If your installation plan calls for deploying Access Manager in an instance of Web Server or Application Server that is not owned by the superuser (root), you must install Access Manager in a separate installation session from Directory Server and Web Server or Application Server.
The general steps for creating this installation sequence include the following:
Session 1, Host A: Installing Directory Server
Session 2, Host B: Installing Web Server
Session 3, Host B: Installing Access Manager
If you have already deployed Access Manager in a root-owned instance of Web Server or Application Server, uninstall any copy of Access Manager before following the procedure in this section.
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Installing Directory Server using the Configure Now type
In the Common Server Settings page, enter the non-root user for System User and non-root group for System Group.
Select port numbers for Directory Server that are higher than 1024 (389 for instance LDAP port and 636 for instance SSL LDAP port).
As the non-root user, starting Directory Server (all processes must be owned by the non-root user)
The following high-level tasks are required:
Checking the installation sequence guidelines
Check to see what guidelines apply to this example and make adjustments as needed.
Checking the installation prerequisites
Check to see what tasks you might need to perform for this installation before starting.
Installing Web Server using the Configure Now type
In the Common Server Settings page, enter the non-root user for System User and non-root group for System Group.
In the Directory Server Instance Creation page, set System User and System Group to non-root user and group.
In the Web Server: Administration page, change the Administration Runtime User ID to the non-root user.
In the Web Server: Default Web Server Instance page:
Change the Runtime UNIX User ID to the non-root user.
Select a value for HTTP Port that is higher than 1024.
As the non-root user, starting the Web Server administration instance and Web Server instance
All processes should be owned by the non-root users.
The following high-level tasks are required:
Installing Access Manager using the Configure Later type
Changing ownership of the following directories from root/other to the non-root user/non-root group:
These shared component directories must be changed because they are configured into the web container classpath by the Access Manager configuration program. All processes should be owned by the non-root users.
Solaris OS: /opt/SUNWma and /etc/opt/SUNWma
Linux: /opt/sun/mobileaccess and /etc/opt/sun/mobileaccess
chown -R nonroot-user:nonroot-group /opt/SUNWma /etc/opt/SUNWma |
Deploying Access Manager
./amconfig -s ./am.non_root_install |
As the non-root user, stopping the Web Server admin instance and Web Server instance
As root, changing the ownership of the Web Server installation directory
chown -R <non-root-user\>:<non-root-group\> WebServer-base |
As the non root-user, starting the Web Server admin instance and Web Server instance