Chapter 24 Uninstalling OpenSSO Enterprise

• Uninstalling OpenSSO Enterprise Server

• Uninstalling the OpenSSO Enterprise Utilities and Scripts

• Uninstalling a Distributed Authentication UI Server Deployment

• Uninstalling an IDP Discovery Deployment

• Uninstalling a Client Sample Deployment

• Uninstalling a Fedlet Deployment

• Uninstalling an OpenSSO Enterprise Console Only Deployment

• Uninstalling the OpenSSO Enterprise Client SDK

• Removing OpenSSO Enterprise Entries From Directory Server

Uninstalling OpenSSO Enterprise Server

This scenario applies to a full OpenSSO Enterprise server deployment and an OpenSSO Enterprise server only (no console) deployment.

To Uninstall OpenSSO Enterprise Server

1. Undeploy opensso.war in the web container using the web container administration console or command-line utility.

2. Stop the OpenSSO Enterprise web container.

3. Remove the following directories and all of their contents:

   • ConfigurationDirectory is the directory created when the OpenSSO Enterprise instance is initially configured using the Configurator.

     The default directory is opensso in the home directory of the user running the Configurator. If the Configurator is run by root, ConfigurationDirectory is created in the root home directory (/).

   • user-home-directory.openssocfg where user-home-directory is the home directory of the user who deployed the opensso.war file. If this user is root, the directory is /.openssocfg.

4. Optionally, remove the opensso_enterprise_80.zip and extracted files.

Troubleshooting

OpenSSO data store port. If the OpenSSO Enterprise server instance was using the OpenSSO data store, the data store port was in use by the LISTEN socket. Stopping the web container server instance or domain should release this port. To check the data store port, use the netstat command. For example, if the OpenSSO data store used default port 50389:

netstat -a | grep 50389

Port 50389 should not be in use for the LISTEN socket. If necessary, release this port.

Uninstalling the OpenSSO Enterprise Utilities and Scripts

To Uninstall the OpenSSO Enterprise Utilities and Scripts

1. Remove the directory and its contents where ssoAdminTools.zip was extracted.

2. Optionally, remove the ssoAdminTools.zip file.

Uninstalling a Distributed Authentication UI Server Deployment

To Uninstall a Distributed Authentication UI Server Deployment

1. Undeploy the Distributed Authentication UI server WAR file in the web container using the web container administration console or command-line utility.

2. Stop the Distributed Authentication UI server web container.

3. Remove the /FAMDistAuth directory including the AMDistAuthConfig.properties configuration file.

   The /FAMDistAuth directory is located in the home directory of the user running the web container on which the Distributed Authentication UI WAR file is deployed.

4. Remove the debug directory and its contents.

   The location of the debug directory was specified when the Distributed Authentication UI server was configured using the Configurator.

Uninstalling an IDP Discovery Deployment

To Uninstall an IDP Discovery Deployment

1. Undeploy the IDP Discovery WAR in the web container.

2. Stop the web container.

3. Remove the libIDPDiscoveryConfig.properties file under the home directory of the user running the web container.

4. Remove the debug directory and its contents.

   The location of the debug directory was specified when the IDP Discovery deployment was configured using the Configurator..

Uninstalling a Client Sample Deployment

To Uninstall a Client Sample Deployment

1. Undeploy the client sample WAR in the web container.

2. Stop the web container.

3. Remove the AMConfig.properties file under the home directory of the user running the web container.

4. Remove the debug directory and its contents.

   The location of the debug directory was specified when the client sample was configured.

5. Remove these files:

   • ClientSampleWSC.properties

   • Discovery resource offering files, which begin with RO_ and are located under the home directory of the user running the web container.

Uninstalling a Fedlet Deployment

To Uninstall a Fedlet Deployment

1. Undeploy the fedlet.war in the web container.

2. Stop the web container.

3. Remove the fedlet configuration directory.

   By default, the fedlet directory is located under the user's home directory.

Uninstalling an OpenSSO Enterprise Console Only Deployment

To Uninstall an OpenSSO Enterprise Console Only Deployment

1. Undeploy opensso.war in the web container using the web container administration console or command-line utility.

2. Stop the web container.

3. Remove the AMConfig.properties file under home directory of the user running the web container.

4. Remove the debug directory.

   The location of the debug directory was specified when the console only deployment was configured using the Configurator.

Uninstalling the OpenSSO Enterprise Client SDK

To Uninstall the OpenSSO Enterprise Client SDK

1. Remove the directory where the opensso-client.zip file was extracted.

2. Remove the client SDK debug directory.

   The client SDK debug directory was specified when one of the following setup scripts was run:

   • Solaris and Linux systems: scripts/setup.sh

   • Windows systems: scripts/setup.bat

3. Optionally, remove the opensso-client.zip file.

Removing OpenSSO Enterprise Entries From Directory Server

If you used Sun Java System Directory Server as either the configuration data store or user data store, you must manually remove the OpenSSO Enterprise entries.

To remove these entries, use the Directory Server Console, Directory Service Command Center (DSCC), or a command-line utility such as ldapmodify.

To Remove OpenSSO Enterprise Entries From Directory Server

1. Remove the OpenSSO Enterprise schema and attribute index entries, which are loaded during the OpenSSO Enterprise installation from the following files:

   • am_sm_ds_schema.ldif

   • ds_remote_s1ds_schema.ldif

   • index.ldif

   • fam_sds_schema.ldif

   • fam_sds_index.ldif

2. If Directory Server is the configuration data store, remove the entire ou=services sub-branch, which is under the root suffix.

3. Depending on the features you used, remove OpenSSO Enterprise user entries from the user data store.

   For example, federation attributes (sun-fm-saml2-nameid-infokey and sun-fm-saml2-nameid-info) might be added to the user entries if you used SAMLv2 single sign-on (SSO). To determine which entries you need to remove, search the user entries for the schema attributes found in these LDIF files.

   • ds_remote_s1ds_schema.ldif

   • fam_sds_schema.ldif