Sun Java Enterprise System 2005Q4 Installation Guide for UNIX

Chapter 2 Example Installation Sequences

This chapter provides sequencing guidelines for some common Sun Java^TM Enterprise System (Java ES) installations

This chapter contains the following sections:

How to Use This Chapter

The example installation sequences in this chapter are intended to provide high-level guidelines for some common Java ES installations. These are not literal procedures, but instead provide the sequential steps required to implement particular deployment scenarios.

The single-session examples describe typical steps for installing one or a number of Java ES components on a single host in a single installation session. An evaluation example is included. The remaining examples describe situations where multiple installation sessions are performed on multiple hosts, for a variety of solutions. For the most part, the sequences in this chapter are based on the relationships among the components as shown in Sun Java Enterprise System 2005Q4 Installation Planning Guide

Note –

The Calendar-Messaging Schema 1 Example is the only example based on LDAP Schema 1. All other examples in this chapter are based on Schema 2.

At component selection, the Java ES installer identifies incompatible versions of components as well as unmet requirements. You receive warning messages that identify the problem and tell you what you need to do. Many of these messages tell you about requirements that are not yet met. Other messages tell you that incompatible versions of some or all of the components you are trying to install are already on the local host. You can use the Java ES installer to identify components that are already on your local host. For instructions, refer to When Incompatible Components Are Installed

Tip –

Installation goes smoothly if any incompatible versions of Java ES components are identified and removed or upgraded before starting the installer.

To upgrade components that are already on your local host, refer to Sun Java Enterprise System 2005Q4 Upgrade Guide.

Single-Session Installation Examples

The following examples apply to installing on a single host in a single session:

Evaluation Example

An evaluation installation is generally considered a trial deployment, a quick installation to see how things go. This example uses the graphical interface and the Configure Now option. When you are presented with configuration pages, you accept defaults wherever possible.

This example installs all the Java ES components except Sun Cluster software on a single host in a single installation session. Because Web Server is used as the web container, Application Server is not installed.

To Develop a Sequence for Java ES Evaluation

The following high-level tasks are required:

Steps

Starting the Java ES graphical installer

Checking the installation prerequisites

At component selection, selecting Install All, then deselecting the Application Server and Sun Cluster components

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Verifying installation directories

Selecting the Configure Now option

Messages indicate which components cannot be configured during installation.

Accepting configuration defaults when they are offered

If you want to use non-default information, review the appropriate configuration tables in Chapter 1, Configuration Information, in Sun Java Enterprise System 2005Q4 Installation Reference.

Viewing the Installation Summary and Log

Completing post-install configuration

Chapter 6, Configuring Components After Installation contains instructions for post-install configuration.

Starting the components

Verifying After Post-Installation Configuration contains the preferred Java ES startup sequence. Startup procedures follow the table.

Note –
If you are using a remote component to fulfill dependencies, the remote component must be installed and running before installing any components that depend on it.

Access Manager and Portal Server Example

This example installs Portal Server with Access Manager on a single host, using Web Server as the web container. Portal Server and Access Manager should use the same type of web container.

You can use Identity Management and Policy Core Services, Access Manager Administration Console, and Common Domain Services for Federation on another host by deselecting these subcomponents of Access Manager.

Note –

You must use Access Manager Legacy (6.x) installation type if you are installing Access Manager with Portal Server, Messaging Server, Calendar Server, Delegated Administrator, or Instant Messaging. Access Manager Realm (7.x) installation type can only be used if you are not installing any of these components.

To Develop a Sequence for Access Manager and Portal Server

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, choosing Portal Server and Web Server

Access Manager, Directory Server, and Directory Preparatory Tool are automatically selected. Because Administration Server supplies a graphical interface for Directory Server, you might also want to select Administration Server.
- To use a remote copy of Directory Server, deselect Directory Serverand specific a remote copy when prompted.
  
  Note –
  The remote Directory Server must be running before installing any other components. For instructions on installing Directory Server, refer to Directory Server Only Example.
- To use a remote copy of Access Manager, deselect Access Managerand specify a remote copy during postinstallation configuration.

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Selecting the Configure Now or Configure Later option
- For the Configure Now option, configuration pages are displayed for those components that allow installation-time configuration. Do not accept defaults for components that are remote; use the remote information.
- For the Configure Later option, configuration pages are not displayed.

Running the installation

Viewing the Installation Summary and Log

Completing postinstallation configuration

Starting components
- Starting and Stopping Directory Server
- Starting and Stopping Web Server (Access Manager and Portal Server start automatically with Web Server.

Accessing the default Access Manager login page

http://webserver-host:port/amconsole

The following table contains additional Access Manager information.

Task	Relevant Information
Configuration information for the installer	Access Manager Configuration Information in Sun Java Enterprise System 2005Q4 Installation Reference
Postinstallation configuration	Access Manager Postinstallation Configuration
Starting and stopping	Starting and Stopping Access Manager
Uninstalling	Access Manager Uninstallation Behavior
Troubleshooting	Access Manager Troubleshooting Tips
Upgrading	Sun Java Enterprise System 2005Q4 Upgrade Guide

The following table contains additional Portal Server information.

Task	Relevant Information
Configuration information for the installer	Portal Server Configuration Information in Sun Java Enterprise System 2005Q4 Installation Reference
Postinstallation configuration	Portal Server and Portal Server Secure Remote Access Postinstallation Configuration
Starting and stopping	Starting the Web Container to Access Portal Server Desktop
Uninstalling	Portal Server Uninstallation Behavior
Troubleshooting	Portal Server Troubleshooting Tips
Upgrading	Sun Java Enterprise System 2005Q4 Upgrade Guide

Application Server Only Example

This example installs Application Server by itself.

Requirements

Application Server requires a local copy of Message Queue. If you are using load balancing, a local copy of a web server is required.

Note –

If you are using this component with Sun Cluster software, you must perform a precise series of tasks before installing any components. Refer to Sun Cluster Software Example to see Sun Cluster guidelines.

To Develop a Sequence for Application Server

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, choosing Application Server

Message Queue is automatically selected. The Load Balancing Plugin and the Application Server Node Agent are not selected.

(Optional) If you are going to implement load balancing, expand Application Server and select the Load Balancing Plugin subcomponent. Select Web Server if desired. If you want to use Apache web server, Apache web server must already be installed. Web Server will also be installed. At the Application Server installation page, choose between Web Server and Apache. Supply the path to the web server.

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Verifying installation directories

Selecting the Configure Now or Configure Later option
1. For the Configure Now option, configuration pages are displayed for the local components that can be configured during installation.
  
  Gather your Application Server configuration information from the tables in Application Server Configuration Information in Sun Java Enterprise System 2005Q4 Installation Reference.
2. For the Configure Later option, configuration pages are not displayed.

Running the installation

Viewing the Installation Summary and Log

Completing post-install configuration

Starting Application Server (automatically starts Message Queue)

Starting and Stopping Application Server
(Optional) Starting and Stopping Web Server

The following table contains additional Application Server information.

Task	Relevant Information
Configuration information for the installer	Application Server Configuration Information in Sun Java Enterprise System 2005Q4 Installation Reference
Postinstallation configuration	To Configure Application Server After a Configure Later Installation
Starting and stopping	Starting and Stopping Application Server
Uninstalling	Application Server Uninstallation Behavior
Troubleshooting	Application Server Troubleshooting Tips
Upgrading	Sun Java Enterprise System 2005Q4 Upgrade Guide

Directory Server Only Example

This example installs Directory Server by itself.

Requirements and Sequence Issues

Directory Server has no dependencies on other Java ES components. However, because Administration Server provides a graphical interface for Directory Server, you might also want to select Administration Server.

Note –

If you are using replication for encryption for Directory Server, you should select Administration Server at component selection.

If you are using this component with Sun Cluster software, you must perform a precise series of tasks before installing any components. Refer to Sun Cluster Software Example
Directory Server must be running before installing other components that depend on Directory Server.
If your deployment calls for Schema 2, you must configure Directory Server for Schema 2 before implementing any other components.

To Develop a Sequence for Directory Server

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, selecting Directory Server and (optionally) Administration Server

The Directory Preparation Tool is automatically selected.

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Verifying installation directories

Selecting the Configure Now or Configure Later option
1. For the Configure Now option, configuration pages are displayed for the local components that can be configured during installation.
  
  Gather your configuration information from the tables in Chapter 1, Configuration Information, in Sun Java Enterprise System 2005Q4 Installation Reference.
2. For the Configure Later option, configuration pages are not displayed.

Running the installation

Viewing the Installation Summary and Log

Completing post-install configuration
- Directory Server Postinstallation Configuration
- (Optional) Administration Server Postinstallation Configuration

Starting the components in this order:

Starting and Stopping Directory Server

(Optional) Starting and Stopping Administration Server and the Server Console

The following table contains additional Directory Server information.

Task	Relevant Information
Configuration information for the installer	Directory Server Configuration Information in Sun Java Enterprise System 2005Q4 Installation Reference
Postinstallation configuration	Directory Server Postinstallation Configuration
Starting and stopping	Starting and Stopping Directory Server
Uninstalling	Directory Server Uninstallation Behavior
Troubleshooting	Directory Server Troubleshooting Tips
Upgrading	Sun Java Enterprise System 2005Q4 Upgrade Guide

Directory Proxy Server Example

This example installs Directory Proxy Server with Directory Server on a single host.

Requirements

Directory Proxy Server requires Directory Server, but not necessarily a local copy. In addition, Directory Proxy Server requires a local copy of Administration Server.

To Develop a Sequence for Directory Proxy Server

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, selecting Directory Proxy Server

Directory Server, Directory Preparation Tool, and Administration Server are automatically selected.

(Optional) If you are using a remote copy of Directory Server, deselect Directory Server and specify a remote copy when prompted.

Note –
The remote Directory Server must be running before installing any other components. For instructions on installing Directory Server, refer to Directory Server Only Example.

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Verifying installation directories

Selecting the Configure Now or Configure Later option
1. For the Configure Now option, configuration pages are displayed for the local components that can be configured during installation.
  
  Do not accept defaults for components that are remote; use the remote information.
  
  Gather your configuration information from the tables in Chapter 1, Configuration Information, in Sun Java Enterprise System 2005Q4 Installation Reference
2. For the Configure Later option, configuration pages are not displayed.

Running the installation

Viewing the Installation Summary and Log

Completing post-install configuration

Starting the components in this order:

Starting and Stopping Directory Server

Starting and Stopping Administration Server and the Server Console

Starting and Stopping Directory Proxy Server

The following table contains additional Directory Proxy Server information.

Task	Relevant Information
Configuration information for the installer	Directory Proxy Server Configuration Information in Sun Java Enterprise System 2005Q4 Installation Reference
Postinstallation configuration	Directory Proxy Server Postinstallation Configuration
Starting and stopping	Starting and Stopping Directory Proxy Server
Uninstalling	Directory Proxy Server Uninstallation Behavior
Troubleshooting	Directory Proxy Server Troubleshooting Tips
Upgrading	Sun Java Enterprise System 2005Q4 Upgrade Guide

Instant Messaging Only Example

This example installs Instant Messaging by itself. It is not uncommon for Instant Messaging to be installed in a separate installation session after other components have been installed and configured.

Note –

If you are using single sign-on or Access Manager managed policies, Access Manager is required. For guidelines, refer to Instant Messaging and Access Manager Example

Sequence Issues

The installer does not automatically select components that Instant Messaging depends on. You are responsible for selecting these components.
If you are deploying other components with Instant Messaging, the other components must be configured before configuring Instant Messaging.

Java ES components that are commonly used with Instant Messaging include Messaging Server, Calendar Server, and Portal Server (with Access Manager).

To Develop a Sequence for Instant Messaging

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, choosing Instant Messaging

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Verifying installation directories

Selecting the Configure Later option

Instant Messaging cannot be configured during installation.

Running the installation

Viewing the Installation Summary and Log

Completing post-install configuration

Configuring Instant Messaging After a Configure Later Installation

Starting Instant Messaging (after starting any other components that Instant Messaging might depend on)

Starting and Stopping Instant Messaging Server and Multiplexor

The following table contains additional Instant Messaging information.

Task	Relevant Information
Postinstallation configuration	Configuring Instant Messaging After a Configure Later Installation
Starting and stopping	Starting and Stopping Instant Messaging Server and Multiplexor
Uninstalling	Instant Messaging Uninstallation Behavior
Troubleshooting	Instant Messaging Troubleshooting Tips
Upgrading	Sun Java Enterprise System 2005Q4 Upgrade Guide
Deployment scenarios	Sun Java System Communications Deployment Planning Guide

Message Queue Only Example

This example installs Message Queue by itself.

Requirements

Message Queue has no dependencies on other Java ES components.

Note –

To Develop a Sequence for Message Queue

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, selecting Message Queue

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.
- Solaris OS:
  
  If a previous copy of Message Queue, Platform Edition is detected on the host, the installer will automatically update the installation with Message Queue, Enterprise Edition.
  
  If a previous copy of Message Queue, Enterprise Edition is detected on the host, you must exit the installer and follow the instructions for upgrading to Message Queue, Enterprise Edition in the Sun Java Enterprise System 2005Q4 Upgrade Guide.
- Linux:
  
  If a previous copy of Message Queue, (Platform or Enterprise Editions) is detected on the host, you must exit the installer and follow the instructions for upgrading and migrating to Message Queue, Enterprise Edition in the Sun Java Enterprise System 2005Q4 Upgrade Guide.

Selecting the Configure Later option.

Message Queue cannot be configured during installation

Running the installation

Viewing the Installation Summary and Log

Starting Message Queue

The following table contains additional Message Queue information.

Task	Relevant Information
Postinstallation configuration	Message Queue Postinstallation Configuration
Starting and stopping	Starting Message Queue
Uninstalling	Message Queue Uninstallation Behavior
Troubleshooting	Message Queue Troubleshooting Tips
Upgrading	Sun Java Enterprise System 2005Q4 Upgrade Guide

Portal Server Secure Remote Access Example

This example installs Portal Server Secure Remote Access with Access Manager on a single host, with Web Server as the web container.

Requirements

Portal Server Secure Remote Access requires a local copy of Access Manager or Access Manager SDK. Portal Server Secure Remote Access Core requires a local copy of Portal Server except in case of Gateway, where Portal Server Secure Remote Access does not require a local copy of Portal Server and can be installed on a separate host. Portal Server Secure Remote Access must be installed in same location as Portal Server. Directory Server is required by Portal Server, but not necessarily a local copy. Access Manager requires a local web container.

Note –

To Develop a Sequence for Portal Server Secure Remote Access

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, choosing Portal Server Secure Remote Access and Web Server

Portal Server, Access Manager, Directory Server, and Directory Preparation Tool, and are automatically selected.
- To use a remote copy of Directory Server, deselect Directory Server and specify a remote copy when prompted.
  
  Note –
  The remote Directory Server must be running before installing any other components. For instructions on installing Directory Server, refer to Directory Server Only Example.
- To use a remote copy of Access Manager, deselect Access Manager and specify a remote copy during postinstallation configuration.
  
  Note –
  The remote Access Manager must be running before installing any other components. For instructions on installing Access Manager, refer to Identity Management Example.

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Selecting the Configure Now or Configure Later option
1. For the Configure Now option, configuration pages are displayed for those components that allow installation time configuration. Do not accept defaults for components that are remote; use the remote information.
  
  You will need to gather your configuration information from the tables in Chapter 1, Configuration Information, in Sun Java Enterprise System 2005Q4 Installation Reference.
2. For the Configure Later option, configuration pages are not displayed.

Running the installation

Viewing the Installation Summary and Log

Completing any post-install configuration

For Configure Now:
- Configuring Access Manager After a Configure Now Installation
- Configuring Portal After a Configure Now Installation on a Sun Web Container
For Configure Later:

Starting the components
- Starting and Stopping Directory Server
- Starting and Stopping Web Server (Access Manager and Portal Server start automatically.)
- Starting and Stopping Portal Server Secure Remote Access

Accessing the default Access Manager login page
http://webserver-host:port/amserver

Accessing the portal
http://webserver-host:port/portal/dt

Accessing the Portal Gateway

http://gateway-server:port/

The following table contains additional Portal Server Secure Remote Access information.

Task	Relevant Information
Configuration information for the installer	Portal Server Secure Remote Access Configuration Information in Sun Java Enterprise System 2005Q4 Installation Reference
Starting and stopping	Starting and Stopping Portal Server Secure Remote Access
Uninstalling	Portal Server Secure Remote Access Uninstallation Behavior
Troubleshooting	Portal Server Secure Remote Access Troubleshooting Tips
Upgrading	Sun Java Enterprise System 2005Q4 Upgrade Guide

Service Registry Only Example

This example installs Service Registry by itself.

Requirements

Service Registry requires a local copy of Application Server and at least two of its subcomponents: Domain Administration Server and Command Line Administration Tool. Message Queue is also required.

To Develop a Sequence for Service Registry

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, selecting Service Registry

Application Server and its required subcomponents as well as Message Queue are automatically selected.

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Verifying installation directories

Selecting the Configure Now or Configure Later option
1. For the Configure Now option, the Application Server configuration pages are displayed by the installer.
  
  Gather your configuration information from the tables in Chapter 1, Configuration Information, in Sun Java Enterprise System 2005Q4 Installation Reference
2. For the Configure Later option, configuration pages are not displayed.
  
  Service Registry cannot be configured during installation.

Running the installation

Viewing the Installation Summary and Log

Completing post-install configuration, in this order
1. Application Server Postinstallation Configuration
2. Service Registry Postinstallation Configuration

StartingApplication Server and Service Registry

The following table contains additional information for installing Service Registry.

Task	Relevant Information
Postinstallation configuration	Service Registry Postinstallation Configuration
Uninstalling	Service Registry Uninstallation Behavior
Troubleshooting	Service Registry Troubleshooting Tips

Web Server Only Example

This example installs Web Server by itself.

Requirements

Web Server has no dependencies on other components.

Note –

To Develop a Sequence for Web Server

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, selecting Web Server

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Verifying installation directories

Selecting the Configure Now or Configure Later option
1. For the Configure Now option, the Web Server configuration pages are displayed by the installer.
  
  Gather your configuration information from the tables in Chapter 1, Configuration Information, in Sun Java Enterprise System 2005Q4 Installation Reference
2. For the Configure Later option, configuration pages are not displayed.

Running the installation

Viewing the Installation Summary and Log

Completing any post-install configuration

Web Server Postinstallation Configuration

Starting Web Server

Starting and Stopping Web Server

The following table contains additional information for installing Web Server.

Task	Relevant Information
Postinstallation configuration	Web Server Postinstallation Configuration
Starting and stopping	Starting and Stopping Web Server
Uninstalling	Web Server Uninstallation Behavior
Troubleshooting	Web Server Troubleshooting Tips
Upgrading	Sun Java Enterprise System 2005Q4 Upgrade Guide

Solaris 10 Zones

This section contains a brief description of Solaris 10 zones support for the current release of Java ES. An installation sequence example is included.

Overview of Solaris Zones

The Solaris 10 zones (also known as Solaris containers) feature provides a means of creating virtualized operating system environments within an instance of Solaris OS. This allows one or more processes to run in isolation from other activities on the host. For example, a process running in a zone will only be able to send signals to other processes in the same zone, regardless of user ID and other credential information.

Every Solaris 10 host contains a single global zone. The global zone is both the default zone for the host and the zone used for system-wide administrative control. All processes run in the global zone if no non-global zones are created by the global administrator. Some Java ES components, such as Sun Cluster software can only be installed in the global zone.

A non-global zone can be thought of as a box. One or more applications can run in this box without interacting with the rest of the host. Each non-global zone has what appears to be its own instance of an installed Solaris 10 operating system with configuration and other information unique to that non-global zone. The default configuration for a non-global zone is to share portions of its file system with the global zone (as a read-only loopback file system mount). For Java ES, all non-global zones must be created as “whole root” zones, meaning that there are no inherited file systems.

Zones Support for This Release of Java ES

The following list describes the level of Java ES zones support for this release of Java ES:

Java ES can be installed in the Global zone when non-global zones already exist.
Non-global zones can be created after Java ES is installed in the global zone.
Java ES can be installed in a whole root non-global zone even if another Java ES installation is already installed in the global zone.
Installing Java ES into the default sparse root non-global zone is not supported. The Java ES installer cannot proceed if a sparse root file system is encountered.
Java ES can be installed in the global zone even when Java ES has already been installed in the whole root non-global zone.

Solaris 10 Zones Example

This example installs Java ES software in a Solaris 10 non-global zone.

To Develop a Sequence for Solaris 10 Zones

The following high-level tasks are required:

Steps

Verifying that Solaris 10 is installed on your host

The global zone is automatically created.

Verifying that all the non-global zones specified in your implementation plan have been created by the global zone administrator as “whole root” zones

For information on creating non-global zones, refer to Chapter 18, Planning and Configuring Non-Global Zones (Tasks), in System Administration Guide: Solaris Containers-Resource Management and Solaris Zones.

Starting the Java ES installer in the desired non-global zone

At component selection, choosing the components you want

Some components cannot be installed in a non-global zone because they require access to global zone capabilities. These components are unavailable at component selection.

Running the installation

Viewing the Installation Summary and Log

Completing postinstallation configuration as needed

Chapter 6, Configuring Components After Installation provides post-installation configuration instructions.

Starting components

Chapter 7, Verifying Installed Components provides procedures for starting and stopping the Java ES components.

Repeating this process in additional non-global zones as needed

Sun Cluster Software Example

This example installs Messaging Server in a Sun Cluster framework.

Note –

Components that can be configured to run in a cluster instead of on a single server include Administration Server, Application Server Calendar Server, Directory Server, HADB, Message Queue, Messaging Server, and Web Server.

Before you install or configure Sun Cluster software, ensure that the combination of hardware and software that you choose for your cluster is currently a supported Sun Cluster configuration.

Requirements and Sequencing Issues

Messaging Server requires Directory Server, but not necessarily a local copy. In addition, Messaging Server requires a local copy of Administration Server. You will need the Sun Cluster Core component as well as the Sun Cluster Agents for Directory Server, Administration Server, and Messaging Server. If a remote Directory Server is used, then the Sun Cluster Agent for Directory Server is not required.

Installing, configuring, and starting the components in the correct order is crucial for a successful Sun Cluster implementation.

Installing the Java ES Sun Cluster component
Configuring the Sun Cluster framework
Installing the additional Java ES components that are required for Messaging Server to operate in the cluster
Configuring the Sun Cluster data services using the agents for the relevant Java ES components

At least two installation sessions are performed on each node in the cluster.

Phase I. Installing and Configuring the Sun Cluster Framework

The following tasks must be performed on all nodes in the cluster.

To Develop a Sequence for the Sun Cluster Framework

Steps

Verifying that the hardware is connected correctly for the cluster
- Sun Cluster 3.0–3.1 Hardware Collection for Solaris OS (SPARC Platform Edition) http://docs.sun.com/coll/1024.1
- Sun Cluster 3.0–3.1 Hardware Collection for Solaris OS (x86 Platform Edition) http://docs.sun.com/coll/1142.1

Running the Java ES installer

On Solaris 10, Sun Cluster software can only be installed in the global zone.

At component selection, choosing only the Sun Cluster component

Tip –
During a Configure Now installation (usually where you have chosen to install all Java ES components), you are prompted whether to enable support for remote Sun Cluster configuration. If you select Yes, postinstallation configuration for Sun Cluster software will be easier.

Selecting the Configure Later option

Following the instructions to configure the Sun Cluster Framework for each host in the cluster

Follow instructions in Chapter 2, Installing and Configuring Sun Cluster Software, in Sun Cluster Software Installation Guide for Solaris OS. When the Sun Cluster documentation refers to a Sun Cluster CD-ROM, substitute the name of the equivalent Java ES CD-ROM.

For documentation on creating resource groups and configuring data services, refer to the Sun Cluster Data Services Planning and Administration Guide for Solaris OS.

If needed, installing the special features of Sun Cluster: RSMAPI (SUNWscrif), SCI-PCI adapters (SUNWsci), RSMRDT drivers (SUNWscrdt)

Sun Cluster Software Installation Guide for Solaris OS

Phase II. Installing and Configuring Components and Agents

The following tasks must be performed on all nodes in the cluster.

To Develop a Sequence for Configuring Components and Agents

Steps

Running the Java ES installer

At component selection, choosing the following:
1. Messaging Server
  
  Directory Server, the Directory Preparation Tool, and Administration Server are automatically selected.
  
  (Optional) If you are using a remote copy of Directory Server, deselect Directory Server and specify a remote copy when prompted.
  
  Note –
  The remote Directory Server must be running before installing any other components. For instructions on installing Directory Server, refer to Directory Server Only Example
2. Sun Cluster Agents for Sun Java System
  
  All agents are selected by default.
3. Expanding the Sun Cluster Agents for Sun Java System component and deselecting all agents except Administration Server, Directory Server, and Messaging Server

Resolving incompatibilities

The installer verifies software on your node and provides guidance if incompatibilities are identified.

Verifying installation directories

Selecting the Configure Now or Configure Later option

Messaging Server and Sun Cluster Agents cannot be configured during installation.

Configuring all the selected components except Sun Cluster Agents
- Directory Server Postinstallation Configuration
- Administration Server Postinstallation Configuration
- Messaging Server Postinstallation Configuration
  
  When specifying installation directories, use a location on the cluster file system for Messaging Server.

Starting all the components except Sun Cluster Agents, in this order:

Configuring the data services for the components you have installed and configured

Sun Cluster Data Services Configuration

The following table contains additional Sun Cluster information.

Task	Relevant Information
Postinstallation configuration information	Phase I. Sun Cluster Framework Sun Cluster Data Services Configuration
Starting and stopping	Stopping and Rebooting Sun Cluster Software
Uninstalling	Sun Cluster Uninstallation Behavior
Troubleshooting	Sun Cluster Software Troubleshooting Tips
Upgrading	Sun Java Enterprise System 2005Q4 Upgrade Guide

Access Manager SDK With Container Configuration Example

This example installs Access Manager SDK, using a copy of Access Manager that is already installed on a remote host.

Note –

To use this sequence example, also refer to known issue 6293225 in the Sun Java Enterprise System 2005Q4 Release Notes.

Requirements

Before you install Access Manager SDK, the Access Manager core services must be installed and running on a remote host. The web container information and Directory Server configuration information that you provide in this installation example must match the web container and Directory Server configuration information that you provided during installation of Access Manager core services.

Note –

When the installer asks for information about the remote web container and Directory Server, default values are displayed based on the local host.

Do not accept the default values; use them only as examples of format. Instead, you must supply the correct information from the remote host.

The Java ES installer does not allow you to configure the web container when you are installing only the Access Manager SDK.

To Develop a Sequence for Host A

The following high-level tasks are required:

Step

Installing and starting Access Manager core services

Identity Management Example

To Develop a Sequence for Host B

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, choosing Access Manager SDK

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Selecting the Configure Later option

Running the installation

Viewing the Installation Summary and Log

Verifying that your web container is installed and running

Editing the amsamplesilent file
1. In the AccessManager-base/SUNWam/bin directory, make a copy the amsamplesilent file.
2. By default, many settings are commented out in the amsamplesilent file. Uncomment the following settings:
  - SERVER_NAME
  - SERVER_HOST
  - SERVER_PORT
  - ADMIN_PORT
  - DS_HOST
  - DS_DIRMGRPASSWD
  - ROOT_SUFFIX
  - ADMINPASSWD
  - AMLDAPUSERPASSWD
  - COOKIE_DOMAIN
  - AM_ENC_PWD
  - NEW_OWNER
  - NEW_GROUP
  - PAM_SERVICE_NAME
  - WEB_CONTAINER
3. Modify the following parameters in the amsamplesilent file:
  - DEPLOY_LEVEL should be set to 4.
  - SERVER_HOST and SERVER_PORT should be set to the host and port of the full server which will be used by Access Manager SDK.
  - DS_HOST, DS_DIRMGRPASSWD, and ROOT_SUFFIX should be set to the hostname, directory manager password, and root suffix of the Host A Directory Server.
  - ADMINPASSWD and AMLDAPUSERPASSWD should be set to the amadmin and amldapuser passwords used on Host A.
  - AM_ENC_PWD should be set to the password encryption key used on Host A. For the Access Manager SDK, use the same encryption key for AM_ENC_PWD as the encryption key specified during the remote installation of Access Manager on Host B. Use the following command to obtain this value: grep pwd /etc/opt/SUNWam/config/AMConfig.properties
  - WEB_CONTAINER should be set to the corresponding value for the web container being used.
  - BASEDIR should be set to the install directory used during the Configure Later installation of Access Manager SDK.
  - AM_REALM should be set to Enabled if realm mode is used on Host A, and Disabled if legacy mode is used on Host A.
  - Find the settings corresponding to the web container that will be used for the SDK and modify these settings with the details of the web container. For example, if WEB_CONTAINER is set to WS6 (Sun Java System Web Server), then you should modify the settings which are prefixed by WS61 (WS61_INSTANCE , WS61_HOME, WS61_PROTOCOL and so on.)

As root, use the edited amsamplesilent file to deploy Access Manager.

./ amconfig -s ./am.sdk_install

Restarting your web container

Calendar Server and Messaging Server Example

This example installs Calendar Server and Messaging Server in a 3-host Schema 2 environment. Remote copies of Access Manager and Directory Server are used.

Note –

For a Schema 1 example, refer to Calendar-Messaging Schema 1 Example.

Requirements and Sequence Issues

Access Manager is required if you are implementing single sign-on or Access Manager managed policies. In this case, either Access Manager or a local copy of the Access Manager SDK is required. Access Manager SDK requires Access Manager, but not necessarily a local copy. Calendar Server and Messaging Server both require Directory Server, but not necessarily a local copy. Messaging Server requires a local copy of Administration Server.

In this example, remote copies of Directory Server and Access Manager are used. Access Manager requires a local web container.

Note –

If you are using this component with Sun Cluster software, you must perform a precise series of tasks before installing any components. Refer to Sun Cluster Software Example
The remote Directory Server must be installed and running before installing any components that depend on it.
The remote Access Manager must be running before installing Access Manager SDK. For instructions on installing Access Manager, refer to Identity Management Example

To Develop a Sequence for Host A

The following high-level tasks are required:

Step

Installing and starting Directory Server

Because Administration Server provides a graphical interface for Directory Server, you might also want to select Administration Server.

Directory Server Only Example

To Develop a Sequence for Host B

The following high-level tasks are required:

Step

Installing and starting the web container and Access Manager (deselecting Directory Server)

Identity Management Example

To Develop a Sequence for Host C

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, selecting Calendar Server, Messaging Server, and Access Manager SDK

Directory Server, Directory Preparation Tool, and Administration Server are automatically selected.

Deselecting Directory Server and specifying a remote copy when prompted

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Verifying installation directories

Selecting the Configure Now option

Calendar Server and Messaging Server cannot be configured during installation.

Configuration pages are displayed for the local components that can be configured during installation. Do not accept defaults for components that are remote; use the remote information. Gather your configuration information from the tables in Chapter 1, Configuration Information, in Sun Java Enterprise System 2005Q4 Installation Reference.

Running the installation

Viewing the Installation Summary and Log

Completing post-install configuration, including specifying remote components
- Calendar Server Postinstallation Configuration
- Messaging Server Postinstallation Configuration

Starting the components in this order:

Starting and Stopping Administration Server and the Server Console

Starting and Stopping Messaging Server

Starting and Stopping Calendar Server

The following table contains additional Calendar Server information.

Task	Relevant Information
Postinstallation configuration	Calendar Server Postinstallation Configuration
Starting and stopping	Starting and Stopping Calendar Server
Uninstalling	Calendar Server Uninstallation Behavior
Troubleshooting	Calendar Server Troubleshooting Tips
Upgrading	Sun Java Enterprise System 2005Q4 Upgrade Guide

The following table contains additional Messaging Server information.

Task	Relevant Information
Postinstallation configuration	Messaging Server Postinstallation Configuration
Starting and stopping	Starting and Stopping Messaging Server
Uninstalling	Messaging Server Post-uninstallation Messaging Server Uninstallation Behavior
Troubleshooting	Messaging Server Troubleshooting Tips
Upgrading	Sun Java Enterprise System 2005Q4 Upgrade Guide

Calendar-Messaging Schema 1 Example

This example installs Calendar Server and Messaging Server in an LDAP Schema 1 environment on two hosts. A remote version of Directory Server is used.

Requirements

Both Calendar Server and Messaging Server require Directory Server, but not necessarily a local copy. In addition, a local copy of Administration Server is required by Messaging Server.

To Develop a Sequence for Host A

The following high-level tasks are required:

Step

Installing and starting Directory Server

Because Administration Server provides a graphical interface for Directory Server, you might also want to select Administration Server.

Directory Server Only Example

To Develop a Sequence for Host B

The following high-level tasks are required:

Steps

Running the Java ES installer.

At component selection, choosing Calendar Server and Messaging Server

Directory Server, the Directory Preparation Tool, and Administration Server are automatically selected.

Deselecting Directory Server

When you are prompted to choose a local or remote Directory Server, choose remote (the Directory Server that is already installed and running on Host A).

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Selecting the Configure Now option

You will receive a message that Calendar Server and Messaging Server cannot be configured during installation.

Reviewing the configuration pages for Administration Server

Running the installation

Viewing the Installation Summary and Log

Completing any post-install configuration:
- Calendar Server Postinstallation Configuration
- Messaging Server Postinstallation Configuration

Starting the components in this order:

Communications Express and Messaging Server Example

This example installs Communications Express for messaging services in a 2-host Schema 2 environment. A remote copy of Directory Server is used.

Note –

On Linux: To use this sequence example, also refer to known issue 6283991 in the Sun Java Enterprise System 2005Q4 Release Notes.

Requirements and Sequence Issues

Communications Express requires either Access Manager or the Access Manager SDK for Schema 2. A local copy of Access Manager SDK is always required, but you can use a remote copy of Access Manager. Directory Server is required for Access Manager and Communications Express, but Directory Server does not need to be on the local host. Communications Express requires a local web container which can be either Application Server or Web Server.

To use messaging services, Communications Express requires a local copy of Messaging Server, which requires a local copy of Administration Server. To use calendar services, Communications Express requires Calendar Server, but Calendar Server does not need to be on the local host. This example uses messaging services.

Note –

If you are using Messaging Server or Web Server with Sun Cluster software, you must perform a precise series of tasks before installing any components. Refer to Sun Cluster Software Example to see Sun Cluster guidelines.
The remote Directory Server must be installed and running before installing any components that depend on it.

To Develop a Sequence for Host A

The following high-level tasks are required:

Step

Installing and starting Directory Server

Because Administration Server provides a graphical interface for Directory Server, you might also want to select Administration Server.

Directory Server Only Example

To Develop a Sequence for Host B

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, choosing Communications Express, Access Manager, Messaging Server, and Web Server

Administration Server, Directory Server, and the Directory Preparation Tool are automatically selected.

Deselecting Directory Server

When you are prompted to choose a local or remote Directory Server, choose remote (the Directory Server that is already installed and running on Host A).

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Selecting the Configure Now option

Communications Express cannot be configured during installation, and will require postinstallation configuration.

Configuration pages are displayed for those components that can be configured during installation.

Reviewing the configuration pages

Running the installation

Viewing the Installation Summary and Log

Completing post-install configuration:

Starting the components
- Starting and Stopping Messaging Server
- Starting and Stopping Web Server (Access Manager automatically starts)

Using the following URL to access the default Communications Express login page:
http://webcontainer-host:webcontainer-port/ uri-path-CommsExpress

Using the following URL to access the default Access Manager Login page:
http://web-container-host:web-container-port /amserver/UI/Login

Instant Messaging and Access Manager Example

This example installs Instant Messaging with Access Manager, using a remote Directory Server, and Web Server as the web container.

Requirements and Sequence Issues

For the Instant Messaging Core subcomponent, Access Manager is required, but not necessarily a local copy. For the Instant Messaging Resources subcomponent, the Access Manager SDK must be local to Instant Messaging. Access Manager requires a web container, which can be remote. If you use Access Manager, Directory Server is required, but not necessarily a local copy. If you are using Access Manager with Instant Messaging, you must also use Access Manager SDK.

Note –

The installer does not automatically select components that Instant Messaging depends on. You are responsible for selecting these components.
If you are deploying other components with Instant Messaging, the other components must be configured before configuring Instant Messaging.

Java ES components that are commonly deployed with Instant Messaging include Messaging Server, Calendar Server, and Portal Server (with Access Manager).

To Develop a Sequence for Host A

The following high-level tasks are required:

Step

Installing and starting Directory Server

Because Administration Server provides a graphical interface for Directory Server, you might also want to select Administration Server.

Directory Server Only Example

To Develop a Sequence for Host B

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, choosing Instant Messaging and Web Server

Deselecting Directory Server and specifying the remote copy when prompted

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Verifying installation directories

Selecting the Configure Now or Configure Later option

Instant Messaging cannot be configured during installation.
1. For the Configure Now option, configuration pages are displayed for Web Server.
  
  Gather your configuration information from the tables in Chapter 1, Configuration Information, in Sun Java Enterprise System 2005Q4 Installation Reference
2. For the Configure Later option, configuration pages are not displayed.

Running the installation

Viewing the Installation Summary and Log

Completing post-install configuration
- Web Server Postinstallation Configuration
- Configuring Instant Messaging After a Configure Later Installation (Optional) For remote components: During Instant Messaging configuration, specify any remote locations for Directory Server, Access Manager, and Web Server.

Starting the components in this order:
1. Starting and Stopping Web Server
2. Starting and Stopping Instant Messaging Server and Multiplexor

Communication and Collaboration Services Example

This example installs most of the Java ES components to implement communication and collaboration services across four hosts.

Note –

If you are using any of these components with Sun Cluster software, you must perform a precise series of tasks before installing any Java ES components. Refer to Sun Cluster Software Example

Requirements and Sequence Issues

Directory Server is required for all the communications components, but not necessarily a local copy. A local copy of Administration Server is required by Messaging Server. Access Manager or the Access Manager SDK is required, but Access Manager can be remote. In this example, Web Server fulfills the Access Manager requirement for a web container. Although Calendar Server and Messaging Server do not require a local web container, Communications Express does. Communications Express can use a remote copy of Calendar Server, but Messaging Server must be local.

Note –

To implement single sign-on, Instant Messaging requires Access Manager and a local or remote web container. Portal Server Secure Remote Access requires Access Manager and a local web container. Portal Server Secure Remote Access also requires Portal Server, but not necessarily a local copy. Portal Server Secure Remote Access must be installed in same location as Portal Server. Access Manager andPortal Server cannot use different web containers.

For large deployments, you might deploy each component on a separate server, in approximately the same order shown in this example. For small deployments, components are installed in separate installation sessions on fewer servers.

Note –

To use this sequence example, also refer to known issue 6284663 in the Sun Java Enterprise System 2005Q4 Release Notes.

In this example, the following installation sessions are used:

Session 1, Host A: Installing Access Manager and Directory Server
Session 2, Host B: Installing Portal Server and Web Server (using remote Directory Server and Access Manager on Host A)
Session 3, Host C: Installing Calendar Server (using remote Directory Server and Access Manager on Host A)
Session 4, Host D: Installing Communications Express, Messaging Server, Access Manager SDK, and Web Server (using remote Directory Server and Access Manager on Host A, and remote Calendar Server on Host C)
Session 5, Host D: Installing Instant Messaging (using remote Directory Server and Access Manager on Host A) after the other components are installed and functioning
Session 6, Host D: Installing Portal Server Secure Remote Access (using remote Directory Server and Access Manager on Host A)

By dividing the installation into a number of sessions, you are able to verify the components in each session before proceeding to the next session.

To Develop a Sequence for Host A

The following high-level tasks are required:

Step

Installing and starting Access Manager and Directory Server

Because Administration Server provides a graphical interface for Directory Server, you might also want to select Administration Server.

Identity Management Example

To Develop a Sequence for Host B

The following high-level tasks are required:

Step

Installing and starting Portal Server and Web Server, specifying the remote Access Manager and Directory Server that are installed and running on Host A

A web container and the Access Manager SDK must be local to Portal Server.

To Develop a Sequence for Host C

The following high-level tasks are required:

Step

Installing and starting Calendar Server, specifying the remote Access Manager and Directory Server that are installed on Host A

Access Manager SDK must be local to Messaging Server and Calendar Server.

Install only Calendar Server using the Calendar Server and Messaging Server Example.

To Develop a Sequence for Host D (First Session)

The following high-level tasks are required:

Steps

Installing Communications Express, Messaging Server, Access Manager SDK, and Web Server using the Configure Later option

Performing Web Server post-installation configuration

To Configure Web Server After a Configure Later Installation

Performing AM SDK configuration to work with the local Web Server and the remote Access Manager

Access Manager SDK With Container Configuration Example

Performing Administration Server post-installation configuration

To Configure Administration Server After a Configure Later Installation

Performing Messaging Server post-installation configuration

Messaging Server Postinstallation Configuration

Starting Messaging Server

To Start Messaging Server

Performing Communications Express post-installation configuration

During this configuration, provide information for Access Manager on Host A, Calendar Server on Host C, and Messaging Server on Host D.

To Configure Communications Express After a Configure Later Installation

Restarting Web Server on Host D

Starting and Stopping Web Server

To Develop a Sequence for Host D (Second Session)

The following high-level tasks are required:

Steps

Installing Instant Messaging

Instant Messaging Only Example

Performing Instant Messaging post-installation configuration

Instant Messaging Postinstallation Configuration

To Develop a Sequence for Host D Third Session)

The following high-level tasks are required:

Steps

Installing Portal Server Secure Remote Access, specifying the remote Access Manager and Directory Server that are installed on Host A

As a Portal Server Secure Remote Access requirement, Portal Server is also installed.

Portal Server Using a Remote Access Manager Example

Establishing an initial user and setting up single sign-on

Identity Management Example

In this example, identity management is implemented by installing Access Manager and Directory Server, with Directory Server on a remote host.

Requirements

Access Manager requires Directory Server, but not necessarily a local copy. Access Manager requires a web container, which in this example is Web Server. The remote Directory Server must be running before installing any other components.

To Develop a Sequence for Host A

The following high-level tasks are required:

Step

Installing and starting Directory Server

Because Administration Server provides a graphical interface for Directory Server, you might also want to select Administration Server.

Directory Server Only Example

To Develop a Sequence for Host B

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, choosing Access Manager and Web Server

Directory Server and the Directory Preparation Tool are automatically selected.

Deselect Directory Server and specify a remote copy when prompted.

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Selecting the Configure Now or Configure Later option
1. For the Configure Now option, configuration pages are displayed for those components that allow installation-time configuration. Do not accept defaults for components that are remote; use the remote information.
  
  You will need to gather your configuration information from the tables in Chapter 1, Configuration Information, in Sun Java Enterprise System 2005Q4 Installation Reference.
2. For the Configure Later option, configuration pages are not displayed.

Running the installation

Viewing the Installation Summary and Log

Completing any post-install configuration

For Configure Now:

Configuring Access Manager After a Configure Now Installation

For Configure Later:
- Web Server Postinstallation Configuration
- Configuring Access Manager After a Configure Later Installation

Starting the components

Starting and Stopping Web Server (Access Manager starts automatically.)

Accessing the default Access Manager login page
http://webserver-host:port/amserver

Establishing an initial user and setting up single sign-on

Web and Application Services Example

HADB (used for high availability session storage) works with Application Server to provide failover capabilities that include session persistence.

Note –

If you are using these components with Sun Cluster software, you must perform a precise series of tasks before installing any Java ES components. Refer to Sun Cluster Software Example to see Sun Cluster guidelines.

This example provides guidelines for implementing a two-node HADB cluster with load balancing. However, a preferred solution is to install HADB on four hosts with nothing else installed on them. The domain administration server (DAS) with a copy of HADB for administration and a load balancer and Web Server would be installed on a separate machine.

On a partitioned operating system, a preferred solution is that two servers be installed (either host or zone) with at least one HADB process running on each.

Requirements and Sequence Issues

Application Server requires a local copy of Message Queue. Application Server and HADB must be on the same host so you can use the integrated management tools provided by Application Server. The Load Balancing Plugin subcomponent of Application Server requires a web server. This example uses the Java ES Web Server as the container.

The general tasks include:

Installing the Java ES components
Starting the servers
Configuring HADB
Configuring load balancing

You can use the following guidelines to install all components on a node or zone. On subsequent nodes, install the components required by your deployment. A minimum of two installation sessions are required.

To Develop a Sequence for Web and Application Services

The following high-level tasks are required:

Steps

Verifying that the hardware is connected correctly for your cluster

Running the Java ES installer

At component selection, choosing Application Server and High Availability Session Store

Message Queue and all the subcomponents of Application Server except the Application Server Node Agent and Load Balancing Plugin are automatically selected.

Expanding the Application Server component and selecting Load Balancing Plugin.

Note –
You must install Web Server and Load Balancing Plug-in using the same access permissions.

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Selecting the Configure Now option

Message Queue requires no configuration.

The configuration pages are displayed for components that can be configured during installation. Gather your configuration information from the table in HADB Configuration Information in Sun Java Enterprise System 2005Q4 Installation Reference.

Running the installation

Viewing the Installation Summary and Log

Starting the components:
- Starting and Stopping Application Server (Message Queue automatically starts.)
- Starting and Stopping Web Server

Completing HADB postinstallation configuration

Refer to Configuring HADB After a Configure Later Installation.

Completing load balancing configuration

Refer to the Chapter 4, Configuring Load Balancing and Failover, in Sun Java System Application Server Enterprise Edition 8.1 2005Q2 High Availability Administration Guide.

Portal Server Using a Remote Access Manager Example

This example installs Portal Server and its required components on one host, using a copy of Access Manager that is already installed with Directory Server on another host. Access Manager and Portal Server must use the same type of web container.

Note –

To use this sequence example, also refer to known issue 6284663 in the Sun Java Enterprise System 2005Q4 Release Notes.

Requirements

Portal Server requires Access Manager. Access Manager requires a local or remote copy of Directory Server and a local web container. You can run Portal Server on a separate host from Access Manager, in which case Portal Server requires a local copy of the Access Manager SDK and a local web container. When you install Portal Server and the Access Manager SDK, you need to deselect the unneeded subcomponents of Access Manager. (The installer automatically selects all Access Manager subcomponents when you select Portal Server.)

Note –

To Develop a Sequence for Host A

The following high-level tasks are required:

Step

Verifying that Access Manager and Directory Server are installed and running

Because Administration Server provides a graphical interface for Directory Server, you might also want to select Administration Server.

Identity Management Example

To Develop a Sequence for Host B

The following high-level tasks are required:

Steps

Running the Java ES installer

At component selection, selecting Portal Server

All Access Manager components are automatically selected as well as Directory Server and the Directory Preparation Tool.

The web container is not selected. The Web Container Selection page prompts you to select a web container.

Deselecting Directory Server and all subcomponents of Access Manager except Access Manager SDK

Dependency messages guide you to do the following:
1. Select Application Server, Web Server, or a previously installed local web container.
2. Select a remote instance of Access Manager.

Resolving incompatibilities

The installer verifies software on your host and provides guidance if incompatibilities are identified.

Selecting the Configure Now option

The configuration pages are displayed.

In the Access Manager: Administration (1 of 4) page, supplying the following values for the remote Access Manager:
- Administrator (amAdmin) Password (retyped)
- LDAP user (amldapuser) Password (retyped)
- Password Encryption Key

In the Access Manager: Directory Server Information page, specifying the information for the Directory Server on Host A.
- Directory Server Information
- Directory Manager Password
- Suffix

In the Access Manager: Web container for running Sun Java System Access Manager Services, specifying the information about the remote Access Manager on Host A

Host name should be the fully qualified name on Host A.

In the Portal Server: webcontainer page, specifying the web container (and any configuration parameters) that Portal Server is running within

Running the installation

Viewing the Installation Summary and Log

Completing any required post-install configuration:
- Configuring Portal After a Configure Now Installation on a Sun Web Container
- Configuring Portal After a Configure Now Installation on a Third-Party Web Container

Non-Root Examples

This section contains the following non-root examples:

Access Manager Configured to Run as a Non-root User Example
Portal Server on a Non-root Owned Web Server or Application Server Instance Example

For other non-root information, see Configuring Components With Non-root Identifiers

Note –

On Linux: To use these sequence examples, also refer to known issue 6284698 in the Sun Java Enterprise System 2005Q4 Release Notes.

Access Manager Configured to Run as a Non-root User Example

This example provides an installation sequence and configuration procedures for allowing Access Manager to run in a web container that is not owned by root.

Requirements and Sequence Issues

If your installation plan calls for deploying Access Manager in an instance of Web Server or Application Server that is not owned by the superuser (root ), you must install Access Manager in a separate installation session from Directory Server and Web Server or Application Server.

The general steps for creating this installation sequence include the following:

Session 1, Host A: Installing Directory Server and Administration Server
Session 2, Host B: Installing Web Server
Session 3, Host B: Installing Access Manager

Note –

If you have already deployed Access Manager in a root-owned instance of Web Server or Application Server, uninstall any copy of Access Manager before following the procedure in this section.

To Develop a Sequence for Host A

The following high-level tasks are required:

Steps

Installing Directory Server and Administration Server using the Configure Now option
- In the Common Server Settings page, enter the non-root user for System User and non-root group for System Group.
- Select port numbers for Directory Server and Administration Server that are higher than 1024 (do not use 389 and 390).

As the non-root user, starting Directory Server and Administration Server (all processes must be owned by the non-root user)

To Develop a Sequence for Host B (First Session)

The following high-level tasks are required:

Steps

Installing Web Server using the Configure Now option
- In the Common Server Settings page, enter the non-root user for System User and non-root group for System Group.
- In the Web Server: Administration (1 of 2) page, change the Administration Runtime User ID to the non-root user.
- In the Web Server: Default Web Server Instance page:
  1. Change the Runtime User ID to the non-root user.
  2. Change the Runtime Group to the non-root group.
  3. Select a value for HTTP Port that is higher than 1024.

As the non-root user, starting the Web Server administration instance and Web Server instance

All processes should be owned by the non-root users.

To Develop a Sequence for Host B (Second Session)

The following high-level tasks are required:

Steps

Installing Access Manager using the Configure Later option

Changing ownership of the following directories from root/other to the non-root user/non-root group:

These shared component directories must be changed because they are configured into the web container classpath by the Access Manager configuration program.

Solaris OS: /opt/SUNWma and /etc/opt/SUNWma

Linux: /opt/sun/mobileaccess and /etc/opt/sun/mobileaccess
chown -R nonroot-user:nonroot-group /opt/SUNWma /etc/opt/SUNWma

Editing the amsamplesilent file
1. Go to the Access Manager bin directory:
  
  Solaris OS: cd AccessManager-base/SUNWam/bin
  
  Linux: cd AccessManager-base/identity/bin
2. Make a copy of the amsamplesilent file. For example:
  
  cp -p amsamplesilent am.non_root_install
3. Edit the copy of the amsamplesilent file.
  - Set BASEDIR to the same value that you selected for the installation directory of Access Manager during installation
  - Update SERVER_HOST, SERVER_PORT, DS_HOST, DS_PORT, ROOT_SUFFIX, WS61_ADMINPORT and all related password fields (DS_DIRMGRPASSWD, ADMINPASSWD, AMLDAPUSERPASSWD).

Using the edited amsamplesilent file to deploy Access Manager
./amconfig -s ./am.non_root_install
1. Set NEW_OWNER to the non-root user.
2. Set NEW_GROUP to the non-root group.

As the non-root user, stopping the Web Server admin instance and Web Server instance

As root, changing the ownership of the Web Server installation directory
chown -R <non-root-user\>:<non-root-group\> WebServer-base

As the non root-user, starting the Web Server admin instance and Web Server instance

Accessing the Web Server admin console in a browser and logging in as the admin user

Selecting the instance on which you deployed Access Manager
1. Click Manage.
2. Click Apply and click Apply Changes.

Portal Server on a Non-root Owned Web Server or Application Server Instance Example

This example provides an installation sequence and configuration procedures for allowing Portal Server to run in a web container that is not owned by root.

Requirements

If your installation plan calls for deploying Portal Server in an instance of Web Server or Application Server not owned by the superuser ( root), you must install Portal Server in a separate installation session from Web Server or Application Server.

Caution –

If you have configured your Portal Server host to run as non-root user, and subsequently apply a patch, some directories will have their ownership reset to root ownership because the patch is applied as root user.

After successfully applying the patch, reconfigure your host to run as non-root user.

To Develop a Sequence for Host A

The following high-level tasks are required:

Step

Installing and starting the web container and Access Manager (deselecting Directory Server)

Identity Management Example

Skip this task if Portal Server will be using a copy of Access Manager that is already running on a remote host.

To Develop a Sequence for Host B

The following high-level tasks are required:

Steps

Making sure that the non-root instance of Web Server or Application Server is installed and configured on the same host where you are installing Portal Server
- For Web Server:
  
  If Web Server is not yet installed, use the installer to install Web Server, selecting the Configure Now option. Specify the non-root owner in the Runtime user and Runtime group configuration parameters.
  
  Web Server Only Example
  
  If Web Server is already installed, use the Web Server administrative utilities to create a new web server instance owned by the non-root user.
- For Application Server:
  
  If Application Server is not yet installed, use the installer to install Application Server.
  
  Application Server Only Example
  
  After Application Server is installed, use the Application Server administrative utilities to create a new Application Server instance owned by the non-root user.

Making sure the non-root instance of Web Server or Application Server is running, as well as the administrative instance of Web Server or Application Server

Installing Portal Server with the Configure Now option

During Portal Server configuration, doing the following:
- Enter the user and group information of the non-root instance owner in the System User and System Group parameters when specifying values on the Common Server Settings page.
- Enter information about the non-root instance when specifying values on the Portal Server: Sun Java System Web Server page or the Portal Server Sun Java System Application Server page.

After installation, changing the ownership of the Portal Server directories from root to Userid: UserGroup.

Solaris OS:

chown -R Userid:UserGroup /opt/SUNWps
chown -R Userid:UserGroup /etc/opt/SUNWps
chown -R Userid:UserGroup /var/opt/SUNWps

Linux:

chown -R Userid:UserGroup /opt/sun/portal
chown -R Userid:UserGroup /etc/opt/sun/portal
chown -R Userid:UserGroup /var/opt/sun/portal

Setting the permissions for the Portal Server directories.

Solaris OS:

chmod 0755 /opt/SUNWps
chmod 0755 /etc/opt/SUNWps
chmod 0755 /var/opt/SUNWps

Linux:

chmod 0755 /opt/sun/portal
chmod 0755 /etc/opt/sun/portal
chmod 0755 /var/opt/sun/portal

Stopping and then starting Web Server or Application Server.

Starting and Stopping Application Server

Starting and Stopping Web Server