ESM Banner Provisioning and Setups

Princess Noura Bint Abdul Rehman University

 Document Control

Document Information

Information
Document ID PNU_001
Document Owner PNU
Issue Date 11/10/2018
Last Saved Date 11/11/2018
File Name

Document History

Version Issue Date Prepared/Reviewed by Changes

[1.0] 2018 Raoof Ali Khan
Hassan Malli

Banner Implementation - Princess Noura University

 Table of Contents
1 OBJECTIVE ........................................................................................ 4
2 ENVIRONMENT INFORMATION......................................................... 5
3 INSTALLATION ................................................................................ 8
3.1 INSTALLATION OF ESM ....................................................................................8
3.2 ESM CONFIGURATION FOR BANNER PROVISIONING .........................................15
4 BANNER PROVISIONING .............................................................. 22
5 POST CONFIGURATION STEPS FOR BANNERERROR! BOOKMARK NOT
DEFINED.
6 IMPORTING SSL PUBLIC CERTIFICATEERROR! BOOKMARK NOT
DEFINED.
7 TESTING SINGLE SIGN ON ... ERROR! BOOKMARK NOT DEFINED.
RECOMMENDATIONS & LESSONS LEARNEDERROR! BOOKMARK NOT
DEFINED.
8 APPROVALS .......................... ERROR! BOOKMARK NOT DEFINED.
1 OBJECTIVE

➔ Installation of Ellucian Solution Manager

➔ Verification of ESM and Configuration required for Banner Provisioning
➔ Banner Provisioning of SEED Environment
➔ Post Provisioning Setups
➔ Banner Upgrades and Deployment of Banner 9 Applications ec
 2 ENVIRONMENT INFORMATION

Ellucian Solution Manager - ESM Admin Server

Hostname PNUDSTBNRESM01.PNUDSTST.EDU.SA
IP Address 10.1.1.57 , 10.164.4.57
Operating System Oracle Linux 7
ESM Application Owner Esmadmin
ESM Application Homes Data Dir : /u01/adminApp
Deployment Dir : /u02/esmdeploy
Jenkins Home Dir: /u01/Jenkins
Java Home Dir :/u01/jdk1.8.0._172
Tomcat Home : /u01/apache-tomcat-8.5.30
Admin Console Urls http://10.164.4.57:8081/admin
ESM Admin Credentials admin / u_pick_it
Jenkins Admin URl http://10.164.4.57:8080
Jenkins Admin Credentials admin / u_pick_it
Root Password redhat

Banner JobSub Server

Hostname PNUDSTBNRJOB01
IP Address 10.1.1.59 , 10.164.4.59
Operating System Oracle Linux Server release 6.5
Banner User and password banner / u_pick_it
Banjobs User Id and password banjobs / u_pick_it
Oracle Client Home /u01/ap/oracle/product/12.1.0/client
Oracle Owner oracle / u_pick_it
Banner Home /u02/banner
Jobsub Home /u02/jobsub
Jobsub User Banjobs/u_pick_it
Root Password Bann3rBu1ld3r
Banner Database Server
Hostname pnudstbnrdb01
IP Address 10.1.1.58 , 10.164.4.58
Operating System Oracle Linux Server release 6.5
RDBMS Home /u01/app/oracle/product/12.1.0/db_1
Oracle Version 12.1.0.1.0
Software Owner oracle / u_pick_it
Oracle Datafiles Home /u02/oradata/SEED , /u02/oradata/DEV
Oracle SID Listener Port SEED 1521 , DEV 1521
Root Password Bann3rBu1ld3r

Banner Application Server INB / SSB

Hostname Pnudstbnrinb01
IP Address 10.1.1.61 , 10.164.4.61
Public Host Name INB Server inbssb.pnudstst.edu.sa
Operating System Oracle Linux Server release 6.5
Oracle Weblogic and OFM Homes /u01/app/oracle/Middleware
Oracle Weblogic and OFM Admin Urls http://10.164.4.61:7001/console
http://10.164.4.61:7001/em
Oracle User Password u_pick_it
Weblogic Password password1
Banner INB Forms Home ( /banapp/inb) @10.1.1.59:/u02/banapp/inb
Root Password Bann3rBu1ld3r

Ellucian Ethos Identity Server

Hostname pnudstbnridm01
IP Address 10.1.1.60 , 10.164.4.60
Public HostName EIS Server idm.pnudstst.edu.sa
Operating System Oracle Linux Server release 6.5
EIS Home /u01/app/eis
EIS Owner oracle
EIS Admin Url https://idm.pnudstst.edu.sa:8447/carbon
EIS Admin password admin / admin
Root Password Bann3rBu1ld3r
Banner 9 Application Server ( Admin & Self Services )
Hostname Pnudstbnrxe01
IP Address 10.1.1.64 , 10.164.4.64
Public hostname xe.pnudstst.edu.sa
Tomcat Owner oracle
Operating System Oracle Linux Server release 6.5
Application Deployment Directory /u01/app/tomcat ,/u01/app/XESS_SEED
Root Password Bann3rBu1ld3r

tive
 3 INSTALLATION

3.1 INSTALLATION OF ESM

Install Solution Manager to run as a web application on the designated Admin Server.
Create an esmadmin user
Create a user on the Admin Server to run the Solution Manager Admin Console. This user will also
own all of the files associated with the Solution Manager application.
Procedure
1. [ROOT] Log on to the Admin Server as root and enter useradd -c "Ellucian Solution
Manager" -U esmadmin to create a user and group named esmadmin.
2. Enter passwd esmadmin to set a unique password for the esmadmin user.

Set up Solution Manager root directories

Create the root directories necessary to install the application and associated content files.
Procedure
1. [ROOT] Create a /u01 directory on the partition on which you install the operating system.
2. Create a /u02 directory on the second partition.
3. Enter the following commands to change the ownership of the /u01 and /u02 directories to
specify esmadmin as the owner and group.
• chown esmadmin:esmadmin /u01
• chown esmadmin:esmadmin /u02

Create a deployment files directory

Create a directory to store Solution Manager installation files.
Procedure
1. Log on to the Admin Server as esmadmin.
2. Change the directory to /u02 and create the esmdeploy directory by entering the command
mkdir esmdeploy.

Download the installation deployment files

Procedure
1. Download the software by going to https://www.ellucian.com.
a) Go to Support & Training > Support.
b) Log on to the Ellucian Hub.
c) Navigate to the Ellucian Download Center. In the Download Center, go to Downloads >
Search Downloads.
d) Enter solution manager in the Search For field, and select Search to show results for
download packages. Select the Ellucian – Solution Manager package.
2. Download the esm_1.12_deploy.zip file and copy it into the /u02/esmdeploy deployment
files directory.
3. Optional: If you copy the esm_1.12_deploy.zip file to the /u02/esmdeploy directory as a
user other than the esmadmin user, change the ownership of the file to esmadmin:esmadmin
4. Log on to the Admin Server as esmadmin.
5. Change the directory to /u02/esmdeploy and enter the command unzip
esm_1.12_deploy.zip to extract the downloaded file to the /u02/esmdeploy directory
Install Java
Install the Java Development Kit (JDK) used to support the Solution Manager Admin Console
application.
Procedure
1. Log on to the Admin Server as esmadmin.
2. Change directory to /u01 and enter the command below to install the JDK into the /u01
directory.
tar -xvf /u02/esmdeploy/jdk-8u172-linux-x64.tar
3. Verify that you now have a directory named /u01/jdk1.8.0_172 containing the files for Java

Configure access to Java for the Admin Console

For the Solution Manager Admin Console to function properly, Java must be accessible by the
Admin Console application.
Procedure
1. Modify the profile for the esmadmin user to set environment variable JAVA_HOME to contain
the path where you installed Java.
If you installed Java into the /u01/jdk1.8.0_172 directory, the JAVA_HOME environment
variable should contain that directory path.
2. Log off and log on again as user esmadmin to set the JAVA_HOME environment variable for the
rest of the installation procedure.
3. Enter echo $JAVA_HOME after you log back on as esmadmin to verify that the JAVA_HOME
variable is set correctly

Install and configure Apache Tomcat

Install the Apache Tomcat software used to host the Solution Manager Admin Console application.
Procedure
1. Log on to the Admin Server as esmadmin and change directory to /u01.
2. Enter unzip /u02/esmdeploy/apache-tomcat-8.5.30.zip to install Apache Tomcat in
the /u01 directory.
The /u01/apache-tomcat-8.5.30 directory now contains the Apache Tomcat files.
3. Change directory to /u01/apache-tomcat-8.5.30 and enter rm -rf webapps/* to
secure the Tomcat installation.

Edit the delivered Tomcat startup parameters file, /u01/apache-tomcat-8.5.30/bin/

catalina.sh to explicitly specify your JDK location and Java parameters by inserting the two
lines shown below after the opening comments and before any executable content. Ensure that
the JAVA_HOME variable reflects the location of your installed JDK if you installed a different
version of Java or installed Java in a different directory.
• export JAVA_HOME=/u01/jdk1.8.0_172
• JAVA_OPTS="-Djava.awt.headless=true -Dfile.encoding=UTF-8
-server -Xms2560m -Xmx2560m -XX:NewSize=512m -XX:MaxNewSize=512m
-XX:+DisableExplicitGC"

Install and configure a Groovy interpreter

Install a Groovy interpreter to support the Solution Manager application. Procedure
1. Log onto the Admin Server as esmadmin and enter mkdir /u01/groovy to create a directory
for groovy.
2. Change directory to /u01/groovy.
3. Enter unzip /u02/esmdeploy/groovy-binary-2.0.5.zip to extract the groovybinary-
2.0.5.zip file to install Groovy in the /u01/groovy directory.
Create a Solution Manager configuration database
encryption key
Specify credentials to generate an encryption key for the Solution Manager configuration database.
Store the encryption key so that it is available to the Solution Manager application whenever it starts
up. The generated encryption key encrypts the Solution Manager configuration database.
Procedure
1. Log on to the Admin Server as esmadmin.
2. Enter the commands below to create and store a database encryption key.
• cd ~
• mkdir .grails
• cd /u02/esmdeploy
• /u01/jdk1.8.0_172/bin/java -classpath "./adminutils.jar:./commonscodec-
1.5.jar" adminutils.codec.AdminCodecUtils
3. Enter the appropriate information when prompted.
• DB File Password: esmdb
• DB User Password: u_pick_it
• DB User Name: u_pick_it
• Persistence Directory: /u01/adminApp

Create the Solution Manager application data directory

Create the Solution Manager application data directory (known as the persistence directory) and the
initial configuration files for that directory.
Procedure
1. Log on to your Admin Server as esmadmin, and enter mkdir /u01/adminApp to create the
application data directory in the /u01 directory.
2. Enter the commands below to copy the initial configuration files to the /u01/adminApp
directory.
• cp /u02/esmdeploy/config.properties /u01/adminApp
• cp /u02/esmdeploy/ProdCodeMap.txt /u01/adminApp
3. Enter the commands below to set the permissions of the initial configuration files to read and
write for esmadmin.
• chmod 600 /u01/adminApp/config.properties
• chmod 600 /u01/adminApp/ProdCodeMap.txt
4. Edit the /u01/adminApp/config.properties file and find the line with the
downloadRootUrl property.
5. Verify that the value of the downloadRootUrl property that specifies the URL for downloading
releases and provisioning content from the Solution Manager Release Services matches the
line below. If necessary, edit the file to match.
downloadRootUrl=https://esmsvc.ellucian.com:8443
6. If you installed the Groovy interpreter in a different location than what the installation instructions
recommend, edit the groovyLocalRuntimePath property to specify the actual path to the Groovy
interpreter.
7. If you use a folder for the Solution Manager content other than /u02, edit the
config.properties file and add a contentDir=/your-location line to the file.
8. Save your edits.
Start and access the Solution Manager application
Start up the Solution Manager application and access the application for the first time.
Procedure
1. Start Solution Manager.
a) Log on to the Admin Server as esmadmin and change directory to /u01/apachetomcat-
8.5.30.
b) Enter bin/startup.sh to start Solution Manager.
Using CATALINA_BASE: /u01/apache-tomcat-8.5.30
Using CATALINA_HOME: /u01/apache-tomcat-8.5.30
Using CATALINA_TMPDIR: /u01/apache-tomcat-8.5.30/temp
Using JRE_HOME: /u01/jdk1.8.0_172
Using CLASSPATH: /u01/apache-tomcat-8.5.30/bin/tomcatjuli.
jar
Tomcat started.
Install and start Jenkins
Install Jenkins, the infrastructure software the Solution Manager application uses for Banner
upgrade installation, deployments, and provisioning of applications and environments.
.
Procedure
1. Log on to the Admin Server as the esmadmin user and enter mkdir /u01/jenkins to create
a Jenkins home directory.
2. Download Jenkins 2.89.4 from https://updates.jenkins-ci.org/download/war/.
3. Copy the jenkins.war file to /u01/jenkins.
4. Enter the following commands to create a script for starting Jenkins in the /u01/jenkins
directory.
• cd /u01/jenkins
• vi start.sh
5. Add the lines below to the start.sh file and save it.
nohup /u01/jdk1.8.0_172/bin/java -jar jenkins.war &
6. Enter chmod +x start.sh to make the start.sh file executable.
7. Start Jenkins.
a) Change the directory to /u01/jenkins.
b) Enter ./start.sh to start Jenkins
Follow the instructions on the Unlock Jenkins page to use Jenkins for the first time.
10. On the Customize Jenkins page, choose Select Plugins to Install.
11. Select None on the Getting Started page to clear all selections.
12. Click Install.
13. On the Create First Admin User page, create the admin user with a name and password of
your choice. Record this login information and keep it in a secure location. You need these
credentials to log in to Jenkins.
 3.2 ESM CONFIGURATION FOR BANNER PROVISIONING

Install required OS infrastructure packages

Install the required infrastructure packages into the operating system before provisioning new
Banner environments.
Procedure
1. [ROOT] Log on to your Admin Server as root.
To install the required infrastructure packages, use the yum directory. It may be necessary to
add a line similar to the following to the configuration file /etc/yum.conf to allow yum to
acquire packages from the Internet.
Proxy = http://www-proxy.your-institution-domain:8080
2. Run the following scripts to install the required infrastructure packages:
• yum install createrepo
• yum install httpd
• yum install xinetd.x86_64
• yum install tftp-server
• yum install dhcp.x86_64
• yum install expect

#sestatus
if Sestatus shows Disabled
then dont have to any any furhter action

Restart the init Deamon and configure DHCP

log on as root
#systemctl restart xinetd.service

configure your admin server as DHCP server for environement provisioning

enter the commands below to enable the solution manager to modify the dhcp.conf

#chgrp esmadmin /etc/dhcp

#chgrp esmadmin /etc/dhcp/dhcpd.conf
#chmod g+w /etc/dhcp
#chmod g+w /etc/dhcp/dhcpd.conf
Download provisioning template
Provisioning Banner environments requires a provisioning template.
Procedure
1. Access the Solution Manager application from a web browser and log in as a user with the
Admin role.
2. Go to the System Updates tab and click Get Latest Updates to download the latest Solution
Manager updates including the Banner-US-EN-TC-1_4 and Banner-US-EN-WL-1_4
provisioning templates.
Solution Manager displays the Download Monitor page, which displays download progress.
• You can set the automatic refresh rate on the page by typing the number of seconds
between each desired refresh in the Auto Refresh (secs) field and then clicking Refresh.
• You can also manually refresh the display at any time by clicking Refresh. You can scroll
through the rest of the display to see what is happening during the download.
Set up directories for provisioning environments
Set up the directories that Solution Manager uses to provision servers.
Procedure
1. [ROOT] Log on to the Admin Server as root and enter sh /u02/esmdeploy/
prep_services_for_provision.sh to run the script that sets up the directories for
provisioning environments:
2. Enter chown -R esmadmin:esmadmin /u01 to change the user and group ownership of all
files in the /u01 directory to esmadmin.
3. Enter cat /etc/exports to view the exports.
The NFS exports that are set up by this script are available as read-only to any host.
The output from the cat command should contain lines similar to those shown below.
/u01/ks/ksCmds *(ro)
/u02/installs *(ro)
Restart the inet daemon and configure DHCP
Restart the inet daemon to implement network changes.
About this task
Restart the inet daemon only if you plan to do full provisioning.
Procedure
1. [ROOT] Log on to the Admin Server as root and enter systemctl restart
xinetd.service to restart the inet daemon:
The environment provisioning process (full provisioning mode) uses the Admin Server as a
DHCP server on the private network connecting the Admin Server to the environment VMs.
2. Configure your Admin Server as a DHCP server for environment provisioning. Enter the
commands below to enable the Solution Manager application to modify the dhcpd.conf file.
• chgrp esmadmin /etc/dhcp
• chgrp esmadmin /etc/dhcp/dhcpd.conf
• chmod g+w /etc/dhcp
• chmod g+w /etc/dhcp/dhcpd.conf
3. Enable the Solution Manager application to restart DHCP.
a) Enter visudo -f /setc/sudoers to edit the sudoers file and add the lines below to
the end of the file.
Defaults!/sbin/service !requiretty
esmadmin ALL = NOPASSWD: /sbin/service dhcpd restart
Verify TFTP service
Verify that the TFTP service is running on the Admin Server. During provisioning, the servers in the
environment must use TFTP to access kick start files from the Admin Server.
About this task
If you are doing full provisioning, you must have the TFTP service. See the latest available template
documentation under Ellucian Solution Manager in the Documentation Libraries section of the
Ellucian Support Center.
Procedure
1. [ROOT] Log on to the Solution Manager as root.
2. Enter ls -al /u01/tftp to verify that the contents of /u01/tftp are correct and are
readable.
The commande returns a directory list of /u01/tftp.
total 28
drwxr-xr-x 3 esmadmin esmadmin 42 Aug 24 12:09 .
drwxr-xr-x 10 esmadmin esmadmin 132 Aug 21 12:45 ..
-rw-r--r-- 1 esmadmin esmadmin 26828 Aug 24 12:09 pxelinux.0
drwxr-xr-x 2 esmadmin esmadmin 6 Aug 21 12:45 pxelinux.cfg
3. Verify that esmadmin owns the files and that the read permission is set for owner, group, and
world for the directory and all of the files in the directory. If these permissions are not set, enter
the following commands to set them.
• chown -R esmadmin:esmadmin /u01/tftp
• chmod -R 755 /u01/tftp
Acquire remaining provisioning content
Acquire the remaining content associated with downloaded provisioning templates.
Before you begin
Complete the Post Acquire instructions for the oel6_ks content item for the associated
provisioning template that you previously downloaded in the section, Acquire Linux 6 provisioning
content on page 80.
About this task
Download the remaining content items for the downloded provisioning template.
Procedure
1. Log in to the Solution Manager application from a web browser.
2. Select Templates from the navigation tabs on the left.
Solution Manager displays a list of templates that you downloaded.
3. Click anywhere except on the View XML icon in the row in the Templates table for the
template that you will use for provisioning to access the list of associated template content
items.
Solution Manager displays the Template Content Items page.
4. Select the icon in the last column for the oel6_ks content item to open the post acquire
instructions page.
5. Follow the instructions on the page and click Mark Completed when done.
Note: It is not necessary to restart the Apache HTTP server (httpd) on your Admin Server as
instructed in the last step on the page.
Solution Manager displays the Template Content Items page, where the status of the oel6_ks
content item is now Ready.
6. [ROOT] Log on to the Admin Server as root and enter the commands below to set the read
permissions and ownership for the tftp directory.
• chmod -R +r /u01/tftp
• chown -R esmadmin:esmadmin /u01/tftp
7. Edit the /etc/httpd/conf/httpd.conf and modify the contents of the directory parameters
at the end of the file.
a) Remove the following two lines:
• Order allow, deny
• Allow from all
b) Add the line, Require all granted to the file.
9. Access the Solution Manager application from a web browser and log in as a user with the
Admin role to acquire the remaining content items for the template.
10. Select Templates from the navigation tabs on the left.
Solution Manager displays a list of templates that you have downloaded.
11. Click anywhere except on the View XML icon in the row in the Templates table for the
template that you want to use for provisioning to access the Template Content Items page.
Solution Manager dispalys the Template Content Items page.
12. Download the remaining content items associated with the template.
a) Select the check box for each item in the Get From Ellucian column.
You can download all of the items at one time by selecting all of the check boxes in the Get
From Ellucian column or you can select one or more specific items to download separately.
b) Click Get From Ellucian at the bottom of the page.
Solution Manager contacts Release Services and begins downloading the content files for
the selected content items.
13. Complete the content acquisition for each item with the status of Post Acquire Pending
by clicking on the icon in the last column of that row to display the associated post-acquisition
completion instructions page.
14. Follow the instructions on the page and click Mark Completed.
It is not necessary to complete the post acquire instructions for the oel5 (Oracle Enterprise
Linux 5.8 ISO) content item, but still mark that item complete by clicking on the icon in the last
column to open the page and click Mark Completed.
Solution Manager displays the Template Content Items page, where the status of the content iem should be
Ready.
4 BANNER PROVISIONING

Create Seven VMs in VMWare without Operating System with the following
configurations

Virtual MAC No Of RAM CPU Network CARD

Machine Address Disks
DATABASE 2 16 2 PRIVATE
JOBSUB 2 16 2 PRIVATE
WFBEP 1 8 2 PRIVATE ,PUBLIC
INBSSB 1 16 2 PRIVATE ,PUBLIC
LUMINIS 1 8 2 PRIVATE ,PUBLIC
IDMSERVER 1 16 2 PRIVATE ,PUBLIC
XESERVER 1 32 4 PRIVATE ,PUBLIC
Jobs Server Speicifcations
Database Server Specifications
XE SERver Specificatoins
a) Create a New Environment : SEED
Configure Machines with MAC Address and IP Address
Start the Banner Provisioning for SEED Banner ENV

Operating System Installation

Banner Provisionig Started

Installed All the Operating System using PXE Boot

Banner Provisionig Started
ALL Steps Completed Sucessfully
Jenkins Nodes Started
Banner SEED Ready