Back up your security configuration files to prevent the loss of information due to a potential system failure.
Consider backing up the following security information:
When you use local OS security, back up your user profiles, using the normal save procedures for user profiles. For more information, see the Backup and Recovery Guide by searching for "Saving group and user profiles" in the iSeries information center.
For information about the Directory Services Product (LDAP server), see the iSeries information center.
For information about Lotus Domino, see the Lotus Domino reference library.
Security settings are saved in several properties files. By default, these properties are located in theprofile_root/properties directory. The default standalone profile name is default. If you define additional WebSphere Application Server profiles, there are additional properties files located in the directories for those profiles. The following command saves all of the properties in the /SAS subdirectory:
SAV DEV('/QSYS.lib/wsalib.lib/wsasavf.file')
OBJ(('profile/properties/sas*'))
This previous command is on two lines for illustrative purposes only. Enter it as one continuous line
You can save security property files while WebSphere Application Server is running.
The following information applies to IBM HTTP Server. If you are using Lotus Domino HTTP Server, see the Notes.net Documentation Library. Changes to the HTTP configuration are often made to enable WebSphere Application Server to serve servlets and JavaServer Pages file requests and to enable WebSphere Application Server security. Consider saving your HTTP configuration as a part of your WebSphere Application Server backup and recovery. The IBM HTTP Server configurations are stored as members of the QATMHTTPC file in the QUSRSYS library. HTTP server instances are members of the QATMHINSTC file in the QUSRSYS library. The following example commands back up these files:
SAVOBJ OBJ(QUSRSYS/QATMHTTPC) SAVOBJ OBJ(QUSRSYS/QATMHINSTC)
The key files contain certificates that are used by the security infrastructure for WebSphere Application Server. These certificates are also used for HTTPS transport between servers. Save all of the files in the WAS_INSTANCE_ROOT/etc directory. Key files are contained in the WAS_INSTANCE_ROOT/etc directory, but administrators might create and store these files in other directories.
Passwords are stored as encrypted data in validation list objects when you use the OS/400 password encoding algorithm. The default validation list is /QSYS.LIB/QUSRSYS.LIB/EJSADMIN.VLDL, but you can change it in the administrative console by specifying it as a system property for the application server. For more information, see Administering application servers.