Creating an administrator for the Bandwidth Manager application

Finish setting up security by enabling access to the Common Object Request Broker Architecture (CORBA) name service for all service groups, creating an IBM® Sametime® Bandwidth Manager administrator, and adding the administrator to all security roles.

About this task

Follow these steps to set up administrative security and create an administrator account for the Sametime Bandwidth Manager application. The Bandwidth Manager administrator account is separate from the WebSphere® administrator.

Procedure

  1. On the server where Sametime Bandwidth Manager is installed, log in to the Integrated Solutions Console as the WebSphere administrator.
  2. Disable Java 2 security on local resources:
    1. In the navigation tree, click Security > Global security.
    2. In the "Java 2 security" section, deselect the option Use Java 2 security to restrict application access to local resources.
    3. Click Apply, and then click Save in the Messages box at the beginning of the page.
  3. Enable access to the CORBA name service for all service groups:
    1. In the navigation tree, click Environment > Naming > CORBA Naming service groups.
    2. In the service groups table, click the EVERYONE link.
    3. In the "General Properties" section, add the following Roles by clicking within the list and then using Shift+click to add each role until all are selected:
      • Cos Naming Read
      • Cos Naming Write
      • Cos Naming Create
      • Cos Naming Delete

      A selected role appears highlighted.

      Use Shift+click to select all CORBA group roles at once.
    4. Click Apply, and then click Save in the "Messages" box at the beginning of the page.
  4. Create a new user as the Sametime Bandwidth Manager administrator.

    This user should not be listed in the LDAP directory, and is not the same as the WebSphere Application Server administrator.

    1. In the navigation tree, click Users and Groups > Manage Users.
    2. Click the Create button at the beginning of the users table.
    3. Fill in information for the new administrator:
      • User ID
      • First name
      • Last name
      • Password
      • Confirm password
    4. Click the Create button at the end of the page to generate the new account. Enable administrative security when you are prompted to do so.
    5. When the message The user was created successfully appears, click the Close button.
  5. Now add the new administrator to all security roles:
    1. In the navigation tree, click Users and Groups > Administrative user roles.
    2. Click Add at the beginning of the roles table.
    3. In the "Roles" list at the beginning of the page, use Shift+click to add each role until all are selected.
      Tip: Only the "All Authenticated Users" is required but you should select all roles to ensure that the new administrator has full access to the Bandwidth Manager application.
    4. In the "Search and Select Users" section of the page, click the Search button that follows the Search string field.

      The search results appear in the "Available" list that follows the field.

    5. Select the administrator you created earlier, and click the Add button (the right-arrow button) to add that user to the "Mapped to role" list.
      Adding a user to the Mapped list
    6. Click OK, and then click Save in the Messages box at the beginning of the page.
  6. Stop and restart the IBM WebSphere Application Server:
    1. Open a command window.
    2. Change to the profile directory of the WebSphere Application Server hosting the Bandwidth Manager.
    3. Run the following commands:

      Supply your WebSphere administrative credentials when stopping the server. Be sure the server has fully stopped before starting it again.

      Linux
      ./stopServer.sh server1 -username was_admin_user -password was_admin_password
./startServer.sh server1
      Microsoft Windows
      stopServer.bat server1 -username was_admin_user -password was_admin_password
startServer.bat server1