This section explains the process for installing the Identity Synchronization for Windows Core on Solaris, Linux, and Windows operating systems.
Before you install Core, you should be aware of the following requirements:
On Windows 2000/2003 systems: You must have Administrator privileges to install Identity Synchronization for Windows.
You must install the program as root, but after installation you can configure the software to run Solaris and Linux services as a non-root user. (See Appendix B, Identity Synchronization for Windows LinkUsers XML Document Sample)
You must install Core into a directory that has an existing server root managed by an Administration Server (version 5 2004Q2 or higher) or the installation program will fail. (You can install Administration Server using the Directory Server 5 2004Q2 installation program.)
With Identity Synchronization for Windows 6.0, the installer checks for an existing Sun Java System Administration Server. If it is not installed, the installer will install Sun Java System Administration Server as a part of Core installation.
When the Welcome screen is displayed, read the information provided and then click Next to proceed to the Software License Agreement panel.
Read the license agreement, then select
Yes (Accept License) to accept the license terms and go to the next panel.
No to stop the setup process and exit the installation program.
The Configuration Location panel is displayed, specify the configuration directory location.
Provide the following information:
Configuration Directory Host: Enter the fully qualified domain name (FQDN) of a Sun Java System Directory Server instance (affiliated with the local Administration Server) where Identity Synchronization for Windows configuration information will be stored.
You can specify an instance on the local machine or an instance that is running on a different machine.
Identity Synchronization for Windows allows Administrator Server to access the remotely installed instance of Directory Server.
To avoid warnings about invalid credentials or host names, be sure to specify a host name that is DNS-resolvable to the machine on which the installation program is running.
To enable secure communication, enable the Secure Port option and specify an SSL port. (Default SSL port is 636).
Once the program determines that the configuration directory is SSL-enabled, all Identity Synchronization for Windows components will use SSL to communicate with the configuration directory.
Identity Synchronization for Windows encrypts sensitive configuration information before sending it to the configuration Directory Server.
However, if you want additional transport encryption between the Console and configuration directory, be sure to enable SSL for both Administration Server and the configuration Directory Server. Then, configure a secure connection between the Administration Server to which you will be authenticating the Directory Server Console. (For information, see the Sun Java System Administration Server 5 2004Q2 Administration Guide).
Sun Java System Administration Server installed (and configured) as a part of the core components, is installed in a non-SSL mode.
If the program could not detect a root suffix, and you have to enter the information manually (or if you change the default value), you must click Refresh to regenerate a list of root suffixes. You must specify a root suffix that exists on the configuration Directory Server.
If you specify admin as the user ID, you will not be required to specify the User ID as a DN.
If you use any other user ID, then you must specify the ID as a full DN. For example, cn=Directory Manager.
If you are not using SSL to communicate with the configuration directory (see Installing Core), these credentials will be sent without encryption.
When you are finished, click Next to open the Configuration Password panel.
Be sure to remember this password as it will be required whenever you want to
Create or edit a configuration
Run any of the command line utilities
For information about changing the configuration password see Using changepw.
The Select Java Home panel is displayed (see Installing Core). The program automatically inserts the location of the Java Virtual Machine directory to be used by the installed components.
If the location is satisfactory, click Next to proceed to the Select Installation Directories panel (Installing Core).
If the location is not correct, click Browse to search for and select a directory where Java is installed, for example:
On Windows: C:\Program Files\j2sdk1.5
Installation Directory (available only when you are installing Core on Solaris or Linux): Specify the path and directory name of the installation directory. Core binaries, libraries, and executable will be installed in this directory.
Instance Directory (available only when you are installing Core on Solaris or Linux): Specify the path and directory name of the instance directory. Configuration information that changes (such as log files) will be stored in this directory.
There is only one server root directory available on Windows operating systems, and all products will be installed in that location.
If an Administration Server corresponding to the Configuration Directory Host and Port number provided in step 3 is not found, the installer Administration Server will install the Administration Server as part of the core installation. The default port number for the Administration Server port assigned would be the configuration directory port plus one.
You should have installed Message Queue 3.6 Enterprise Edition before starting the Identity Synchronization for Windows installation.
On Solaris systems: Do not install Message Queue and Identity Synchronization for Windows in the same directory.
On Linux system: Do not install Message Queue and Identity Synchronization for Windows in the same directory.
On Windows systems: You must close any open Service Control Panel windows before continuing, or the Core installation will fail.
Enter the following information in the text fields provided or click Browse to search for and select available directories:
Fully Qualified Local Host Name : Specify the fully qualified domain name (FQDN) of the local host machine. (There can only be one Message Queue broker instance running per host.)
Click Next and the Ready to Install panel is displayed.
This panel provides information about the install, such as the directory where Core will be installed and how much space is required to install Core.
If the displayed information is satisfactory, click Install Now to install the Core component (where the installation program installs the binaries, files, and packages).
If the information is not correct, click Back to make changes.
An “Installing” message is displayed briefly, and then the Component Configuration panel is displayed while the installation program adds configuration data to the specified configuration Directory Server. This operation includes:
Creating a Message Queue broker instance
Uploading the schema to the configuration directory
Uploading deployment-specific configuration information to the configuration directory
This operation will take several minutes and may pause periodically, so do not be concerned unless the process exceeds ten minutes. (Watch the progress bar to monitor the installation program’s status.)
When the component configuration operation is complete, the Installation Summary panel is displayed to confirm that Identity Synchronization for Windows installed successfully.
You can click the Details button to see a list of the files that have been installed, and where they are located.
Click Next and the program will determine the remaining steps you must perform to successfully install and configure Identity Synchronization for Windows.
A “Loading...” message, and then a Remaining Installation Steps panel each display briefly, and then the following panel (Installation Overview) is displayed. This panel contains a “To Do” list of the remaining installation and configuration steps. (You also can access this panel from the Console’s Status tab.)
The “To Do” panel will re-display throughout the installation and configuration process. The program greys-out all completed steps in the list.
Up to this point, the To Do list will contain a generic list of steps. After you save a configuration, the program provides a list of steps that are customized for your deployment (for example, which connectors you must install).
Next, you must configure the Core component, which you can do from the Sun Java System Console (the Start the Sun Java System Console option is enabled by default).
If you are migrating from Identity Synchronization for Windows version 1.0 or SP1 to Sun Java System Identity Synchronization for Windows 6.0, you can import an exported version 1.0 or SP1 configuration XML document using the idsync importcnf command line utility.
If you elected to use the Console, the Sun Java System Console Login dialog box is displayed (seeInstalling Core).
User ID: Enter the Administrator’s user ID you specified when you installed the Administration Server on your machine.
Password: Enter the Administrator’s password specified during Administration Server installation.
hostname.your_domain.domain is the computer host name you selected when you installed Administration Server.
port_number is the port you specified for Administration Server.
After providing your credentials, click OK to close the dialog box.
You will then be prompted for the configuration password. Enter the password and click OK.
When the Sun Java System Server Console window is displayed, you can start configuring Core. Continue to Chapter 4, Configuring Core Resources for instructions.