Han-Dat Sun products tricks and tips

Sun Role Manager Tools

The SRMtools are a set of tools for Sun Role Manager 4.1.x.
The package contains a collection of useful tools that can aid
during the implementation of a Sun Role Manager deployment.

All the available tools can be used from the combined interface
or using their individual class invocation. The following is an
outline of the features of each of the tools:

RBACXUpdater: This tool allows you to easily upgrade SRM
components. It can be used to update the external SRM files as
well as update the rbacx.war file. The initial rbacx.war file
can be easily updated for immediate deployment. It also allows
you to customise the rbacx.war file. Customised files can be
placed into a directory called 'resources' and will be added
to the rbacx.war file. It also customizes a few other files
such as the config xml and properties files. The
rbacxmessages.properties can be updated in two ways. You
either include the full file and it gets replaced, or you only
put the fields that have changed in file and those changes will
be merged with the original. The latter option is better since
if a newer version of rbacx.war has more fields in the properties
file, the new fields won't get lost. RBACXupdater.conf contains
the configuration options on how to configure the rbacx.war file.
The RBACXConfigGUI allows you to visually configure the
RBACXupdater.conf if you do not want to edit it by hand.

SRMsecurity: This tools allows you to encrypt the JDBC service
 user's password. This comes in handy if you want to use a
different password than the default but don't want to store
the password in plain text format in the jdbc.properties file.
It encrypts the password and automatically updates the
jdbc.properties file as well. This tool can also generate
the user passwords stored in the database so you can use it
to check the hash of the encrypted password. In addition, it
also allows you to batch reset all the users' passwords which
is useful in UAT when you want to let everyone test using the
same password.

BUGenerator: This tool generates a business structure hierarchy
from using either the manager or office location to build the
structure. You will need to have a connection to the database
since it connects directly to the database and creates the
structure there. It will use the same credentials as the
SRM application and you do not even need to know the username
and password but just point it to the jdbc.properties file.

SRMmaintenance: This tool allows you to bulk import attributes
for namespaces. It uses a spreadsheet for the data to be
imported. Each sheet in the spreadsheet represents a namespace
and the name of the sheet is treated as the name of the namespace.
The file namespace-attributes.xls is a sample import file with
two namespaces. Additionally, there also is a set of predefined
queries that it provides for common tasks.

Simple Conversion Tools: A simple text two pdf converter is
included basically so that you can convert a log file to pdf
before giving it to a client rather than giving them a text file.
A simple conversion tool to extract content from spreadsheets and
export the data as a csv file is also included.

SQLRunner: This tool allows you to run simple SQL queries from
the command line. This is particularly useful for consultants
that are on a customer site with restrictive environments with
no database client software installed and no permission to
install additional software.

Sample Parsers: There is a small collection of sample file
parsers with source code to demonstrate how to parse CVS and
Excel files and converting them into CVS or XML files that
are required by SRM. It also generates the corresponding schema
files as well.

HRuserDataCSVparser - parses a HR user data dump in CSV or XLS
file format and generate schema and CSV file for import into SRM.

AppAccountsCSVparser - parses a single CSV file, or if XLS file
convert it to CSV file first and then generates schema and CSV
in SRM format.

DirectoryAccountsCSVparser - parses LDAP account file and
generates schema and CSV in SRM format.

SecurityAccountsXMLparser - parses a CSV file containing security
rules and a CSV file containing user accounts, merging and
transforming the data recursively into SRM compatible XML file.

GlossaryCSVparser - parses a XLS file containing glossary
information and generates schema and CSV file for import into SRM.


Installation:
-----------

In order to install SRMtools you simply need to make sure Java is
installed and then create a directory such as tools or SRMtools
and extract the content of the SRMtools.zip into that directory.

SRMtools does not have to be on the same server as SRM unless
you want to use SRMtools to upgrade or install SRM :)
It requires a connection to the database for most of its features
that queries or updates the database tables, but if you only
want to use those features not requiring database access then it
can be even installed on a standalone and non networked machine.

The first time you run SRMtools, it will be configured with
default settings which you will need to change to fit your own
environment. On Windows, the configuration is stored in the
registry while on other environments SRMtools.xml will get
generated. You can edit the file manually or use the SRMtools
config editor.

You can also force SRMtools to save its config to a file by
adding the -Dsaveconfig=true java option, ie:

java -Dsaveconfig=true -jar SRMtools.jar -config



Syntax and Usage:
------------------

The tools is written in Java and packaged as a jar file and
thus can be invoked simply by executing the following:

java -jar SRMtools.jar

For convennience, binary executables (SRMtools.exe and
SRMtoolsGUI.exe for Windows and SRMtools and
SRMtoolsGUI for Linux) have been created as launchers.
The SRMtools can be run in both command line as well as
GUI mode.


SRMtools -gui

    This will launch the SRMtools in GUI mode.

SRMtools -config

    This will launch the config editor for SRMtools.

SRMtools -rbacxupdate rbacx.war srm_home deploy_dest

    This will update the rbacx.war file with appropriate values for first time deployment as well as apply customisations. Simply include all files to be included or modified into a directory called resources.

SRMtools -rbacxconfig

    This will launch a GUI for configuring RBACXupdater.conf

SRMtools -srmupgrade SRM_external.zip srm_home deploy_dest

    This will extract the SRM_external.zip file which contains SRM files that are not part of the war file and update them appropriately. This can be used to upgrade SRM.

SRMtools -iamconfig

    This will launch a GUI for configuring iam.properties

SRMtools -wipenulls

    This will remove all null values from certification

SRMtools -createbs managers

    This will create a business structure according to reporting managers

SRMtools -createbs officename

    This will create a business structure according to office location

SRMtools -movebs business_node

    This will move the business structure from the root one level down to the designated business structure node

SRMtools -passwdenc

    This will encrypt the JDBC service password and update the jdbc.properties file that stores it

SRMtools --rbacxpasswd userkey password

    This will generate the user's encrypted password stored in the database

SRMtools --pwreset password

    This will change every user's password except for rbacxadmin

SRMtools --encrypt password

    This will simply display the encrypted password

SRMtools --decrypt password

    This will simply display the decrypted password

SRMtools --query query

    This will run the SQL query using the connection and access priviledges of the rbacxservice user

SRMtools --query queryfile.sql

    This will run all the SQL queries contained in the file sequentially one by one using the connection and access priviledges of the rbacxservice user

SRMtools --text2pdf textfile pdfname

    This will convert a text file into a pdf file

SRMtools text2pdfGUI

    This will launch the a GUI for the text2pdf converter

SRMtools --excel2csv excelfile

    This will extract the first sheet from an excel document and save it in csv format

SRMtools excel2csvGUI

    This will launch the a GUI for the excel2csv converter

SRMtools SRMsecurityGUI

    This will launch a GUI consolidating the password manipulation features



jdbcpasswd
========

This command is for convennience. It is the same as running
SRMtools -passwdenc


hdpad
====

This is a simple notepad application written in Java. It can
also be launched through executing:

 java -jar lib/HdPad.jar


ldapdelete
=======

This is a launcher for LDAPSDK's LDAPDelete. It can also
be launched through executing:

 java -cp lib/ldapsdk.jar LDAPDelete


ldapmodify
=======

This is a launcher for LDAPSDK's LDAPModify. It can also
be launched through executing:

 java -cp lib/ldapsdk.jar LDAPModify


ldapsearch
=======

This is a launcher for LDAPSDK's LDAPSearch. It can also
be launched through executing:

 java -cp lib/ldapsdk.jar LDAPSearch


excel2csv
=======

This is a launcher for the excel conversion module. It can
also be launched through executing:

 java -jar lib/excel2csv.jar


text2pdf
======

This is a launcher for the pdf conversion module. It can
also be launched through executing:

 java -jar lib/excel2csv.jar



Advanced Usage:
------------------
In addition to the above interfaces, each of the tools or modules
also has their own interfaces that can be called directly.
Essentially you launch them as follows:

java -cp SRMtools.jar className

You will also need to add additional libraries to the classpath
for some of the tools or use the runClass.sh/runClass.bat
script in the utils sub directory in which case you can do the
following:

runClass au.com.sun.hdl.tools.RBACXUpdater

runClass au.com.sun.hdl.tools.SRMsecurity

runClass au.com.sun.hdl.tools.BUGenerator

runClass au.com.sun.hdl.tools.SRMmaintenance

runClass au.com.sun.hdl.tools.SQLRunner


Sample Parsers:

runClass sample.parser.AppAccountsCSVparser

runClass sample.parser.DirectoryAccountsCSVparser

runClass sample.parser.LDIFAccountsCSVparser

runClass sample.parser.GlossaryCSVparser

runClass sample.parser.HRuserDataCSVparser

runClass sample.parser.SecurityAccountsXMLparser


GUI versions:

runClass sample.parser.gui.AppAccountsGUI

runClass sample.parser.gui.DirectoryAccountsGUI

runClass sample.parser.gui.LDIFAccountsGUI

runClass sample.parser.gui.GlossaryGUI

runClass sample.parser.gui.HRuserDataGUI

runClass sample.parser.gui.SecurityAccountsGUI

SRM Installation/Upgrade steps:
---------------------------------

The following steps illustrate how you can use SRMtools to install
SRM from the SRM zip file such as SRM_4_1_6.zip

1. install/upgrade Java and Application Server

   Make sure you install JDK 1.5 or above and a supported
   Application Server like GlassFish

2. run SRMtools -config to configure SRMtools

   This will allow you to configure the initial directory locations
   Make sure you have set the SRM Home directory to where you want
   SRM installed to and also fill in the Deploy Destination location
   which on GlassFish would be by default the domain1 directory.
   Also ensure that the JDBC config file is pointed to the conf
   sub-directory of the SRM Home directory. The tool will warn
   you that the directories do not exist which you can ignore since
   they really don't exist yet.

3. launch SRMtools in GUI mode for install/upgrade (SRMtools -gui)

   This time select the Upgrade SRM base option under the RBACXupdater
   tab and provide the zip file location for the SRM zip file. You can
   simply hit enter while your cursor is at the zip file entry box
   and you will get a file selector dialog to select the zip file.
   Press the Run button to start install.

4. create/update database tables

   You do this using the appropriate database management tools
   for the database you have chosen by running the appropriate
   db scripts found under the db directory once SRM is installed or
   use the Create SRM DB tables option which will launch a dialog
   that allows you to provide the initial values to connect to your
   database as a DBA and run import the tables.

5. configure jdbc.properties file

   You can do this by running SRMtools -config again or simply clicking
   on the icon on the top right hand corner of SRMtools.
   In the SRMtools configurator you can now provide the username and
   password for the JDBC service (best use default values unless you
   changed these when you ran the db scripts). Select the JDBC Driver
   Class for your database and replace your hostname with the database
   hostname if it is not on the same server.

6. copy the weka and jdbc driver jar files into the resources directory

7. update the rbacx.war file

   From the RBACXupdater tab, select Update rbacx.war content.
   Then specify the rbacx.war file location under the war file input
   box (hit enter while you have selected the field to get the file
   selection dialog box). The rbacx.war file is located inside the
   SRM base install directory that you just created before.
   Click on Run button once you have specified the rbacx.war file.

8. deploy the rbacx.war file

   The rbacx.war file has been updated and can now be deployed using
   the application server's deploy tools.

SRMtools has been tested on Windows and Ubuntu Linux

You can download the full SRMtools for Windows or the full SRMtools for Linux

A Windows installer is also available for SRMtools.

SRMparser is a subset of just the Sample Parsers from the full SRMtools package.

There also is a minimal RBACXUpdater only component of SRMtools.

Web Services add-ons for SRM 4.x and SRM 5.x (coming soon).

Posted at 04:33PM Jul 03, 2009 by Han-Dat Luc in Sun  |  Comments[4]