Upgrading Cisco Access Registrar Software

Cisco Access Registrar 4.1 supports software upgrades from your previously installed Cisco AR software while preserving your existing configuration database. Cisco AR supports an upgrade path for both the Solaris or Linux versions of Cisco AR software.

Note Configuration for Prepaid billing servers in Cisco AR 3.0 will no longer work in Cisco AR 4.1. If you have been using a Prepaid billing server in Cisco AR 3.0 and are upgrading your software to Cisco AR 4.1, you must remove the Prepaid billing server configuration before installing the Cisco AR 4.1 software. Chapter 14, "Using Prepaid Billing," provides detailed instructions for configuring Prepaid billing services for Cisco AR 4.1.

Caution Running the command mcdadmin -coi to import configuration data will cause the Cisco AR 4.1 server to lose all session information.

This chapter contains the following sections:

•Solaris Software Upgrade Overview

•Linux Software Upgrade Overview

•Software Upgrade Tasks

•Installing the Cisco AR License File

•Upgrading Cisco AR Solaris Software

•Upgrading Cisco AR Linux Software

•Configuring SNMP

•"Restarting Replication" section

Solaris Software Upgrade Overview

This section describes the Solaris upgrade processes.

Step 1 Ensure that replication is disabled.

Refer to Disabling Replication.

Step 2 If you have modified the snmpd.conf file in the /cisco-ar/ucd-snmp/share/snmp directory, you must back up this file before doing the upgrade process. The pkgrm removes the snmpd.conf file, even if it has been modified.

Step 3 Remove the old software using the pkgrm command.

Refer to Using pkgrm to Remove Cisco AR Solaris Software.

Step 4 If you plan to use the Cisco AR SNMP features, disable the current Sun SNMP daemon and prevent the Sun SNMP daemon from restarting after a reboot.

Step 5 Decide where to install the Cisco Access Registrar 4.1 software.

The default installation directory for Cisco AR 4.1 software is /opt/CSCOar. If you are upgrading from Cisco AR version 1.7 or earlier, the default installation directory was /opt/AICar1.

Step 6 Decide if you want to preserve your existing configuration database.

Preserving your existing configuration database is a compelling reason to upgrade rather than to start anew. The upgrade procedure in this chapter assumes you want to preserve your existing configuration.

If you are upgrading from Cisco AR 1.7 or an earlier version, the default installation directory is /opt/AICar1. The default installation directory for Cisco AR is /opt/CSCOar.

If your previous install directory was /opt/AICar1, you should use that directory to install Cisco AR 4.1 You might also rename the old directory, as in the following:

cd /opt

mv AICar1   CSCOar

Step 7 Copy the Cisco Access Registrar 4.1 license file to a location on the Cisco AR workstation directory such as /tmp.

For detailed information about the Cisco AR license and how to install the license, see Cisco Access Registrar 4.1 Licensing.

Step 8 Use the pkgadd command to install the Cisco Access Registrar 4.1 software.

For detailed information about using the pkgadd command to install Cisco AR software, see Chapter 2, "Installing Cisco Access Registrar 4.1 Software on Solaris."

Note Since you are upgrading, you will want to preserve your existing database.

Step 9 If you configured Cisco AR to use SNMP prior to upgrading, after installing Cisco AR 4.1 software, you must copy the snmpd.conf file back to the /cisco-ar/ucd-snmp/share/snmp directory.

Step 10 Restart the Cisco AR server using the following command:

/etc/init.d/arserver  restart

Linux Software Upgrade Overview

This section provides overview information of the Linux upgrade processes.

Step 1 Ensure that replication is disabled.

Refer to Disabling Replication.

Step 2 If you have modified the snmpd.conf file in the /cisco-ar/ucd-snmp/share/snmp directory, you must back up this file before doing the upgrade process. The pkgrm removes the snmpd.conf file, even if it has been modified.

Note If you currently use the 3.5.2 Linux version, the uninstall-ar program removes /opt/CSCOar/data. Before you run the uninstall-ar program, copy the /opt/CSCOar/data directory to a temporary location such as /tmp. After you install the upgrade software, move the data directory back to /opt/CSCOar/data.

Step 3 Remove the old software using the uninstall-ar command.

For detailed information about using the uninstall-ar command to remove Cisco AR Linux software, see Using uninstall-ar to Remove Linux Software.

Step 4 If you plan to use the Cisco AR SNMP features, disable the current SNMP daemon and prevent the SNMP daemon from restarting after a reboot.

Step 5 Decide where to install the Cisco Access Registrar 4.1 software.

The default installation directory for Cisco AR 4.1 software is /opt/CSCOar.

Step 6 Decide if you want to preserve your existing configuration database.

Preserving your existing configuration database is a compelling reason to upgrade rather than to start anew. The upgrade procedure in this chapter assumes you want to preserve your existing configuration.

Step 7 Copy the Cisco Access Registrar 4.1 license file to a location on the Cisco AR workstation directory such as /tmp.

Step 8 Install the Linux version of Cisco Access Registrar 4.1 software.

Step 9 If you configured Cisco AR to use SNMP prior to upgrading, after installing Cisco AR 4.1 software, you must copy the snmpd.conf file back to the /cisco-ar/ucd-snmp/share/snmp directory.

Step 10 Restart the Cisco AR server using the following command:

/etc/init.d/arserver  restart

Software Upgrade Tasks

This section provides information about the tasks involved in the Cisco AR software upgrade process.

Disabling Replication

If you are using the Cisco AR replication feature, you must disable it before you begin the upgrade process of the upgrade will fail. When completed, refer to "Restarting Replication" section for the correct way to restart replication.

To ensure that replication is disabled, complete the following steps:

Step 1 Login as admin and launch aregcmd.

Step 2 Change directory to /radius/replication and examine the RepType property.

cd /radius/replication

[ //localhost/Radius/Replication ]
RepType = None
RepTransactionSyncInterval = 60000
RepTransactionArchiveLimit = 100
RepIPAddress = 0.0.0.0
RepPort = 1645
RepSecret = NotSet
RepIsMaster = FALSE
RepMasterIPAddress = 0.0.0.0
RepMasterPort = 1645
Rep Members/


Make sure that RepType is set to None.

Step 3 If you made changes, issue the save command, then exit the aregcmd command interface.

Using pkgrm to Remove Cisco AR Solaris Software

There are two different Cisco AR Solaris software packages, AICar1 and CSCOar. The AICar1 package was used for Cisco AR 1.7 and earlier versions. The CSCOar package has been used for Cisco AR 3.0 and later versions.

Removing the AICar1 Package

The following steps describe how to remove the AICar1 software package.

Step 1 Log in to the Cisco AR workstation as a root user, and enter the following command line:

pkgrm AICar1

The following package is currently installed:

   AICar1          Access Registrar 1.7R7 [SunOS-5.8, ns40, gcc-O, official]

                   (sparc) 1.7R7

Do you want to remove this package?

Step 2 Enter y or yes to continue removing the AICar1 package.

## Removing installed package instance <AICar1>

This package contains scripts which will be executed with super-user

permission during the process of removing this package.

Do you want to continue with the removal of this package [y,n,?,q] 

Step 3 Enter y to continue removing the AICar1 package.

After you enter y, the AICar1 package should be removed without further interaction.

## Verifying package dependencies.

## Processing package information.

## Executing preremove script.

Waiting for these processes to die (this may take some time):

  AR MCD lock manager  (pid: 2971)

  AR MCD server        (pid: 2967)

  AR RADIUS server     (pid: 2973)

  AR Server Agent      (pid: 2965)

2967: terminated

2973: terminated

2971: terminated, wait status 0x000f

2965: terminated

Access Registrar Server Agent shutdown complete.

# removing /etc/rc.d files

# done with preremove.

## Removing pathnames in class <snmp>

/opt/AICar1/ucd-snmp/share/snmp/snmpd.conf

.

. <several hundred lines deleted>

.

/opt/AICar1/bin/screen

/opt/AICar1/bin

/opt/AICar1/README

## Removing pathnames in class <none>

## Updating system information.

Removal of <AICar1> was successful.

hostname root /scratch## 

Removing the CSCOar Package

The following steps describe how to remove the CSCOar software package.

Step 1 Log in to the Cisco AR workstation as a root user, and enter the following command line:

pkgrm CSCOar

The following package is currently installed:

   CSCOar          Cisco Access Registrar 3.0R7 [SunOS-5.8, official]

                   (sparc) 3.0R7

Do you want to remove this package?

Step 2 Enter y or yes to continue removing the CSCOar package.

## Removing installed package instance <CSCOar>

This package contains scripts which will be executed with super-user

permission during the process of removing this package.

Do you want to continue with the removal of this package [y,n,?,q]

Step 3 Enter y to continue removing the CSCOar package.

After you enter y, the CSCOar package should be removed without further interaction.

## Verifying package dependencies.

## Processing package information.

## Executing preremove script.

Waiting for these processes to die (this may take some time):

  AR Server Agent      (pid: 28352)

  AR MCD server        (pid: 28354)

  AR RADIUS server     (pid: 28372)

  AR MCD lock manager  (pid: 28355)

28354: terminated, wait status 0x0000

28372: terminated, wait status 0x0000

28355: terminated, wait status 0x000f

28352: terminated, wait status 0x0000

Access Registrar Server Agent shutdown complete.

# removing /etc/rc.d files

# done with preremove.

## Removing pathnames in class <snmp>

/opt/CSCOar/ucd-snmp/share/snmp/snmpd.conf

/opt/CSCOar/ucd-snmp/share/snmp/snmpconf-data/snmptrapd-data/traphandle

.

.

. <several hundred lines deleted>

.

.

/opt/CSCOar/README

/opt/CSCOar/.system/screen

/opt/CSCOar/.system

## Removing pathnames in class <none>

## Updating system information.

Removal of <CSCOar> was successful.

hostname root ~## 

Using uninstall-ar to Remove Linux Software

The Linux version of Cisco AR software includes the uninstall-ar program in /opt/CSCOar/bin that you use to remove Cisco AR software on Linux machines.

Note If you currently use the 3.5.2 Linux version, the uninstall-ar program removes /opt/CSCOar/data. Before you run the uninstall-ar program, copy the /opt/CSCOar/data directory to a temporary location such as /tmp. After you install the upgrade software, move the data directory back to /opt/CSCOar/data.

Step 1 Log in to the Cisco AR workstation as a root user.

Step 2 To remove the Linux version of Cisco AR software, change directory to /opt/CSCOar/bin and start the uninstall-ar program as follows:

cd /opt/CSCOar/bin

uninstall-ar

uninstall-ar

Are you sure you want to remove CSCOar-3.5.4-1101360135? [y/n]: 

Step 3 Reply Yes or Y to continue removing the Linux software.

Are you sure you want to remove CSCOar-3.5.4-1101360135? [y/n]: y 

Waiting for these processes to die (this may take some time):

AR RADIUS server running       (pid: 15492)

AR Server Agent running        (pid: 27288)

AR MCD lock manager running    (pid: 27295)

AR MCD server running          (pid: 27294)

4 processes left.3 processes left.......2 processes left.......k0 processes left.0 
processes left

Access Registrar Server Agent shutdown complete.

Installing the Cisco AR License File

Cisco Access Registrar 4.1 uses a new licensing mechanism that enables you to activate different features in Cisco AR using a combination of different license keys. During system initialization, the Cisco AR server sets up the licensing data model and activates any features that are properly licensed.

You must have a license in a directory on the Cisco AR machine before you attempt to install Cisco AR software. If you have not installed the Cisco AR license file before beginning the software installation, the installation process will fail.

You can store the Cisco AR license file in any directory on the Cisco AR machine. During the installation process, you will be asked the location of the license file, and the installation process will copy the license file to the /opt/CSCOar/license directory or to the base installation directory you specify when you install the software (if you are not using the default installation location).

The license file might have the name ciscoar.lic, but it can be any filename with the suffix .lic. To install the Cisco AR license file, you can copy and paste the text into a file, or you can simply save the file you receive in EMail to an accessible directory.

Upgrading Cisco AR Solaris Software

This section describes the software installation process when installing Cisco Access Registrar 4.1 software on a Solaris workstation for the first time. This section includes the following subsections:

•Deciding Where to Install

•Installing Cisco AR Software from CD-ROM

•Installing Downloaded Software

•Common Solaris Installation Steps

Tips Before you begin to install the software, check your workstation's /etc/group file and make sure that group staff exists. The software installation will fail if group staff does not exist before you begin.

Deciding Where to Install

Before you begin the software installation, you should decide where you want to install the new software. The default installation directory for Cisco AR 4.1 software is /opt/CSCOar. You can use the default installation directory, or you can choose to install the Cisco AR software in a different directory.

Installing Cisco AR Software from CD-ROM

The following steps describe how to begin the software installation process when installing software from the Cisco Access Registrar 4.1 CD-ROM. If you are installing downloaded software, proceed to Installing Downloaded Software.

Step 1 Place the Cisco Access Registrar 4.1 software CD-ROM in the Cisco AR workstation CD-ROM drive.

Step 2 Log in to the Cisco AR workstation as a root user, and enter the following command line for (Solaris 8):

pkgadd -d /cdrom/cdrom0/kit/solaris-2.8  CSCOar

Step 3 Proceed to Common Solaris Installation Steps.

Installing Downloaded Software

This section describes how to uncompress and extract downloaded Cisco Access Registrar 4.1 software and begin the software installation.

Step 1 Log in to the Cisco AR workstation as a root user.

Step 2 Change directory to the location where you have stored the uncompressed tarfile.

cd /tmp

Step 3 Use a command like the following to uncompress the tarfile and extract the installation package files.

zcat   CSCOar-4.1.3-sol8-k9.tar.gz | tar xf -

Note These instructions are for the Solaris 8 package. There is no difference in download or installation procedures for Solaris 8, Solaris 9, or Solaris 10 other than the package name.

Step 4 Enter the following command to begin the installation:

pkgadd -d /tmp CSCOar

where /tmp is the temporary directory where you stored and uncompressed the installation files.

Step 5 Proceed to Common Solaris Installation Steps.

Common Solaris Installation Steps

This section describes the installation process immediately after you have issued the pkgadd command installing from CD-ROM or from downloaded software.

Processing package instance <CSCOar> from </tmp>

Cisco Access Registrar 4.1.3 [SunOS-5.8, official]

(sparc) 4.1.3

Copyright (C) 1998-2007 by Cisco Systems, Inc.

This program contains proprietary and confidential information.  

All rights reserved except as may be permitted by prior written consent.

    This package contains the Access Registrar Server and the

    Access Registrar Configuration Utility.  You can choose to

    perform either a Full installation or just install the

    Configuration Utility.

What type of installation: Full, Config only [Full] [?,q]

Step 6 For a full install, press Enter.

Where do you want to install <CSCOar>? [/opt/CSCOar] [?,q] 

Step 7 Press Enter to accept the default location of /opt/CSCOar, or enter a different directory to be used as the base installation directory.

Access Registrar requires FLEXlm license file to operate.  A list

of space delimited license files or directories can be supplied as

input; license files must have the extension ".lic".

Where are the FLEXlm license files located? [] [?,q]

Step 8 Enter the directory where you have stored the Cisco Access Registrar 4.1 license file.

Access Registrar provides a  Web GUI. It requires J2RE version

1.4.* to be installed on the server.

If you already have a compatible version J2RE installed, please

enter the directory where it is installed.  If you do not, the

compatible J2RE version can be downloaded from:

http://java.sun.com/

Where is the J2RE installed?  [?,q] 

The J2RE is required to use the Cisco AR GUI. If you already have a Java 2 platform installed, enter the directory where it is installed.

Note If you do not provide the J2RE path, or if the path is empty or unsupported, the installation process exits.

Step 9 Enter the directory or mount point where the J2RE is installed.

If you are not using ORACLE, press Enter/Return to skip this step.

ORACLE installation directory is required for ODBC configuration.

ORACLE_HOME variable will be set in /etc/init.d/arserver script

Where is ORACLE installed? [] [?,q] 

Step 10 If you plan to use Oracle for one of authentication, authorization, or accounting, enter the location where you have installed Oracle; otherwise press Enter.

A local database from previous installation of the Access

Registrar Server has been detected. It contains:

* session information

* all server object definitions

* local UserLists

Do you want to preserve the local database in /opt/CSCOar [y]: [y,n,?,q] y

Step 11 Reply Y to preserve the local database.

The upgrade procedure needs administrator access to your

configuration so that it can upgrade it.

Enter an AR administrator username and password:

User: 

Step 12 Enter the administrator userID and password.

User: admin

Password: 

Retype password: 

Remove old sessions in /opt/CSCOar/data/radius [n] [y,n,?,q] 

Step 13 Press Enter to retain old sessions, or enter Y to remove them.

## Executing checkinstall script.

The selected base directory </opt/CSCOar> must exist before

installation is attempted.

Do you want this directory created now [y,n,?,q] y

Using </opt/CSCOar> as the package base directory.

## Processing package information.

## Processing system information.

## Verifying package dependencies.

## Verifying disk space requirements.

## Checking for conflicts with packages already installed.

## Checking for setuid/setgid programs.

The following files are being installed with setuid and/or setgid

permissions:

  /opt/CSCOar/.system/screen <setuid root>

 /opt/CSCOar/bin/aregcmd <setgid staff>

 /opt/CSCOar/bin/radclient <setgid staff>

Do you want to install these as setuid/setgid files [y,n,?,q]

Step 14 Enter Y to install the setuid/setgid files.

This package contains scripts which will be executed with super-user

permission during the process of installing this package.

Do you want to continue with the installation of <CSCOar> [y,n,?]

Step 15 Enter Y to continue with the software installation.

No further interaction is required; the installation process should complete successfully and the arservagt is automatically started.

Installing Cisco Access Registrar 4.1.1 [SunOS-5.8, official] as <CSCOar>

## Installing part 1 of 1.

/opt/CSCOar/.system/add-example-config

/opt/CSCOar/.system/run-ar-scripts

/opt/CSCOar/.system/screen

/opt/CSCOar/README

/opt/CSCOar/bin/arbug

/opt/CSCOar/bin/nasmonitor

.

.

.

inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/RUNNING.txt  

  inflating: 
/opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/security-manager-howto.html  

  inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/ssl-howto.html  

   creating: /opt/CSCOar/jakarta-tomcat-4.0.6/work/

# setting up product configuration file /opt/CSCOar/conf/car.conf

# linking /etc/init.d/arserver to /etc/rc.d files

# setting ORACLE_HOME and JAVA_HOME variables in arserver

# removing old session information

# flushing old replication archive

# creating initial configuration database

Rollforward recovery using "/opt/CSCOar/data/db/vista.tjf" started Fri Mar 10 13:54:54 
2006

Rollforward recovery using "/opt/CSCOar/data/db/vista.tjf" finished Fri Mar 10 13:54:55 
2006

# installing example configuration

We will now generate an RSA key-pair and self-signed certificate that

may be used for test purposes

Generating a 1536 bit RSA private key

.....++++

...............++++

writing new private key to '/cisco-ar/certs/tomcat/server-key.pem'

-----

Server self-signed certificate now resides in /cisco-ar/certs/tomcat/server-cert.pem

Server private RSA key now resides in /cisco-ar/certs/tomcat/server-key.pem

Remember to install additional CA certificates for client verification

Tomcat private RSA key now resides in /cisco-ar/certs/tomcat/server-key.pem

Starting Access Registrar Server Agent..

completed.

The Radius server is now running.

# done with postinstall.

Installation of <CSCOar> was successful.

hostname root /tmp##

Configuring SNMP

If you choose not to use the SNMP features of Cisco Access Registrar, the installation process is completed. To use SNMP features, complete the configuration procedure described in Configuring SNMP.

Back-up Copy of Original Configuration

The upgrade process displays a message like the following to indicate where a copy of your original configuration has been stored.

Note Running the command mcdadmin -coi to import configuration data will cause the Cisco AR 4.1 server to lose all session information.

###############################################################

#

#  A backup copy of your original configuration has been

#  saved to the file:

#

#    /opt/CSCOar/temp/10062.origconfig-backup

#

#  If you need to restore the original configuration,

#  enter the following command:

#

#    mcdadmin -coi /opt/CSCOar/temp/10062.origconfig-backup

#

###############################################################

Removing Old VSA Names

The upgrade process provides an analysis of the configuration database, addition of new database elements, and a search for obsolete VSA names. When this is complete, a message like the following is displayed:

##############################################################

#

#   Sometimes VSAs get renamed from version to version of AR.

#   The upgrade process does not automatically remove the

#   old names. The upgrade process has generated a script

#   to remove the old names. The script is located in:

#

#       /opt/CSCOar/temp/10062.manual-deletes

#

#   Review the script to make sure you are not using any of

#   these old VSAs. Modify your configuration and your

#   scripts to use the new names before you attempt to run

#   the script.

#

#   To run the removal script, type:

#

#       aregcmd -sf /opt/CSCOar/temp/10062.manual-deletes

#

##############################################################

At this point, you should examine the script produced by the upgrade process to make sure that your site is not using any of the old VSAs. In the example above, the script can be found at /opt/CSCOar/temp/10062.manual-deletes.

Note The number preceding manual.deletes is produced from the PID of the upgrade process.

Modify your configuration and your scripts to use the new names before you attempt to run the script generated by the upgrade process.

VSA Update Script

The upgrade process builds a script you can use to update VSAs in your system.

##############################################################

#

#   VSAs for the old AR version are not updated

#   automatically. The upgrade process generated a script

#   to perform the update. The script is located in:

#

#       /opt/CSCOar/temp/10062.manual-changes

#

#   Review the script to make sure it does not conflict with

#   any of your VSA changes. Make sure you modify the script,

#   if necessary, before you attempt to run it.

#

#   To run the update script, type:

#

#       aregcmd -sf /opt/CSCOar/temp/10062.manual-changes

#

##############################################################

Step 16 Review the script and make sure that the changes it will make do not conflict with any changes you might have made to the VSAs. Modify the script if necessary.

Step 17 Record the location of the upgrade messages for future reference.

##############################################################

#

#  These upgrade messages are saved in:

#

#      /opt/CSCOar/temp/10062.upgrade-log

#

##############################################################

Upgrading Cisco AR Linux Software

This section describes the software installation process when upgrading to Cisco Access Registrar 4.1 software on a Linux workstation. This section includes the following subsections:

•Using uninstall-ar to Remove Linux Software

•Deciding Where to Install

•Installing Cisco AR Software from CD-ROM

•Common Linux Installation Steps

Using uninstall-ar to Remove Linux Software

The Linux version of Cisco AR software includes the uninstall-ar program in /opt/CSCOar/bin that you use to remove Cisco AR software on Linux machines.

Note If you currently use the 3.5.2 Linux version, the uninstall-ar program removes /opt/CSCOar/data. Before you run the uninstall-ar program, copy the /opt/CSCOar/data directory to a temporary location such as /tmp. After you install the upgrade software, move the data directory back to /opt/CSCOar/data.

Step 1 Log in to the Cisco AR workstation as a root user.

Step 2 To remove the Linux version of Cisco AR software, change directory to /opt/CSCOar/bin and stop the server.

cd /opt/CSCOar/bin

arserver stop

Waiting for these processes to die (this may take some time):

AR RADIUS server running       (pid: 1403)

AR Server Agent running        (pid: 29310)

AR MCD lock manager running    (pid: 29320)

AR MCD server running          (pid: 29317)

AR GUI running                 (pid: 29441)

5 processes left.2 processes left.0 processes left

Access Registrar Server Agent shutdown complete.

Step 3 Run the uninstall-ar program as shown below:

uninstall-ar

Are you sure you want to remove CSCOar-3.5.4-1101360135? [y/n]: 

Step 4 Reply Yes or Y to continue removing the Linux software.

Are you sure you want to remove CSCOar-3.5.4-1101360135? [y/n]: y 

Nothing running, no need to shutdown.

host root bin### 

Deciding Where to Install

Before you begin the software installation, you should decide where you want to install the new software. The default installation directory for Cisco AR 4.1 software is /opt/CSCOar. You can use the default installation directory, or you can choose to install the Cisco AR software in a different directory.

Installing Cisco AR Software from CD-ROM

The following steps describe how to begin the software installation process when installing software from the Cisco Access Registrar 4.1 CD-ROM. If you are installing downloaded software, proceed to Installing Downloaded Software.

Step 1 Place the Cisco Access Registrar 4.1 software CD-ROM in the Cisco AR workstation CD-ROM drive.

Step 2 Log in to the Cisco AR workstation as a root user and find a temporary directory, such as /tmp, to store the Linux installation file.

Note The temporary directory requires at least 70 MB of free space.

Step 3 Change directory to the CD-ROM.

cd /cdrom/cdrom0/kit/linux-2.4

Step 4 Copy the CSCOar-4.1.1-lnx24-install-k9.sh file to the temporary directory.

cp CSCOar-4.1.1-lnx24-install-k9.sh /tmp

Step 5 Change the permissions of the CSCOar-4.0.1-lnx24-install-k9.sh file to make it executable.

chmod 777 CSCOar-4.1.1-lnx24-install-k9.sh

To continue the installation, proceed to Common Linux Installation Steps.

Common Linux Installation Steps

This section describes how to install the downloadedCisco Access Registrar 4.1 software for Linux and begin the software installation.

Note The Cisco AR Linux installation automatically installs aregcmd and radclient as setgid programs in group adm.

Step 1 Log in to the Cisco AR workstation as a root user.

Step 2 Change directory to the location where you have stored the CSCOar-4.1.3-lnx26-install-K9.sh file.

cd /tmp

Step 3 Enter the name of the script file to begin the installation:

CSCOar-4.1.3-lnx26-install-K9.sh

Name        : CSCOar                       Relocations: /opt/CSCOar 

Version     : 4.1.3                        Vendor: Cisco Systems, Inc.

Release     : 1140764415                    Build Date: Thu Feb 23 23:55:51 2007

Install date: (not installed)               Build Host: arcanine.cnslab.cisco.com

Summary     : Access Registrar, a carrier-class RADIUS server

build_tag: [Linux-2.6.20, official]

Copyright (C) 1998-2007 by Cisco Systems, Inc.

This program contains proprietary and confidential information.  

All rights reserved except as may be permitted by prior written consent.

    This package contains the Access Registrar Server and the Access

    Registrar Configuration Utility.  All the Client, Server, and

    Configuration utilities will be installed.

Where do you want to install <CSCOar>? [/opt/CSCOar] [?,q] 

Step 4 Press Enter to accept the default location of /opt/CSCOar, or enter a different directory to be used as the base installation directory.

    Access Registrar requires FLEXlm license file to operate.  A list

    of space delimited license files or directories can be supplied as

    input; license files must have the extension ".lic".

    Existing license files found.  To use the existing license files,

    just press ENTER to the prompt below.

    Note: To enable other features within this package, additional FLEXlm

    license files can be specified below.

Where are the FLEXlm license files located? [/opt/CSCOar/license] [?,q] 

Step 5 Enter the directory where you have stored the Cisco Access Registrar 4.1 license file.

Access Registrar provides a Web GUI. It requires J2RE version 1.4.*

to be installed on the server.

If you already have a compatible version of J2RE installed, please

enter the directory where it is installed.  If you do not, the

compatible J2RE version can be downloaded from:

http://java.sun.com/

Where is the J2RE installed? [] [?,q]

The J2RE is required to use the Cisco AR GUI. If you already have a Java 2 platform installed, enter the directory where it is installed.

Note If you do not provide the J2RE path, or if the path is empty or unsupported, the installation process exits.

If you are not using ORACLE, press Enter/Return to skip this step.

ORACLE installation directory is required for ODBC configuration.

ORACLE_HOME variable will be set in /etc/init.d/arserver script

Where is ORACLE installed? [] [?,q] 

Step 6 Enter the location where you have installed Oracle, otherwise press Enter.

A local database from previous installation of the Access

Registrar Server has been detected. It contains:

* session information

* all server object definitions

* local UserLists

Do you want to preserve the local database in /opt/CSCOar [y]: [y,n,?,q] y

Step 7 Reply Y to preserve the local database.

The upgrade procedure needs administrator access to your configuration

so that it can upgrade it.

Enter an AR administrator username and password:

Step 8 Enter the administrator userID and password.

User: admin

Password: 

Retype password: 

Remove old sessions in /opt/CSCOar/data/radius [n]: [y,n,?,q] 

Step 9 Enter Y to remove old sessions or N to retain old sessions.

unpack the rpm file done

Preparing...                ########################################### [100%]

   1:CSCOarui-add           ########################################### [100%]

Archive:  ./jakarta-tomcat-4.0.6.zip

   creating: /opt/CSCOar/jakarta-tomcat-4.0.6/bin/

  inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/bin/bootstrap.jar  

  inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/bin/catalina.bat 

.

.

.

inflating: 
/opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/security-manager-howto.html  

  inflating: /opt/CSCOar/jakarta-tomcat-4.0.6/webapps/tomcat-docs/ssl-howto.html  

   creating: /opt/CSCOar/jakarta-tomcat-4.0.6/work/

Preparing...                ########################################### [100%]

   1:CSCOar                 ########################################### [100%]

relink arserver

# flushing old replication archive

# creating initial configuration database

Rollforward recovery using "/opt/CSCOar/data/db/vista.tjf" started Thu Apr 14 11:51:29 
2007

Rollforward recovery using "/opt/CSCOar/data/db/vista.tjf" finished Thu Apr 14 11:51:29 
2007

# add-example-config y

JAVA ROOT /nfs/insbu-cnstools/java-linux

JAVA_HOME /nfs/insbu-cnstools/java-linux

# setting ORACLE_HOME and JAVA_HOME variable in arserver

ORACLE_HOME 

JAVA_HOME /nfs/insbu-cnstools/java-linux

set JAVA_HOME 

calling gen-tomcat

/cisco-ar/certs/tomcat/server-cert.pem exists, no action taken.

unable to write 'random state'

Tomcat private RSA key now resides in /cisco-ar/certs/tomcat/server-key.pem

Starting Access Registrar Server Agent..completed.

The Radius server is now running.

hostname root /tmp### 

Back-up Copy of Original Configuration

The upgrade process displays a message like the following to indicate where a copy of your original configuration has been stored.

Note Running the command mcdadmin -coi to import configuration data will cause the Cisco AR 4.1 server to lose all session information.

###############################################################

#

#  A backup copy of your original configuration has been

#  saved to the file:

#

#    /opt/CSCOar/temp/10062.origconfig-backup

#

#  If you need to restore the original configuration,

#  enter the following command:

#

#    mcdadmin -coi /opt/CSCOar/temp/10062.origconfig-backup

#

###############################################################

Removing Old VSA Names

The upgrade process provides an analysis of the configuration database, addition of new database elements, and a search for obsolete VSA names. When this is complete, a message like the following is displayed:

##############################################################

#

#   Sometimes VSAs get renamed from version to version of AR.

#   The upgrade process does not automatically remove the

#   old names. The upgrade process has generated a script

#   to remove the old names. The script is located in:

#

#       /opt/CSCOar/temp/10062.manual-deletes

#

#   Review the script to make sure you are not using any of

#   these old VSAs. Modify your configuration and your

#   scripts to use the new names before you attempt to run

#   the script.

#

#   To run the removal script, type:

#

#       aregcmd -sf /opt/CSCOar/temp/10062.manual-deletes

#

##############################################################

At this point, you should examine the script produced by the upgrade process to make sure that your site is not using any of the old VSAs. In the example above, the script can be found at /opt/CSCOar/temp/10062.manual-deletes.

Note The number preceding manual.deletes is produced from the PID of the upgrade process.

Modify your configuration and your scripts to use the new names before you attempt to run the script generated by the upgrade process.

VSA Update Script

The upgrade process builds a script you can use to update VSAs in your system.

##############################################################

#

#   VSAs for the old AR version are not updated

#   automatically. The upgrade process generated a script

#   to perform the update. The script is located in:

#

#       /opt/CSCOar/temp/10062.manual-changes

#

#   Review the script to make sure it does not conflict with

#   any of your VSA changes. Make sure you modify the script,

#   if necessary, before you attempt to run it.

#

#   To run the update script, type:

#

#       aregcmd -sf /opt/CSCOar/temp/10062.manual-changes

#

##############################################################

Step 10 Review the script and make sure that the changes it will make do not conflict with any changes you might have made to the VSAs. Modify the script if necessary.

Step 11 Record the location of the upgrade messages for future reference.

##############################################################

#

#  These upgrade messages are saved in:

#

#      /opt/CSCOar/temp/10062.upgrade-log

#

##############################################################

Configuring SNMP

If you choose not to use the SNMP features of Cisco Access Registrar, the installation process is completed. To use SNMP features, complete the configuration procedure described in Configuring SNMP.

Configuring SNMP

If you choose not to use the SNMP features of Cisco Access Registrar, the installation process is completed. To use SNMP features, complete the configuration procedure described in Configuring SNMP, page 4-14.

If you have modified the snmpd.conf file in the /cisco-ar/ucd-snmp/share/snmp directory, you must back up this file before doing the upgrade process. The pkgrm removes the snmpd.conf file, even if it has been modified.

After installing Cisco AR 4.1 software with pkgadd, you must copy the snmpd.conf file back to the /cisco-ar/ucd-snmp/share/snmp directory. Restart the Cisco AR server using the following command:

/etc/init.d/arserver  restart

Restarting Replication

Before you enable replication, you must first upgrade all replication slave servers to the same version of Access Registrar software as the master server. Do not enable replication on the master server until all slave servers have been upgraded.

Use the same process you used to upgrade the master server to upgrade any slave servers. If you retained your configuration on the master, retain the configuration on the slaves, too.

After the same version of Cisco AR software has been installed on all slave servers, you can enable replication on the master server again. After enabling replication on the master server, you can enable replication on each of the slave servers.