Cisco Access Registrar Installation and Configuration Guide - Upgrading Cisco Access Registrar Software [Cisco Access Registrar]

Table Of Contents

Upgrading Cisco Access Registrar Software

Solaris Software Upgrade Overview

Linux Software Upgrade Overview

Software Upgrade Tasks

Disabling Replication

Using pkgrm to Remove Cisco AR Solaris Software

Removing the AICar1 Package

Removing the CSCOar Package

Using uninstall-ar to Remove Linux Software

Installing the Cisco AR License File

Upgrading Cisco AR Solaris Software

Deciding Where to Install

Installing Cisco AR Software from CD-ROM

Installing Downloaded Software

Common Solaris Installation Steps

Configuring SNMP

Back-up Copy of Original Configuration

Removing Old VSA Names

VSA Update Script

Upgrading Cisco AR Linux Software

Deciding Where to Install

Installing Cisco AR Software from CD-ROM

Common Linux Installation Steps

Back-up Copy of Original Configuration

Removing Old VSA Names

VSA Update Script

Configuring SNMP

Configuring SNMP

Restarting Replication

Upgrading Cisco Access Registrar Software

Cisco Access Registrar 4.0 supports software upgrades from your previously installed Cisco AR software while preserving your existing configuration database. Cisco AR supports an upgrade path for both the Solaris or Linux versions of Cisco AR software.

Note Configuration for Prepaid billing servers in Cisco AR 3.0 will no longer work in Cisco AR 4.0. If you have been using a Prepaid billing server in Cisco AR 3.0 and are upgrading your software to Cisco AR 4.0, you must remove the Prepaid billing server configuration before installing the Cisco AR 4.0 software. Chapter 14, "Using Prepaid Billing," provides detailed instructions for configuring Prepaid billing services for Cisco AR 4.0.

Caution Running the command mcdadmin -coi to import configuration data will cause the Cisco AR 4.0 server to lose all session information.

This chapter contains the following sections:

•Solaris Software Upgrade Overview

•Linux Software Upgrade Overview

•Software Upgrade Tasks

•Installing the Cisco AR License File

•Upgrading Cisco AR Solaris Software

•Upgrading Cisco AR Linux Software

•Configuring SNMP

•Restarting Replication

Solaris Software Upgrade Overview

This section describes the Solaris upgrade processes.

Step 1 Ensure that replication is disabled.

Refer to Disabling Replication.

Step 2 If you have modified the snmpd.conf file in the /cisco-ar/ucd-snmp/share/snmp directory, you must back up this file before doing the upgrade process. The pkgrm removes the snmpd.conf file, even if it has been modified.

Step 3 Remove the old software using the pkgrm command.

Refer to Using pkgrm to Remove Cisco AR Solaris Software.

Step 4 If you plan to use the Cisco AR SNMP features, disable the current Sun SNMP daemon and prevent the Sun SNMP daemon from restarting after a reboot.

Step 5 Decide where to install the Cisco Access Registrar 4.0 software.

The default installation directory for Cisco AR 4.0 software is /opt/CSCOar. If you are upgrading from Cisco AR version 1.7 or earlier, the default installation directory was /opt/AICar1.

Step 6 Decide if you want to preserve your existing configuration database.

Preserving your existing configuration database is a compelling reason to upgrade rather than to start anew. The upgrade procedure in this chapter assumes you want to preserve your existing configuration.

If you are upgrading from Cisco AR 1.7 or an earlier version, the default installation directory is /opt/AICar1. The default installation directory for Cisco AR 3.0 and above is /opt/CSCOar.

If your previous install directory was /opt/AICar1, you should use that directory to install Cisco AR 4.0 You might also rename the old directory, as in the following:

cd /opt
mv AICar1 CSCOar
Step 7 Copy the Cisco Access Registrar 4.0 license file to a location on the Cisco AR workstation directory such as /tmp.

For detailed information about the Cisco AR license and how to install the license, see Cisco Access Registrar 4.0 Licensing.

Step 8 Use the pkgadd command to install the Cisco Access Registrar 4.0 software.

For detailed information about using the pkgadd command to install Cisco AR software, see Chapter 2, "Installing Cisco Access Registrar 4.0 Software on Solaris."

Note Since you are upgrading, you will want to preserve your existing database.

Step 9 If you configured Cisco AR to use SNMP prior to upgrading, after installing Cisco AR 4.0 software, you must copy the snmpd.conf file back to the /cisco-ar/ucd-snmp/share/snmp directory.

Step 10 Restart the Cisco AR server using the following command:

/etc/init.d/arserver restart

Linux Software Upgrade Overview

This section provides overview information of the Linux upgrade processes.

Step 1 Ensure that replication is disabled.

Refer to Disabling Replication.

Step 2 If you have modified the snmpd.conf file in the /cisco-ar/ucd-snmp/share/snmp directory, you must back up this file before doing the upgrade process. The pkgrm removes the snmpd.conf file, even if it has been modified.

Note If you currently use the 3.5.2 Linux version, the uninstall-ar program removes /opt/CSCOar/data. Before you run the uninstall-ar program, copy the /opt/CSCOar/data directory to a temporary location such as /tmp. After you install the upgrade software, move the data directory back to /opt/CSCOar/data.

Step 3 Remove the old software using the uninstall-ar command.

For detailed information about using the uninstall-ar command to remove Cisco AR Linux software, see Using uninstall-ar to Remove Linux Software.

Step 4 If you plan to use the Cisco AR SNMP features, disable the current SNMP daemon and prevent the SNMP daemon from restarting after a reboot.

Step 5 Decide where to install the Cisco Access Registrar 4.0 software.

The default installation directory for Cisco AR 4.0 software is /opt/CSCOar.

Step 6 Decide if you want to preserve your existing configuration database.

Preserving your existing configuration database is a compelling reason to upgrade rather than to start anew. The upgrade procedure in this chapter assumes you want to preserve your existing configuration.

Step 7 Copy the Cisco Access Registrar 4.0 license file to a location on the Cisco AR workstation directory such as /tmp.

Step 8 Install the Linux version of Cisco Access Registrar 4.0 software.

Step 9 If you configured Cisco AR to use SNMP prior to upgrading, after installing Cisco AR 4.0 software, you must copy the snmpd.conf file back to the /cisco-ar/ucd-snmp/share/snmp directory.

Step 10 Restart the Cisco AR server using the following command:

/etc/init.d/arserver restart

Software Upgrade Tasks

This section provides information about the tasks involved in the Cisco AR software upgrade process.

Disabling Replication

If you are using the Cisco AR replication feature, you must disable it before you begin the upgrade process of the upgrade will fail. When completed, refer to "Restarting Replication" section for the correct way to restart replication.

To ensure that replication is disabled, complete the following steps:

Step 1 Login as admin and launch aregcmd.

Step 2 Change directory to /radius/replication and examine the RepType property.

cd /radius/replication

[ //localhost/Radius/Replication ]
RepType = None
RepTransactionSyncInterval = 60000
RepTransactionArchiveLimit = 100
RepIPAddress = 0.0.0.0
RepPort = 1645
RepSecret = NotSet
RepIsMaster = FALSE
RepMasterIPAddress = 0.0.0.0
RepMasterPort = 1645
Rep Members/

Make sure that RepType is set to None.

Step 3 If you made changes, issue the save command, then exit the aregcmd command interface.

Using pkgrm to Remove Cisco AR Solaris Software

There are two different Cisco AR Solaris software packages, AICar1 and CSCOar. The AICar1 package was used for Cisco AR 1.7 and earlier versions. The CSCOar package has been used for Cisco AR 3.0 and later versions.

Removing the AICar1 Package

The following steps describe how to remove the AICar1 software package.

Step 1 Log in to the Cisco AR workstation as a root user, and enter the following command line:

pkgrm AICar1
The following package is currently installed:
   AICar1          Access Registrar 1.7R7 [SunOS-5.8, ns40, gcc-O, official]
                   (sparc) 1.7R7
Do you want to remove this package?
Step 2 Enter y or yes to continue removing the AICar1 package.
## Removing installed package instance <AICar1>
This package contains scripts which will be executed with super-user
permission during the process of removing this package.
Do you want to continue with the removal of this package [y,n,?,q] 
Step 3 Enter y to continue removing the AICar1 package.

After you enter y, the AICar1 package should be removed without further interaction.
## Verifying package dependencies.
## Processing package information.
## Executing preremove script.
Waiting for these processes to die (this may take some time):
  AR MCD lock manager  (pid: 2971)
  AR MCD server        (pid: 2967)
  AR RADIUS server     (pid: 2973)
  AR Server Agent      (pid: 2965)
2967: terminated
2973: terminated
2971: terminated, wait status 0x000f
2965: terminated
Access Registrar Server Agent shutdown complete.
# removing /etc/rc.d files
# done with preremove.
## Removing pathnames in class <snmp>
/opt/AICar1/ucd-snmp/share/snmp/snmpd.conf
.
. <several hundred lines deleted>
.
/opt/AICar1/bin/screen
/opt/AICar1/bin
/opt/AICar1/README
## Removing pathnames in class <none>
## Updating system information.
Removal of <AICar1> was successful.
hostname root /scratch## 
Removing the CSCOar Package

The following steps describe how to remove the CSCOar software package.

Step 1 Log in to the Cisco AR workstation as a root user, and enter the following command line:

pkgrm CSCOar
The following package is currently installed:
   CSCOar          Cisco Access Registrar 3.0R7 [SunOS-5.8, official]
                   (sparc) 3.0R7
Do you want to remove this package?
Step 2 Enter y or yes to continue removing the CSCOar package.
## Removing installed package instance <CSCOar>
This package contains scripts which will be executed with super-user
permission during the process of removing this package.
Do you want to continue with the removal of this package [y,n,?,q]
Step 3 Enter y to continue removing the CSCOar package.

After you enter y, the CSCOar package should be removed without further interaction.
## Verifying package dependencies.
## Processing package information.
## Executing preremove script.
Waiting for these processes to die (this may take some time):
  AR Server Agent      (pid: 28352)
  AR MCD server        (pid: 28354)
  AR RADIUS server     (pid: 28372)
  AR MCD lock manager  (pid: 28355)
28354: terminated, wait status 0x0000
28372: terminated, wait status 0x0000
28355: terminated, wait status 0x000f
28352: terminated, wait status 0x0000
Access Registrar Server Agent shutdown complete.
# removing /etc/rc.d files
# done with preremove.
## Removing pathnames in class <snmp>
/opt/CSCOar/ucd-snmp/share/snmp/snmpd.conf
/opt/CSCOar/ucd-snmp/share/snmp/snmpconf-data/snmptrapd-data/traphandle
.
.
. <several hundred lines deleted>
.
.
/opt/CSCOar/README
/opt/CSCOar/.system/screen
/opt/CSCOar/.system
## Removing pathnames in class <none>
## Updating system information.
Removal of <CSCOar> was successful.
hostname root ~## 
Using uninstall-ar to Remove Linux Software

The Linux version of Cisco AR software includes the uninstall-ar program in /opt/CSCOar/bin that you use to remove Cisco AR software on Linux machines.

Note If you currently use the 3.5.2 Linux version, the uninstall-ar program removes /opt/CSCOar/data. Before you run the uninstall-ar program, copy the /opt/CSCOar/data directory to a temporary location such as /tmp. After you install the upgrade software, move the data directory back to /opt/CSCOar/data.

Step 1 Log in to the Cisco AR workstation as a root user.

Step 2 To remove the Linux version of Cisco AR software, change directory to /opt/CSCOar/bin and start the uninstall-ar program as follows:

cd /opt/CSCOar/bin
uninstall-ar
uninstall-ar
Are you sure you want to remove CSCOar-3.5.4-1101360135? [y/n]: 
Step 3 Reply Yes or Y to continue removing the Linux software.
Are you sure you want to remove CSCOar-3.5.4-1101360135? [y/n]: y 
Waiting for these processes to die (this may take some time):
AR RADIUS server running       (pid: 15492)
AR Server Agent running        (pid: 27288)
AR MCD lock manager running    (pid: 27295)
AR MCD server running          (pid: 27294)
4 processes left.3 processes left.......2 processes left.......k0 processes left.0 
processes left
Access Registrar Server Agent shutdown complete.
Installing the Cisco AR License File

Cisco Access Registrar 4.0 uses a new licensing mechanism that enables you to activate different features in Cisco AR using a combination of different license keys. During system initialization, the Cisco AR server sets up the licensing data model and activates any features that are properly licensed.

You must have a license in a directory on the Cisco AR machine before you attempt to install Cisco AR software. If you have not installed the Cisco AR license file before beginning the software installation, the installation process will fail.

You can store the Cisco AR license file in any directory on the Cisco AR machine. During the installation process, you will be asked the location of the license file, and the installation process will copy the license file to the /opt/CSCOar/license directory or to the base installation directory you specify when you install the software (if you are not using the default installation location).

The license file might have the name ciscoar.lic, but it can be any filename with the suffix .lic. To install the Cisco AR license file, you can copy and paste the text into a file, or you can simply save the file you receive in EMail to an accessible directory.

Upgrading Cisco AR Solaris Software

This section describes the software installation process when installing Cisco Access Registrar 4.0 software on a Solaris workstation for the first time. This section includes the following subsections:

•Deciding Where to Install

•Installing Cisco AR Software from CD-ROM

•Installing Downloaded Software

•Common Solaris Installation Steps

Tips Before you begin to install the software, check your workstation's /etc/group file and make sure that group staff exists. The software installation will fail if group staff does not exist before you begin.

Deciding Where to Install

Before you begin the software installation, you should decide where you want to install the new software. The default installation directory for Cisco AR 4.0 software is /opt/CSCOar. You can use the default installation directory, or you can choose to install the Cisco AR software in a different directory.

Installing Cisco AR Software from CD-ROM

The following steps describe how to begin the software installation process when installing software from the Cisco Access Registrar 4.0 CD-ROM. If you are installing downloaded software, proceed to Installing Downloaded Software.

Step 1 Place the Cisco Access Registrar 4.0 software CD-ROM in the Cisco AR workstation CD-ROM drive.

Step 2 Log in to the Cisco AR workstation as a root user, and enter the following command line for Solaris 8:

pkgadd -d /cdrom/cdrom0/kit/solaris-2.8 CSCOar
or the following for Solaris 9:

pkgadd -d /cdrom/cdrom0/kit/solaris-2.9 CSCOar
Step 3 Proceed to Common Solaris Installation Steps.

Installing Downloaded Software

This section describes how to uncompress and extract downloaded Cisco Access Registrar 4.0 software and begin the software installation.

Step 1 Log in to the Cisco AR workstation as a root user.

Step 2 Change directory to the location where you have stored the uncompressed tarfile.

cd /tmp
Step 3 Use the following command line to uncompress the tarfile and extract the installation package files.

zcat CSCOar-4.0.1-sol8-k9.tar.gz | tar xf -

Note These instructions are for the Solaris 8 package. There is no difference in download or installation procedures for Solaris 8 or Solaris 9 other than the package name.

Step 4 Enter the following command to begin the installation:

pkgadd -d /tmp CSCOar
where /tmp is the temporary directory where you stored and uncompressed the installation files.

Step 5 Proceed to Common Solaris Installation Steps.

Common Solaris Installation Steps

This section describes the installation process immediately after you have issued the pkgadd command installing from CD-ROM or from downloaded software.
Processing package instance <CSCOar> from </tmp>
Cisco Access Registrar 4.0.1 [SunOS-5.8, official]
(sparc) 4.0.1
Copyright (C) 1998-2005 by Cisco Systems, Inc.
This program contains proprietary and confidential information.  
All rights reserved except as may be permitted by prior written consent.
    This package contains the Access Registrar Server and the
    Access Registrar Configuration Utility.  You can choose to
    perform either a Full installation or just install the
    Configuration Utility.
What type of installation: Full, Config only [Full] [?,q]
Step 6 For a full install, press Enter.
Where do you want to install <CSCOar>? [/opt/CSCOar] [?,q] 
Step 7 Press Enter to accept the default location of /opt/CSCOar, or enter a different directory to be used as the base installation directory.
Access Registrar requires FLEXlm license file to operate.  A list
of space delimited license files or directories can be supplied as
input; license files must have the extension ".lic".
Where are the FLEXlm license files located? [] [?,q]
Step 8 Enter the directory where you have stored the Cisco Access Registrar 4.0 license file.
Access Registrar provides a  Web GUI. It requires J2RE version
1.4.* to be installed on the server.
If you already have a compatible version J2RE installed, please
enter the directory where it is installed.  If you do not, the
compatible J2RE version can be downloaded from:
http://java.sun.com/
Where is the J2RE installed?  [?,q] 
The J2RE is required to use the Cisco AR GUI. If you already have a Java 2 platform installed, enter the directory where it is installed.

Note If you do not provide the J2RE path, or if the path is empty or unsupported, the installation process exits.

Step 9 Enter the directory or mount point where the J2RE is installed.
If you are not using ORACLE, press Enter/Return to skip this step.
ORACLE installation directory is required for ODBC configuration.
ORACLE_HOME variable will be set in /etc/init.d/arserver script
Where is ORACLE installed? [] [?,q] 
Step 10 If you plan to use Oracle for one of authentication, authorization, or accounting, enter the location where you have installed Oracle; otherwise press Enter.
A local database from previous installation of the Access
Registrar Server has been detected. It contains:
* session information
* all server object definitions
* local UserLists
Do you want to preserve the local database in /opt/CSCOar [y]: [y,n,?,q] y
Step 11 Reply Y to preserve the local database.
The upgrade procedure needs administrator access to your configuration
so that it can upgrade it.
Enter an AR administrator username and password:
Step 12 Enter the administrator userID and password.
User: admin
Password: 
Retype password: 
## Executing checkinstall script.
Using </opt/CSCOar> as the package base directory.
## Processing package information.
## Processing system information.
## Verifying package dependencies.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
## Checking for setuid/setgid programs.
The following files are being installed with setuid and/or setgid
permissions:
  /opt/CSCOar/.system/screen <setuid root>
 /opt/CSCOar/bin/aregcmd <setgid staff>
 /opt/CSCOar/bin/radclient <setgid staff>
Do you want to install these as setuid/setgid files [y,n,?,q]
Step 13 Enter Y to install the setuid/setgid files.
This package contains scripts which will be executed with super-user
permission during the process of installing this package.
Do you want to continue with the installation of <CSCOar> [y,n,?]
Step 14 Enter Y to continue with the software installation.

No further interaction is required; the installation process should complete successfully and the arservagt is automatically started.
Installing Cisco Access Registrar 4.0.1 [SunOS-5.8, official] as <CSCOar>
## Installing part 1 of 1.
/opt/CSCOar/.system/add-example-config
/opt/CSCOar/.system/run-ar-scripts
/opt/CSCOar/.system/screen
/opt/CSCOar/README
/opt/CSCOar/bin/arbug
.
.
.
 inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/realm-howto.html  
  inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/RUNNING.txt  
  inflating: 
/opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/security-manager-howto.html  
  inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/ssl-howto.html  
   creating: /opt/CSCOar/jakarta-tomcat-4.0.6/work/
# setting up product configuration file /opt/CSCOar/conf/car.conf
# linking /etc/init.d/arserver to /etc/rc.d files
# Upgrade of the configuration db is in progress
# Password check in progress
# Wait. 
# Password check complete
# flushing old replication archive
# Backup of configuration in progress
# Wait........ 
# Backup complete
###############################################################
#
#  A backup copy of your original configuration has been
#  saved to the file:
#
#    /opt/CSCOar/temp/5113.origconfig-backup
#
#  If you need to restore the original configuration,
#  enter the following command:
#
#    mcdadmin -coi /opt/CSCOar/temp/5113.origconfig-backup
#
###############################################################
###############################################################
#
#  The upgrade process involves the use of mcdadmin and
#  aregcmd. First a small set of updates are performed
#  using mcdadmin. Then the vast majority of updates are
#  performed using aregcmd.
#
###############################################################
# Mcdadmin-level upgrade in progress
# Mcdadmin-level upgrade completed
# Aregcmd-level upgrade in progress
# Configuration DB analysis is in progress
# Wait........ 
# Analysis completed
# Deleting of obsolete tunnel attributes is in progress
# Wait 
# Deletion completed
# Deleting obsolete vendors
# Wait 
# Deletion completed
# Add of new database elements is in progress
# Wait......... 
# Add completed
# Search for obsolete VSA names is in progress
# Search completed
##############################################################
#
#   Sometimes VSAs get renamed from version to version of AR.
#   The upgrade process does not automatically remove the
#   old names. The upgrade process has generated a script
#   to remove the old names. The script is located in:
#
#       /opt/CSCOar/temp/5113.manual-deletes
#
#   Review the script to make sure you are not using any of
#   these old VSAs. Modify your configuration and your
#   scripts to use the new names before you attempt to run
#   the script.
#
#   To run the removal script, type:
#
#       aregcmd -f /opt/CSCOar/temp/5113.manual-deletes
#
##############################################################
##############################################################
#
#   VSAs for the old AR version are not updated
#   automatically. The upgrade process generated a script
#   to perform the update. The script is located in:
#
#       /opt/CSCOar/temp/5113.manual-changes
#
#   Review the script to make sure it does not conflict with
#   any of your VSA changes. Make sure you modify the script,
#   if necessary, before you attempt to run it.
#
#   To run the update script, type:
#
#       aregcmd -f /opt/CSCOar/temp/5113.manual-changes
#
##############################################################
##############################################################
#
#  These upgrade messages are saved in:
#
#      /opt/CSCOar/temp/5113.upgrade-log
#
##############################################################
/cisco-ar/certs/tomcat/server-cert.pem exists, no action taken.
unable to write 'random state'
Tomcat private RSA key now resides in /cisco-ar/certs/tomcat/server-key.pem
Starting Access Registrar Server Agent...completed.
The Radius server is now running.
# done with postinstall.
Installation of <CSCOar> was successful.
hostname root /tmp##
Configuring SNMP

If you choose not to use the SNMP features of Cisco Access Registrar, the installation process is completed. To use SNMP features, complete the configuration procedure described in Configuring SNMP.

Back-up Copy of Original Configuration

The upgrade process displays a message like the following to indicate where a copy of your original configuration has been stored.

Note Running the command mcdadmin -coi to import configuration data will cause the Cisco AR 4.0 server to lose all session information.
###############################################################
#
#  A backup copy of your original configuration has been
#  saved to the file:
#
#    /opt/CSCOar/temp/10062.origconfig-backup
#
#  If you need to restore the original configuration,
#  enter the following command:
#
#    mcdadmin -coi /opt/CSCOar/temp/10062.origconfig-backup
#
###############################################################
Removing Old VSA Names

The upgrade process provides an analysis of the configuration database, addition of new database elements, and a search for obsolete VSA names. When this is complete, a message like the following is displayed:
##############################################################
#
#   Sometimes VSAs get renamed from version to version of AR.
#   The upgrade process does not automatically remove the
#   old names. The upgrade process has generated a script
#   to remove the old names. The script is located in:
#
#       /opt/CSCOar/temp/10062.manual-deletes
#
#   Review the script to make sure you are not using any of
#   these old VSAs. Modify your configuration and your
#   scripts to use the new names before you attempt to run
#   the script.
#
#   To run the removal script, type:
#
#       aregcmd -sf /opt/CSCOar/temp/10062.manual-deletes
#
##############################################################
At this point, you should examine the script produced by the upgrade process to make sure that your site is not using any of the old VSAs. In the example above, the script can be found at /opt/CSCOar/temp/10062.manual-deletes.

Note The number preceding manual.deletes is produced from the PID of the upgrade process.

Modify your configuration and your scripts to use the new names before you attempt to run the script generated by the upgrade process.

VSA Update Script

The upgrade process builds a script you can use to update VSAs in your system.
##############################################################
#
#   VSAs for the old AR version are not updated
#   automatically. The upgrade process generated a script
#   to perform the update. The script is located in:
#
#       /opt/CSCOar/temp/10062.manual-changes
#
#   Review the script to make sure it does not conflict with
#   any of your VSA changes. Make sure you modify the script,
#   if necessary, before you attempt to run it.
#
#   To run the update script, type:
#
#       aregcmd -sf /opt/CSCOar/temp/10062.manual-changes
#
##############################################################
Step 15 Review the script and make sure that the changes it will make do not conflict with any changes you might have made to the VSAs. Modify the script if necessary.

Step 16 Record the location of the upgrade messages for future reference.
##############################################################
#
#  These upgrade messages are saved in:
#
#      /opt/CSCOar/temp/10062.upgrade-log
#
##############################################################
Upgrading Cisco AR Linux Software

This section describes the software installation process when installing Cisco Access Registrar 4.0 software on a Linux workstation for the first time. This section includes the following subsections:

•Deciding Where to Install

•Installing Cisco AR Software from CD-ROM

•Common Linux Installation Steps

Deciding Where to Install

Before you begin the software installation, you should decide where you want to install the new software. The default installation directory for Cisco AR 4.0 software is /opt/CSCOar. You can use the default installation directory, or you can choose to install the Cisco AR software in a different directory.

Installing Cisco AR Software from CD-ROM

The following steps describe how to begin the software installation process when installing software from the Cisco Access Registrar 4.0 CD-ROM. If you are installing downloaded software, proceed to Installing Downloaded Software.

Step 1 Place the Cisco Access Registrar 4.0 software CD-ROM in the Cisco AR workstation CD-ROM drive.

Step 2 Log in to the Cisco AR workstation as a root user and find a temporary directory, such as /tmp, to store the Linux installation file.

Note The temporary directory requires at least 70 MB of free space.

Step 3 Change directory to the CD-ROM.

cd /cdrom/cdrom0/kit/linux-2.4
Step 4 Copy the CSCOar-4.0.1-lnx24-install-k9.sh file to the temporary directory.

cp CSCOar-4.0.1-lnx24-install-k9.sh /tmp
Step 5 Change the permissions of the CSCOar-4.0.1-lnx24-install-k9.sh file to make it executable.

chmod 777 CSCOar-4.0.1-lnx24-install-k9.sh
To continue the installation, proceed to Common Linux Installation Steps.

Common Linux Installation Steps

This section describes how to install the downloadedCisco Access Registrar 4.0 software for Linux and begin the software installation.

Note The Cisco AR Linux installation automatically installs aregcmd and radclient as setgid programs in group adm.

Step 1 Log in to the Cisco AR workstation as a root user.

Step 2 Change directory to the location where you have stored the CSCOar-4.0.1-lnx24-rc1-install.sh file.

cd /tmp
Step 3 Enter the name of the script file to begin the installation:

CSCOar-4.0.1-lnx24-install-k9.sh
Name        : CSCOar                       Relocations: /opt/CSCOar 
Version     : 4.0.1                             Vendor: Cisco Systems, Inc.
Release     : 1112362579                    Build Date: Fri Apr  1 06:46:30 2005
Install date: (not installed)               Build Host: sentret.cnslab.cisco.com
Summary     : Access Registrar, a carrier-class RADIUS server
build_tag: [Linux-2.4.20, official]
Copyright (C) 1998-2005 by Cisco Systems, Inc.
This program contains proprietary and confidential information.  
All rights reserved except as may be permitted by prior written consent.
This package contains the Access Registrar Server and the Access
Registrar Configuration Utility.  All the Client, Server, and
Configuration utilities will be installed.
Where do you want to install <CSCOar>? [/opt/CSCOar] [?,q] 
Step 4 Press Enter to accept the default location of /opt/CSCOar, or enter a different directory to be used as the base installation directory.
Access Registrar requires FLEXlm license file to operate.  A list
of space delimited license files or directories can be supplied as
input; license files must have the extension ".lic".
Where are the FLEXlm license files located? [/opt/CSCOar/license] [?,q] 
Step 5 Enter the directory where you have stored the Cisco Access Registrar 4.0 license file.
Access Registrar provides a Web GUI. It requires J2RE version 1.4.*
to be installed on the server.
If you already have a compatible version of J2RE installed, please
enter the directory where it is installed.  If you do not, the
compatible J2RE version can be downloaded from:
http://java.sun.com/
Where is the J2RE installed? [] [?,q]
The J2RE is required to use the Cisco AR GUI. If you already have a Java 2 platform installed, enter the directory where it is installed.

Note If you do not provide the J2RE path, or if the path is empty or unsupported, the installation process exits.
If you are not using ORACLE, press Enter/Return to skip this step.
ORACLE installation directory is required for ODBC configuration.
ORACLE_HOME variable will be set in /etc/init.d/arserver script
Where is ORACLE installed? [] [?,q] 
Step 6 Enter the location where you have installed Oracle, otherwise press Enter.
A local database from previous installation of the Access
Registrar Server has been detected. It contains:
* session information
* all server object definitions
* local UserLists
Do you want to preserve the local database in /opt/CSCOar [y]: [y,n,?,q] y
Step 7 Reply Y to preserve the local database.
The upgrade procedure needs administrator access to your configuration
so that it can upgrade it.
Enter an AR administrator username and password:
Step 8 Enter the administrator userID and password.
User: admin
Password: 
Retype password: 
Remove old sessions in /opt/CSCOar/data/radius [n]: [y,n,?,q] 
Step 9 Enter Y to remove old sessions or N to retain old sessions.
unpack the rpm file done
Preparing...                ########################################### [100%]
   1:CSCOarui-add           ########################################### [100%]
Archive:  ./jakarta-tomcat-4.0.6.zip
   creating: /opt/CSCOar/jakarta-tomcat-4.0.6/bin/
  inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/bin/bootstrap.jar  
  inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/bin/catalina.bat 
.
.
.
inflating: 
/opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/security-manager-howto.html  
  inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/ssl-howto.html  
   creating: /opt/CSCOar/jakarta-tomcat-4.0.6/work/
Preparing...                ########################################### [100%]
   1:CSCOar                 ########################################### [100%]
relink arserver
# flushing old replication archive
# creating initial configuration database
Rollforward recovery using "/opt/CSCOar/data/db/vista.tjf" started Thu Apr 14 11:51:29 
2005
Rollforward recovery using "/opt/CSCOar/data/db/vista.tjf" finished Thu Apr 14 11:51:29 
2005
# add-example-config y
JAVA ROOT /nfs/insbu-cnstools/java-linux
JAVA_HOME /nfs/insbu-cnstools/java-linux
# setting ORACLE_HOME and JAVA_HOME variable in arserver
ORACLE_HOME 
JAVA_HOME /nfs/insbu-cnstools/java-linux
set JAVA_HOME 
calling gen-tomcat
/cisco-ar/certs/tomcat/server-cert.pem exists, no action taken.
unable to write 'random state'
Tomcat private RSA key now resides in /cisco-ar/certs/tomcat/server-key.pem
Starting Access Registrar Server Agent..completed.
The Radius server is now running.
hostname root /tmp### 
Back-up Copy of Original Configuration

The upgrade process displays a message like the following to indicate where a copy of your original configuration has been stored.

Note Running the command mcdadmin -coi to import configuration data will cause the Cisco AR 4.0 server to lose all session information.
###############################################################
#
#  A backup copy of your original configuration has been
#  saved to the file:
#
#    /opt/CSCOar/temp/10062.origconfig-backup
#
#  If you need to restore the original configuration,
#  enter the following command:
#
#    mcdadmin -coi /opt/CSCOar/temp/10062.origconfig-backup
#
###############################################################
Removing Old VSA Names

The upgrade process provides an analysis of the configuration database, addition of new database elements, and a search for obsolete VSA names. When this is complete, a message like the following is displayed:
##############################################################
#
#   Sometimes VSAs get renamed from version to version of AR.
#   The upgrade process does not automatically remove the
#   old names. The upgrade process has generated a script
#   to remove the old names. The script is located in:
#
#       /opt/CSCOar/temp/10062.manual-deletes
#
#   Review the script to make sure you are not using any of
#   these old VSAs. Modify your configuration and your
#   scripts to use the new names before you attempt to run
#   the script.
#
#   To run the removal script, type:
#
#       aregcmd -sf /opt/CSCOar/temp/10062.manual-deletes
#
##############################################################
At this point, you should examine the script produced by the upgrade process to make sure that your site is not using any of the old VSAs. In the example above, the script can be found at /opt/CSCOar/temp/10062.manual-deletes.

Note The number preceding manual.deletes is produced from the PID of the upgrade process.

Modify your configuration and your scripts to use the new names before you attempt to run the script generated by the upgrade process.

VSA Update Script

The upgrade process builds a script you can use to update VSAs in your system.
##############################################################
#
#   VSAs for the old AR version are not updated
#   automatically. The upgrade process generated a script
#   to perform the update. The script is located in:
#
#       /opt/CSCOar/temp/10062.manual-changes
#
#   Review the script to make sure it does not conflict with
#   any of your VSA changes. Make sure you modify the script,
#   if necessary, before you attempt to run it.
#
#   To run the update script, type:
#
#       aregcmd -sf /opt/CSCOar/temp/10062.manual-changes
#
##############################################################
Step 10 Review the script and make sure that the changes it will make do not conflict with any changes you might have made to the VSAs. Modify the script if necessary.

Step 11 Record the location of the upgrade messages for future reference.
##############################################################
#
#  These upgrade messages are saved in:
#
#      /opt/CSCOar/temp/10062.upgrade-log
#
##############################################################
Configuring SNMP

If you choose not to use the SNMP features of Cisco Access Registrar, the installation process is completed. To use SNMP features, complete the configuration procedure described in Configuring SNMP.

Configuring SNMP

If you choose not to use the SNMP features of Cisco Access Registrar, the installation process is completed. To use SNMP features, complete the configuration procedure described in Configuring SNMP, page 4-14.

If you have modified the snmpd.conf file in the /cisco-ar/ucd-snmp/share/snmp directory, you must back up this file before doing the upgrade process. The pkgrm removes the snmpd.conf file, even if it has been modified.

After installing Cisco AR 4.0 software with pkgadd, you must copy the snmpd.conf file back to the /cisco-ar/ucd-snmp/share/snmp directory. Restart the Cisco AR server using the following command:

/etc/init.d/arserver restart

Restarting Replication

Before you enable replication, you must first upgrade all replication slave servers to the same version of Access Registrar software as the master server. Do not enable replication on the master server until all slave servers have been upgraded.

Use the same process you used to upgrade the master server to upgrade any slave servers. If you retained your configuration on the master, retain the configuration on the slaves, too.

After the same version of Cisco AR software has been installed on all slave servers, you can enable replication on the master server again. After enabling replication on the master server, you can enable replication on each of the slave servers.

	Cisco Access Registrar Installation and Configuration Guide
	Upgrading Cisco Access Registrar Software
Cisco Access Registrar Installation and Configuration Guide Index About This Guide Overview Installing Cisco Access Registrar Upgrading Cisco Access Registrar Software Configuring Cisco Access Registrar Customizing Your Configuration Cisco Access Registrar Installation and Configuration Guide, 4.0	Download this chapter Upgrading Cisco Access Registrar Software Table Of Contents Upgrading Cisco Access Registrar Software Solaris Software Upgrade Overview Linux Software Upgrade Overview Software Upgrade Tasks Disabling Replication Using pkgrm to Remove Cisco AR Solaris Software Removing the AICar1 Package Removing the CSCOar Package Using uninstall-ar to Remove Linux Software Installing the Cisco AR License File Upgrading Cisco AR Solaris Software Deciding Where to Install Installing Cisco AR Software from CD-ROM Installing Downloaded Software Common Solaris Installation Steps Configuring SNMP Back-up Copy of Original Configuration Removing Old VSA Names VSA Update Script Upgrading Cisco AR Linux Software Deciding Where to Install Installing Cisco AR Software from CD-ROM Common Linux Installation Steps Back-up Copy of Original Configuration Removing Old VSA Names VSA Update Script Configuring SNMP Configuring SNMP Restarting Replication Upgrading Cisco Access Registrar Software Cisco Access Registrar 4.0 supports software upgrades from your previously installed Cisco AR software while preserving your existing configuration database. Cisco AR supports an upgrade path for both the Solaris or Linux versions of Cisco AR software. Note Configuration for Prepaid billing servers in Cisco AR 3.0 will no longer work in Cisco AR 4.0. If you have been using a Prepaid billing server in Cisco AR 3.0 and are upgrading your software to Cisco AR 4.0, you must remove the Prepaid billing server configuration before installing the Cisco AR 4.0 software. Chapter 14, "Using Prepaid Billing," provides detailed instructions for configuring Prepaid billing services for Cisco AR 4.0. Caution Running the command mcdadmin -coi to import configuration data will cause the Cisco AR 4.0 server to lose all session information. This chapter contains the following sections: •Solaris Software Upgrade Overview •Linux Software Upgrade Overview •Software Upgrade Tasks •Installing the Cisco AR License File •Upgrading Cisco AR Solaris Software •Upgrading Cisco AR Linux Software •Configuring SNMP •Restarting Replication Solaris Software Upgrade Overview This section describes the Solaris upgrade processes. Step 1 Ensure that replication is disabled. Refer to Disabling Replication. Step 2 If you have modified the snmpd.conf file in the /cisco-ar/ucd-snmp/share/snmp directory, you must back up this file before doing the upgrade process. The pkgrm removes the snmpd.conf file, even if it has been modified. Step 3 Remove the old software using the pkgrm command. Refer to Using pkgrm to Remove Cisco AR Solaris Software. Step 4 If you plan to use the Cisco AR SNMP features, disable the current Sun SNMP daemon and prevent the Sun SNMP daemon from restarting after a reboot. Step 5 Decide where to install the Cisco Access Registrar 4.0 software. The default installation directory for Cisco AR 4.0 software is /opt/CSCOar. If you are upgrading from Cisco AR version 1.7 or earlier, the default installation directory was /opt/AICar1. Step 6 Decide if you want to preserve your existing configuration database. Preserving your existing configuration database is a compelling reason to upgrade rather than to start anew. The upgrade procedure in this chapter assumes you want to preserve your existing configuration. If you are upgrading from Cisco AR 1.7 or an earlier version, the default installation directory is /opt/AICar1. The default installation directory for Cisco AR 3.0 and above is /opt/CSCOar. If your previous install directory was /opt/AICar1, you should use that directory to install Cisco AR 4.0 You might also rename the old directory, as in the following: cd /opt mv AICar1 CSCOar Step 7 Copy the Cisco Access Registrar 4.0 license file to a location on the Cisco AR workstation directory such as /tmp. For detailed information about the Cisco AR license and how to install the license, see Cisco Access Registrar 4.0 Licensing. Step 8 Use the pkgadd command to install the Cisco Access Registrar 4.0 software. For detailed information about using the pkgadd command to install Cisco AR software, see Chapter 2, "Installing Cisco Access Registrar 4.0 Software on Solaris." Note Since you are upgrading, you will want to preserve your existing database. Step 9 If you configured Cisco AR to use SNMP prior to upgrading, after installing Cisco AR 4.0 software, you must copy the snmpd.conf file back to the /cisco-ar/ucd-snmp/share/snmp directory. Step 10 Restart the Cisco AR server using the following command: /etc/init.d/arserver restart Linux Software Upgrade Overview This section provides overview information of the Linux upgrade processes. Step 1 Ensure that replication is disabled. Refer to Disabling Replication. Step 2 If you have modified the snmpd.conf file in the /cisco-ar/ucd-snmp/share/snmp directory, you must back up this file before doing the upgrade process. The pkgrm removes the snmpd.conf file, even if it has been modified. Note If you currently use the 3.5.2 Linux version, the uninstall-ar program removes /opt/CSCOar/data. Before you run the uninstall-ar program, copy the /opt/CSCOar/data directory to a temporary location such as /tmp. After you install the upgrade software, move the data directory back to /opt/CSCOar/data. Step 3 Remove the old software using the uninstall-ar command. For detailed information about using the uninstall-ar command to remove Cisco AR Linux software, see Using uninstall-ar to Remove Linux Software. Step 4 If you plan to use the Cisco AR SNMP features, disable the current SNMP daemon and prevent the SNMP daemon from restarting after a reboot. Step 5 Decide where to install the Cisco Access Registrar 4.0 software. The default installation directory for Cisco AR 4.0 software is /opt/CSCOar. Step 6 Decide if you want to preserve your existing configuration database. Preserving your existing configuration database is a compelling reason to upgrade rather than to start anew. The upgrade procedure in this chapter assumes you want to preserve your existing configuration. Step 7 Copy the Cisco Access Registrar 4.0 license file to a location on the Cisco AR workstation directory such as /tmp. Step 8 Install the Linux version of Cisco Access Registrar 4.0 software. Step 9 If you configured Cisco AR to use SNMP prior to upgrading, after installing Cisco AR 4.0 software, you must copy the snmpd.conf file back to the /cisco-ar/ucd-snmp/share/snmp directory. Step 10 Restart the Cisco AR server using the following command: /etc/init.d/arserver restart Software Upgrade Tasks This section provides information about the tasks involved in the Cisco AR software upgrade process. Disabling Replication If you are using the Cisco AR replication feature, you must disable it before you begin the upgrade process of the upgrade will fail. When completed, refer to "Restarting Replication" section for the correct way to restart replication. To ensure that replication is disabled, complete the following steps: Step 1 Login as admin and launch aregcmd. Step 2 Change directory to /radius/replication and examine the RepType property. cd /radius/replication [ //localhost/Radius/Replication ] RepType = None RepTransactionSyncInterval = 60000 RepTransactionArchiveLimit = 100 RepIPAddress = 0.0.0.0 RepPort = 1645 RepSecret = NotSet RepIsMaster = FALSE RepMasterIPAddress = 0.0.0.0 RepMasterPort = 1645 Rep Members/ Make sure that RepType is set to None. Step 3 If you made changes, issue the save command, then exit the aregcmd command interface. Using pkgrm to Remove Cisco AR Solaris Software There are two different Cisco AR Solaris software packages, AICar1 and CSCOar. The AICar1 package was used for Cisco AR 1.7 and earlier versions. The CSCOar package has been used for Cisco AR 3.0 and later versions. Removing the AICar1 Package The following steps describe how to remove the AICar1 software package. Step 1 Log in to the Cisco AR workstation as a root user, and enter the following command line: pkgrm AICar1 The following package is currently installed: AICar1 Access Registrar 1.7R7 [SunOS-5.8, ns40, gcc-O, official] (sparc) 1.7R7 Do you want to remove this package? Step 2 Enter y or yes to continue removing the AICar1 package. ## Removing installed package instance <AICar1> This package contains scripts which will be executed with super-user permission during the process of removing this package. Do you want to continue with the removal of this package [y,n,?,q] Step 3 Enter y to continue removing the AICar1 package. After you enter y, the AICar1 package should be removed without further interaction. ## Verifying package dependencies. ## Processing package information. ## Executing preremove script. Waiting for these processes to die (this may take some time): AR MCD lock manager (pid: 2971) AR MCD server (pid: 2967) AR RADIUS server (pid: 2973) AR Server Agent (pid: 2965) 2967: terminated 2973: terminated 2971: terminated, wait status 0x000f 2965: terminated Access Registrar Server Agent shutdown complete. # removing /etc/rc.d files # done with preremove. ## Removing pathnames in class <snmp> /opt/AICar1/ucd-snmp/share/snmp/snmpd.conf . . <several hundred lines deleted> . /opt/AICar1/bin/screen /opt/AICar1/bin /opt/AICar1/README ## Removing pathnames in class <none> ## Updating system information. Removal of <AICar1> was successful. hostname root /scratch## Removing the CSCOar Package The following steps describe how to remove the CSCOar software package. Step 1 Log in to the Cisco AR workstation as a root user, and enter the following command line: pkgrm CSCOar The following package is currently installed: CSCOar Cisco Access Registrar 3.0R7 [SunOS-5.8, official] (sparc) 3.0R7 Do you want to remove this package? Step 2 Enter y or yes to continue removing the CSCOar package. ## Removing installed package instance <CSCOar> This package contains scripts which will be executed with super-user permission during the process of removing this package. Do you want to continue with the removal of this package [y,n,?,q] Step 3 Enter y to continue removing the CSCOar package. After you enter y, the CSCOar package should be removed without further interaction. ## Verifying package dependencies. ## Processing package information. ## Executing preremove script. Waiting for these processes to die (this may take some time): AR Server Agent (pid: 28352) AR MCD server (pid: 28354) AR RADIUS server (pid: 28372) AR MCD lock manager (pid: 28355) 28354: terminated, wait status 0x0000 28372: terminated, wait status 0x0000 28355: terminated, wait status 0x000f 28352: terminated, wait status 0x0000 Access Registrar Server Agent shutdown complete. # removing /etc/rc.d files # done with preremove. ## Removing pathnames in class <snmp> /opt/CSCOar/ucd-snmp/share/snmp/snmpd.conf /opt/CSCOar/ucd-snmp/share/snmp/snmpconf-data/snmptrapd-data/traphandle . . . <several hundred lines deleted> . . /opt/CSCOar/README /opt/CSCOar/.system/screen /opt/CSCOar/.system ## Removing pathnames in class <none> ## Updating system information. Removal of <CSCOar> was successful. hostname root ~## Using uninstall-ar to Remove Linux Software The Linux version of Cisco AR software includes the uninstall-ar program in /opt/CSCOar/bin that you use to remove Cisco AR software on Linux machines. Note If you currently use the 3.5.2 Linux version, the uninstall-ar program removes /opt/CSCOar/data. Before you run the uninstall-ar program, copy the /opt/CSCOar/data directory to a temporary location such as /tmp. After you install the upgrade software, move the data directory back to /opt/CSCOar/data. Step 1 Log in to the Cisco AR workstation as a root user. Step 2 To remove the Linux version of Cisco AR software, change directory to /opt/CSCOar/bin and start the uninstall-ar program as follows: cd /opt/CSCOar/bin uninstall-ar uninstall-ar Are you sure you want to remove CSCOar-3.5.4-1101360135? [y/n]: Step 3 Reply Yes or Y to continue removing the Linux software. Are you sure you want to remove CSCOar-3.5.4-1101360135? [y/n]: y Waiting for these processes to die (this may take some time): AR RADIUS server running (pid: 15492) AR Server Agent running (pid: 27288) AR MCD lock manager running (pid: 27295) AR MCD server running (pid: 27294) 4 processes left.3 processes left.......2 processes left.......k0 processes left.0 processes left Access Registrar Server Agent shutdown complete. Installing the Cisco AR License File Cisco Access Registrar 4.0 uses a new licensing mechanism that enables you to activate different features in Cisco AR using a combination of different license keys. During system initialization, the Cisco AR server sets up the licensing data model and activates any features that are properly licensed. You must have a license in a directory on the Cisco AR machine before you attempt to install Cisco AR software. If you have not installed the Cisco AR license file before beginning the software installation, the installation process will fail. You can store the Cisco AR license file in any directory on the Cisco AR machine. During the installation process, you will be asked the location of the license file, and the installation process will copy the license file to the /opt/CSCOar/license directory or to the base installation directory you specify when you install the software (if you are not using the default installation location). The license file might have the name ciscoar.lic, but it can be any filename with the suffix .lic. To install the Cisco AR license file, you can copy and paste the text into a file, or you can simply save the file you receive in EMail to an accessible directory. Upgrading Cisco AR Solaris Software This section describes the software installation process when installing Cisco Access Registrar 4.0 software on a Solaris workstation for the first time. This section includes the following subsections: •Deciding Where to Install •Installing Cisco AR Software from CD-ROM •Installing Downloaded Software •Common Solaris Installation Steps Tips Before you begin to install the software, check your workstation's /etc/group file and make sure that group staff exists. The software installation will fail if group staff does not exist before you begin. Deciding Where to Install Before you begin the software installation, you should decide where you want to install the new software. The default installation directory for Cisco AR 4.0 software is /opt/CSCOar. You can use the default installation directory, or you can choose to install the Cisco AR software in a different directory. Installing Cisco AR Software from CD-ROM The following steps describe how to begin the software installation process when installing software from the Cisco Access Registrar 4.0 CD-ROM. If you are installing downloaded software, proceed to Installing Downloaded Software. Step 1 Place the Cisco Access Registrar 4.0 software CD-ROM in the Cisco AR workstation CD-ROM drive. Step 2 Log in to the Cisco AR workstation as a root user, and enter the following command line for Solaris 8: pkgadd -d /cdrom/cdrom0/kit/solaris-2.8 CSCOar or the following for Solaris 9: pkgadd -d /cdrom/cdrom0/kit/solaris-2.9 CSCOar Step 3 Proceed to Common Solaris Installation Steps. Installing Downloaded Software This section describes how to uncompress and extract downloaded Cisco Access Registrar 4.0 software and begin the software installation. Step 1 Log in to the Cisco AR workstation as a root user. Step 2 Change directory to the location where you have stored the uncompressed tarfile. cd /tmp Step 3 Use the following command line to uncompress the tarfile and extract the installation package files. zcat CSCOar-4.0.1-sol8-k9.tar.gz \| tar xf - Note These instructions are for the Solaris 8 package. There is no difference in download or installation procedures for Solaris 8 or Solaris 9 other than the package name. Step 4 Enter the following command to begin the installation: pkgadd -d /tmp CSCOar where /tmp is the temporary directory where you stored and uncompressed the installation files. Step 5 Proceed to Common Solaris Installation Steps. Common Solaris Installation Steps This section describes the installation process immediately after you have issued the pkgadd command installing from CD-ROM or from downloaded software. Processing package instance <CSCOar> from </tmp> Cisco Access Registrar 4.0.1 [SunOS-5.8, official] (sparc) 4.0.1 Copyright (C) 1998-2005 by Cisco Systems, Inc. This program contains proprietary and confidential information. All rights reserved except as may be permitted by prior written consent. This package contains the Access Registrar Server and the Access Registrar Configuration Utility. You can choose to perform either a Full installation or just install the Configuration Utility. What type of installation: Full, Config only [Full] [?,q] Step 6 For a full install, press Enter. Where do you want to install <CSCOar>? [/opt/CSCOar] [?,q] Step 7 Press Enter to accept the default location of /opt/CSCOar, or enter a different directory to be used as the base installation directory. Access Registrar requires FLEXlm license file to operate. A list of space delimited license files or directories can be supplied as input; license files must have the extension ".lic". Where are the FLEXlm license files located? [] [?,q] Step 8 Enter the directory where you have stored the Cisco Access Registrar 4.0 license file. Access Registrar provides a Web GUI. It requires J2RE version 1.4.* to be installed on the server. If you already have a compatible version J2RE installed, please enter the directory where it is installed. If you do not, the compatible J2RE version can be downloaded from: http://java.sun.com/ Where is the J2RE installed? [?,q] The J2RE is required to use the Cisco AR GUI. If you already have a Java 2 platform installed, enter the directory where it is installed. Note If you do not provide the J2RE path, or if the path is empty or unsupported, the installation process exits. Step 9 Enter the directory or mount point where the J2RE is installed. If you are not using ORACLE, press Enter/Return to skip this step. ORACLE installation directory is required for ODBC configuration. ORACLE_HOME variable will be set in /etc/init.d/arserver script Where is ORACLE installed? [] [?,q] Step 10 If you plan to use Oracle for one of authentication, authorization, or accounting, enter the location where you have installed Oracle; otherwise press Enter. A local database from previous installation of the Access Registrar Server has been detected. It contains: * session information * all server object definitions * local UserLists Do you want to preserve the local database in /opt/CSCOar [y]: [y,n,?,q] y Step 11 Reply Y to preserve the local database. The upgrade procedure needs administrator access to your configuration so that it can upgrade it. Enter an AR administrator username and password: Step 12 Enter the administrator userID and password. User: admin Password: Retype password: ## Executing checkinstall script. Using </opt/CSCOar> as the package base directory. ## Processing package information. ## Processing system information. ## Verifying package dependencies. ## Verifying disk space requirements. ## Checking for conflicts with packages already installed. ## Checking for setuid/setgid programs. The following files are being installed with setuid and/or setgid permissions: /opt/CSCOar/.system/screen <setuid root> /opt/CSCOar/bin/aregcmd <setgid staff> /opt/CSCOar/bin/radclient <setgid staff> Do you want to install these as setuid/setgid files [y,n,?,q] Step 13 Enter Y to install the setuid/setgid files. This package contains scripts which will be executed with super-user permission during the process of installing this package. Do you want to continue with the installation of <CSCOar> [y,n,?] Step 14 Enter Y to continue with the software installation. No further interaction is required; the installation process should complete successfully and the arservagt is automatically started. Installing Cisco Access Registrar 4.0.1 [SunOS-5.8, official] as <CSCOar> ## Installing part 1 of 1. /opt/CSCOar/.system/add-example-config /opt/CSCOar/.system/run-ar-scripts /opt/CSCOar/.system/screen /opt/CSCOar/README /opt/CSCOar/bin/arbug . . . inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/realm-howto.html inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/RUNNING.txt inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/security-manager-howto.html inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/ssl-howto.html creating: /opt/CSCOar/jakarta-tomcat-4.0.6/work/ # setting up product configuration file /opt/CSCOar/conf/car.conf # linking /etc/init.d/arserver to /etc/rc.d files # Upgrade of the configuration db is in progress # Password check in progress # Wait. # Password check complete # flushing old replication archive # Backup of configuration in progress # Wait........ # Backup complete ############################################################### # # A backup copy of your original configuration has been # saved to the file: # # /opt/CSCOar/temp/5113.origconfig-backup # # If you need to restore the original configuration, # enter the following command: # # mcdadmin -coi /opt/CSCOar/temp/5113.origconfig-backup # ############################################################### ############################################################### # # The upgrade process involves the use of mcdadmin and # aregcmd. First a small set of updates are performed # using mcdadmin. Then the vast majority of updates are # performed using aregcmd. # ############################################################### # Mcdadmin-level upgrade in progress # Mcdadmin-level upgrade completed # Aregcmd-level upgrade in progress # Configuration DB analysis is in progress # Wait........ # Analysis completed # Deleting of obsolete tunnel attributes is in progress # Wait # Deletion completed # Deleting obsolete vendors # Wait # Deletion completed # Add of new database elements is in progress # Wait......... # Add completed # Search for obsolete VSA names is in progress # Search completed ############################################################## # # Sometimes VSAs get renamed from version to version of AR. # The upgrade process does not automatically remove the # old names. The upgrade process has generated a script # to remove the old names. The script is located in: # # /opt/CSCOar/temp/5113.manual-deletes # # Review the script to make sure you are not using any of # these old VSAs. Modify your configuration and your # scripts to use the new names before you attempt to run # the script. # # To run the removal script, type: # # aregcmd -f /opt/CSCOar/temp/5113.manual-deletes # ############################################################## ############################################################## # # VSAs for the old AR version are not updated # automatically. The upgrade process generated a script # to perform the update. The script is located in: # # /opt/CSCOar/temp/5113.manual-changes # # Review the script to make sure it does not conflict with # any of your VSA changes. Make sure you modify the script, # if necessary, before you attempt to run it. # # To run the update script, type: # # aregcmd -f /opt/CSCOar/temp/5113.manual-changes # ############################################################## ############################################################## # # These upgrade messages are saved in: # # /opt/CSCOar/temp/5113.upgrade-log # ############################################################## /cisco-ar/certs/tomcat/server-cert.pem exists, no action taken. unable to write 'random state' Tomcat private RSA key now resides in /cisco-ar/certs/tomcat/server-key.pem Starting Access Registrar Server Agent...completed. The Radius server is now running. # done with postinstall. Installation of <CSCOar> was successful. hostname root /tmp## Configuring SNMP If you choose not to use the SNMP features of Cisco Access Registrar, the installation process is completed. To use SNMP features, complete the configuration procedure described in Configuring SNMP. Back-up Copy of Original Configuration The upgrade process displays a message like the following to indicate where a copy of your original configuration has been stored. Note Running the command mcdadmin -coi to import configuration data will cause the Cisco AR 4.0 server to lose all session information. ############################################################### # # A backup copy of your original configuration has been # saved to the file: # # /opt/CSCOar/temp/10062.origconfig-backup # # If you need to restore the original configuration, # enter the following command: # # mcdadmin -coi /opt/CSCOar/temp/10062.origconfig-backup # ############################################################### Removing Old VSA Names The upgrade process provides an analysis of the configuration database, addition of new database elements, and a search for obsolete VSA names. When this is complete, a message like the following is displayed: ############################################################## # # Sometimes VSAs get renamed from version to version of AR. # The upgrade process does not automatically remove the # old names. The upgrade process has generated a script # to remove the old names. The script is located in: # # /opt/CSCOar/temp/10062.manual-deletes # # Review the script to make sure you are not using any of # these old VSAs. Modify your configuration and your # scripts to use the new names before you attempt to run # the script. # # To run the removal script, type: # # aregcmd -sf /opt/CSCOar/temp/10062.manual-deletes # ############################################################## At this point, you should examine the script produced by the upgrade process to make sure that your site is not using any of the old VSAs. In the example above, the script can be found at /opt/CSCOar/temp/10062.manual-deletes. Note The number preceding manual.deletes is produced from the PID of the upgrade process. Modify your configuration and your scripts to use the new names before you attempt to run the script generated by the upgrade process. VSA Update Script The upgrade process builds a script you can use to update VSAs in your system. ############################################################## # # VSAs for the old AR version are not updated # automatically. The upgrade process generated a script # to perform the update. The script is located in: # # /opt/CSCOar/temp/10062.manual-changes # # Review the script to make sure it does not conflict with # any of your VSA changes. Make sure you modify the script, # if necessary, before you attempt to run it. # # To run the update script, type: # # aregcmd -sf /opt/CSCOar/temp/10062.manual-changes # ############################################################## Step 15 Review the script and make sure that the changes it will make do not conflict with any changes you might have made to the VSAs. Modify the script if necessary. Step 16 Record the location of the upgrade messages for future reference. ############################################################## # # These upgrade messages are saved in: # # /opt/CSCOar/temp/10062.upgrade-log # ############################################################## Upgrading Cisco AR Linux Software This section describes the software installation process when installing Cisco Access Registrar 4.0 software on a Linux workstation for the first time. This section includes the following subsections: •Deciding Where to Install •Installing Cisco AR Software from CD-ROM •Common Linux Installation Steps Deciding Where to Install Before you begin the software installation, you should decide where you want to install the new software. The default installation directory for Cisco AR 4.0 software is /opt/CSCOar. You can use the default installation directory, or you can choose to install the Cisco AR software in a different directory. Installing Cisco AR Software from CD-ROM The following steps describe how to begin the software installation process when installing software from the Cisco Access Registrar 4.0 CD-ROM. If you are installing downloaded software, proceed to Installing Downloaded Software. Step 1 Place the Cisco Access Registrar 4.0 software CD-ROM in the Cisco AR workstation CD-ROM drive. Step 2 Log in to the Cisco AR workstation as a root user and find a temporary directory, such as /tmp, to store the Linux installation file. Note The temporary directory requires at least 70 MB of free space. Step 3 Change directory to the CD-ROM. cd /cdrom/cdrom0/kit/linux-2.4 Step 4 Copy the CSCOar-4.0.1-lnx24-install-k9.sh file to the temporary directory. cp CSCOar-4.0.1-lnx24-install-k9.sh /tmp Step 5 Change the permissions of the CSCOar-4.0.1-lnx24-install-k9.sh file to make it executable. chmod 777 CSCOar-4.0.1-lnx24-install-k9.sh To continue the installation, proceed to Common Linux Installation Steps. Common Linux Installation Steps This section describes how to install the downloadedCisco Access Registrar 4.0 software for Linux and begin the software installation. Note The Cisco AR Linux installation automatically installs aregcmd and radclient as setgid programs in group adm. Step 1 Log in to the Cisco AR workstation as a root user. Step 2 Change directory to the location where you have stored the CSCOar-4.0.1-lnx24-rc1-install.sh file. cd /tmp Step 3 Enter the name of the script file to begin the installation: CSCOar-4.0.1-lnx24-install-k9.sh Name : CSCOar Relocations: /opt/CSCOar Version : 4.0.1 Vendor: Cisco Systems, Inc. Release : 1112362579 Build Date: Fri Apr 1 06:46:30 2005 Install date: (not installed) Build Host: sentret.cnslab.cisco.com Summary : Access Registrar, a carrier-class RADIUS server build_tag: [Linux-2.4.20, official] Copyright (C) 1998-2005 by Cisco Systems, Inc. This program contains proprietary and confidential information. All rights reserved except as may be permitted by prior written consent. This package contains the Access Registrar Server and the Access Registrar Configuration Utility. All the Client, Server, and Configuration utilities will be installed. Where do you want to install <CSCOar>? [/opt/CSCOar] [?,q] Step 4 Press Enter to accept the default location of /opt/CSCOar, or enter a different directory to be used as the base installation directory. Access Registrar requires FLEXlm license file to operate. A list of space delimited license files or directories can be supplied as input; license files must have the extension ".lic". Where are the FLEXlm license files located? [/opt/CSCOar/license] [?,q] Step 5 Enter the directory where you have stored the Cisco Access Registrar 4.0 license file. Access Registrar provides a Web GUI. It requires J2RE version 1.4.* to be installed on the server. If you already have a compatible version of J2RE installed, please enter the directory where it is installed. If you do not, the compatible J2RE version can be downloaded from: http://java.sun.com/ Where is the J2RE installed? [] [?,q] The J2RE is required to use the Cisco AR GUI. If you already have a Java 2 platform installed, enter the directory where it is installed. Note If you do not provide the J2RE path, or if the path is empty or unsupported, the installation process exits. If you are not using ORACLE, press Enter/Return to skip this step. ORACLE installation directory is required for ODBC configuration. ORACLE_HOME variable will be set in /etc/init.d/arserver script Where is ORACLE installed? [] [?,q] Step 6 Enter the location where you have installed Oracle, otherwise press Enter. A local database from previous installation of the Access Registrar Server has been detected. It contains: * session information * all server object definitions * local UserLists Do you want to preserve the local database in /opt/CSCOar [y]: [y,n,?,q] y Step 7 Reply Y to preserve the local database. The upgrade procedure needs administrator access to your configuration so that it can upgrade it. Enter an AR administrator username and password: Step 8 Enter the administrator userID and password. User: admin Password: Retype password: Remove old sessions in /opt/CSCOar/data/radius [n]: [y,n,?,q] Step 9 Enter Y to remove old sessions or N to retain old sessions. unpack the rpm file done Preparing... ########################################### [100%] 1:CSCOarui-add ########################################### [100%] Archive: ./jakarta-tomcat-4.0.6.zip creating: /opt/CSCOar/jakarta-tomcat-4.0.6/bin/ inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/bin/bootstrap.jar inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/bin/catalina.bat . . . inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/security-manager-howto.html inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/ssl-howto.html creating: /opt/CSCOar/jakarta-tomcat-4.0.6/work/ Preparing... ########################################### [100%] 1:CSCOar ########################################### [100%] relink arserver # flushing old replication archive # creating initial configuration database Rollforward recovery using "/opt/CSCOar/data/db/vista.tjf" started Thu Apr 14 11:51:29 2005 Rollforward recovery using "/opt/CSCOar/data/db/vista.tjf" finished Thu Apr 14 11:51:29 2005 # add-example-config y JAVA ROOT /nfs/insbu-cnstools/java-linux JAVA_HOME /nfs/insbu-cnstools/java-linux # setting ORACLE_HOME and JAVA_HOME variable in arserver ORACLE_HOME JAVA_HOME /nfs/insbu-cnstools/java-linux set JAVA_HOME calling gen-tomcat /cisco-ar/certs/tomcat/server-cert.pem exists, no action taken. unable to write 'random state' Tomcat private RSA key now resides in /cisco-ar/certs/tomcat/server-key.pem Starting Access Registrar Server Agent..completed. The Radius server is now running. hostname root /tmp### Back-up Copy of Original Configuration The upgrade process displays a message like the following to indicate where a copy of your original configuration has been stored. Note Running the command mcdadmin -coi to import configuration data will cause the Cisco AR 4.0 server to lose all session information. ############################################################### # # A backup copy of your original configuration has been # saved to the file: # # /opt/CSCOar/temp/10062.origconfig-backup # # If you need to restore the original configuration, # enter the following command: # # mcdadmin -coi /opt/CSCOar/temp/10062.origconfig-backup # ############################################################### Removing Old VSA Names The upgrade process provides an analysis of the configuration database, addition of new database elements, and a search for obsolete VSA names. When this is complete, a message like the following is displayed: ############################################################## # # Sometimes VSAs get renamed from version to version of AR. # The upgrade process does not automatically remove the # old names. The upgrade process has generated a script # to remove the old names. The script is located in: # # /opt/CSCOar/temp/10062.manual-deletes # # Review the script to make sure you are not using any of # these old VSAs. Modify your configuration and your # scripts to use the new names before you attempt to run # the script. # # To run the removal script, type: # # aregcmd -sf /opt/CSCOar/temp/10062.manual-deletes # ############################################################## At this point, you should examine the script produced by the upgrade process to make sure that your site is not using any of the old VSAs. In the example above, the script can be found at /opt/CSCOar/temp/10062.manual-deletes. Note The number preceding manual.deletes is produced from the PID of the upgrade process. Modify your configuration and your scripts to use the new names before you attempt to run the script generated by the upgrade process. VSA Update Script The upgrade process builds a script you can use to update VSAs in your system. ############################################################## # # VSAs for the old AR version are not updated # automatically. The upgrade process generated a script # to perform the update. The script is located in: # # /opt/CSCOar/temp/10062.manual-changes # # Review the script to make sure it does not conflict with # any of your VSA changes. Make sure you modify the script, # if necessary, before you attempt to run it. # # To run the update script, type: # # aregcmd -sf /opt/CSCOar/temp/10062.manual-changes # ############################################################## Step 10 Review the script and make sure that the changes it will make do not conflict with any changes you might have made to the VSAs. Modify the script if necessary. Step 11 Record the location of the upgrade messages for future reference. ############################################################## # # These upgrade messages are saved in: # # /opt/CSCOar/temp/10062.upgrade-log # ############################################################## Configuring SNMP If you choose not to use the SNMP features of Cisco Access Registrar, the installation process is completed. To use SNMP features, complete the configuration procedure described in Configuring SNMP. Configuring SNMP If you choose not to use the SNMP features of Cisco Access Registrar, the installation process is completed. To use SNMP features, complete the configuration procedure described in Configuring SNMP, page 4-14. If you have modified the snmpd.conf file in the /cisco-ar/ucd-snmp/share/snmp directory, you must back up this file before doing the upgrade process. The pkgrm removes the snmpd.conf file, even if it has been modified. After installing Cisco AR 4.0 software with pkgadd, you must copy the snmpd.conf file back to the /cisco-ar/ucd-snmp/share/snmp directory. Restart the Cisco AR server using the following command: /etc/init.d/arserver restart Restarting Replication Before you enable replication, you must first upgrade all replication slave servers to the same version of Access Registrar software as the master server. Do not enable replication on the master server until all slave servers have been upgraded. Use the same process you used to upgrade the master server to upgrade any slave servers. If you retained your configuration on the master, retain the configuration on the slaves, too. After the same version of Cisco AR software has been installed on all slave servers, you can enable replication on the master server again. After enabling replication on the master server, you can enable replication on each of the slave servers.
	© 1992-2008 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.