CA Process Automation 4.0 Installation Steps

Document ID : KB000021507
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

The following details the installation procedure for CA Process Automation 4.0. It is meant to supplement the installation guide that comes on the installation media.

Solution:

Prerequisites
Download both iso images from support.ca.com for CA Process Automation 4.0 and mount the iso image so that all files on both iso images are available to you from the server where you are installing ITPAM.

Database Server (for this example, MS SQL Server 2005)
MS SQL Server installed with mixed authentication mode including an account with Administrative privileges that will be used to create the Process Automation databases.

CA PAM requires databases to be case insensitive. MS SQL Server collation for CA PAM databases must be SQL_Latin1_General_CP1_CI_AS (by default, the CA PAM installer creates databases with this collation).

Also, new in ITPAM 4.0, the JDBC drivers that are used must support XA distributed transactions. Verify that the database server is configured to enable XA. (Sql Server is not by default). Here are the instructions to enable XA distributed transactions:

These changes require a Database Server restart. Coordinate with other users of the Database Server and complete the changes in a maintenance window.

  1. Obtain a copy of the XA driver. The XA driver is on CA Process Automation DVD1 in the folder thirdparty\mssql, or you can download Microsoft SQL Server JDBC Driver 3.0 directly from Microsoft then extract the file into a scratch directory.

    Figure 1

  2. On DVD1, navigate to the sqljdbc_3.0\enu\xa folder and locate the sqljdbc_xa.dll from either the x64 or x86 folder (based on the system architecture of the database server machine where MS SQL Server is installed). Copy this file to the MSSQL\Binn folder of your Sql Server install. This Binn folder can be in different locations depending on your install. Most commonly it will be under:

    <mssql_install_location>\MSSQL.1\MSSQL\Binn

    If you do not have the above location or to make sure this is the correct location, right click on the SQL Server Agent service in the Windows Services applet on the database machine and select properties. Here you will see the path to the sqlagent.exe file. This is where the sqljdbc_xa.dll should be copied.

  3. Create a non-'sa' account for CA Process Automation to use to access its internal databases.

    1. Log in to the SQL Management Studio.

    2. Create a user (for example, pamxauser) and assign master as the default database.

      Figure 2

    3. In the User Mappings, verify that the public database role is assigned to the master database.

      Figure 3

    4. In the Server Roles, verify that dbcreator is selected.

      Figure 4

    5. Click OK.

  4. Enable XA transactions for Distributed Transaction Coordinator.

      For Windows 2008

    • Navigate to Administrative Tools, Component Services.

    • Expand Distributed Transactions and open the Local DTC properties.

      Figure 5

    • Select the Security tab and select Enable XA Transactions.

      Figure 6

      For Windows 2003

    • Navigate to Administrative Tools, Component Services.

    • Right-click My Computer and select Properties.

      Figure 7

    • Click the MSDTC tab.

      Figure 8

    • Click the Security Configuration button under Transaction Configuration.

      Figure 9

    • In the Security Configuration window, select Enable XA Transactions.

    • Click OK, Click OK, then select File, Exit.

      NOTE: If you are using a SQL server cluster you will need to do this a second time in the clustered node folder. This is displayed under the "Local DTC" folder where you first enabled XA transactions. This is still under the \security tab. Check "Enable XA transactions" and click ok. You do not need to restart SQL Server or PAM.

    • Open the MS SQL Server client (Management Studio) as user 'sa'.

      • Select File, Open, File and then browse from the folder from Step 2 to the xa_install.sql script under sqljdbc_3.0\enu\xa.

        Figure 10

      • Click Execute to run the script and load the DLL.

        Note: If a permissions message similar to the following appears, ignore the message:
        Msg 3701, Level 16, State 15, Procedure sp_dropextendedproc, Line 18 Cannot drop the procedure 'xp_sqljdbc_xa_init', because it does not exist or you do not have permission.


        Figure 11

        Figure 12

    • Run the following SQL commands, replacing pamxauser with the user name you used:

      use master
      go
      exec sp_grantdbaccess 'pamxauser'
      go
      exec sp_addrolemember [SqlJDBCXAUser],'pamxauser'

      Figure 13

      Note: An error message that the user exists opens. Ignore this message.

      Figure 14

    • Verify that the SqlJDBCXAUser role is checked for the pamxauser user for the master database, then exit Management Studio.

      Figure 15

    • Restart your MS SQL Server Service.

    Java 1.6.x Installation

    • Java SDK initial installation screen

      Figure 16

    • Java JDK component selection (all selected)

      Figure 17

    • Java JRE installation

      Figure 18

    EEM (Build 12.0.0.33) Installation

    EEM is used for user authentication and access control.

    • 32-bit executable used

      Figure 19

    • EEM installation screens

    • Click Next

      Figure 20

    • Scroll to the bottom and select "I accept the terms of the License Agreement and click Next.

      Figure 21

    • EEM installation directories. Click Next

      Figure 22

    • Port and DB size. Click Next

      Figure 23

    • Password for the EEM Administrative user - EiamAdmin (the EiamAdmin userid and password will be required during the CA Process Automation 4.0 installation)

      Figure 24

    • FIPS can be enabled. We will not enable it for the purposes of this doc. Click Next.

      Figure 25

    • Review and click Install.

      Figure 26

      Figure 27

    CA Process Automation 4.0 Installation

    Third Party Installation (CD1)

    Figure 28

    Welcome Screen

    Figure 29

    License Agreement. Scroll down and select "I accept the terms of the License Agreement. Click Next.

    Figure 30

    Select the Destination Directory. Notice the Required disk space notation.

    Figure 31

    Prerequisites List

    Figure 32

    Figure 33

    JDBC Jar required for installation (MS SQL Server used in this case). Click the Add Files button and select the database from the drop down. The jar location is populated automatically from the installation media.

    Figure 34

    Figure 35

    Specify the location of the CD2 media, this will launch the CA PAM 4.0 Domain Installer (the installer can only be launched from the Third Party installer on CD1)

    Figure 36

    CA Process Automation Domain Installation (CD2)

    Initial Domain Install Panel

    Figure 37

    License Agreement. Scroll to the bottom and click "I accept the terms of the License Agreement". Then click Next.

    Figure 38

    May need to set the JDK home directory.

    Figure 39

    Figure 40

    SSO and Load Balancer configuration (not configured in this case)

    CA SiteMinder is required for SSO. For Load Balancing, there is a separate Knowledge Doc on installing ITPAM for Clustering and Load Balancing. You can access it here: https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=TEC560873

    Figure 41

    Enter Company Name. This is used in integrations with other products (such as CA Service Catalog)

    Figure 42

    Enter the certificate password. The default is "itpamcertpass".

    Figure 43

    Start Menu Folder

    Figure 44

    Host Ports are displayed as default. Ensure that these ports are not in use on your server. Select to Install as Service (note, the CA Process Automation Orchestrator service must be started after the installation is complete; the service is initially configured to 'Manual' Startup Type). You can also select "Support Secure Communication" here for SSL communication. This will enable the HTTPS Port setting.

    Figure 45

    Make sure user's that might run scripts have permissions to this temp directory.

    Figure 46

    PowerShell policy

    This allows for central configuration of the PowerShell path and sets the execution of scripts to "Remote Signed" which allows CA Process Automation to run PowerShell scripts.

    Figure 47

    CA Process Automation EEM configuration

    Initial EEM Settings. Select the Register Application checkbox at the bottom. Enter the EEM Server, EEM Application Name and EEM Certificate Password (default is "itpamcertpass"). Then click Register.

    Note: If this is an upgrade, specify the same EEM Application Name as you previously selected. Select Register Application and click Register to upgrade the EEM application.

    Figure 48

    You are prompted for an EEM Admin login. This is the EiamAdmin user login you set up when you installed EEM.

    Figure 49

    Click OK

    Figure 50

    The EEM application has been registered and users and groups have been setup. The default admin login is pamadmin/pamadmin. Type that here.

    Figure 52

    You should see the following if EEM was configured correctly.

    Figure 52

    Here is a view of EEM and what the application registration has setup for you:

    Figure 53

    If the Verify EEM settings screen does not return OK for "User provided belongs to User Group" and "User is an Admin", this is most likely because EEM is pointing to LDAP and not to the internal datastore. You can either point EEM to the internal datastore or you can configure an LDAP user in EEM to be a member of the newly created PAMAdmins group in this application. Then you can test these settings again using that LDAP user instead of the pamadmin user. See the knowledge doc on configuring and LDAP user to login to ITPAM here: https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=TEC565739

    CA Process Automation Installation Database Configuration

    • The Repository, Reporting and Runtime databases can now be separated to allow for easier maintenance and to enhance performance. After the databases have been created, click 'Check the Database Settings' to ensure they are configured correctly.

    • After selecting the Type of Database the rest of the fields are populated with default values except the User Name and Password fields; be sure to denote a meaningful 'Repository Database' value if separate from the Runtime databases

      Figure 54

      Figure 55

    • Database settings for Process Automation Runtime and Queues databases. Check 'copy from main repository' to copy the parameters from the previous (Repository) database settings. Make sure to fill in the new Runtime Database name if you are separating the databases.

      Figure 56

      Figure 57

    • Database settings for Process Automation Reporting database. Check 'copy from main repository' to copy the parameters from the previous (Repository) database settings. Make sure to fill in the new Reporting Database name if you are separating the databases.

      Figure 58

      Figure 59

    • If no jdbc driver is listed, click Add Files. Make sure the check box is selected next to the driver name.

      Figure 60

      Figure 61

      Figure 62

    Installation Complete

    If there were any problems during the installation, consult the installation log located at <installation location>\CA\PAM\server\c20

    Figure 63