Configuring Components With Non-root Identifiers

When performing configuration after installation, you can assign a non-root runtime user or group to some component products. For example, you might be deploying Access Manager in an instance of Web Server that is not owned by root.

For purposes of installation to administration, there are many reasons to configure a component with a non-root identifier. You can find examples of using a non-root identifier in Non-Root Examples.

The following sections provide information on configuring the applicable components with non-root identifiers.

You must be root to run the Java ES installer. Because of this, all files placed on the machine by the installer are owned by root.

Configuring Administration Server With Non-root ID

To configure Administration Server with a non-root ID, use the mpsadmserver configure command. See the Sun Java System Administration Server 5 2005Q1 Administration Guidefor more details.

• If you are running the Administration Server as non-root, consider using the same user and group IDs for both the Administration Server as well as the products that are dependant upon it.

• If Directory Server has already been installed, the Administration Server will automatically be owned by the same user and group IDs as applied to the Directory Server.

Configuring Application Server With Non-root ID

To configure Application Server with a non-root ID, you can set up an entire administrative domain owned and operated by a non-root user.

1. Log in to the host using a non–root user ID.

2. Run the asadmin create-domain command with the --domaindir option, pointing to the directory where you have write permissions. For example:

   /opt/SUNWappserver/appserver/bin ./asadmin create-domain --domaindir /export/domains --adminport 5050 --adminuser admin --passwordfile /tmp/passwordfile --instanceport 9090 domain2

   In this example domain2 directory will be created under /export/domains

3. Start this domain using the --domaindir option again. For example:

   /opt/SUNWappserver/appserver/bin ./asadmin start-domain --domaindir /export/domains --user admin --passwordfile /tmp/passwordfile domain2

For more information, see the Sun Java System Application Server Enterprise Edition 8.1 2005Q2 Administration Guide.

Configuring Calendar Server With Non-root ID

To configure Calendar Server with a non-root ID, use the Calendar Server configurator. See the Sun Java System Calendar Server 6 2005Q4 Administration Guide) for details.

Configuring Directory Proxy Server With Non-root ID

To configure Directory Proxy Server with a non-root ID, become superuser and run the quickstart.tcl script. This script adopts the user ID specified for the Administration Server so, when Administration Server uses a non-root user ID, Directory Proxy Server will as well.

Configuring Directory Server With Non-root ID

Use the Directory Server configurator to configure Directory Server with a non-root ID. Install the Directory Server packages using the Configure Later option. After running the installer, set the default Directory Server version to 5.2. Run the Directory Server configurator and specify a non-root user ID. Select a port number greater than 1024.

Configuring Messaging Server With Non-root ID

To configure Messaging Server with a non-root ID, use the Messaging Server configurator. See the Sun Java System Messaging Server 6 2005Q4 Administration Guide for details.

Configuring Portal Server With Non-root ID

To configure Portal Server with a non-root ID, use the Portal Server configurator. Instructions for running the configurator as well as descriptions of the settings used are contained in the Postinstallation Configuration chapter of the Sun Java System Portal Server 6 2005Q4 Administration Guide.

Configuring Web Server With Non-root ID

To configure Web Server with a non-root ID, use the Web Server configurator. See Web Server Postinstallation Configuration.