To Install Access Manager 2 (Deployment Example 1: Access Manager 7.0 Load Balancing, Distributed Authentication UI, and Session Failover)

Deployment Example 1: Access Manager 7.0 Load Balancing, Distributed Authentication UI, and Session Failover

To Install Access Manager 2

Before You Begin

You must have a CD image of the Sun Java Enterprise System product mounted on the host computer system where you are installing Access Manger. For information on obtaining and mounting the Sun Java Enterprise System, see 3.2 Downloading and Mounting the Java Enterprise System 2005Q4 Installer in this document.

As a root user, log in to host AccessManager-2.

Unzip the two zip files that comprise the Java Enterprise System installer binaries.

Start the installer with the -nodisplay option.

# cd /mnt/Solaris_sparc 
# ./installer -nodisplay

When prompted, provide the following information:

Welcome to the Sun Java(TM) Enterprise System; 
serious software made simple... 
<Press ENTER to Continue>

Press Enter.

<Press ENTER to display the Software 
License Agreement>

Press Enter.

<-[40%]-[ENTER To Continue]--
[n To Finish]-->n

Enter n.

Have you read, and do you accept, all 
of the terms of the preceding Software 
License Agreement[No] ?

Enter yes.

Please enter a comma separated list 
of languages you would like supported 
with this installation [8]

Enter 8 for “English only.”

The following component products 
are detected on this system. They will 
appear disabled, "* *", in the following 
Component Selection Main Menu...

Press ENTER to continue.

Enter a comma separated list of products 
to install, or press R to 
refresh the list[]:

Enter 3,9, 12 to select Web Server, and Access Manager, and Message Queue.

The Message Queue packages you install now will be used when you implement session failover later in the deployment.

Press"Enter" to Continue or Enter a 
comma separated list of products 
to deselect... [1]

Enter -20 to deselect Directory Server.

Based on product dependencies for your
selections, the installer will install:
[X] 3. Sun Java(TM) System Web Server 6.1 
SP5 2005Q4 (64.61 MB)
[X] 9. Sun Java(TM) System Access Manager 7 
2005Q4 (27.80 MB)
Press "Enter" to Continue...[1]

Press Enter.

[X] 1. Identity Management and 
Policy Services Core
[X] 2. Access Manager Admiistration Console 
[X] 3. Common Domain Services for 
Federation Management
[X] 4. Access Manager SDK

Enter a comma separated list of components to 
install (or D to install all )[D]

Enter D.

[X] 1. Identity Management and Policy Services Core
[X] 2. Access Manager Admiistration Console
[X] 3. Common Domain Services for Federation Management
[X] 4. Access Manager SDK

Press "Enter" to Continue or Enter a comma 
separated list of products to deselect... [1]

Press Enter.

Warnings - Product Dependency Checks 

1. Install Sun Java(TM) System Directory 
Server 5 2005Q4 locally
2. Use Sun Java(TM) System Directory Server 
5 2005Q4 installed on a remote machine 

These products can be installed locally 
or remotely, please choose your option [1]:

Enter 2.

J2SE(TM) Software Development Kit Upgrade Required

1. Automatically update with version on 
installer disk (recommended)

2. Manually upgrade with downloaded version 
from Sun web site: http://java.sun. 
comAfter installation, the link 
/usr/jdk/entsys-j2se refers to the version 
of J2SE SDK that is compatible with 
Java Enterprise System.

Enter 1 or 2 [1]:

Enter 1.

The shared components listed below are 
currently installed. They will be upgraded 
for compatibility with the products you 
chose to install...

Enter 1 to upgrade these shared components 
and 2 to cancel  [1]

Enter 1.

Enter the name of the target 
installation directory for each product: 
Access Manager [/opt] :

Accept the default value.

Web Server[/opt/SUNWwbsvr]:

Accept the default value.

System ready for installation 
Enter 1 to continue [1]

Accept the default value.

1. Configure Now - Selectively override 
defaults or express through 
2. Configure Later - Manually configure following 
installation 
Select Type of Configuration[1]

Enter 1 to configure now.

The following settings apply to all 
installed component products. 
Enter Host Name [AccessManager-2]

Accept the default value.

Enter DNS Domain Name [example.com]

Accept the default value.

Enter IP Address [10.5.82.208]

Accept the default value.

Enter Server admin User ID [admin]

Accept the default value.

Enter Admin User's Password
(Password cannot be less than 
8 characters)

For this example, enter web4dmin.

Confirm Admin User's Password []

Enter the same password again.

Enter System User [root]

Accept the default value.

Enter System Group [root]

Accept the default value.

Web Server: Administration
Enter  Server Admin User ID [admin]

Accept the default value.

Enter Admin User's Password []

For this example, enter web4dmin.

Retype Password []

Enter the same password again.

Enter Host Name [AccessManager-2.example.com]

Accept the default value.

Enter Administration Port [8888]

Accept the default value.

Enter Administration Server User ID [root]

Accept the default value.

Enter System User ID [webservd]

Enter root.

Enter System Group [webservd]

Enter root.

Enter HTTP Port [80]

Enter 1080.

Enter content Root [/opt/SUNWwbsvr/docs]

Accept the default value.

Do you want to automatically start Web 
Server when system re-starts.(Y/N)[N]

Accept the default value.

Access Manager: Administration
Administrator User ID: amAdmin

Accept the default value.

 Administrator Password [] :

For this example, enter 4m4dmin1.

Retype Password [] :

Enter the same password again.

 LDAP User ID: amldapuser

Accept the default value.

LDAP Password [] :

For this example, enter 4mld4puser.

Much later in the deployment, in a subsequent task, you use this password as the Web Policy Agent “shared secret.”

Retype Password [] :

Enter the same password again.

Password Encryption Key
[JSIodCIOSxks3CHISjs4CHYpw0ejfk]:

This password encryption key must be identical to the key that was generated and entered when you installed Access Manager 1. In this deployment example, the string is

EWDwdXCHs3CZkYs1CfqxTkQfKtORCFCS

Install type (Realm/Legacy) Mode 
[Legacy] : realm

Enter Realm.

Access Manager: Web Container 
1. Sun Java System Application Server 
2. Sun Java System Web Server

Select the container to deploy the component 
and hit enter key [2]

Enter 2.

Access Manager: Sun Java System 
Web Server Host Name 
[AccessManager-2.example.com] :

Accept the default value.

Web Server Instance Directory
[/opt/SUNWwbsvr/https-AccessManager-2.example.com]:

Accept the default value.

Web Server Port [1080] :

Accept the default value.

Document Root Directory 
[/opt/SUNWwbsvr/docs] :

Accept the default value.

 Secure Server Instance Port [No] :

Accept the default value.

Host Name [AccessManager-2.example.com] :

Accept the default value.

Services Deployment URI [amserver] :

Accept the default value.

Common Domain Deployment URI [amcommon] :

Accept the default value.

Cookie Domain (Assure it is not a top 
level domain) [.example.com] :

Accept the default value.

Password Deployment URI [ampassword] :

Accept the default value.

Access Manager: Directory Server 
Information 

Directory Server Host [] :

Enter DirectoryServer-2.example.com.

 Directory Server Port [] :

Enter 1389.

This is the port number you entered for the data instance of Directory Server.

Directory Root Suffix 
[dc=example,dc=com] :

Enter o=example.com

Directory Manager DN 
[cn=Directory Manager]: <

Accept the default value.

Directory Manager Password [] :

For this example, enter d1rm4n4ger.

Is Directory Server provisioned with 
user data [No] :

Accept the default value No.

1. Install
2. Start Over
3. Exit Installation
   What would you like to do [1] ?

First, see the next numbered (Optional) step.

When you're ready to install, enter 1 to start the installation.

(Optional) During installation, you can monitor the log to watch for installation errors. Example:

# cd /var/sadm/install/logs

# tail —f Java_Enterprise_System_install.Bxxxxxx

Upon successful installation, enter ! to exit.

Start the Access Manager Web Server.

# cd /opt/SUNWwbsvr/https-AccessManager-2.example.com

# ./stop

# ./start

Add the lowercase host name accessmanager-2.example.com to the Realm alias list.

This eliminates the need to enter the full path to the user's organization each time you want to log in to Access Manager.
1. Go to the following URL:
  
  http://AccessManager-1.example.com:1080/amserver/UI/Login?org=example.com
2. Log in to the Access Manager console using the following information:
  
  Username
  
  amadmin
  
  Password
  
  4m4dmin1
3. On the Access Control tab, under Realms, click the example.com realm name.
4. On the General tab, under Realm Attributes, in the Add field enter the name accessmanager-2.example.com (all lowercase).
5. Click Add, and then click Save.
6. Click “Log Out.”

Verify that Access Manager has been installed successfully.
1. Go to the Access Manager login URL:
  
  http://AccessManager-2.example.com:1080/amserver/console
2. Log in to the Access Manager console using the following information:
  
  Username
  
  amadmin
  
  Password
  
  4m4dmin1
  
  You should be able to log in successfully and to navigate to various areas of the console with no error messages.

Next Steps

Caution –

Do not try to log in to the second Access Manager server because the instance is not fully configured to be used yet. Access Manager 2 is enabled in the following procedure.