Tivoli® IBM

Tivoli

Privacy

Manager

for

e-business

Release

Notes

Version

1.2.2

GI11-4200-01

���

Tivoli® IBM

Tivoli

Privacy

Manager

for

e-business

Release

Notes

Version

1.2.2

GI11-4200-01

���

Note:

Before

using

this

information

and

the

product

it

supports,

read

the

information

in

Appendix

B,

“Notices,”

on

page

135.

First

Edition

(April

2004)

This

edition

applies

to

version

1.2.2

of

IBM

Tivoli

Privacy

Manager

(5724–C07)

and

to

all

subsequent

releases

and

modifications

until

otherwise

indicated

in

new

editions.

©

Copyright

International

Business

Machines

Corporation

2002,

2004.

All

rights

reserved.

US

Government

Users

Restricted

Rights

–

Use,

duplication

or

disclosure

restricted

by

GSA

ADP

Schedule

Contract

with

IBM

Corp.

Contents

Preface

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. v

Who

should

read

these

release

notes

.

.

.

.

.

. v

Publications

.

.

.

.

.

.

.

.

.

.

.

.

.

. v

Tivoli

Privacy

Manager

Version

1.2

publications

. v

Related

publications

.

.

.

.

.

.

.

.

.

. vi

Accessing

publications

online

.

.

.

.

.

.

. vi

Conventions

used

in

this

book

.

.

.

.

.

.

.

. vi

Typeface

conventions

.

.

.

.

.

.

.

.

.

. vii

Release

notes

.

.

.

.

.

.

.

.

.

.

. 1

Chapter

1.

About

this

release

.

.

.

.

. 3

New

in

this

release

.

.

.

.

.

.

.

.

.

.

.

. 3

New

console

tasks

.

.

.

.

.

.

.

.

.

.

. 3

New

productivity

tools

.

.

.

.

.

.

.

.

.

. 3

Extended

product

scope

.

.

.

.

.

.

.

.

. 4

Backward

compatibility

.

.

.

.

.

.

.

.

.

.

. 4

Installation

and

setup

.

.

.

.

.

.

.

. 5

Chapter

2.

Installing

Tivoli

Privacy

Manager

.

.

.

.

.

.

.

.

.

.

.

.

.

. 7

Installation

overview

.

.

.

.

.

.

.

.

.

.

. 7

Tivoli

Privacy

Manager

server

installation

overview

.

.

.

.

.

.

.

.

.

.

.

.

.

. 7

Tivoli

Privacy

Manager

LDAP

monitor

installation

overview

.

.

.

.

.

.

.

.

.

.

.

.

.

. 8

Tivoli

Privacy

Manager

SDK

installation

overview

8

Tivoli

Privacy

Manager

tools

overview

.

.

.

. 8

Installation

procedures

.

.

.

.

.

.

.

.

.

.

. 9

Results

of

the

installation

.

.

.

.

.

.

.

.

.

. 10

Troubleshooting

installation

problems

.

.

.

.

. 11

Chapter

3.

Setting

up

the

Tivoli

Privacy

Manager

server

.

.

.

.

.

.

.

.

.

.

. 13

Creating

the

Tivoli

Privacy

Manager

database

.

.

. 13

Creating

a

DB2

database

.

.

.

.

.

.

.

.

. 13

Creating

an

Oracle

database

.

.

.

.

.

.

.

. 16

Setting

up

WebSphere

Application

Server

.

.

.

. 19

Setup

procedures

using

WebSphere

Application

Server

4.x

.

.

.

.

.

.

.

.

.

.

.

.

.

. 20

Setup

procedures

using

WebSphere

Application

Server

5.x

.

.

.

.

.

.

.

.

.

.

.

.

.

. 24

Deploying

Tivoli

Privacy

Manager

into

the

WebSphere

Application

Server

environment

.

.

. 28

Deployment

instructions

for

WebSphere

Application

Server

4.x

.

.

.

.

.

.

.

.

.

. 29

Deployment

instructions

for

WebSphere

Application

Server

5.x

.

.

.

.

.

.

.

.

.

. 31

Compiling

the

Java

server

pages

.

.

.

.

.

.

. 34

Compiling

the

JSPs

in

WebSphere

Application

Server

4.x

.

.

.

.

.

.

.

.

.

.

.

.

.

. 34

Compiling

the

JSPs

in

WebSphere

Application

Server

5.x

.

.

.

.

.

.

.

.

.

.

.

.

.

. 35

Starting

the

Tivoli

Privacy

Manager

enterprise

application

.

.

.

.

.

.

.

.

.

.

.

.

.

. 35

Configuring

Tivoli

Access

Manager

.

.

.

.

.

. 36

Configuring

the

Java

Runtime

Environment

.

. 36

Configuring

the

Tivoli

Access

Manager

environment

.

.

.

.

.

.

.

.

.

.

.

.

. 37

Enabling

language

support

.

.

.

.

.

.

.

.

. 37

Language

support

in

a

clustered

environment

.

. 38

Chapter

4.

Migration

.

.

.

.

.

.

.

.

. 39

Migrating

using

WebSphere

Application

Server

4.x

39

Migrating

using

WebSphere

Application

Server

5.x

39

Migrating

the

command

line

report

tool

.

.

.

.

. 40

Chapter

5.

Setting

up

the

LDAP

monitor

.

.

.

.

.

.

.

.

.

.

.

.

.

. 41

LDAP

storage

system

data

.

.

.

.

.

.

.

.

. 41

Creating

the

directory

information

tree

index

.

. 42

Filtering

.

.

.

.

.

.

.

.

.

.

.

.

.

. 42

Master

key

.

.

.

.

.

.

.

.

.

.

.

.

. 42

Configuring

the

LDAP

Monitor

.

.

.

.

.

.

.

. 42

Configuring

the

communication

protocol

.

.

. 43

Configuring

WebSphere

security

.

.

.

.

.

. 45

Updating

the

LDAP

monitor

properties

.

.

.

. 46

Starting

the

LDAP

monitor

.

.

.

.

.

.

.

.

. 51

Deploying

the

LDAP

monitor

.

.

.

.

.

.

.

. 52

Monitor

administration

.

.

.

.

.

.

.

.

. 53

Classifying

storage

locations

.

.

.

.

.

.

.

. 53

Chapter

6.

Uninstalling

IBM

Tivoli

Privacy

Manager

.

.

.

.

.

.

.

.

.

. 55

Removing

the

language

pack

.

.

.

.

.

.

.

. 55

Removing

from

Windows

.

.

.

.

.

.

.

. 55

Removing

from

AIX

and

Sun

Solaris

.

.

.

.

. 55

Removing

an

enterprise

application

from

the

WebSphere

Application

Server

.

.

.

.

.

.

.

. 55

Uninstall

procedures

using

WebSphere

Application

Server

4.x

.

.

.

.

.

.

.

.

.

. 56

Uninstall

procedures

using

WebSphere

Application

Server

5.x

.

.

.

.

.

.

.

.

.

. 56

Removing

directories

that

were

not

removed

by

the

uninstall

program

.

.

.

.

.

.

.

.

.

. 56

Removing

the

product

code

.

.

.

.

.

.

.

.

. 57

Removing

from

Windows

.

.

.

.

.

.

.

. 57

Removing

from

AIX,

Linux,

and

Sun

Solaris

.

. 57

Deleting

product

directories

.

.

.

.

.

.

.

.

. 58

Troubleshooting

problems

when

uninstalling

.

.

. 58

Product

enhancements

.

.

.

.

.

. 59

Chapter

7.

Creating

a

Data

User

Access

Report

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 61

©

Copyright

IBM

Corp.

2002,

2004

iii

Chapter

8.

Managing

database

storage

consumption

.

.

.

.

.

.

.

.

.

.

.

. 63

Controlling

the

generation

of

audit

records

.

.

.

. 63

Setting

auditing

for

a

monitor

.

.

.

.

.

.

.

. 66

Setting

auditing

for

a

storage

location

.

.

.

.

. 66

Setting

conformance-check

auditing

for

a

policy

.

. 67

Setting

conformance-check

auditing

for

a

policy

statement

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 68

Designing

a

custom

monitor

to

support

selective

auditing

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 68

Reference

monitor

API

changes

.

.

.

.

.

.

. 68

Privacy

server

adapter

Java

API

changes

.

.

. 69

Chapter

9.

Managing

Tivoli

Privacy

Manager

data

with

archiving

utilities

.

. 71

Archiving

access

records

.

.

.

.

.

.

.

.

.

. 72

Requirements

for

using

the

archiving

tool

.

.

. 73

Limitations

and

guidelines

for

using

the

archiving

tool

.

.

.

.

.

.

.

.

.

.

.

.

. 73

Running

the

archiving

tool

.

.

.

.

.

.

.

. 74

Output

of

the

archiving

tool

.

.

.

.

.

.

.

. 79

XML

file

format

.

.

.

.

.

.

.

.

.

.

.

. 79

Creating

access

record

filters

.

.

.

.

.

.

.

.

. 83

Requirements

for

using

the

filtering

tool

.

.

.

. 84

Limitations

of

the

filtering

tool

.

.

.

.

.

.

. 84

Running

the

filtering

tool

.

.

.

.

.

.

.

.

. 84

Output

of

the

filtering

tool

.

.

.

.

.

.

.

. 90

Formatting

archived

access

records

for

viewing

and

reporting

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 92

Requirements

for

using

the

reporting

tool

.

.

. 92

Limitations

of

the

reporting

tool

.

.

.

.

.

. 92

Running

the

reporting

tool

.

.

.

.

.

.

.

. 92

Viewing

the

reporting

tool

output

.

.

.

.

.

. 94

Creating

additional

scripts

.

.

.

.

.

.

.

. 97

Chapter

10.

Testing

policy

data

before

deployment

into

production

.

.

.

.

. 99

Terms

used

in

this

chapter

.

.

.

.

.

.

.

.

. 99

How

the

update

production

tool

works

.

.

.

. 100

Update

production

tool

components

.

.

.

.

.

. 101

Requirements

for

using

the

update

production

tool

102

Limitations

and

recommendations

for

using

the

tool

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 103

Preparing

to

use

the

update

production

tool

.

.

. 103

Setting

up

the

production

environment

.

.

.

. 103

Setting

up

the

test

environment

.

.

.

.

.

. 104

Processing

test

environment

data

.

.

.

.

.

.

. 105

Running

the

update

production

tool

.

.

.

.

.

. 108

Specifying

the

database

properties

file

.

.

.

. 108

Update

production

tool

parameters

.

.

.

.

. 108

Sample

shell

file

for

UNIX

platforms

.

.

.

. 109

Sample

batch

file

for

Windows

platforms

.

.

.

. 110

Removing

the

update

production

tool

.

.

.

.

. 111

Problem

determination

.

.

.

.

.

.

.

.

.

. 111

Logging

messages

.

.

.

.

.

.

.

.

.

.

. 111

Known

problems

and

corrective

actions

.

.

. 111

Chapter

11.

Running

Tivoli

Privacy

Manager

monitors

on

IBM

z/OS

.

.

.

. 113

Software

prerequisites

.

.

.

.

.

.

.

.

.

. 113

IBM

Java

runtime

version

1.3

.

.

.

.

.

.

. 113

WebSphere

Application

Server

for

z/OS

.

.

. 114

WebSphere

Application

Server

for

other

platforms

.

.

.

.

.

.

.

.

.

.

.

.

.

. 114

Interoperability

workarounds

for

the

WebSphere

Application

Server

.

.

.

.

.

.

.

.

.

.

. 115

Monitor

development

.

.

.

.

.

.

.

.

.

.

. 116

Runtime

setup

.

.

.

.

.

.

.

.

.

.

.

.

. 117

Copying

runtime

Java

and

properties

files

to

z/OS

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 117

Customizing

properties

files

.

.

.

.

.

.

. 118

Setting

up

environment

properties

.

.

.

.

. 119

Setting

up

Java

command

line

properties

.

.

. 120

Defining

the

virtual-memory

address

space

.

. 121

Launching

the

monitor

JVM

.

.

.

.

.

.

. 123

Sample

shell

script

.

.

.

.

.

.

.

.

.

. 123

Security

considerations

.

.

.

.

.

.

.

.

.

. 124

Setting

up

basic

authentication

.

.

.

.

.

. 124

Character

encoding

considerations

.

.

.

.

. 124

Customizing

sas.client.props

.

.

.

.

.

.

. 125

Debugging

information

.

.

.

.

.

.

.

.

.

. 126

Enabling

reference

monitor

level

tracing

.

.

. 126

Enabling

low-level

tracing

.

.

.

.

.

.

.

. 126

Chapter

12.

Creating

and

using

a

customer-defined

authorization

service

plug-in

.

.

.

.

.

.

.

.

.

.

. 127

Programming

restrictions

.

.

.

.

.

.

.

.

. 127

Programming

guidelines

.

.

.

.

.

.

.

.

. 127

Configuring

the

environment

to

use

a

custom

plug-in

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 128

Authorization

service

plug-in

APIs

.

.

.

.

.

. 130

Appendix

A.

Known

problems

and

workarounds

.

.

.

.

.

.

.

.

.

.

. 133

Limitations

.

.

.

.

.

.

.

.

.

.

.

.

.

. 133

Unable

to

establish

connection

to

an

Oracle

database

server

.

.

.

.

.

.

.

.

.

.

.

. 133

Enabling

large

file

system

support

on

the

archiving

tool

command

not

supported

.

.

.

. 133

Known

problems

and

workarounds

.

.

.

.

.

. 133

Files

not

removed

during

uninstallation

.

.

. 133

Unrecoverable

error

received

for

production

database

.

.

.

.

.

.

.

.

.

.

.

.

.

. 134

Contacting

software

support

.

.

.

.

.

.

.

. 134

Appendix

B.

Notices

.

.

.

.

.

.

.

. 135

Trademarks

.

.

.

.

.

.

.

.

.

.

.

.

.

. 136

Index

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 139

iv

IBM

Tivoli

IBM

Tivoli

Privacy

Manager

for

e-business:

Release

Notes

Preface

The

IBM®

Tivoli®

Privacy

Manager

Version

1.2.2

Release

Notes

describes:

v

How

to

install

this

fix

pack

(IBM

Tivoli

Privacy

Manager

Version

1.2.2

fix

pack)

v

How

to

configure

and

use

the

utilities

included

in

this

fix

pack

Who

should

read

these

release

notes

This

document

is

written

for:

v

System

integrators

who

have

integrated

Tivoli

Privacy

Manager

into

an

enterprise

environment

and

who

are

responsible

for

maintaining

and

upgrading

Tivoli

Privacy

Manager

v

System

administrators

who

are

responsible

for:

–

Managing

the

operating

environment

of

IBM

Tivoli

Privacy

Manager

Version

1.2.

The

individuals

must

ensure

that

system

and

network

resources

are

appropriately

allocated

for

mission-critical

applications.

–

Implementing

and

running

various

utilities

to

manage

system

resources

used

by

Tivoli

Privacy

Managerv

IT

professionals

responsible

for

establishing

and

implementing

privacy

policy

in

an

enterprise

environment

Readers

need

a

working

knowledge

of

the

following

products:

v

IBM

Tivoli

Privacy

Manager

v

IBM

DB2

Universal

Database™

Publications

This

section

describes

publications

in

the

Tivoli

Privacy

Manager

library

and

prerequisite

publications.

After

you

determine

the

publications

you

need,

refer

to

the

instructions

for

accessing

publications

online.

Tivoli

Privacy

Manager

Version

1.2

publications

These

release

notes

describe

utilities

that

increase

or

extend

the

functions

of

Tivoli

Privacy

Manager

Version

1.2.

The

following

publications

comprise

the

Tivoli

Privacy

Manager

Version

1.2

library:

v

IBM

Tivoli

Privacy

Manager

for

e-business

Release

Notes,

GI11–4200.

Provides

information

on

obtaining

required

fixes

and

APARs,

and

describes

updates,

corrections,

amendments,

and

workarounds

for

tasks

and

topics

described

in

the

Tivoli

Privacy

Manager

library.

v

IBM

Tivoli

Privacy

Manager

for

e-business

Prerequisites

Installation

Guide,

SC32–1375

Provides

information

on

installing

the

IBM

products

used

by

Tivoli

Privacy

Manager.

v

IBM

Tivoli

Privacy

Manager

for

e-business

Planning

Guide,

SC32–1284.

Provides

information

on

planning

for

the

installation,

operation,

and

administration

of

Tivoli

Privacy

Manager.

v

IBM

Tivoli

Privacy

Manager

for

e-business

Installation

Guide,

SC32–1123.

Provides

information

on

installing

and

configuring

Tivoli

Privacy

Manager.

v

IBM

Tivoli

Privacy

Manager

for

e-business

User’s

Guide,

SC32–1285.

©

Copyright

IBM

Corp.

2002,

2004

v

Provides

information

on

creating

and

deploying

privacy

policies

and

on

operating

Tivoli

Privacy

Manager.

v

IBM

Tivoli

Privacy

Manager

for

e-business

Monitor

Developer’s

Guide,

SC32–1286.

Provides

information

about

the

application

programming

interface

(API)

system

programmers

can

use

to

create

a

monitor.

v

IBM

Tivoli

Privacy

Manager

for

e-business

Problem

Determination

Guide,

SC32–1287.

Provides

information

on

diagnosing

and

solving

problems

with

Tivoli

Privacy

Manager.

Product

messages

are

also

included.

Related

publications

Information

related

to

Tivoli

Privacy

Manager

is

available

in

the

following

publications:

v

IBM

Tivoli

Access

Manager

for

e-business

The

documents

required

to

support

IBM

Tivoli

Access

Manager

for

e-business

are

available

at:

http://publib.boulder.ibm.com/tividd/td/tdprodlist.html

v

IBM

Universal

DB2®

Enterprise

Edition

The

documents

required

to

support

DB2

are

available

at:

http://www.ibm.com/software/data/pubs

v

IBM

WebSphere®

Application

Server

Access

publications

for

this

product

at:

http://www.ibm.com/software/webservers/appserv/library.html

v

IBM

HTTP

Server

Access

publications

for

this

product

at:

http://www.ibm.com/software/webservers/httpservers/library.html

v

The

Tivoli

software

library

provides

links

to

a

variety

of

Tivoli

publications

such

as

white

papers,

datasheets,

demonstrations,

redbooks,

and

announcement

letters.

The

Tivoli

software

library

is

available

on

the

Web

at:

http://www.ibm.com/software/tivoli/library/

v

The

Tivoli

Software

Glossary

includes

definitions

for

many

of

the

technical

terms

related

to

Tivoli

software.

The

Tivoli

Software

Glossary

is

available,

in

English

only,

at

the

following

Web

site:

http://publib.boulder.ibm.com/tividd/glossary/termsmst04.htm

Accessing

publications

online

The

publications

for

this

library

are

available

online

in

Portable

Document

Format

(PDF)

or

Hypertext

Markup

Language

(HTML)

format,

or

both

at

the

Tivoli

Information

Center:

http://publib.boulder.ibm.com/tividd/td/tdprodlist.html

Information

is

organized

by

product

and

includes

release

notes,

installation

guides,

user’s

guides,

administrator’s

guides,

and

developer’s

references.

Note:

To

ensure

proper

printing

of

PDF

publications,

select

the

Fit

to

page

check

box

in

the

Adobe

Acrobat

Print

window

(which

is

available

when

you

click

File

→Print).

Conventions

used

in

this

book

This

reference

uses

several

conventions

for

special

terms

and

actions

and

for

operating

system-dependent

commands

and

paths.

vi

IBM

Tivoli

IBM

Tivoli

Privacy

Manager

for

e-business:

Release

Notes

http://publib.boulder.ibm.com/tividd/td/tdprodlist.htmlhttp://www.ibm.com/software/data/db2http://www.ibm.com/software/webservers/appserv/library.htmlhttp://www-3.ibm.com/software/webservers/httpservers/library.htmlhttp://www.ibm.com/software/tivoli/library/http://publib.boulder.ibm.com/tividd/glossary/termsmst04.htmhttp://publib.boulder.ibm.com/tividd/td/tdprodlist.html

Typeface

conventions

The

following

typeface

conventions

are

used

in

this

reference:

Bold

Lowercase

commands

or

mixed

case

commands

that

are

difficult

to

distinguish

from

surrounding

text,

keywords,

parameters,

options,

names

of

Java™

classes,

and

objects

are

in

bold.

Italic

Variables,

titles

of

publications,

and

special

words

or

phrases

that

are

emphasized

are

in

italic.

Monospace

Code

examples,

command

lines,

screen

output,

file

and

directory

names

that

are

difficult

to

distinguish

from

surrounding

text,

system

messages,

text

that

the

user

must

type,

and

values

for

arguments

or

command

options

are

in

monospace.

Preface

vii

viii

IBM

Tivoli

IBM

Tivoli

Privacy

Manager

for

e-business:

Release

Notes

Release

notes

Chapter

1.

About

this

release

.

.

.

.

.

.

.

. 3

New

in

this

release

.

.

.

.

.

.

.

.

.

.

.

. 3

New

console

tasks

.

.

.

.

.

.

.

.

.

.

. 3

New

productivity

tools

.

.

.

.

.

.

.

.

.

. 3

Extended

product

scope

.

.

.

.

.

.

.

.

. 4

Backward

compatibility

.

.

.

.

.

.

.

.

.

.

. 4

©

Copyright

IBM

Corp.

2002,

2004

1

2

IBM

Tivoli

IBM

Tivoli

Privacy

Manager

for

e-business:

Release

Notes

Chapter

1.

About

this

release

This

section

includes

release-specific

information

including

what

is

new

in

the

product

release,

what

has

been

fixed

in

this

product

release,

and

any

compatibility

issues

for

this

product

release.

New

in

this

release

The

Tivoli

Privacy

Manager

Version

1.2.2

fix

pack

contains

features

and

tools

that

refine

and

improve

the

collection

and

management

of

privacy

data

in

the

Tivoli

Privacy

Manager

Version

1.2

product.

These

updates

are

highlighted

in

this

introduction

in

three

groups:

v

New

console

tasks

v

New

productivity

scripts

v

Instructions

on

how

to

extend

the

scope

of

the

product

New

console

tasks

The

Tivoli

Privacy

Manager

Version

1.2.2

console

has

been

expanded

to

include

two

tasks

that

aid

significantly

in

generating,

interpreting,

and

managing

privacy

data.

Data

User

Access

Report

This

new

Create

Report

Definition

selection

enables

you

to

produce

a

report

definition

for

all

PII

accesses

that

are

performed

by

a

specified

user

or

application

within

a

specified

time

frame.

This

report

can

help

you

determine

quickly

where

PII

access

violations

have

occurred

in

the

monitored

system.

Refer

to

Chapter

7,

“Creating

a

Data

User

Access

Report,”

on

page

61.

Selective

auditing

levels

These

interface

enhancements

provide

the

user

greater

control

over

the

amount

of

information

that

must

be

generated

to

meet

the

privacy

requirements

of

an

organization.

Refer

to

Chapter

8,

“Managing

database

storage

consumption,”

on

page

63

for

information.

New

productivity

tools

The

Tivoli

Privacy

Manager

Version

1.2.2

fix

pack

includes

the

following

set

of

command-line

tools:

Update

production

tool

This

tool

moves

Tivoli

Privacy

Manager

data

from

a

test

environment

to

a

production

environment.

This

tool

is

described

in

Chapter

10,

“Testing

policy

data

before

deployment

into

production,”

on

page

99.

Archiving

tool

This

tool

releases

storage

by

extracting

records

from

the

Tivoli

Privacy

Manager

database

into

an

XML-formatted

zipped

file.

This

tool

is

described

in

“Archiving

access

records”

on

page

72.

Filtering

tool

This

tool

applies

a

user-defined

filtering

criteria

to

the

archiving-tool

output

file

to

produce

smaller

XML

files

that

are

suitable

for

viewing,

©

Copyright

IBM

Corp.

2002,

2004

3

printing,

or

other

user-defined

operations.

This

tool

is

described

in

“Creating

access

record

filters”

on

page

83.

Reporting

tool

This

tool

formats

the

filtering-tool

output

files

into

HTML

files

that

can

be

opened

in

a

browser.

The

reporting

tool

exemplifies

one

application

that

can

be

created

and

applied

to

the

filtering-tool

output

files.

System

programmers

can

also

create

scripts

to

process

the

XML

files

according

to

the

needs

of

the

environment.

This

tool

is

described

in

“Formatting

archived

access

records

for

viewing

and

reporting”

on

page

92.

Extended

product

scope

The

Tivoli

Privacy

Manager

Version

1.2.2

fix

pack

includes

the

following

enhancements:

Oracle9i™

Database

Release

2

support

The

Tivoli

Privacy

Manager

database,

which

stores

privacy

policies,

policy

deployment

information,

runtime

configuration

data,

access

and

consent

records,

and

reports,

can

now

be

configured

to

use

Oracle®

9.2.0.3

as

well

as

IBM

DB2

Universal

Database

(DB2

UDB).

The

database

is

selected

and

set

up

during

the

installation

and

configuration

of

the

Tivoli

Privacy

Manager

server

when

this

fix

pack

is

installed.

The

archiving

tool

and

update

production

tool

,

included

in

this

fix

pack,

can

also

be

run

against

an

Oracle

database.

Refer

to

“Creating

an

Oracle

database”

on

page

16

for

information

on

specifying

the

database

during

installation

and

configuration.

Tivoli

Privacy

Manager

monitor

on

z/OS®

These

instructions

enable

the

placement

of

a

monitor

(based

on

the

reference

monitor)

on

z/OS.

Refer

to

Chapter

11,

“Running

Tivoli

Privacy

Manager

monitors

on

IBM

z/OS,”

on

page

113

for

these

instructions.

Authorization

service

plug-in

These

instructions

and

APIs

can

be

used

to

extract

users

and

groups

from

an

alternative

(unsupported)

user

directory.

Refer

to

Chapter

12,

“Creating

and

using

a

customer-defined

authorization

service

plug-in,”

on

page

127

for

these

instructions.

Backward

compatibility

If

you

have

installed

Tivoli

Privacy

Manager

Version

1.2

and

you

are

upgrading

to

Tivoli

Privacy

Manager

Version

1.2.2,

you

must

upgrade

the

Tivoli

Privacy

Manager

server

before

you

upgrade

your

monitors.

You

must

also

ensure

that

all

of

the

Version

1.2

files

are

deleted

by

the

uninstallation

program.

See

“Removing

directories

that

were

not

removed

by

the

uninstall

program”

on

page

56

for

details.

See

Chapter

4,

“Migration,”

on

page

39

for

other

migration

considerations.

4

IBM

Tivoli

IBM

Tivoli

Privacy

Manager

for

e-business:

Release

Notes

Installation

and

setup

Chapter

2.

Installing

Tivoli

Privacy

Manager

.

.

. 7

Installation

overview

.

.

.

.

.

.

.

.

.

.

. 7

Tivoli

Privacy

Manager

server

installation

overview

.

.

.

.

.

.

.

.

.

.

.

.

.

. 7

Tivoli

Privacy

Manager

LDAP

monitor

installation

overview

.

.

.

.

.

.

.

.

.

.

.

.

.

. 8

Tivoli

Privacy

Manager

SDK

installation

overview

8

Tivoli

Privacy

Manager

tools

overview

.

.

.

. 8

Installation

procedures

.

.

.

.

.

.

.

.

.

.

. 9

Results

of

the

installation

.

.

.

.

.

.

.

.

.

. 10

Troubleshooting

installation

problems

.

.

.

.

. 11

Chapter

3.

Setting

up

the

Tivoli

Privacy

Manager

server

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 13

Creating

the

Tivoli

Privacy

Manager

database

.

.

. 13

Creating

a

DB2

database

.

.

.

.

.

.

.

.

. 13

Using

the

DB2

database

creation

program

.

. 13

Manually

creating

the

database

and

tables

.

. 14

Creating

an

Oracle

database

.

.

.

.

.

.

.

. 16

Configuring

the

Oracle

database

server

.

.

. 17

Creating

the

database

.

.

.

.

.

.

.

.

. 17

Starting

the

database

.

.

.

.

.

.

.

.

. 18

Creating

the

database

tables

.

.

.

.

.

.

. 18

Setting

up

WebSphere

Application

Server

.

.

.

. 19

Setup

procedures

using

WebSphere

Application

Server

4.x

.

.

.

.

.

.

.

.

.

.

.

.

.

. 20

Enabling

security

.

.

.

.

.

.

.

.

.

. 20

Creating

a

JDBC

provider

.

.

.

.

.

.

. 21

Creating

a

data

source

.

.

.

.

.

.

.

.

. 22

Defining

static

communication

ports

.

.

.

. 23

Setup

procedures

using

WebSphere

Application

Server

5.x

.

.

.

.

.

.

.

.

.

.

.

.

.

. 24

Enabling

security

.

.

.

.

.

.

.

.

.

. 25

Setting

server

properties

.

.

.

.

.

.

.

. 25

Creating

a

data

source

.

.

.

.

.

.

.

.

. 26

Defining

static

communication

ports

.

.

.

. 28

Deploying

Tivoli

Privacy

Manager

into

the

WebSphere

Application

Server

environment

.

.

. 28

Deployment

instructions

for

WebSphere

Application

Server

4.x

.

.

.

.

.

.

.

.

.

. 29

Deployment

instructions

for

WebSphere

Application

Server

5.x

.

.

.

.

.

.

.

.

.

. 31

Compiling

the

Java

server

pages

.

.

.

.

.

.

. 34

Compiling

the

JSPs

in

WebSphere

Application

Server

4.x

.

.

.

.

.

.

.

.

.

.

.

.

.

. 34

Compiling

the

JSPs

in

WebSphere

Application

Server

5.x

.

.

.

.

.

.

.

.

.

.

.

.

.

. 35

Starting

the

Tivoli

Privacy

Manager

enterprise

application

.

.

.

.

.

.

.

.

.

.

.

.

.

. 35

Configuring

Tivoli

Access

Manager

.

.

.

.

.

. 36

Configuring

the

Java

Runtime

Environment

.

. 36

Configuring

the

Tivoli

Access

Manager

environment

.

.

.

.

.

.

.

.

.

.

.

.

. 37

Enabling

language

support

.

.

.

.

.

.

.

.

. 37

Language

support

in

a

clustered

environment

.

. 38

Chapter

4.

Migration

.

.

.

.

.

.

.

.

.

.

. 39

Migrating

using

WebSphere

Application

Server

4.x

39

Migrating

using

WebSphere

Application

Server

5.x

39

Migrating

the

command

line

report

tool

.

.

.

.

. 40

Chapter

5.

Setting

up

the

LDAP

monitor

.

.

.

. 41

LDAP

storage

system

data

.

.

.

.

.

.

.

.

. 41

Creating

the

directory

information

tree

index

.

. 42

Filtering

.

.

.

.

.

.

.

.

.

.

.

.

.

. 42

Master

key

.

.

.

.

.

.

.

.

.

.

.

.

. 42

Configuring

the

LDAP

Monitor

.

.

.

.

.

.

.

. 42

Configuring

the

communication

protocol

.

.

. 43

Using

the

IIOP

protocol

.

.

.

.

.

.

.

. 43

Using

the

Web

services

protocol

.

.

.

.

. 45

Configuring

WebSphere

security

.

.

.

.

.

. 45

Updating

the

LDAP

monitor

properties

.

.

.

. 46

Sample

property

file

.

.

.

.

.

.

.

.

. 50

Starting

the

LDAP

monitor

.

.

.

.

.

.

.

.

. 51

Deploying

the

LDAP

monitor

.

.

.

.

.

.

.

. 52

Monitor

administration

.

.

.

.

.

.

.

.

. 53

Classifying

storage

locations

.

.

.

.

.

.

.

. 53

Chapter

6.

Uninstalling

IBM

Tivoli

Privacy

Manager

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 55

Removing

the

language

pack

.

.

.

.

.

.

.

. 55

Removing

from

Windows

.

.

.

.

.

.

.

. 55

Removing

from

AIX

and

Sun

Solaris

.

.

.

.

. 55

Removing

an

enterprise

application

from

the

WebSphere

Application

Server

.

.

.

.

.

.

.

. 55

Uninstall

procedures

using

WebSphere

Application

Server

4.x

.

.

.

.

.

.

.

.

.

. 56

Uninstall

procedures

using

WebSphere

Application

Server

5.x

.

.

.

.

.

.

.

.

.

. 56

Removing

directories

that

were

not

removed

by

the

uninstall

program

.

.

.

.

.

.

.

.

.

. 56

Removing

the

product

code

.

.

.

.

.

.

.

.

. 57

Removing

from

Windows

.

.

.

.

.

.

.

. 57

Removing

from

AIX,

Linux,

and

Sun

Solaris

.

. 57

Deleting

product

directories

.

.

.

.

.

.

.

.

. 58

Troubleshooting

problems

when

uninstalling

.

.

. 58

©

Copyright

IBM

Corp.

2002,

2004

5

6

IBM

Tivoli

IBM

Tivoli

Privacy

Manager

for

e-business:

Release

Notes

Chapter

2.

Installing

Tivoli

Privacy

Manager

This

chapter

provides

step-by-step

information

for

installing

Tivoli

Privacy

Manager.

An

overview

of

the

installation

process

for

each

component

is

provided

along

with

detailed

installation

steps.

The

installation

process

places

the

Tivoli

Privacy

Manager

component

on

the

designated

machine.

Some

components

require

additional

steps

to

be

operational.

Before

you

begin

installing

IBM

Tivoli

Privacy

Manager,

refer

to

IBM

Tivoli

Privacy

Manager

Planning

Guide.

There

are

a

number

of

planning

considerations

to

review

before

starting

the

installation

process.

Additionally,

refer

to

the

IBM

Tivoli

Privacy

Manager

for

e-business

Web

site

for

hardware,

operating

system,

browser,

and

software

requirements

to

use

Tivoli

Privacy

Manager.

The

Web

site

is

located

at

the

following

URL:

http://www.ibm.com/software/sysmgmt/products/support/

IBMTivoliPrivacyManagerfore-business.html

If

you

are

migrating

from

IBM

Tivoli

Privacy

Manager

Version

1.2,

see

Chapter

4,

“Migration,”

on

page

39

before

starting

the

installation

process.

Installation

overview

The

following

descriptions

provide

high-level

overviews

of

installing

the

Tivoli

Privacy

Manager

components.

The

descriptions

also

include

post-installation

tasks.

If

you

are

installing

multiple

components,

you

need

to

review

the

process

for

each

component.

Tivoli

Privacy

Manager

server

installation

overview

Because

the

Tivoli

Privacy

Manager

server

communicates

with

other

network

software

(such

as,

WebSphere

Application

Server

and

DB2

database),

you

need

to

have

information

available

about

them

(such

as

the

DB2

administrator

ID

and

password).

The

following

list

shows

the

tasks

that

must

be

completed

before

you

can

start

the

Tivoli

Privacy

Manager

server.

v

Verify

that

the

proper

prerequisites

are

installed

(Refer

to

the

IBM

Tivoli

Privacy

Manager

Prerequisite

Guide)

v

Install

the

Tivoli

Privacy

Manager

server

v

Create

DB2

or

Oracle

database

v

Create

the

Tivoli

Privacy

Manager

database

tables

v

Prepare

to

deploy

the

Tivoli

Privacy

Manager

enterprise

application

into

the

WebSphere

Application

Server

environment:

–

Create

a

JDBC

Provider

–

Create

a

data

source

–

Verify

the

module

visibilityv

Deploy

the

Tivoli

Privacy

Manager

server

into

the

WebSphere

Application

Server

environment

v

Compile

the

Java

Server

Pages

(JSPs)

©

Copyright

IBM

Corp.

2002,

2004

7

Note:

If

you

are

using

clustered

WebSphere

servers

and

have

not

done

so

already,

it

is

critical

that

you

synchronize

the

clocks

among

all

the

machines

in

your

environment.

Any

number

of

third-party

products

can

be

used

to

ensure

that

the

clocks

remain

synchronized.

After

the

Tivoli

Privacy

Manager

server

component

is

installed,

go

to

Chapter

3,

“Setting

up

the

Tivoli

Privacy

Manager

server,”

on

page

13

for

details

on

the

configuration

and

deployment

steps.

Tivoli

Privacy

Manager

LDAP

monitor

installation

overview

The

Tivoli

Privacy

Manager

LDAP

monitor

is

installed

on

the

machine

that

acts

as

a

proxy

between

the

LDAP

storage

system

and

LDAP

client

applications

accessing

data

to

and

from

the

storage

system.

v

Verify

that

the

proper

prerequisites

are

installed

(Refer

to

the

IBM

Tivoli

Privacy

Manager

Prerequisite

Guide)

v

Install

the

Tivoli

Privacy

Manager

LDAP

monitor

component

v

Configure

the

LDAP

monitor

–

Configure

the

communication

protocol

–

Configure

WebSphere

security

–

Update

the

monitor

properties

filev

Start

the

Tivoli

Privacy

Manager

enterprise

application

v

Start

the

LDAP

monitor

v

Monitor

administration

v

Classify

storage

locations

After

the

LDAP

monitor

component

is

installed,

go

to

Chapter

5,

“Setting

up

the

LDAP

monitor,”

on

page

41

for

details

on

the

configuration

and

starting

the

LDAP

monitor.

Tivoli

Privacy

Manager

SDK

installation

overview

The

Tivoli

Privacy

Manager

SDK

installation

places

the

Java

classes

and

documentation

on

a

machine

used

by

developers

for

creating

a

storage

system

monitor.

v

Verify

that

the

proper

prerequisites

are

installed

(Refer

to

the

IBM

Tivoli

Privacy

Manager

Prerequisite

Guide)

v

Install

the

Tivoli

Privacy

Manager

SDK

After

the

installation

is

complete,

refer

to

the

IBM

Tivoli

Privacy

Manager

Monitor

Developer’s

Guide

for

details

on

setting

up

the

monitor

development

and

test

environments.

Tivoli

Privacy

Manager

tools

overview

The

Tivoli

Privacy

Manager

tools

installation

places

several

tools

on

a

machine

that

can

be

used

to

manage

data

gathered

by

the

Tivoli

Privacy

Manager

server.

These

tools

include:

command

line

report,

update

production,

archiving,

filtering,

and

report

tools.

v

Verify

that

the

proper

prerequisites

are

installed

(Refer

to

the

IBM

Tivoli

Privacy

Manager

for

e-business

User’s

Guide

for

information

on

the

command

line

report

tool

and

this

document

for

information

on

the

other

tools)

v

Install

the

Tivoli

Privacy

Manager

Tools.

8

IBM

Tivoli

IBM

Tivoli

Privacy

Manager

for

e-business:

Release

Notes

After

the

installation

is

complete,

refer

to

the

IBM

Tivoli

Privacy

Manager

for

e-business

User’s

Guide

or

this

document

for

information

on

using

any

of

the

Tivoli

Privacy

Manager

tools.

Installation

procedures

The

installation

program

provides

a

graphical

user

interface

that

guides

you

through

the

process.

The

installation

process

places

the

appropriate

code

in

the

installation

directory.

When

the

installation

process

completes,

you

must

complete

the

appropriate

configuration

tasks.

__

Step

1.

Log

on

to

the

operating

system

as

a

user

with

root

or

Administrator

privileges.

__

Step

2.

Insert

the

Tivoli

Privacy

Manager

installation

CD

into

the

CD-ROM

drive.

Note:

For

installing

on

a

machine

with

no

CD-ROM

drive,

FTP

the

files

from

a

CD-ROM

drive

on

another

machine.

__

Step

3.

Switch

to

the

CD-ROM

drive

root

directory.

For

some

UNIX®

systems,

this

switch

requires

creation

of

a

mount

point.

__

Step

4.

Start

the

installation

program

by

issuing

the

appropriate

command

shown

in

Table

1.

Table

1.

Installation

program

Operating

system

Installation

program

command

AIX®

aix_install

Linux

linux_install

Solaris

Operating

Environment

sparc_install

Microsoft®

Windows®

win32_install.exe

Linux

for

zSeries®

zlinux_install

Note:

Use

the

non-graphical

installation

procedure

if

you

experience

font

problems.

Refer

to

the

IBM

Tivoli

Privacy

Manager

for

e-business

Installation

Guide

Version

1.2,

Appendix

C,

″Console

mode

installation

procedures″

for

details

on

the

non-graphical

installation

process.

__

Step

5.

When

the

installation

program

starts,

a

message

box

is

displayed,

which

indicates

the

start

of

a

Java

Virtual

Machine.

__

Step

6.

From

the

IBM

Tivoli

Privacy

Manager

Welcome

window,

click

Next

to

continue.

__

Step

7.

You

must

accept

the

product

terms

and

conditions

before

continuing

with

the

installation

process.

Review

the

terms

and

conditions

of

the

product.

To

continue,

click

I

agree–>Next.

__

Step

8.

Enter

the

installation

directory.

Table

2

shows

the

default

installation

directories

for

each

operating

system.

Click

Next.

Table

2.

Default

installation

directory

Operating

system

Installation

directory

AIX

Linux

Solaris

/opt/IBM/PrivacyManager

Windows

C:\Program

Files\IBM\PrivacyManager

Chapter

2.

Installing

Tivoli

Privacy

Manager

9

After

you

have

installed

one

Tivoli

Privacy

Manager

component

and

later

install

another

component,

the

installation

program

uses

the

existing

installation

directory

for

installing

the

subsequent

component.

For

example,

if

you

install

the

Tivoli

Privacy

Manager

server

in

a

directory

named

d:\privacy

and

later

install

the

Tivoli

Privacy

Manager

LDAP

monitor

on

the

same

machine,

the

LDAP

Monitor

component

will

be

installed

in

the

d:\privacy

directory

with

the

Tivoli

Privacy

Manager

Server

component.

To

specify

another

directory

on

a

subsequent

installation,

you

must

go

through

the

uninstallation

process

to

remove

the

existing

installation

directory

and

Tivoli

Privacy

Manager

components.

__

Step

9.

Select

the

component

to

install

and

click

Next.

v

Privacy

Server

v

Privacy

Monitor

SDK

v

Privacy

LDAP

Monitor

v

Privacy

Tools

Selecting

Privacy

Server

installs

the

Tivoli

Privacy

Manager

server.

You

can

change

the

features

to

be

installed

by

selecting

or

de-selecting

features.

The

amount

of

disk

space

needed

for

installation

depends

on

the

features

selected

and

the

operating

system

platform.

See

Table

3

for

the

range

of

storage

space

used

during

installation.

Table

3.

Installation

storage

size

Minimum

Maximum

50

MB

155

MB

__

Step

10.

If

Privacy

Server

is

selected

you

may

be

prompted

to

automatically

update

the

Tivoli

Access

Manager

Java

Runtime

environment

(PDJRTE)

configuration.

If

prompted,

click

Yes

to

schedule

the

configuration

during

installation.

If

No

is

selected

this

task

can

be

completed

manually.

See

“Configuring

the

Java

Runtime

Environment”

on

page

36

for

the

manual

instructions.

The

Tivoli

Access

Manager

Java

Runtime

environment

(PDJRTE)

configuration

sets

the

WebSphere

Application

Server’s

JDK

to

use

the

Tivoli

Access

Manager

libraries.

This

is

a

one

time

task

done

manually

or

by

the

installation

program.

__

Step

11.

Validation

of

prerequisite

software

installed.

Message

is

displayed

if

prerequisite

validation

fails.

__

Step

12.

From

the

installation

summary

window,

the

component

size

requirements

and

associated

product

features

to

be

installed

are

displayed.

Click

Next

to

proceed

with

the

installation.

__

Step

13.

After

the

installation

completes,

a

completion

message

is

displayed.

Click

Finish

to

exit

the

installation

program.

Results

of

the

installation

The

installation

process

creates

a

number

of

product

directories

based

on

the

features

installed.

_jvm

Represents

the

Java

virtual

machine

used

by

the

installation

and

uninstallation

programs.

10

IBM

Tivoli

IBM

Tivoli

Privacy

Manager

for

e-business:

Release

Notes

_uninst

Contains

the

uninstallation

program.

bin

Tivoli

Privacy

Manager

executable

code.

ddl

Contains

the

set

of

SQL

files

used

to

create

the

Privacy

Manager

database

tables.

javadoc

Contains

Javadoc

information

for

the

APIs

associated

with

the

reference

monitor

and

PSA

toolkit.

ldapmon

Contains

executable

code

for

the

Tivoli

Privacy

Manager

LDAP

monitor.

lib

Contains

Tivoli

Privacy

Manager

binary

files.

license

Contains

the

license

agreement.

samples

Contains

properties

files.

tools

Contains

the

command

line

report,

extract,

archive,

and

update

production

tools.

Troubleshooting

installation

problems

During

the

installation

process,

the

PMinstall.log

file

is

created.

This

file

is

located

in

the

installation

root

directory

and

updated

each

time

the

installation

program

is

run.

Note:

Until

the

Tivoli

Privacy

Manager

files

are

stored

on

the

server

machine,

the

installation

log

is

in

a

temporary

directory.

v

For

AIX,

Linux,

and

Solaris

the

log

is

located

in

/tmp

v

For

Windows,

use

the

%TEMP%

environment

variable

to

determine

the

temporary

directory.

If

an

error

occurs

before

the

files

are

stored

(for

example,

prerequisite

failure),

you

will

need

to

look

in

the

temporary

directory

for

the

installation

log.

Use

the

log

file

to

gather

information

related

to

installation

failures.

In

addition,

messages

related

to

the

validation

of

perquisites

are

displayed

during

the

installation

process.

Refer

to

the

IBM

Tivoli

Privacy

Manager

Problem

Determination

Guide

for

help

with

troubleshooting

problems,

message

descriptions,

and

information

on

contacting

the

Tivoli

Support

Center.

Chapter

2.

Installing

Tivoli

Privacy

Manager

11

12

IBM

Tivoli

IBM

Tivoli

Privacy

Manager

for

e-business:

Release

Notes

Chapter

3.

Setting

up

the

Tivoli

Privacy

Manager

server

After

the

Tivoli

Privacy

Manager

server

has

been

successfully

installed,

it

must

be

configured

and

deployed

into

the

WebSphere

environment.

This

chapter

describes

the

tasks

to

make

the

Tivoli

Privacy

Manager

server

operational.

Refer

to

the

IBM

Tivoli

Privacy

Manager

Planning

Guide

for

tuning

information.

Creating

the

Tivoli

Privacy

Manager

database

A

database

is

a

prerequisite

for

installing

Tivoli

Privacy

Manager.

Tivoli

Privacy

Manager

requires

that

certain

tables

be

created

prior

to

its

use.

The

database

must

be

created

prior

to

installing

the

Tivoli

Privacy

Manager

enterprise

application

into

the

WebSphere

environment.

Tivoli

Privacy

Manager

Version

1.2.2

database

can

be

implemented

in

either

DB2

or

Oracle

environment.

Follow

the

appropriate

procedures

for

setting

up

the

database.

v

“Creating

a

DB2

database”

v

“Creating

an

Oracle

database”

on

page

16

After

the

database

is

installed,

the

following

must

be

done:

1.

Create

the

Tivoli

Privacy

Manager

database.

2.

Create

the

Tivoli

Privacy

Manager

database

tables.

3.

Update

the

database

configuration

parameters.

Note:

The

values

and

configuration

values

(such

as

tablespace)

described

in

this

chapter

are

based

on

a

test

environment.

When

installing

for

use

in

your

production

environment,

consult

your

database

administrator

to

verify

appropriate

values

for

your

environment.

Creating

a

DB2

database

You

can

create

the

Tivoli

Privacy

Manager

database,

tables,

and

configuring

the

database

by

using

either

the

Tivoli

Privacy

Manager

database

creation

program

or

using

the

database

product

interface.

v

“Using

the

DB2

database

creation

program”

v

“Manually

creating

the

database

and

tables”

on

page

14

Using

the

DB2

database

creation

program

Use

the

Tivoli

Privacy

Manager

database

creation

program

to

create

the

Tivoli

Privacy

Manager

database,

set

configuration

values,

and

create

the

Tivoli

Privacy

Manager

database

tables.

The

database

creation

program

is

setupPMDB.

Before

starting

setupPMDB,

the

following

conditions

must

be

met:

v

DB2

must

be

active.

v

For

AIX,

Linux,

and

Solaris,

the

setupPMDB

command

must

run

as

root.

The

root

user

must

be

part

of

the

DB2

Administrator

group

(for

example,

db2iadm

group

created

during

the

DB2

Universal

Database

installation).

To

determine

whether

a

user

is

part

of

the

administrator

group,

use

the

db2

get

dbm

cfg

command

searching

for

sysadm

configuration

property.

©

Copyright

IBM

Corp.

2002,

2004

13

v

For

Windows,

to

run

the

database

creation

program,

you

need

to

open

a

DB2

command

interface.

Table

4

contains

the

name

of

the

database

creation

program.

The

database

creation

program

is

located

in

the

pm_install/bin

directory

where

pm_install

is

the

name

of

the

Tivoli

Privacy

Manager

installation

directory.

Table

4.

Database

creation

program

for

DB2

database

Operating

system

Command

for

database

creation

AIX,

Linux,

and

Solaris

setupPMDB.sh

Windows

setupPMDB.bat

From

a

DB2

command

interface,

start

the

database

creation

program

by

issuing

the

following

command:

setupPMDB

db2_userid

db2_pw

dbname

dbname

Name

of

Tivoli

Privacy

Manager

database

db2_pw

DB2

instance

owner

password

db2_userid

DB2

instance

owner

user

ID

Note:

Any

additional

parameters

that

are

specified

on

the

database

creation

program

are

ignored.

A

series

of

messages

is

displayed

that

show

the

progress

of

the

database

creation

program.

Status

information

related

to

the

database

creation

process

is

located

in

a

log

file.

The

log

file,

dbSetup.log,

is

created

in

the

pm_install/log

directory

where

pm_install

is

the

name

of

the

Tivoli

Privacy

Manager

installation

directory.

After

the

database

is

set

up

go

to

“Setting

up

WebSphere

Application

Server”

on

page

19.

Manually

creating

the

database

and

tables

To

manually

create

and

configure

the

Tivoli

Privacy

Manager

database,

use

the

DB2

command

interface.

From

the

DB2

command

interface,

you

can:

v

Create

the

Tivoli

Privacy

Manager

database

v

Create

the

Tivoli

Privacy

Manager

tables

v

Configure

the

Tivoli

Privacy

Manager

database

After

the

database

is

set

up

go

to

“Setting

up

WebSphere

Application

Server”

on

page

19.

Creating

the

database:

The

database

is

created

from

the

DB2

command

interface.

Before

starting

the

command

interface,

the

following

conditions

must

be

met:

v

DB2

must

be

active.

v

For

AIX,

Linux,

and

Solaris,

the

DB2

instance

owner

ID,

such

as

db2inst1

must

be

part

of

the

db2iadm

group.

The

db2iadm

group

is

created

during

the

DB2

Universal

Database

installation.

14

IBM

Tivoli

IBM

Tivoli

Privacy

Manager

for

e-business:

Release

Notes

From

a

DB2

command

line

interface,

enter

the

following

command

to

create

the

database:

db2

create

database

db_name

alias

alias_name

using

codeset

UTF-8

territory

US

db_name

Name

assigned

to

the

database.

alias_name

Database

alias

name.

If

no

alias

is

provided,

the

specified

database

name

is

used.

Note:

The

alias

name

is

not

required;

however,

if

an

alias

name

is

used

it

must

be

the

same

as

the

database

name.

Creating

the

database

tables:

During

the

installation

of

the

Tivoli

Privacy

Manager

server

component,

files

that

define

the

required

DB2

database

tables

are

placed

in

the

pm_install/ddl/db2

directory,

where

pm_install

is

the

name

of

the

Tivoli

Privacy

Manager

installation

directory.

Each

data

definition

language

(DDL)

file

contains

SQL

for

creating

a

database

tables.

__

Step

1.

Change

to

the

pm_install/ddl/db2

directory.

__

Step

2.

Enter

the

following

commands

to

connect

to

the

DB2

database

that

you

created

for

Tivoli

Privacy

Manager:

db2

attach

to

instancename

user

db2_userid

using

db2_pw

db2

connect

to

db_name

user

db2_userid

using

db2_pw

instancename

Name

of

the

database

instance

where

the

Tivoli

Privacy

Manager

tables

are

to

be

created

db2_userid

User

ID

of

the

database

instance

owner

(userid)

db2_pw

Password

associated

with

the

instance

userid

specified

db_name

Name

of

the

Tivoli

Privacy

Manager

database__

Step

3.

Enter

the

db2

-tvf

command

for

each

DDL

file

contained

in

the

Tivoli

Privacy

Manager

installation

directory

to

create

the

Tivoli

Privacy

Manager

database

tables:

db2

-tvf

acc.ddl

db2

-tvf

admin.ddl

db2

-tvf

audit.ddl

db2

-tvf

cms.ddl

db2

-tvf

confcache.ddl

db2

-tvf

deploy.ddl

db2

-tvf

pes.ddl

db2

-tvf

report.ddl

db2

-tvf

trim.ddl

Configuring

the

database:

After

the

Tivoli

Privacy

Manager

database

is

created,

certain

database

parameters

must

be

configured.

Table

5

on

page

16

lists

the

database

parameters

and

the

values

that

are

needed

for

using

Tivoli

Privacy

Manager.

Chapter

3.

Setting

up

the

Tivoli

Privacy

Manager

server

15

Table

5.

Database

configuration

parameters

Database

parameter

Value

Description

applheapsz

256

Specifies

the

size,

in

pages,

of

the

application

heap

that

is

available

for

each

individual

agent.

app_ctl_heap_sz

256

Determines

the

maximum

size,

in

4

KB

pages,

for

the

application

control

heap.

The

heap

is

required

to

share

information

among

agents

working

on

behalf

of

the

same

application

at

a

node

in

an

MPP

or

an

SMP

system.

If

complex

applications

are

being

run,

or

the

MPP

configuration

has

a

large

number

of

nodes,

the

size

of

this

heap

should

be

increased.

locklist

500

Specifies

the

amount

of

storage

that

is

allocated

to

the

lock

list.

A

lock

list

contains

the

locks

held

by

all

applications

concurrently

connected

to

the

database.

logfilsiz

2500

Specifies

the

amount

of