Professional Documents
Culture Documents
OpenText CARS Installation and Administration Guide
OpenText CARS Installation and Administration Guide
Administration Guide
Release 2.7
This documentation has been created for software version OpenText™ CARS 2.7.
It is also valid for subsequent software releases unless OpenText has made newer
documentation available with the product, on an OpenText website, or by any other means.
Open Text Corporation
275 Frank Tompa Drive, Waterloo, Ontario, Canada, N2L 0A1
Tel: +1-519-888-7111
Toll Free Canada/USA: 1-800-499-6544 | International: +800-4996-5440
Fax: +1-519-888-0677
Support: https://support.opentext.com
For more information, visit http://www.opentext.com
Copyright © 2021 Open Text. All Rights Reserved.
Trademarks owned by Open Text.
One or more patents may cover this product. For more information, please visit
https://www.opentext.com/patents
Disclaimer
No Warranties and Limitation of Liability
Every effort has been made to ensure the accuracy of the features and techniques presented
in this publication. However, Open Text Corporation and its affiliates accept no responsibility
and offer no warranty whether expressed or implied, for the accuracy of this publication.
Last updated: 12/27/2021
Table of Contents
iii
Increasing storage capacity of the repository 34
Importing certificates from OpenText CARS to AppWorks Platform Truststore 35
Configuring the LDAP service group 36
Deleting a schema entry in LDAP 36
Viewing and updating LDAP schema in Management Console 37
Chapter 8 Uninstalling OpenText CARS 38
Uninstalling OpenText CARS in GUI mode 38
Uninstalling OpenText CARS in Silent mode 39
iv
Chapter 1 OpenText CARS
Chapter 1
OpenText CARS
AppWorks Platform requires a repository where it can store information about organizations,
users, service containers, services, and other objects. OpenText CARS is a Lightweight
Directory Access Protocol (LDAP) service provided and supported by AppWorks Platform to
store such information.
It can also be used to authenticate the directory, search entries used by AppWorks Platform,
read attributes of entries in the directory, add entries to it, modify existing entries in the
directory, and remove an entry from the directory.
Audience
This document serves as a guide for System Administrators and other users who have to
install, configure, and administer OpenText CARS in a Windows or Linux environment.
Installation overview
Apart from installing OpenText CARS on a computer, you can also install multiple instances
of OpenText CARS on the same computer. This eliminates the need to use different
computers, thereby reducing hardware costs. Each instance is identified by a unique name
and is independent of other instances.
Chapter 2
Installation requirements
This chapter lists the hardware and software requirements for installing OpenText CARS 2.7
System requirements
Minimum hardware requirements to install and use OpenText CARS are specified below.
Hardware Specification
Processor Dual core
Processor Speed 2 GHz or faster
RAM 2 GB
Monitor Resolution 1280x1024
Color Depth 32 bits or higher
Monitor DPI 96
Note: Memory requirements are dependent on the services that are configured to run on
the computer. Based on the usage, the memory requirements might vary.
Operating system
OpenText CARS supports all the environment requirements supported by AppWorks
Platform. For the list of operating systems supported by OpenText CARS, see AppWorks
Platform Supported Environments on My Support.
Chapter 3
Installing OpenText CARS
Before you begin:
n You must have administrative privileges on the computer where you are
installing OpenText CARS.
n The Sun Java Development Kit (JDK) or Sun Java Runtime Environment (JRE) version 11
or later must be installed on the computer. From a security perspective, OpenText
recommends you to use the latest update of JDK / JRE 11.
n Ensure that any user input to the installer does not contain more than one dollar
character '$'. The installer ignores any content enclosed between the dollar characters
including the dollar characters.
n For a high availability (HA) setup:
n Enter the same suffix for all OpenText CARS instances. Otherwise, OpenText CARS
n If you are installing OpenText CARS on a Linux computer, you must perform the
following:
l Set the Java installation path in the /etc/profile file:
export PATH=<JRE_installdir>/bin:$PATH
l Ensure that the installers in the extracted folder have execute permissions. Use the
chmod +x <installer> command to set the execute permission.
l Ensure that the execute permissions are not blocked for the temporary folder where
the intaller extracts the installation folder, for example /tmp.
l Modify the settings in the /etc/security/limits.conf file of the user under whose
context OpenText CARS starts:
o fsize = -1
o core = -1
o cpu = -1
o data = -1
o rss = -1
o stack = -1
o nofiles = -1
l Ensure that X environment is enabled if you are installing CARS in a Graphical User
Interface (GUI) mode.
This section guides you through the following installation processes of OpenText CARS:
n Installing CARS in GUI mode on page 8
n Installing CARS in silent mode on page 10
1. Extract the contents of the installer zip file (for example, AppWorks <release>.zip) to a
local folder.
2. Based on the operating system you use, perform these steps to launch the installation
wizard.
Note: This can be a name of your choice. Write this name on an installation worksheet
for future reference.
The Installation Folder dialog box opens.
7. For:
Note: This might be required if you are installing AppWorks Platform in a Primary-
Distributed environment.
9. Click Next.
The User Credentials dialog box opens.
10. Accept the default user name or provide a desired user name for the administrator.
Where: cn=<username>,o=<domainSuffix>
For example: cn=Directory Manager,o=mycompany.com
Chapter 4
Configuring multi-master replication
for OpenText CARS
To achieve failover for OpenText CARS, you must have a replica of the primary OpenText
CARS instance. The instances of OpenText CARS residing in different computers are referred
to as Master1, Master2, Master3,..., MasterN, where Master1 is the primary OpenText CARS
and others are its replicas.
Conventionally, Master1 is in an active state and handles all the LDAP requests. When
Master1 fails, Master2 must be active to handle the subsequent update requests. So, the
LDAP Service Group must be configured to enable Master2 to move to an active state.
Note: For configuring OpenText CARS failover, two or more OpenText CARS instances are
required. If Master1 fails, Master2 handles the subsequent requests.
In case of multiple master instances, any instance can act either as a provider that replicates
the updates to consumers or as a consumer that receives replication updates from
providers.
Before you begin:
n Run the OpenText CARS service with the fully qualified domain name (FQDN) of the
host.
Windows Open the Windows registry to verify the FQDN of the host.
Linux Open the OpenText CARS-slapd file to verify the FQDN of
the host.
n Take a backup of the SLAPD configuration settings on the instances, which are planned
for replication. Execute the following command on all the instances to take a backup.
n Take a backup of the LAPD content. Execute the following command on all the instances
to take a backup.
Windows Open the command prompt, navigate to \bin and run the
following command:
slapd -T cat -n -F ../slapd.d -l content_
backup.ldif
n Ensure that the OpenText CARS service is stopped when using slapd commands.
1. Install OpenText CARS on all the servers. The sample below refers these OpenText
CARS instances as Master1 and Master2.
2. Copy the OpenText CARS certificate (*.cer) of Master1 to the certificates folder of
Master2 and vice versa.
dn: olcDatabase={1}mdb,cn=config
changetype: modify
add: olcSyncrepl
olcSyncrepl: rid=1
provider=ldaps://<Master1 OpenText CARS host>:<port no>
type=refreshAndPersist
searchbase="<Suffix for OpenText CARS>"
schemachecking=off
bindmethod=simple
binddn="<OpenText CARS user dn>" # For example, cn=Directory Manager,
o=<domain name>
credentials=<OpenText CARS user password>
retry="60 10 300 +"
tls_reqcert=never
tls_cacert="<Path to Master1 certificate>.cer"
tls_cert="<Path to Master1 certificate>.cer"
tls_key="<Path to Master1 key>.pvk"
-
replace: olcMirrorMode
olcMirrorMode: TRUE
-
delete: olcAccess
olcAccess: to * by * auth
l ./ldapmodify -H ldaps://<Master
2>:<port> -f server2.ldif -w <LDAP
configuration password> -D
"cn=admin,cn=config"
5. Restart the OpenText CARS service for the changes to take effect.
Chapter 5
Evaluating OpenText CARS failover
setup configuration
Preliminary check
After configuring the OpenText CARS failover setup, you can evaluate the configuration to
check if the LDAP replication is as per the requirement. You can use any third party LDAP
explorer, such as JExplorer, for evaluation.
Evaluate any of the following scenarios:
n Insert an LDAP entry into Master1 OpenText CARS. Verify if this is replicated in Master2
OpenText CARS.
n Insert an LDAP entry into the Master2 OpenText CARS. Verify if this is replicated in
Master1 OpenText CARS.
n Modify an attribute or delete an LDAP entry. Verify if these entries are replicated in other
instances.
./<OpenText CARS_installdir>/sbin/slapd -F
../slapd.d -h ldaps://<computername>:<port> -d -1
Chapter 6
Configuring SSL when installer fails
to generate certificates
Secure Sockets Layer (SSL) is a new feature where OpenText CARS is integrated with
OpenSSL libraries. The SSL framework communicates with the client and server in a secure
manner and ensures the data integrity for supporting the LDAP authentication. By default,
SSL is enabled by the installer. However, if the installer fails to generate a certificate and the
private keys that are required to enable SSL, the user must create these files manually.
To enable SSL when the installer fails to generate certificates:
3. Copy the generated Certificate (.cer file) and Private-Key (.pvk file) to the <OpenText
CARS_installdir>\certificates folder.
dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcTLSCipherSuite
olcTLSCipherSuite:
HIGH:!aNULL:!eNULL:!SHA1:!MD5:!DSS:!SEED:!RC4:!PSK:!EXPORT:!TLSv1.1:!TLSv1.
0:!SSLv3:!SSLv2:@STRENGTH
-
replace: olcTLSCACertificateFile
olcTLSCACertificateFile: '<OpenText CARS_install_
dir>/certificates/<hostname>-cert.cer'
-
replace: olcTLSCertificateFile
olcTLSCertificateFile: '<OpenText CARS_install_
dir>/certificates/<hostname>-cert.cer'
-
replace: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: '<OpenText CARS_install_
dir>/certificates/<hostname>-key.pvk'
Note: For <hostname>-cert.cer, enter the name of the .cer file created in step 2.
Windows
a. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Cordys
Systems\OpenText CARS\>Instance>\Admin
Repository Server\Urls
b. Change the value of the URL from
ldap://<computer:port> to
ldaps://<computer:port>
Chapter 7
Administering OpenText CARS
OpenText CARS administrator can do the following tasks to manage or administer OpenText
CARS:
n Starting or stopping OpenText CARS on page 25
n Adding a custom schema on page 26
n Backing up OpenText CARS database on page 27
n Importing data on page 27
n Changing the Distinguished Name of the user on page 28
n Changing password on page 29
n Administering OpenText CARS service on page 33
n Changing the port on page 33
n Increasing storage capacity of the repository on page 34
n Importing certificates from OpenText CARS to AppWorks Platform Truststore on page 35
n Configuring the LDAP service group on page 36
n Deleting a schema entry in LDAP on page 36
n Viewing and updating LDAP schema in Management Console on page 37
Windows n From the command prompt, execute the following command to start or
stop OpenText CARS service:
net <start|stop> "<OpenText CARS Service Name>"
Note: The service name can be found from Services.msc. For example,
for a defaultInst, the CARS Service Name would be OpenLDAP-slapd
defaultInst.
Linux n From the terminal, execute the following commands to start or stop
Note:
n Restart AppWorks Platform <instance_name> monitor each time you restart OpenText
CARS.
n When you install OpenText CARS and Sun ONE Directory Server or Administration
Server on the same computer, OpenText CARS might fail to start. In such a case,
perform any of the following steps:
l Do not install the Sun One Administration Server on the same computer that hosts
OpenText CARS.
l Stop the OpenText CARS service, rename the registry entry HKEY_LOCAL_
MACHINE\SOFTWARE\Carnegie Mellon (for example, HKEY_LOCAL_
MACHINE\SOFTWARE\Carnegie Mellon2), and restart the OpenText CARS service.
l After restarting the OpenText CARS service, rename the registry entry to its original
name. This must be done every time you restart the OpenText CARS service.
where,
Parameter Description
slapd -T Runs slapd in tool mode. cat is an acronym for the slapcat.exe tool.
slapd.d Directory that contains the configuration settings of OpenText CARS.
-n 0 Takes a backup of the configuration.
-n 1 Takes a backup of the content.
backup.ldif File in which the backup must be saved. It can be any name with a
.ldif extension, saved in the bin directory.
Importing data
To import data from a .ldif file:
where,
Parameter Description
slapd -T Runs slapd in tool mode
slapd.d Directory that contains the configuration settings of OpenText CARS
Mydata.ldif File to be imported. This file must exist in <OpenText CARS_
installdir>/bin
dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: <enter the new value for the dn>
dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: <enter the new value for the dn>
Changing password
You can change the value of the rootpw entry in the slapd settings using the ldapmodify
command. You must also change the user password parameter by navigating to
Management Console > Platform Properties and modifying the password in
bus.ldap.processor.password.
Before you begin: You must export the LD_LIBRARY_PATH and SASL_PATH before
executing the required commands to change the password.
press ENTER.
Note: mypassword is your new password for OpenText
CARS.
This tool generates an encoded version of the password.
3. Open the command prompt in administrator mode and
navigate to the <OpenText CARS_installdir>/bin
directory.
4. Run the set LDAPTLS_REQCERT=never command to
ignore certificate verification error.
5. Create an LDIF file, for example modify_rootpw.ldif,
which contains the modification operations to be
performed.
6. Copy the following content:
dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: {SSHA256}<encoded_password>
dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: {SSHA256}<encoded_password>
slapd -T passwd
./slapd -T passwd
7. Click Submit.
n From the terminal, execute the following command to delete the slapd service from the
run levels of the administering user:
chkconfig –-del $SERVICENAME_SLAPD_LINUX$
dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcSockbufMaxIncoming
olcSockbufMaxIncoming: 5637345
-
replace: olcSockbufMaxIncomingAuth
olcSockbufMaxIncomingAuth: 5637345
dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcSockbufMaxIncoming
olcSockbufMaxIncoming: 5637345
-
replace: olcSockbufMaxIncomingAuth
olcSockbufMaxIncomingAuth: 563734
1. Copy the certificate file (<hostname>-cert.cer) from each OpenText CARS installation
into a temporary folder <temp> on the AppWorks Platform server, where <hostname>
refers to the fully qualified domain name (FQDN) of the server.
2. Copy the CordysTrustStore.jks file from the <AppWorks Platform_
installdir>\certificates\truststore folder to the <temp> folder.
3. To import each certificate from the <temp> folder into the AppWorks Platform truststore,
navigate to <Java_installdir>/bin and execute the following:
keytool -import -alias <OpenText CARS 2.7> -keystore CordysTrustStore.jks -
storepass <password> -import -file <hostname>-cert.cer -trustcacerts
where, <password> refers to the password for the truststore.
6. Copy the CordysTrustStore.jks file from the <temp> folder to <AppWorks Platform_
installdir>\certificates\truststore folder.
1. Create a LDAP Service Container on Server 2 and point it to Master2 OpenText CARS.
2. Set the Preference value for this LDAP Service Container higher than the Preference
value of the LDAP Service Container that points to the Master1 OpenText CARS.
3. Create a LDAP Service Container on Server 3 and point it to Master3 OpenText CARS.
4. Set the Preference value for this LDAP Service Container higher than the Preference
value of the LDAP Service Container that points to the Master2 OpenText CARS. For
more details on how to create a Service Container, see Managing Service Containers
in Product Documentation.
5. Start the service containers created in steps 1 and 2.
1. Stop OpenText CARS. See Starting or stopping OpenText CARS on Page 28.
2. Take a backup of the LDIF file using the following command:
slapd -T cat -n 0 -F ../slapd.d -l new.ldif
Chapter 8
Uninstalling OpenText CARS
This section describes the procedure to uninstall OpenText CARS. Similar to installation,
the uninstallation also can be done in two modes – GUI and Silent.
Important:
n Ensure that the user uninstalling OpenText CARS has Administrative privileges.
n Uninstalling the OpenText CARS makes AppWorks Platform unusable. Therefore, you
must uninstall AppWorks Platform instances that use this OpenText CARS instance
before uninstalling OpenText CARS.
n Uninstalling OpenText CARS in silent mode might cause your computer to reboot.
OpenText recommends you to close all the applications before uninstalling OpenText
CARS or change the uninstallation mode to GUI and proceed with uninstallation.
However, you can do the following to avoid the automatic reboot:
l Navigate to <OpenText CARS_installdir>\uninst, open the
n DO NOT uninstall OpenText CARS in GUI mode if you installed it in silent mode. If you do
so, the uninstallation starts without prompting and cannot be stopped. Also, some files
might not be deleted and you must manually delete them later. To avoid this, uninstall in
silent mode or use the following swing commands from the command prompt to uninstall
in GUI mode:
Windows 1. Click Start > All Programs >OpenText CARS 2.7 >