Figured I should share this.
WAS6.1 has a totally new design on how it handles the LTPA keys. It basically hides the encrypted passwords from the security.xml, and references a key store called: ltpa.jceks. In the jacl script posted in this thread, we were still setting up the encryption type, no longer needed. Doing so was corrupting the security.xml. Just do this, and it will work:
proc setupLTPA { cell password } {
global AdminConfig
global AdminControl
set secMbean [ $AdminControl queryNames type=SecurityAdmin,process=dmgr,* ]
set timeoutAttr [ list timeout 720 ]
set passwordAttr [ list password $password ]
$AdminControl invoke $secMbean generateKeys $password
set attrs [ list $timeoutAttr $passwordAttr ]
set sec [ $AdminConfig getid /Cell:$cell/Security:/ ]
set ltpa [ $AdminConfig list LTPA $sec ]
$AdminConfig modify $ltpa $attrs
}
阅读(1274) | 评论(0) | 转发(0) |