|
|
This chapter identifies system requirements, describes data store options, and provides information on installing the CiscoSecure GRS software onto a SPARC Solaris hard disk, as well as instructions for starting CiscoSecure GRS.
CiscoSecure GRS requires the hardware and software specified in the following sections.
CiscoSecure GRS requires the following hardware:
CiscoSecure GRS requires the following software:
Additionally, you must have the following hardware and software on the network on which you want to use CiscoSecure GRS:
CiscoSecure GRS stores user information in a data store. Two data store options are available with CiscoSecure GRS---a flatfile data store or an Oracle database.
CiscoSecure GRS does not require a large data store. The information stored in the CiscoSecure GRS data store usually is not frequently modified or replicated, so most users should be able to use the flatfile data store supplied with CiscoSecure GRS. There are several advantages to using the flatfile data store:
If you prefer, you can store the CiscoSecure GRS data in an Oracle System 7.3.x database.
Before you install CiscoSecure GRS, you need the following information:
1. Will you be using the TACACS+ protocol, the RADIUS protocol, or both?
2. Will you be using the flatfile data store provided with CiscoSecure GRS or an Oracle 7.3.x database?
3. What are the names or IP addresses of the SPARC Solaris and the ACS?
4. Do you have all the information required by the installation program?
5. Is the unzip program in your path (required for reading the Java classes.zip file)?
Table 2-1 lists the information requested by the installation program and provides a space for you to enter the information for your system.
| Information Requested | Your Information |
|---|---|
(Optional) Name or IP address of the workstation running CiscoSecure GRS |
|
(Optional) Name(s) or IP address(es) of the local and remote ACS(s) |
|
(Optional) Directory in which the CiscoSecure ACS software is installed. |
|
(Optional) Name(s) or IP address(es) of host(s) you want to allow to monitor CiscoSecure GRS using a web browser |
|
Do you want CiscoSecure GRS to start automatically when the workstation restarts? |
|
(Optional) E-mail address of user(s) to notify if CiscoSecure GRS shuts down unexpectedly |
|
Auto Restart number (number of times to restart CiscoSecure GRS automatically after an unexpected shutdown) |
|
Will you use an Oracle database? (default is flatfile) |
|
Table 2-2 lists the questions asked by the installation program and provides a space for you to enter the information for your system. The default is listed in square brackets [ ].
| System Prompt | Your Response |
|---|---|
Do you want to input a list of hosts (IP addresses or hostnames) who can monitor GRS via a Web Browser (y/n)? [y] |
|
Enter a list of hostnames or IP addresses separated by commas(,): |
|
Do you want GRS to start automatically during a system reboot (y/n)? [y] |
|
Do you want to automatically restart GRS when it exits (y/n)? [y] |
|
Enter how many times you want to auto- restart: [5] |
|
Do you want to get e-mail notification when GRS exits (y/n)? [y] |
|
Enter one or more recipient addresses: |
|
Do you want to use an external Oracle database (y/n)? [n] |
|
If you are using an Oracle database, you will be prompted to enter the information listed in Table 2-3.
| System Prompt | Your Response |
|---|---|
Enter Database Server Name: |
|
Enter Database User Name: |
|
Enter Database Password: |
|
Enter ORACLE_HOME: |
|
CiscoSecure GRS provides an easy-to-use installation program that prompts you through each step of the installation and configuration process. CiscoSecure GRS is installed from a CD-ROM onto the SPARC Solaris hard disk.
Take the following steps to install the CiscoSecure GRS software:
Step 1 Log in as root. See your Solaris documentation for more information.
Step 2 Insert the CiscoSecure GRS CD-ROM into the CD-ROM drive.
Step 3 At the command prompt, enter:
cd /cdrom
Step 4 At the command prompt, enter:
% pkgadd -d .
This will install CiscoSecure GRS in the default directory:
/opt/CSCOgrs
(Optional) To install to a directory other than the default, enter:
% pkgadd -a none -d .
The installation program prompts you for an installation directory. When specifying an installation directory, be sure the directory does not reside within the path specified by the -d option.
The following message displays:
1 CSCOgrs CiscoSecure Global Roaming Server
(sparc) Version x.x
2 CSCEacs CiscoSecure Access Control Software
(sun4) 2.1(2)
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
where x.x is the version of CiscoSecure GRS software you are installing.
Step 5 Enter the number that appears to the left of the CiscoSecure GRS package (for example, 1).
The following message displays:
Do you want to input a list of hosts (IP address or hostname) who can monitor GRS via a Web Browser (y/n)? [y]
Step 6 To allow hosts to use a web browser to monitor CiscoSecure GRS, enter y. If you do not want to allow viewing via a web browser, enter n.
The following message displays:
Enter a list of hostnames or IP addresses separated by commas(,):
10.10.10.10,10.20.20.20
The following message displays:
Do you want GRS to start automatically during a system reboot (y/n)? [y]
Step 8 To start CiscoSecure GRS automatically when the workstation restarts, enter y; otherwise, enter n.
If you enter y, the following message displays:
Make sure you configure the local ACS to start automatically during system bootstrap so that it will be ready when GRS is started.
The following message displays:
Do you want to automatically restart GRS when it exits (y/n)? [y]
Step 9 To allow CiscoSecure GRS to automatically restart after an unexpected shutdown, enter y; otherwise, enter n.
If you selected automatic restart, the following message displays:
Enter how many times you want to auto-restart: [5]
Step 10 Enter the number of times CiscoSecure GRS should restart automatically after an unexpected shutdown.
The following message displays:
Do you want to get e-mail notification when GRS exits (y/n)? [y]
Step 11 To receive notification via e-mail when CiscoSecure GRS stops unexpectedly, enter y; otherwise, enter n.
If you selected e-mail notification, the following message displays:
Enter one or more recipient addresses:
Step 12 If you selected e-mail notification, enter the e-mail address(es) in the following format to notify when CiscoSecure GRS stops unexpectedly:
username@domain.com
The following message displays:
Do you want to use an external Oracle database (y/n)? [n]
Step 13 If you want to use the flatfile provided with CiscoSecure GRS, enter the default, n. If you prefer to use an existing Oracle database, enter y. CiscoSecure GRS automatically selects the directory in which to install the files.
The following message displays:
These are your inputs: CommandMonitorAccessList = 10.10.10.10,10.20.20.20 GRS will automatically start on system bootstrap Number of Auto-Restart = 5 E-mail Recipient = username@domain.com Using flat files for data store Modify any values (y/n)? [n]
Step 14 If all the information is correct, enter n. If any information is incorrect, enter y. If you enter y, the installation program will begin again and you will need to reenter the information. When all information has been entered correctly, CiscoSecure GRS will display the following message if you used the -a option:
Enter path to package base directory [?,q]
Step 15 If you used the -a option, enter the full path to the directory in which you want to install CiscoSecure GRS, for example:
/export/grs
If you did not use the -a option, CiscoSecure GRS installs the necessary files on your hard disk in the following directory:
/opt/CSCOgrs
The following message displays:
The selected base directory <directory> must exist before installation is attempted. Do you want this directory created now [y,n,?,q]
Step 16 To create the directory, enter y. If you enter n, installation ends.
The names of the files and the directories display as they are installed. After all files have been installed, the following message displays:
Installation of <CSCOgrs> was successful.
Additional information about your installation is included with this message. Be sure to check any Readme.txt file for important information.
If you selected the default directory during installation, CiscoSecure GRS is installed in the $GRSHOME directory. To properly set up and configure CiscoSecure GRS, populate the CiscoSecure GRS data store using the GUI or the data store utilities located in $GRSHOME/bin. See the section "Inputting a Small Amount of Data" or the section "Inputting Large Amounts of Data" for information on populating the data store.
To input a small amount of data, use the GUI or command line utilities grsdbadd, grsdbdelete, and grsdbview. See the chapter "Using the CiscoSecure GRS Command-Line Options and Utilities."
If you have a large amount of data in your existing database, use the GUI or command line utility grsfile2db. See the section "grsfile2db" in the chapter "Using the CiscoSecure GRS Command-Line Options and Utilities."
To start CiscoSecure GRS, use the command-line utility start_grs. Follow these steps:
Step 1 Log in as root and enter:
cd $GRSHOME/bin
$GRSHOME is the name of the directory in which CiscoSecure GRS is installed.
Step 2 Enter:
./start_grs
Step 3 Verify that CiscoSecure GRS is up and running. Depending on your PATH environment variable, enter:
ps -ef |grep grs
or
ps -aux |grep grs
Step 4 Make sure there are two processes running---grs and grs_d. If not, check $GRSHOME/logfiles/grs.log.
Posted: Tue Feb 23 12:19:59 PST 1999
Copyright 1989-1999©Cisco Systems Inc.