Installing the BladeLogic Portal server

About communication protocols

By default, BladeLogic Portal uses HTTPS communication. The HTTPS protocol encrypts all communication with the BladeLogic Portal server. A self-signed SSL certificate is created for the portal. When a user connects to the portal through a browser for the first time, the browser warns that the connection cannot be verified. Users can follow documented procedures for their browser to import the certificate or add an exception for BladeLogic Portal site. Alternatively, users can  manually add a trusted certificate  to the BladeLogic Portal, which eliminates the security warnings that browsers encounter when they first connect to the BladeLogic Portal server.

In addition to using HTTPS, you can also enable HTTP communication. When users communicate with BladeLogic Portal using HTTP, they connect to an unsecure HTTP port. Communication is unencrypted. BMC does not recommend using HTTP for production purposes.

Before you begin

The following procedure gives you the option of creating a database for BladeLogic Portal and then installing the portal application. BMC recommends this approach. However, if you prefer, you can install the database yourself before starting this procedure. Currently, for Windows installations, the portal requires a database running on Microsoft SQL Server. For Linux installations, the portal requires an Oracle database. The database should reside on the same LAN as this installation of BladeLogic Portal. 

Be aware of the following prerequisites:

• You must obtain the necessary installation files.
• The installation must run on a 64-bit Microsoft Windows 2008 or 2012 operating system or a 64-bit Red Hat Enterprise Linux (RHEL) operating system, version 6.0 or later..
• BMC Server Automation must be installed and its Application Server started.
• BMC Network Automation must be installed and its application server started.
• The DCA Index Server must be installed. 
• The BladeLogic Portal server, the portal database, and the BMC Server Automation Application Server must all reside on the same LAN.
• Web services must be enabled on BMC Server Automation by establishing a communication path (via REST APIs) between the BMC Server Automation Application Server and the server hosting BladeLogic Portal.
• Other applications cannot use ports that you allocate to the BladeLogic Portal server.

To install only the BladeLogic Portal Server

1. Copy the installation file to an appropriate location on the computer where you are installing the BladeLogic Portal. 

   • For Linux, the installation file is called BTD22.LIN64.tar.gz. 
     In versions earlier than 2.2.01, the file is called BLPortal22.LIN64.tar.gz.

   • For Windows, the installation file is called BTD22.WIN64.zip.
     In versions earlier than 2.2.01, the file is called BLPortal22.WIN64.zip.

2. Extract the contents of the installation file. 
   This extraction generates a file structure where the top level directory is named BladeLogicPortal.

3. Navigate to the installer program and launch it.

   1. Windows: Navigate to \BladeLogicPortal\windows\Disk1, right-click setup.exe, and select Run as Administrator.

   2. Linux: Change (cd) to BladeLogicPortal/linux/Disk1 and enter: ./setup.bin

      Note

      For Linux, make sure BladeLogicPortal/linux/Disk1/setup.bin has execute permissions. 

      If necessary, run the following command to grant execute permission on the file: 
      chmod +x BladeLogicPortal/Disk1/setup.bin

      The portal installer program opens.

4. Select the language you want to use in the installation program and click OK.
5. In the welcome window, click Next. 
   A license agreement window opens.

6. To accept the license agreement, select I agree to the terms of the license agreement and click Next. 

   The Select Product features window opens.

   

7. Select only Install BladeLogic Portal <version>.

8. Click Next.
   The Installation Directory Selection window opens. 

9. (Optional) To select a location other than the default, click Browse and choose a new location.
10. Click Next.
    The BladeLogic Portal Configuration window opens.
    
    
    
11. Provide the following information:
• HTTPS Port—Listening port for HTTPS traffic. The default value is 8443. 

• Access portal via HTTP—Select if you want to use the HTTP protocol to access the portal instead of HTTPS. If you select this option, you must provide a value for both HTTP Port and HTTPS Port. The default value for HTTP Port is 8080.

• Shutdown Port—Port for administrative access. The default value is 8005.

• JVM Max Heap—Amount of memory, in megabytes, allocated to the Java Virtual Machine (JVM). The default is 8192 MB.

• When you complete this step, the installation program checks the available memory and displays a warning if insufficient memory is available.  
  

   Click here to learn more about the warning message.

  If a memory check detects the possibility of insufficient memory, it displays the message shown below. Although the message is labeled as an error, the message is actually a warning. If you are installing on a machine with 16 GB of memory and you believe you have sufficient memory, you can proceed with the installation by clicking Next.
   

   

12. Click Next. 
    A window requesting database information opens.
    
    

13. Choose the appropriate action:

    • If you have already set up a database and you do not want the installation process to create a database user or schema, or you have already installed one instance of BladeLogic Portal and are now installing another instance:

      1. Clear Create portal database user and Create portal database schema. 

      2. Click Next. A window requests information for the database connection. Proceed to step 15.

    • To let the installer set up a database, take the following actions:

      1. Select Create portal database user if you want the installation process to create a user for the portal database.  Do not select this option if you have already created a database user for the portal database.

      2. Select Create portal database schema if you want the installation process to create the schema for the portal database. Do not select this option if you have already created a portal database.
         If you select this option, the installation process creates a schema in a default location as determined by the database configuration.  

      3. Provide the following information:

         • DB Administrator User—Administrative database user who has rights to create a database user and schema.

           Note

           In SQL Server, the administrative user should have server roles of public and sysadmin.

         • DB Administrator Password—Password for the administrative database user.

         • Confirm Password—Confirm the password by entering it again. 

           Note

            When using an Oracle database, you must either allow the installer to create both the database user and schema or set up the database manually before proceeding.

14. Click Next.
    A window requests information used to define a connection to a database.

    

15. For Windows installations, always select SQL Server. For Linux installations, always select Oracle. Provide the following information for creating the database
    • Unicode Support—Select if the database should support Unicode characters.
    • Host Name—Fully qualified name or IP address of the server that hosts the database.
    • Database Port—Port for communicating with the database. 
    • Specify one of the following, based on platform:
      • Database Name—Name assigned to the database that holds portal data.  If you have chosen to let the installer create a database schema, this is the name assigned to that database.

      • Oracle Instance ID—Oracle SID identifying the database that holds portal data. If you have chosen to let the installer create a database schema, this is the name assigned to that database.

        Note

        If the Oracle SID is different from the service name, enter the SID.

    • Portal User Name —Name of the user that owns the database (not the operational user). If you have chosen to let the installer create a database user, this is the name assigned to that user.
    • Portal User Password—Password for the portal user.
    • Confirm Password—Confirm the password by entering it again.

    • Advanced Connection Settings—To use advanced connection settings, check this option and enter a connection string in the following format:

      • (Oracle) jdbc:oracle:thin:@<databaseServerName>:<port>:<SID> or jdbc:oracle:thin:@<databaseServerName>:<port>/<serviceName>

        Example with SID

        jdbc:oracle:thin:@bladerac1.calbro.com:1521:oracl

        Example with Service Name

        jdbc:oracle:thin:@bladerac1.calbro.com:1521/facility.uk.example.com

      • (SQL Server) jdbc:sqlserver://<databaseServerName>:<port>;databaseName=<databaseName>;databaseUser=<databaseUserName>;databasePassword=<databasePassword>

        Example

        jdbc:sqlserver://bladesql.calbro.com:1433;databaseName=sqlfirst;databaseUser=wa;databasePassword=qa1admin

16. Click Next.
    The Select Sites window opens.

    
    

17. Select the products for which you want to specify a connection. You can select one option, or both options.

18. Click Next.
    A window requests information about the connection to BMC Server Automation.

    
    

19. Provide the following connection information:
    • Host Name—Fully qualified name or IP address of the server that hosts the BMC Server Automation Application Server. The Application Server should be configured as type Config or All. 

    • HTTPS Port—Web service communication port configured on the BMC Server Automation Application Server. Typically, the Application Server is configured to use 9843 for its web service communication port.

      Tip

      If you have access to the Application Server, run the following blasadmin command to show its web service communication port:

      show AppServer HttpsPortNumber

    • User Name—Name of the administrative user for BMC Server Automation. This user should have access to all system objects in BMC Server Automation. For this version of the portal, use BLAdmin.
    • Password—Password for the administrative user.
    • Role Name—Name of the administrative role for BMC Server Automation. For this version of the portal, use BLAdmins.
20. Click Next.
    A window requests information about the connection to BMC Network Automation.
    
    
21. Provide the following connection information:
    • Host Name—Fully qualified name or IP address of the server that hosts the BMC Network Automation application server.
    • HTTPS Port—Web service communication port configured on the BMC Network Automation application server. Typically, the application server is configured to use 443 for its web server communication port.
    • User Name—Name of the administrative user for BMC Network Automation. This user should have access to all device objects in BMC Network Automation. For this version of the portal, use sysadmin.
    • Password—Password for the administrative user.
    • Realm Name—Name of the realm that represents the network or set of devices managed by BMC Network Automation. Each device belongs to a single realm. When you initially install BMC Network Automation, all devices belong to a single realm called Default.

22. Click Next.
    A window requests credentials for a user with one or more roles that has at least read-level access to BMC Server Automation. Providing this information lets BladeLogic Portal obtain the most current information for its vulnerability management charts, graphs, and other decision making tools. BMC calls this capability Data Refresh.
    After installation, you can modify the user and role information or add additional users and roles.  

    Note

    Some organizations enter credentials for a superuser such as BLAdmin. However, if you choose to enter a user and roles with a minimum set of permissions, additional configuration is necessary in BMC Server Automation. This configuration ensures that the necessary permissions are set up in BSA to allow the portal to obtain current information.

    
    

23. Provide the following credentials for the Data Refresh user for BMC Server Automation:

    • User Name—Name of a BMC Server Automation user with credentials that can be used for obtaining data from BMC Server Automation. 

    • Password—Password for the user.
    • Auth Method—Method for authenticating the user with BMC Server Automation. Possible choices are Secure Remote Password, Domain Authentication, and LDAP Authentication. Other forms of authentication such as RSA are not compatible with the Data Refresh mechanism.
    • Role Name(s)—One or more roles with at least read-level access to BMC Server Automation. When entering multiple roles, use a comma-separated list. To learn more about specifying roles with a minimum set of permissions, see Configuring Data Refresh. 
    • Select Use the credential specified above for automated scan import if you plan to set up a scanner connection used for automatic scan imports. This option was introduced in version 2.2.01.
24. Click Next.
    A window requests information to configure the user details that enable BladeLogic Portal to access the most current information from BMC Network Automation.
    
    
    
25. Provide the following credentials for the Data Refresh user for BMC Network Automation:

    • User Name—Name of a BMC Network Automation user with credentials that can be used for obtaining data from BMC Network Automation. 

    • Password—Password for the user.
    • Select Use the credential specified above for automated scan import if you plan to set up a scanner connection used for automatic scan imports. This option was introduced in version 2.2.01.
26. Click Next.
    The DCA Indexing Server configuration panel opens.
    
    
27. Specify the following information to establish a connection with the previously installed DCA Indexing Servers (see Installing only the DCA Indexing Server):

    1. Host Name—Fully qualified name or IP address of the server that hosts the Index Server.

    2. TCP Port—Port number to use to connect to the server.
    3. Click Add.
    4. Repeat these steps to identify all other previously installed DCA Indexing Servers, if you have set up multiple DCA Indexing Servers.
28. Click Next.
    A summary window shows the features to be installed. 
29. Click Install.
    Progress bars show installation activity until the Installation Summary window provides details about the completed installation.
30. Click Done.

Installing additional instances of BladeLogic Portal

The procedure for installing additional instances of BladeLogic Portal is largely the same as installing the first instance. The only major difference is that you do not let the installation program create another database. Instead you reference the database created for the first instance. Where necessary, this procedure describes any steps that must be taken when installing additional instances of BladeLogic Portal.

Where to go from here

If you want to set up native Windows authentication when the portal communicates with the portal's SQL Server database, see Setting up Windows authentication for SQL Server.

Set up a backup procedure for the DCA Indexing Server. If BladeLogic Portal was already installed and you have just installed another instance, you must be certain that each instance has an identical backup configuration.

If you want to disable HTTP traffic with the DCA Indexing Server, see Disabling or enabling HTTP traffic with the DCA Indexing Server. 

If you are using roles with a limited set of permissions for Data Refresh, see Configuring Data Refresh.

When those tasks are complete, see Configuring after installation.