Sun Java logo     Previous      Contents      Index      Next     

Sun logo
Sun Java System Identity Synchronization for Windows 1 2004Q3 Installation and Configuration Guide 

Chapter 5
Installing Connectors and Directory Server Plugins

This chapter provides instructions for installing the Identity Synchronization for Windows Connectors and Directory Server Plugins. The information is organized as follows:

Identity Synchronization for Windows uses Connectors to synchronize user passwords between directory sources, and uses subcomponents to enhance the Connector’s change-detection and bidirectional synchronization support.

Before You Begin

Before starting the Connector/Directory Server Plugin installation process, you should be aware of the following:

Running the Installation Program

Use the following procedure to restart and run the installation program. You will repeat these steps each time you install a Connector or a Directory Server Plugin:

  1. Re-run the installation program on the machine where you want to install the Connector, as follows:
    • On Solaris: Change to the installer directory and then type ./runInstaller.sh to execute the installation program.

      • Note

      To run the installation program in text-based mode, type ./runInstaller.sh -nodisplay

      When you run the runInstaller.sh program, Identity Synchronization for Windows automatically masks passwords so they will not be echoed in the clear.

    • On Windows: Change to the installer directory and then type setup.exe to execute the installation program.
  2. When the Welcome screen is displayed, read the information provided and then click Next to proceed to the Software License Agreement panel.
  3. Read the license agreement, then select
    • Yes (Accept License) to accept the license terms and go to the next panel.
    • No to stop the setup process and exit the installation program.
  4. The Sun Java System Directory Server panel is displayed. Specify the configuration directory location as follows:
    • Configuration Directory Host: Enter the fully qualified domain name (FQDN) of a Sun Java System Directory Server instance (affiliated with an Administration Server) where Identity Synchronization for Windows configuration information is stored. You must specify the same instance that you specified during the Core installation.
    • Configuration Directory Port (Defaults to port 389): Specify a port for the configuration directory. You can leave the port set to the default or change to a different, available port.

      • To enable SSL (Secure Socket Layer) between Core and the configuration directory, enable the Secure Port option and specify an SSL port (default SSL port is 636). Enabling this option prevents sensitive information from being passed in the clear over the network.

    • Configuration Root Suffix: Select the root suffix that you specified during the Core installation from the menu. The Identity Synchronization for Windows configuration will be stored in this root suffix.

      • Note

      If the program could not detect a root suffix, and you enter the server information manually, you must click Refresh to repopulate the list of root suffixes.

  5. Click Next to open the Configuration Directory Credentials panel.
  6. Enter the configuration directory Administrator’s user ID and password.
    • If you specify admin as the user ID, you will not be required to specify the User ID as a DN.
    • If you use any other user ID, then you must specify the ID as a full DN.
      For example, cn=Directory Manager.

      • Note

      These credentials will be sent without encryption unless you enabled SSL in Step 4.

  7. Click Next to open the Configuration Password panel where you must enter the configuration password you specified when you installed Core.

    8. Also, if Core has not been installed on this machine, you will be prompted to provide the location of the Java Home directory (see (more...) ).

  8. When you are finished, click Next.

    9. Note

    At this point, the installation process becomes specific to the Directory Server Plugin or the type of Connector you are installing.

Installing Connectors

This section explains how to install the three types of Identity Synchronization for Windows Connectors, as follows

Installing the Directory Server Connector

After completing the steps described in Running the Installation Program, the Connector Configuration panel displays.

Figure 5-1  Selecting the Directory Server Connector

Select a connector to install.

The Select components to install list contains only those Connector components that have not yet been installed. For example, after you install the Directory Server Connector (dc=example,dc=com in Figure 5-1), the program will remove the entry from the list pane.

The following table contains some example directory source entries:

Table 5-1  Directory Source Examples

Directory Source

Example Entry

Sun Java System Directory Server

dc=example,dc=com

Windows Active Directory

example.com

Windows NT SAM

EXAMPLE

To install the Directory Server Connector:

  1. Enable the button next to the Directory Server Connector component and then click Next.

    2. The Directory Server Connector Credentials panel is displayed (Figure 5-2).

    Figure 5-2  Entering Directory Server Connector Credentials
    Provide your User DN and password for the primary Directory Server, and for the secondary server (if applicable).

    Note

    The program automatically completes the User DN fields with your fully qualified Directory Manager distinguished name, but you can change the information if necessary.

    Enter the following information:

    • Primary Directory Server User DN: If necessary, change the default user DN by entering a fully qualified Directory Manager distinguished name.
    • Primary Directory Server Password: Enter your Directory Manager password.

      • If you are using a secondary master, the Secondary Directory Server User Name and Password fields will be active. The program automatically completes the Directory Manager DN field with the same entries provided for the Primary Directory Server User DN and Password fields. You can change this information if necessary.

      The program will verify that the Directory Server was prepared and ready to synchronize data. When you prepared Directory Server ((more...) ), the program creates an account that the Connector will use to connect to Directory Server (for example, uid=PSWConnector,suffix).

  2. Click Next to proceed to the Connector Port Configuration pane.

    3. Figure 5-3  Specifying the Connector Local Host and Port
    Enter your fully qualified local host name and a connector port number.

  3. Enter the Fully Qualified Local Host Name with the domain and an available port number where the Connector will listen. (Specifying a port already in use will result in an error message.)

    4. The Directory Server Plugin needs access to the configuration information you saved in the Console. To get this information, the Plugin communicates with the Directory Server Connector, through a server socket on this port. Additionally, the Plugin logs messages over this channel so the messages will go to the central log.

  4. Click Next and the Ready to Install pane is displayed to provide information about the Connector’s installation location and how much disk space is required for the installation. When you are ready, click the Install Now button.

    5. Figure 5-4  Ready to Install Pane
    This pane reports which connector is being installed, the directory location, and the amount of disk space required for the installation.

    Note

    If you installed Core on the local machine, the Ready to Install pane will indicate that zero space is required to install the Connector. This situation occurs because the Core installation has already installed the Connector binaries. Because there are no additional binaries to install, no additional space is required.

    If you are installing the Connector on a machine other than where you installed Core, then the Ready to Install pane will indicate how much space is required to complete the Connector installation on the local machine.

    The Connector installation is accomplished in two steps:

    • An Installing pane is displayed, with a progress bar, while the program installs the binaries.
    • Next, the Component Configuration pane displays. A progress bar is displayed because this step takes several minutes to complete.

      • Note

      If you did not close the Console before starting the installation, the following warning displays (Figure 5-5). Click Reset in the Console to reload the Connector’s configuration settings.

      Figure 5-5  Configuration Warning Dialog Box
      This pane reports which connector is being installed, the directory location, and the amount of disk space required for the installation.

      When both steps are complete, an Installation Summary pane is displayed.

  5. Click the Details button if you want to review the installation log.
    • On Solaris: Installation logs are written to /var/sadm/install/logs/
    • On Windows: Installation logs are written to the %TEMP% directory, which is usually a subdirectory of the Local Settings folder located under
      C:\Documents and Settings\Administrator

      • Note

      On some Windows systems (such as Windows 2000 Advanced Server), the Local Settings folder is a hidden folder.

      To view this folder and the Temp subdirectory, open your Windows Explorer and select Tools > Folder Options from the menu bar. When the Folder Options dialog box is displayed, select the View tab and enable the Show Hidden Files option.

  6. Click Next and the “To Do list” panel (Figure 5-6) displays to indicate which steps you have completed successfully and which steps remain.

    7. Figure 5-6  To Do List
    This panel reports which steps are finished and which steps remain.

  7. When you are done with the panel, click Finished.

After installing the Directory Server Connector, you can install other Connectors and/or Directory Server Plugins that you configured when you configured resources (Chapter 4):

Installing an Active Directory Connector

After completing the steps described in Running the Installation Program, the Component Type Selection panel displays.

Note

After you install the Directory Server Connector and if you have other configured Connectors to install, the installation program will give you the option of installing the Connectors or installing the Directory Server Plugin before you see the Connector Configuration pane (Figure 5-7).

Figure 5-7  Selecting the Connector

Select a connector to install.

The component list contains only those Connector components that have not yet been installed. For example, if you already installed the Directory Server Connector (dc=example,dc=com in this case), it will not be listed.

To install an Active Directory Connector:

  1. Enable the Connector button and click Next.

    2. The Connector Configuration panel displays (see Figure 5-8).

    Figure 5-8  Selecting the Active Directory Connector
    Select a connector to install.

    The Select components to install list contains only those Connector components that have not yet been installed. For example, after you install the Directory Server Connector (dc=example,dc=com in this case), the program will remove the entry from this list pane.

  2. Enable the button next to the Active Directory component and then click Next.

    3. The Ready to Install pane is displayed (Figure 5-9) to provide information about the Connector’s installation location and how much disk space is required for the installation.

    Figure 5-9  Ready to Install Pane
    This pane reports which connector is being installed, the directory location, and the amount of disk space required for the installation.

    Note

    If you installed Core on the local machine, the Ready to Install pane will indicate that zero space is required to install the Connector. This situation occurs because the Core installation has already installed the Connector binaries. Because there are no additional binaries to install, no additional space is required.

    If you are installing the Connector on a machine other than where you installed Core, then the Ready to Install pane will indicate how much space is required to complete the Connector installation on the local machine.

  3. When you are ready, click the Install Now button.

    4. An Installing pane is displayed, with a progress bar, while the program installs the binaries, and then an Installation Summary pane is displayed to confirm the installation is finished.

  4. Click the Details button if you want to review the installation log.
    • On Solaris: Installation logs are written to /var/sadm/install/logs/
    • On Windows: Installation logs are written to the %TEMP% directory, which is a subdirectory of the Local Settings folder located under
      C:\Documents and Settings\Administrator

      • Note

      On some Windows systems (such as Windows 2000 Advanced Server), the Local Settings folder is a hidden folder.

      To view this folder and the Temp subdirectory, open your Windows Explorer and select Tools > Folder Options from the menu bar. When the Folder Options dialog box is displayed, select the View tab and enable the Show Hidden Files option.

  5. Click Next and the “To Do list” panel is displayed (Figure 5-10) to indicate which steps you have completed successfully and which steps remain.

    6. Figure 5-10  To Do List
    This panel reports which steps are finished and which steps remain.

  6. When you are done with the panel, click Finished to exit the installation program.

After installing the Active Directory Connector, you can install other Connectors and/or Directory Server Plugins that you configured when you configured resources (Chapter 4):

Installing the Windows NT Connector

Note

You must install the Windows NT Connector on the Primary Domain Controller (PDC) of the domain you configured.

After completing the steps described in Running the Installation Program, the Connector Configuration panel displays.

To install a Windows NT Connector and the NT subcomponent(s):

  1. Enable the Windows NT Connector button and click Next.
  2. When the Connector Port Configuration pane is displayed, enter the Fully Qualified Local Host Name with the domain and an available port number where the Connector will listen. (Specifying a port already in use will result in an error message.)

    3. The Directory Server Plugin needs access to the configuration information you saved in the Console. To get this information, the Plugin communicates with the Windows NT Connector, through a server socket on this port. Additionally, the Plugin logs messages over this channel so the messages will go to the central log.

  3. When you are done, click Next.

    4. The Ready to Install pane is displayed to provide information about the Connector’s installation location and how much disk space is required.

  4. When you are ready, click the Install Now button.

    5. The Connector installation is accomplished in two steps:

    • An Installing pane is displayed, with a progress bar, while the program installs the binaries.
    • Next, the Component Configuration pane displays. A progress bar is displayed because this step takes several minutes to complete.

      • Note

      If you did not close the Console before starting the installation, a warning displays (see Figure 5-5). Click Reset in the Console to reload the Connector’s configuration settings.

      When both steps are complete, an Installation Summary pane is displayed.

  5. Click the Details button if you want to review the installation log.

    6. Installation logs are written to the %TEMP% directory, which is C:\TEMP on most Windows NT systems.

  6. Click Finished to exit the installation program.

After installing the Windows NT Connector, you can install other Connectors and/or Directory Server Plugins that you configured when you configured resources (Chapter 4):

Installing Directory Server Plugins

This section explains how to install the Identity Synchronization for Windows Directory Server Plugin.

Note

You must install Directory Server Plugins on the same machine where you installed Directory Server.

If you are installing the Plugin on the same system as Core or any Connectors, the installation program will detect when Core or the Connectors have already been installed on the system. All additional components will be installed in the installation directory.

  1. Complete the steps described in Running the Installation Program.

    2. Figure 5-11  Selecting the Directory Server Plugin
    Select the Directory Server Plugin to install.

  2. When the Connector Configuration panel is displayed, enable the Directory Server Plugin (dc=example,dc=com) button and click Next.
  3. Another Directory Server Plugin Installation pane is displayed (Figure 5-12).

    4. Figure 5-12  Specifying the Directory Server URL and Credentials
    Enter the Sun Java System Directory Server URL and your Administrator credentials.

  4. Select the appropriate Host Type from the drop-down list.
    • Preferred: Select this option if you are installing the Plugin on the preferred server.
    • Secondary: Select this option if you are installing the Plugin on a secondary server.
    • Other: Select this option if you are installing the Plugin on a machine that is not a preferred or secondary server.
  5. Enter the URL where your Directory Server exists, if it is not a preferred or secondary host.
  6. Enter the Directory Server administrator’s name and password, and then click Next.

    7. The Ready to Install pane is displayed to provide information about the Plugin’s installation location and how much disk space is required for the installation.

  7. When you are ready, click the Install Now button.

    8. The Plugin installation is accomplished in two steps:

    • An Installing pane is displayed with a progress bar, while the program installs the binaries.
    • Next, the Component Configuration pane displays. A progress bar is displayed because this step takes several minutes to complete.
  8. When both steps are complete, the following prompt is displayed. After reading the information, click OK to close the dialog box.

    9. Figure 5-13  Restart Directory Server Prompt
    Message prompt advising you to restart the Directory Server where you installed the plugin.

  9. Click the Details button if you want to review the installation log.
    • On Solaris: Installation logs are written to /var/sadm/install/logs/
    • On Windows: Installation logs are written to the %TEMP% directory, which is a subdirectory of the Local Settings folder located under
      C:\Documents and Settings\Administrator

      • Note

      On some Windows systems (such as Windows 2000 Advanced Server), the Local Settings folder is a hidden folder.

      To view this folder and the Temp subdirectory, open your Windows Explorer and select Tools > Folder Options from the menu bar. When the Folder Options dialog box is displayed, select the View tab and enable the Show Hidden Files option.

  10. Click Finished to exit the installation program.

    11. The “To Do list” panel is displayed (similiar to Figure 5-10) to indicate which steps remain in the installation/configuration process.

    After installing the Directory Server Plugin, you can install other Connectors and/or Directory Server Plugins that you configured when you configured resources (Chapter 4):

  11. If you have no other connectors or plugins to install, restart Directory Server.


Previous      Contents      Index      Next     

Part No: 817-6199-05.   Copyright 2004 Sun Microsystems, Inc. All rights reserved.