IBM IHS Web Server - Getting Started with IBM IHS Admin Server

An IBM IHS Admin Server is used to facilitate communication between WebSphere and an IHS web server. Typically, the Admin Server is used to start or stop an IHS Web Server, and to propagate the Web Server Plugin configuration file (plugin-cfg.xml) from the WebSphere deployment manager to the IHS web server.

When adding an IHS web server to WebSphere, you will need to include the Admin Server port, username and password.

 

If you have not yet installed IBMs IHS web server, use one of the following articles to install IBMs IHS web server. The admin server is included in the install.

 

After installating IHS, the <web_server_root>/conf/admin.conf file will have the following:

Listen     @@AdminPort@@
User       @@SetupadmUser@@
Group      @@SetupadmGroup@@
ServerName localhost:@@AdminPort@@

 

You will need to update these lines to have a port, user, group, and server name. Typically, port 8008 is used. The netstat command can be used to ensure that port 8008 is not in use by some other service on the server.

netstat -an | grep 8008

 

The User, Group and ServerName should be an exact match the User, Group and ServerName listed in your web servers configuration file.

~]# egrep 'User|Group|ServerName' <web server root>/conf/httpd.conf
User john.doe
Group webgroup
ServerName ihs.example.com

 

In this example, the admin.conf file would look like this.

Listen 8008
User john.doe
Group webgroup
ServerName ihs.example.com:8008

 

It is important that the user/group in the IHS Admin Server configuration file (admin.conf) is an exact match of user/group in your IHS Web Server configuration file as the user/group is needed to be able to successfully start or stop the web server from WebSphere, and to propagate the web server plugin configuration file (plugin-cfg.xml).

 

Let's say your admin.conf file contains the following directive. In this example, the admin password file will need to be located at /opt/IBMIHS/conf/admin.passwd.

Use the htpasswd command to create or update john.doe password in the /opt/IBMIHS/conf/admin.passwd file.

AuthUserFile "/opt/IBMIHS/conf/admin.passwd"

 

Use the adminctl command to start the admin server.

You should now be able to use the admin server. There is no web interface for the admin server. If you navigate to http://hostname:8008/wasadmin, there will be a prompt for your username and password. 

 

If the wasadmin page produces something like "page cannot be displayed", SSL may be enabled in admin.conf. You'll want to comment out the SSL directives in admin.conf and then restart the admin server so that you can access the admin server over HTTP.

#SSLEnable
#SSLServerCert default
#Keyfile "/path/to/keyfile.kdb"

 

When you provide your username and password, the following page will be displayed. This is normal, and not suggestive of a problem.

 

Likewise, the admin_access_log should have a 200 OK event, like this.

x.x.x.x - john.doe [14/Aug/201906:56:05 -0500] "GET /wasadmin HTTP/1.1" 200 91

 

If you want to be able to start or stop IHS from a WebSphere deployment manager, you will need to provide the admin server port and credentials when adding the web server to the dmgr.

 

You may want to also configure the admin server to automatically start when the system is rebooted. 

 




Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee

Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.





Please enter ac7a3 in the box below so that we can be sure you are a human.




Comments


July 25th, 2021 by Alex Flores
Thanks dude. But i think that you can explain that how can we get the user and group. I have a lot of headaches because im noob in this. You add the user you can run this command: ./setupadm -create -usr jonh.doe -grp ubuntu -cfg /opt/IBM/HTTPServer/conf/httpd.conf -adm /opt/IBM/HTTPServer/conf/admin.conf -CREATE: create the user and group, this option gets a block in the /etc/group file, so log like root user before. -usr: user from IHS server -grp: The group must be in the operative system, you can run the "groups" command for check the groups -cfg and -adm: path to the httpd.conf and admin.conf respectively YOU CAN CHECK THESE GUIDES: https://www.ibm.com/docs/en/ibm-http-server/8.5.5?topic=manually-running-setupadm-command-administration-server https://www.experts-exchange.com/articles/14139/Setting-up-IBM-HTTP-Server-for-starting-stopping-from-WAS-console.html Gretings :p

Web design by yours truely - me, myself, and I   |   jeremy.canfield@freekb.net   |