Wednesday, 6 July 2016

Installing InfoSphere Master Data Management v11.5 on WAS Cluster with SQL Server (Windows authentication)

InfoSphere Master Data Management can be installed on a SQL Server database that uses Windows authentication.   With Windows authentication, SQL Server validates the account name and password using the Windows principal token in the operating system. SQL Server does not ask for the password, and does not perform the identity validation.  Tables created using Windows authentication are in the default schema.  During installation of SQL Server, the default schema is set to dbo (DataBase Owner), this can be modified by the SQL Server DBA.

Ensure that the pre-requisites for MDM installation are followed including:
  1. Installation of WebSphere Application Server and creation of WAS Cluster for installation
  2. Installation of Microsoft SQL Server 2014.
  3. Follow steps mentioned in Preparing a Microsoft SQL Server Database for MDM Installation  
  4. Installation of Microsoft VC++

In this sample, the IBM Installation Manager will be invoked in silent mode and an input file containing parameters for installation will be passed in.  Please find the sample input file at the Appendix.  The input file provides details required for installation such as installation location, WebSphere Application Server details and Database Details and details on features that have to be installed.  The sample input file contains details to install the MDM Applications, MDM Database and the Inspector UI.  

Since installation is on SQL Server using Windows authentication, in the input file, the database user name and database password have to be set to none (case-sensitive).  The value for schema should be set to dbo (or the default schema)
Invoke the Installation Manager with the below parameters:
C:\Program Files (x86)\IBM\InstallationManager\eclipse\IBMIM –silent –input C:\Input\WASNDSQL.xml –acceptLicense

The above command enables extraction of MDM files at the MDM installation directory provided in the input file.  Certain pre-requisites to ensure successful configuration of MDM are also performed as part of this command.  

Please Note: The sample input file attached has minimal inputs and was generated using

After Master Data Management components are extracted using the Installation Manager, MDM has to be deployed using the utility Configure_MasterDataManagement.
  1. Go to <MDM_INSTALL_DIR>/mds/scripts
  2. Invoke madconfig Configure_MasterDataManagement
  3. Provide values including WebSphere Administrator user’s password, MDM Administrator user’s password and the WebSphere Administrator user’s password for each UI selected to be installed.  Please note that the value for Database user password will not prompted as Windows authentication is used.
The utility creates the database tables and loads them with MDM gold data, deploys applications on the WAS Cluster and deploys the User Interfaces on the WAS Cluster. 

Post Configuration
  1. Ensure that the IVT is successful by checking the response file in <MDM_INSTALL_DIR>/IVT/testCases/xml_virtual/response
  2. When WebSphere Embedded Messaging is used, certain configuration changes have to be performed at the Messaging Engine.  Go to Service Integration -> Buses -> <BUS> -> Messaging engines -> <MESSAGING_ENGINE> -> Data store.
    1. Set the value for Schema name to dbo (or the customized default schema)
    2. Set the value for Authentication Alias to (none)
    3. Restart the cluster, SIB tables will get created in the database.

Changes to Data Store when WebSphere Embedded Messaging is used

Sample Input File
 <?xml version='1.0' encoding='UTF-8'?>
    <!-- Shared directory for use by Installation Manager -->
    <variable name='sharedLocation' value='D:/Instances/Shared'/>
    <!-- Location of MDM Installable -->
    <repository location='D:/Installables/MDMGA/MDM/disk1'/>
  <!-- Profile details, provide id with MDM INSTALL LOCATION-->
  <profile id='InfoSphere MDM Standard Edition or Advanced Edition' installLocation='D:/Instances/Cluster/MDM'>
    <data key='eclipseLocation' value='D:/Instances/Cluster/MDM'/>
    <data key='user.import.profile' value='false'/>
    <!-- OFFERING ID for MDM -->
    <data key='' value=''/>

<!-- List of MDM features to be installed - db for database, app for application and inspector for Inspector User Interface -->
    <data key=',' value='db,app,inspector'/>
<!-- WebSphere Application Server details for Installing MDM application components, namely native.ear, EBA and web services -->
    <data key=',' value='/etc/DummyClientTrustFile.jks'/>
    <data key='user.L2.was.truststore.pwd,' value='WebAS'/>
    <data key='user.L2.was.admin.user,' value='mdmadmin'/>
    <data key='user.L2.was.admin.password,' value='mdmadmin'/>
    <data key='user.L1.was.home,' value='C:/Program Files (x86)/IBM/WebSphere/AppServer'/>
    <data key='user.was.type,' value='ND'/>
    <data key=',' value='localhost'/>
    <data key='user.deploy.port,' value='8879'/>
    <data key='user.was.cell,' value='chitiyerCell01'/>
    <data key='user.was.node,' value='none'/>
    <data key='user.was.server,' value='none'/>
    <data key=',' value='none'/>
    <data key=',' value='false'/>
    <data key='user.L1.was.home,' value='C:/Program Files (x86)/IBM/WebSphere/AppServer'/>
    <data key='user.was.cluster,' value='MDMCluster'/>
    <data key='user.was.cluster.flag,' value='true'/>
    <data key='user.was.user,' value='wasadmin'/>
    <data key='user.was.password,' value='wasadmin'/>

    <!-- Database details for Installing MDM -->
    <data key=',' value='insurance'/>
    <data key='user.db.type,' value='MSSQLU'/>
    <data key=',' value='MDMDB'/>
    <data key=',' value='localhost'/>
    <data key='user.db.port,' value='1433'/>
    <!-- Please ensure that the value for user.db.user and user.db.password are none since Windows authentication is used -->
    <data key='user.db.user,' value='none'/>
    <data key='user.db.password,' value='none'/>
    <!-- This flag indicates Windows native authentication is used -->
    <data key='user.db.auth.native,' value='true'/>
    <!-- The default schema name is specified -->
    <data key='user.db.schema,' value='dbo'/>

    <data key='user.db.filegroup,' value='MDMDBFG'/>
    <data key='user.db.servername,' value='#SQLSERVER_NAME#'/>
    <data key='user.code.lang.list,' value='en'/>
    <data key='user.code.lang.list.mds,' value='en'/>
    <data key='user.customer.lang.type,' value='en'/>
    <data key='user.db.ssl.enabled,' value='false'/>
    <data key='user.db.ssl.file.path,' value='none'/>
    <data key='user.db.ssl.password,' value='none'/>
    <data key=',' value='none'/>
    <data key=',' value='none'/>
    <data key=',' value='none'/>
    <data key=',' value='none'/>
    <data key=',' value='none'/>

    <!-- Parameters for MDM application Configuration -->
    <data key=',' value='true'/>
    <data key='user.was.application,' value='ES'/>
    <data key='user.instance.identifier,' value='ES'/>
    <data key='user.mtz.enabled,' value='true'/>
    <data key=',' value='Asia/Calcutta'/>
    <data key='user.rmi.port,' value='9999'/>
    <data key='user.L2.engine.type,' value='PME'/>
    <!-- Messaging details, WebSphere Embedded Messaging is used here and WMQ details here are ignored -->
    <data key='user.L2.messaging.type,' value='WEM'/>
    <data key='user.default.messaging.flag,' value='true'/>
    <data key=',' value='localhost'/>
    <data key='user.L2.messaging.port,' value='1414'/>
    <data key='user.L2.messaging.user,' value='none'/>
    <data key='user.L2.messaging.password,' value='none'/>
    <data key='user.L2.messaging.qm,' value='E001'/>
    <data key=',' value='CH.E001'/>
    <data key='user.L2.messaging.transport,' value='Client'/>
    <data key='user.L2.messaging.home,' value='/opt/IBM/MQ'/>
    <data key=',' value='7.5'/>
    <data key='user.config.messaging.server,' value='false'/>
    <!-- Details of WebSphere Application Server for Business Administrator UI installation -->
    <!-- In this sample these details will be ignored as BA UI is not selected for installation -->
    <!-- To install BA UI add ba to value for key, and -->
    <!-- to the features attribute in offering tag under install -->

    <data key=',' value='ND'/>
    <data key=',' value='8879'/>
    <data key=',' value='localhost'/>
    <data key=',' value='C:/Program Files (x86)/IBM/WebSphere/AppServer'/>
    <data key=',' value='chitiyerCell01'/>
    <data key=',' value='none'/>
    <data key=',' value='none'/>
    <data key=',' value='none'/>
    <data key=',' value='false'/>
    <data key=',' value='MDMCluster'/>
    <data key=',' value='true'/>
    <data key=',' value='1'/>
    <data key=',' value='on'/>
    <data key=',' value='wasadmin'/>
    <data key=',' value='wasadmin'/>
    <!-- Details of WebSphere Application Server for Inspector UI installation -->
    <data key='user.was.type.inspector,' value='ND'/>
    <data key='user.deploy.port.inspector,' value='8879'/>
    <data key=',' value='localhost'/>
    <data key='user.was.home.inspector,' value='C:/Program Files (x86)/IBM/WebSphere/AppServer'/>
    <data key='user.was.cell.inspector,' value='chitiyerCell01'/>
    <data key='user.was.node.inspector,' value='none'/>
    <data key='user.was.server.inspector,' value='none'/>
    <data key=',' value='none'/>
    <data key=',' value='false'/>
    <data key='user.was.cluster.inspector,' value='MDMCluster'/>
    <data key='user.was.cluster.flag.inspector,' value='true'/>
    <data key=',' value='1'/>
    <data key=',' value='on'/>
    <data key='user.was.user.inspector,' value='wasadmin'/>
    <data key='user.was.password.inspector,' value='wasadmin'/>
    <data key='user.use.ssl.inspector,' value='true'/>

    <!-- Details of WebSphere Application Server for Enterprise Viewer UI installation -->
    <!-- In this sample these details will be ignored as Enterprise Viewer UI is not selected for installation -->
    <!-- To install Enterprise Viewer UI add ev to value for key, and -->
    <!-- to the features attribute in offering tag under install -->

    <data key='user.was.type.ev,' value='ND'/>
    <data key='user.was.home.ev,' value='C:/Program Files (x86)/IBM/WebSphere/AppServer'/>
    <data key='user.deploy.port.ev,' value='8879'/>
    <data key=',' value='localhost'/>
    <data key='user.was.cell.ev,' value='chitiyerCell01'/>
    <data key='user.was.node.ev,' value='none'/>
    <data key='user.was.server.ev,' value='none'/>
    <data key=',' value='none'/>
    <data key=',' value='false'/>
    <data key='user.was.cluster.ev,' value='MDMCluster'/>
    <data key='user.was.cluster.flag.ev,' value='true'/>
    <data key=',' value='1'/>
    <data key=',' value='on'/>
    <data key='user.was.user.ev,' value='wasadmin'/>
    <data key='user.was.password.ev,' value='wasadmin'/>
    <data key='user.use.ssl.ev,' value='false'/>

    <!-- Details of WebSphere Application Server for Web Reports UI installation -->
    <!-- In this sample these details will be ignored as Web Reports UI is not selected for installation -->
    <!-- To install Web Reports UI add ev to value for key, and -->
    <!-- to the features attribute in offering tag under install -->

    <data key='user.was.type.wb,' value='ND'/>
    <data key='user.was.home.wb,' value='C:/Program Files (x86)/IBM/WebSphere/AppServer'/>
    <data key='user.deploy.port.wb,' value='8879'/>
    <data key=',' value='localhost'/>
    <data key='user.was.cell.wb,' value='chitiyerCell01'/>
    <data key='user.was.node.wb,' value='none'/>
    <data key='user.was.server.wb,' value='none'/>
    <data key=',' value='none'/>
    <data key=',' value='false'/>
    <data key='user.was.cluster.wb,' value='MDMCluster'/>
    <data key='user.was.cluster.flag.wb,' value='true'/>
    <data key=',' value='1'/>
    <data key=',' value='on'/>
    <data key='user.was.user.wb,' value='wasadmin'/>
    <data key='user.was.password.wb,' value='wasadmin'/>
    <data key='user.use.ssl.wb,' value='false'/>
  <!-- Installation details, since this is a new install, modify flag is set to value false -->
  <install modify='false'>
    <!-- InfoSphere MDM Standard Edition or Advanced Edition -->
    <!-- Offering details including version and list of features to be installed.  The version can be found in diskTag.inf file at the installation repository-->

    <offering profile='InfoSphere MDM Standard Edition or Advanced Edition' id='' version='11.5.0.FP00IF000_20151014-2303' features=',,' installFixes='none'/>
  <!-- Feature Details -->
  <!-- MDM Database  -->
  <!-- MDM Application  -->
  <!-- MDM Business Administration UI -->
  <!-- MDM Inspector UI -->
  <!-- MDM Enterprise Viewer UI -->
  <!-- MDM Web Reports UI -->

  <preference name='' value='${sharedLocation}'/>
  <preference name='' value='30'/>
  <preference name='' value='45'/>
  <preference name='' value='0'/>
  <preference name='offering.service.repositories.areUsed' value='true'/>
  <preference name='' value='false'/>
  <preference name='' value='false'/>
  <preference name='http.ntlm.auth.kind' value='NTLM'/>
  <preference name='http.ntlm.auth.enableIntegrated.win32' value='true'/>
  <preference name='' value='true'/>
  <preference name='' value='false'/>
  <preference name='PassportAdvantageIsEnabled' value='false'/>
  <preference name='' value='false'/>
  <preference name='' value='false'/>
  <preference name='' value='true'/>
  <preference name='' value='true'/>
  <preference name='' value='true'/>

Monday, 14 December 2015

IBM InfoSphere MDM v11.5 Installation - Experience the Usability Enhancements

IBM InfoSphere Master Data Management v11.5 leverages features in Installation Manager v1.8.2 and provides a UI that is more understandable, appealing and quicker.

Auto-population of default values
Default values are populated for most fields that enables the end user to reduce time spent using the Installation Manager GUI.

Default values populated

Tablespace names
It is possible to use the same tablespace name for multiple tablespace placeholders in the Database Panel.

Obtain Server details from Operational Server Panel
For the User Interface Panels, when the end user decides to use the same server as that used for the operational server, it is possible to enable a checkbox and populate those details automatically, thereby reducing time taken for retrieving WAS details.
Server Details

One Validation Panel per Feature
There is one validation panel per feature facilitating an easy view of the validation results.

Separate Validation Panels

'Ignore'  error message
The option to ignore error and warning messages and proceed with the the Installation is provided.  However, it is recommended not to ignore the Error messages generated by the validations.

Ignore Errors

Separation of Installation and Configuration
The configuration of Master Data Management has to be performed after the installation.  The Installation Manager GUI provides the required detail to the user on invocation of this target.

Friday, 4 September 2015

Fight Threat and Fraud Using InfoSphere Identity Insight

An elderly woman aged 58 years has applied for a visa and is at the Consulate.  The monitor shows the consular there, that the the applicant's son and daughter are in that country for the past 8 years and 4 years respectively and have good records.   Without much delay, the consular can approve her visa.

A man aged 32 years has applied for a visa and is at the same Consulate.  His address is the same as that of a culprit held last week.  This means that he is in some way related to that culprit.  Withholding his visa is better.

A woman applies for a Personal loan at a Bank.  The Bank official searches her family's records and finds that her husband has not been paying the installments of a Personal loan for the past six months.  His Savings Bank account has not had credits for the past eight months.  The woman has a huge credit card balance.  The Bank can easily decide whether or not to offer her a loan.

All this is possible only when a system can identify a person (an entity), the relationships that this person has, and to give alerts based on the activities performed by the person and relations over a period of time.  This is precisely what InfoSphere Identity Insight does.

InfoSphere Identity Insight establishes accurate identity of an individual, uncovers complex relationships between individuals and applies complex event processing algorithms to evaluate transactions by the individual and associates.  The system generates alerts when it finds a questionable situation, thereby enabling us to fight threat and fraud.

IBM - InfoSphere Identity Insight

Saturday, 8 August 2015

InfoSphere Master Data Management - Support for SSL enabled databases

InfoSphere Master Data Management v11.4 FP3 supports SSL enabled DB2 and SQL Server databases.

Obtain the certificate from an SSL enabled database, and use the keytool to create a trust file from the certificate. 
keytool.exe -import -alias db2_ca -keystore trust.der  -storetype PKCS12 -file cert.der

Provide the trust file path and the password in the Database Panel of the Installation Manager for InfoSphere Master Data Management.  Gold data is loaded and the product is configured to work with the SSL enabled database.

The Database Panel provides fields to provide SSL related data.
Database Panel in Installation Manager  
When Silent Install is used, the below keys can be used to configure SSL.
  • user.db.ssl.enabled
  • user.db.ssl.file.path
  • user.db.ssl.password
  • or PKCS12)
For example:
When SSL is enabled:
<data key="user.db.ssl.enabled," value="true"/>
<data key="user.db.ssl.file.path," value="D:/Work/SSL/trust.p12"/>
<data key="user.db.ssl.password," value="xxxxxxxx"/>
<data key="," value="PKCS12"/>

When SSL is disabled:
<data key="user.db.ssl.enabled," value="false"/>
<data key="user.db.ssl.file.path," value="none"/>
<data key="user.db.ssl.password," value="none"/>
<data key="," value="none"/>
Please note that user.db.ssl.enabled is a mandatory attribute from MDM v11.4 FP3.

Support for SSL encryption
Configuring SSL support in a DB2 instance