165. If admin console is not accessible then what we will do in base installation?
Ans) in base also we have the WSADMIN scripting tool. We can connect to wsadmin by mentioning NONE connection type .After connecting to wsadmin we fire a command securityoff. It will disable the security after that we can login to the admin console and reset the passwords.
166. How you get user id for datasource?
Ans) from the database team we get the user id to configure the datasource.
167. How you configure LDAP with WAS?
Ans) To configure the console server, do the following steps:
Start the WebSphere(R) Application Server service on the console server.
Refer to Configuring the J2EE Application in the IBM Tivoli(R) Business Systems Manager Administrator's Guide for information on how to configure the console server.
To enable WebSphere Application Server to work with Tivoli Business Systems Manager, you must map WebSphere Application Server roles to Tivoli Business Systems Manager groups. Refer to the IBM Tivoli Business Systems Manager Administrator's Guide for information.
If you are using the Local OS user registry, you do not need to do anything else. If you are using LDAP, see Configuring WebSphere Application Server to use LDAP. If you are upgrading and plan to use LDAP, do not following the instructions in Configuring WebSphere Application Server to use LDAP yet. You can switch to LDAP later in the process.
To configure WebSphere Application Server to use LDAP, you need some information from your security administrator. Following is an example of the type of information and sample answers that you need to do the steps in this section:
Server User ID: User_ID
Server User Password: password
Type of LDAP: Active_Directory
Host: The fully qualified name of the server running LDAP
Port: 389 (Default)
Base Distinguished Name (DN): dc=DOMAIN_NAME_HERE
Bind Distinguished Name (DN): cn=user_id,cn=users,dc=DOMAIN_NAME_HERE
Bind Password: Password for the user above
Reuse Connection: Checked
Ignore Case: Checked
This is just an example. Your security administrator knows what information you need.
The following steps assume that you configured your LDAP server on the ldapserver.abc.com host and that your users and groups for Tivoli Business Systems Manager and the WebSphere Application Server that is hosting Tivoli Business Systems Manager are defined under the name ou=tbsm,o=abc in the directory. The Secure Sockets Layer (SSL) between the LDAP server and WebSphere Application Server is not configured.
This is a sample configuration based on this example and uses the default values where appropriate.
In the WebSphere Administrative Console, expand Security -> User Registries in the left-hand navigation pane and click LDAP. The LDAP User Registry page opens.
In the Server User ID and Server User Password fields, type the user ID and password from your LDAP directory that the WebSphere Application Server runs under. Type the ID either as userid or as a distinguished name similar to uid=userid,ou=tbsm,o=abc.
In the Type field, select the type of LDAP server you want to use.
In the Host field, type the hostname of your directory server. For this example use ldapserver.abc.com.
In the Port field, select the default value of 389.
In the Base Distinguished Name field, type the name of the container object in the LDAP that contains your Tivoli Business Systems Manager users. For this example, type ou=tbsm,o=abc.
In the Bind Distinguished Name and Bind Password fields, type the distinguished name and password for a user ID that is authorized to run queries on your LDAP server. If your server allows anonymous queries, you can leave these fields clear.
For example, the IBM(R) Directory Server default setting allows anonymous queries. You can leave this field blank. The Active Directory default setting requires authentication to run queries, so you need to supply the appropriate values.
In the Search Timeout field, accept the default value of 120.
In the Reuse Connection field, accept the default setting. The check box should be selected.
In the Ignore Case field, follow the recommendations for your LDAP server.
If IBM Directory Server is selected as the LDAP directory server, select this check box. Otherwise, this field is optional and can left unchecked when a case sensitive authorization check is required. Note however that this value does not affect how Tivoli Business Systems Manager treats distinguished names stored in the Tivoli Business Systems Manager database. Internally, Tivoli Business Systems Manager treats distinguished names as case insensitive. For example, if the user registry is configured to be case sensitive, you can create users with distinguished names cn=John Doe, ou=Raleigh , o=IBM, c=US and cn=john doe, ou=raleigh
Accept the default SSL settings to run without the SSL.
Click Apply to accept the changes.
The WebSphere Administrative Console might switch to the Global Security page. If so, navigate back to the LDAP User Registry window (see Step 1 for directions). Click Advanced LDAP Settings near the bottom of the window.
Click Configuration and click the General Properties tab.
The User ID Map field specifies a filter that is used to determine the User's Full Name in Tivoli Business Systems Manager. In the User ID Map field, specify the attribute from the LDAP that you want to display for the full name of the user. For example, to use the cn attribute, specify *:cn. If you are using Active Directory, specify *:displayName.
Verify the following settings:
Active Directory:
User Filter: (&(sAMAccountName=%v)(objectclass=user)) - The User Filter field determines what part of the LDAP entry must match the logon ID of the user.
Group Filter: (&(cn=%v)(objectclass=group))
User ID Map: *:displayName (or whatever you entered in Step 15)
Group ID Map: *:cn
Group Member ID Map: memberof:member
Certificate Map Mode: EXACT_DN
Certificate Filter: leave clear
IBM Directory Server:
User Filter: (&(uid=%v)(objectclass=ePerson)
Group Filter: (&(cn=%v)(|(objectclass=groupOfNames) (objectClass=groupOfUniqueNames)))
User ID Map: *:cn (or whatever you entered in Step 15)
Group ID Map: *:cn
Group Member ID Map: ibm-allGroups:member;ibm-allGroups:uniqueMember
Certificate Map Mode: EXACT_DN
Certificate Filter: leave clear
Click OK. You might have to restart the console and WebSphere Application Server to see any changes you make.
If the page does not display automatically, navigate to the Security -> Global Security page.
From the Global Security page, use all the default values except the following values:
Enabled: checked
Active User Registry: LDAP
Click OK.
WebSphere Application Server validates your setup. The messages at the top of the screen indicate your results. Yellow warning messages are typical. If an round, red error message is displayed, it means that WebSphere Application Server could not validate the Server ID you gave with the LDAP. Verify that this and the other LDAP parameters are correct for your LDAP server and repeat the Global Security configuration steps until the validation is successful.
Click Save at the top of the window.
Click Save again.
Start WebSphere Application Server again.
For more information about specific LDAP servers, see the LDAP server documentation in the WebSphere InfoCenter. Navigate to All topics by feature -> Security -> Securing applications and their environments -> Managing security -> Configuring user registries.
168. How you will fix memory leakage?
Ans) Memory leak is the issue with native code. We need to get the heap dumps and analyse the dumps for any memory issues with the code and if you find any issue then we need to ask developers to fix the same. Temporarily we can increase the heap size . In this way after analysing the exact root cause we need to fix the memory leakage issue.
169. What is the recommended physical memory for WAS?
Ans) Mandatory is 512 MB and IBM recommends 1024 MB. Bur in real time projects it will be more the recommended. In our project it was 4 GB.
170. How you will check the port status?
Ans) netstat
171. If you are trying to start the WAS and you are getting the “Class not found” exception then how to solve the issue?
Ans) 1. Check the WebSphere Class path and set it properly if not set correctly
Check the System out and systemErr logs for any specific errors/warning to identify which class is not found when starting the server
172. If you get internal error then what is the solution for it?
Ans) Check the IHS is running or not, if its running... check the App server is running or not.
This is basically due to the request is reaching to IHS and not able to reach the app.
173. How and where to find the specific class?
Ans) Application classes will be available at installed app path.
If WAS classes, find out in WAS classpath.
174. If application is giving very slow response then how will improve?
Ans) Have to check Connection pooling settings, change accordingly if required
JVM memory settings, change accordingly if required
And check the data base if its giving slow response
Check any conneciton are waiting and not closing
Check the CPU utilization and JVM utilization
175. What is SIB & what is the purpose?
Ans) Service Integration BUS is introduced in V6 and the purpose is to connect the SOA apps like MQ.
176. What is the significance of the embedded http server explain?
Ans) To get requests from external IHS and forward to WEB container.
What are the steps to do performance tuning for webserver?
To reduce the disk i/o by using the _file () API directive on UNIX.
177. In ssl configuration how you will provide the path of the certificate?
Ans) While Adding certificate, we have to give the location of the certificate, and if you want to give Certificate store path, we have to give .p12 path
178. How you will change / migrate the project from one version to other?
Ans) We will get new version of EAR/WAR(project) deploy it.
If we want to migrate WAS, We normally take the new box and install new version, then deploy new app and make new server into production, then decommission the old server.
Or install new version in the production BOX and then migrate the old one with new version.
179. Explain about how you will put the brand new system into production. Explain from development to production?
Ans) Development team will develop the code and test in the Development env. Then we will create Test Env. And then put the server into Production.
180. Silent mode how it will work and if you get any errors then how you will rectify it?
Ans) Silent mode of installation will also have the log file, where we can check the errors
181. Explain about configuration of IBM Tivoli directory server?
Ans) Don’t have Experience.
182. How many types of Garbage collections?
Default ports:
Port Name | Port Number |
Web container port (HTTP_TRANSPORT) | 9080 |
Web container secure port (HTTPS_TRANSPORT) | 9443 |
9060 | |
HTTPS Admin Console Secure Port (HTTPS_TRANSPORT_ADMIN) | 9043 |
SOAP_CONNECTOR_ADDRESS | 8879 |
80 | |
8008 | |
JMX on RMI connecter | 2809 |
LDAP | 389 |
LDAP in TCP for SSL | 636 |
SMTP | 25 |
POP3 | 110 |
FTP | 20/21 |
TELNET | 23 |
https | 443 |
http | 80 |
183. What is the basic command in UNIX to find network performance?
Netstat
184. If you need to configure a process in UNIX what are the steps?
No Idea about this question.
185. How to find a text in VI editor in UNIX?
Escape / followed by text
186. Tell about “nany process” in UNIX?
a) Nanny process on Windows NT and Windows 2000 is the Windows service "IBM WS AdminServer".
187. How you will check the details of a process if you know only port number of that process?
First we need to find the socketno of that port by using
Netstat –Aan|grep <port_no>
Then we need to find the sid by using the socketno
Rmsock <socketno> protocol
Ex:
#netstat –Aan|grep 944
#f100020000fc4398 ……………you get some more information….
#rmsock f100020000fc4398 tcpcb
The socket oxfc4008 is being by process 626888 (Java)
Ps –ef|grep 626888
You get the detailed information about the said process.
Posts
0 comments:
New comments are not allowed.