This chapter describes the information you need to provide to the Sun JavaTM Enterprise System (Java ES) installer for configuring components during a Configure Now installation. This information includes common server settings and component-specific information for those components that can be configured during installation.
Use this chapter in conjunction with the worksheets in Chapter 2, Configuration Worksheets.
This chapter contains the following sections:
For the Configure Now option, the Java ES installer displays configuration pages for the selected components that are configurable during installation. You can accept default information or enter alternate information.
The following components cannot be configured by the Java ES installer: Calendar Server, Communications Express, Delegated Administrator, Directory Server Preparation Tool, Instant Messaging, Messaging Server, Service Registry, and Sun Cluster software.
If you use the Configure Later option, little is required during installation beyond being aware of common server settings and how port settings work. For information on installation directories and port assignments, refer to Chapter 3, Default Installation Directories and Ports.
The component-specific tables in this chapter are grouped in the same way the configuration pages are grouped in the graphical installer: first by component, and then by type of information. The configuration information tables have two columns: “Label and State File Parameter,” and “Description.” The “Label and State File Parameter” column contains the following information:
Label. The text that identifies information in the graphical installer. This is usually a label on an input field.
State File Parameter. The key that identifies the information in a silent installation state file. State file parameters are uppercase and appear in monospace font.
A good way to see how the parameters are used is to examine the example state file in Appendix C, Example State File, in Sun Java Enterprise System 2005Q4 Installation Guide for UNIX.
At the end of an installation session, a summary file contains the configuration values that are set during installation. You can view this file from the installer, or from the directory where the file is saved:
Solaris OS: /var/sadm/install/logs
Linux: /var/opt/sun/install/logs
Default values apply to all installer modes, unless the description provides a separate value for a silent mode state file.
State file values are case sensitive except where noted.
During installation and configuration, you are prompted for values relating to various types of domains, organizations, and related configuration information.
Domain Name System (DNS). The Domain Name System (DNS) is a distributed internet directory service. DNS is used mostly to translate between domain names and IP addresses, and to control email delivery.
DNS Domain Name. A DNS domain name identifies a group of servers on a network. Examples of domain names: example.com, red.example.com
Fully Qualified Domain Name (FQDN). An FQDN is the human-readable name corresponding to the TCP/IP address of a network interface, as found on a server, router, or other networked device. An FQDN for a server includes both its hostname and its domain name. Example of a FQDN for a server: myComputer.example.com
Host Name. The host name is a unique name by which a server is known on a network. A host name can be represented as the combination of a server's local name with its organization's domain name. This representation is also the FQDN for the server. Within the context of a domain, a host name can be represented solely by its local name. This is because the local name must be unique within the domain. Examples of host names:
FQDN representation: myComputer.red.example.com
Local name representation (unique within red.example.com domain): myComputer
Configuration Directory. An instance of Directory Serverthat stores configuration information for various administration domains. Administration Server accesses the configuration directory when administering these domains. The base suffix of the subtree that holds configuration information is always o=NetscapeRoot.
User/Group Directory. An instance of Directory Server that stores information about organizations in an LDAP hierarchy. Typically, organizations are represented by their DNS domain names in the LDAP hierarchy. Each organization in the hierarchy might contain entries representing people, organizational units, printers, documents, and so on.
Administration Domain. A set of servers represented in a Directory Server configuration directory server and administered through the Sun Java System Server Console. Typically, an administration domain is represented in the LDAP hierarchy with its DNS domain name, but you can use any name to represent the group of servers that make up the administration domain.
Email Domain. A unique domain in DNS that is used for routing email. An email domain for an organization can be its DNS domain name, but can also be another domain used to route email. For example: DNS Domain: example.com Email Domain: sfbay.example.com (In Sun's LDAP Schema 2, the email domain is represented in the User/Group directory as an attribute of an organization.)
Authentication Domain. In Access Manager, circle of trust is implemented as an authentication domain. An authentication domain is not a DNS domain. In Access Manager, an authentication domain describes entities that are grouped together for the purposes of identity federation.
Organization DN. The unique name of an organization in the LDAP hierarchy of a User/Group directory. Typically, organizations are represented by their DNS domain names in the LDAP hierarchy by using the o, ou, or dc LDAP attributes. An organization can contain sub-organizations.
Directory Manager. The privileged Directory Server administrator, comparable to the root user in UNIX. The default Directory Manager DN is cn=Directory Manager but can be changed. During installation and configuration, you must supply the Directory Manager DN and password to make changes to the LDAP configuration.
If you are using this chapter to get information to answer configuration questions posed by the installer, do the following:
Locate the section that describes that component.
Find the table whose content matches the installer page being displayed. Each table contains all the fields and questions contained on a single page of the installer.
If you are using this chapter to get information about parameters in a state file, do the following:
If you are using the guide online, use the HTML or PDF search feature to find the parameter string.
If you are using a printed book, refer to the index. The index contains an entry for each parameter name.
When you install components using the Configure Now option, the installer displays a set of common server settings that is used to provide default values for the components that use the settings.
On the configuration pages of the installer, the notation “Shared Default Value” indicates which settings are default values from the Common Server Settings page. You can accept the default value or you can override it by entering a value that is specific to the component you are configuring.
The following table lists the default values for the common server settings.
Table 1–1 Common Server Settings
Label and State File Parameter |
Description |
Default Value |
---|---|---|
CMN_HOST_NAME |
The host name of the host on which you are installing Java ES components. |
Output of the hostname command. Example: thishost |
CMN_DOMAIN_NAME |
Domain for the host on which you are installing. |
Domain name of this computer as registered in the local DNS server. Example: subdomain.domain.com |
Host IP Address |
The IP address of the host on which you are installing. |
The IP address of the local host. Example: 127.51.91.192 |
Administrator User ID |
Default user ID for the administrator for all components being installed. |
admin |
Administrator Password |
Default password for the administrator for all components being installed. |
No default. The password must have at least eight characters. |
CMN_SYSTEM_USER |
User ID (UID) under which component processes run. |
root |
CMN_SYSTEM_GROUP |
Group ID (GID) of the system user. |
other |
The Java ES installer supports the installation of these subcomponents of Access Manager:
Identity Management and Policy Services Core
Access Manager Administration Console
Common Domain Services for Federation Management
Access Manager SDK
Access Manager SDK is automatically installed as part of Identity Management and Policy Services Core, but the SDK can also be installed separately on a remote host. For information about separate installation of Access Manager SDK, refer to Access Manager SDK Configuration Information
The installer needs different information depending on which subcomponents you are installing, as the following table indicates. The table also refers you to the tables where the relevant information is described.
Table 1–2 Information Needed to Install Subcomponents of Access Manager
Components |
Information Needed |
Relevant Material |
---|---|---|
Identity Management and Policy Services Core |
Web container information | |
Directory Server information | ||
Provisioned directory information |
Existing Provisioned Directory Found and No Existing Provisioned Directory Found |
|
Common Domain Services for Federation Management |
Services information |
Installing Access Manager Federation Management (Core Already Installed) |
Access Manager Administration Console |
Administration information | |
Services information |
The installer needs the following information if you are installing Access Manager Administration Console.
Table 1–3 Administration Information for Access Manager
Label and State File Parameter |
Description |
---|---|
Administrator User ID |
Access Manager top-level administrator. This user has unlimited access to all entries managed by Access Manager. The default name, amadmin, cannot be changed. This ensures that the Access Manager administrator role and its privileges are created and mapped properly in Directory Server, allowing you to log onto Access Manager immediately after installation. |
Administrator Password |
Password of the amadmin user. The value must have at least eight characters. The default value is the Administrator Password (CMN_ADMIN_PASSWORD ) you provided under Common Server Settings. Refer to Common Server Settings. |
LDAP User ID |
Bind DN user for LDAP, Membership, and Policy services. This user has read and search access to all Directory Server entries. The default user name, amldapuser, cannot be changed. |
LDAP Password |
Password of the amldapuser user. This password must be different from the password of the amadmin user. It can be any valid Directory Service password. |
Password Encryption Key |
A string that Access Manager uses to encrypt user passwords. Note: For security purposes, it is recommended that the password encryption key be 12 characters or longer. The interactive installer generates a default password encryption key. You can accept the default value or specify any key produced by a J2EE random number generator. During Access Manager installation, its property file is updated and the property am.encryption.pwd is set to this value. The property file is AMConfig.properties . Location is: Solaris OS: /etc/opt/SUNWam/config Linux: /etc/opt/sun/identity/config All Access Manager subcomponents must use the same encryption key that the Identity Management and Policy Services Core uses. If you are distributing Access Manager subcomponents across hosts and installing Administration Console or Common Domain Services for Federation Management, copy the value for am.encryption.pwd as generated by the installation of the core, and paste the value into this field. In a state file, the default is LOCK. Any character combination is permitted. |
Install type AM_REALM |
Indicates the level of interoperability with other components. Choice of Realm mode (version 7.x style) or Legacy mode (version 6.x style). You must use Legacy mode if you are installing Access Manager with Portal Server, Messaging Server, Calendar Server, Delegated Administrator, or Instant Messaging. Accepted values for AM_REALM are Enabled (for Realm 7.x mode) and Disabled (for Legacy 6.x mode). |
The Identity Management and Policy Services Core subcomponent of Access Manager runs in Web Server or Application Server.
This component also runs in a third-party web container, however, you must install AM using the Configure Later option. In this case, configuration is done after installation.
The information that the installer needs is different for each web container:
For Web Server, see Web Container Information: Access Manager with Web Server
For Application Server, see Web Container Information: Access Manager with Application Server
This section describes the information that the installer needs when Web Server is the web container for the Identity Management and Policy Services Core subcomponent of Access Manager.
Table 1–4 Web Container Information for Access Manager with Web Server
Label and State File Parameter |
Description |
---|---|
Host Name |
The fully qualified domain name for the host. For example, if this host is siroe.example.com, this value is siroe.example.com. The default value is the fully qualified domain name for the current host. |
Web Server Port |
Port on which Web Server listens for HTTP connections. The default value is 80. If you are installing Web Server in this installer session, the default value is the Web Server HTTP Port (WS_ADMIN_PORT) value. Refer to Web Server: Default Web Server Instance Information. |
Web Server Instance Directory |
Path to the directory where an instance of Web Server is installed. The path must have the following syntax: WebServer-base/https-webserver-instancename If you are installing Web Server in this session, the default value for WebServer-base is the Web Server installation directory: Solaris OS: /opt/SUNWwbsvr Linux: /opt/sun/webserver |
Document Root Directory IS_WS_DOC_DIR |
Directory where Web Server stores content documents. If you are installing Web Server in this installer session, the default value is the Web Server value Document Root Directory (WS_INSTANCE_CONTENT_ROOT ). Refer to Web Server: Default Web Server Instance Information. If you are not installing Web Server, the default location is WebServer-base/docs. The default value for WebServer-base is the Web Server installation directory: Solaris OS: /opt/SUNWwbsvr Linux: /opt/sun/webserver |
Secure Server Instance Port IS_SERVER_PROTOCOL |
Specify whether the port for the Web Server instance is a secure port. A secure port uses the HTTPS protocol. A non-secure port uses HTTP. In a state file, specify https for a secure port or http for a non-secure port. The default value is http. |
This section describes the information that the installer needs when Application Server is the web container for the Identity Management and Policy Services Core subcomponent of Access Manager.
Table 1–5 Web Container Information for Access Manager with Application Server
Label and State File Parameter |
Description |
---|---|
Installation Directory |
Path to the directory where Application Server is installed. If you are installing Application Server, this value defaults to the value you specified for the Application Server installation directory. The default value is: Solaris OS: /opt/SUNWappserver/appserver Linux: /opt/sun/appserver |
Access Manager Runtime Instance |
Name of the Application Server instance that will run Access Manager. The default value is server. |
Instance Directory |
Path to the directory where Application Server stores files for the instance. Default value: Solaris OS: /var/opt/SUNWappserver/domains Linux: /var/opt/sun/appserver/domains |
Access Manager Instance Port |
Port on which Application Server listens for connections to the instance. The default value is 8080. |
Document Root |
Directory where Application Server stores content documents. The default document root is the instance directory specified by IS_IAS81INSTANCEDIR , with domainname/docroot appended at the end. For example: IS_IAS81INSTANCEDIR/domainname /docroot |
Administrator User ID |
User ID of the Application Server administrator. The default value is the Administrator User ID you provided under Common Server Settings. Refer to Common Server Settings. |
Administrator Password |
Password of the Application Server administrator. The default value is the Administrator User password you provided under Common Server Settings. Refer to Common Server Settings. |
Administrator Port |
Port on which the Administration Server for Application Server listens for connections. The default value is 4849. |
Secure Server Instance Port IS_SERVER_PROTOCOL |
Specify whether the value for Instance Port (IS_IAS81INSTANCE_PORT) refers to a secure port. A secure port uses the HTTPS protocol. A non-secure port uses HTTP. In a state file, specify https for a secure port or http for a non-secure port. The default value is http. |
Secure Administration Server Port ASADMIN_PROTOCOL |
Specify whether the value for Administrator Port (IS_IAS81_ADMINPORT) is a secure port. A secure port uses the HTTPS protocol. A non-secure port uses HTTP. In a state file, specify https for a secure port or http for a non-secure port. The default value is https. |
The installer needs different information about Access Manager services for different Access Manager subcomponents.
Installing Access Manager Console (Core Not Already Installed)
Installing Access Manager Federation Management (Core Already Installed)
This section describes the services information that the installer needs when you are installing the Identity Management and Policy Services Core and the Access Manager Administration Console subcomponents.
In this scenario, you can deploy a new console or use a previously deployed console. If you deploy a new console, some information in Installing Access Manager Core and Console is not needed, as the Description column indicates.
Table 1–6 Access Manager Services Information for Installing Core and Console
Label and State File Parameter |
Description |
---|---|
Host Name |
Fully qualified domain name of the host on which you are installing. The default value is the fully qualified domain name of the local host. |
Services Deployment URI |
Uniform Resource Identifier (URI) prefix for accessing the HTML pages, classes, and JAR files associated with the Identity Management and Policy Services Core subcomponent. The default value is amserver. Do not enter a leading slash. |
Common Domain Deployment URI |
URI prefix for accessing the common domain services on the web container. The default value is amcommon. Do not enter a leading slash. |
Cookie Domain |
The names of the trusted DNS domains that Access Manager returns to a browser when Access Manager grants a session ID to a user. You can scope this value to a single top-level domain, such as example.com . The session ID will provide authentication for all subdomains of example.com. Alternatively, you can scope the value to a comma-separated list of subdomains, such as .corp.example.com,.sales.example.com. The session ID will provide authentication for all subdomains in the list. A leading dot (.) is required for each domain in the list. The default value is the current domain, prefixed by a dot (.). |
Administration Console: Deploy new console and Use existing console USE_DSAME_SERVICES_WEB_CONTAINER |
Choose Deploy new console to deploy the console into the web container of the host on which Access Manager is being installed. Choose Use existing console to use an existing console that is deployed on another host. In both cases, you specify the Console Deployment URI and Password Deployment URI. If you choose to use an existing console, you must also specify the Console Host Name and Console Port. In a state file, specify true to deploy a new console or false to use an existing console. |
Console Deployment URI |
URI prefix for accessing the HTML pages, classes and JAR files associated with the Access Manager Administration Console subcomponent. Depends on the Access Manager mode: Legacy mode (6.x): /amconsole or /amserver Realm mode (7.x): /amserver The default value is amconsole. Do not enter a leading slash. |
Password Deployment URI |
URI that determines the mapping that the web container running Access Manager will use between a string you specify and a corresponding deployed application. The default value is ampassword. Do not enter a leading slash. |
Console Host Name |
Fully qualified domain name for the server hosting the existing console. This value is not needed if you are deploying a new console. In graphical installation mode, you can edit the field only if you are using an existing console. The default value contains the value that you provided for Host (IS_SERVER_HOST ), a dot, and then the value that you provided for DNS Name in the Common Server Settings. Refer to Common Server Settings. As an example, if the host is siroe and the domain is example.com, the default value is siroe.example .com. |
Console Port |
Port on which the existing console listens for connections. Permitted values are any valid and unused port number, in the range 0 (zero) through 65535. This value is not needed if you are deploying a new console. In graphical installation mode, you can edit the field only if you are using an existing console. The default value is the value you provided for one of the following web container ports:
|
This section describes the services information the installer needs when the following are both true:
You are installing only the Access Manager Administration Console subcomponent.
The Identity Management and Policy Services Core subcomponent is already installed on the same host.
You can only install AM Console by itself in Realm mode (7.x). This cannot be done in Legacy mode (6.x).
Label and State File Parameter |
Description |
---|---|
Console Deployment URI |
URI prefix for accessing the HTML pages, classes and JAR files associated with the Access Manager Administration Console subcomponent. Depends on the Access Manager mode: Realm mode (6.x): /amconsole or /amserver Legacy mode (7.x): /amserver |
Password Services Deployment URI |
URI that determines the mapping that the web container running Access Manager will use between a string you specify and a corresponding deployed application. The default value is ampassword. Do not enter a leading slash. |
This section describes the services information the installer needs when the following are both true:
You are installing only the Access Manager Administration Console subcomponent.
The Identity Management and Policy Services Core subcomponent is not installed on the same host.
Label and State File Parameter |
Description |
---|---|
Web Container for Access Manager Administration Console | |
Console Host Name |
Fully qualified domain name for the host on which you are installing. |
Console Deployment URI |
URI prefix for accessing the HTML pages, classes and JAR files associated with the Access Manager Administration Console subcomponent. Depends on the Access Manager mode: Legacy mode (6.x): /amconsole or /amserver Realm mode (7.x): /amserver |
Password Services Deployment URI |
Deployment URI for the password service. The default value is ampassword. Do not enter a leading slash. |
Web Container for Access Manager Services | |
Services Host Name |
Fully qualified domain name of the host where the Identity Management and Policy Services Core subcomponent is installed. The default value is the fully qualified domain name of this host. Use the default value as an example of format only, and edit the value to supply the correct remote host name. In a state file, supply the fully qualified domain name of a remote host. |
Port |
Port on which the Identity Management and Policy Services Core subcomponent listens for connections. This port is the HTTP or HTTPS port used by the web container. |
Services Deployment URI |
URI prefix for accessing the HTML pages, classes, and JAR files associated with the Identity Management and Policy Services Core subcomponent. The default value is amserver. Do not enter a leading slash. |
Cookie Domain |
The names of the trusted DNS domains that Access Manager returns to a browser when Access Manager grants a session ID to a user. You can scope this value to a single top-level domain, such as example.co m. The session ID will provide authentication for all subdomains of example.com. Alternatively, you can scope the value to a comma-separated list of subdomains, such as .corp.example.com,.sales.example.com. The session ID will provide authentication for all subdomains in the list. A leading dot (.) is required for each domain. The default value is the current domain, prefixed by a dot (.). |
This section describes the services information the installer needs when you are installing only the Common Domain Services for Federation Management subcomponent.
Table 1–9 Access Manager Services Information for Installing Federation Management (Core Already Installed)
Label and State File Parameter |
Description |
---|---|
Common Domain Deployment URI |
URI prefix for accessing the common domain services on the web container. The default value is amcommon. Do not enter a leading slash. |
The installer needs the following information if you are installing Identity Management and Policy Services Core.
Table 1–10 Directory Server Information for Access Manager
Label and State File Parameter |
Description |
---|---|
Directory Server Host |
A host name or value that resolves to the host on which Directory Server resides. The default value is the fully qualified domain name of the local host. For example, if the local host is siroe.example.com, the default value is siroe.example.com. |
Directory Server Port |
Port on which Directory Server listens for client connections. The default value is 389. |
Access Manager Directory Root Suffix |
Distinguished name (DN) to set as the Access Manager root suffix. The default value is based on the fully qualified domain name for this host, minus the host name. For example, if this host is siroe.subdomain.example.com , the value is dc=subdomain,dc=example,dc=com |
Directory Manager DN IS_DIRMGRDN |
DN of the user who has unrestricted access to Directory Server. The default value is cn=Directory Manager. |
Directory Manager Password |
Password for the directory manager. |
The information needed to configure a provisioned directory depends on whether the installer detects an existing provisioned directory on your host.
When the installer is generating a state file, IS_EXISTING_DIT_SCHEMA=y is written to the state file if the installer finds an existing provisioned directory. The installer writes IS_EXISTING_DIT_SCHEMA=n to the state file if the installer does not find an existing provisioned directory.
If the installer finds an existing provisioned directory, you provide the following information.
Table 1–11 Existing Provisioned Directory Information for Access Manager
Label and State File Parameter |
Description |
---|---|
User Naming Attribute IS_USER_NAMING_ATTR |
Naming attribute used for users in the provisioned directory. The default value is uid. |
If the installer does not find an existing provisioned directory, you can choose whether to use an existing provisioned directory. If you answer Yes to the first question in this table, you must answer the remaining questions in the table.
Table 1–12 No Existing Provisioned Directory Information for Access Manager
Label and State File Parameter |
Description |
---|---|
Is Directory Server provisioned with user data? |
Specifies whether you want to use an existing provisioned directory. The default value is No. In a state value, permitted values are y or n. The default value is n. |
Organization Marker Object Class |
Object class defined for the organization in the existing provisioned directory. This value is used only if the value for the first item in this table is Yes. The default value is SunISManagedOrganization. |
Organization Naming Attribute |
Naming attribute used to define organizations in the existing provisioned directory. This value is used only if the value for the first item in this table is Yes. The default value is o. |
User Marker Object Class |
Object class defined for users in the existing provisioned directory. This value is used only if the value for the first item in this table is Yes. The default value is inetorgperson. |
User Naming Attribute |
Naming attribute used for users in the existing provisioned directory. This value is used only if the value for the first item in this table is Yes. The default value is uid. |
Access Manager SDK is automatically installed when you install Identity Management and Policy Services Core, a subcomponent of Access Manager. You can also install Access Manager SDK as a discrete component on a host that is remote from the Access Manager core services.
Before you install Access Manager SDK, the Access Manager core services must be installed and running on a remote host. The web container information and Directory Server configuration information that you provide during this installation must match the web container and Directory Server configuration information that you provided during installation of Access Manager core services.
When the installer asks for information about the remote web container and Directory Server, default values are displayed based on the local host.
Do not accept the default values; use them only as examples of format. Instead, you must supply the correct remote information.
If you are installing Access Manager SDK as a discrete component, you must provide the following types of information:
The installer needs the following administration information if you are installing only Access Manager SDK.
Table 1–13 Administration Information for Access Manager SDK
Label and State File Parameter |
Description |
---|---|
Administrator User ID |
Access Manager top-level administrator. This user has unlimited access to all entries managed by Access Manager. The default name, amadmin, cannot be changed. This ensures that the Access Manager administrator role and its privileges are created and mapped properly in Directory Server, allowing you to log onto Access Manager immediately after installation. |
Administrator Password |
Password of the amadmin user. The value must have at least eight characters. Set this value to the same value used by Access Manager on the remote host. The default value is the Administrator Password (CMN_ADMIN_PASSWORD ) you provided under Common Server Settings. Refer to Common Server Settings. |
LDAP User ID |
Bind DN user for LDAP, Membership, and Policy services. This user has read and search access to all Directory Server entries. The default user name, amldapuser, cannot be changed. |
LDAP Password |
Password of the amldapuser user. This password must be different from the password of the amadmin user. It can be any valid Directory Service password. Set this value to the same value used by Access Manager on the remote host. |
Password Encryption Key |
A string that Access Manager uses to encrypt user passwords. Note: For security purposes, it is recommended that the password encryption key be 12 characters or longer. All Access Manager subcomponents must use the same encryption key that the Identity Management and Policy Services Core uses. To specify the encryption key for Access Manager SDK, do the following:
|
The installer needs the following Directory Server information if you are installing Access Manager SDK without other Access Manager subcomponents.
Table 1–14 Directory Server Information for Access Manager SDK
Label and State File Parameter |
Description |
---|---|
Directory Server Host |
A host name or value that resolves to the host on which Directory Server resides. Set this value to the same value used by Access Manager on the remote host. |
Directory Server Port |
Port on which Directory Server listens for client connections. Set this value to the same value used by Access Manager on the remote host. |
Access Manager Directory Root Suffix |
The distinguished name (DN) specified as the Access Manager root suffix when Directory Server was installed. This root suffix indicates the part of the directory that is managed by Access Manager. Set this value to the same value used by Access Manager on the remote host. The default value is based on the fully qualified domain name for this host, minus the host name. For example, if this host is siroe.subdomain.example.com , the value is dc=subdomain,dc=example,dc=com. Use this default value as an example of format only. |
Directory Manager DN IS_DIRMGRDN |
DN of the user who has unrestricted access to Directory Server. Set this value to the same value used by Access Manager on the remote host. The default value is cn=Directory Manager. |
Directory Manager Password |
Password for the directory manager. Set this value to the same value used by Access Manager on the remote host. |
The information needed to configure a provisioned directory depends on whether the installer detects an existing provisioned directory on your host.
When the installer is generating a state file, IS_EXISTING_DIT_SCHEMA=y is written to the state file if the installer finds an existing provisioned directory. The installer writes IS_EXISTING_DIT_SCHEMA=n to the state file if the installer does not find an existing provisioned directory.
If the installer finds an existing provisioned directory, you provide the following information.
Table 1–15 Existing Provisioned Directory Information for Access Manager SDK
Label and State File Parameter |
Description |
---|---|
User Naming Attribute IS_USER_NAMING_ATTR |
Naming attribute used for users in the provisioned directory. The default value is uid. |
If the installer does not find an existing provisioned directory, you can choose whether to use an existing provisioned directory. If you answer Yes to the first question in this table, you must answer the remaining questions in the table.
Table 1–16 No Existing Provisioned Directory Information for Access Manager SDK
Label and State File Parameter |
Description |
---|---|
Is Directory Server provisioned with user data? |
Specifies whether you want to use an existing provisioned directory. The default value is No. In a state value, permitted values are y or n. The default value is n. |
Organization Marker Object Class |
Object class defined for the organization in the existing provisioned directory. This value is used only if the value for the first item in this table is Yes. The default value is SunISManagedOrganization. |
Organization Naming Attribute |
Naming attribute used to define organizations in the existing provisioned directory. This value is used only if the value for the first item in this table is Yes. The default value is o. |
User Marker Object Class |
Object class defined for users in the existing provisioned directory. This value is used only if the value for the first item in this table is Yes. The default value is inetorgperson. |
User Naming Attribute |
Naming attribute used for users in the existing provisioned directory. This value is used only if the value for the first item in this table is Yes. The default value is uid. |
The installer needs the following web container information if you are installing only Access Manager SDK.
Table 1–17 Web Container Information for Access Manager SDK
Label and State File Parameter |
Description |
---|---|
Host IS_WS_HOST_NAME (Web Server) |
Host name of the web container that runs Access Manager core services. Use the value specified during the installation of Access Manager on the remote host. There is no default value. |
Services Deployment URI |
URI prefix for accessing the HTML pages, classes, and JAR files associated with Access Manager. Set this value to the same value used by Access Manager on the remote host. The default value is amserver. Do not enter a leading slash. |
Cookie Domain |
The names of the trusted DNS domains that Access Manager returns to a browser when Access Manager grants a session ID to a user. Set this value to the same value used by Access Manager on the remote host. The default value is the current domain, prefixed by a dot (.). |
Services Port IS_WS_INSTANCE_PORT (Web Server) IS_IAS81INSTANCE_PORT (Application Server) |
Port number of the web container instance that runs Access Manager core services. Use the port number specified when Access Manager core services were installed. |
Label and State File Parameter |
Description |
---|---|
Server Root |
Base pathname under which the components managed by Administration Server are installed. The default value is: Solaris OS: /var/opt/mps/serverroot Linux: /var/opt/sun/directory-server |
Administration Port |
Port to use when connecting to this Administration Server through Administration Console over HTTP. The default value is 390. Any available port number is permitted. |
Administration Domain |
A name for a collection of servers that will share a directory service. The suggested default value is the host domain name that you set under Common Server Settings. Refer to Common Server Settings. However, administrative domain does not have to match or be associated with a network domain. |
System User ADMINSERV_SYSTEM_USER |
User ID under which Administration Server processes run. Any valid system user is permitted. The default value is the system user you provided under Common Server Settings. Refer to Common Server Settings Note: This value must be the same as the value for the associated Directory Server. |
System Group ADMINSERV_SYSTEM_GROUP |
Any valid system group is permitted. The default value is the system group you provided under Common Server Settings. Refer to Common Server Settings Note: This value must be the same as the value for the associated Directory Server. |
Label and State File Parameter |
Description |
---|---|
Administration User ID |
User ID of the configuration directory administrator. Administration Server uses this identity when managing configuration directory data. The default value is the Administrator User ID you provided under Common Server Settings. Refer to Common Server Settings. If you are installing Directory Server in this session, the default value is the Directory Server Administrator User ID. Refer to Directory Server: Administration Information. |
Administrator Password |
Password for the configuration directory administrator. The default value is the Administrator User Password you provided under Common Server Settings. Refer to Common Server Settings. If you are installing Directory Server in this session, the default value is the Directory Server Administrator User Password. Refer to Directory Server: Administration Information. |
Directory Server Host ADMINSERV_CONFIG_DIR_HOST |
Specifies a host name or value that resolves to the host on which the configuration directory resides. The configuration directory stores configuration data for all servers belonging to the Administration Domain. If you are installing Directory Server in this session, the default value is the Host Name (CMN_HOST_NAME) that you provided under Common Server Settings. Refer to Common Server Settings If you are not installing Directory Server in this session, there is no default value. |
Directory Server Port ADMINSERV_CONFIG_DIR_PORT |
Port to use when binding to the configuration directory for LDAP operations. Any valid port number that is not in use is permitted. The default value is 389. If you are installing Directory Server in this session, the default value is the value of the Directory Server Port. Refer to Directory Server: Server Settings Information. If you are not installing Directory Server in this session, there is no default value. |
The installer needs the following information for Application Server:
Label and State File Parameter |
Description |
---|---|
Admin User Name |
User ID of the Application Server administrator. The default value is the Administrator User ID you provided under Common Server Settings. Refer to Common Server Settings. |
Password |
Password for the Application Server administrator. The default value is the Administrator Password you provided under Common Server Settings. Minimum of 8 characters. Refer to Common Server Settings. |
Admin Port |
Port on which Application Server’s administrative server listens for connections. Provides access to the administration tools. The default value is 4849. |
JMX Port |
Port on which Application Server listens for JMX connections. The default value is 8686. |
HTTP Server Port |
Port on which Application Server listens for HTTP connections. The default value is 8080. If the installer detects that the default port is used, an alternative value is suggested. |
HTTPS Port |
Port on which Application Server listens for HTTPS connections. The default value is 8181. |
Master Password |
SSL certificate database password, used for asadmin operations such as Domain Administration Server startup and Node Agent startup. The default value is the Administrator Password you provided under Common Server Settings. Minimum of 8 characters. |
The installer needs the following information on node administration.
Table 1–21 Node Agent Information for Application Server
Label and State File Parameter |
Description |
---|---|
Admin Host Name |
Host name for domain administration which the node agent can connect to. There is no default value. |
Admin User Name |
User ID of the Application Server admin user. The default value is the Administrator User ID you provided under Common Server Settings. |
Password |
Password for the Application Server admin user. There is no default value. |
Master Password |
SSL certificate database password, used for asadmin operations such as Domain Administration Server startup and Node Agent startup. There is no default value. |
Admin Port |
Port on which Application Server’s node agent listens for connections. Provides access to the administration tools. The default value is 4849. |
Node Agent Name |
Name of the local node. The default value is the local host name. |
Label and State File Parameter |
Description |
---|---|
Web server that the load balancing plugin will use |
Choice of Sun Java System Web Server or Apache Web Server. The default value is Sun Java System Web Server. |
Location of the web server |
Instance directory for Web Server and installation directory for Apache HTTP Server. The default value is Web Server if you are installing Web Server in the same session you install the load balancing plugin. For example: Solaris OS: /opt/SUNWwbsvr /https-hostname .domainname Linux: /opt/sun/webserver/https-hostname. domainname |
The installer needs the following information for Directory Server:
Label and State File Parameter |
Description |
---|---|
Administrator User ID |
User with administrator privileges for the configuration directory. This user can modify Directory Server configuration, including creating and removing suffixes, but access control restrictions apply. The default value is the Administrator User ID you provided under Common Server Settings. Refer to Common Server Settings. |
Administrator Password |
Password for the Administrator. The default value is the Administrator Password you provided under Common Server Settings. Refer to Common Server Settings. |
Directory Manager DN |
Distinguished Name (DN) of the user who has unrestricted access to Directory Server. The default value is cn=Directory Manager. |
Directory Manager Password |
Password for the directory manager. There is no default value. |
Label and State File Parameter |
Description |
---|---|
Directory Server Root |
Directory Server location in which the directory configuration data is placed. The default value is: Solaris OS: /var/opt/mps/serverroot Linux: /var/opt/sun/directory-server |
Server Identifier |
Name that identifies a Directory Server instance in the Administration Console. The name must conform to operating system file naming conventions. Periods and spaces are not allowed. The default value is the Host Name (CMN_HOST_NAME) that you provided under Common Server Settings. Refer to Common Server Settings. |
Server Port |
Port on which Directory Server listens for client connections. The default value is 389. |
Suffix |
Initial directory suffix managed by this instance. The default value is formed by the segments of the fully qualified domain name for the current host. For example, if you install on siroe.sub1.example.com , the default value is dc=sub1,dc=example,dc=com. |
Administration Domain |
Group of server products that share a user directory for data management and authentication. The default value is the value that you specified for DNS Domain Name ( CMN_DOMAIN_NAME) under Common Server Settings. Refer to Common Server Settings. |
System User |
User name (UID) that Directory Server uses to run on the host. Use the name, not the ID number. The default value is the System User you provided under Common Server Settings. Refer to Common Server Settings. Note: This value must be the same as the value for the associated Administration Server. |
System Group |
Group name (GID) in which the Directory Server runs as a user. Use the name, not the ID number. The default value is the System Group you provided under Common Server Settings. Refer to Common Server Settings. Note: This value must be the same as the value for the associated Administration Server. |
Configuration data for this Directory Server instance can be stored in this Directory Server instance, or in an existing Directory Server instance on another host. If you store configuration data in this instance, you respond only to the first question in this table. If you store configuration data in another instance, you provide all information listed in this table.
Table 1–25 Configuration Directory Server Information for Directory Server
User data and group data can be stored in this instance of Directory Server or in an existing instance. The configuration information listed in the following table is needed only if you are storing user data and group data from this instance of Directory Server in the user directory of another instance.
Table 1–26 Data Storage Location Information for Directory Server
You can populate the user directory of Directory Server during the installation and configuration process, rather than as a separate subsequent step.
Table 1–27 Populate Data Information for Directory Server
If Administration Server is installed at the same time as Directory Proxy Server, Administration Server must also be configured.
If you are installing Directory Proxy Server onto a host that has a previously installed version of Administration Server, the installer also needs server root information.
The installer needs port selection information for Directory Proxy Server.
Table 1–28 Port Selection Information for Directory Proxy Server
Label and State File Parameter |
Description |
---|---|
Directory Proxy Server Port |
Port on which Directory Proxy Server listens for client connections. The default value is 489. |
The installer needs the values in the following table only if a previous installation of Administration Server is present.
Table 1–29 Server Root Information for Directory Proxy Server
Label and State File Parameter |
Description |
---|---|
Administration Server Root Directory |
The file system directory where Administration Server configuration data for this instance of Directory Proxy Server is stored. This directory is associated with the Server Root (ADMINSERV_ROOT) in the Administration Server configuration. See Administration Server: Administration Information. The format for this value is a fully qualified path name on the local file system. There is no default value. |
The installer needs the following information for HADB .
Table 1–30 Port Selection Information for HADB
Label and State File Parameter |
Description |
---|---|
HADB_DEFAULT_ADMINPORT |
Port on which the HADB management listens. The default value is 1862. |
HADB_DEFAULT_RESDIR |
Location where HADB stores resource contents. The default value is /var/opt. |
HADB_DEFAULT_GROUP |
Group (GID) in which the default instance of HADB runs as a user. The default value is other. |
HADB_AUTO_START |
Choose this option to direct the installer to configure HADB to start automatically when the system restarts. The default value is yes. |
HADB_ALLOW_GROUPMANAGE |
Choose this option when you want HADB to be managed by the group. The default value is no. |
The installer needs the following information for Portal Server:
Portal Server runs in one of four web containers. The information that the installer needs is different for each web container. The following table lists the four web containers and the tables that describe the information required for each web container.
Table 1–31 Web Container Information for Portal Server
Web Container |
Refer to the Following |
---|---|
Web Server | |
Application Server |
Web Container Information: Portal Server with Application Server |
BEA WebLogic | |
IBM WebSphere Application Server |
This section describes the information that the installer needs when Web Server is the web container for Portal Server.
Table 1–32 Web Container Information for Portal Server with Web Server
Label and State File Parameter |
Description |
---|---|
Installation Directory |
Directory in which the Web Server is installed. The default value is: Solaris OS: /opt/SUNWwbsvr Linux: /opt/sun/webserver |
Server Instance |
Web Server instance you want the Portal Server to use. |
Server Instance Port |
Port on which Web Server listens for HTTP connections. The default value is 80. If you are installing Web Server in this installer session, the default value is the Web Server HTTP Port (WS_ADMIN_PORT) value. Refer to Web Server: Default Web Server Instance Information |
Server Document Root |
Directory where static pages are kept. The default value is: Solaris OS: /opt/SUNWwbsvr/docs Linux: /opt/sun/webserver/docs |
Secure Server Instance Port |
Specify whether the port for the Web Server instance is a secure port. A secure port uses the HTTPS protocol. A non-secure port uses HTTP. In a state file, specify https for a secure port or http for a non-secure port. The default value is http. |
This section describes the information that the installer needs when Application Server is the web container for Portal Server.
Table 1–33 Web Container Information for Portal Server with Application Server
Label and State File Parameter |
Description |
---|---|
Installation Directory |
Directory in which Application Server is installed. The default value is: Solaris OS: /opt/SUNWappserver/appserver Linux: /opt/sun/appserver |
Domain Name |
Name of the Application Server instance to which the Portal Server will be deployed. This name is also the name of the Application Server instance directory. The default value is domain1. |
Server Instance Directory |
Path to the Application Server directory for the domain to which you want to deploy this Portal Server instance. The default value is: Solaris OS: /var/opt/SUNWappserver/domains/domain1 Linux: /var/opt/sun/appserver/domains/domain1 |
Server Instance Port |
Port on which Application Server listens for connections to the instance. The default value is 8080. |
Document Root Directory |
Name of the directory where static pages are kept. The default value is: Solaris OS: /var/opt/SUNWappserver/domains/domain1/docroot Linux: /var/opt/sun/appserver/domains/domain1/docroot |
Administration Port |
Port on which the Application Server administration instance is running, for the domain in which Portal Server is being installed. The default value is 4849. |
Administrator User ID |
User ID that Portal Server uses to access the Application Server as administrator. The default value is admin. |
Administrator Password |
Password that the Portal Server uses to access the Application Server as administrator. |
Secure Server Instance Port |
Specify whether the value for Server Instance Port refers to a secure port. A secure port uses the HTTPS protocol. A non-secure port uses HTTP. In a state file, specify https for a secure port or http for a non-secure port. The default value is http. |
Secure Administration Server Port |
Specify whether the value for Administration Port is a secure port. A secure port uses the HTTPS protocol. A non-secure port uses HTTP. In a state file, specify https for a secure port or http for a non-secure port. The default value is http. |
This section describes the information the installer needs when BEA WebLogic is the web container for Portal Server.
Table 1–34 Web Container Information for Portal Server with BEA WebLogic
Label and State File Parameter |
Description |
---|---|
Home Directory |
Path to the BEA WebLogic home directory. The default value is /usr/local/bea. |
Product Installation Directory |
Path to the directory where BEA WebLogic is installed. The default is /usr/local/bea/weblogic81. |
User Project’s Directory |
Path to the directory where BEA WebLogic stores user projects. The default is user_projects. |
Product JDK Directory PS_DEPLOY_JDK_DIR |
Path to the directory where the copy of JDK that BEA WebLogic uses is installed. The default is /usr/local/bea/jdk141_05. |
Server / Cluster Domain |
Name of the BEA WebLogic domain in which BEA WebLogic is deployed. The default is mydomain. |
Server / Cluster Instance |
Name of the BEA WebLogic instance that will run Portal Server. The default is myserver. |
Server / Cluster Port |
Port on which BEA WebLogic listens for administrative connections. The default is 7001. |
Server / Cluster Protocol |
Specify whether the value for Server / Cluster Port is a secure port. A secure port uses the HTTPS protocol. A non-secure port uses HTTP. The default is http. |
Document Root Directory |
Path to the directory where BEA WebLogic stores content documents. |
Administrator User ID |
User name of the BEA WebLogic administrator (system user). The default is weblogic. |
Administrator Password |
Password of the BEA WebLogic administrator (system user). |
Managed Server |
Enables you to indicate that the BEA WebLogic Server is a managed server. If the BEA WebLogic Server is a managed server, the Portal Server web applications should not be deployed to the specified WebLogic Server Instance. In a state file, specify n for a managed server or y for a non-managed server. The default value is y. |
This section describes the information that the installer needs when IBM WebSphere Application Server is the web container for Portal Server.
Table 1–35 Web Container Information for Portal Server with IBM WebSphere
Label and State File Parameter |
Description |
---|---|
Installation Directory |
Path to the directory where IBM WebSphere Application Server is installed. The default value is /opt/IBM/WebSphere/Express51/AppServer. |
Virtual Host |
Name of the virtual host alias for the IBM WebSphere Application Server instance. The default value is default_host. |
Cell |
Name of the IBM WebSphere Application Server cell. The default value is DefaultNode. |
Node |
Name of the IBM WebSphere Application Server node. The default value is DefaultNode |
Server Instance |
Name of the IBM WebSphere Application Server instance. The default value is server1. |
Server Instance Port |
Port on which the IBM WebSphere application instance listens for HTTP connections. Typically, these are configured to come from a front end web server. The default value is 9080. |
Document Root Directory |
Directory where IBM WebSphere Application Server stores content documents. The default value is /opt/IBM/WebsSphere/Express51/Appserver/web/docs If you are using a language other than English, change the final part of the path name. |
Java Home Directory PS_DEPLOY_JDK_DIR |
Path to the Java installation that IBM WebSphere Application Server uses. The default is /opt/IBM/WebsSphere/Express51/Appserver/java. |
Secure server instance |
Specify whether the Server Instance Port is a secure port. A secure port uses the HTTPS protocol. A non-secure port uses HTTP. In a state file, specify https for a secure port or http for a non-secure port. The default value is http. |
This section describes web container deployment information that the installer needs for Portal Server.
Table 1–36 Portal Information for Portal Server, All Scenarios
Label and State File Parameter |
Description |
---|---|
Load Balancer Protocol |
Specifies whether the load balancer uses HTTP or HTTPS protocol. This option is enabled only if you specify the “Load Balancer controlling multiple Portal Servers” option. Used to construct the PS_LOAD_BALANCER_URL parameter. |
Load Balancer Host |
The fully qualified name of the load balancer host. This option is enabled only if you specify the “Load Balancer controlling multiple Portal Servers” option. Used to construct the PS_LOAD_BALANCER_URL parameter. |
Load Balancer Port |
The port on which the load balancer listens for connections. This option is enabled only if you specify the “Load Balancer controlling multiple Portal Servers” option. Used to construct the PS_LOAD_BALANCER_URL parameter. |
Deployment URI |
Uniform Resource Identifier (URI) prefix for accessing the HTML pages, classes, and JAR files associated with Portal Server. The value must have a leading slash and must contain only one slash. The default value is /portal. |
Load Balancer controlling multiple Portal Servers |
Specify whether the Portal Server you are installing is accessed through a load balancer that is controlling multiple Portal Servers. |
Install Sample Portal |
Specify whether to install a sample portal. In a state file, the value can be y or n. The default value is y. |
This section first describes installation of Secure Remote Access Core, and then describes installation of the Gateway, Netlet Proxy, and Rewriter Proxy subcomponents of Portal Server Secure Remote Access.
This section lists the types of information that the installer needs when installing Portal Server Secure Remote Access Core. The information that you must supply differs according to which of the following scenarios applies:
Single-session installation. You are installing Portal Server and Portal Server Secure Remote Access together.
Multiple Session installation. You install Portal Server in one session, and then install Portal Server Secure Remote Access in a later session.
Portal Server Situation |
Requirements |
Location of Information |
---|---|---|
Portal Server is being installed in this session. |
Gateway information | |
Portal Server Is already installed and using Web Server or IBM WebSphere Application Server. |
Web Container Deployment information Gateway information Access Manager information |
Multiple Session Installation with Sun Java System Web Server or IBM WebSphere Application Server |
Portal Server Is already installed and using Application Server. |
Web Container Deployment information Access Manager information Gateway information Sun Java System Application Server information |
Multiple Session Installation with Sun Java System Application Server or BEA WebLogic |
Portal Server Is already installed and using BEA WebLogic. |
Web Container Deployment information Gateway information Access Manager information BEA WebLogic information |
Multiple Session Installation with Sun Java System Application Server or BEA WebLogic |
When you install Portal Server Secure Remote Access Core and Portal Server in a single session, you provide information about Portal Server Secure Remote Access Gateway. The installer obtains other Portal Server Secure Remote Access configuration information from the Portal Server configuration.
This section describes the gateway information that the installer needs when you are installing Portal Server Secure Remote Access Core.
Table 1–38 Portal Server Secure Remote Access Gateway Information
Label and State File Parameter |
Description |
---|---|
Gateway Protocol SRA_GATEWAY_PROTOCOL |
Protocol that the gateway uses to communicate with Portal Server. A secure port uses the HTTPS protocol. A non-secure port uses HTTP. In a state file, specify https for a secure port or http for a non-secure port. The default value is https. |
Portal Server Domain SRA_SERVER_DOMAIN |
Domain name of the Portal Server. For example, if the fully qualified domain name is siroe.subdomain1.example.com , enter subdomain1.example.com. |
Gateway Domain SRA_GATEWAY_DOMAIN |
Domain name for the gateway component. For example, if the fully qualified domain name of the Portal Server host is siroe.subdomain1.example.com, enter subdomain1.example.com . |
Gateway Port SRA_GATEWAY_PORT |
Port on which the gateway host listens. The default value is 443. |
Gateway Profile Name |
Profile that contains gateway configuration information, such as listener port, SSL options, and proxy options. The default value is default. |
Log User Password |
Password that allows administrators with non-root access to access gateway log files. |
This section lists the information you must provide when you install Portal Server Secure Remote Access on a host where the following is true:
Portal Server is already installed
Portal Server is deployed into a Sun Java System Web Server or IBM WebSphere Application Server web container
In this scenario, you must provide the following types of information:
Web Container Deployment information
Gateway information
Access Manager information
The following table lists the information that you specify about the web container.
Table 1–39 Web Container Deployment Information for Portal Server Secure Remote Access Core
Label and State File Parameter |
Description |
---|---|
Deployment URI |
Uniform Resource Identifier (URI) that you use to deploy Portal Server. The value for the deployment URI must have a leading slash and must contain only one slash. The default value is /portal. |
The following table lists the information that you specify about Access Manager.
Table 1–40 Access Manager Information for Portal Server Secure Remote Access Core
Label and State File Parameter |
Description |
---|---|
Directory Manager DN |
DN of the user who has unrestricted access to Directory Server. The default value is cn=Directory Manager. In a state file, this parameter has no default value, and needs a value only if USE_EXISTING_USER_DIR is set to 1. |
Directory Manager Password |
Password for the directory manager. In a state file, this parameter has no default value, and needs a value only if USE_EXISTING_USER_DIR is set to 1. |
This section lists the information you must provide when you install Portal Server Secure Remote Access on a host where the following is true:
Portal Server is already installed
Portal Server is deployed into a Sun Java System Application Server web container or a BEA WebLogic web container
In this scenario, you must provide the following types of information:
Web Container Deployment information
Access Manager information
Sun Java System Application Server Information or BEA WebLogic Information
The following table lists the information that you specify about the web container.
Label and State File Parameter |
Description |
---|---|
Deployment URI |
Uniform Resource Identifier (URI) that you use to deploy Portal Server. The value for the deployment URI must have a leading slash and must contain only one slash. The default value is /portal. |
The following table lists the information that you specify about Access Manager.
Table 1–42 Access Manager Information for Portal Server Secure Remote Access Core
Label and State File Parameter |
Description |
---|---|
Directory Manager DN |
DN of the user who has unrestricted access to Directory Server. The default value is cn=Directory Manager. In a state file, this parameter has no default value, and needs a value only if USE_EXISTING_USER_DIR is set to 1. |
Directory Manager Password |
Password for the directory manager. In a state file, this parameter has no default value, and needs a value only if USE_EXISTING_USER_DIR is set to 1. |
The following table lists the information that you specify about Sun Java System Application Server or BEA WebLogic Server
Table 1–43 Sun Java System Application Server or BEA WebLogic Server Information for Portal Server Secure Remote Access Core
Label and State File Parameter |
Description |
---|---|
Administrator User Password |
Password that Portal Server uses to access Application Server or BEA WebLogic as administrator. |
This section lists the information you must provide when you install the Gateway subcomponent. In this scenario, you must provide the following types of information:
The following table lists the information that you specify about the web container, for either Portal Server or the load balancer.
Table 1–44 Web Container Deployment Information for Portal Server Secure Remote Access Gateway
Label and State File Parameter |
Description |
---|---|
Deployment URI |
Uniform Resource Identifier (URI) that you use to deploy Portal Server. The value for the deployment URI must have a leading slash and must contain only one slash. The default value is /portal. |
The following table lists the information that you must specify about Access Manager.
Table 1–45 Access Manager Information for Portal Server Secure Remote Access Gateway
Label and State File Parameter |
Description |
---|---|
Installation Directory |
Directory in which the Access Manager component is installed. The default value is /opt. |
This section describes the gateway information that the installer needs when you are installing the Gateway subcomponent.
Table 1–46 Gateway Information for Portal Server Secure Remote Access Gateway
Label and State File Parameter |
Description |
---|---|
Protocol |
Protocol (HTTP or HTTPS) the gateway uses to communicate. A secure port uses the HTTPS protocol. A non-secure port uses HTTP. In most cases the gateway should use HTTPS. In a state file, specify https for a secure port or http for a non-secure port. The default value is https. |
Host Name |
Name of the host on which the gateway component is installed. For example, if the fully qualified domain name is siroe.subdomain1.example.com , enter siroe. The default value is the name of the local host. |
Subdomain |
Subdomain name of the gateway host. There is no default value. |
Domain |
Domain name of the gateway host. For example, if the fully qualified domain name is siroe.example.com , this value is example.com. The default value is the domain of the local host. |
Host IP Address |
IP address of the Access Manager host. Specify the IP address of the host on which Access Manager was installed for Portal Server. The default value is the IP address of the local host. |
Access Port |
Port on which the gateway host listens. The default value is 443. |
Gateway Profile Name |
Gateway profile that contains the information related to gateway configuration, such the port on which gateway listens, SSL options, and proxy options. The default value is default. |
Log User Password |
Password that allows administrators with non-root access to access gateway log files. |
Start gateway after installation |
Directs the installer to automatically start Gateway after installation. In a state file, the permitted values are y or n. The default value is y. |
When you are installing Gateway, Netlet Proxy, or Rewriter Proxy, you can provide information to create a self-signed certificate for use with Portal Server Secure Remote Access. The installer needs the following information to configure a certificate.
Do not use multibyte characters when providing certificate information.
Label and State File Parameter |
Description |
---|---|
Organization |
Name of your organization or company. |
Division |
Name of your division. |
City/Locality |
Name of your city or locality. |
State/Province |
Name of your state or province. |
Country Code |
Two-letter country code. |
Certificate Database Password |
Password (and confirmation) that applies only to self-signed certificates. |
This section lists the information you must provide when you install the Netlet Proxy subcomponent. In this scenario, you must provide the following types of information:
The following table lists the information that you specify about the web container. Information applies to either Portal Server or the load balancer
Table 1–48 Web Container Deployment Information for Portal Server Secure Remote Access Netlet Proxy
Label and State File Parameter |
Description |
---|---|
Deployment URI |
Uniform Resource Identifier (URI) that you use to deploy Portal Server. The value for the deployment URI must have a leading slash and must contain only one slash. The default value is /portal. |
The following table lists the information that you must specify about Access Manager.
Table 1–49 Access Manager Information for Portal Server Secure Remote Access Netlet Proxy
Label and State File Parameter |
Description |
---|---|
Installation Directory |
Directory in which the Access Manager component is installed. The default value is /opt. |
This section describes the Netlet Proxy information that the installer needs when you are installing Netlet Proxy.
Table 1–50 Netlet Proxy Information for Portal Server Secure Remote Access Netlet Proxy
Label and State File Parameter |
Description |
---|---|
Host Name |
Host name of the Netlet Proxy host. The default value is the host name of the local host. |
Subdomain |
Subdomain name of the Netlet Proxy host. There is no default value. |
Domain |
Domain name of the Netlet Proxy host. The default value is the domain of the local host. |
Host IP Address |
IP address of the Netlet Proxy host. The default value is the IP address of the local host. |
Access Port |
Port on which the Netlet Proxy listens. The default value is 10555. |
Gateway Profile Name |
Profile that contains gateway configuration information, such as listener port, SSL options, and proxy options. The default value is default. |
Start Netlet Proxy after installation |
Directs the installer to automatically start Netlet Proxy after installation. In a state file, the value can be y or n. The default value is y. |
The following table describes information that you must enter if you are installing the proxy subcomponents on a host on which there is an existing installation of Portal Server Secure Remote Access.
Table 1–51 Proxy Information for Portal Server Secure Remote Access Netlet Proxy
When you are installing Gateway, Netlet Proxy, or Rewriter Proxy, you can provide information to create a self-signed certificate for use with Portal Server Secure Remote Access. The installer needs the following information to configure a certificate.
Do not use multibyte characters when providing certificate information.
Label and State File Parameter |
Description |
---|---|
Organization |
Name of your organization or company. |
Division |
Name of your division. |
City/Locality |
Name of your city or locality. |
State/Province |
Name of your state or province. |
Country Code |
Two-letter country code. |
Certificate Database Password |
Password (and confirmation) that applies only to self-signed certificates. |
This section lists the information you must provide when you install the Rewriter Proxy subcomponent. In this scenario, you must provide the following types of information:
Web Container Deployment information
Rewriter Proxy information
Proxy information
Certificate information
The following sections provide details on the information you must provide.
The following table lists the information that you specify about the web container.
Table 1–53 Web Container Deployment Information for Portal Server Secure Remote Access Rewriter Proxy
Label and State File Parameter |
Description |
---|---|
Deployment URI |
Uniform Resource Identifier (URI) that you use to deploy Portal Server. The value for the deployment URI must have a leading slash and must contain only one slash. The default value is /portal. |
This section describes the Rewriter Proxy information that the installer needs when you are installing Rewriter Proxy.
Table 1–54 Rewriter Proxy Information for Portal Server Secure Remote Access Rewriter Proxy
Label and State File Parameter |
Description |
---|---|
Host Name |
Host name of the host on which you are installing the Rewriter Proxy. The default value is the host name of the local host. |
Subdomain |
Subdomain name of the host on which the Rewriter Proxy is being installed. There is no default value. |
Domain |
Domain name of the host on which the Rewriter Proxy is being installed. The default value is the domain name of the local host. |
Host IP Address |
IP address of the host on which you are installing Rewriter Proxy. The default value is the IP address of the local host. |
Access Port |
Port on which the Rewriter proxy listens. The default value is 10443. |
Gateway Profile Name |
Profile that contains gateway configuration information, such as listener port, SSL options, and proxy options. The default value is default. |
Log User Password |
Password that allows administrators with non-root access to access log files. |
Start Rewriter Proxy after installation |
Directs the installer to automatically start Rewriter Proxy after installation. In a state file, the value can be y or n. The default value is y. |
The following table describes information that you must enter if you are installing the proxy subcomponents on a host on which there is an existing installation of Portal Server Secure Remote Access.
Table 1–55 Proxy Information for Portal Server Secure Remote Access Rewriter Proxy
When you are installing Gateway, Netlet Proxy, or Rewriter Proxy, you can provide information to create a self-signed certificate for use with Portal Server, Secure Remote Access. The installer needs the following information to configure a certificate.
Do not use multibyte characters when providing certificate information.
Label and State File Parameter |
Description |
---|---|
Organization |
Name of your organization or company. |
Division |
Name of your division. |
City/Locality |
Name of your city or locality. |
State/Province |
Name of your state or province. |
Country Code |
Two-letter country code. |
Certificate Database Password |
Password (and confirmation) that applies only to self-signed certificates. |
The installer needs the following information for Web Server:
Administration information
Default Web Server instance information
Label and State File Parameter |
Description |
---|---|
Administrator User ID |
User ID of the Web Server administrator. The default value is the Administrator User ID you provided under Common Server Settings. Refer to Common Server Settings. |
Administrator Password |
Password for the Web Server administrator. The default value is the Administrator Password you provided under Common Server Settings. Refer to Common Server Settings. |
Web Server Host |
A host and domain value that resolves to the local host. This value is used to create a directory under server root for the first Web Server instance. The default value is automatically created by joining the values that you provided for Host Name and DNS Domain Name under Common Server Settings. The value has the format hostname.domainname. |
Administration Port |
Port on which Web Server’s Administration Server listens for connections. The default value is 8888. |
Administration Runtime User ID |
User ID under which Web Server Administration Server runs. The default value is root. |
Label and State File Parameter |
Description |
---|---|
Administrator User ID |
User ID of the Web Proxy Server administrator. The default is admin or the value you provided under Common Server Settings. |
Administrator Password |
The password of the Web Proxy Server administrator. The default is the value you provided under Common Server Settings. |
Proxy Server Domain Name |
A host and domain value that resolves to the local host. The default value is created by joining the values that you provided for Host Name and for DNS Domain Name under Common Server Settings. For example: hostname.domain |
Administration Port |
Port on which the Web Proxy Server administration server listens for connections. The default value is 8888. |
Admin Server Runtime User ID |
The Web Proxy Server administration server runs on the system as this user (UID). Use the name rather than the user ID number. The default is the value you provided for System Users under Common Server Settings. |
Instance Runtime User ID |
An existing non–root user. Default value is nobody. |
Proxy Instance Port | |
Instance Auto Start Value |
Used to automatically start the Web Proxy Server instance. Choose this parameter when Web Proxy Server needs to be started at a reboot. Values can be Y or N. The default value is N. |
The following table contains information on state file parameters that are not associated with component configuration. Parameter names are listed alphabetically.
Table 1–60 State File Parameters