Cisco CNS Network Registrar Installation Guide, 6.0
Installing Network Registrar on Windows
Downloads: This chapterpdf (PDF - 217.0KB) The complete bookPDF (PDF - 794.0KB) | Feedback

Installing Network Registrar on Windows

Table Of Contents

Installing Network Registrar on Windows

Installation Checklist

System Requirements

Server or Complete Installation Requirements

Windows-Based User Interface Requirements

Installation and Upgrade

License Key

Uninstalling Network Registrar

Reverting to an Earlier Release

Reverting an Archived Installation

Reverting an Unarchived Installation

Starting and Stopping the Servers

Troubleshooting a Failed Installation


Installing Network Registrar on Windows


This chapter describes how to install Cisco CNS Network Registrar on a Windows system. The topics are:

Installation Checklist

System Requirements

Installation and Upgrade

License Key

Uninstalling Network Registrar

Reverting to an Earlier Release

Starting and Stopping the Servers

Troubleshooting a Failed Installation

Installation Checklist

Before you run the installation program, check these:

System requirements

New software license key

Administrative privileges

Desired installation location

Choice of new installation or upgrade

Choice of client-and-server or client-only installation

Java location

Choice of HTTP or secure HTTPS Web UI login

Other applications closed, including virus protection programs

System Requirements

System requirements refer to server-and-client installations, Java requirements for the Web-based user interface (Web UI), and running the Windows-based graphical user interface (GUI) on a separate system.

Server or Complete Installation Requirements

Running Network Registrar on Windows requires:

Equivalent of Intel Pentium III or better

512 MB of RAM is suggested

Minimum of 310 MB of disk space is required for installation

Windows 2000 SP1 or later (SP2 recommended), or Windows NT 4.0 (workstation or server) Service Pack SP6a or later

Java Runtime Environment (JRE) version 1.3.1 or later, or equivalent Java Development Kit (JDK)

Windows-Based User Interface Requirements

Running the Windows-based GUI on a remote Windows machine requires:

Pentium II or equivalent

Windows 2000 SP1 or later (SP2 recommended), or Windows NT 4.0 (workstation or server) Service Pack SP6a or later

256 MB of RAM

310 MB of disk space

Installation and Upgrade

A new installation and an upgrade from a previous release follow essentially the same process, except that the upgrade includes a few additional steps. If Network Registrar release 5.5, 5.0 or 3.5 is already installed, you can upgrade to release 6.0 while preserving the earlier configuration, or you can replace the configuration. The steps for an installation and upgrade are:


Step 1 To prepare for the installation or upgrade:

a. Obtain the new software license key for this release—You cannot use a previous one.

b. Log on to the target machine using an account that has administrative privileges.

c. Download and install the Java Runtime Environment (JRE) or Development Kit (JDK), version 1.3.1 or later, available from Sun Microsystems at their website. If you accept the default location during the Java installation, it differs for each of these recent Java versions:

JRE 1.3.1—/javasoft/jre/1.3.1_0x—go to substep (d)

JDK 1.3.1—/jdk1.3.1_0x—go to substep (d)

JRE 1.4.1—/java/j2re1.4.1_0x—go to substep (e)

JDK 1.4.1—/j2sdk1.4.1_0x—go to substep (e)

Each of these installation paths are referred to as JAVA_HOME in each of the subsequent steps. If you are not configuring secure login to the Web UI, go to substep (f).

d. If you installed the JRE or JDK version 1.3.1 and want to configure secure login to the Web UI, you must also download and install the Java Secure Socket Extension (JSSE) version 1.0.2 or later, available from Sun Microsystems at their website. The default installation location is C:\jsse1.0.2.

e. If you are configuring secure login to the Web UI, you must create a keystore file using the Java keytool utility, located in the JAVA_HOME\bin directory. This utility defines a self-signed certificate or points to a file for a certificate that you obtained from an external signing authority:

To create a keystore file containing a self-signed certificate that is valid for one year, run this command and respond to the prompts:

> JAVA_HOME\bin\keytool -genkey -alias tomcat -keyalg RSA -validity 365 
	-keystore keystore-file 
Enter keystore password: changeit 
What is your first and last name? 
	[Unknown]: john doe 
What is the name of your organizational unit? 
	[Unknown]: engineering 
What is the name of your organization? 
	[Unknown]: example company 
What is the name of your City or Locality? 
	[Unknown]: boston 
What is the name of your State or Province? 
	[Unknown]: ma 
What is the two-letter country code for this unit? 
	[Unknown]: us 
Is CN=john doe, OU=engineering, O=example company, L=boston, ST=ma, C=us correct? 
	[no]: yes 
Enter key password for <tomcat> 
	(RETURN if same as keystore password): 

To create a keystore file and import a certificate file that you obtained from an external signing authority, run this command and respond to the prompts:

> JAVA_HOME\bin\keytool -genkey -alias tomcat -file certificate.cer 
	-keystore keystore-file 
... 

The keystore-file is the fully qualified path to the keystore file you are creating. You need to enter the keystore path and password in Step 11.


Caution The keystore password is included in the server.xml file in the install-path\tomcat\conf directory, which is protected to have superuser access only. Because the password is visible as plain text in this file, do not change the file permissions to have the file generally accessible.

f. Close all open applications, including any antivirus software. Also, ensure that Visual Notification is turned off in Dr. Watson to allow automatic server restarts in case of failures.

Step 2 Load the installation CD-ROM or browse to the network resource where the Network Registrar software is located. If you download a distribution file from the Cisco website, run it from a different directory than where you will install Network Registrar. The cnr_6_0-nt.exe distribution file is a self-extracting executable that places the setup file and other files in the directory where you run it. If you are not configured for Autostart, run the setup.exe file in that directory.

Step 3 You will encounter two Welcome windows:

a. Welcome—Identifies the current software release. Click Next.

b. Welcome—Introduces the setup program and reminds you to exit all current programs, including virus scan software. If any programs are running, click Cancel, close the programs, then start again with Step 2. If you are satisfied that all programs are stopped, click Next.

Step 4 User Information—Enter your name and company name. Click Next.

Step 5 Select Program Folder—Determine the program folder to run the application from the Windows 2000 Start menu (this does not apply to Windows NT). Accept the default of Network Registrar 6.0, or enter another name or select it from the Existing Folders list. If you are upgrading, the upgrade process autodetects the program folder from the previous release. Click Next.

Step 6 Select Installation Directory—Enter the installation directory or browse for it using the Browse button. The default is C:\Program Files\Network Registrar. If you are upgrading, the upgrade process autodetects the installation directory from the previous release. Click Next.

Step 7 These windows appear only if you are upgrading from a previous release:

a. Specify Database Procedure—Select whether you want to upgrade using the existing configuration database, or create a new configuration database to replace the old one. The default is to use the existing database. (If the upgrade process cannot determine the database version, a Specify Previous Database Version window appears where you can select 3.5, 5.0, 5.5, or 6.0.) Click Next.

b. Question—Determine if you want to archive the existing binaries and database in case the current installation is unsuccessful. The default and recommended choice is Yes.

c. Choose Archive Directory—If you chose to archive the files, enter or browse for the archive directory location. The default is C:\Program Files\Network Registrar.sav. Click Next.

Step 8 Select Installation Type—Select if you want to install the server and client, or just the client. The default is "Both server and client." Note that if your Windows version is not valid or supported, you can run only a client installation and this window does not appear. Click Next.

Step 9 Select Port—Enter the CCM management SCP port number. Check the target system for this port number; the default is 1234. Click Next.

Step 10 Specify the Java JRE or JDK location:

a. Information—Reminds you of the Java requirements. Click OK.

b. Select Java 1.3 Directory—The installation or upgrade process tries to detect the JRE or JDK location. Accept it or select another one, then click OK.


Note Do not include the \bin directory in the path. If you install a new Java version or change its location, re-install Network Registrar, then specify the new location at this step.


Step 11 Select Connection Type—Choose from these selections:

Enable the Web UI on an HTTP port

Enable the Web UI on a secure HTTPS port

Enable the Web UI on both HTTP and secure HTTPS ports

Do not enable the Web UI

Enabling the secure HTTPS port configures security for connecting to the Apache Tomcat version 4.0 webserver using a preconfigured Java Secure Socket Extension (JSSE) installation (see Step 1 for the configuration steps):

If you select the HTTP connection (the default setting), click Next, then go to Step 12.

If you select the secure HTTPS connection (or both HTTP and HTTPS) and click Next, this windows also appear:

Information—Reminds you of the JSSE requirements. Click OK.

Provide JSSE/Java Directory—Enter or browse for the Java or JSSE location, from Step 1(c) or (d). If you installed JRE or JDK version 1.3.1, enter the JSSE path. Click OK.

Provide Keystore Location—Enter the fully qualified path to the keystore file that contains the certificate(s) to be used for the secure connection to the Apache Tomcat Web server. This is the keystore-file you specified in Step 1(e). Click Next.

Provide Keystore Password—Enter the password given when creating the JSSE keystore file to provide the secure interface to clients. The default password is changeit. Click Next.

If you select not to enable the Web UI, click Next, then go to Step 13.


Note To change from one type of login to another, re-install Network Registrar and change the selection at this step.


Step 12 Select Web UI Port Number—Enter an available port number for the Web UI connection:

If you enabled the HTTP login, enter the port number (the default is 8080). Click Next.

If you enabled the secure HTTPS login, enter the port number (the default is 8443). Click Next.

If you enabled both the HTTP and secure HTTPS ports, enter the HTTPS port (default 8443) in one window, then the HTTP port (default 8080) in the second window. Click Next.

Step 13 Status windows report that the installer is transferring files and running scripts. Both of these processes might take a few minutes.

Step 14 Setup Complete—You can restart the system right away or you can wait until later. If you want to restart immediately, remove the installation disk and select "Yes, I want to restart my computer now." Otherwise, select "No, I will restart my computer later on." Click Finish.


Note Set up Windows to automatically start the Network Registrar servers in case of a program exception. Do this by removing all user intervention to program failures, which is set up by default on some debuggers, such as Dr. Watson for Windows. With user intervention enabled, a message box requires you to respond after a failure, thereby freezing the process until you respond. Since this may not be practical, remedy this in Dr. Watson through its control dialog box, usually accessible in C:\WINNT\system32\drwtsn32.exe. Uncheck the Visual Notification option and OK the change.



License Key

To administer the cluster of Network Registrar servers that you installed, you must enter the license key that enables the user interfaces.


Caution Network Registrar 6.0 requires a totally new license key. You cannot use one from a previous release.

You can run the user interfaces and the servers on different machines. You must tell the user interface which cluster (group of servers that share a database) that you want to access and whether the cluster is on the local or a remote host. The license that you have determines what to do and what can happen:

If you have a permanent license, you must enter it once for each cluster that you want to access through the user interface. Once entered, you are not prompted for a license key again until you install the cluster on another machine.

If you have an evaluation copy of Network Registrar, you have a license that expires.

If you have an invalid or expired license key, you cannot configure or manage the Network Registrar servers until you obtain a valid license key, although the servers will continue to function normally.

Enter the license key:


Step 1 Start the Network Registrar Web UI, CLI, or Windows-based GUI:

To access the Web UI, open the Web browser and use the HTTP (nonsecure login) or HTTPS (secure login) website:

http://hostname:port-at-install 
https://hostname:port-at-install 

The hostname is the target host's actual name. If you access the Web UI from the local host, you can also select from the Windows 2000 Start menu Start > Programs > Network Registrar 6.0 > Network Registrar 6.0 Web UI (or Network Registrar 6.0 Web UI (secure) if you enabled secure login). The port-at-install is the port specified during installation (see Step 11).

To start the CLI, go to the install-path\bin directory and enter:

# nrcmd -C clustername -N admin -P changeme 

To start the GUI from the Windows 2000 Start menu, select Start > Programs > Network Registrar 6.0 > Network Registrar 6.0 Win32 GUI.

Step 2 Enter username admin and password changeme. (You should change this password as soon as you can.)

Step 3 Enter the license key:

In the Web UI, enter the license key on the Add License page. Click Add.

In the CLI, enter this command:

nrcmd> license set key=keystring 

In the Windows-based GUI, when the Server Manager window appears:

Click Add.

In the Add Cluster dialog box, enter the cluster name. This name is the host (DNS) name or IP address of the machine on which the Network Registrar servers are installed.

Select the Connect to this cluster check box, then click OK.

In the Login for Cluster dialog box, enter the username admin and password changeme, then click OK. (You should change this password later on.)

In the License dialog box, click New Key.

In the Cluster Properties dialog box, click Edit License Key.

Enter the license, then click OK.


Uninstalling Network Registrar

To uninstall Network Registrar, use one of these methods:

Add/Remove Program function from the Windows Control Panel

Uninstall Network Registrar selection from the Windows Start menu

The Network Registrar uninstallation program removes the server and user interface components, but does not delete user data, such as the log and user data files. To delete all Network Registrar data, uninstall the application, then delete the install-path set during the Network Registrar installation.

Reverting to an Earlier Release

You can revert to Network Registrar release 5.5, 5.0, or 3.5 from Network Registrar 6.0.

Reverting an Archived Installation

If you archived the installation during an upgrade, use these steps to revert to an earlier release:


Step 1 Locate the backup directory (C:\Program Files\Network Registrar.sav by default).

Step 2 If Network Registrar is running, stop it from the Services control panel.

Step 3 Back up any data, logs, or configurations from the Network Registrar 6.0 installation.

Step 4 Extract the previous installation from the saved archive and place it in the same location. For example:

C:\Program Files\Network Registrar.sav> tar xvf cnr_archive.tar 

Step 5 Restart Network Registrar (see the "Starting and Stopping the Servers" section).


Note The Network Registrar version number that is registered with the packaging system does not roll back. Although the previous release runs correctly, the system still indicates that the new release is installed.



Reverting an Unarchived Installation

If you did not save an archive, but have a backup copy of the previous installation, use these steps to revert to an earlier release:


Step 1 Archive the Network Registrar 6.0 database if you anticipate using it at a future date.

Step 2 Uninstall Network Registrar, as described in the "Uninstalling Network Registrar" section.

Step 3 Delete the Network Registrar 6.0 folder that includes the log and user data files.

Step 4 Re-install 5.5, 5.0, or 3.5, as described in the Network Registrar Installation Guide for that release.

Step 5 Stop Network Registrar (see the "Starting and Stopping the Servers" section).

Step 6 Recover the previous database, using the steps in Chapter 4 of the Network Registrar User's Guide.

Step 7 If you are reverting to Network Registrar 5.5 or 5.0, you must also recover the data in CNRDB. Run the cnrdb_recover utility. For details on recovering the data, see the Network Registrar User's Guide.

Step 8 Change to the database directory.

Step 9 Run the keybuild tool on the earlier release to rebuild the key files (this can take several minutes):

install-path\bin\keybuild mcddb 

Step 10 Run the dbcheck tool to verify the integrity of the database:

install-path\bin\dbcheck mcddb 


Starting and Stopping the Servers

You can stop and start the Network Registrar server agent from the Services feature of the Windows Control Panel. If the installation completed successfully and you enabled the servers, the Network Registrar DNS and DHCP servers will start automatically each time you reboot the machine.

For the TFTP server, you must use this CLI command to enable it to restart on bootup:

nrcmd> tftp enable start-on-reboot 

All three servers in the cluster are controlled by a server agent. You can stop or start the servers by stopping or starting the server agent:


Step 1 In Windows 2000, select Start > Settings > Control Panel > Administrative Tools > Services.

Step 2 From the Service list, select AIC Server Agent 2.0.

Step 3 Click Restart or Stop, as required.

Step 4 Click Close.


Troubleshooting a Failed Installation

The Network Registrar installation process creates a log file, cnr_install_log, in the Network Registrar log file directory. For upgrades, a second log file, mcdupgrade_log, is also created. By default, the log directory is set to C:\Program Files\Network Registrar\logs.

If the installation or upgrade does not complete successfully, first check the contents of these log files to help determine what might have failed. Examples of possible causes for failure are:

An incorrect version of Java installed

Insufficient available disk space available

Inconsistent data for an upgrade

If log messages do not clearly indicate the failure, you can gather additional debug information using the debug_install utility script. This script is located by default in the Network Registrar executables directory, C:\Program Files\Network Registrar.

If the cause of the failure still does not seem readily apparent or correctable, forward the output of this script to Cisco Systems for further analysis.