.ear file and disable theentitlement engine.Chapter 1. InfoSphere MDM Reference Data Management Hub installation3
Before you beginUninstall any previous version of InfoSphere MDM Reference Data ManagementHub, if it exists. For information, see “Uninstalling the application” on page 5.Procedure1. Install the InfoSphere MDM Custom Domain Hub. For instructions oninstalling InfoSphere MDM Custom Domain Hub, see m0/index.jsp.Ensure that the following components are installed. Supported versions arelisted in “Technical requirements” on page 1.v IBM DB2 or Oracle databasev IBM WebSphere Application Serverv Web feature pack for IBM WebSphere Application Serverv IBM WebSphere MQ or WebSphere Embedded Messaging2. Use the IBM installation manager to extract the InfoSphere MDM ReferenceData Management Hub files. For information, see “Extracting and installing theapplication files” on page 2.3. Copy the following files from the deployed MIH-App.ear/properties.jar to the InstallDir /MIH-App.ear/properties.jar, overwriting the existing files:v config/bootstrap.propertiesv log.propertiesv log4j.propertiesThe InstallDir refers to the location of the files you extracted in step 2.Note: The MIH-App.ear file that was installed as part of step 1 does not containthe artifacts used by InfoSphere MDM Reference Data Management Hub. Thethree properties files you copied from the original ear file were modified aspart of the InfoSphere MDM Custom Domain Hub installation process and areused with the updated MIH-App.ear file.4. If you installed WebSphere MQ instead of WebSphere Embedded Messaging,deploy the new MIH-App.ear file and choose the Detail Path.a. On step 6 (Bind listeners for message-driven beans), choose the ListenerPort for all EJBs instead of the Activation Specification that was chosen bydefault.b. For each listener port, give the following values:v ListPortzlistc. For all other steps, accept the default selection and click Next until you arefinished.5. If you installed WebSphere Embedded Messaging instead of WebSphere MQ,deploy the new MIH-App.ear file and choose the Fast Path.6. The Entitlement Engine must be turned off. To turn off the Entitlement Engine,run the following SQL statements:4Installation Guide
update extensionset set Inactive IND ’Y’, LAST UPDATE USER ’Admin’,LAST UPDATE DT CURRENT TIMESTAMP where extension set id 11;update extensionset set Inactive IND ’Y’, LAST UPDATE USER ’Admin’,LAST UPDATE DT CURRENT TIMESTAMP where extension set id 12;update extensionset set Inactive IND ’Y’, LAST UPDATE USER ’Admin’,LAST UPDATE DT CURRENT TIMESTAMP where extension set id 13;Commit;7. Restart the server. If you are using a network deployment, restart the node andthe server.Uninstalling the applicationYou uninstall the InfoSphere MDM Reference Data Management Hub when youwant to update to a newer version or remove it from your system.Procedure1. In the web application server, stop the following applications:v MIH-Appv RDMClient2. Run the rollback scripts for the version to be uninstalled. These scripts can befound in the InstallDir /scripts folder.Note: The format of the SQL scripts is not compatible with operating systemssuch as AIX and Linux. Before running the scripts, convert them into acompatible format with a utility such as dos2unix. Also, verify that the schemain the SQL scripts matches the schema names you used in the InfoSphere MDMCustom Domain Hub installation. The index.sql script must be run by theoperating system user with the same name as the schema.3. Remove the metadata and the code table data before removing triggers,constraints and the InfoSphere MDM Reference Data Management Hub tables.4. Start the IBM Installation Manager. If you previously installed a version ofInfoSphere MDM Reference Data Management Hub without the use of theinstallation manager, then you can skip the remaining steps.5. Click Uninstall.6. Below InfoSphere MDM Reference Data Management, select the IBMReference Data Management Server.7. Follow the remaining instructions to uninstall the application.Note: The IBM Installation Manager removes the files from the InstallDir path. It does not undeploy the web applications.Chapter 1. InfoSphere MDM Reference Data Management Hub installation5
6Installation Guide
Chapter 2. Installing InfoSphere MDM Reference DataManagement HubInstalling InfoSphere MDM Reference Data Management Hub is a multi-stepprocess that includes configuring the repository in the web application server,setting up user groups, and running SQL scripts to create the database that theInfoSphere MDM Reference Data Management Hub uses. The instructions shownare specific to IBM WebSphere Application Server. See the technology requirementsfor information about supported application servers, databases, browsers, andother hardware and software components.Configuring security and authorizationInfoSphere MDM Reference Data Management Hub uses a role-based securityconcept. Activities and states entities are related to roles, which are linked togroups you define in the application server. Users are members of these groups.Procedure1. In IBM WebSphere application server, configure the user repository. See“Configuring the user repository” on page 9.2. Configure the web application server security. See “Configuring security onWebSphere Application Server” on page 10.3. Create groups in WebSphere or LDAP. See “Creating groups in the WebSphereApplication Server repository” on page 11.4. Create owner groups in InfoSphere MDM Reference Data Management Hub.See “Creating groups in InfoSphere MDM Reference Data Management Hub”on page 12.5. Create users in WebSphere or LDAP and assign them to groups. See “Creatingand assigning users” on page 12.6. Add roles, if needed. See “Creating roles” on page 13.7. Associate the roles with the WebSphere or LDAP groups. See “Assigning rolesto groups in WebSphere Application Server” on page 17.8. Restart the RDMClientEAR application in WebSphere.Related concepts:“Security access control”InfoSphere MDM Reference Data Management Hub provides role-based securitycontrol over the reference data sets, mappings and managed systems. TheInfoSphere MDM Reference Data Management Hub authentication is designed towork with standard authentication mechanisms in place in the enterprise, such asLDAP.Security access controlInfoSphere MDM Reference Data Management Hub provides role-based securitycontrol over the reference data sets, mappings and managed systems. TheInfoSphere MDM Reference Data Management Hub authentication is designed towork with standard authentication mechanisms in place in the enterprise, such asLDAP. Copyright IBM Corp. 2011, 20127
The security logic within InfoSphere MDM Reference Data Management Hubconsiders three criteria in determining the create, read, update, and delete (CRUD)access control rights for a user within the InfoSphere MDM Reference DataManagement Hub user interface over the following entities: reference data sets,mappings, managed systems and reference data types. These criteria are:v The user’s rolev The ownership group associated with the entityv The lifecycle state of the entityFor a particular user interacting with an entity in the application, depending onthe three variables above, the user has a combination of create, read, update, anddelete access to that entity. Create, update, and delete access rights over an entityallow a user to do as follows:SetsFor delete and update permissions to apply, the user must belong to one ofthe owner groups.Create Create sets.Delete Delete existing sets.UpdatevvvvCreate a version.Copy to a set.Change the set level fields.Add, delete, and update values.v Add, delete, and update translations.v Add, delete, and update subscriptions.v Add, delete, and update hierarchies.MappingsFor delete and update permissions to apply, the user must belong to one ofthe owner groups.Create Create mappings.Delete Delete existing mappings.Updatev Create a version.v Change mappings fields.v Add, delete, and update value mappings.Managed systemsFor delete and update permissions to apply, the user must belong to one ofthe owner groups.Create Create managed systems.Delete Delete existing managed systems.Updatev Copy a managed system.v Change managed systems fields.v Add, delete, and update managed system properties.8Installation Guide
Data typesThere is no ownership for this entity. The permissions apply to allinstances.Create Create managed systems.Delete Delete existing data types.Updatev Copy a data type.v Change data type fields.v Add, delete, and update data type properties.FoldersFolders are provided primarily as an organizational aid within the userinterface. There is currently no access control implemented for folderswithin InfoSphere MDM Reference Data Management Hub. AnyInfoSphere MDM Reference Data Management Hub user can create,rename, or delete folders, however, any sets contained within the foldersare not affected.Configuring the user repositoryYou use the administrative console within WebSphere Application Server to set upuser accounts.Before you beginStart the administrative console and log in.Procedure1. Browse to Security Global Security.2. In the User Account Repository, select Federated Repositories.3. Click Configure.4. In the Federated Repositories – General Properties section, select the followingoptions:v Automatically generated server identityv Ignore case for authorization5. Click OK.6. On the Administrative User Password page, provide a password for youradministrative user. This user is used to access the administrative console.7. Click OK.8. If you see the following error message, you can ignore istsException: CWWIM4501Eentity with same unique name, ’uid admin,o defaultWIMFileBasedRealm’, orsame RDN value already exists.An9. On the Global Security page, click Save.What to do nextConfigure the security. See “Configuring security on WebSphere ApplicationServer” on page 10.Chapter 2. Installing InfoSphere MDM Reference Data Management Hub9
Configuring security on WebSphere Application ServerYou use the administrative console to configure the security settings used byInfoSphere MDM Reference Data Management Hub.Before you beginStart the administrative console.Procedure1.2.3.4.5.6.7.Go to Global Security Administrative Security.Select Enable administrative security.In the Application Security section, select Enable application security.In the User Account Repository section, select Federated Repositories.Disable Java 2 security.Click Set As Current.Click Apply.8. In the Messages section, click Save.9. In the Authentication section, select LTPA.10. Go to Web and SIP Security General Settings.11. Select Authenticate only when the URI is protected and Use availableauthentication data when an unprotected URI is accessed.12. Select Default to basic authentication.13. Click OK.14. Go to Global security Web and SIP security Single sign-on (SSO).15. Enable the following options. Leave the other options disabled.v Enabledv Web inbound
Dec 31, 2012 · v IBM DB2 or Oracle database v IBM WebSphere Application Server v Web feature pack for IBM WebSphere Application Server v IBM WebSphere MQ or WebSphere Embedded Messaging 2. Use the IBM installation manager to extract the InfoSphere MDM Reference Data Management Hub f
