Please review the following information before installing Authority Broker.
Note: When installing Authority Broker in an HA environment:
Authority Broker requires that you enter a valid license key. Contact firstname.lastname@example.org if you need to request a new license key.
It is Powertech’s goal not to change system values on customer systems because we recognize that security-conscious organizations have rigorous change control processes in place for even small changes to system values. Therefore, we ask you to make any system value changes that are needed. However, the Authority Broker 4 installation process could change a system value to allow the install to proceed if a system value is not set as specified below. If the Installation Wizard changes a system value during install, it changes it back to its original value when the install completes.
To install Powertech Authority Broker 4 on your system, the following system values that control object restores must be configured as shown.
Before installing Authority Broker, you must have the IBM audit Journal QAUDJRN already on the system. Newly purchased systems from IBM may not have this set up.
Authority Broker 4 requires the following:
The Authority Broker 4 install wizard uses FTP and Remote commands to perform the installation. The Server’s FTP server must be started beforehand. If an exit program technology exists on the system, the profile used in the Wizard must be permitted access. IBM iSeries Navigator can also block FTP server access through the Application Administration component. The standard port reserved to establish an FTP connection to the IBM i is port 21. Consequently, it is required that this port is open and ‘listening’ on the server in order to establish a connection with the Installation Wizard and facilitate a successful installation.
Ensure the following servers are available and running prior to installation or updating:
Do the following to perform the installation or update:
Download the Powertech Authority Broker installer (setupAuthorityBroker4.exe) from the Authority Broker download page. (The "Trial" download is the full product, which can be unlocked with a valid License Key).
On the Choose Components panel, select which components you want to install. You can choose to install the Manuals and the Software for IBM i. Click Next.
If you’re only installing the Manuals, the process completes and the installer closes. The Manuals have been installed. You can skip the rest of these steps.
Note: The manuals are installed to the following location:
C:\Program Files\PowerTech\Authority Broker\manuals
On the IBM i Details panel:
Select or enter the IBM i where you want to load Authority Broker.
Enter a user profile and password that’s a member of the user class *SECOFR and has at least the following special authorities: *ALLOBJ, *SECADM, *JOBCTL, *IOSYSCFG, *AUDIT, and *SERVICE. The user profile should have Limit capabilities set to *NO. This profile will be used to restore and copy objects, and for product maintenance on the IBM i.
(Optional) In the Advanced Settings section:
Enter a port number or use the arrows if you want to change the FTP port number to something other than the default of 21.
Select Secure File Transfer if you want to use FTPS (FTP over SSL) during the file transfer. The default FTPS secure port is 990, but it can be changed to the required secure port for your environment.
In the Timeout (seconds) field, enter the number of seconds the session should be kept active during an FTP transfer. You can choose anywhere between 25 and 1800 seconds (30 minutes).
Note: If the transfer takes longer than the amount of time specified, the session will expire.
You have two options on the Product Load Options panel:
Click Immediate Load if you’d like to load the product on the IBM i now.
Note: If you're doing an update, this ends Authority Broker until the product load completes. After you are done, we’ll restart the product.
Click Staged Load if you’d like to transfer the objects now and load them on the IBM i at a later time.
Note: See "Loading Staged Objects on the IBM i" (below) for instructions on how to load the staged objects on your selected IBM i system.
The Product Load Progress panel for Authority Broker launches. To take advantage of the major improvements in system design and processor capabilities program conversion is required for all systems running IBM i 6.1 or later. The conversion replaces existing program objects, but each program object retains attributes such as the name, library, and owning user profile. This conversion is a one-time process on each object. To provide an uninterrupted work environment, all program conversion occurs during installation, which can extend the installation process as long as 90 minutes or more on some systems.
If the Product Load Progress panel ends with an overall Failed message, the product upload could not complete properly. To find the reason the upload failed, click View Logs and review your logs. You can also use Download at the top of the logs to save the information for future review.
When the processing is complete, you have two choices:
If this is the only installation or update of Authority Broker that you're doing, click Finish.
If you have installs or updates to do on other IBM i systems, click Restart. Then, return to step 4.
To verify that Authority Broker 4 installed successfully, enter the following command to display the Powertech Authority Broker 4 window, which shows the release and modification level of the product:
Press 2 to edit and add the profile. The profile only needs *USE right.
If you chose to stage your objects during step 5b of the installation or update process, do the following to manually load them on the IBM i you identified above.
On the IBM i, execute the following command to display the Work with Loads panel:
Enter option 1, Load, next to the Load Name for Authority Broker and press Enter.
The installation program installs Authority Broker, the PTABLIB library (as needed), and three user profiles (PLABOWN, PLABADM, and PTWRKMGTOW). It adds PTABLIB to the system portion of your library list, if required.
Review the information on the Install Authority Broker Host panel and make any necessary changes and additions. Select *NEW for the installation, then press Enter.
Authority Broker 4 installs the following product libraries, profiles, authorization lists, commands, objects, and exit points on your system.
|Installed on System||Description|
PLABOWN, which has special authorities *ALLOBJ, *SECADM, *JOBCTL, *AUDIT, and *IOSYSCFG
POWERABADM - Powertech Authority Broker Administrators
Commands in QGPL
LEVENTRPT - Run event reports from the command line
The subsystem is created at install if it doesn’t already exist on the system.
Powertech-created Exit Points:
After Authority Broker has been installed, the next step is to add your license key to the product. Configuration of the product may then begin. Use the command LWRKAUTBKR and take menu options 5, 14.
Note: The Authority Broker Administrator's Guide can be found at Powertech Product Manuals.
Still have questions? We can help. Submit a case to Technical Support.