SiteMinder Web Agent Installation

Posted on June 10, 2011 by Admin

*************************************

Siteminder Webagent Install on host01
***************************************

Unzip the file zip swma-5qmr6-linux.zip somewhere under /var/tmp

And launch ./nete-wa-install to start webagent install.

Use /usr/local/netegrity/siteminder dir for install location.

*****************
Hotfix Install
*****************

Extarct the swma-5qmr6-hf009-linux.zip file under /var/tmp.

Copy the *.tar file siteminder webagent install location

usr/local/netegrity/siteminder/netegrity

And extracts its contents.

*************************************************
Siteminder Web Agent Configuration on host01
*************************************************

[root@host01 webagent]# ./nete-wa-config ( from temp dir /var/tmp/swa/smwa-5qmr6-linux/linux/nete-wa-5QMR6-linux-install, used for tar extarct)

Netegrity, Inc.                         Copyright 1997-2004

SiteMinder Web Agent version 5QMR6 for Unix Platforms

This procedure will configure a single Web server to act
as a SiteMinder Web Agent or, if it is already configured,
it will allow you to remove the configuration or update it.

Enter the name of the administrator who has the right to register a host with the Policy Server[SiteMinder]: linuxtrust

Enter the password for the administrator:
Re-enter password for confirmation:

Enter the name of the host we will register with the Policy Server:[host01] equest-stage

Specify the IP address of the Policy Server where you are registering
this host.  If the Policy Server is configured on a non-default port,
enter the IP address followed by a colon(:) and the port number.
For example xx.xx.xx.xx:port_number.
Enter the IP address:[3.177.44.26] 3.177.70.76

Enter the name of the host configuration object to use for this registration: equest-stage

Enter the name of the directory where we will write your SmHost.conf file:[/usr/local/netegrity/siteminder/webagent/config]
Do you want to enable PKCS11 cryptographic hardware?[N]

Preparing to run registration using the following information:
Registered Host: equest-stage
Policy Server: 3.177.70.76
Username: linuxtrust
Password: Not Shown
Host Configuration Object: equest-stage
Host File: /usr/local/netegrity/siteminder/webagent/config/SmHost.conf

Is this information correct? ([y]/n)? y
y
Running Command:
/usr/local/netegrity/siteminder/webagent/bin/smreghost -i 3.177.70.76 -u linuxtrust -p XX -hn equest-stage -hc equest-stage -f /usr/local/netegrity/siteminder/webagent/config/SmHost.conf

Host Registration written to ‘/usr/local/netegrity/siteminder/webagent/config/SmHost.conf’.

Do you want to configure an iPlanet or Sun ONE Web Server ([y]/n)? n

Do you want to configure an Apache Web server ([y]/n)? y

NOTE:  If you have Covalent Enterprise Ready Server or IBM HTTP Server,
please enter a specific configuration path.

Please enter your Apache server’s Server Root
[/usr/apache]: /etc/httpd

*** Invalid Apache Configuration ***
Directory /etc/httpd is not an Apache Server root.

1)  I would like to re-enter the Apache Server Root.
2)  I have multiple instances of Apache Web server
and would like to enter a specific configuration path.
3)  I don’t have an Apache Web server.

NOTE:  If you have Covalent Enterprise Ready Server or IBM HTTP Server,
please select choice number 2.

What would you like to do?  Enter a choice 1-3: 2
Please enter the Apache configuration path
[/etc/httpd/conf]:

Please select a choice for the Apache version.
1)  Apache version 1.0
2)  Apache version 2.0

Enter a choice 1 or 2:  2

Enter the name of the Web Agent configuration object [host01]: host01-dev

This is the end of the basic Web Agent configuration.
This Web Agent by default will enforce policies on the Web server, provide forms-based \nauthentication, and provide single-signon across multiple domains.

Do you want to configure Self Registration for DMS2 (y/[n])?

Configuration Selections
\————————
Installation root:          /usr/local/netegrity/siteminder/webagent
Web server target:          /etc/httpd

Agent Configuration Object:             host01-dev

Is this correct (y/n)? y

The Apache Web server at /etc/httpd
has been configured as a SiteMinder Web Agent.
follow the instructions in the documentation for modifying your
httpd.conf file to enable the web agent.
Restart the Web server for the configuration changes to take effect.

Edit the WebAgent.conf file and change the “enablewebagent” setting to “YES”.
This should be done AFTER configuring the Web Agent.

The WebAgent.conf file contains the necessary default settings for the Web Agent.
Refer to the “Siteminder Agent Guide” for explanations of these settings and how they may be tuned to best suit your needs.
./nete-wa-config: line 3428: [: too many arguments
[root@host01 webagent]#

*********************************
Configuration after above steps
**********************************

Open /etc/httpd/conf/httpd.conf file add below module lines to it under modules section

LoadModule sm_module /usr/local/siteminder/webagent/lib/mod2_sm.so

SmInitFile /etc/httpd/conf/WebAgent.conf (at the end of httpd.conf file)

**************
Modify enablewebagent=”YES” in /etc/httpd/conf/WebAgent.conf file

**************

Add /usr/local/netegrity/siteminder/webagent/lib line to /etc/ld.so.conf

***************
try starting web server

# service httpd stop
# service httpd start

******************

Browse http://equest.stage.erc.ge.com to check it is working ok

Original post blogged on b2evolution.

Incoming search terms:

  • netegrity webagent debian
  • how to re-register host to siteminder on linux server
  • siteminder policy server installation steps
  • siteminder web agent version
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

*


6 − two =

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>