CEPM Install and Config Guide - Installing PDP on Windows [Cisco Policy Administration Point]

Table Of Contents

Installing PDP on Windows

Installing PDP on Windows

To install CEPM V3.3.0.0 PDP on a Windows machine, follow these steps:

Step 1 Complete Steps 1 through 18 in Chapter 3, "Common Installation Steps."

Step 2 Execute the database procedures in the following way:
Table 8-1 Executing DB Procedures
DB Type

Action
Oracle9i
To execute the procedure in Oracle 9i, open any Oracle client (such as SQL Plus, Benthic, Putty etc.) and run the pap.sql and pdp.sql files from the /CEPM-V3.3.0.0/db/scripts/oracle/oracle9i folder.

Example: Open the Oracle Client `SQL Plus' and use the following command to invoke pap.sql in the client:
SQL> @ opt/CEPM-V3.3.0.0/db/scripts/oracle/oracle9i/pap.sql
Oracle (10g/11g)

To execute the procedure in Oracle 10g or 11g, open the Oracle client (use SQL Plus only) and run the pap_wrapped.sql and pdp_wrapped.sql files from the /CEPM-V3.3.0.0/db/scripts/oracle folder.

CEPM highly recommends running Wrapped sqls at the client end. These sqls are masked code which cannot be read normally and can be understood only by Oracle. If you open any _wrapped sqls, you will not find anything in a readable format. These wrapped sqls are supported from Oracle10g onwards. However, if you use Oracle9i, you can run regular sqls.

MSSQL (2000/2005)

To execute the procedure in MS SQL Server, open the MS SQL client and run the pap.sql and pdp.sql file from /CEPM-V3.3.0.0/db/scripts/mssql folder. For MSSQL 2000, these scripts are available in /CEPM-V3.3.0.0/db/scripts/mssql/mssql2000 folder.

It is recommended to run these scripts in MSSQL Query Analyzer, because executing these scripts through SQLCMD might not compile all the functions and procedures.

DB2

To execute the procedure in DB2, open the DB2 client and run the pap.sql and pdp.sql files from the .../CEPM-V3.3.0.0/db/scripts/DB2 folder.

Refer to Chapter 12, "Running CEPM Scripts in DB2 Client"for more information about how to run the pap.sql and pdp.sql scripts in DB2.
Note If you are not using a shared repository, run dbutility.sql to enable JMS DB sync. Before running these files, you must update the pap_config.xml and pdp_config files to give effect to the PAP PDP database separation. Refer to Chapter 11, "JMS Configuration for PAP-PDP Database Separation" to know how the <jms> tags of these files are updated.

Step 3 Deploy the PDP WAR files by starting the application server using one of the following methods:

•Prepackaged Tomcat:

If you are using a prepackaged Tomcat application server, WAR files are deployed during above installation steps. WAR files are copied in .../CEPM-V3.3.0.0/external/apache-tomcat-5.5.17/webapps directory. Thus, no separate deployment is required. You can directly start the CEPM using the startcepmgui.bat file from .../CEPM-V3.3.0.0/bin folder.

Note CEPM is set by default to use the identical ports (8080 and 8005). This may cause conflict when any other process uses these ports. To change the port numbers for Cisco, modify the Server SHUTDOWN port number and the CONNECTOR port number in the server.xml file located in the CEPM-V3.3.0.0/external/apache-tomcat-5.5.17/conf folder.

Note You can also enable an SSL HTTP/1.1 Connector on port 8443 in the server.xml file. Refer to Chapter 18, "SSL Configuration" to know how to configure SSL in CEPM.

•External Tomcat:

–Edit the Tomcat_home/bin/catalina.bat file by appending the JAVA_OPTS variable with -DCEPM_HOME=<folder path of CEPM-V3.3.0.0>

–Copy the pdp.war file from the dist folder to the application folder and deploy these files.

–Start the server.

•WebLogic:

If you are using the BEA WebLogic Server:

–Edit the startWebLogic.cmd file from $BEA_HOME/User_Projects/Domains/<Domain Name>/bin folder by adding the following parameter after %JAVA_OPTIONS% (after every occurance) under @REM START WEBLOGIC section
-DCEPM_HOME=USER_INSTALL_DIR 
For example, -DCEPM_HOME=C:/CEPM-V3.3.0.0

–Open config.xml file from $BEA_HOME/user_projects/domains/DOMAIN_NAME/config folder and add the following tag under <security-configuration> tag:
<enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>
–Copy the pdp.war file from .../CEPM-V3.3.0.0/dist folder to $BEA_HOME/User_Projects/Domains/<Domain Name>/Application folder.

–Open the WebLogic console in your web browser and deploy the pdp.war files. (Refer to "Deployment of .war File in WebLogic 9.2/10" section on page 19-1.)

–Start the server.

•WebSphere 6.1:

If you are using WebSphere, start the server by running the startServer.bat file from the ../WebSphere/AppServer/bin folder and follow these deployment instructions:

–Login to WebSphere administrative console.

–Choose Servers > Application Servers.

–Click the name of the server link. Ex: Server1

–On the Configuration tab, in the Server Infrastructure section, select Java and Process Management and Process Definition.

–On the Process Definition page, select Java Virtual Machine from Additional Properties.

–In the Java Virtual Machine, select Custom Properties from Additional Properties

–In the Customer Properties, click New.

–In the Configuration tab, specify the name, value, and description.

Ex: Name: CEPM_HOME

Value: .../CEPM-V3.3.0.0

Description: Not mandatory

–Restart the WebSphere server

–Deploy the pdp.war file. (Refer to Deployment of .war File in WebLogic 9.2/10, page 19-1.)

This process installs PDP on your system.

If the server throws any exception at this stage, see Chapter 15, "Troubleshooting CEPM Installation."

Step 4 Licensing Info: As per the licensing agreement you are subjected to use the application with a limited validity period. Refer to Chapter 14, "Updating CEPM License" if the validity period is lapsed.

Step 5 Verify whether the PAP and PDP are installed successfully. See Chapter 13, "Verifying PAP-PDP Installation."

For further information on using the administration console, see the Cisco Enterprise Policy Manager Quick Start Guide or the Cisco Enterprise Policy Manager User Guide.