Install and configure PassPort

The order in which you install and configure B2Bi and PassPort depends on the current status of your Axway product installation. While you can complete most installation and configuration tasks through the installer programs, in some cases you will need to complete a few additional manual steps.

There are three typical installation scenarios:

Installation requirements

B2Bi and PassPort are distributed through separate installer files, so regardless of the installation scenario you choose, you will execute a two-step installation procedure (and some post-installation configuration steps) to install the two products and fully configure their interoperability.

Before you start

Before installing B2Bi with PassPort, uninstall previous versions of B2Bi and PassPort, and recreate databases for both products.

Installation scenario 1: New installation of both B2Bi and PassPort

Schematic of installation/configuration sequence:

Task 1: Pre-installation

  1. Review prerequisites for both B2Bi and Axway installations. See B2Bi Installation Guide (this guide) and Axway Installation and Prerequisites Guide.
  2. Plan for your database and shared file system.
  3. Plan for your clustering and load balancing architecture.
  4. Plan for the DMZ, if users are to access either B2Bi or the PassPort UI through a DMZ.
  5. Collect the necessary server network locations, ports and access credentials. You will need to provide this information during the installation.
  6. If you require FIPS, make sure the feature is included in your PassPort license.
  7. If you do not use FIPS, make sure it is not included in either your B2Bi or PassPort license. (FIPS libraries are automatically swapped in at installation).

Task 2: Install PassPort from the Axway installer

  1. Run the Axway installer in Standard installation mode.
  2. Select to install only the PassPort option.
  3. During PassPort installation, note the “shared secret”. You will need to provide this during the B2Bi Server installation.
  4. At the end of the installation, click Update and apply the latest B2Bi compatible service pack that is available for PassPort. The B2Bi Release Notes provide version, service pack and patch requirements for each B2Bi component product.

Task 3: Start the PassPort server.

For details, see Start PassPort.

When you start the server for the first time, PassPort automatically builds the database.

Task 4: Configure PassPort

Note: This task can be combined with the post-B2Bi install configuration (step 7)

  1. Log in to the PassPort UI (https://hostname:6453/ui/)
  2. In the PassPort UI, configure the PassPort global settings, such as SMTP server (required) and any optional modifications to system properties or default password policy rules. PassPort has many settings that are useful in the B2Bi context, including session timeout, user validity rules, and audits. For details, see the PassPort Administrator Guide.
  3. Change your system administrator password and create new accounts for each person who will access the environment. These will be the logins you use to configure security settings and user management in the future. Do not keep the initial default password.
  4. Initially, PassPort has a default “Synchrony” domain, and a single organization called “Users”. It is acceptable and recommended to keep this default domain as-is, and to add any additional “local” PassPort administration accounts here.
  5. If applicable, configure your LDAP or Active Directory from the “Access” menu / identity stores. Before you can configure LDAP or Active Directory you must collect the Information related to the LDAP or Active Directory being integrated. The PassPort documentation describes these configuration steps.
  6. Associate any new external identity store to a newly created domain. It is important that you do not redirect the default "Synchrony" domain to an LDAP. If something goes wrong with this connection you will be unable to connect to either the PassPort UI or the B2Bi UI. Create a new domain for each LDAP / Active Directory being configured. When you have done this, the new domains become available in a selection list for in the B2Bi login page.

Task 5: Install B2Bi from the B2Bi Server installer

PassPort must be installed before you begin this task.

  1. Set the PassPort connection information: Select PassPort as the access management option, then enter the PassPort hostname, port, SSL, key store location, and shared secret (which must match the PassPort shared secret).
  2. Complete the installation. The installer writes the appropriate configuration files to the trading engine and integration engine directories. The installer encrypts the shared secret values.

Task 6: Start B2Bi and access the integration engine through the B2Bi System Manager

The first time you start the trading engine (Interchange), the CSD file for B2Bi is auto-registered to PassPort.

  1. From the Windows Start menu select All Programs > Axway Software > B2Bi Client > B2Bi Tools > B2Bi System Manager.
  2. Enter your login and password.
    You must use an account with the appropriate permissions for System Manager tool access. Ask your B2Bi administrator for valid login credentials.

The PassPort server must be running on the specified port, and the shared secret must match. If either of these is incorrect, startup throws errors to the log files, and manual corrective steps are required.

Task 7: Register the integration engine CSD file in PassPort

The next time you log in to the integration engine (Integrator) through the B2Bi System Manager, the Integrator CSD for B2Bi is auto-registered to PassPort. To log into the B2Bi System Manager:

  1. From the Windows Start menu, click All Programs > Axway Software > B2Bi Client > B2Bi Tools > B2Bi System Manager.
  2. The B2Bi Tools interface login pane is displayed.
  3. Enter your user name and password (default: admin /admin) and click OK.
  4. An error message is displayed with the text: Method returned no result. When you see this message, click OK to close the message window and then click Cancel to close the B2Bi Integration Engine System Manager.
  5. When you open and then close the B2Bi Integration Engine System Manager in this way, the integration engine pushes the integration engine CSD file to PassPort.

Task 8: Log in and configure PassPort (for B2Bi-specific roles)

  1. Login to the PassPort UI (https://hostname:6453/ui/).
  2. On the Administration > Components page, confirm that the components have been registered. You should see, as a minimum, the components Interchange, Integrator and PassPort. If you are using other components with B2Bi, such as Sentinel or Transfer CFT, they also are displayed.
  3. Confirm that the domain(s) in PassPort reference all installed components. From the Access > Domains menu, click on each domain and access the Components tab. Select all components (Interchange, Integrator) and save the changes.
  4. From the Access > Roles page, add additional custom roles as required. Following the auto-registration of the CSDs, PassPort contains numerous default privileges and roles for Interchange and Integrator, and possibly other components such as Sentinel. It is recommended to consolidate to five (or fewer) roles for assignment to actual users, as this is easier to manage in the future. Alternatively, you can map to your LDAP directory. PassPort supports hierarchical roles, so you can add roles that contain sub-roles from multiple components (Example: a role with administrative rights over both the trading engine (Interchange) and the integration engine (Integrator) resources).
  5. If you are using the PassPort user directory, you are ready to add B2Bi users. From the Community > Users and Contacts menu, click New User and follow the prompts to add a user. Be sure to assign the user the appropriate B2Bi role that you created in the previous step. This is an on-going activity as you manage users in your environment. You must properly set up the SMTP server before adding users, because users are delivered temporary passwords by email, and asked to create new passwords for their accounts.
  6. If you are using an external directory (LDAP), you do not need to explicitly add users to PassPort. However, you do have to map the B2Bi roles of your PassPort directory to groups in your external LDAP. Complete this tasks in the Access > Domains page. For domains that use external identify stores, there is an Edit link for Role and Group Mapping where this can be done.

Task 9: Log in to B2Bi

After the users or the LDAP containing the user identities are configured, you are ready to log in and use B2Bi.

  1. Log as a user that has the default system administrator role. Use the URL: http://[hostname]:6080/ui/
  2. A domain selection list is displayed on the login page.
  3. Select your PassPort domain from the list. Use the user name and password that were communicated to you by an email from PassPort, or in the case of LDAP, use your standard network login.
  4. Select Processing configuration > Manage deployment server to open the Manage deployment server page.
  5. On this page, click the link Change default deployment server credentials.
  6. Set the following properties to match those of the PassPort user who has all privileges for the integration engine (Integrator) component:
    • Domain – (example default value) Synchrony
    • Username – (example value) admin
    • Password – (example default value) Secret01
  7. Click Save changes.

You can now use the B2Bi user interface. Future user management is done from PassPort.

Installation scenario 2: New installation of PassPort integrated to an existing B2Bi

Schematic of installation/configuration sequence:

For this implementation we install PassPort only. We are assuming that B2Bi is already installed.

Task 1: Pre-installation

  1. Review the prerequisites from the Axway Installation and Prerequisites Guide.
  2. Plan for your database and shared file system.
  3. Plan for your clustering and load balancing architecture.
  4. Plan for the DMZ, if users are to access either B2Bi or the PassPort UI through a DMZ.
  5. Collect the necessary server network locations, ports and access credentials. You will need to provide this information during the installation.

Task 2: Install PassPort from the Axway installer

  1. Run the Axway installer in Standard installation mode.
  2. Select to install only the PassPort option.
  3. During PassPort installation, note the “shared secret”. You will need to provide this during the B2Bi Server installation.
  4. At the end of the installation, click Update and apply the latest B2Bi compatible service pack that is available for PassPort. The B2Bi Release Notes provide version, service pack and patch requirements for each B2Bi component product.

Task 3: Start the PassPort server.

For details, see Start PassPort.

When you start the server for the first time, PassPort automatically builds the database.

Task 4: Configure PassPort

  1. Log in to PassPort UI (https://hostname:6453/ui/)
  2. In the PassPort UI,configure the PassPort global settings, such as SMTP server (required) and any optional modifications to system properties or default password policy rules. PassPort has many settings that are useful in the B2Bi context, including session timeout, user validity rules, and audits. For details, see the PassPort Administrator Guide.
  3. Change your system administrator password and create new accounts for each person who will access the environment. These will be the logins you use to configure security settings and user management in the future. Do not keep the initial default password.
  4. Initially, PassPort has a default “Synchrony” domain, and a single organization called “Users”. It is acceptable and recommended to keep this default domain as-is, and to add any additional “local” PassPort administration accounts here.
  5. If applicable, configure your LDAP or Active Directory from the “Access” menu / identity stores. Before you can configure LDAP or Active Directory you must collect the Information related to the LDAP or Active Directory being integrated. The PassPort documentation describes these configuration steps.

Task 5: Modify the existing B2Bi configuration to use PassPort

  1. Start the B2Bi installer in Configure mode.
  2. Page through to the Access Manager settings dialog to enter the connection parameters for PassPort.

Task 6: Restart B2Bi and access the integration engine through the System Manager

The next time you start the trading engine (Interchange), the CSD file for B2Bi is auto-registered to PassPort.

  1. From the Windows Start menu select All Programs > Axway Software > B2Bi Client > B2Bi Tools > B2Bi System Manager.
  2. Enter your login and password.
    You must use an account with the appropriate permissions for System Manager tool access. Ask your B2Bi administrator for valid login credentials.

The PassPort server must be running on the specified port, and the shared secret must match. If either of these is incorrect, startup throws errors to the log files, and manual corrective steps are required.

Task 7: Register the integration engine CSD file in PassPort

The next time you log in to the integration engine (Integrator) through the B2Bi System Manager, the Integrator CSD for B2Bi is auto-registered to PassPort. To log into the B2Bi Integration Engine System Manager:

  1. From the Windows Start menu, click All Programs > Axway Software > B2Bi Client > B2Bi Tools > B2Bi System Manager.
  2. The B2Bi Tools interface login pane is displayed.
  3. Enter your login and password.
    You must use an account with the appropriate permissions for System Manager tool access. Ask your B2Bi administrator for valid login credentials.
  4. An error message is displayed with the text: Method returned no result. When you see this message, click OK to close the message window and then click Cancel to close the B2Bi Integration Engine System Manager.
  5. When you open and then close the B2Bi Integration Engine System Manager in this way, the integration engine pushes the integration engine CSD file to PassPort.

Task 8: Log in and configure PassPortAM (for B2Bi-specific roles)

  1. Login to PassPort UI (https://[hostname]:6453/ui/).
  2. On the Administration > Components page, confirm that the components have been registered. You should see, as a minimum, the components Interchange, Integrator and PassPort. If you are using other components with B2Bi, such as Sentinel or Transfer CFT, they will also be displayed.
  3. Confirm that the domain(s) in PassPort reference all installed components. From the Access > Domains menu, click on each domain and access the Components tab. Select all components (Interchange, Integrator) and save the changes.
  4. From the Access > Roles page, add additional custom roles as required. Following the auto-registration of the CSDs, PassPort contains numerous default privileges and roles for Interchange and Integrator, and possibly other components such as Sentinel. It is recommended to consolidate to five (or fewer) roles for assignment to actual users, as this is easier to manage in the future. Alternatively, you can map to your LDAP directory. Hierarchical roles are supported, so you can add roles that contain sub-roles from multiple components (Example: a role with administrative rights over both Interchange and Integrator resources).
  5. If you are using the PassPort user directory, you are ready to add B2Bi users. From the Community > Users and Contacts menu, click New User and follow the prompts to add a user. Be sure to assign the user the appropriate B2Bi role that you created in the previous step. This is an on-going activity as you manage users in your environment. You must properly set up the SMTP server before adding users, because users are delivered temporary passwords by email, and asked to create new passwords for their accounts.
  6. If you are using an external directory (LDAP), you do not need to explicitly add users to PassPort. However, you do have to map the B2Bi roles of your PassPort directory to groups in your external LDAP. Complete this tasks in the Access > Domains page. For domains that use external identify stores, there is an Edit link for Role and Group Mapping where this can be done.

Task 9: Log in to B2Bi

After the users or the LDAP containing the user identities are configured, you are ready to log in and use B2Bi.

  1. Log as a user that has the default system administrator role. Use the URL: http://[hostname]:6080/ui/
  2. A domain selection list is displayed on the login page.
  3. Select your PassPort domain from the list. Use the user name and password that were communicated to you by an email from PassPort, or in the case of LDAP, use your standard network login.
  4. Select Processing configuration > Manage deployment server to open the Manage deployment server page.
  5. On this page, click the link Change default deployment server credentials.
  6. Set the following properties to match those of the PassPort user who has all privileges for the integration engine (Integrator) component:
    • Domain – (example default value) Synchrony
    • Username – (example value) admin
    • Password – (example default value) Secret01
  7. Click Save changes.

You can now use the B2Bi user interface. Future user management will be done from PassPort.

Installation scenario 3: New Installation of B2Bi integrated to an existing PassPort

Schematic of installation/configuration sequence:

This scenario assumes that the compatible version of PassPort is previously installed and started. The B2Bi installation steps are identical to scenario 1 above.

Task 1: Pre-installation

  1. Review prerequisites for both B2Bi and Axway installations. See B2Bi Installation Guide (this guide) and Axway Installation and Prerequisites Guide.
  2. Plan for your database and shared file system.
  3. Plan for your clustering and load balancing architecture.
  4. Plan for the DMZ, if users are to access either B2Bi or the PassPort UI through a DMZ.
  5. Collect the necessary server network locations, ports and access credentials. You will need to provide this information during the installation.
  6. If you require FIPS, make sure the feature is included in your PassPort license.
  7. If you do not use FIPS, make sure it is not included in either your B2Bi or PassPort license. (FIPS libraries are automatically swapped in at installation).

Task 2: Install B2Bi from the B2Bi Server installer

PassPort must be installed before you begin this task.

  1. Set the PassPort connection information: Select PassPort as the access management option, then enter the PassPort hostname, port, SSL, key store location, and shared secret (which must match the PassPort shared secret).
  2. Complete the installation. The installer writes the appropriate configuration files to the trading engine and integration engine directories. The installer encrypts the shared secret values.

Task 3: Register the trading engine CSD file in PassPort

The first time you start B2Bi, the trading engine (Interchange) CSD file for B2Bi is auto-registered to PassPort.

Task 4: Register the integration engine CSD file in PassPort

When you log in to the integration engine (Integrator) through the B2Bi Integration Engine System Manager, the Integrator CSD for B2Bi is auto-registered to PassPort. To log into the B2Bi Integration Engine System Manager:

  1. From the Windows Start menu, click All Programs > Axway Software > B2Bi Client > B2Bi Tools > B2Bi System Manager.
  2. The B2Bi Tools interface login pane is displayed.
  3. Enter your user name and password (default: admin /admin) and click OK.
  4. An error message is displayed with the text: Method returned no result. When you see this message, click OK to close the message window and then click Cancel to close the B2Bi Integration Engine System Manager.
  5. When you open and then close the B2Bi Integration Engine System Manager in this way, the integration engine pushes the integration engine CSD file to PassPort.

Task 5: Configure PassPort for B2Bi roles

  1. Log in to PassPort UI (https://hostname:6453/ui/)
  2. In the PassPort UI, configure the PassPort global settings, such as SMTP server (required) and any optional modifications to system properties or default password policy rules. PassPort has many settings that are useful in the B2Bi context, including session timeout, user validity rules, and audits. For details, see the PassPort Administrator Guide.
  3. Change your system administrator password and create new accounts for each person who will access the environment. These will be the logins you use to configure security settings and user management in the future. Do not keep the initial default password.
  4. Initially, PassPort has a default “Synchrony” domain, and a single organization called “Users”. It is acceptable and recommended to keep this default domain as-is, and to add any additional “local” PassPort administration accounts here.
  5. If applicable, configure your LDAP or Active Directory from the “Access” menu / identity stores. Before you can configure LDAP or Active Directory you must collect the Information related to the LDAP or Active Directory being integrated. The PassPort documentation describes these configuration steps.
  6. Associate any new external identity store to a newly created domain. It is important that you do not redirect the default Synchrony domain to an LDAP. If something goes wrong with this connection you will be unable to connect to either the PassPort UI or the B2Bi UI. Create a new domain for each LDAP / Active Directory being configured. When you have done this, the new domains become available in a selection list for in the B2Bi login page.

Task 6: Log in to B2Bi

After the users or the LDAP containing the user identities are configured, you are ready to log in and use B2Bi.

  1. Log as a user that has the default system administrator role. Use the URL: http://[hostname]:6080/ui/
  2. A domain selection list is displayed on the login page.
  3. Select your PassPort domain from the list. Use the user name and password that were communicated to you by an email from PassPort, or in the case of LDAP, use your standard network login.
Tip   Until deployment server credentials are set on the B2Bi Manage Deployment Server page, the control_node log may report the following error: ERROR Import Server is PassportAM enabled but no user/password provided. This error occurs the first time B2Bi is started after you have upgraded from a B2Bi that was not PassPort enabled.
  1. Select Processing configuration > Manage deployment server to open the Manage deployment server page.
  2. On this page, click the link Change default deployment server credentials.
  3. Set the following properties to match those of the PassPort user who has all privileges for the integration engine (Integrator) component:
    • Domain – (example default value) Synchrony
    • Username – (example value) admin
    • Password – (example default value) Secret01
  4. Click Save changes.

You can now use the B2Bi user interface. Future user management will be done from PassPort.

Related Links