Document ID Title:

vengefulsantaclausElectronics - Devices

Nov 25, 2013 (3 years and 9 months ago)

279 views

Document ID
:


TEC586443


Title:

Scenario: How to Configure a New CA EEM Instance with Existing CA Workload
Automation AE Security Policies


1.0 Introduction


2.0 How to Configure

a New CA EEM Instance with Existing CA Workload Automation
AE Security Policies


2.1 Register the Product in the Target CA EEM Instance Using as_saf
etool


2.2 Create Security Certificates Using autosys_secure


2.3 Deregister the Product in the Source CA EEM Instance Using CA EEM


2.4 Deregister the Product in the Source CA EEM Instance Using as_safetool


3.0 Copyright


1.0 Introduction

Product:
CA Workload Automation

Release: 11.3.5

This scenario describes how an administrator configures a new instance of CA EEM using
existing CA Workload Automation AE security policies.

This Knowledge Base Article constitutes a portion of the official
CA product documentation

for
this CA product. This Knowledge Base Article is subject to the following
notices
, terms and
conditions.

2.0 How to Configure a New CA EEM Instance with Existing CA Workload Automation
AE Security Policies

As an administra
tor, you sometimes operate in CA EEM enabled environments where CA EEM
does not use high availability, so you keep a backup CA EEM server on standby. You can
minimize downtime by configuring the backup CA EEM instance to use existing CA Workload
Automation

AE security policies. To configure the backup server to use the existing policies,
replicate the security policies to the backup CA EEM server by importing the XML file that
contains the up
-
to
-
date policies.

Importing existing CA Workload Automation AE s
ecurity policies to a new CA EEM instance is
also useful in the following situations:



You need to replace your CA EEM instance with another physical server. For example,
when your environment outgrows the hardware capabilities of the existing CA EEM server

and you need to configure a freshly added server as your CA EEM instance.



You need to reset security policies to their default values when you revert to a fresh instance
from a test environment.

As a prerequisite, you must have an up
-
to
-
date XML file co
ntaining the CA EEM security
policies for each CA Workload Automation AE instance.

The following scenario walks you through the process of restoring your CA Workload
Automation AE security policies into a new CA EEM server instance.

The following diagram
illustrates how you can configure a new CA EEM instance with existing
CA Workload Automation AE security policies:


To configure a new CA EEM instance with existing CA Workload Automation AE security
policies, follow these steps:

1.

Register your CA Wo
rkload Automation AE instance in the target CA EEM instance
.

2.

Create new certificate files for your CA Workload Automation AE instance
.

3.

Deregister your CA Workload Automation AE instance in the source CA EEM instance
using one of the following methods:

o

CA EEM


o

as_safetool utility


After you have completed these t
asks, you can remove the intermediate XML files created
during the process.

2.1 Register the Product in the Target CA EEM Instance Using as_safetool

The CA Workload Automation AE as_safetool command is used to register CA Workload
Automation AE instances i
n the CA EEM instance. You must use as_safetool to register new CA
Workload Automation AE Release 11.3.5 instances in the CA EEM instance; it cannot be done
using safex. The as_safetool command is also used to complete the migration process by
upgrading th
e WorkloadAutomationAE application instance from a previous release to Release
11.3.5. If you are using as_safetool to upgrade the WorkloadAutomationAE application instance
to the current release, you only need to register one of the instance names that ar
e represented in
the previous release of the WorkloadAutomationAE application instance.

Note:

Before performing this task, you must use the setenv or export command to set the
ASSAFETOOLPW environment variable to the password of the EiamAdmin

user, the CA EEM
server administrative account. For example, export ASSAFETOOLPW=mypass.

To register a CA Workload Automation AE instance with the CA EEM instance

1.

Open a CA Workload Automation AE command prompt.

2.

Enter the following command:

3.

as_safetool

-
b
EEM_server_host_name

-
s

A list of CA Workload Automation AE instances that are already registered with the CA
EEM server appear.

4.

Enter the following command for the instance that should be added to that list:

5.

as_safetool
-
b
EEM_server_host_name

-
i
in
stance

The CA Workload Automation AE instance is registered in the target CA EEM instance.

Note:

The as_safetool command installs some default CA EEM policies for each CA Workload
Automation AE instance. We recommend that you review these policies and upda
te them
accordingly.

2.2 Create Security Certificates Using autosys_secure

To finalize the registration of your CA Workload Automation AE instance with a CA EEM
instance, you must create new security certificates for CA Workload Automation AE. This is
done

using the autosys_secure utility.

To create new security certificates for your CA Workload Automation AE instance

1.

Log on to CA Workload Automation AE as the EDIT superuser

and enter the following
command at the UNIX operating system prompt or the Windows instance command
prompt:

2.

autosys_secure

The following menu appears:

Please select from the following options:

[1] Activate EEM instance security.

[2] Manage EDIT/EXEC supe
rusers.

[3] Change database password.

[4] Change remote authentication method.

[5] Manage user@host users.

[6] Get Encrypted Password.

[0] Exit CA WAAE Security Utility.

3.

Enter 1 and press the Enter key.

4.

Enter the CA EEM server details when prompted.

The
security certificates are created, and the following message is displayed:

CAUAJM_I_60201 EEM instance security successfully set.

2.3 Deregister the Product in the Source CA EEM Instance Using CA EEM

To use the target CA EEM server for authentication, you
have to deregister the product in the
source CA EEM instance.

To deregister the product using CA EEM

1.

Open a browser and go to the following URL:

2.

http://
EEM_servername
:5250/spin/eiam

o

EEM_servername


Specifies the IP address or host name of the computer on
which CA EEM is installed.

3.

The CA EEM login page appears.

4.

Select Global from the Application drop
-
down list, enter the name of a CA EEM
administrative user in the User Name field, enter the corresponding password in the
Password field, and click Log In.

T
he CA EEM web interface opens. The Home tab is displayed by default.

5.

Select the Configure tab.

Multiple links are displayed, with the Applications link selected by default.

6.

Do one of the following:

o

For CA Workload Automation AE, select
WorkloadAutomationAE.

o

For CA WCC, select WCC0004.

The Application Instance options are displayed in the right pane.

7.

Click Unregister.

The selected product is deregistered in the source CA EEM instance.

2.4 Deregister the Product in the Source CA EEM Ins
tance Using as_safetool

To use the target CA EEM server for authentication, you have to deregister the product in the
source CA EEM instance.

Note:

Before performing this task, you must use the setenv

or export command to set the
ASSAFETOOLPW environment variable to the password of the EiamAdmin user, the CA EEM
server administrative account. For example, export ASSAFETOOLPW=mypass.

To deregister a CA Workload Automation AE instance with the CA EEM ins
tance

1.

Open a CA Workload Automation AE command prompt.

2.

Enter the following command:

3.

as_safetool
-
b
EEM_server_host_name

-
s

A list of CA Workload Automation AE instances that are already registered with the CA
EEM server appear.

4.

Enter the following command for the instance that should be removed from that list:

5.

as_safetool
-
b
EEM_server_host_name

-
u
instance

6.

(Optional) Repeat Step 3 for any other CA Workload Automation AE instances you need
to deregister. When you have deregister
ed all CA Workload Automation AE instances, the
product is automatically deregistered in the source CA EEM instance.

The CA Workload Automation AE instance or instances are deregistered in the source CA EEM
instance.

3.0 Copyright

This Documentation, whic
h includes embedded help systems and electronically distributed
materials, (hereinafter referred to as the "Documentation") is for your informational purposes
only and is subject to change or withdrawal by CA at any time.

This Documentation may not be copi
ed, transferred, reproduced, disclosed, modified or
duplicated, in whole or in part, without the prior written consent of CA. This Documentation is
confidential and proprietary information of CA and may not be disclosed by you or used for any
purpose other

than as may be permitted in (i) a separate agreement between you and CA
governing your use of the CA software to which the Documentation relates; or (ii) a separate
confidentiality agreement between you and CA.

Notwithstanding the foregoing, if you are a

licensed user of the software product(s) addressed in
the Documentation, you may print or otherwise make available a reasonable number of copies of
the Documentation for internal use by you and your employees in connection with that software,
provided tha
t all CA copyright notices and legends are affixed to each reproduced copy.

The right to print or otherwise make available copies of the Documentation is limited to the
period during which the applicable license for such software remains in full force and

effect.
Should the license terminate for any reason, it is your responsibility to certify in writing to CA
that all copies and partial copies of the Documentation have been returned to CA or destroyed.

TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA
PROVIDES THIS
DOCUMENTATION "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING
WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. IN NO EVENT
WILL CA BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY

LOSS OR DAMAGE,
DIRECT OR INDIRECT, FROM THE USE OF THIS DOCUMENTATION, INCLUDING
WITHOUT LIMITATION, LOST PROFITS, LOST INVESTMENT, BUSINESS
INTERRUPTION, GOODWILL, OR LOST DATA, EVEN IF CA IS EXPRESSLY ADVISED
IN ADVANCE OF THE POSSIBILITY OF SUCH LOSS
OR DAMAGE.

The use of any software product referenced in the Documentation is governed by the applicable
license agreement and such license agreement is not modified in any way by the terms of this
notice.

The manufacturer of this Documentation is CA.

Pro
vided with "Restricted Rights." Use, duplication or disclosure by the United States
Government is subject to the restrictions set forth in FAR Sections 12.212, 52.227
-
14, and
52.227
-
19(c)(1)
-

(2) and DFARS Section 252.227
-
7014(b)(3), as applicable, or the
ir successors.

Copyright © 2012 CA. All rights reserved. All trademarks, trade names, service marks, and
logos referenced herein belong to their respective companies.