Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 2 Machine Management and Domain Configuration : Creating a Domain that Uses a File Repository

Creating a Domain that Uses a File Repository
Use this procedure to create an administration domain that uses a file based domain repository to store users, groups and other domain information. You can only perform this procedure if TIBCO Administrator has been installed. If TIBCO Administrator is not installed, the Domain Configuration category will not display in TIBCO Domain Utility. A machine can have multiple administration domains installed.
To Create a File Based Repository Domain Using the GUI
1.
Start Domain Utility and click the Next button on the main screen.
2.
Under Category, select Domain Configuration and select Create a New Administration Domain. Click the Next button. A screen similar to the following appears.
Figure 2 Select a Task Window
3.
4.
Do not select the User and Group information retrieved from a corporate LDAP and Domain information stored in a Database options.
If you need to change the TIBCO Rendezvous parameters used to communicate with TIBCO Administrator or TIBCO Hawk, select Show Advanced. See Domain Details for a description of each parameter.
5.
Click the Next button. The screen that appears allows you to change the default ports TIBCO Administrator uses to communicate with the Tomcat web server. In most cases, the default settings are appropriate. See Web Server Ports for a description of the ports.
6.
Click the Next button to continue. In the screen that appears, provide the domain administrator credentials for the administration domain. The user name and password given here is used when launching TIBCO Administrator to initially log into the administration domain and assign permissions to other users, so they can access certain components. The administration credentials are also used if you need to modify this domain.
By default, a password policy is not defined. To use a password policy, select the Configure Password Policy check box. The fields that display are explained on Password Policy.
7.
Click the Next button. The screen that appears displays a summary of the values you have provided.
8.
Click the Next button to create the administration domain. After the domain has been created, the services that support the domain are listed. You must start each service before starting TIBCO Administrator.
9.
Click Finish to end the session.
After creating the domain, hawkhma.cfg and tibhawkhma.tra files are generated.
To Create a File Based Repository Domain Using the Command Line Utility
1.
2.
Copy the following file to your working directory: TRA_HOME\template\domainutility\cmdline\CreateDomain.xml
3.
Open CreateDomain.xml in a text editor.
The CreateDomain.xml file contains sections for creating a domain that uses a repository, LDAP server and database. Change only the repository section. The parameters for a domain that uses a repository are explained in the following sections. After changing the parameters, save the file and exit the text editor.
4.
   domainutilitycmd -cmdFile <working-dir-path>\CreateDomain.xml
Domain Details
 
Machines are grouped in the Administrator GUI under the value provided in the Hawk Cluster field. If you change the default value, this machine displays in the Administrator GUI under the value you provide. The cluster name must be enclosed within quotes, if the name contains spaces.
In some situations, it may be necessary to choose UTF-8 as the encoding for all or some of these properties. For example, If you are using XML messages and either the JMS transport or the AE/RV wireformat, you must change repo.encoding to UTF-8. If you are using a property file (.tra) that uses non-Latin1 characters, you must change file.encoding to UTF-8. You can edit the individual properties in the .tra file, or set the encoding for all three properties here.
Note: TIBCO Hawk and POF must use the same transport type. Mixed transport types are not supported.
TIBCO Rendezvous Daemon used for communication with TIBCO Hawk. Default is tcp:7474. See the TIBCO Hawk Installation and Configuration manual for details about this parameter.
Specify the user account name authorized to administer the TIBCO Enterprise Message Service server. Specify a user that is a member of the $admin group (for example, the predefined admin user), or a user who has the following permissions:
com.tibco.pof.domain-name.> (for each domain)>
com.tibco.pof.AUTH_domain-name.> (for each domain)
Note: You must add the following topics to the TIBCO_HOME/ems/bin/topics.conf file:
com.tibco.pof.domain-name.>
com.tibco.pof.AUTH_domain-name.>
_HAWK.domain-name (one line for each domain)
You must also add the following queue to the TIBCO_HOME/ems/bin/queues.conf file:
Note that if domain-name, contains the characters '.', '>' and '*', the characters must be replaced by the following strings:
Click the... button and navigate to a drive shared by all nodes in the cluster. Specify the location of the TIBCO Runtime Agent domain home. For example, R:\tibco\tra\domain.
See the TIBCO Runtime Agent Installing in a Cluster guide for more information.
Click the... button and navigate to a drive shared by all nodes in the cluster. Specify the location of the administration server domain home. For example, C:\tibco\administrator\domain.
Select the Use default values check box unless you are an experienced user.
Select if the value entered in the Machine field is a logical machine. See the TIBCO Runtime Agent Installing in a Cluster guide for more information.
Note: This option does not affect sensitive data in the deployment configuration files exported using the AppManage utility. See TIBCO Runtime Agent Scripting Deployment Guide for information on how to protect sensitive data in the deployment of configuration files using an encryption password.
This property is used to secure the .properties files. The specified group will be given view access to the AuthorizationDomain.properties and AdministrationDomain.properties files when these property files are created as part of domain creation. Specifying this property allows you in the specified group to use TRA utilities like AppManage.
Multiple Administration Domains on One Machine
If you decide you wish to use multiple administration domains on one machine, the domain names have to be different. Note that you cannot use the same TIBCO Rendezvous Service and two different TIBCO Rendezvous daemons parameters. For example, you cannot choose:
All other combinations of service and daemon are allowed.
Web Server Ports
The ports TIBCO Administrator uses to communicate with the Tomcat web server are described next. A Connector represents an endpoint by which requests are received and responses are returned. A connector is associated with a port.
Note: This shutdown string is not considered a password and is not checked against the password policy.
Password Policy
You can specify a password policy for the domain. See the TIBCO Administrator Server Configuration Guide for an introduction to the administration domain password policy. You can change the password policy after the administration domain has been created. See the TIBCO Administrator User’s Guide for details.
Table 16 Password Policy
Is saved in encryption mode using a fixed key (Refer to TIBCO Runtime Agent Installation for more information about Obfuscate Utility). That is, SaveHashMode is set to false.
You can provide a custom policy that is based on the password policy templates that are provided in the TIBCO_HOME/tra/version/config/security directory (see note below). After copying a template to another location and modifying it, click the... icon and load the custom policy file. The file contents are written to the domain.
Note: Three password policy templates are provided:
DefaultPolicy  Specifies the same policy as the Default Policy radio button.
StrongPolicy  Specifies the same policy as the Restrictive Policy radio button.
NormalPolicy  In this policy, a password:

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved