Tag Archives: websphere

How to disable automatic LTPA Key generation in WebSphere

When setting up SSO between WebSphere and Domino the automatic LTPA key generation must be turned off. These are the steps on how to do this:


  1. Log into the WebSphere Application Server Integrated Solutions Console as an administrator, expand Security, and select Global Security.
  2. Click LTPA in the Authentication section and then, in the Key generation section, click Key set groups.
  3. Select NodeLTPAKeySetGroup in the table and, in the Key generation section, un-check the Automatically generate keys check box, if is already checked.
  4. Click OK to save the changes.

Adding IBM Connections / WebSphere Applications to Windows Services

When installing IBM Connections on Windows only the Deployment Manager is added as a windows service during the installation. Parts like the node agent or later on the Connections clusters are not added.  To do so you need to run the following command from /WebSphere/AppServer/bin :

WASService.exe -add SERVICENAME -servername SERVERNAME -profilePath “C:\IBM\WebSphere\AppServer\profiles\AppSrv01” -stopArgs “-user wasadmin -password password” -userid windowsadmin -password password -startType automatic


This a freely chosen name for the service.


This the name of the specific server that needs to be stopped (such as nodeagent).  To find out the names you can go to /WebSphere/AppServer/profiles/AppSrv01/bin and run serverstatus.bat -all . This will list all servers including the running status.


Edit it to fit your environment.


These are necessary to be able to not just start the service, but to also stop it. It will provide the WAS admin credentials during the stop process. Enter your own wasadmin user ID / password.


This user has to be a windows user that has the right to start and stop services.  Once the service is created you can change it in the service setting in the Services list from Windows to local system account.


This defines whether this service is started automatically at booting or not.

Resetting WAS-Admin Password when the Browser Console does not work anymore

If you have to reset the WAS Admin password without using the web interface  (e.g. if you cannot log in anymore for various reasons) here is how you reset a forgotten WAS-Admin password:

1. Go to your WAS-Profile/bin directory using a command prompt (in IBM Connections case this would be ../(washome)/AppServer/profiles/DMGR/bin )
2.  Type the following command: wsadmin -conntype NONE and hit Enter
3.  Then you should be in the wsadmin prompt.  You now enter:  $AdminTask changeFileRegistryAccountPassword {-userId <wpsadmin-UserID> -password <new-password-for-wpsadmin>} Then hit Enter.
4.  Now the new password is stored temporarily.  So finalize the changes type $AdminConfig save followed by Enter. 

Restart WAS and you should be able to login using the new password.

Sometime you just need to disable the WAS application security to disable the federated repositories.  This is done in a similar fashion:

1. Go to your WAS-bin directory using a command prompt (in IBM Connections case this would be ../(washome)/AppServer/profiles/DMGR/bin )
2.  Type the following command: wsadmin -conntype NONE and hit Enter
3.  Then you should be in the wsadmin prompt.  You now enter the simple command: securityoff Then hit Enter.
4.  To finalize the changes type $AdminConfig save followed by Enter.

Restart WAS and you can log into the console using any username without a password.


Synchronizing changes done in the WebSphere WebSphere Integrated Solution Console automatically

Whenever WebSphere Application Server settings are changed in the Deployment Manager, these changes are not pushed down to all nodes automatically by default.  Therefore a manual synchronization must be triggered to get these changes pushed to all cluster members.  This can be automated by doing the following steps:

In the Integrated Solution Console (ICS) open System administration on the left hand menu and the click on  Console Preferences.

Console Preferences auswählen

Now you can set the checkmark on the right side at Synchronize changes with Nodes.

Synchronize changes with Nodes

Once you click on “Apply” all changes in the ICS will be pushed down to all available cluster members whenever “save” is clicked.

Monitor IBM WebSphere applications and start them automatically

IBM Connections is being installed in a WebSphere Cluster.  After rebooting a server there are different ways of restarting each application server and application.  One way is starting each feature as its own service task or, and this is what this blog entry is about, you just start the node and the node itself will check the application status and detect that the applications are not running and will start them on its own.

To configure this you need to log into the WAS Integrated Solutions Console with the WebSphere Application Server admin user and select  Servers => Server Types => WebSphere application servers:


WebSphere Application Server Auswahl


Now you select the first server and click on Configuration and then click on Monitoring policy.

Monitoring Policy

Now we need to change the Node restart state to RUNNING.


Finally we save the changes and repeat these steps for each server. After doing a Sync to all notes if necessary we can restart the node agent and all changes are active.  Now the applications are monitored and started automatically if they are not running after an reboot / restart.