Sun Identity Manager 8.1 Installation

Part III Installing Optional Components

Identity Manager optional components are installed on machines other than the machine(s) hosting your application server(s). These components may be necessary if you plan to set up certain resource adapters such as Domino or Novell NetWare, or if you operate a Windows Active Directory domain.

Note –

Resource adapters are not the same as optional components and are not documented in this installation guide. Resource adapter documentation can be found in the Sun Identity Manager 8.1 Resources Reference.

Chapters in this part include:

Chapter 10 Installing the Sun Identity Manager Gateway

Identity Manager requires a lightweight gateway to manage resources that cannot be directly accessed from the server. If you plan to set up any of the following resource adapters, you must install the Sun Identity Manager Gateway.

These resources include systems that require API calls that are platform specific. With the Gateway installed on the target platform, Identity Manager can make the API calls that are needed to interact with the resource.


You must ensure that the Identity Manager Gateway is made highly available and that Gateway machines are properly configured. Please review the following prerequisites.


ProcedureTo Install the Identity Manager Gateway

Before You Begin

Select the Windows machine on which to install the Gateway. It must be a member of the domain in which the accounts and other objects will be managed (the managed domain) or a member of a domain that is trusted by the managed domain. The Gateway does not need to run on a domain controller.

Note –

For better performance, the Gateway should be located near (from a network connectivity perspective) the domain controllers of the managed domain.

  1. If you are selecting a system that is not the Identity Manager server, then:

    1. Create a directory called idm on the remote system.

    2. Copy the file from the Identity Manager installation package.

    3. Unpack and copy the contents of the file to the idm directory.

  2. From the directory where the Gateway files are installed, run the following command to install the Gateway as a service:gateway -i

  3. Run the following command to start the Gateway service:gateway -s

    Note –
    • You can stop the Gateway service by running the command:gateway -k

    • You can also start and stop the Gateway by following these steps:

      1. Open the Windows Control Panel.

      2. Open Services. (In Windows, Services is located in Administrative Tools.)

      3. Select Identity Manager Gateway.

      4. Click Start or Stop.

Failure Messages

Two common messages and their likely causes when working with the Gateway are as follows:

Chapter 11 Installing PasswordSync

This chapter briefly describes PasswordSync, which is an Identity Manager optional component. For full instructions on installing and configuring PasswordSync, see Chapter 11, PasswordSync, in Sun Identity Manager 8.1 Business Administrator’s Guide

About PasswordSync

The Identity Manager PasswordSync feature keeps user password changes made on Windows Active Directory domains synchronized with other resources defined in Identity Manager. Plan on installing PasswordSync on each domain controller and backup domain controller in the domains that will be synchronized with Identity Manager.

After installing PasswordSync, you will need to configure Identity Manager to accept PasswordSync change notifications. Depending on the complexity of your environment, PasswordSync can take some time to configure. For this reason, and because PasswordSync is not essential in order to start using Identity Manager, the PasswordSync installation and configuration steps are located together in Chapter 11, PasswordSync, in Sun Identity Manager 8.1 Business Administrator’s Guide.