1

I have successfully created WLS 10.3.5 domains using offline WLST, along the lines of readTemplate(template); set("name","DomainName"); ...

One detail remains: I need to set the "Credential" of each domain to a common random value, across all domains, for "global trust". It's the setting that's behind Console / Domain / Security / General / Advanced / "Credential"

Question: I fail to find the property (or its location?) that one needs to set for this?

FWIW, I use post-processing on config.xml file level now to inject an encrypted common value string as <credential-encrypted> , but I'd rather just set this via WLST without tweaking the resulting XML.

Thanks in advance, Matthias

Manali
  • 577
  • 4
  • 11
mgaert
  • 2,338
  • 21
  • 27

3 Answers3

0

I suggest you to use createDomain() command it will be much easy to work.

  1. createDomain('/olddoamin/path/template.jar’,’domainPath’,’user’, ‘passwd’)

For more you can see the following link: WLST by Examples: Domain migration made simple

PavanDevarakonda
  • 625
  • 5
  • 27
  • Thanks Pavan. It's not the 'passwd' argument in your createDomain that I'm having a problem with setting, it's the "domain credential" attribute. – mgaert Nov 11 '11 at 14:54
  • Thanks for the pointer to that excellent page of yours. What I'm actually after is something similar to 1. set('ListenPort',10300) # Changing Admin Server ListenPort in your example. Just more along the lines of 2. set('Credential','Shared_Secret') – mgaert Nov 11 '11 at 14:58
0

As you told your navigation on the console, I found on WLST navigation property location it is having in the followingpath:

  1. wls:/offline/mydomain/SecurityConfiguration/mydomain>ls()

    -rw- CredentialEncrypted ????????

It is with -rw- so you can update it right?

Hope this will help you.

PavanDevarakonda
  • 625
  • 5
  • 27
  • Thanks, right direction! Funny thing is, this is only available when you use `readDomain(...)` to read an _existing domain_. Then this attribute and indeed its parent are there and can be set. The *template* does not contain `SecurityConfiguration`, so one cannot navigate there, and set the attribute, *before the domain is written*. Thanks @Pavan, for the pointer. Will take it from here! – mgaert Nov 16 '11 at 14:36
0

Right, this works. The key is to not work on the template, but to read the doman from its domain directory. Then it's just setting the attribute CredentialEncrypted:

readDomain(domain_dir)
cd('/SecurityConfiguration/' + 'domain_name)
set('CredentialEncrypted', encrypt(shared_credential,domain_dir))
updateDomain()
closeDomain()

shared_credential should be something random. I used a hex-encoded digest of the newly-created config.xml file, which contains enough randomness.

mgaert
  • 2,338
  • 21
  • 27