Installing Trend Micro Deep Security solution in RHEL 8 with Oracle DB in Oracle linux 8.5, Part-2

Md. Mahim Bin Firoj
5 min readJan 22, 2024

In this blog, we will install the deep security manager on rhel 8 with oracle db 19c.

Part-1:

https://mahim-firoj.medium.com/installing-trend-micro-deep-security-manager-solution-in-rhel-8-with-oracle-db-in-oracle-linux-8-5-c775dd0a1eb4

https://help.deepsecurity.trendmicro.com/software.html

From the above link, download the deep security manager latest build for linux.

Give the execute permission and execute the tool.

Click OK
Click Next
This is our oracle db’s ip

In our previous blog, you may see that the ip of db is different than this one. This is because the system was rebooted and the ip got changed.

Please don’t confuse seeing the user as deepsec. We created another db user as deepsec like the same way that we showed you in our previous blog. And provide required permissions which is required by deep security.

The reason why we are seeing the above dialogue box is, our database contains some residual data from our previous installation. During our previous installation of dsm, the vm suddenly shutdown. As a result installation was not completed and that's the reason we are reinstalling the dsm again. Once the dsm starts it’s installation phase, it drops an uninstall script under /opt/dsm/ directory. We ran that script first to uninstall dsm from the rhel 8 server. After that we removed everything from /opt/dsm/ directory manually. And that’s why we are selecting Overwrite the existing database option. This will completely remove the previous installation data from the db.

If you need another dsm node for load balancing or HA and want to use the same database, the above dialogue box will also come in that scenario.

And for fresh installation you would not see the above screen.

Readiness checking
Click Next
Provide Manager IP

It is recommended to set strong password for MasterAdmin user. But for the lab work, we are not following that.

You need to provide proxy server information if your dsm server reach out to internet via proxy. This can also be done from GUI after the installation is done.

In production network, you need to configure this because compliance body will check this. For this lab we are skipping this.

Installing relay

One relay is mandatory so install it.

You should enable this
About to finish
Installation done and we can access the web console of dsm

User MasterAdmin credentials to login.

Dashboard of dsm

In part 3 of this writeup, we have applied the automation of how the oracle 19c database starts the lsnrctl service and ORCLCDB instance automatically after reboots.

https://mahim-firoj.medium.com/installing-trend-micro-deep-security-manager-solution-in-rhel-8-with-oracle-db-in-oracle-linux-8-5-c82e1e0c3795

If the dsm is installed in a network drive and if you find that after rebooting the dsm, you are unable to access the web console then follow below steps.

https://success.trendmicro.com/dcx/s/solution/000283959?language=en_US&sfdcIFrameOrigin=null

Troubleshoot Steps:

Now you may encounter a scenario when after rebooting the deep security manager server, the dsm_s service is running but exited. This is because os start up the service before /opt is mounted. To fix this, follow below steps.

Step 1:

Create a new script /etc/rc.d/init.d/dsm_bootup for DSM startup with the following contents.

#!/bin/sh
# chkconfig: 345 10 90
# description: dsm_bootup

echo "For DSM bootup only"
sleep 100s

## If DSM is not installed on /opt/dsm, please change to the correct installation path
sh /opt/dsm/dsm_s start

Step 2:

Grant an execute permission to the created script with the command below.

chmod +x /etc/rc.d/init.d/dsm_bootup

Step 3:

Add the script to the autoboot list using the following command.

cd /etc/rc.d/init.d
chkconfig --list (To view the lists)
chkconfig --add dsm_bootup (First add it)
chkconfig dsm_bootup on (Then on it)

If you want to delete:
chkconfig dsm_bootup off (First off it)
chkconfig --del dsm_bootup (Then delete it)

Step 4:

And now reboot the system. After the system reboots, then wait 100s to start the dsm_s service. Once the waiting is over, then you should be able to access the web console of deep security manager.

Thanks. That’s completes the 2nd part of the blog. I hope this will help you while installing deep security manager. Please subscribe below.

LinkedIn:

https://www.linkedin.com/in/md-mahimbin-firoj-7b8a5a113/

YouTube:

https://www.youtube.com/@mahimfiroj1802/videos

--

--