This chapter provides sequencing guidelines for some common Communications Suite installations.
This chapter contains the following sections:
The example installation sequences in this chapter are intended to provide high-level guidelines for some common Communications Suite installations. These are not literal procedures, but instead provide the sequential steps required to implement particular deployment scenarios.
The single-session examples describe typical steps for installing one or a number of product components on a single host in a single installation session. The remaining examples describe situations where multiple installation sessions are performed on multiple hosts, for a variety of solutions. For the most part, the sequences in this chapter are based on the relationships among the product components as shown in Sun Java Enterprise System 5 Installation Planning Guide.
At component selection, the installer identifies incompatible versions of components as well as unmet requirements. You receive warning messages that identify the problem and tell you what you need to do. Many of these messages tell you about requirements that are not yet met. Other messages tell you that incompatible versions of some or all of the components you are trying to install are already on the local host. You can use the installer to identify components that are already on your local host. For instructions, refer to When Incompatible Components Are Installed.
Installation goes most smoothly if any incompatible versions of Communications Suite components are identified and removed or upgraded before starting the installer.
Installation Guideline Topic |
Description |
---|---|
Sun Cluster software |
If you are using this product component with Sun Cluster software, you must perform a precise series of tasks before installing any product components. Communications Suite components that can be configured for Sun Cluster are Calendar Server, Instant Messaging, and Messaging Server. Several Java ES components can also be configured for Sun Cluster. See the Sun Java Enterprise System 5 Installation Guide for UNIX for instructions. Also, refer to Sun Cluster Software Example to see Sun Cluster guidelines. |
Monitoring |
Monitoring Console cannot be run on the same host as Communications Suite or Java ES product components that it monitors. Therefore, it should be installed on another host in a separate installation session. See the Sun Java Enterprise System 5 Installation Guide for UNIX for information on installing Monitoring Console. |
Installation-time configuration |
The following components can be installed in a Configure Now installation, but configuration cannot be done during installation: Sun Cluster components and Communications Suite components. |
Upgrading |
You might receive messages asking you to remove or upgrade product components that are already on the host. For some components (Application Server, Message Queue, and HADB), you can return to the beginning of installation and choose to Upgrade Existing Software. After you have upgraded, you can then start the installation. For full instructions on upgrading Communications Suite components without using the installer, see the Sun Java Communications Suite 5 Upgrade Guide, for Java ES components, refer to Sun Java Enterprise System 2006Q3 Upgrade Guide |
Solaris 10 zones |
In a Solaris 10 zones environment, shared components must be installed separately in the global zone before installing into a local zone. Message Queue can only be installed in the global zone, after which it is propagated to all non-global zones. |
Remote component |
If you are using a remote product component to fulfill dependencies, the remote product component must be installed and running before installing any product components that depend on it. |
Third-party component |
If you are using a third-party product, such as a WebLogic web container, the third-party product component must be installed and running before installing any Communications Suite product components that depend on it. |
Access Manager modes |
You must use Access Manager Legacy (6.x) installation type if you are installing Access Manager with Communications Suite product components. Access Manager Realm (7.x) installation type cannot be used with Communications Suite. |
LDAP Schema 1 |
The Calendar-Messaging Schema 1 Example is the only example based on LDAP Schema 1. All other examples in this chapter are based on Schema 2. See: Understanding Schema Choices in Sun Java Communications Suite 5 Deployment Planning Guide for more information. |
The following examples apply to installing on a single host in a single session:
An evaluation installation is generally considered a trial deployment, that is, a quick installation to see how things go. This example uses the graphical interface and the Configure Now type When you are presented with configuration pages, you accept defaults wherever possible.
This example installs all the Communications Suite and Java ES product components except Sun Cluster software on a single host in a single installation session. Because Web Server is used as the web container, Application Server is not installed.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Starting the graphical installer
Use either the graphical or text-based installer.
At component selection, choosing Select All, then deselecting the Application Server and Sun Cluster software product components
The installer verifies software on your host and provides guidance if incompatibilities are identified.
Verifying installation directories
Selecting the Configure Now type
Messages indicate which product components cannot be configured during installation.
Accepting configuration defaults when they are offered
If you want to use non-default information, review the appropriate configuration tables in Chapter 3, Configuration Information, in Sun Java Enterprise System 5 Installation Reference for UNIX.
Viewing the Installation Summary and Log
Completing post-install configuration
Chapter 6, Completing Communications Suite Postinstallation Configuration contains instructions for post-install configuration.
Starting the product components
Verifying After Post-Installation Configuration contains the preferred Communications Suite startup sequence. Startup procedures follow the table.
This example describes installation of only Instant Messaging in a single session. It is not uncommon for Instant Messaging to be installed in a separate installation session after other product components have been installed and configured.
If you are using single sign-on or Access Manager managed policies, Access Manager is required. For guidelines, refer to Instant Messaging and Access Manager Example.
If you are deploying other product components with Instant Messaging, the other product components must be configured before configuring Instant Messaging. Communications Suite product components that are commonly used with Instant Messaging include Messaging Server, Calendar Server, and Portal Server (with Access Manager).
Portal Server installation is not documented in this guide. See the Sun Java Enterprise System 5 Installation Guide for UNIX for information on Portal Server.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Running the installer
At component selection, choosing Instant Messaging
Directory Server and Directory Preparation Tool are automatically selected. If you do not select a web container, you will be prompted to select either Web Server or Application Server to fulfill the Instant Messaging requirement for a local web container.
Resolving incompatibilities
The installer verifies software on your host and provides guidance if incompatibilities are identified.
Verifying installation directories
Selecting the Configure Later type
Instant Messaging cannot be configured during installation.
Running the installation
Viewing the Installation Summary and Log
Completing post-install configuration
Configuring Instant Messaging After a Configure Later Installation
Starting Instant Messaging (after starting any other product components that Instant Messaging might depend on)
Starting and Stopping Instant Messaging Server and Multiplexor
The following table contains additional Instant Messaging information.
Task |
Relevant Information |
---|---|
Postinstallation configuration |
Configuring Instant Messaging After a Configure Later Installation |
Starting and stopping |
Starting and Stopping Instant Messaging Server and Multiplexor |
Uninstalling | |
Troubleshooting | |
Upgrading | |
Deployment scenarios |
This section contains a brief description of Solaris 10 zones support for the current release of Communications Suite. An installation sequence example is included. The following topics are addressed in this section:
The Solaris 10 zones (also known as Solaris containers) feature provides a means of creating virtualized operating system environments within an instance of Solaris OS. This allows one or more processes to run in isolation from other activities on the host. For example, a process running in a zone will only be able to send signals to other processes in the same zone, regardless of user ID and other credential information.
Every Solaris 10 host contains a single global zone. The global zone is both the default zone for the host and the zone used for system-wide administrative control. All processes run in the global zone if no non-global zones are created by the global administrator. Some product components, such as Sun Cluster software can only be installed in the global zone. A non-global zone can be thought of as a box. One or more applications can run in this box without interacting with the rest of the host. Each non-global zone has what appears to be its own instance of an installed Solaris 10 operating system with configuration and other information unique to that non-global zone. The default configuration for a non-global zone is to share portions of its file system with the global zone. Propagation provides non-global visibility and availability to packages that are installed in the global zone.
There are two types of non-global zones supported: whole root zone and sparse root zone. A whole root zone contains a read/write copy of the file system that exists in the global zone. When a whole root non-global zone is created, all packages that are installed on the global zone are made available to the whole root zone. A package database is created and all packages are copied onto the non-global zone, creating a dedicated and independent copy of all files.
A sparse root zone contains a read/write copy of only a portion of the file system existing on the global zone, while other file systems are mounted read-only from the global zone as loopback virtual file systems. The global administrator selects which file systems to share with a sparse root zone at the time the sparse root zone is created. Regardless of zone type, when a package is added to the global zone it is, by default, propagated to all non-global zones. In other words, the package is installed in the global zone as well as all non-global zones. This propagation behavior can optionally be suppressed when the package is added, thus restricting the package to the global zone only.
For your zones deployment to succeed, it is crucial that you plan the tasks and sequence of those tasks very carefully. Communications Suite components can potentially be installed in any of three types of zones in an almost unlimited set of combinations, and in almost any order. In some cases, the order in which Communications Suite product components are installed, and the order in which non-local zones are created, can be very important. For a full description of planning for using Communications Suite in a Solaris zones environment, refer to the Sun Java Enterprise System 5 Installation Planning Guide.
The following list describes the level of zones support for this release of Communications Suite:
Both whole root zones and sparse root zones are supported.
Communications Suite can be installed in the global zone when non-global zones already exist.
Non-global zones can be created after Communications Suite is installed in the global zone.
Communications Suite can be installed in the global zone even when Communications Suite has already been installed in the whole root non-global zone. Also, Communications Suite can be installed in a whole root non-global zone even if another Communications Suite installation is already installed in the global zone.
All shared components in a zone must be from the same release of Communications Suite. Shared components are automatically synchronized to match the most recent Communications Suite release.
Whole root and sparse root deployments of Communications Suite should not be mixed on a single computer.
Communications Suite can be installed into non-global sparse root zones with the following exceptions:
Sun Cluster software, Sun Cluster Geographic Edition, and Sun Cluster Agents can only be installed in the global zone.
Message Queue can only be installed or upgraded in the global zone, or in a whole root non-global zone.
Before Application Server can be installed into the non-global sparse root zone, any version of Application Server that is bundled with the operating system must be removed from the global zone.
The installer does not install shared components or Message Queue into sparse zones. If you attempt to do this, installation halts and you receive a message telling you that shared components and Message Queue must bed installed in the global zone.
The installer controls propagation of the packages it installs in the global zone:
Shared components always propagate.
Message Queue always propagates.
All other product components never propagate.
The Sun Java Web Console shared component can only be upgraded in the global zone.
This is an example of installing Communications Suite software in a Solaris 10 whole root non-global zone.
The following high-level tasks are required:
Verifying that Solaris 10 is installed on your host
The global zone is automatically created.
Verifying that all the non-global zones specified in your implementation plan have been created by the global zone administrator as “whole root” zones
For information on creating non-global zones, refer to Chapter 18, Planning and Configuring Non-Global Zones (Tasks), in System Administration Guide: Solaris Containers-Resource Management and Solaris Zones.
Starting the installer in the global zone, and selecting only shared components at component selection.
Select only Shared Components at component selection; no other components should be selected. When shared component installation is complete, the shared component are in the global zone and are also propagated to all non-global zones.
Shared components can be installed into a whole root local zone with the exception of Sun Java Web Console. If the installer detects a bundled version of Sun Java Web Console, you cannot proceed until Sun Java Web Console is removed or upgraded from the global zone.
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Starting the installer in the desired non-global zone
At component selection, choosing the components you want
Some components cannot be installed in a non-global zone because they require access to global zone capabilities. These components are unavailable at component selection.
Running the installation
Viewing the Installation Summary and Log
Completing postinstallation configuration as needed
Chapter 6, Completing Communications Suite Postinstallation Configuration provides post-installation configuration instructions.
Starting product components
Chapter 7, Verifying Installed Product Components provides procedures for starting and stopping the product components.
Repeating this process in additional non-global zones as needed
This is an example of installing Communications Suite software in a Solaris 10 sparse root non-global zone.
Verifying that Solaris 10 is installed on your host
The global zone is automatically created.
Verifying that all the non-global zones specified in your implementation plan have been created by the global zone administrator as “sparse root” zones
For information on creating non-global zones, refer to Chapter 18, Planning and Configuring Non-Global Zones (Tasks), in System Administration Guide: Solaris Containers-Resource Management and Solaris Zones.
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Starting the installer in the global zone, and selecting only shared components at component selection.
Select only Shared Components at component selection; no other components should be selected. When shared component installation is complete, the shared component are in the global zone and are also propagated to all non-global zones.
If Message Queue is being used, upgrading Message Queue in the global zone
Message Queue comes bundled with Solaris 10 and an incompatible version must be upgraded or removed. After upgrade, Message Queue is in the global zone and is also propagated to the non-global zones.
If Application Server is being used, Application Server must be removed.
Application Server comes bundled in Solaris 10 and must be removed from the global zone. Use the pkginfo —I | grep —I “application server” command to list the Application Server packages that are on the host. After removing the Application Server packages, Application Server can be installed with the other product components in the non-global zone.
Starting the installer in the desired non-global zone
At component selection, choosing the components you want
Some components cannot be installed in a non-global zone because they require access to global zone capabilities. These components are unavailable at component selection.
Running the installation
Viewing the Installation Summary and Log
Completing postinstallation configuration as needed
Chapter 6, Completing Communications Suite Postinstallation Configuration provides post-installation configuration instructions.
Starting product components
Chapter 7, Verifying Installed Product Components provides procedures for starting and stopping the product components.
Repeating this process in additional non-global zones as needed
Communications Suite product components that can be configured to run in a cluster instead of on a single server include Calendar Server, Messaging Server, and Instant Messaging.
This example installs Messaging Server in a Sun Cluster framework.
Before you install or configure Sun Cluster software, ensure that the combination of hardware and software that you choose for your cluster is currently a supported Sun Cluster configuration. For guidelines on implementing Sun Cluster software within a Communications Suite environment, refer to Chapter 2, Installing Software on the Cluster, in Sun Cluster Software Installation Guide for Solaris OS and also see Sun Cluster 3.1 8/05 With Sun Java Enterprise System 5 Special Instructions.
Messaging Server requires Directory Server, but not necessarily a local copy. You will need the Sun Cluster Core component as well as the Sun Cluster Agents for Directory Server and Messaging Server. If a remote Directory Server is used, then the Sun Cluster Agent for Directory Server is not required.
Installing, configuring, and starting the product components in the correct order is crucial for a successful Sun Cluster implementation.
Installing the Sun Cluster product component
Configuring the Sun Cluster framework
Installing the additional product components that are required for Messaging Server to operate in the cluster
Configuring the Sun Cluster data services using the agents for the relevant product components
At least two installation sessions are performed on each node in the cluster.
The following tasks must be performed on all nodes in the cluster.
Verifying that the hardware is connected correctly for the cluster
Sun Cluster 3.0–3.1 Hardware Collection for Solaris OS (SPARC Platform Edition) http://docs.sun.com/coll/1024.1
Sun Cluster 3.0–3.1 Hardware Collection for Solaris OS (x86 Platform Edition) http://docs.sun.com/coll/1142.1
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Running the installer
On Solaris 10, Sun Cluster software can only be installed in the global zone.
At component selection, choosing only the Sun Cluster product component
During a Configure Now installation (usually where you have chosen to install all product components), you are prompted whether to enable support for remote Sun Cluster configuration. If you select Yes, postinstallation configuration for Sun Cluster software will be easier.
Selecting the Configure Later type
If needed, manually installing the Sun Cluster support for additional features: RSMAPI (SUNWscrif), SCI-PCI adapters (SUNWsci), RSMRDT drivers (SUNWscrdt)
Refer to the Sun Cluster Software Installation Guide for Solaris OS for further information.
Following the instructions to configure the Sun Cluster Framework for each host in the cluster
Follow instructions in Chapter 2, Installing Software on the Cluster, in Sun Cluster Software Installation Guide for Solaris OS. When the Sun Cluster documentation refers to a Sun Cluster CD-ROM, substitute the name of the equivalent Communications Suite CD-ROM.
For documentation on creating resource groups and configuring data services, refer to the Sun Cluster Data Services Planning and Administration Guide for Solaris OS.
The following tasks must be performed on all nodes in the cluster.
Running the installer
At component selection, choosing the following:
Messaging Server
Directory Server and the Directory Preparation Tool are automatically selected.
(Optional) If you are using a remote copy of Directory Server, deselect Directory Server and specify a remote copy when prompted.
Sun Cluster Agents for Sun JavaTM System
All agents are selected by default.
Expanding the Sun Cluster Agents for Sun Java System product component and deselecting all agents except Directory Server and Messaging Server
Resolving incompatibilities
The installer verifies software on your node and provides guidance if incompatibilities are identified.
Verifying installation directories
Selecting the Configure Now or Configure Later type
Messaging Server and Sun Cluster Agents cannot be configured during installation.
Configuring all the selected product components except Sun Cluster Agents
Messaging Server Postinstallation Configuration
When specifying installation directories, use a location on a cluster file system for Messaging Server.
Starting all the product components except Sun Cluster Agents, in this order:
Configuring the data services for the product components you have installed and configured
Sun Cluster Data Services Configuration
The following table contains additional Sun Cluster information.
Task |
Relevant Information |
---|---|
Postinstallation configuration information | |
Starting and stopping | |
Uninstalling |
Sun Cluster Software and Sun Cluster Geographic Edition Uninstallation Behavior |
Upgrading |
This example installs Access Manager SDK, using a copy of Access Manager that is already installed on a remote host.
To use this sequence example, also refer to known issue 6293225 in the Sun Java Enterprise System 5 Release Notes for UNIX.
Before you install Access Manager SDK, the Access Manager core services must be installed and running on a remote host. The web container information and Directory Server configuration information that you provide in this installation example must match the web container and Directory Server configuration information that you provided during installation of Access Manager core services.
When the installer asks for information about the remote web container and Directory Server, default values are displayed based on the local host.
Do not accept the default values; use them only as examples of format. Instead, you must supply the correct information for the remote host.
The installer does not allow you to configure the web container when you are installing only the Access Manager SDK.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Installing and starting Access Manager core services
The following high-level tasks are required:
Checking the installation sequence guidelines.
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites.
Check to see what tasks you might need to perform for this installation before starting.
Running the installer.
At component selection, choosing Access Manager SDK.
Resolving incompatibilities.
The installer verifies software on your host and provides guidance if incompatibilities are identified.
Selecting the Configure Later type.
Running the installation.
Viewing the Installation Summary and Log.
Verifying that your web container is installed and running.
Editing the amsamplesilent file.
Make a copy the amsamplesilent file.
Solaris: AccessManager-base/SUNWam/bin
Linux: /opt/sun/identity/bin
By default, many settings are commented out in the amsamplesilent file. Uncomment only the following settings:
SERVER_NAME
SERVER_HOST
SERVER_PORT
ADMIN_PORT
DS_HOST
DS_DIRMGRPASSWD
ROOT_SUFFIX
ADMINPASSWD
AMLDAPUSERPASSWD
COOKIE_DOMAIN
AM_ENC_PWD
NEW_OWNER
NEW_GROUP
PAM_SERVICE_NAME
WEB_CONTAINER
Modify only the following parameters in the amsamplesilent file:
DEPLOY_LEVEL should be set to 4.
SERVER_HOST and SERVER_PORT should be set to the host and port of the full server which will be used by Access Manager SDK.
DS_HOST, DS_DIRMGRPASSWD, and ROOT_SUFFIX should be set to the hostname, directory manager password, and root suffix of the Host A Directory Server.
ADMINPASSWD and AMLDAPUSERPASSWD should be set to the amadmin and amldapuser passwords used on Host A.
AM_ENC_PWD should be set to the password encryption key used on Host A. For the Access Manager SDK, use the same encryption key for AM_ENC_PWD as the encryption key specified during the remote installation of Access Manager on Host B. Use one of the following commands to obtain this value:
Solaris: grep pwd /etc/opt/SUNWam/config/AMConfig.properties
Linux: grep pwd /etc/opt/sun/identity/config/AMConfig.properties
WEB_CONTAINER should be set to the corresponding value for the web container being used.
BASEDIR should be set to the install directory used during the Configure Later installation of Access Manager SDK.
AM_REALM should be set to Enabled if realm mode is used on Host A, and Disabled if legacy mode is used on Host A.
Find the settings corresponding to the web container that will be used for the SDK and modify these settings with the details of the web container. For example, if WEB_CONTAINER is set to WS (Sun Java System Web Server), then you should modify the settings which are prefixed by WS_ (WS_INSTANCE , WS_HOME, WS_PROTOCOL and so on.)
As root, use the edited amsamplesilent file to deploy Access Manager.
Restarting your web container
This example installs Calendar Server and Messaging Server in a 3-host Schema 2 environment. Remote copies of Access Manager and Directory Server are used.
For a Schema 1 example, refer to Calendar-Messaging Schema 1 Example.
Access Manager is required if you are implementing single sign-on or Access Manager managed policies. In this case, either Access Manager or a local copy of the Access Manager SDK is required. Access Manager SDK requires Access Manager, but not necessarily a local copy. Calendar Server and Messaging Server both require Directory Server, but not necessarily a local copy.
In this example, remote copies of Directory Server and Access Manager are used. Access Manager requires a local web container.
If you are using this product component with Sun Cluster software, you must perform a precise series of tasks before installing any product components. Refer to Sun Cluster Software Example
The remote Directory Server must be installed and running before installing any product components that depend on it.
The remote Access Manager must be running before installing Access Manager SDK. For instructions on installing Access Manager, refer to Identity Management Example
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Installing and starting Directory Server
Running the Directory Preparation Tool.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Installing and starting the web container and Access Manager (deselecting Directory Server)
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Running the installer
At component selection, selecting Calendar Server, Messaging Server, and Access Manager SDK
Directory Server and Directory Preparation Tool are automatically selected.
Deselecting Directory Server and specifying a remote copy when prompted
Resolving incompatibilities
The installer verifies software on your host and provides guidance if incompatibilities are identified.
Verifying installation directories
Selecting the Configure Now type
Calendar Server and Messaging Server cannot be configured during installation.
Configuration pages are displayed for the local product components that can be configured during installation. Do not accept defaults for product components that are remote; use the remote information. Gather your configuration information from the tables in Chapter 3, Configuration Information, in Sun Java Enterprise System 5 Installation Reference for UNIX.
Running the installation
Viewing the Installation Summary and Log
Completing post-install configuration, including specifying remote product components
Starting the product components in this order:
Starting and Stopping Calendar Server
The following table contains additional Calendar Server information.
Task |
Relevant Information |
---|---|
Postinstallation configuration | |
Starting and stopping | |
Uninstalling | |
Troubleshooting | |
Upgrading |
The following table contains additional Messaging Server information.
Task |
Relevant Information |
---|---|
Postinstallation configuration | |
Starting and stopping | |
Uninstalling | |
Troubleshooting | |
Upgrading |
This example installs Calendar Server and Messaging Server in an LDAP Schema 1 environment on two hosts. A remote version of Directory Server is used.
Both Calendar Server and Messaging Server require Directory Server, but not necessarily a local copy.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Installing Directory Server and Directory Preparation Tool
Running Directory Preparation Tool.
Start Directory Server.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Running the installer.
At component selection, choosing Calendar Server and Messaging Server
Directory Server and the Directory Preparation Tool are automatically selected.
Deselecting Directory Server
When you are prompted to choose a local or remote Directory Server, choose remote (the Directory Server that is already installed and running on Host A).
Resolving incompatibilities
The installer verifies software on your host and provides guidance if incompatibilities are identified.
Selecting the Configure Now type
You will receive a message that Calendar Server and Messaging Server cannot be configured during installation.
Running the installation
Viewing the Installation Summary and Log
Completing any post-install configuration:
Starting the product components in this order:
This example installs Communications Express for messaging services in a 2-host Schema 2 environment. A remote copy of Directory Server is used.
Communications Express requires either Access Manager or the Access Manager SDK for Schema 2. A local copy of Access Manager SDK is always required, but you can use a remote copy of Access Manager. Directory Server is required for Access Manager and Communications Express, but Directory Server does not need to be on the local host. Communications Express requires a local web container which can be either Application Server or Web Server.
To use messaging services, Communications Express requires Messaging Server, but Messaging Server does not need to be on the local host. To use calendar services, Communications Express requires Calendar Server, but Calendar Server does not need to be on the local host. This example uses messaging services.
If you are using Messaging Server or Web Server with Sun Cluster software, you must perform a precise series of tasks before installing any product components. Refer to Sun Cluster Software Example to see Sun Cluster guidelines.
The remote Directory Server must be installed and running before installing any product components that depend on it.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Installing and starting Directory Server
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Running the installer
At component selection, choosing Communications Express, Access Manager, Messaging Server, and Web Server
Directory Server and the Directory Preparation Tool are automatically selected.
Deselecting Directory Server
When you are prompted to choose a local or remote Directory Server, choose remote (the Directory Server that is already installed and running on Host A).
Resolving incompatibilities
The installer verifies software on your host and provides guidance if incompatibilities are identified.
Selecting the Configure Now type
Communications Express cannot be configured during installation, and will require postinstallation configuration.
Configuration pages are displayed for those product components that can be configured during installation.
Reviewing the configuration pages
Running the installation
Viewing the Installation Summary and Log
Completing post-install configuration:
Starting the product components
Starting and Stopping Web Server (Access Manager automatically starts)
Using the following URL to access the default Communications Express login page:
http://web-container-host:web-container-port/ uri-path-CommsExpress
The default of /uwc and be changed for uri-path-CommsExpress during configuration.
Using the following URL to access the default Access Manager Login page:
http://web-container-host:web-container-port /amserver/UI/Login
Depending on the required functionality, Instant Messaging could use Access Manager, Messaging Server, or Calendar Server product components. This example installs Instant Messaging with Access Manager, using a required remote Directory Server, and Web Server as the web container.
If you are using Access Manager with Instant Messaging, you must also use Access Manager SDK. For the Instant Messaging Server Core subcomponent, Access Manager is required, but not necessarily a local copy (or you can use the files system for policy and storage). For the Instant Messaging Core subcomponent, the Access Manager SDK must be local to Instant Messaging. During installation of Access Manager SDK, you need to configure Access Manager SDK to communication to the remote Access Manager server. The Access Manager Resources subcomponent requires a web container, which must be local. If you use Access Manager, Directory Server is required, but not necessarily a local copy.
If you are deploying other product components with Instant Messaging, the other product components must be configured before configuring Instant Messaging.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Running the installer
At component selection, choosing the Access Manager and Directory Server
Resolving incompatibilities
The installer verifies software on your host and provides guidance if incompatibilities are identified.
Verifying installation directories
Selecting the Configure Now or Configure Later type
For the Configure Now type, configuration pages are displayed for Web Server.
Gather your configuration information from the tables in Chapter 3, Configuration Information, in Sun Java Enterprise System 5 Installation Reference for UNIX.
For the Configure Later type, configuration pages are not displayed.
Running the installation
Viewing the Installation Summary and Log
Completing post-install configuration
Starting the product components in this order:
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Running the installer
At component selection, choosing the Instant Messaging Resources subcomponent and Web Server
Resolving incompatibilities
The installer verifies software on your host and provides guidance if incompatibilities are identified.
Verifying installation directories
Selecting the Configure Now or Configure Later type
Instant Messaging cannot be configured during installation.
For the Configure Now type, configuration pages are displayed for Web Server.
Gather your configuration information from the tables in Chapter 3, Configuration Information, in Sun Java Enterprise System 5 Installation Reference for UNIX.
For the Configure Later type, configuration pages are not displayed.
Running the installation
Viewing the Installation Summary and Log
Completing post-install configuration
Configuring Instant Messaging After a Configure Later Installation For the remote product components: During Instant Messaging configuration, specify the remote location (Host A) for Directory Server and Access Manager.
Starting the product components in this order:
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Running the installer
At component selection, choosing Instant Messaging Core Server subcomponent and theAccess Manager SDK subcomponent
Directory Server is automatically selected.
Deselecting Directory Server and specifying the remote copy when prompted
Resolving incompatibilities
The installer verifies software on your host and provides guidance if incompatibilities are identified.
Verifying installation directories
Selecting the Configure Now or Configure Later type
Instant Messaging cannot be configured during installation.
For the Configure Now type, configuration pages are displayed for Web Server.
Gather your configuration information for Access Manager SDK from the tables in Chapter 3, Configuration Information, in Sun Java Enterprise System 5 Installation Reference for UNIX.
For the Configure Later type, configuration pages are not displayed.
Running the installation
Viewing the Installation Summary and Log
Completing post-install configuration
Configuring Instant Messaging After a Configure Later Installation For remote product components: During Instant Messaging configuration, specify the remote location (Host A) for Directory Server and Access Manager.
Starting the product components in this order:
This example installs most of the Java ES and Communications Suite product components to implement communication and collaboration services across four hosts.
Directory Server is required for all the communications product components, but not necessarily a local copy. Access Manager or the Access Manager SDK is required, but Access Manager can be remote. In this example, Web Server fulfills the Access Manager requirement for a web container. Although Calendar Server and Messaging Server do not require a local web container, Communications Express does. Communications Express can use remote copies of Calendar Server and Messaging Server.
To implement single sign-on, Instant Messaging requires Access Manager and a local or remote web container. Portal Server Secure Remote Access requires Access Manager and a local web container. Portal Server Secure Remote Access must be installed in the same location as Portal Server. Access Manager and Portal Server cannot use different web containers.
For large deployments, you might deploy each product component on a separate server, in approximately the same order shown in this example. For small deployments, product components are installed in separate installation sessions on fewer servers.
In this example, the following installation sessions are used:
Session 1, Host A: Installing Access Manager, Directory Server, and Directory Preparation Tool
Session 2, Host B: Installing Portal Server and Web Server (using remote Directory Server and Access Manager on Host A)
Session 3, Host C: Installing Calendar Server (using remote Directory Server and Access Manager on Host A)
Session 4, Host D: Installing Communications Express, Messaging Server, Access Manager SDK, and Web Server (using remote Directory Server and Access Manager on Host A, and remote Calendar Server on Host C)
Session 5, Host D: Installing Instant Messaging (using remote Directory Server and Access Manager on Host A) after the other product components are installed and functioning
Session 6, Host D: Installing Portal Server Secure Remote Access (using remote Directory Server and Access Manager on Host A)
By dividing the installation into a number of sessions, you are able to verify the product components in each session before proceeding to the next session.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Installing Access Manager, Directory Server, and Directory Preparation Tool
Running Directory Preparation Tool
Starting Access Manager and Directory Server
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Installing and starting Portal Server and Web Server, specifying the remote Access Manager and Directory Server that are installed and running on Host A
A web container and the Access Manager SDK must be local to Portal Server.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Installing and starting Calendar Server, specifying the remote Access Manager and Directory Server that are installed on Host A
Access Manager SDK must be local to Messaging Server and Calendar Server.
Install only Calendar Server using the Calendar Server and Messaging Server Example.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Installing Communications Express, Messaging Server, Access Manager SDK, and Web Server using the Configure Later type
Performing Web Server post-installation configuration
To Configure Web Server After a Configure Later Installation
Performing AM SDK configuration to work with the local Web Server and the remote Access Manager
Performing Messaging Server post-installation configuration
Starting Messaging Server
Performing Communications Express post-installation configuration
During this configuration, provide information for Access Manager on Host A, Calendar Server on Host C, and Messaging Server on Host D.
To Configure Communications Express After a Configure Later Installation
Restarting Web Server on Host D
The following high-level tasks are required:
The following high-level tasks are required:
Installing Portal Server Secure Remote Access, specifying the remote Access Manager and Directory Server that are installed on Host A
As a Portal Server Secure Remote Access requirement, Portal Server is also installed.
Establishing an initial user and setting up single sign-on
In this example, identity management is implemented by installing Access Manager and Directory Server, with Directory Server on a remote host.
Access Manager requires Directory Server, but not necessarily a local copy. Access Manager requires a web container, which in this example is Web Server. The remote Directory Server must be running before installing any other product components.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Installing and starting Directory Server
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Running the installer
At component selection, choosing Access Manager and Web Server
Directory Server and the Directory Preparation Tool are automatically selected.
Deselect Directory Server and specify a remote copy when prompted.
Resolving incompatibilities
The installer verifies software on your host and provides guidance if incompatibilities are identified.
Selecting the Configure Now or Configure Later type
For the Configure Now type, configuration pages are displayed for those product components that allow installation-time configuration. Do not accept defaults for product components that are remote; use the remote information.
You will need to gather your configuration information from the tables in Chapter 3, Configuration Information, in Sun Java Enterprise System 5 Installation Reference for UNIX.
For the Configure Later type, configuration pages are not displayed.
Running the installation
Viewing the Installation Summary and Log
Completing any post-install configuration
For Configure Now:
Configuring Access Manager After a Configure Now Installation
For Configure Later:
Starting the product components
Starting and Stopping Web Server (Access Manager starts automatically.)
Accessing the default Access Manager login page for Realm Mode
http://webserver-host:port/amserver |
Establishing an initial user and setting up single sign-on
For a full scenario showing how to establish an initial user and implementing single sign-on, refer to the Sun Java Enterprise System 2005Q1 Deployment Example Series: Evaluation Scenario.
HADB (used for high availability session storage) works with Application Server to provide failover capabilities that include session persistence.
This example provides guidelines for implementing a two-node HADB cluster with load balancing. However, a preferred solution is to install HADB on four hosts with nothing else installed on them. The domain administration server (DAS) with a copy of HADB for administration and a load balancer and Web Server would be installed on a separate machine.
On a partitioned operating system, a preferred solution is that two servers be installed (either host or zone) with at least one HADB process running on each.
Application Server requires a local copy of HADB and Message Queue. Application Server and HADB must be on the same host so you can use the integrated management tools provided by Application Server. The Load Balancing Plugin subcomponent of Application Server requires a web server. This example uses the Web Server as the container.
The general tasks include:
Installing the product components
Starting the servers
Configuring HADB
Configuring load balancing
You can use the following guidelines to install all product components on a node or zone. On subsequent nodes, install the product components required by your deployment. A minimum of two installation sessions are required.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Verifying that the hardware is connected correctly for your cluster
Running the installer
At component selection, choosing Application Server
Message Queue, HADB, and all the subcomponents of Application Server except the Application Server Node Agent and Load Balancing Plugin are automatically selected.
Expanding the Application Server product component and selecting Load Balancing Plugin.
You must install Web Server and Load Balancing Plug-in using the same file system access permissions.
Resolving incompatibilities
The installer verifies software on your host and provides guidance if incompatibilities are identified.
Selecting the Configure Now type
Message Queue requires no configuration.
The configuration pages are displayed for product components that can be configured during installation. Gather your configuration information from the table in HADB Configuration Information in Sun Java Enterprise System 5 Installation Reference for UNIX.
Running the installation
Viewing the Installation Summary and Log
Starting the product components:
Starting and Stopping Application Server (Message Queue automatically starts.)
Completing HADB postinstallation configuration
Refer to Configuring HADB After a Configure Later Installation.
Completing load balancing configuration
This section contains the following non-root example:
This example uses Web Server as the web container. If the Web Server administration runtime user is non-root, then the Web Server instance runtime user needs to be the same non-root user. If the Web Server instance is non-root, and if you choose to run Web Server on port 80, then there are two options:
Start Web Server as root. This allows Web Server to attach to a port lower than 1024. Web Serverwill later be able to run as the non-root user configured during installation.
Solaris 10 has a feature that allows a system administrator to assign process privileges for a non-root user, allowing the non-root user to bind to a port lower than 1024. This means there is no need for Web Server to be started as root just to bind at a port number such as 80. For example, to assign process privileges to allow binding to port 80, do the following:
As root, type the following command:
/usr/sbin/usermod –K defaultpriv=basic,net_privaddr webservd |
For other non-root information in this document, see Configuring Product Components With Non-root Identifiers.
This example provides an installation sequence and configuration procedures for allowing Access Manager to run in a web container that is not owned by root.
If your installation plan calls for deploying Access Manager in an instance of Web Server or Application Server that is not owned by the superuser (root), you must install Access Manager in a separate installation session from Directory Server and Web Server or Application Server.
The general steps for creating this installation sequence include the following:
Session 1, Host A: Installing Directory Server
Session 2, Host B: Installing Web Server
Session 3, Host B: Installing Access Manager
If you have already deployed Access Manager in a root-owned instance of Web Server or Application Server, uninstall any copy of Access Manager before following the procedure in this section.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Installing Directory Server using the Configure Now type
In the Common Server Settings page, enter the non-root user for System User and non-root group for System Group.
Select port numbers for Directory Server that are higher than 1024 (389 for instance LDAP port and 636 for instance SSL LDAP port).
As the non-root user, starting Directory Server (all processes must be owned by the non-root user)
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Installing Web Server using the Configure Now type
In the Common Server Settings page, enter the non-root user for System User and non-root group for System Group.
In the Directory Server Instance Creation page, set System User and System Group to non-root user and group.
In the Web Server: Administration page, change the Administration Runtime User ID to the non-root user.
In the Web Server: Default Web Server Instance page:
Change the Runtime UNIX User ID to the non-root user.
Select a value for HTTP Port that is higher than 1024.
As the non-root user, starting the Web Server administration instance and Web Server instance
All processes should be owned by the non-root users.
The following high-level tasks are required:
Installing Access Manager using the Configure Later type
Changing ownership of the following directories from root/other to the non-root user/non-root group:
These shared component directories must be changed because they are configured into the web container classpath by the Access Manager configuration program. All processes should be owned by the non-root users.
Solaris OS: /opt/SUNWma and /etc/opt/SUNWma
Linux: /opt/sun/mobileaccess and /etc/opt/sun/mobileaccess
chown -R nonroot-user:nonroot-group /opt/SUNWma /etc/opt/SUNWma |
Deploying Access Manager
./amconfig -s ./am.non_root_install |
As the non-root user, stopping the Web Server admin instance and Web Server instance
As root, changing the ownership of the Web Server installation directory
chown -R <non-root-user\>:<non-root-group\> WebServer-base |
As the non root-user, starting the Web Server admin instance and Web Server instance