Relay Server Installation (X88)

SAP Mobile Secure: SAP Afaria 7 SP5 September 2014 English Relay Server Installation (X88) Building Block Configuration Guide SAP SE Dietmar-Hopp-Allee 16 69190 Walldorf Germany

Copyright 2014 SAP SE or an SAP affiliate company. All rights reserved. No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP SE or an SAP affiliate company. SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP SE (or an SAP affiliate company) in Germany and other countries. Please see http://global.sap.com/corporate-en/legal/copyright/index.epx#trademark for additional trademark information and notices. Some software products marketed by SAP SE and its distributors contain proprietary software components of other software vendors. National product specifications may vary. These materials are provided by SAP SE or an SAP affiliate company for informational purposes only, without representation or warranty of any kind, and SAP SE or its affiliated companies shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP SE or SAP affiliate company products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty. In particular, SAP SE or its affiliated companies have no obligation to pursue any course of business outlined in this document or any related presentation, or to develop or release any functionality mentioned therein. This document, or any related presentation, and SAP SE s or its affiliated companies strategy and possible future developments, products, and/or platform directions and functionality are all subject to change and may be changed by SAP SE or its affiliated companies at any time for any reason without notice. The information in this document is not a commitment, promise, or legal obligation to deliver any material, code, or functionality. All forward-looking statements are subject to various risks and uncertainties that could cause actual results to differ materially from expectations. Readers are cautioned not to place undue reliance on these forward-looking statements, which speak only as of their dates, and they should not be relied upon in making purchasing decisions. SAP SE Page 2 of 32

Icons Icon Meaning Caution Example Note Recommendation Syntax Typographic Conventions Type Style Example text Example text EXAMPLE TEXT Example text EXAMPLE TEXT Example text <Example text> Description Words or characters that appear on the screen. These include field names, screen titles, pushbuttons as well as menu names, paths and options. Cross-references to other documentation. Emphasized words or phrases in body text, titles of graphics and tables. Names of elements in the system. These include report names, program names, transaction codes, table names, and individual key words of a programming language, when surrounded by body text, for example, SELECT and INCLUDE. Screen output. This includes file and directory names and their paths, messages, source code, names of variables and parameters as well as names of installation, upgrade and database tools. Keys on the keyboard, for example, function keys (such as F2) or the ENTER key. Exact user entry. These are words or characters that you enter in the system exactly as they appear in the documentation. Variable user entry. Pointed brackets indicate that you replace these words and characters with appropriate entries. SAP SE Page 3 of 32

Content Relay Server Installation: Configuration Guide... 5 1 Purpose... 5 2 Introduction to Sybase Relay Server... 6 2.1 Sybase Relay Server Farm... 6 2.1.1 Requirements for Sybase Relay Server Farm... 6 3 Solution Options... 7 3.1 Automatic Sybase Relay Server Installation on Windows... 7 3.2 Sybase Relay Server Installation on Windows... 7 3.3 Sybase Relay Server Installation on Linux... 7 4 Automatic Installation of Sybase Relay Server on Windows... 8 4.1 Prepare the Automation Script... 8 4.2 Execute the Sybase Relay Server Installation Script... 20 5 Install Sybase Relay Sever on Windows IIS Web Server... 21 5.1 Download the Sybase Relay Server media... 21 5.2 Install Microsoft IIS Web Server... 21 5.3 Create Sybase Relay Server Directories... 23 5.4 Create Application Pools... 23 5.5 Create Application Directory for Server Application Pool... 24 5.6 Update IIS configuration for Sybase Relay Server... 26 5.7 Install Sybase Relay Service as a Windows Service... 26 6 Install Sybase Relay Sever on Linux Apache Web Server... 27 6.1 Install Apache Web Server... 27 6.2 Deploy the Relay Server Web Extensions... 28 6.3 Configure Apache Web Server... 29 6.4 Update Runtime Environment... 30 6.5 Start the Relay Server... 31 7 Appendix A Troubleshooting... 32 SAP SE Page 4 of 32

Relay Server Installation: Configuration Guide 1 Purpose The purpose of this document is to provide the general installation and configuration steps required to setup the Sybase Relay Server. Audience This document is intended for system administrators and mobility consultants. This document assumes the administrator is familiar with Windows IIS Web Server. Prerequisites The following prerequisites must be met before proceeding: The account being used to install is an administrator account and all rights are assigned accordingly. The passwords for all relevant accounts must be known. The default install drive is C:\. If a custom drive is required, that path should replace any instances of the default path in this document. The following table describes the requirements before implementing this configuration document: Document Prerequisites and Prequalification Checklist for Afaria 7 Quick Guide Description Completion Required this document is provided before the service engagement Completion required Afaria System Configuration (X86) Completion required Afaria Network Configuration (X87) Completion required unless secure communication requirements have already been met SAP SE Page 5 of 32

Project Team and Roles The following table outlines the required project team for the SAP Mobile Secure rapiddeployment solution: Roles Customer Program Executive Customer Project Manager Time required during implementation Must be available at all times Must be available at all times Responsibilities Make executive decisions Oversees the Afaria implementation Customer Afaria Lead Full-time Works with the SAP Afaria Lead to implement the Afaria solution. Customer Network Administrator Must be available at all times Provides networking and security infrastructure assistance SAP Afaria Lead Full-time Works with the Customer Afaria Lead to implement the solution 2 Introduction to Sybase Relay Server A Relay Server operates as a proxy for HTTP and HTTPS sessions between the server and the clients. Using a Relay Server enables you to further secure your enterprise network by moving the session connection point from within your firewall to a location outside of your firewall, to your Demilitarized Zone (DMZ). 2.1 Sybase Relay Server Farm The Relay Server has a built-in component to support and act as a farm when high availability / fault tolerance is required. It is possible to build a Relay Server Farm by adding another Relay Server to the rs.config file. Each Relay Server in the Relay Server Farm must be of the same Operating System type and use the exact same rs.config file. When two or more Relay Servers are in place, a Load Balancer must be placed in front of the Relay Server Farm. The Load Balancer must use session persistence (also known as sticky sessions) for the client connection. The client to the server communication sessions MUST persist with the same server throughout the life cycle of the communication session. 2.1.1 Requirements for Sybase Relay Server Farm The following requirements are for a typical Relay Server Farm: Load Balancer with external DNS name that resolves to the backend Relay Servers Load Balancer configuration requirements: o Sticky Session (Destination address affinity persistence) is required SSL certificate to be installed on both Relay Servers (recommended). Again, it is important that session persistence is in effect for the entire communication session; test the settings of your Load Balancer thoroughly. If LOST LINKS or TIMEOUTS are noted, it is necessary to configure the RSOE on server to connect to each individual Relay Server. This configuration still provides High Availability (HA) and failover at the client connection. Network expertise is recommended when configuring High Availability options, to ensure full functionality, and proper packet handling. SAP SE Page 6 of 32

3 Solution Options This document provides three Sybase Relay Server implementation options. The following are the three procedures and description of the installation types. Depending on your requirements and solution landscape, select one of the following options to begin. 3.1 Automatic Sybase Relay Server Installation on Windows This procedure provides a fast and efficient way to install the Sybase Relay Server. The process includes creating installation scripts and directories for the Sybase Relay Server. To access the Automatic Relay Server Installation procedure quickly, click here. 3.2 Sybase Relay Server Installation on Windows This procedure covers the manual installation of the Sybase Relay Server on Windows IIS Web Server. To quickly access the Automatic Relay Sever Installation procedure, click here. 3.3 Sybase Relay Server Installation on Linux This procedure covers the manual installation of the Sybase Relay Server on the Linux Apache Web Server. To access the Automatic Relay Sever Installation procedure quickly, click here. SAP SE Page 7 of 32

4 Automatic Installation of Sybase Relay Server on Windows The following section covers the automatic installation of the Relay Server on Windows IIS Web Server. In the process, you create a Windows script (.BAT) files specified in the document. The installation script installs Windows IIS Web Server and creates the necessary directories and files for the Sybase Relay Server operation. Prerequisite The Relay Server media is available on the server. The Relay Server files can be found in the SAP Afaria installation media. 4.1 Prepare the Automation Script Use The purpose of this activity is to prepare the Sybase Relay Server installation script. Procedure 1. Logon to the Sybase Relay Server. 2. In the C:\ drive, create a folder call RelayServer. 3. In the C:\RelayServer directory, create a folder call RelayServer. 4. Open Windows Notepad program and paste the following into to text file: :: Windows 2008 R2 RelayServer installscript settingsversion=2011-03-07--1 relayversion=11.0.1.2584 ------------------------------------- :: Setup Modes :: 1 = install IIS + install RelayServer Website + install RelayServer Service :: you can choose 1 if IIS is already installed too! The setup will only add the neccessary Components if they are missing otherwise it will not change your IIS config. :: 2 = install RelayServer Website + RelayServer Service :: 3 = install RelayServer Service + create LogFolder (won't overwrite\delete existing LogFiles if Folder already exists) :: 4 = uninstall RelayServer Website + uninstall RelayServer Service + remove LogFolder and Logfiles :: 5 = uninstall RelayServer Website + uninstall RelayServer Service, but KEEP LogFolder and Logfiles :: 6 = uninstall RelayServer Service, but KEEP LogFolder and Logfiles :: 7 = uninstall RelayServer Service + remove LogFolder and Logfiles :: 8 = load updated rs.config into memory setupmode=1 :: useown website options: :: use 0 for: "Default Website" and Port and create a Application underneath SAP SE Page 8 of 32

:: use 1 for: creating a new Website with DIFFERENT Port than the Default Website useownwebsite=0 :: Values for own Website ownwebsitename=relayserver ownwebsitehttpport=5001 :: Values for Application under Default Website applicationpoolname=relayserver virtualdirectoryname=ias_relay_server :: Values for Service Creation relayserverlogpath=c:\relayserver\logs relayserverlogfilename=rs_log.txt relayserverservicename=relayserver 5. Save the file as settings.ini to C:\RelayServer directory If you are using a different installation drive, locate the settings.ini in <Drive>:\RelayServer and change the relayserverlogpath= to the correct drive. 6. Open Windows Notepad program and paste the following into to text file: @echo off setlocal set setupversion=2011-03-07--1 set author=andreaskuhn FOR /F "tokens=1* delims==" %%A IN ('TYPE settings.ini ^ FIND "setupmode="') DO SET setupmode=%%~b FOR /F "tokens=1* delims==" %%A IN ('TYPE settings.ini ^ FIND "settingsversion="') DO SET settingsversion=%%~b FOR /F "tokens=1* delims==" %%A IN ('TYPE settings.ini ^ FIND "applicationpoolname="') DO SET applicationpoolname=%%~b FOR /F "tokens=1* delims==" %%A IN ('TYPE settings.ini ^ FIND "useownwebsite="') DO SET useownwebsite=%%~b FOR /F "tokens=1* delims==" %%A IN ('TYPE settings.ini ^ FIND "ownwebsitename="') DO SET ownwebsitename=%%~b FOR /F "tokens=1* delims==" %%A IN ('TYPE settings.ini ^ FIND "ownwebsitehttpport="') DO SET ownwebsitehttpport=%%~b FOR /F "tokens=1* delims==" %%A IN ('TYPE settings.ini ^ FIND "virtualdirectoryname="') DO SET virtualdirectoryname=%%~b FOR /F "tokens=1* delims==" %%A IN ('TYPE settings.ini ^ FIND "relayserverlogpath="') DO SET relayserverlogpath=%%~b FOR /F "tokens=1* delims==" %%A IN ('TYPE settings.ini ^ FIND "relayserverlogfilename="') DO SET relayserverlogfilename=%%~b FOR /F "tokens=1* delims==" %%A IN ('TYPE settings.ini ^ FIND "relayserverservicename="') DO SET relayserverservicename=%%~b :: #### MAIN ###################################################### :main echo %date%-%time% #### MAIN SAP SE Page 9 of 32

###################################################### >> echo ---- VARIABLES ---- >> echo settingsversion = %settingsversion% >> echo setupversion = %setupversion% >> echo setupmode = %setupmode% >> echo applicationpoolname = %applicationpoolname% >> echo useownwebsite = %useownwebsite% >> echo ownwebsitename = %ownwebsitename% >> echo ownwebsitehttpport = %ownwebsitehttpport% >> echo virtualdirectoryname = %virtualdirectoryname% >> echo relayserverlogpath = %relayserverlogpath% >> echo relayserverlogfilename = %relayserverlogfilename% >> echo relayserverservicename = %relayserverservicename% >> echo "Windows Version" >> ver >> IF NOT "%settingsversion%" == "%setupversion%" ( echo %date%-%time% setup.cmd version %setupversion% doesn't match setting.ini version %settingsversion% >> goto :end ) echo Setupmode "%setupmode%" will be started now. Do you want to continue? Press ^(y^)es or ^(n^)o and confirm with Enter. set /P continue= IF NOT "%continue%" == "y" ( echo %date%-%time% Setup got cancelled >> goto :end ) echo %date%-%time% starting setupmode%setupmode% >> :: #### setupmode1 ################################################ IF "%setupmode%"=="1" ( echo %date%-%time% 1 = install IIS + install RelayServer Website + install RelayServer Service >> echo %date%-%time% you can choose 1 if IIS is already installed too! The setup will only add the neccessary Components if they are missing otherwise it will not change your IIS config. >> CALL :installiis-routine CALL :installrelaywebsite-routine CALL :installservice-routine goto :end ) SAP SE Page 10 of 32

:: **** setupmode1 END ******************************************** :: #### setupmode2 ################################################ IF "%setupmode%"=="2" ( echo %date%-%time% 2 = install RelayServer Website + RelayServer Service >> CALL :installrelaywebsite-routine CALL :installservice-routine goto :end ) :: **** setupmode2 END ******************************************** :: #### setupmode3 ################################################ IF "%setupmode%"=="3" ( echo %date%-%time% 3 = install RelayServer Service + create LogFolder, won't overwrite or delete existing LogFiles if Folder already exists >> CALL :installservice-routine goto :end ) :: **** setupmode3 END ******************************************** :: #### setupmode4 ################################################ IF "%setupmode%"=="4" ( echo %date%-%time% 4 = uninstall RelayServer Website + uninstall RelayServer Service + remove LogFolder and Logfiles >> CALL :uninstallrelaywebsite-routine CALL :removeservice-and-log-routine goto :end ) :: **** setupmode4 END ******************************************** :: #### setupmode5 ################################################ IF "%setupmode%"=="5" ( echo %date%-%time% 5 = uninstall RelayServer Website + uninstall RelayServer Service, but KEEP LogFolder and Logfiles >> CALL :uninstallrelaywebsite-routine CALL :removeservice-routine SAP SE Page 11 of 32

goto :end ) :: **** setupmode5 END ******************************************** :: #### setupmode6 ############################################### IF "%setupmode%"=="6" ( echo %date%-%time% 6 = uninstall RelayServer Service, but KEEP LogFolder and Logfiles >> CALL :removeservice-routine goto :end ) :: **** setupmode6 END ******************************************** :: #### setupmode7 ################################################ IF "%setupmode%"=="7" ( echo %date%-%time% 7 = uninstall RelayServer Service + remove LogFolder and Logfiles >> CALL :removeservice-and-log-routine goto :end ) :: **** setupmode7 END ******************************************** :: #### setupmode8 ################################################ IF "%setupmode%"=="8" ( echo %date%-%time% 8 = load updated rs.config into memory >> CALL :loadupdatesrsconfig goto :end ) :: **** setupmode8 END ******************************************** echo %date%-%time% %setupmode% is not an accepted value >> goto :end :: **** MAIN END ************************************************** :: # # # # # Subroutines # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # SAP SE Page 12 of 32

:: #### Routine for installing IIS ################################ :installiis-routine echo %date%-%time% #### Routine for installing IIS ################################ >> echo Installing IIS for Relay Server... echo... This will take a couple of seconds... echo... Please wait... echo installing "IIS Web Server ROLE" echo %date%-%time% installing "IIS Web Server ROLE" >> start /w pkgmgr /iu:iis-webserverrole echo installing "Web Server Service" echo %date%-%time% installing "Web Server Service" >> start /w pkgmgr /iu:iis-webserver echo installing "Common HTTP Features" echo %date%-%time% installing "Common HTTP Features" >> start /w pkgmgr /iu:iis-commonhttpfeatures echo installing "Static Content" echo %date%-%time% installing "Static Content" >> start /w pkgmgr /iu:iis-staticcontent echo installing "Default Document" echo %date%-%time% installing "Default Document" >> start /w pkgmgr /iu:iis-defaultdocument echo installing "HTTP Errors" echo %date%-%time% installing "HTTP Errors" >> start /w pkgmgr /iu:iis-httperrors echo installing "ISAPI Extensions" echo %date%-%time% installing "ISAPI Extensions" >> start /w pkgmgr /iu:iis-isapiextensions echo installing "HTTP Logging" echo %date%-%time% installing "HTTP Logging" >> start /w pkgmgr /iu:iis-httplogging echo installing "Request Monitor" echo %date%-%time% installing "Request Monitor" >> start /w pkgmgr /iu:iis-requestmonitor echo installing "Request Filtering" echo %date%-%time% installing "Request Filtering" >> start /w pkgmgr /iu:iis-requestfiltering echo installing "Static Content Compression" echo %date%-%time% installing "Static Content Compression" >> start /w pkgmgr /iu:iis-httpcompressionstatic echo installing "IIS Management Console" echo %date%-%time% installing "IIS Management Console" >> start /w pkgmgr /iu:iis-managementconsole echo installing "IIS Management Scripts and Tools" echo %date%-%time% installing "IIS Management Scripts and Tools" >> start /w pkgmgr /iu:iis-managementscriptingtools echo installing "IIS 6 Management Compatibility" echo %date%-%time% installing "IIS 6 Management Compatibility" >> start /w pkgmgr /iu:iis-iis6managementcompatibility SAP SE Page 13 of 32

echo installing "IIS 6 Metabase Compatibility" echo %date%-%time% installing "IIS 6 Metabase Compatibility" >> start /w pkgmgr /iu:iis-metabase echo installing "IIS 6 WMI Compatibility" echo %date%-%time% installing "IIS 6 WMI Compatibility" >> start /w pkgmgr /iu:iis-wmicompatibility echo installing "IIS 6 Scripting Tools" echo %date%-%time% installing "IIS 6 Scripting Tools" >> start /w pkgmgr /iu:iis-legacyscripts echo installing "IIS 6 Management Console" echo %date%-%time% installing "IIS 6 Management Console" >> start /w pkgmgr /iu:iis-legacysnapin echo Installing IIS modules complete! echo %date%-%time% **** Routine for installing IIS END ***************************** >> goto :eof :: **** Routine for installing IIS END ***************************** :: #### Routine for installing relay server website ################ :installrelaywebsite-routine echo %date%-%time% #### Routine for installing relay server website ################ >> IF "%useownwebsite%"=="1" CALL :ownwebsite-routine IF "%useownwebsite%"=="0" CALL :defaultwebsite-routine echo %date%-%time% **** Routine for installing relay server website END ************ >> goto :eof :: ---- Routine for own website ---- :ownwebsite-routine echo %date%-%time% ---- Routine for own website ---- >> %windir%\system32\inetsrv\appcmd.exe add apppool /name:%applicationpoolname% /queuelength:"65535" /managedruntimeversion:v2.0 /managedpipelinemode:integrated /processmodel.idletimeout:0.00:00:00 /processmodel.pingingenabled:false /processmodel.pinginterval:0.00:00:30 /processmodel.pingresponsetime:0.00:01:30 /processmodel.identitytype:applicationpoolidentity SAP SE Page 14 of 32

/processmodel.maxprocesses:20 /recycling.periodicrestart.time:00:00:00 /recycling.disallowoverlappingrotation:true /failure.rapidfailprotection:false /cpu.resetinterval:"00:00:00" >> %windir%\system32\inetsrv\appcmd.exe add site /name:"%ownwebsitename%" /physicalpath:c:\inetpub\wwwroot /bindings:http/*:%ownwebsitehttpport%: >> %windir%\system32\inetsrv\appcmd.exe add app /site.name:"%ownwebsitename%" /applicationpool:"%applicationpoolname%" /path:/%virtualdirectoryname% /physicalpath:"%cd%\relayserver\ias_relay_server" >> %windir%\system32\inetsrv\appcmd.exe set config - section:system.webserver/security/isapicgirestriction /+"[path='%cd%\relayserver\ias_relay_server\server\rs_server.dll', allowed='true',description='%ownwebsitename% server.dll']" /+"[path='%cd%\relayserver\ias_relay_server\client\rs_client.dll', allowed='true',description='%ownwebsitename% client.dll']" >> %windir%\system32\inetsrv\appcmd.exe set config "%ownwebsitename%/%virtualdirectoryname%" /section:requestfiltering /requestlimits.maxallowedcontentlength:2147483647 /requestlimits.maxquerystring:65536 >> %windir%\system32\inetsrv\appcmd.exe set config "%ownwebsitename%/%virtualdirectoryname%" /section:handlers /accesspolicy:script,execute /commit:apphost >> %windir%\system32\inetsrv\appcmd.exe set config "%ownwebsitename%/%virtualdirectoryname%" /section:access /sslflags:none /commit:apphost >> %windir%\system32\inetsrv\appcmd.exe list site "%ownwebsitename%" /text:id > tmpfile set /p websiteid= < tmpfile del tmpfile cscript %SystemDrive%\inetpub\AdminScripts\adsutil.vbs set w3svc/%websiteid%/uploadreadaheadsize 0 >> goto :eof :: ---- Routine for Application under default website ---- :defaultwebsite-routine echo %date%-%time% ---- Routine for virtual dir under default website ---- >> %windir%\system32\inetsrv\appcmd.exe add apppool /name:%applicationpoolname% /queuelength:"65535" /managedruntimeversion:v2.0 /managedpipelinemode:integrated /processmodel.idletimeout:0.00:00:00 /processmodel.pingingenabled:false /processmodel.pinginterval:0.00:00:30 /processmodel.pingresponsetime:0.00:01:30 /processmodel.identitytype:applicationpoolidentity /processmodel.maxprocesses:20 /recycling.periodicrestart.time:00:00:00 /recycling.disallowoverlappingrotation:true /failure.rapidfailprotection:false /cpu.resetinterval:"00:00:00" >> SAP SE Page 15 of 32

%windir%\system32\inetsrv\appcmd.exe add app /site.name:"default Web Site" /applicationpool:"relayserver" /path:/%virtualdirectoryname% /physicalpath:"%cd%\relayserver\ias_relay_server" >> %windir%\system32\inetsrv\appcmd.exe set config - section:system.webserver/security/isapicgirestriction /+"[path='%cd%\relayserver\ias_relay_server\server\rs_server.dll', allowed='true',description='%ownwebsitename% server.dll']" /+"[path='%cd%\relayserver\ias_relay_server\client\rs_client.dll', allowed='true',description='%ownwebsitename% client.dll']" >> %windir%\system32\inetsrv\appcmd.exe set config "Default Web Site/%virtualdirectoryname%" /section:requestfiltering /requestlimits.maxallowedcontentlength:2147483647 /requestlimits.maxquerystring:65536 >> %windir%\system32\inetsrv\appcmd.exe set config "Default Web Site/%virtualdirectoryname%" /section:handlers /accesspolicy:script,execute /commit:apphost >> %windir%\system32\inetsrv\appcmd.exe set config "Default Web Site/%virtualdirectoryname%" /section:access /sslflags:none /commit:apphost >> cscript %SystemDrive%\inetpub\AdminScripts\adsutil.vbs set w3svc/1/uploadreadaheadsize 0 >> goto :eof :: **** Routine for installing relay server website END ************ :: #### Routine for removing relay server website ################## :uninstallrelaywebsite-routine echo %date%-%time% #### Routine for removing relay server website ################## >> IF "%useownwebsite%"=="1" CALL :delete-ownwebsite-routine IF "%useownwebsite%"=="0" CALL :delete-defaultwebsite-routine echo %date%-%time% **** Routine for removing relay server website END *************** >> goto :eof :: ---- Routine for delete own website ---- :delete-ownwebsite-routine echo %date%-%time% ---- Routine for delete own website ---- >> %windir%\system32\inetsrv\appcmd.exe delete site "%ownwebsitename%" >> %windir%\system32\inetsrv\appcmd.exe delete apppool /apppool.name:"%applicationpoolname%" >> %windir%\system32\inetsrv\appcmd.exe set config - section:system.webserver/security/isapicgirestriction /- "[path='%cd%\relayserver\ias_relay_server\server\rs_server.dll',al lowed='true',description='%ownwebsitename% server.dll']" /- SAP SE Page 16 of 32

"[path='%cd%\relayserver\ias_relay_server\client\rs_client.dll',al lowed='true',description='%ownwebsitename% client.dll']" >> goto :eof :: ---- Routine for delete Application under default website ---- :delete-defaultwebsite-routine echo %date%-%time% ---- Routine for delete application under default website ---- >> %windir%\system32\inetsrv\appcmd.exe delete app /app.name:"default Web Site/%virtualdirectoryname%" >> %windir%\system32\inetsrv\appcmd.exe delete apppool /apppool.name:"%applicationpoolname%" >> %windir%\system32\inetsrv\appcmd.exe set config - section:system.webserver/security/isapicgirestriction /- "[path='%cd%\relayserver\ias_relay_server\server\rs_server.dll',al lowed='true',description='%ownwebsitename% server.dll']" /- "[path='%cd%\relayserver\ias_relay_server\client\rs_client.dll',al lowed='true',description='%ownwebsitename% client.dll']" >> goto :eof :: **** Routine for removing relay server website END *************** :: #### Routine for Installing RelayServer Service ################# :installservice-routine echo %date%-%time% #### Routine for Installing RelayServer Service ################# >> echo Creating Service "%relayserverservicename%" echo %date%-%time% Creating Log Folder "%relayserverlogpath%" >> md %relayserverlogpath% echo %date%-%time% Created Log Folder "%relayserverlogpath%" >> echo %date%-%time% Creating Service "%relayserverservicename%" >> "%cd%\relayserver\ias_relay_server\server\dbsvc.exe" -as -s auto - sn %relayserverservicename% -w %relayserverservicename% "%cd%\relayserver\ias_relay_server\server\rshost.exe" -q -f "%cd%\relayserver\ias_relay_server\server\rs.config" -o "%relayserverlogpath%\%relayserverlogfilename%" echo Service created echo %date%-%time% Service %relayserverservicename% created>> echo. echo. echo. echo. echo. echo. SAP SE Page 17 of 32

echo. echo!!!!!!!!!!!!!!!!!!!!!!!!!!! echo!!!!! ACTION REQUIRED!!!!! echo. echo. echo search for the Service "RelayServer" echo in the right now opened Services Menu echo open the RelayServer Service Properties echo switch to the Tab "Log On" echo change the Log On Account from the Local System Account to an local Administrator account echo save the settings and restart your Server echo. services.msc pause echo %date%-%time% **** Routine for Installing RelayServer Service END ************* >> goto :eof :: **** Routine for Installing RelayServer Service END ************* :: #### Routine for Uninstall RelayServer Service ################## :removeservice-routine echo %date%-%time% #### Routine for Uninstall RelayServer Service ################## >> echo %date%-%time% stopping Service %relayserverservicename% >> net stop %relayserverservicename% echo %date%-%time% Service %relayserverservicename% is stopped >> echo %date%-%time% removing Service %relayserverservicename% >> "%cd%\relayserver\ias_relay_server\server\dbsvc.exe" -d %relayserverservicename% echo %date%-%time% Service %relayserverservicename% is uninstalled >> echo %date%-%time% **** Routine for Uninstall RelayServer Service END ************** >> goto :eof :: **** Routine for Uninstall RelayServer Service END ************** SAP SE Page 18 of 32

:: #### Routine for Uninstall RelayServer Service and remove Log Folder ################################################################ :removeservice-and-log-routine echo %date%-%time% #### Routine for Uninstall RelayServer Service and remove Log Folder ################################################################ >> echo %date%-%time% stopping Service %relayserverservicename% >> net stop %relayserverservicename% echo %date%-%time% Service %relayserverservicename% is stopped >> echo %date%-%time% removing Service %relayserverservicename% >> "%cd%\relayserver\ias_relay_server\server\dbsvc.exe" -d %relayserverservicename% echo %date%-%time% Service %relayserverservicename% is removed >> echo %date%-%time% removing Log folder: %relayserverlogpath% >> rmdir /S /Q %relayserverlogpath% echo %date%-%time% %relayserverlogpath% is removed >> echo %date%-%time% **** Routine for Uninstall RelayServer Service and remove Log Folder END ************************************************************ >> goto :eof :: **** Routine for Uninstall RelayServer Service and remove Log Folder END ************************************************************ :: #### rs.config will be loaded into memory without stopping Relay Service ########################################################## :loadupdatesrsconfig echo %date%-%time% #### rs.config will be loaded into memory without stopping Relay Service ########################################################## >> "%cd%\relayserver\ias_relay_server\server\rshost.exe" -u -qc -f "%cd%\relayserver\ias_relay_server\server\rs.config" echo %date%-%time% **** rs.config will be loaded into memory without stopping Relay Service END ****************************************************** >> goto :eof :: **** rs.config will be loaded into memory without stopping Relay Service END ****************************************************** SAP SE Page 19 of 32

:end echo %date%-%time% **** MAIN END ************************************************** >> endlocal 7. Save the file as setup.cmd in the C:\RelayServer directory. 8. Extract the <Relay Server media>.zip to C:\Relay Server Media. 9. From the C:\Relay Server Media, navigate to <extracted Relay Server media> Windows 64 bit. 10. Copy the ias_relay_server folder and paste it to C:\RelayServer\RelayServer 11. From C:\RelayServer\RelayServer\ias_relay_server\server, locate the rs.config.sample file. 12. Rename the rs.config.sample to rs.config. Result You have prepared the Sybase Relay Server installation script. 4.2 Execute the Sybase Relay Server Installation Script Use The purpose of this activity is to install the Sybase Relay Server by using the installation script. Procedure 1. From the C:\RelayServer folder, locate the setup.cmd 2. Run the setup.cmd as administrator. 3. Enter y in the command prompt to begin the installation. 4. Once the installation is complete, from the Services screen, locate the RelayServer service, right-click, and choose Properties. 5. From the Log On tab, select This account and enter the service user (for example, afariasvc) credentials. 6. Select Apply and OK. 7. Restart the Relay Server. Result You have installed the Sybase Relay Server. SAP SE Page 20 of 32

5 Install Sybase Relay Sever on Windows IIS Web Server This section covers the installation of the Sybase Relay Server on Windows. The process provides step-by-step directions on how to install Windows IIS Web Server and create the necessary directories and files for the Sybase Relay Server operation. 5.1 Download the Sybase Relay Server media Use The purpose of this activity is to download the Sybase Relay Server media. Procedure 1. Logon to the Relay Server. 2. In the C:\ drive, create a folder call Relay Server Media. 3. Logon to http://frontline.sybase.com/support and select to Software Updates. 4. On the Software updates section, from the dropdown menu, select Afaria 7 and choose GO. 5. From the Hot Fixes section, download the latest applicable Relay Server media and save it to C:\Relay Server Media. Result You have downloaded the Sybase Relay Server media. 5.2 Install Microsoft IIS Web Server Use The purpose of this activity is to install the Microsoft IIS Web Server which will be the foundation for the Sybase Relay Server. Procedure 1. Open Server Manager, choose Role, and launch Add Role. 2. On the Before You Begin screen, choose Next. 3. On the Select Server Roles screen, choose Web Server (IIS), choose Next. 4. On the Role Services screen, install the following Role Services: Parameters Value Web Server Service Common HTTP Features Static Content Default Document Directory Browsing HTTP Errors Application Development ISAPI Extensions Health and Diagnostics HTTP Logging SAP SE Page 21 of 32

Request Monitor Security Request Filtering Performance Static Content Compression Management Tool IIS Management Console IIS Management Scripts and Tool IIS 6 Management capability IIS 6 Management Compatibility IIS 6 Metabase Compatibility IIS 6 WMI Compatibility IIS 6 Scripting Tools IIS 6 Management Console 5. Choose Next and Install. Result You have installed the Microsoft IIS Web Server. SAP SE Page 22 of 32

5.3 Create Sybase Relay Server Directories Use The purpose of this activity is to prepare the Windows directory for Sybase Relay Server. This involves copying the most current media into a physical directory. Procedure 1. In the C:\ drive, create a folder call Relay Server. 2. Extract Relay Server media to C:\Relay Server Media. 3. From the C:\Relay Server Media, navigate to <extracted Relay Server media> Windows 64 bit. 4. Copy the ias_relay_server folder and paste it to C:\RelayServer 5. From C:\RelayServer\ias_relay_server\server, locate the rs.config.sample file. 6. Rename the rs.config.sample to rs.config. Result You have created the required directories for the Sybase Relay Server. 5.4 Create Application Pools Use The purpose of this activity is to create the Sybase Relay Server Application Pools in Microsoft IIS Web Server. Procedure 1. Open Server Manager. 2. Expand Roles Web Server (IIS), and choose Internet Information Services (IIS) Manager. 3. From the Connections pane, expand <server name> and select Application Pools. 4. From the Actions pane, choose Add Application Pool and enter the following data: Parameters Name: RelayServer Value.Net Framework Version:.Net Framework v. 2.0.50727 Managed Pipeline Mode Integrated Start pool immediately 5. From the Application Pools pane, select the Relay Server application pool and from the Actions pane, choose Advanced Settings and set the following attributes: General Queue Length: 65535 Value SAP SE Page 23 of 32

CPU Limit Interval (minutes): 0 Value Process Model Identity: Value ApplicationPoolIdentity Idle Time-out (minutes): 0 Maximum Worker Processes 20 Ping Enabled: False Ping Maximum Response Time (seconds) 90 Ping Period (seconds): 30 Rapid-Fail Protection Enable: False Value Recycling Disable Overlapped Recycle: True Value Regular Time Interval (minutes): 0 6. Choose OK to apply settings. Result You have created an Application Pool for the Sybase Relay Server. 5.5 Create Application Directory for Server Application Pool Use The purpose of this activity is to create an alias for the Sybase Relay Server Application Pool. Procedure 1. Go to Server Manager 2. Expand Roles Web Server (IIS) and select Internet Information Services (IIS) Manager. 3. On the Connections pane, expand <server name> and Sites. 4. Right-click Default Website, select Add Application and make the following entries: SAP SE Page 24 of 32

Parameter Alias: Application Pool: Physical Path: Value ias_relay_server RelayServer C:\RelayServer\ias_relay_servr 5. On the Connection Pane, select the alias ias_relay_server. 6. On the /ias_relay_server Home pane, from the IIS section, double-click Request Filtering. 7. On the Actions pane, choose Edit Features Settings and make the following entries: Parameter Maximum allowed content type: 2147483647 Maximum query string bytes: 65536 Value 8. Choose OK. 9. On the Connections pane, choose ias_relay_server, from the /ias_relay_server Home pane, under the IIS section, double-click Handler Mappings. 10. On the Actions pane, choose Edit Features Permissions 11. On the Edit Feature Permissions screen, from Permissions, select the following options: Parameter Read Script Execute Value 12. Choose OK to apply the settings. 13. On the Connections pane, choose ias_relay_server, from the /ias_relay_server Home pane, under the IIS section, double-click SSL Settings. 14. Make sure Require SSL is NOT selected. 15. On the Connections pane, highlight the server and <server> Home pane, from the IIS section, double-click ISAPI and CGI Restrictions. 16. On the Actions pane, choose Add 17. On the Add ISAPI or CGI Restriction dialog box, browse the path of the RS_SERVER.DLL located in C:\RelayServer\ias_relay_server\server. 18. Enter a Description, choose Allow extension path to execute and choose OK. 19. Repeat steps 16 thru 18 for RS_CLIENT.DLL. The RS_CLIENT.DLL file can be found under the C:\RelayServer\ias_relay_server\client. Result You have created an alias for the Sybase Relay Server Application Pool. SAP SE Page 25 of 32

5.6 Update IIS configuration for Sybase Relay Server Use The purpose of this activity is to update the Sybase Relay Server s IIS settings with the Application Pool changes you just made. Procedure 1. Run a command prompt as Administrator. 2. Navigate to the following location C:\inetpub\AdminScripts 3. Enter the command: cscript adsutil.vbs set w3svc/1/uploadreadaheadsize 0 Result The command returns the current value of the uploadreadaheadsize variable. (: Integer 0) 5.7 Install Sybase Relay Service as a Windows Service Use The purpose of this activity is to install the Sybase Relay Server as a Windows service. This allows the Sybase Relay Server s processes to spawn as a service. Procedure 1. Open a command prompt as Administrator. 2. Enter following command : "C:\RelayServer\ias_relay_server\server\dbsvc.exe" -as -s auto -sn RelayServer -w RelayServer "C:\RelayServer\ias_relay_server\server\rshost.exe" -q -f "C:\RelayServer\ias_relay_server\server\rs.config" -o "C:\RelayServer\ias_relay_server\server\rs_log.txt" 3. Open the Windows Services console and find the RelayServer service. 4. Right-click RelayServer service and choose Properties Logon. 5. Select the service user account (local/domain) with local administrator rights and set the password. If the Windows service RelayServer does not start up, this could be due to not having a file call rs.config in the C:\RelayServer\ias_relay_server\server. There is a sample file, rs.config.sample in the directory. Rename the file to rs.config and start the RelayServer Windows service. Result You have finished installing the Relay Server as a Windows service. SAP SE Page 26 of 32

6 Install Sybase Relay Sever on Linux Apache Web Server This section covers the installation of the Relay Server on Linux. This process provides stepby-step instructions on how to install Apache Web Server and create the necessary directories and files for the Relay Server operation. 6.1 Install Apache Web Server Use The purpose of this activity is to install the Apache Web Server. Procedure Log in to the Linux server as the root user and do all of the following: Step 1 Change directory to the root directory 2 Create a directory for the Apache Web Server media cd / Action/Command mkdir apache_2216_media 3 Change directory cd apache_2216_media 4 Download the Apache web server file to the Linux server wget http://archive.apache.org/dist/ht tpd/httpd-2.2.16.tar.gz The Apache Web Server media can be download by any other means. 5 Extract the files tar -xvf httpd-2.2.16.tar.gz 6 Change directory to the extracted file cd httpd-2.2.16 7 Configured the Apache Web Server configuration file./configure --prefix=<apachedirectory> --enable-ssl=shared <apache-directory> default location is /usr/local/apache2 8 Compile the Apache Web Server file make 9 Install the Apache Web Server make install Result You have installed the Apache Web Server. SAP SE Page 27 of 32

6.2 Deploy the Relay Server Web Extensions Use The purpose of this activity is to copy the necessary Sybase Relay Server files to the Apache Web Server directory. Prerequisite The Sybase Relay Server media is available on the server. Procedure Log in to the Linux server as the root user and do all of the following: Step Command 1. Extract the Relay Server media tar xvf <relay_server_media>.tar 2. Copy the shared objects (.so) to Apache Web Server Command: cp./bin<32 or 64>/* /<apache-directory>/modules Command: cp./lib<32 or 64)/* /<apache-directory>/modules Result You have deployed the required Sybase Relay Server files to the Apache Web Server. SAP SE Page 28 of 32

6.3 Configure Apache Web Server Use The purpose of this activity is to configure the Apache Web Server for the Sybase Relay Server settings. Procedure 1. Open the httpd.conf file in a located under <apache-directory>/conf in a text editor. 2. In the Dynamic Shared Object Support section, add the following: # #Dynamic Shared Object (DSO) Support # # Example: #www.sybase.com/ianywhere 8 # LoadModule foo_module modules/mod_foo.so # LoadModule iarelayserver_client_module modules/mod_rs_ap_client.so LoadModule iarelayserver_server_module modules/mod_rs_ap_server.so <LocationMatch /cli/iarelayserver/* > SetHandler iarelayserver-client-handler </LocationMatch> <Location /srv/iarelayserver/* > SetHandler iarelayserver-server-handler RSConfigFile "/<apache-install>/modules/rs.config" </Location> 3. In the Listen section of httpd.conf file, add the following: Result # # Listen: Allows you to bind Apache to specific IP addresses #and/or ports, instead of the default. See also the #<VirtualHost> directive. # # Change this to Listen on specific IP addresses as shown below # to prevent Apache from glomming onto all bound IP addresses. # #Listen 12.34.56.78:80 Listen 80 You have configured the Apache Web Server for the Sybase Relay Server. SAP SE Page 29 of 32

6.4 Update Runtime Environment Use The purpose of this activity is to create a file for the necessary Linux environment variables for Apache Web Server and Relay Server. Procedure Log in to the Linux server as the root user and do all of the following: Step Command export PATH 2 Set the LD_LIBRARY_PATH environment variable 1 Set the PATH environment variable PATH= <apachedirectory>/modules:<apachedirectory>/bin:${path} <apachedirectory>/modules:${ld_library_pa TH} export LD_LIBRARY_PATH 3 Set the TMP environment variable TMP= /tmp export TMP 4 Source the environment to a configuration file source rs_config.sh Result You have finished sourcing the environment for Apache Web Server and Relay Server. SAP SE Page 30 of 32

6.5 Start the Relay Server Use The purpose of this activity is to start the Sybase Relay Server process. Procedure Log in to the Linux server as the root user and do all of the following: Step 1 Run the rs_config.sh script to set the environment 2 To start the Relay Server on Apache, issue the command Command <rs_config.sh_directory>/./rsconfig. sh <apache-dir>/bin/apachectl k start Result You have started the Relay Server on Apache Server. If the RelayServer does not start up, this is due to not having a file call rs.config in the <apache-install-directory>/modules. There is a sample file, rs.config.sample in the directory. Rename the file to rs.config and start Apache Web Server. SAP SE Page 31 of 32

7 Appendix A Troubleshooting This section covers troubleshooting tips and steps related to the installation and configuration of the Sybase Relay Server. 1. Does the version of the rshost.exe and rsoe.exe match? Verify that the rs.config contains the correct parameters and value of the Relay Server(s) and Afaria Landscape 2. If the Relay Server starts as a Window Services, in the rs.config, the start = needs to be set to no. 3. Is the Relay Server name resolvable by the Afaria Server with IP or host name? SAP SE Page 32 of 32