Sun Java Communications Suite 5 Installation Guide

Chapter 2 Example Installation Sequences

This chapter provides sequencing guidelines for some common Communications Suite installations.

This chapter contains the following sections:

How to Use This Chapter

The example installation sequences in this chapter are intended to provide high-level guidelines for some common Communications Suite installations. These are not literal procedures, but instead provide the sequential steps required to implement particular deployment scenarios.

The single-session examples describe typical steps for installing one or a number of product components on a single host in a single installation session. The remaining examples describe situations where multiple installation sessions are performed on multiple hosts, for a variety of solutions. For the most part, the sequences in this chapter are based on the relationships among the product components as shown in Sun Java Enterprise System 5 Installation Planning Guide.

At component selection, the installer identifies incompatible versions of components as well as unmet requirements. You receive warning messages that identify the problem and tell you what you need to do. Many of these messages tell you about requirements that are not yet met. Other messages tell you that incompatible versions of some or all of the components you are trying to install are already on the local host. You can use the installer to identify components that are already on your local host. For instructions, refer to When Incompatible Components Are Installed.


Tip –

Installation goes most smoothly if any incompatible versions of Communications Suite components are identified and removed or upgraded before starting the installer.


Table 2–1 Installation Sequence Guidelines

Installation Guideline Topic 

Description 

Sun Cluster software 

If you are using this product component with Sun Cluster software, you must perform a precise series of tasks before installing any product components. Communications Suite components that can be configured for Sun Cluster are Calendar Server, Instant Messaging, and Messaging Server. Several Java ES components can also be configured for Sun Cluster. See the Sun Java Enterprise System 5 Installation Guide for UNIX for instructions. Also, refer to Sun Cluster Software Example to see Sun Cluster guidelines.

Monitoring 

Monitoring Console cannot be run on the same host as Communications Suite or Java ES product components that it monitors. Therefore, it should be installed on another host in a separate installation session. See the Sun Java Enterprise System 5 Installation Guide for UNIX for information on installing Monitoring Console.

Installation-time configuration 

The following components can be installed in a Configure Now installation, but configuration cannot be done during installation: Sun Cluster components and Communications Suite components. 

Upgrading 

You might receive messages asking you to remove or upgrade product components that are already on the host. For some components (Application Server, Message Queue, and HADB), you can return to the beginning of installation and choose to Upgrade Existing Software. After you have upgraded, you can then start the installation.  

For full instructions on upgrading Communications Suite components without using the installer, see the Sun Java Communications Suite 5 Upgrade Guide, for Java ES components, refer to Sun Java Enterprise System 2006Q3 Upgrade Guide

Solaris 10 zones 

In a Solaris 10 zones environment, shared components must be installed separately in the global zone before installing into a local zone. 

Message Queue can only be installed in the global zone, after which it is propagated to all non-global zones. 

Remote component 

If you are using a remote product component to fulfill dependencies, the remote product component must be installed and running before installing any product components that depend on it. 

Third-party component 

If you are using a third-party product, such as a WebLogic web container, the third-party product component must be installed and running before installing any Communications Suite product components that depend on it. 

Access Manager modes 

You must use Access Manager Legacy (6.x) installation type if you are installing Access Manager with Communications Suite product components. Access Manager Realm (7.x) installation type cannot be used with Communications Suite. 

LDAP Schema 1 

The Calendar-Messaging Schema 1 Example is the only example based on LDAP Schema 1. All other examples in this chapter are based on Schema 2. See: Understanding Schema Choices in Sun Java Communications Suite 5 Deployment Planning Guide for more information.

Single-Session Installation Examples

The following examples apply to installing on a single host in a single session:

Evaluation Example

An evaluation installation is generally considered a trial deployment, that is, a quick installation to see how things go. This example uses the graphical interface and the Configure Now type When you are presented with configuration pages, you accept defaults wherever possible.

This example installs all the Communications Suite and Java ES product components except Sun Cluster software on a single host in a single installation session. Because Web Server is used as the web container, Application Server is not installed.

ProcedureTo Develop a Sequence for Evaluation

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Starting the graphical installer

    Use either the graphical or text-based installer.

  4. At component selection, choosing Select All, then deselecting the Application Server and Sun Cluster software product components

    The installer verifies software on your host and provides guidance if incompatibilities are identified.

  5. Verifying installation directories

  6. Selecting the Configure Now type

    Messages indicate which product components cannot be configured during installation.

  7. Accepting configuration defaults when they are offered

    If you want to use non-default information, review the appropriate configuration tables in Chapter 3, Configuration Information, in Sun Java Enterprise System 5 Installation Reference for UNIX.

  8. Viewing the Installation Summary and Log

  9. Completing post-install configuration

    Chapter 6, Completing Communications Suite Postinstallation Configuration contains instructions for post-install configuration.

  10. Starting the product components

    Verifying After Post-Installation Configuration contains the preferred Communications Suite startup sequence. Startup procedures follow the table.

Instant Messaging Only Example

This example describes installation of only Instant Messaging in a single session. It is not uncommon for Instant Messaging to be installed in a separate installation session after other product components have been installed and configured.


Note –

If you are using single sign-on or Access Manager managed policies, Access Manager is required. For guidelines, refer to Instant Messaging and Access Manager Example.


Sequence Issues

If you are deploying other product components with Instant Messaging, the other product components must be configured before configuring Instant Messaging. Communications Suite product components that are commonly used with Instant Messaging include Messaging Server, Calendar Server, and Portal Server (with Access Manager).


Note –

Portal Server installation is not documented in this guide. See the Sun Java Enterprise System 5 Installation Guide for UNIX for information on Portal Server.


ProcedureTo Develop a Sequence for Instant Messaging

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Running the installer

  4. At component selection, choosing Instant Messaging

    Directory Server and Directory Preparation Tool are automatically selected. If you do not select a web container, you will be prompted to select either Web Server or Application Server to fulfill the Instant Messaging requirement for a local web container.

  5. Resolving incompatibilities

    The installer verifies software on your host and provides guidance if incompatibilities are identified.

  6. Verifying installation directories

  7. Selecting the Configure Later type

    Instant Messaging cannot be configured during installation.

  8. Running the installation

  9. Viewing the Installation Summary and Log

  10. Completing post-install configuration

    Configuring Instant Messaging After a Configure Later Installation

  11. Starting Instant Messaging (after starting any other product components that Instant Messaging might depend on)

    Starting and Stopping Instant Messaging Server and Multiplexor

    The following table contains additional Instant Messaging information.

    Task 

    Relevant Information 

    Postinstallation configuration 

    Configuring Instant Messaging After a Configure Later Installation

    Starting and stopping 

    Starting and Stopping Instant Messaging Server and Multiplexor

    Uninstalling 

    Instant Messaging Uninstallation Behavior

    Troubleshooting 

    Instant Messaging Troubleshooting Tips

    Upgrading 

    Sun Java Communications Suite 5 Upgrade Guide

    Deployment scenarios 

    Sun Java Communications Suite 5 Deployment Planning Guide

Solaris 10 Zones

This section contains a brief description of Solaris 10 zones support for the current release of Communications Suite. An installation sequence example is included. The following topics are addressed in this section:

Overview of Solaris Zones

The Solaris 10 zones (also known as Solaris containers) feature provides a means of creating virtualized operating system environments within an instance of Solaris OS. This allows one or more processes to run in isolation from other activities on the host. For example, a process running in a zone will only be able to send signals to other processes in the same zone, regardless of user ID and other credential information.

Every Solaris 10 host contains a single global zone. The global zone is both the default zone for the host and the zone used for system-wide administrative control. All processes run in the global zone if no non-global zones are created by the global administrator. Some product components, such as Sun Cluster software can only be installed in the global zone. A non-global zone can be thought of as a box. One or more applications can run in this box without interacting with the rest of the host. Each non-global zone has what appears to be its own instance of an installed Solaris 10 operating system with configuration and other information unique to that non-global zone. The default configuration for a non-global zone is to share portions of its file system with the global zone. Propagation provides non-global visibility and availability to packages that are installed in the global zone.

There are two types of non-global zones supported: whole root zone and sparse root zone. A whole root zone contains a read/write copy of the file system that exists in the global zone. When a whole root non-global zone is created, all packages that are installed on the global zone are made available to the whole root zone. A package database is created and all packages are copied onto the non-global zone, creating a dedicated and independent copy of all files.

A sparse root zone contains a read/write copy of only a portion of the file system existing on the global zone, while other file systems are mounted read-only from the global zone as loopback virtual file systems. The global administrator selects which file systems to share with a sparse root zone at the time the sparse root zone is created. Regardless of zone type, when a package is added to the global zone it is, by default, propagated to all non-global zones. In other words, the package is installed in the global zone as well as all non-global zones. This propagation behavior can optionally be suppressed when the package is added, thus restricting the package to the global zone only.

For your zones deployment to succeed, it is crucial that you plan the tasks and sequence of those tasks very carefully. Communications Suite components can potentially be installed in any of three types of zones in an almost unlimited set of combinations, and in almost any order. In some cases, the order in which Communications Suite product components are installed, and the order in which non-local zones are created, can be very important. For a full description of planning for using Communications Suite in a Solaris zones environment, refer to the Sun Java Enterprise System 5 Installation Planning Guide.

Zones Support for This Release of Communications Suite

The following list describes the level of zones support for this release of Communications Suite:

  1. Both whole root zones and sparse root zones are supported.

  2. Communications Suite can be installed in the global zone when non-global zones already exist.

  3. Non-global zones can be created after Communications Suite is installed in the global zone.

  4. Communications Suite can be installed in the global zone even when Communications Suite has already been installed in the whole root non-global zone. Also, Communications Suite can be installed in a whole root non-global zone even if another Communications Suite installation is already installed in the global zone.

  5. All shared components in a zone must be from the same release of Communications Suite. Shared components are automatically synchronized to match the most recent Communications Suite release.

  6. Whole root and sparse root deployments of Communications Suite should not be mixed on a single computer.

  7. Communications Suite can be installed into non-global sparse root zones with the following exceptions:

    • Sun Cluster software, Sun Cluster Geographic Edition, and Sun Cluster Agents can only be installed in the global zone.

    • Message Queue can only be installed or upgraded in the global zone, or in a whole root non-global zone.

    • Before Application Server can be installed into the non-global sparse root zone, any version of Application Server that is bundled with the operating system must be removed from the global zone.

    • The installer does not install shared components or Message Queue into sparse zones. If you attempt to do this, installation halts and you receive a message telling you that shared components and Message Queue must bed installed in the global zone.

  8. The installer controls propagation of the packages it installs in the global zone:

    • Shared components always propagate.

    • Message Queue always propagates.

    • All other product components never propagate.

  9. The Sun Java Web Console shared component can only be upgraded in the global zone.

Solaris 10 Whole Root Zones Example

This is an example of installing Communications Suite software in a Solaris 10 whole root non-global zone.

ProcedureTo Develop a Sequence for Solaris 10 Zones (Whole Root)

The following high-level tasks are required:

  1. Verifying that Solaris 10 is installed on your host

    The global zone is automatically created.

  2. Verifying that all the non-global zones specified in your implementation plan have been created by the global zone administrator as “whole root” zones

    For information on creating non-global zones, refer to Chapter 18, Planning and Configuring Non-Global Zones (Tasks), in System Administration Guide: Solaris Containers-Resource Management and Solaris Zones.

  3. Starting the installer in the global zone, and selecting only shared components at component selection.

    Select only Shared Components at component selection; no other components should be selected. When shared component installation is complete, the shared component are in the global zone and are also propagated to all non-global zones.


    Note –

    Shared components can be installed into a whole root local zone with the exception of Sun Java Web Console. If the installer detects a bundled version of Sun Java Web Console, you cannot proceed until Sun Java Web Console is removed or upgraded from the global zone.


  4. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  5. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  6. Starting the installer in the desired non-global zone

  7. At component selection, choosing the components you want

    Some components cannot be installed in a non-global zone because they require access to global zone capabilities. These components are unavailable at component selection.

  8. Running the installation

  9. Viewing the Installation Summary and Log

  10. Completing postinstallation configuration as needed

    Chapter 6, Completing Communications Suite Postinstallation Configuration provides post-installation configuration instructions.

  11. Starting product components

    Chapter 7, Verifying Installed Product Components provides procedures for starting and stopping the product components.

  12. Repeating this process in additional non-global zones as needed

Solaris 10 Sparse Root Zones Example

This is an example of installing Communications Suite software in a Solaris 10 sparse root non-global zone.

ProcedureTo Develop a Sequence For Solaris 10 Zones (Sparse Root)

  1. Verifying that Solaris 10 is installed on your host

    The global zone is automatically created.

  2. Verifying that all the non-global zones specified in your implementation plan have been created by the global zone administrator as “sparse root” zones

    For information on creating non-global zones, refer to Chapter 18, Planning and Configuring Non-Global Zones (Tasks), in System Administration Guide: Solaris Containers-Resource Management and Solaris Zones.

  3. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  4. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  5. Starting the installer in the global zone, and selecting only shared components at component selection.

    Select only Shared Components at component selection; no other components should be selected. When shared component installation is complete, the shared component are in the global zone and are also propagated to all non-global zones.

  6. If Message Queue is being used, upgrading Message Queue in the global zone

    Message Queue comes bundled with Solaris 10 and an incompatible version must be upgraded or removed. After upgrade, Message Queue is in the global zone and is also propagated to the non-global zones.

  7. If Application Server is being used, Application Server must be removed.

    Application Server comes bundled in Solaris 10 and must be removed from the global zone. Use the pkginfo —I | grep —I “application server” command to list the Application Server packages that are on the host. After removing the Application Server packages, Application Server can be installed with the other product components in the non-global zone.

  8. Starting the installer in the desired non-global zone

  9. At component selection, choosing the components you want

    Some components cannot be installed in a non-global zone because they require access to global zone capabilities. These components are unavailable at component selection.

  10. Running the installation

  11. Viewing the Installation Summary and Log

  12. Completing postinstallation configuration as needed

    Chapter 6, Completing Communications Suite Postinstallation Configuration provides post-installation configuration instructions.

  13. Starting product components

    Chapter 7, Verifying Installed Product Components provides procedures for starting and stopping the product components.

  14. Repeating this process in additional non-global zones as needed

Sun Cluster Software Example

Communications Suite product components that can be configured to run in a cluster instead of on a single server include Calendar Server, Messaging Server, and Instant Messaging.

This example installs Messaging Server in a Sun Cluster framework.

Before you install or configure Sun Cluster software, ensure that the combination of hardware and software that you choose for your cluster is currently a supported Sun Cluster configuration. For guidelines on implementing Sun Cluster software within a Communications Suite environment, refer to Chapter 2, Installing Software on the Cluster, in Sun Cluster Software Installation Guide for Solaris OS and also see Sun Cluster 3.1 8/05 With Sun Java Enterprise System 5 Special Instructions.

Requirements and Sequencing Issues

Messaging Server requires Directory Server, but not necessarily a local copy. You will need the Sun Cluster Core component as well as the Sun Cluster Agents for Directory Server and Messaging Server. If a remote Directory Server is used, then the Sun Cluster Agent for Directory Server is not required.

Installing, configuring, and starting the product components in the correct order is crucial for a successful Sun Cluster implementation.

  1. Installing the Sun Cluster product component

  2. Configuring the Sun Cluster framework

  3. Installing the additional product components that are required for Messaging Server to operate in the cluster

  4. Configuring the Sun Cluster data services using the agents for the relevant product components

At least two installation sessions are performed on each node in the cluster.

Phase I. Installing and Configuring the Sun Cluster Framework

The following tasks must be performed on all nodes in the cluster.

ProcedureTo Develop a Sequence for the Sun Cluster Framework

  1. Verifying that the hardware is connected correctly for the cluster

  2. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  3. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  4. Running the installer

    On Solaris 10, Sun Cluster software can only be installed in the global zone.

  5. At component selection, choosing only the Sun Cluster product component


    Tip –

    During a Configure Now installation (usually where you have chosen to install all product components), you are prompted whether to enable support for remote Sun Cluster configuration. If you select Yes, postinstallation configuration for Sun Cluster software will be easier.


  6. Selecting the Configure Later type

  7. If needed, manually installing the Sun Cluster support for additional features: RSMAPI (SUNWscrif), SCI-PCI adapters (SUNWsci), RSMRDT drivers (SUNWscrdt)

    Refer to the Sun Cluster Software Installation Guide for Solaris OS for further information.

  8. Following the instructions to configure the Sun Cluster Framework for each host in the cluster

    Follow instructions in Chapter 2, Installing Software on the Cluster, in Sun Cluster Software Installation Guide for Solaris OS. When the Sun Cluster documentation refers to a Sun Cluster CD-ROM, substitute the name of the equivalent Communications Suite CD-ROM.

    For documentation on creating resource groups and configuring data services, refer to the Sun Cluster Data Services Planning and Administration Guide for Solaris OS.

Phase II. Installing and Configuring Product Components and Agents

The following tasks must be performed on all nodes in the cluster.

ProcedureTo Develop a Sequence for Configuring Product Components and Agents

  1. Running the installer

  2. At component selection, choosing the following:

    1. Messaging Server

      Directory Server and the Directory Preparation Tool are automatically selected.

      (Optional) If you are using a remote copy of Directory Server, deselect Directory Server and specify a remote copy when prompted.

    2. Sun Cluster Agents for Sun JavaTM System

      All agents are selected by default.

    3. Expanding the Sun Cluster Agents for Sun Java System product component and deselecting all agents except Directory Server and Messaging Server

  3. Resolving incompatibilities

    The installer verifies software on your node and provides guidance if incompatibilities are identified.

  4. Verifying installation directories

  5. Selecting the Configure Now or Configure Later type

    Messaging Server and Sun Cluster Agents cannot be configured during installation.

  6. Configuring all the selected product components except Sun Cluster Agents

  7. Starting all the product components except Sun Cluster Agents, in this order:

    1. Starting and Stopping Directory Server

    2. Starting and Stopping Messaging Server

  8. Configuring the data services for the product components you have installed and configured

    Sun Cluster Data Services Configuration

    The following table contains additional Sun Cluster information.

    Task 

    Relevant Information 

    Postinstallation configuration information 

    Phase I. Sun Cluster Framework

    Sun Cluster Data Services Configuration

    Starting and stopping 

    Stopping and Rebooting Sun Cluster Software

    Uninstalling 

    Sun Cluster Software and Sun Cluster Geographic Edition Uninstallation Behavior

    Upgrading 

    Sun Java Enterprise System 2006Q3 Upgrade Guide

Access Manager SDK With Container Configuration Example

This example installs Access Manager SDK, using a copy of Access Manager that is already installed on a remote host.


Note –

To use this sequence example, also refer to known issue 6293225 in the Sun Java Enterprise System 5 Release Notes for UNIX.


Requirements

Before you install Access Manager SDK, the Access Manager core services must be installed and running on a remote host. The web container information and Directory Server configuration information that you provide in this installation example must match the web container and Directory Server configuration information that you provided during installation of Access Manager core services.


Note –

When the installer asks for information about the remote web container and Directory Server, default values are displayed based on the local host.

Do not accept the default values; use them only as examples of format. Instead, you must supply the correct information for the remote host.


The installer does not allow you to configure the web container when you are installing only the Access Manager SDK.

ProcedureTo Develop a Sequence for Host A

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Installing and starting Access Manager core services

    Identity Management Example

ProcedureTo Develop a Sequence for Host B

The following high-level tasks are required:

  1. Checking the installation sequence guidelines.

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites.

    Check to see what tasks you might need to perform for this installation before starting.

  3. Running the installer.

  4. At component selection, choosing Access Manager SDK.

  5. Resolving incompatibilities.

    The installer verifies software on your host and provides guidance if incompatibilities are identified.

  6. Selecting the Configure Later type.

  7. Running the installation.

  8. Viewing the Installation Summary and Log.

  9. Verifying that your web container is installed and running.

  10. Editing the amsamplesilent file.

    1. Make a copy the amsamplesilent file.

      Solaris: AccessManager-base/SUNWam/bin

      Linux: /opt/sun/identity/bin

    2. By default, many settings are commented out in the amsamplesilent file. Uncomment only the following settings:

      • SERVER_NAME

      • SERVER_HOST

      • SERVER_PORT

      • ADMIN_PORT

      • DS_HOST

      • DS_DIRMGRPASSWD

      • ROOT_SUFFIX

      • ADMINPASSWD

      • AMLDAPUSERPASSWD

      • COOKIE_DOMAIN

      • AM_ENC_PWD

      • NEW_OWNER

      • NEW_GROUP

      • PAM_SERVICE_NAME

      • WEB_CONTAINER

    3. Modify only the following parameters in the amsamplesilent file:

      • DEPLOY_LEVEL should be set to 4.

      • SERVER_HOST and SERVER_PORT should be set to the host and port of the full server which will be used by Access Manager SDK.

      • DS_HOST, DS_DIRMGRPASSWD, and ROOT_SUFFIX should be set to the hostname, directory manager password, and root suffix of the Host A Directory Server.

      • ADMINPASSWD and AMLDAPUSERPASSWD should be set to the amadmin and amldapuser passwords used on Host A.

      • AM_ENC_PWD should be set to the password encryption key used on Host A. For the Access Manager SDK, use the same encryption key for AM_ENC_PWD as the encryption key specified during the remote installation of Access Manager on Host B. Use one of the following commands to obtain this value:

        Solaris: grep pwd /etc/opt/SUNWam/config/AMConfig.properties

        Linux: grep pwd /etc/opt/sun/identity/config/AMConfig.properties

      • WEB_CONTAINER should be set to the corresponding value for the web container being used.

      • BASEDIR should be set to the install directory used during the Configure Later installation of Access Manager SDK.

      • AM_REALM should be set to Enabled if realm mode is used on Host A, and Disabled if legacy mode is used on Host A.

      • Find the settings corresponding to the web container that will be used for the SDK and modify these settings with the details of the web container. For example, if WEB_CONTAINER is set to WS (Sun Java System Web Server), then you should modify the settings which are prefixed by WS_ (WS_INSTANCE , WS_HOME, WS_PROTOCOL and so on.)

  11. As root, use the edited amsamplesilent file to deploy Access Manager.

    ./ amconfig -s ./am.sdk_install

  12. Restarting your web container

Calendar Server and Messaging Server Example

This example installs Calendar Server and Messaging Server in a 3-host Schema 2 environment. Remote copies of Access Manager and Directory Server are used.


Note –

For a Schema 1 example, refer to Calendar-Messaging Schema 1 Example.


Requirements and Sequence Issues

Access Manager is required if you are implementing single sign-on or Access Manager managed policies. In this case, either Access Manager or a local copy of the Access Manager SDK is required. Access Manager SDK requires Access Manager, but not necessarily a local copy. Calendar Server and Messaging Server both require Directory Server, but not necessarily a local copy.

In this example, remote copies of Directory Server and Access Manager are used. Access Manager requires a local web container.

ProcedureTo Develop a Sequence for Host A

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Installing and starting Directory Server

  4. Running the Directory Preparation Tool.

ProcedureTo Develop a Sequence for Host B

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Installing and starting the web container and Access Manager (deselecting Directory Server)

    Identity Management Example

ProcedureTo Develop a Sequence for Host C

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Running the installer

  4. At component selection, selecting Calendar Server, Messaging Server, and Access Manager SDK

    Directory Server and Directory Preparation Tool are automatically selected.

  5. Deselecting Directory Server and specifying a remote copy when prompted

  6. Resolving incompatibilities

    The installer verifies software on your host and provides guidance if incompatibilities are identified.

  7. Verifying installation directories

  8. Selecting the Configure Now type

    Calendar Server and Messaging Server cannot be configured during installation.

    Configuration pages are displayed for the local product components that can be configured during installation. Do not accept defaults for product components that are remote; use the remote information. Gather your configuration information from the tables in Chapter 3, Configuration Information, in Sun Java Enterprise System 5 Installation Reference for UNIX.

  9. Running the installation

  10. Viewing the Installation Summary and Log

  11. Completing post-install configuration, including specifying remote product components

  12. Starting the product components in this order:

    1. Starting and Stopping Messaging Server

    2. Starting and Stopping Calendar Server

      The following table contains additional Calendar Server information.

      Task 

      Relevant Information 

      Postinstallation configuration 

      Calendar Server Postinstallation Configuration

      Starting and stopping 

      Starting and Stopping Calendar Server

      Uninstalling 

      Calendar Server Uninstallation Behavior

      Troubleshooting 

      Calendar Server Troubleshooting Tips

      Upgrading 

      Sun Java Communications Suite 5 Upgrade Guide

      The following table contains additional Messaging Server information.

      Task 

      Relevant Information 

      Postinstallation configuration 

      Messaging Server Postinstallation Configuration

      Starting and stopping 

      Starting and Stopping Messaging Server

      Uninstalling 

      Messaging Server Post-uninstallation

      Messaging Server Uninstallation Behavior

      Troubleshooting 

      Messaging Server Troubleshooting Tips

      Upgrading 

      Sun Java Communications Suite 5 Upgrade Guide

Calendar-Messaging Schema 1 Example

This example installs Calendar Server and Messaging Server in an LDAP Schema 1 environment on two hosts. A remote version of Directory Server is used.

Requirements

Both Calendar Server and Messaging Server require Directory Server, but not necessarily a local copy.

ProcedureTo Develop a Sequence for Host A

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Installing Directory Server and Directory Preparation Tool

  4. Running Directory Preparation Tool.

  5. Start Directory Server.

ProcedureTo Develop a Sequence for Host B

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Running the installer.

  4. At component selection, choosing Calendar Server and Messaging Server

    Directory Server and the Directory Preparation Tool are automatically selected.

  5. Deselecting Directory Server

    When you are prompted to choose a local or remote Directory Server, choose remote (the Directory Server that is already installed and running on Host A).

  6. Resolving incompatibilities

    The installer verifies software on your host and provides guidance if incompatibilities are identified.

  7. Selecting the Configure Now type

    You will receive a message that Calendar Server and Messaging Server cannot be configured during installation.

  8. Running the installation

  9. Viewing the Installation Summary and Log

  10. Completing any post-install configuration:

  11. Starting the product components in this order:

    1. Starting and Stopping Messaging Server

    2. Starting and Stopping Calendar Server

Communications Express and Messaging Server Example

This example installs Communications Express for messaging services in a 2-host Schema 2 environment. A remote copy of Directory Server is used.

Requirements and Sequence Issues

Communications Express requires either Access Manager or the Access Manager SDK for Schema 2. A local copy of Access Manager SDK is always required, but you can use a remote copy of Access Manager. Directory Server is required for Access Manager and Communications Express, but Directory Server does not need to be on the local host. Communications Express requires a local web container which can be either Application Server or Web Server.

To use messaging services, Communications Express requires Messaging Server, but Messaging Server does not need to be on the local host. To use calendar services, Communications Express requires Calendar Server, but Calendar Server does not need to be on the local host. This example uses messaging services.

ProcedureTo Develop a Sequence for Host A

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Installing and starting Directory Server

ProcedureTo Develop a Sequence for Host B

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Running the installer

  4. At component selection, choosing Communications Express, Access Manager, Messaging Server, and Web Server

    Directory Server and the Directory Preparation Tool are automatically selected.

  5. Deselecting Directory Server

    When you are prompted to choose a local or remote Directory Server, choose remote (the Directory Server that is already installed and running on Host A).

  6. Resolving incompatibilities

    The installer verifies software on your host and provides guidance if incompatibilities are identified.

  7. Selecting the Configure Now type

    Communications Express cannot be configured during installation, and will require postinstallation configuration.

    Configuration pages are displayed for those product components that can be configured during installation.

  8. Reviewing the configuration pages

  9. Running the installation

  10. Viewing the Installation Summary and Log

  11. Completing post-install configuration:

  12. Starting the product components

  13. Using the following URL to access the default Communications Express login page:

    http://web-container-host:web-container-port/ uri-path-CommsExpress

    The default of /uwc and be changed for uri-path-CommsExpress during configuration.

  14. Using the following URL to access the default Access Manager Login page:

    http://web-container-host:web-container-port /amserver/UI/Login

Instant Messaging and Access Manager Example

Depending on the required functionality, Instant Messaging could use Access Manager, Messaging Server, or Calendar Server product components. This example installs Instant Messaging with Access Manager, using a required remote Directory Server, and Web Server as the web container.

Requirements and Sequence Issues

If you are using Access Manager with Instant Messaging, you must also use Access Manager SDK. For the Instant Messaging Server Core subcomponent, Access Manager is required, but not necessarily a local copy (or you can use the files system for policy and storage). For the Instant Messaging Core subcomponent, the Access Manager SDK must be local to Instant Messaging. During installation of Access Manager SDK, you need to configure Access Manager SDK to communication to the remote Access Manager server. The Access Manager Resources subcomponent requires a web container, which must be local. If you use Access Manager, Directory Server is required, but not necessarily a local copy.

If you are deploying other product components with Instant Messaging, the other product components must be configured before configuring Instant Messaging.

ProcedureTo Develop a Sequence for Host A

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Running the installer

  4. At component selection, choosing the Access Manager and Directory Server

  5. Resolving incompatibilities

    The installer verifies software on your host and provides guidance if incompatibilities are identified.

  6. Verifying installation directories

  7. Selecting the Configure Now or Configure Later type

    1. For the Configure Now type, configuration pages are displayed for Web Server.

      Gather your configuration information from the tables in Chapter 3, Configuration Information, in Sun Java Enterprise System 5 Installation Reference for UNIX.

    2. For the Configure Later type, configuration pages are not displayed.

  8. Running the installation

  9. Viewing the Installation Summary and Log

  10. Completing post-install configuration

  11. Starting the product components in this order:

    1. Starting and Stopping Directory Server

    2. Starting and Stopping Access Manager

ProcedureTo Develop a Sequence for Host B

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Running the installer

  4. At component selection, choosing the Instant Messaging Resources subcomponent and Web Server

  5. Resolving incompatibilities

    The installer verifies software on your host and provides guidance if incompatibilities are identified.

  6. Verifying installation directories

  7. Selecting the Configure Now or Configure Later type

    Instant Messaging cannot be configured during installation.

    1. For the Configure Now type, configuration pages are displayed for Web Server.

      Gather your configuration information from the tables in Chapter 3, Configuration Information, in Sun Java Enterprise System 5 Installation Reference for UNIX.

    2. For the Configure Later type, configuration pages are not displayed.

  8. Running the installation

  9. Viewing the Installation Summary and Log

  10. Completing post-install configuration

  11. Starting the product components in this order:

    1. Starting and Stopping Web Server

    2. Starting and Stopping Instant Messaging Server and Multiplexor

ProcedureTo Develop a Sequence for Host C

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Running the installer

  4. At component selection, choosing Instant Messaging Core Server subcomponent and theAccess Manager SDK subcomponent

    Directory Server is automatically selected.

  5. Deselecting Directory Server and specifying the remote copy when prompted

  6. Resolving incompatibilities

    The installer verifies software on your host and provides guidance if incompatibilities are identified.

  7. Verifying installation directories

  8. Selecting the Configure Now or Configure Later type

    Instant Messaging cannot be configured during installation.

    1. For the Configure Now type, configuration pages are displayed for Web Server.

      Gather your configuration information for Access Manager SDK from the tables in Chapter 3, Configuration Information, in Sun Java Enterprise System 5 Installation Reference for UNIX.

    2. For the Configure Later type, configuration pages are not displayed.

  9. Running the installation

  10. Viewing the Installation Summary and Log

  11. Completing post-install configuration

  12. Starting the product components in this order:

    1. Starting and Stopping Access Manager

    2. Starting and Stopping Instant Messaging Server and Multiplexor

Communications Suite Example

This example installs most of the Java ES and Communications Suite product components to implement communication and collaboration services across four hosts.

Requirements and Sequence Issues

Directory Server is required for all the communications product components, but not necessarily a local copy. Access Manager or the Access Manager SDK is required, but Access Manager can be remote. In this example, Web Server fulfills the Access Manager requirement for a web container. Although Calendar Server and Messaging Server do not require a local web container, Communications Express does. Communications Express can use remote copies of Calendar Server and Messaging Server.

To implement single sign-on, Instant Messaging requires Access Manager and a local or remote web container. Portal Server Secure Remote Access requires Access Manager and a local web container. Portal Server Secure Remote Access must be installed in the same location as Portal Server. Access Manager and Portal Server cannot use different web containers.

For large deployments, you might deploy each product component on a separate server, in approximately the same order shown in this example. For small deployments, product components are installed in separate installation sessions on fewer servers.

In this example, the following installation sessions are used:

ProcedureTo Develop a Sequence for Host A

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Installing Access Manager, Directory Server, and Directory Preparation Tool

    Identity Management Example

  4. Running Directory Preparation Tool

  5. Starting Access Manager and Directory Server

ProcedureTo Develop a Sequence for Host B

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Installing and starting Portal Server and Web Server, specifying the remote Access Manager and Directory Server that are installed and running on Host A

    A web container and the Access Manager SDK must be local to Portal Server.

ProcedureTo Develop a Sequence for Host C

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Installing and starting Calendar Server, specifying the remote Access Manager and Directory Server that are installed on Host A

    Access Manager SDK must be local to Messaging Server and Calendar Server.

    Install only Calendar Server using the Calendar Server and Messaging Server Example.

ProcedureTo Develop a Sequence for Host D (First Session)

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Installing Communications Express, Messaging Server, Access Manager SDK, and Web Server using the Configure Later type

  4. Performing Web Server post-installation configuration

    To Configure Web Server After a Configure Later Installation

  5. Performing AM SDK configuration to work with the local Web Server and the remote Access Manager

    Access Manager SDK With Container Configuration Example

  6. Performing Messaging Server post-installation configuration

    Messaging Server Postinstallation Configuration

  7. Starting Messaging Server

    To Start Messaging Server

  8. Performing Communications Express post-installation configuration

    During this configuration, provide information for Access Manager on Host A, Calendar Server on Host C, and Messaging Server on Host D.

    To Configure Communications Express After a Configure Later Installation

  9. Restarting Web Server on Host D

    Starting and Stopping Web Server

ProcedureTo Develop a Sequence for Host D (Second Session)

The following high-level tasks are required:

  1. Installing Instant Messaging

    Instant Messaging Only Example

  2. Performing Instant Messaging post-installation configuration

    Instant Messaging Postinstallation Configuration

ProcedureTo Develop a Sequence for Host D (Third Session)

The following high-level tasks are required:

  1. Installing Portal Server Secure Remote Access, specifying the remote Access Manager and Directory Server that are installed on Host A

    As a Portal Server Secure Remote Access requirement, Portal Server is also installed.

  2. Establishing an initial user and setting up single sign-on

Identity Management Example

In this example, identity management is implemented by installing Access Manager and Directory Server, with Directory Server on a remote host.

Requirements

Access Manager requires Directory Server, but not necessarily a local copy. Access Manager requires a web container, which in this example is Web Server. The remote Directory Server must be running before installing any other product components.

ProcedureTo Develop a Sequence for Host A

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Installing and starting Directory Server

ProcedureTo Develop a Sequence for Host B

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Running the installer

  4. At component selection, choosing Access Manager and Web Server

    Directory Server and the Directory Preparation Tool are automatically selected.

  5. Deselect Directory Server and specify a remote copy when prompted.

  6. Resolving incompatibilities

    The installer verifies software on your host and provides guidance if incompatibilities are identified.

  7. Selecting the Configure Now or Configure Later type

    1. For the Configure Now type, configuration pages are displayed for those product components that allow installation-time configuration. Do not accept defaults for product components that are remote; use the remote information.

      You will need to gather your configuration information from the tables in Chapter 3, Configuration Information, in Sun Java Enterprise System 5 Installation Reference for UNIX.

    2. For the Configure Later type, configuration pages are not displayed.

  8. Running the installation

  9. Viewing the Installation Summary and Log

  10. Completing any post-install configuration

    For Configure Now:

    Configuring Access Manager After a Configure Now Installation

    For Configure Later:

  11. Starting the product components

    Starting and Stopping Web Server (Access Manager starts automatically.)

  12. Accessing the default Access Manager login page for Realm Mode


    http://webserver-host:port/amserver
  13. Establishing an initial user and setting up single sign-on

    For a full scenario showing how to establish an initial user and implementing single sign-on, refer to the Sun Java Enterprise System 2005Q1 Deployment Example Series: Evaluation Scenario.

Web and Application Services Example

HADB (used for high availability session storage) works with Application Server to provide failover capabilities that include session persistence.

This example provides guidelines for implementing a two-node HADB cluster with load balancing. However, a preferred solution is to install HADB on four hosts with nothing else installed on them. The domain administration server (DAS) with a copy of HADB for administration and a load balancer and Web Server would be installed on a separate machine.

On a partitioned operating system, a preferred solution is that two servers be installed (either host or zone) with at least one HADB process running on each.

Requirements and Sequence Issues

Application Server requires a local copy of HADB and Message Queue. Application Server and HADB must be on the same host so you can use the integrated management tools provided by Application Server. The Load Balancing Plugin subcomponent of Application Server requires a web server. This example uses the Web Server as the container.

The general tasks include:

  1. Installing the product components

  2. Starting the servers

  3. Configuring HADB

  4. Configuring load balancing

You can use the following guidelines to install all product components on a node or zone. On subsequent nodes, install the product components required by your deployment. A minimum of two installation sessions are required.

ProcedureTo Develop a Sequence for Web and Application Services

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Verifying that the hardware is connected correctly for your cluster

  4. Running the installer

  5. At component selection, choosing Application Server

    Message Queue, HADB, and all the subcomponents of Application Server except the Application Server Node Agent and Load Balancing Plugin are automatically selected.

  6. Expanding the Application Server product component and selecting Load Balancing Plugin.


    Note –

    You must install Web Server and Load Balancing Plug-in using the same file system access permissions.


  7. Resolving incompatibilities

    The installer verifies software on your host and provides guidance if incompatibilities are identified.

  8. Selecting the Configure Now type

    Message Queue requires no configuration.

    The configuration pages are displayed for product components that can be configured during installation. Gather your configuration information from the table in HADB Configuration Information in Sun Java Enterprise System 5 Installation Reference for UNIX.

  9. Running the installation

  10. Viewing the Installation Summary and Log

  11. Starting the product components:

  12. Completing HADB postinstallation configuration

    Refer to Configuring HADB After a Configure Later Installation.

  13. Completing load balancing configuration

    Refer to the Chapter 5, Configuring HTTP Load Balancing, in Sun Java System Application Server Enterprise Edition 8.2 High Availability Administration Guide.

Non-Root Examples

This section contains the following non-root example:

This example uses Web Server as the web container. If the Web Server administration runtime user is non-root, then the Web Server instance runtime user needs to be the same non-root user. If the Web Server instance is non-root, and if you choose to run Web Server on port 80, then there are two options:

For other non-root information in this document, see Configuring Product Components With Non-root Identifiers.

Access Manager Configured to Run as a Non-root User Example

This example provides an installation sequence and configuration procedures for allowing Access Manager to run in a web container that is not owned by root.

Requirements and Sequence Issues

If your installation plan calls for deploying Access Manager in an instance of Web Server or Application Server that is not owned by the superuser (root), you must install Access Manager in a separate installation session from Directory Server and Web Server or Application Server.

The general steps for creating this installation sequence include the following:


Note –

If you have already deployed Access Manager in a root-owned instance of Web Server or Application Server, uninstall any copy of Access Manager before following the procedure in this section.


ProcedureTo Develop a Sequence for Host A

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Installing Directory Server using the Configure Now type

    • In the Common Server Settings page, enter the non-root user for System User and non-root group for System Group.

    • Select port numbers for Directory Server that are higher than 1024 (389 for instance LDAP port and 636 for instance SSL LDAP port).

  4. As the non-root user, starting Directory Server (all processes must be owned by the non-root user)

ProcedureTo Develop a Sequence for Host B (First Session)

The following high-level tasks are required:

  1. Checking the installation sequence guidelines

    Check to see what guidelines apply to this example and make adjustments as needed.

  2. Checking the installation prerequisites

    Check to see what tasks you might need to perform for this installation before starting.

  3. Installing Web Server using the Configure Now type

    • In the Common Server Settings page, enter the non-root user for System User and non-root group for System Group.

    • In the Directory Server Instance Creation page, set System User and System Group to non-root user and group.

    • In the Web Server: Administration page, change the Administration Runtime User ID to the non-root user.

    • In the Web Server: Default Web Server Instance page:

      1. Change the Runtime UNIX User ID to the non-root user.

      2. Select a value for HTTP Port that is higher than 1024.

  4. As the non-root user, starting the Web Server administration instance and Web Server instance

    All processes should be owned by the non-root users.

ProcedureTo Develop a Sequence for Host B (Second Session)

The following high-level tasks are required:

  1. Installing Access Manager using the Configure Later type

  2. Changing ownership of the following directories from root/other to the non-root user/non-root group:

    These shared component directories must be changed because they are configured into the web container classpath by the Access Manager configuration program. All processes should be owned by the non-root users.

    • Solaris OS: /opt/SUNWma and /etc/opt/SUNWma

    • Linux: /opt/sun/mobileaccess and /etc/opt/sun/mobileaccess


      chown -R nonroot-user:nonroot-group
      
       /opt/SUNWma /etc/opt/SUNWma
  3. Deploying Access Manager


    ./amconfig -s ./am.non_root_install
  4. As the non-root user, stopping the Web Server admin instance and Web Server instance

  5. As root, changing the ownership of the Web Server installation directory


    chown -R <non-root-user\>:<non-root-group\> WebServer-base
    
  6. As the non root-user, starting the Web Server admin instance and Web Server instance