SungHoon_Kim

Creating an ALL-IN-ONE VM Image - Part 10-2

Blog Post created by SungHoon_Kim Employee on Nov 24, 2015

This is something I like to do once in a while. It takes long time to setup everything but to me it is a hobby. It is like putting zigsaw puzzles.

 

WARNING: THIS IS NOT SUPPORTED! THIS IS ONLY TO FULFILL YOUR CURIOSITY AND SATISFY YOUR SPIRIT GOING AGAINST ALL ODDS. THIS IS NOT A DEMONSTRATION ALLOWING YOU TO RUN SUCH CONFIGURATION IN YOUR DEV/TEST/QA/PROD ENVIRONMENT.

 

Following components will be installed.

 

01. Install OS (Windows 2008 R2 - English)

02. Microsoft Loopback Adapter

03. Active Directory

04. DNS

05. IIS

06. Certificate Authority

07. MSSQL 2012

08. JDK 1.7.0_80 (32bit and 64bit)

09. NewAtlanta ServletExec 6.0

10. ASF Apache

11. CA Directory

12. Oracle Directory Server 11g

13. CA Single Sign-On Policy Server

14. CA Single Sign-On AdminUI

15. CA Single Sign-On Web Agent/Option Pack

16. CA Single Sign-On Secure Proxy Server

17. CABI 3.3

 

Some trivial steps are skipped such as installing the OS and promoting to a Domain Controller.

 

17. CABI 3.3

 

This is a continuation from

Creating an ALL-IN-ONE VM Image - Part 10-1

 

This is where SiteMinder (CA Single Sign-On) integrates to Report Server(CABI).

 

But before you do anything, you need to setup a Audit DB for SiteMinder.

Load "Microsoft SQL Server Management Studio" and logon as "sa" user.

If you cannot logon, double check the SQL Service is started up and running.

Right click on the "Databases" branch and select "New Database..."

Enter desired DB name and click "OK"

Right click on the new "smauditdb" instance and select "New Query"

Copy the content of "C:\Program Files (x86)\CA\siteminder\db\SQL\sm_mssql_logs.sql" file.

Then click on "Execute" button at the top.

You should be able to find "dbo.smaccesslog4" and "dbo.smobjlog4" tables at the left hand side.

 

Now the DB is ready but you still need to configure Policy Server side for the connection. (This must be configured at the Policy Server machine)

 

Open a command-line and run the following command.

C:\Windows\SysWOW64\odbcad32.exe (Advisable to create a taskbar shortcut as you will run this again later)

At the "System DSN" you should find many entries.

If you do not find any, you must be running the 64bit odbcad32.exe. Make sure you run the correct executable.

 

Click "Add..." button to create a new DSN.

Select "SiteMinder SQL Server Wire Protocol".

 

Enter the following:

 

Data Source Name: SiteMinder Logs Data Source

     (The reason why I use this name is because it is the default one from SiteMinder)

Host Name: TESTMC1

Port Number: 1433

Database: smauditdb

 

 

Then click on the "Test Connect" button at the bottom and enter the "sa" user and password and click "OK" to test the connectivity.

You must get the "Connection established!" message or please check the configuration again.

 

Load "smconsole" and navigate to "Data" tab and select "Audit Logs" and Storage as "ODBC".

Then enter the required information as below and click "Apply".

Click on "Test Connection" and you must get "Success" message as below or check the configuration again.

 

 

Now load the odbcad32.exe again and goto "System DSN" again. (This must be run from the Report Server machine)

Click "Add..." button to create a new DSN.

What you created before was the ODBC connection from the Policy Server to the AuditDB.

 

What you are creating now is the ODBC connection from the Report Server to the AuditDB.

Select "SQL Server" driver for this connection.

Click on "Test Data Source..."

You must get SUCCESS message or check the configuration again.

 

 

Now we can start the integration.

 

I have downloaded smrs-12.52-sp01-cr02-win32.zip. <== This must be done at the Report Server machine.

Extract it and execute "ca-rs-config-12.52-sp01-cr02-win32.exe".

Just for clarification, this executive file must run on the report server machine.

It installs files required to register trustedhost and also a "biar" file which contains the sample report templates.

 

 

Enter the same Administrator password that you set during Report Server installation.

There will be a quick screen testing CMS connection.

At this point, if you have a supported Report Server instance then it will not throw any error message.

But if you have version 4 CABI, then the installer may throw an error message at this point and will not be able to continue.

 

You can shutdown the VM and take a snapshot here.

 

If you logon to Report Server CMC and goto "Folders", you should find the "SiteMinder" folder as below.

 

Now, logon to SiteMinder AdminUI.

Navigate to "AdminUI ==> Administration ==> Admin UI ==> Audit Report Connections"

This is the information that AdminUI will be sending to the Report Server, telling it to use this DSN for the audit records.

Report Server does not keep the auditstore information although it will have DSN configured at the OS level.

AdminUI sending this DSN information allows the Report Server to connect and fetch audit records.

That being said, the DSN name that you define here MUST MATCH the DSN that was created at the Report Server.

Click on "Create Audit Report Connection".

 

Next is to create a "Report Server Connections".

Navigate to "AdminUI ==> Administration ==> Admin UI ==> Report Server Connections"

Click on "Create Report Server Connections"

Enter the information.

Note the port is 38080 as defined during the installation.

You must note the "Connection Name" value as well.

 

Open a command-line and run the following command. <== This must be run at the Policy Server machine.

xpsregclient reportserver:password -report

 

 

Navigate to "C:\Program Files (x86)\CA\SC\CommonReporting3\external\scripts" and run the following command. <== This must be run at the Report Server machine.

regreportserver.bat -pshost 192.168.201.101 -client reportserver -passphrase password

 

 

Now that the report server is configured and integrated, you can generate and view reports.

 

1) If you navigate to "AdminUI ==> Reports ==> Audit", this cannot generate any report as there is no audit record.

2) If you navigate to "AdminUI ==> Reports ==> Store Operations", this cannot generate any reports as XPS Audit are generated in text files and you need to manually import the audit records to view from here.

3) If you navigate to "AdminUI ==> Reports ==> Analysis", you can actually run reports right now although it will return an empty report(because you have not protected any resources yet). But it is a good indication that reporting works.

 

Navigate to "AdminUI ==> Reports ==> Analysis ==> Resource Based ==> Applications"

Click on "Submit" to generate the report now.

Click "OK".

 

Navigate to "AdminUI ==> Reports ==> General ==> View SiteMinder Reports".

You will find the report that you just generated.

Select the report and click on "Select" to view it.

If you see this "Please wait while the document is being processed" message, it confirms it is working.

 

This concludes all the "Installation" part of ALL-IN-ONE.

There will be more installations after this but this basically covers the essential part of ALL-IN-ONE setup.

 

Next, I will be going through the configuration part that makes this ALL-IN-ONE image real value.

Stay tuned!!!

Outcomes